From 6a34de5dd85741cfbc7ecbff5118d132e04c7583 Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Thu, 24 Jul 2014 16:28:31 -0400
Subject: [PATCH 01/84] SMB & NTLM analyzers.

---
 scripts/base/init-bare.bro                    |  535 ++++-
 scripts/base/init-default.bro                 |    1 +
 scripts/base/protocols/smb/__load__.bro       |    8 +
 .../base/protocols/smb/const-dos-error.bro    |  131 ++
 .../base/protocols/smb/const-nt-status.bro    | 1792 +++++++++++++++++
 scripts/base/protocols/smb/consts.bro         |  130 ++
 scripts/base/protocols/smb/files.bro          |   63 +
 scripts/base/protocols/smb/main.bro           |  199 ++
 scripts/base/protocols/smb/pipe.bro           |   59 +
 scripts/base/protocols/smb/smb1-main.bro      |  194 ++
 scripts/base/protocols/smb/smb2-main.bro      |  183 ++
 src/analyzer/protocol/smb/CMakeLists.txt      |   74 +-
 src/analyzer/protocol/smb/Plugin.cc           |   34 +-
 src/analyzer/protocol/smb/SMB.cc              | 1332 ++----------
 src/analyzer/protocol/smb/SMB.h               |  194 +-
 src/analyzer/protocol/smb/SMB_COM.def         |    2 +
 .../protocol/smb/dce_rpc-protocol.pac         |  125 ++
 src/analyzer/protocol/smb/pipe-mssql-tds.pac  |   69 +
 src/analyzer/protocol/smb/smb-common.pac      |  280 +++
 src/analyzer/protocol/smb/smb-mailslot.pac    |    1 -
 src/analyzer/protocol/smb/smb-ntlmssp.pac     |  399 ++++
 src/analyzer/protocol/smb/smb-pipe.pac        |   87 +-
 src/analyzer/protocol/smb/smb-protocol.pac    |    2 +-
 src/analyzer/protocol/smb/smb-strings.pac     |  144 ++
 src/analyzer/protocol/smb/smb-time.pac        |   44 +
 src/analyzer/protocol/smb/smb.pac             |  125 +-
 .../protocol/smb/smb1-com-check-directory.pac |   37 +
 src/analyzer/protocol/smb/smb1-com-close.pac  |   36 +
 .../smb/smb1-com-create-directory.pac         |   36 +
 src/analyzer/protocol/smb/smb1-com-echo.pac   |   41 +
 .../protocol/smb/smb1-com-locking-andx.pac    |   59 +
 .../protocol/smb/smb1-com-logoff-andx.pac     |   19 +
 .../protocol/smb/smb1-com-negotiate.pac       |  281 +++
 .../protocol/smb/smb1-com-nt-cancel.pac       |   18 +
 .../protocol/smb/smb1-com-nt-create-andx.pac  |  120 ++
 .../protocol/smb/smb1-com-nt-transact.pac     |   29 +
 .../protocol/smb/smb1-com-open-andx.pac       |   77 +
 .../smb/smb1-com-query-information.pac        |   41 +
 .../protocol/smb/smb1-com-read-andx.pac       |   88 +
 .../smb/smb1-com-session-setup-andx.pac       |  229 +++
 .../smb/smb1-com-transaction-secondary.pac    |   17 +
 .../protocol/smb/smb1-com-transaction.pac     |   90 +
 .../protocol/smb/smb1-com-transaction2.pac    |  308 +++
 .../smb/smb1-com-tree-connect-andx.pac        |   54 +
 .../protocol/smb/smb1-com-tree-disconnect.pac |   21 +
 .../protocol/smb/smb1-com-write-andx.pac      |   75 +
 src/analyzer/protocol/smb/smb1-protocol.pac   |  325 +++
 .../protocol/smb/smb1_com_check_directory.bif |    5 +
 src/analyzer/protocol/smb/smb1_com_close.bif  |   13 +
 .../smb/smb1_com_create_directory.bif         |    5 +
 src/analyzer/protocol/smb/smb1_com_echo.bif   |    5 +
 .../protocol/smb/smb1_com_logoff_andx.bif     |   11 +
 .../protocol/smb/smb1_com_negotiate.bif       |   33 +
 .../protocol/smb/smb1_com_nt_cancel.bif       |    2 +
 .../protocol/smb/smb1_com_nt_create_andx.bif  |   15 +
 .../protocol/smb/smb1_com_open_andx.bif       |   38 +
 .../smb/smb1_com_query_information.bif        |    3 +
 .../protocol/smb/smb1_com_read_andx.bif       |   30 +
 .../smb/smb1_com_session_setup_andx.bif       |   33 +
 .../smb/smb1_com_tree_connect_andx.bif        |   16 +
 .../protocol/smb/smb1_com_tree_disconnect.bif |    9 +
 .../protocol/smb/smb1_com_write_andx.bif      |   27 +
 src/analyzer/protocol/smb/smb1_events.bif     |   29 +
 src/analyzer/protocol/smb/smb2-com-close.pac  |   63 +
 src/analyzer/protocol/smb/smb2-com-create.pac |  115 ++
 .../protocol/smb/smb2-com-negotiate.pac       |   68 +
 src/analyzer/protocol/smb/smb2-com-read.pac   |   73 +
 .../protocol/smb/smb2-com-session-setup.pac   |   64 +
 .../protocol/smb/smb2-com-tree-connect.pac    |   55 +
 .../protocol/smb/smb2-com-tree-disconnect.pac |    9 +
 src/analyzer/protocol/smb/smb2-com-write.pac  |   60 +
 src/analyzer/protocol/smb/smb2-protocol.pac   |  426 ++++
 src/analyzer/protocol/smb/smb2_com_close.bif  |    4 +
 src/analyzer/protocol/smb/smb2_com_create.bif |    2 +
 .../protocol/smb/smb2_com_negotiate.bif       |   21 +
 src/analyzer/protocol/smb/smb2_com_read.bif   |   12 +
 .../protocol/smb/smb2_com_session_setup.bif   |    8 +
 .../protocol/smb/smb2_com_tree_connect.bif    |    4 +
 .../protocol/smb/smb2_com_tree_disconnect.bif |    1 +
 src/analyzer/protocol/smb/smb2_com_write.bif  |   12 +
 src/analyzer/protocol/smb/smb2_events.bif     |    5 +
 src/analyzer/protocol/smb/smb_ntlmssp.bif     |   64 +
 src/analyzer/protocol/smb/smb_pipe.bif        |    6 +
 src/analyzer/protocol/smb/types.bif           |    7 +
 84 files changed, 8133 insertions(+), 1428 deletions(-)
 create mode 100644 scripts/base/protocols/smb/__load__.bro
 create mode 100644 scripts/base/protocols/smb/const-dos-error.bro
 create mode 100644 scripts/base/protocols/smb/const-nt-status.bro
 create mode 100644 scripts/base/protocols/smb/consts.bro
 create mode 100644 scripts/base/protocols/smb/files.bro
 create mode 100644 scripts/base/protocols/smb/main.bro
 create mode 100644 scripts/base/protocols/smb/pipe.bro
 create mode 100644 scripts/base/protocols/smb/smb1-main.bro
 create mode 100644 scripts/base/protocols/smb/smb2-main.bro
 create mode 100644 src/analyzer/protocol/smb/dce_rpc-protocol.pac
 create mode 100644 src/analyzer/protocol/smb/pipe-mssql-tds.pac
 create mode 100644 src/analyzer/protocol/smb/smb-common.pac
 create mode 100644 src/analyzer/protocol/smb/smb-ntlmssp.pac
 create mode 100644 src/analyzer/protocol/smb/smb-strings.pac
 create mode 100644 src/analyzer/protocol/smb/smb-time.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-check-directory.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-close.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-create-directory.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-echo.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-locking-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-logoff-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-negotiate.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-nt-cancel.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-nt-transact.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-open-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-query-information.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-read-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-transaction.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-transaction2.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-tree-disconnect.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-com-write-andx.pac
 create mode 100644 src/analyzer/protocol/smb/smb1-protocol.pac
 create mode 100644 src/analyzer/protocol/smb/smb1_com_check_directory.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_close.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_create_directory.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_echo.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_logoff_andx.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_negotiate.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_nt_cancel.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_open_andx.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_query_information.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_read_andx.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_session_setup_andx.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_com_write_andx.bif
 create mode 100644 src/analyzer/protocol/smb/smb1_events.bif
 create mode 100644 src/analyzer/protocol/smb/smb2-com-close.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-create.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-negotiate.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-read.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-session-setup.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-tree-connect.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-tree-disconnect.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-write.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-protocol.pac
 create mode 100644 src/analyzer/protocol/smb/smb2_com_close.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_create.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_negotiate.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_read.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_session_setup.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_tree_connect.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_tree_disconnect.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_write.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_events.bif
 create mode 100644 src/analyzer/protocol/smb/smb_ntlmssp.bif
 create mode 100644 src/analyzer/protocol/smb/smb_pipe.bif
 create mode 100644 src/analyzer/protocol/smb/types.bif

diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro
index 65d15dc2cf..73ebdef243 100644
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@@ -2235,83 +2235,476 @@ type ntp_msg: record {
 };
 
 
-## Maps SMB command numbers to descriptive names.
-global samba_cmds: table[count] of string &redef
-			&default = function(c: count): string
-				{ return fmt("samba-unknown-%d", c); };
+module SMB;
 
-## An SMB command header.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction
-##    smb_com_transaction2 smb_com_tree_connect_andx smb_com_tree_disconnect
-##    smb_com_write_andx smb_error smb_get_dfs_referral smb_message
-type smb_hdr : record {
-	command: count;	##< The command number (see :bro:see:`samba_cmds`).
-	status: count;	##< The status code.
-	flags: count;	##< Flag set 1.
-	flags2: count;	##< Flag set 2.
-	tid: count;	##< TODO.
-	pid: count;	##< Process ID.
-	uid: count;	##< User ID.
-	mid: count;	##< TODO.
-};
+export {
+	## MAC times for a file.
+	type SMB::MACTimes: record {
+		modified : time &log;
+		accessed : time &log;
+		created  : time &log;
+		changed  : time &log;
+	} &log;
 
-## An SMB transaction.
-##
-## .. bro:see:: smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2
-type smb_trans : record {
-	word_count: count;	##< TODO.
-	total_param_count: count;	##< TODO.
-	total_data_count: count;	##< TODO.
-	max_param_count: count;	##< TODO.
-	max_data_count: count;	##< TODO.
-	max_setup_count: count;	##< TODO.
-#	flags: count;
-#	timeout: count;
-	param_count: count;	##< TODO.
-	param_offset: count;	##< TODO.
-	data_count: count;	##< TODO.
-	data_offset: count;	##< TODO.
-	setup_count: count;	##< TODO.
-	setup0: count;	##< TODO.
-	setup1: count;	##< TODO.
-	setup2: count;	##< TODO.
-	setup3: count;	##< TODO.
-	byte_count: count;	##< TODO.
-	parameters: string;	##< TODO.
-};
+	type SMB::NTLMVersion: record {
+		## The major version of the Windows operating system in use
+		major	: count;
+		## The minor version of the Windows operating system in use
+		minor	: count;
+		## The build number of the Windows operating system in use
+		build	: count;
+		## The current revision of NTLMSSP in use
+		ntlmssp : count;
+	};
+
+	type SMB::NTLMNegotiateFlags: record {
+		## If set, requires 56-bit encryption
+		negotiate_56			   : bool;
+		## If set, requests an explicit key exchange
+		negotiate_key_exch         	   : bool;
+		## If set, requests 128-bit session key negotiation
+		negotiate_128	           	   : bool;
+		## If set, requests the protocol version number
+		negotiate_version          	   : bool;
+		## If set, indicates that the TargetInfo fields in the
+		## CHALLENGE_MESSAGE are populated
+		negotiate_target_info              : bool;
+
+		## If set, requests the usage of the LMOWF function
+		request_non_nt_session_key         : bool;
+		## If set, requests and identify level token
+		negotiate_identify	           : bool;
+		## If set, requests usage of NTLM v2 session security
+		## Note: NTML v2 session security is actually NTLM v1
+		negotiate_extended_sessionsecurity : bool;
+		## If set, TargetName must be a server name
+		target_type_server	   	   : bool;
+		## If set, TargetName must be a domain name
+		target_type_domain	   	   : bool;
+
+		## If set, requests the presence of a signature block
+		## on all messages
+		negotiate_always_sign	   	   : bool;
+		## If set, the workstation name is provided
+		negotiate_oem_workstation_supplied : bool;
+		## If set, the domain name is provided
+		negotiate_oem_domain_supplied  	   : bool;
+		## If set, the connection should be anonymous
+		negotiate_anonymous_connection 	   : bool;
+		## If set, requests usage of NTLM v1
+		negotiate_ntlm                     : bool;
+
+		## If set, requests LAN Manager session key computation
+		negotiate_lm_key 	           : bool;
+		## If set, requests connectionless authentication
+		negotiate_datagram                 : bool;
+		## If set, requests session key negotiation for message 
+		## confidentiality
+		negotiate_seal                     : bool;
+		## If set, requests session key negotiation for message
+		## signatures
+		negotiate_sign 	                   : bool;
+		## If set, the TargetName field is present
+		request_target                     : bool;
+
+		## If set, requests OEM character set encoding
+		negotiate_oem   	           : bool;
+		## If set, requests Unicode character set encoding
+		negotiate_unicode                  : bool;
+	};
+
+	type SMB::NTLMNegotiate: record {
+		## The negotiate flags
+		flags		: SMB::NTLMNegotiateFlags;
+		## The domain name of the client, if known
+		domain_name	: string &optional;
+		## The machine name of the client, if known
+		workstation	: string &optional;
+		## The Windows version information, if supplied
+		version		: SMB::NTLMVersion &optional;
+	};
+
+	type SMB::NTLMAVs: record {
+		## The server's NetBIOS computer name
+		nb_computer_name	: string;
+		## The server's NetBIOS domain name
+		nb_domain_name		: string;
+		## The FQDN of the computer
+		dns_computer_name	: string &optional;
+		## The FQDN of the domain
+		dns_domain_name		: string &optional;
+		## The FQDN of the forest
+		dns_tree_name		: string &optional;
+
+		## Indicates to the client that the account
+		## authentication is constrained
+		constrained_auth	: bool &optional;
+		## The associated timestamp, if present
+		timestamp	  	: time &optional;
+		## Indicates that the client is providing
+		## mess achine ID created at computer startup to
+		## identify the calling machine
+		single_host_id		: count &optional;
+
+		## The SPN of the target server
+		target_name		: string &optional;
+	};
+
+	type SMB::NTLMChallenge: record {
+		## The negotiate flags
+		flags		: SMB::NTLMNegotiateFlags;
+		## The server authentication realm. If the server is
+		## domain-joined, the name of the domain. Otherwise
+		## the server name. See flags.target_type_domain
+		## and flags.target_type_server
+		target_name	: string &optional;
+		## The Windows version information, if supplied
+		version		: SMB::NTLMVersion &optional;
+		## Attribute-value pairs specified by the server
+		target_info	: SMB::NTLMAVs &optional;
+	};
+
+	type SMB::NTLMAuthenticate: record {
+		## The negotiate flags
+		flags		: SMB::NTLMNegotiateFlags;
+		## The domain or computer name hosting the account
+		domain_name	: string;
+		## The name of the user to be authenticated.
+		user_name	: string;
+		## The name of the computer to which the user was logged on.
+		workstation	: string;
+		## The Windows version information, if supplied
+		version		: SMB::NTLMVersion &optional;
+	};
+
+}
+
+module SMB1;
+
+export {
+	## An SMB1 header.
+	## 
+	## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
+	##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
+	##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
+	##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction
+	##    smb_com_transaction2 smb_com_tree_connect_andx smb_com_tree_disconnect
+	##    smb_com_write_andx smb_error smb_get_dfs_referral smb_message
+	type SMB1::Header : record {
+		command: count; ##< The command number
+		status: count;  ##< The status code.
+		flags: count;   ##< Flag set 1.
+		flags2: count;  ##< Flag set 2.
+		tid: count;     ##< Tree ID.
+		pid: count;     ##< Process ID.
+		uid: count;     ##< User ID.
+		mid: count;     ##< Multiplex ID.
+	};
+
+	type SMB1::NegotiateRawMode: record {
+		## Read raw supported
+		read_raw	: bool;
+		## Write raw supported
+		write_raw	: bool;
+	};
+
+	type SMB1::NegotiateCapabilities: record {
+		## The server supports SMB_COM_READ_RAW and SMB_COM_WRITE_RAW
+		raw_mode	   : bool;
+		## The server supports SMB_COM_READ_MPX and SMB_COM_WRITE_MPX
+		mpx_mode	   : bool;
+		## The server supports unicode strings
+		unicode		   : bool;
+		## The server supports large files with 64 bit offsets
+		large_files	   : bool;
+		## The server supports the SMBs particilar to the NT LM 0.12 dialect. Implies nt_find.
+		nt_smbs		   : bool;
+
+		## The server supports remote admin API requests via DCE-RPC
+		rpc_remote_apis	   : bool;
+		## The server can respond with 32 bit status codes in Status.Status
+		status32	   : bool;
+		## The server supports level 2 oplocks
+		level_2_oplocks	   : bool;
+		## The server supports SMB_COM_LOCK_AND_READ
+		lock_and_read	   : bool;
+		## Reserved
+		nt_find		   : bool;
+
+		## The server is DFS aware
+		dfs		   : bool;
+		## The server supports NT information level requests passing through
+		infolevel_passthru : bool;
+		## The server supports large SMB_COM_READ_ANDX (up to 64k)
+		large_readx	   : bool;
+		## The server supports large SMB_COM_WRITE_ANDX (up to 64k)
+		large_writex	   : bool;
+		## The server supports CIFS Extensions for UNIX
+		unix		   : bool;
+
+		## The server supports SMB_BULK_READ, SMB_BULK_WRITE
+		## Note: No known implementations support this
+		bulk_transfer	   : bool;
+		## The server supports compressed data transfer. Requires bulk_transfer.
+		## Note: No known implementations support this
+		compressed_data	   : bool;
+		## The server supports extended security exchanges	
+		extended_security  : bool;
+	};
+
+	type SMB1::NegotiateResponseSecurity: record {
+		## This indicates whether the server, as a whole, is operating under
+		## Share Level or User Level security.
+		user_level	  : bool;
+		## This indicates whether or not the server supports Challenge/Response
+		## authentication. If the bit is false, then plaintext passwords must
+		## be used.
+		challenge_response: bool;
+		## This indicates if the server is capable of performing MAC message
+		## signing. Note: Requires NT LM 0.12 or later.
+		signatures_enabled: bool &optional;
+		## This indicates if the server is requiring the use of a MAC in each
+		## packet. If false, message signing is optional. Note: Requires NT LM 0.12
+		## or later.
+		signatures_required: bool &optional;
+	};
+
+	type SMB1::NegotiateResponseCore: record {
+		## Count of parameter words (should be 1)
+		word_count	: count;
+		## Index of selected dialect
+		dialect_index	: count;
+	};
+
+	type SMB1::NegotiateResponseLANMAN: record {
+		## Count of parameter words (should be 13)
+		word_count	     : count;
+		## Index of selected dialect
+		dialect_index	     : count;
+		## Security mode
+		security_mode	     : SMB1::NegotiateResponseSecurity;
+		## Max transmit buffer size (>= 1024)
+		max_buffer_size	     : count;
+		## Max pending multiplexed requests
+		max_mpx_count	     : count;
+
+		## Max number of virtual circuits (VCs - transport-layer connections)
+		## between client and server
+		max_number_vcs	     : count;
+		## Raw mode
+		raw_mode	     : SMB1::NegotiateRawMode;
+		## Unique token identifying this session
+		session_key	     : count;
+		## Current date and time at server
+		server_time	     : time;
+		## The challenge encryption key
+		encryption_key	     : string;
+
+		## The server's primary domain
+		primary_domain	     : string;
+	};
+
+	type SMB1::NegotiateResponseNTLM: record {
+		## Count of parameter words (should be 17)
+		word_count	: count;
+		## Index of selected dialect
+		dialect_index	: count;
+		## Security mode
+		security_mode	: SMB1::NegotiateResponseSecurity;
+		## Max transmit buffer size
+		max_buffer_size	: count;
+		## Max pending multiplexed requests
+		max_mpx_count	: count;
+
+		## Max number of virtual circuits (VCs - transport-layer connections)
+		## between client and server
+		max_number_vcs	: count;
+		## Max raw buffer size
+		max_raw_size	: count;
+		## Unique token identifying this session
+		session_key	: count;
+		## Server capabilities
+		capabilities	: SMB1::NegotiateCapabilities;
+		## Current date and time at server
+		server_time	: time;
+
+		## The challenge encryption key.
+		## Present only for non-extended security (i.e. capabilities$extended_security = F)
+		encryption_key	: string &optional;
+		## The name of the domain.
+		## Present only for non-extended security (i.e. capabilities$extended_security = F)
+		domain_name	: string &optional;
+		## A globally unique identifier assigned to the server.
+		## Present only for extended security (i.e. capabilities$extended_security = T)
+		guid		: string &optional;
+		## Opaque security blob associated with the security package if capabilities$extended_security = T
+		## Otherwise, the challenge for challenge/response authentication.
+		security_blob	: string;
+	};
+
+	type SMB1::NegotiateResponse: record {
+		## If the server does not understand any of the dialect strings, or if 
+		## PC NETWORK PROGRAM 1.0 is the chosen dialect.
+		core	: SMB1::NegotiateResponseCore 	&optional;
+		## If the chosen dialect is greater than core up to and including
+		## LANMAN 2.1.
+		lanman  : SMB1::NegotiateResponseLANMAN  &optional;
+		## If the chosen dialect is NT LM 0.12.
+		ntlm	: SMB1::NegotiateResponseNTLM    &optional;
+	};
+
+	type SMB1::SessionSetupAndXCapabilities: record {
+		## The client can use unicode strings
+		unicode         : bool;
+		## The client can deal with files having 64 bit offsets
+		large_files     : bool;
+		## The client understands the SMBs introduced with NT LM 0.12
+		## Implies nt_find
+		nt_smbs         : bool;
+		## The client can receive 32 bit errors encoded in Status.Status
+		status32        : bool;
+		## The client understands Level II oplocks
+		level_2_oplocks : bool;
+		## Reserved. Implied by nt_smbs.
+		nt_find		: bool;
+	};
+
+	type SMB1::SessionSetupAndXRequest: record {
+		## Count of parameter words
+		##    - 10 for pre NT LM 0.12
+		##    - 12 for NT LM 0.12 with extended security
+		##    - 13 for NT LM 0.12 without extended security
+		word_count		  : count;
+		## Client maximum buffer size
+		max_buffer_size		  : count;
+		## Actual maximum multiplexed pending request
+		max_mpx_count		  : count;
+		## Virtual circuit number. First VC == 0
+		vc_number		  : count;
+		## Session key (valid iff vc_number > 0)
+		session_key		  : count;
+
+		## Client's native operating system
+		native_os		  : string;
+		## Client's native LAN Manager type
+		native_lanman		  : string;
+		## Account name
+		## Note: not set for NT LM 0.12 with extended security
+		account_name		  : string &optional;
+		## If challenge/response auth is not being used, this is the password.
+		## Otherwise, it's the response to the server's challenge.
+		## Note: Only set for pre NT LM 0.12
+		account_password	  : string &optional;		
+		## Client's primary domain, if known
+		## Note: not set for NT LM 0.12 with extended security
+		primary_domain		  : string &optional;
+
+		## Case insensitive password
+		## Note: only set for NT LM 0.12 without extended security
+		case_insensitive_password : string &optional;
+		## Case sensitive password
+		## Note: only set for NT LM 0.12 without extended security
+		case_sensitive_password	  : string &optional;
+		## Security blob
+		## Note: only set for NT LM 0.12 with extended security
+		security_blob		  : string &optional;
+		## Client capabilities
+		## Note: only set for NT LM 0.12
+		capabilities		  : SMB1::SessionSetupAndXCapabilities &optional;
+	};
+	
+	type SMB1::SessionSetupAndXResponse: record {
+		## Count of parameter words (should be 3 for pre NT LM 0.12 and 4 for NT LM 0.12)
+		word_count	: count;
+		## Were we logged in as a guest user?
+		is_guest	: bool &optional;
+		## Server's native operating system
+		native_os 	: string &optional;
+		## Server's native LAN Manager type
+		native_lanman	: string &optional;
+		## Server's primary domain
+		primary_domain	: string &optional;
+		## Security blob if NTLM
+		security_blob	: string &optional;
+	};
 
 
-## SMB transaction data.
-##
-## .. bro:see:: smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2
-##
-## .. todo:: Should this really be a record type?
-type smb_trans_data : record {
-	data : string;	##< The transaction's data.
-};
+}
 
-## Deprecated.
-##
-## .. todo:: Remove. It's still declared internally but doesn't seem  used anywhere
-##    else.
-type smb_tree_connect : record {
-	flags: count;
-	password: string;
-	path: string;
-	service: string;
-};
+module SMB2;
 
-## Deprecated.
-##
-## .. todo:: Remove. It's still declared internally but doesn't seem  used anywhere
-##    else.
-type smb_negotiate : table[count] of string;
+export {
+	type SMB2::Header: record {
+		credit_charge: count;
+		status: count;
+		command: count;
+		credits: count;
+		flags: count;
+		message_id: count;
+		process_id: count;
+		tree_id: count;
+		session_id: count;
+		signature: string;
+	};
+
+	type SMB2::GUID: record {
+		persistent: count;
+		volatile: count;
+	};
+
+	type SMB2::FileAttrs: record {
+		read_only: bool;
+		hidden: bool;
+		system: bool;
+		directory: bool;
+		archive: bool;
+		normal: bool;
+		temporary: bool;
+		sparse_file: bool;
+		reparse_point: bool;
+		compressed: bool;
+		offline: bool;
+		not_content_indexed: bool;
+		encrypted: bool;
+		integrity_stream: bool;
+		no_scrub_data: bool;
+	};
+
+	type SMB2::CloseResponse: record {
+		alloc_size : count;
+		eof        : count;
+		times      : SMB::MACTimes;
+		attrs      : SMB2::FileAttrs;
+	};
+
+	type SMB2::NegotiateResponse: record {
+		dialect_revision  : count;
+		security_mode     : count;
+		server_guid       : string;
+		system_time       : time;
+		server_start_time : time;
+	};
+
+	type SMB2::SessionSetupRequest: record {
+		security_mode: count;
+	};
+
+	type SMB2::SessionSetupFlags: record {
+		guest: bool;
+		anonymous: bool;
+		encrypt: bool;
+	};
+
+	type SMB2::SessionSetupResponse: record {
+		flags: SMB2::SessionSetupFlags;
+	};
+
+	type SMB2::TreeConnectResponse: record {
+		share_type: count;
+	};
+}
+
+module GLOBAL;
 
 ## A list of router addresses offered by a DHCP server.
 ##
diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.bro
index 610d205618..ec1ff05279 100644
--- a/scripts/base/init-default.bro
+++ b/scripts/base/init-default.bro
@@ -48,6 +48,7 @@
 @load base/protocols/modbus
 @load base/protocols/pop3
 @load base/protocols/radius
+@load base/protocols/smb
 @load base/protocols/snmp
 @load base/protocols/smtp
 @load base/protocols/socks
diff --git a/scripts/base/protocols/smb/__load__.bro b/scripts/base/protocols/smb/__load__.bro
new file mode 100644
index 0000000000..bfaf121fe1
--- /dev/null
+++ b/scripts/base/protocols/smb/__load__.bro
@@ -0,0 +1,8 @@
+@load ./consts
+@load ./const-dos-error
+@load ./const-nt-status
+@load ./main
+@load ./pipe
+@load ./smb1-main
+@load ./smb2-main
+@load ./files
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/const-dos-error.bro b/scripts/base/protocols/smb/const-dos-error.bro
new file mode 100644
index 0000000000..72236d8cba
--- /dev/null
+++ b/scripts/base/protocols/smb/const-dos-error.bro
@@ -0,0 +1,131 @@
+# DOS error codes.
+
+module SMB;
+
+redef SMB::statuses += {
+	[0x00010001] = [$id="badfunc", $desc="Incorrect function."],
+	[0x00010002] = [$id="error", $desc="Incorrect function."],
+	[0x00020001] = [$id="badfile", $desc="The system cannot find the file specified."],
+	[0x00020002] = [$id="badpw", $desc="Bad password."],
+	[0x00030001] = [$id="badpath", $desc="The system cannot find the path specified."],
+	[0x00030002] = [$id="badtype", $desc="reserved"],
+	[0x00040001] = [$id="nofids", $desc="The system cannot open the file."],
+	[0x00040002] = [$id="access", $desc="The client does not have the necessary access rights to perform the requested function."],
+	[0x00050001] = [$id="noaccess", $desc="Access is denied."],
+	[0x00050002] = [$id="invnid", $desc="The TID specified was invalid."],
+	[0x00060001] = [$id="badfid", $desc="The handle is invalid."],
+	[0x00060002] = [$id="invnetname", $desc="The network name cannot be found."],
+	[0x00070001] = [$id="badmcb", $desc="The storage control blocks were destroyed."],
+	[0x00070002] = [$id="invdevice", $desc="The device specified is invalid."],
+	[0x00080001] = [$id="nomem", $desc="Not enough storage is available to process this command."],
+	[0x00090001] = [$id="badmem", $desc="The storage control block address is invalid."],
+	[0x000a0001] = [$id="badenv", $desc="The environment is incorrect."],
+	[0x000c0001] = [$id="badaccess", $desc="The access code is invalid."],
+	[0x000d0001] = [$id="baddata", $desc="The data is invalid."],
+	[0x000e0001] = [$id="res", $desc="reserved"],
+	[0x000f0001] = [$id="baddrive", $desc="The system cannot find the drive specified."],
+	[0x00100001] = [$id="remcd", $desc="The directory cannot be removed."],
+	[0x00110001] = [$id="diffdevice", $desc="The system cannot move the file to a different disk drive."],
+	[0x00120001] = [$id="nofiles", $desc="There are no more files."],
+	[0x00130003] = [$id="nowrite", $desc="The media is write protected."],
+	[0x00140003] = [$id="badunit", $desc="The system cannot find the device specified."],
+	[0x00150003] = [$id="notready", $desc="The device is not ready."],
+	[0x00160002] = [$id="unknownsmb", $desc="The device does not recognize the command."],
+	[0x00160003] = [$id="badcmd", $desc="The device does not recognize the command."],
+	[0x00170003] = [$id="data", $desc="Data error (cyclic redundancy check)."],
+	[0x00180003] = [$id="badreq", $desc="The program issued a command but the command length is incorrect."],
+	[0x00190003] = [$id="seek", $desc="The drive cannot locate a specific area or track on the disk."],
+	[0x001a0003] = [$id="badmedia", $desc="The specified disk or diskette cannot be accessed."],
+	[0x001b0003] = [$id="badsector", $desc="The drive cannot find the sector requested."],
+	[0x001c0003] = [$id="nopaper", $desc="The printer is out of paper."],
+	[0x001d0003] = [$id="write", $desc="The system cannot write to the specified device."],
+	[0x001e0003] = [$id="read", $desc="The system cannot read from the specified device."],
+	[0x001f0001] = [$id="general", $desc="A device attached to the system is not functioning."],
+	[0x001f0003] = [$id="general", $desc="A device attached to the system is not functioning."],
+	[0x00200001] = [$id="badshare", $desc="The process cannot access the file because it is being used by another process."],
+	[0x00200003] = [$id="badshare", $desc="The process cannot access the file because it is being used by another process."],
+	[0x00210001] = [$id="lock", $desc="The process cannot access the file because another process has locked a portion of the file."],
+	[0x00210003] = [$id="lock", $desc="The process cannot access the file because another process has locked a portion of the file."],
+	[0x00220003] = [$id="wrongdisk", $desc="The wrong diskette is in the drive."],
+	[0x00230003] = [$id="FCBunavail", $desc="No FCBs are available to process the request."],
+	[0x00240003] = [$id="sharebufexc", $desc="A sharing buffer has been exceeded."],
+	[0x00270003] = [$id="diskfull", $desc="The disk is full."],
+	[0x00310002] = [$id="qfull", $desc="The print queue is full."],
+	[0x00320001] = [$id="unsup", $desc="The network request is not supported."],
+	[0x00320002] = [$id="qtoobig", $desc="The queued item too big."],
+	[0x00340002] = [$id="invpfid", $desc="The print file FID is invalid."],
+	[0x00340001] = [$id="dupname", $desc="A duplicate name exists on the network."],
+	[0x00400001] = [$id="netnamedel", $desc="The specified network name is no longer available."],
+	[0x00400002] = [$id="smbcmd", $desc="The server did not recognize the command received."],
+	[0x00410002] = [$id="srverror", $desc="The server encountered an internal error."],
+	[0x00420001] = [$id="noipc", $desc="The network resource type is not correct."],
+	[0x00430001] = [$id="nosuchshare", $desc="The network name cannot be found."],
+	[0x00430002] = [$id="filespecs", $desc="The specified FID and pathname combination is invalid."],
+	[0x00440002] = [$id="badlink", $desc="reserved"],
+	[0x00450002] = [$id="badpermits", $desc="The access permissions specified for a file or directory are not a valid combination."],
+	[0x00460002] = [$id="badpid", $desc="reserved"],
+	[0x00470001] = [$id="nomoreconn", $desc="nomoreconn."],
+	[0x00470002] = [$id="setattrmode", $desc="The attribute mode specified is invalid."],
+	[0x00500001] = [$id="filexists", $desc="The file exists."],
+	[0x00510002] = [$id="paused", $desc="The message server is paused."],
+	[0x00520002] = [$id="msgoff", $desc="Not receiving messages."],
+	[0x00530002] = [$id="noroom", $desc="No room to buffer message."],
+	[0x00570001] = [$id="invalidparam", $desc="The parameter is incorrect."],
+	[0x00570002] = [$id="rmuns", $desc="Too many remote usernames."],
+	[0x00580002] = [$id="timeout", $desc="Operation timed out."],
+	[0x00590002] = [$id="noresource", $desc="No resources currently available for request."],
+	[0x005a0002] = [$id="toomanyuids", $desc="Too many Uids active on this session."],
+	[0x005b0002] = [$id="baduid", $desc="The Uid is not known as a valid user identifier on this session."],
+	[0x006d0001] = [$id="brokenpipe", $desc="The pipe has been ended."],
+	[0x006e0001] = [$id="cannotopen", $desc="The system cannot open the device or file specified."],
+	[0x007a0001] = [$id="insufficientbuffer", $desc="The data area passed to a system call is too small."],
+	[0x007b0001] = [$id="invalidname", $desc="The filename, directory name, or volume label syntax is incorrect."],
+	[0x007c0001] = [$id="unknownlevel", $desc="The system call level is not correct."],
+	[0x00910001] = [$id="notempty", $desc="The directory is not empty."],
+	[0x009e0001] = [$id="notlocked", $desc="The segment is already unlocked."],
+	[0x00b70001] = [$id="rename", $desc="Cannot create a file when that file already exists."],
+	[0x00e60001] = [$id="badpipe", $desc="The pipe state is invalid."],
+	[0x00e70001] = [$id="pipebusy", $desc="All pipe instances are busy."],
+	[0x00e80001] = [$id="pipeclosing", $desc="The pipe is being closed."],
+	[0x00e90001] = [$id="notconnected", $desc="No process is on the other end of the pipe."],
+	[0x00ea0001] = [$id="moredata", $desc="More data is available."],
+	[0x00fa0002] = [$id="usempx", $desc="Temporarily unable to support Raw, use Mpx mode."],
+	[0x00fb0002] = [$id="usestd", $desc="Temporarily unable to support Raw, use standard read/write."],
+	[0x00fc0002] = [$id="contmpx", $desc="Continue in MPX mode."],
+	[0x00fe0002] = [$id="badPassword", $desc="reserved"],
+	[0x01030001] = [$id="nomoreitems", $desc="No more data is available."],
+	[0x010b0001] = [$id="baddirectory", $desc="The directory name is invalid."],
+	[0x011a0001] = [$id="easnotsupported", $desc="The mounted file system does not support extended attributes."],
+	[0x04000002] = [$id="_NOTIFY_ENUM_DIR", $desc="Too many files have changed since the last time an NT_TRANSACT_NOTIFY_CHANGE was issued."],
+	[0x052e0001] = [$id="logonfailure", $desc="Logon failure: unknown user name or bad password."],
+	[0x07030001] = [$id="driveralreadyinstalled", $desc="The specified printer driver is already installed."],
+	[0x07040001] = [$id="unknownprinterport", $desc="The specified port is unknown."],
+	[0x07050001] = [$id="unknownprinterdriver", $desc="The printer driver is unknown."],
+	[0x07060001] = [$id="unknownprintprocessor", $desc="The print processor is unknown."],
+	[0x07070001] = [$id="invalidseparatorfile", $desc="The specified separator file is invalid."],
+	[0x07080001] = [$id="invalidjobpriority", $desc="The specified priority is invalid."],
+	[0x07090001] = [$id="invalidprintername", $desc="The printer name is invalid."],
+	[0x070a0001] = [$id="printeralreadyexists", $desc="The printer already exists."],
+	[0x070b0001] = [$id="invalidprintercommand", $desc="The printer command is invalid."],
+	[0x070c0001] = [$id="invaliddatatype", $desc="The specified datatype is invalid."],
+	[0x070d0001] = [$id="invalidenvironment", $desc="The Environment specified is invalid."],
+	[0x084b0001] = [$id="buftoosmall", $desc="The API return buffer is too small."],
+	[0x085e0001] = [$id="unknownipc", $desc="The requested API is not supported on the remote server."],
+	[0x08670001] = [$id="nosuchprintjob", $desc="The print job does not exist."],
+	[0x08bf0002] = [$id="accountExpired", $desc="This user account has expired."],
+	[0x08c00002] = [$id="badClient", $desc="The user is not allowed to log on from this workstation."],
+	[0x08c10002] = [$id="badLogonTime", $desc="The user is not allowed to log on at this time."],
+	[0x08c20002] = [$id="passwordExpired", $desc="The password of this user has expired."],
+	[0x09970001] = [$id="invgroup", $desc="invgroup"],
+	[0x0bb80001] = [$id="unknownprintmonitor", $desc="The specified print monitor is unknown."],
+	[0x0bb90001] = [$id="printerdriverinuse", $desc="The specified printer driver is currently in use."],
+	[0x0bba0001] = [$id="spoolfilenotfound", $desc="The spool file was not found."],
+	[0x0bbb0001] = [$id="nostartdoc", $desc="A StartDocPrinter call was not issued."],
+	[0x0bbc0001] = [$id="noaddjob", $desc="An AddJob call was not issued."],
+	[0x0bbd0001] = [$id="printprocessoralreadyinstalled", $desc="The specified print processor has already been installed."],
+	[0x0bbe0001] = [$id="printmonitoralreadyinstalled", $desc="The specified print monitor has already been installed."],
+	[0x0bbf0001] = [$id="invalidprintmonitor", $desc="The specified print monitor does not have the required functions."],
+	[0x0bc00001] = [$id="printmonitorinuse", $desc="The specified print monitor is currently in use."],
+	[0x0bc10001] = [$id="printerhasjobsqueued", $desc="The requested operation is not allowed when there are jobs queued to the printer."],
+	[0xffff0002] = [$id="nosupport", $desc="Function not supported."],
+};
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/const-nt-status.bro b/scripts/base/protocols/smb/const-nt-status.bro
new file mode 100644
index 0000000000..2af1cfa0c0
--- /dev/null
+++ b/scripts/base/protocols/smb/const-nt-status.bro
@@ -0,0 +1,1792 @@
+# NT status codes.
+
+module SMB;
+
+redef SMB::statuses += {
+	[0x00000001] = [$id="WAIT_1", $desc="The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."],
+	[0x00000002] = [$id="WAIT_2", $desc="The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."],
+	[0x00000003] = [$id="WAIT_3", $desc="The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."],
+	[0x0000003F] = [$id="WAIT_63", $desc="The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."],
+	[0x00000080] = [$id="ABANDONED", $desc="The caller attempted to wait for a mutex that has been abandoned."],
+	[0x000000BF] = [$id="ABANDONED_WAIT_63", $desc="The caller attempted to wait for a mutex that has been abandoned."],
+	[0x000000C0] = [$id="USER_APC", $desc="A user-mode APC was delivered before the given Interval expired."],
+	[0x00000101] = [$id="ALERTED", $desc="The delay completed because the thread was alerted."],
+	[0x00000102] = [$id="TIMEOUT", $desc="The given Timeout interval expired."],
+	[0x00000103] = [$id="PENDING", $desc="The operation that was requested is pending completion."],
+	[0x00000104] = [$id="REPARSE", $desc="A reparse should be performed by the Object Manager because the name of the file resulted in a symbolic link."],
+	[0x00000105] = [$id="MORE_ENTRIES", $desc="Returned by enumeration APIs to indicate more information is available to successive calls."],
+	[0x00000106] = [$id="NOT_ALL_ASSIGNED", $desc="Indicates not all privileges or groups that are referenced are assigned to the caller. This allows, for example, all privileges to be disabled without having to know exactly which privileges are assigned."],
+	[0x00000107] = [$id="SOME_NOT_MAPPED", $desc="Some of the information to be translated has not been translated."],
+	[0x00000108] = [$id="OPLOCK_BREAK_IN_PROGRESS", $desc="An open/create operation completed while an opportunistic lock (oplock) break is underway."],
+	[0x00000109] = [$id="VOLUME_MOUNTED", $desc="A new volume has been mounted by a file system."],
+	[0x0000010A] = [$id="RXACT_COMMITTED", $desc="This success level status indicates that the transaction state already exists for the registry subtree but that a transaction commit was previously aborted. The commit has now been completed."],
+	[0x0000010B] = [$id="NOTIFY_CLEANUP", $desc="Indicates that a notify change request has been completed due to closing the handle that made the notify change request."],
+	[0x0000010C] = [$id="NOTIFY_ENUM_DIR", $desc="Indicates that a notify change request is being completed and that the information is not being returned in the caller's buffer. The caller now needs to enumerate the files to find the changes."],
+	[0x0000010D] = [$id="NO_QUOTAS_FOR_ACCOUNT", $desc="{No Quotas} No system quota limits are specifically set for this account."],
+	[0x0000010E] = [$id="PRIMARY_TRANSPORT_CONNECT_FAILED", $desc="{Connect Failure on Primary Transport} An attempt was made to connect to the remote server %hs on the primary transport, but the connection failed. The computer WAS able to connect on a secondary transport."],
+	[0x00000110] = [$id="PAGE_FAULT_TRANSITION", $desc="The page fault was a transition fault."],
+	[0x00000111] = [$id="PAGE_FAULT_DEMAND_ZERO", $desc="The page fault was a demand zero fault."],
+	[0x00000112] = [$id="PAGE_FAULT_COPY_ON_WRITE", $desc="The page fault was a demand zero fault."],
+	[0x00000113] = [$id="PAGE_FAULT_GUARD_PAGE", $desc="The page fault was a demand zero fault."],
+	[0x00000114] = [$id="PAGE_FAULT_PAGING_FILE", $desc="The page fault was satisfied by reading from a secondary storage device."],
+	[0x00000115] = [$id="CACHE_PAGE_LOCKED", $desc="The cached page was locked during operation."],
+	[0x00000116] = [$id="CRASH_DUMP", $desc="The crash dump exists in a paging file."],
+	[0x00000117] = [$id="BUFFER_ALL_ZEROS", $desc="The specified buffer contains all zeros."],
+	[0x00000118] = [$id="REPARSE_OBJECT", $desc="A reparse should be performed by the Object Manager because the name of the file resulted in a symbolic link."],
+	[0x00000119] = [$id="RESOURCE_REQUIREMENTS_CHANGED", $desc="The device has succeeded a query-stop and its resource requirements have changed."],
+	[0x00000120] = [$id="TRANSLATION_COMPLETE", $desc="The translator has translated these resources into the global space and no additional translations should be performed."],
+	[0x00000121] = [$id="DS_MEMBERSHIP_EVALUATED_LOCALLY", $desc="The directory service evaluated group memberships locally, because it was unable to contact a global catalog server."],
+	[0x00000122] = [$id="NOTHING_TO_TERMINATE", $desc="A process being terminated has no threads to terminate."],
+	[0x00000123] = [$id="PROCESS_NOT_IN_JOB", $desc="The specified process is not part of a job."],
+	[0x00000124] = [$id="PROCESS_IN_JOB", $desc="The specified process is part of a job."],
+	[0x00000125] = [$id="VOLSNAP_HIBERNATE_READY", $desc="{Volume Shadow Copy Service} The system is now ready for hibernation."],
+	[0x00000126] = [$id="FSFILTER_OP_COMPLETED_SUCCESSFULLY", $desc="A file system or file system filter driver has successfully completed an FsFilter operation."],
+	[0x00000127] = [$id="INTERRUPT_VECTOR_ALREADY_CONNECTED", $desc="The specified interrupt vector was already connected."],
+	[0x00000128] = [$id="INTERRUPT_STILL_CONNECTED", $desc="The specified interrupt vector is still connected."],
+	[0x00000129] = [$id="PROCESS_CLONED", $desc="The current process is a cloned process."],
+	[0x0000012A] = [$id="FILE_LOCKED_WITH_ONLY_READERS", $desc="The file was locked and all users of the file can only read."],
+	[0x0000012B] = [$id="FILE_LOCKED_WITH_WRITERS", $desc="The file was locked and at least one user of the file can write."],
+	[0x00000202] = [$id="RESOURCEMANAGER_READ_ONLY", $desc="The specified ResourceManager made no changes or updates to the resource under this transaction."],
+	[0x00000367] = [$id="WAIT_FOR_OPLOCK", $desc="An operation is blocked and waiting for an oplock."],
+	[0x00010001] = [$id="DBG_EXCEPTION_HANDLED", $desc="Debugger handled the exception."],
+	[0x00010002] = [$id="DBG_CONTINUE", $desc="The debugger continued."],
+	[0x001C0001] = [$id="FLT_IO_COMPLETE", $desc="The IO was completed by a filter."],
+	[0xC0000467] = [$id="FILE_NOT_AVAILABLE", $desc="The file is temporarily unavailable."],
+	[0xC0000721] = [$id="CALLBACK_RETURNED_THREAD_AFFINITY", $desc="A threadpool worker thread entered a callback at thread affinity %p and exited at affinity %p."],
+	[0x40000000] = [$id="OBJECT_NAME_EXISTS", $desc="{Object Exists} An attempt was made to create an object but the object name already exists."],
+	[0x40000001] = [$id="THREAD_WAS_SUSPENDED", $desc="{Thread Suspended} A thread termination occurred while the thread was suspended. The thread resumed, and termination proceeded."],
+	[0x40000002] = [$id="WORKING_SET_LIMIT_RANGE", $desc="{Working Set Range Error} An attempt was made to set the working set minimum or maximum to values that are outside the allowable range."],
+	[0x40000003] = [$id="IMAGE_NOT_AT_BASE", $desc="{Image Relocated} An image file could not be mapped at the address that is specified in the image file. Local fixes must be performed on this image."],
+	[0x40000004] = [$id="RXACT_STATE_CREATED", $desc="This informational level status indicates that a specified registry subtree transaction state did not yet exist and had to be created."],
+	[0x40000005] = [$id="SEGMENT_NOTIFICATION", $desc="{Segment Load} A virtual DOS machine (VDM) is loading, unloading, or moving an MS-DOS or Win16 program segment image. An exception is raised so that a debugger can load, unload, or track symbols and breakpoints within these 16-bit segments."],
+	[0x40000006] = [$id="LOCAL_USER_SESSION_KEY", $desc="{Local Session Key} A user session key was requested for a local remote procedure call (RPC) connection. The session key that is returned is a constant value and not unique to this connection."],
+	[0x40000007] = [$id="BAD_CURRENT_DIRECTORY", $desc="{Invalid Current Directory} The process cannot switch to the startup current directory %hs. Select OK to set the current directory to %hs, or select CANCEL to exit."],
+	[0x40000008] = [$id="SERIAL_MORE_WRITES", $desc="{Serial IOCTL Complete} A serial I/O operation was completed by another write to a serial port. (The IOCTL_SERIAL_XOFF_COUNTER reached zero.)"],
+	[0x40000009] = [$id="REGISTRY_RECOVERED", $desc="{Registry Recovery} One of the files that contains the system registry data had to be recovered by using a log or alternate copy. The recovery was successful."],
+	[0x4000000A] = [$id="FT_READ_RECOVERY_FROM_BACKUP", $desc="{Redundant Read} To satisfy a read request, the Windows NT fault-tolerant file system successfully read the requested data from a redundant copy. This was done because the file system encountered a failure on a member of the fault-tolerant volume but was unable to reassign the failing area of the device."],
+	[0x4000000B] = [$id="FT_WRITE_RECOVERY", $desc="{Redundant Write} To satisfy a write request, the Windows NT fault-tolerant file system successfully wrote a redundant copy of the information. This was done because the file system encountered a failure on a member of the fault-tolerant volume but was unable to reassign the failing area of the device."],
+	[0x4000000C] = [$id="SERIAL_COUNTER_TIMEOUT", $desc="{Serial IOCTL Timeout} A serial I/O operation completed because the time-out period expired. (The IOCTL_SERIAL_XOFF_COUNTER had not reached zero.)"],
+	[0x4000000D] = [$id="NULL_LM_PASSWORD", $desc="{Password Too Complex} The Windows password is too complex to be converted to a LAN Manager password. The LAN Manager password that returned is a NULL string."],
+	[0x4000000E] = [$id="IMAGE_MACHINE_TYPE_MISMATCH", $desc="{Machine Type Mismatch} The image file %hs is valid but is for a machine type other than the current machine. Select OK to continue, or CANCEL to fail the DLL load."],
+	[0x4000000F] = [$id="RECEIVE_PARTIAL", $desc="{Partial Data Received} The network transport returned partial data to its client. The remaining data will be sent later."],
+	[0x40000010] = [$id="RECEIVE_EXPEDITED", $desc="{Expedited Data Received} The network transport returned data to its client that was marked as expedited by the remote system."],
+	[0x40000011] = [$id="RECEIVE_PARTIAL_EXPEDITED", $desc="{Partial Expedited Data Received} The network transport returned partial data to its client and this data was marked as expedited by the remote system. The remaining data will be sent later."],
+	[0x40000012] = [$id="EVENT_DONE", $desc="{TDI Event Done} The TDI indication has completed successfully."],
+	[0x40000013] = [$id="EVENT_PENDING", $desc="{TDI Event Pending} The TDI indication has entered the pending state."],
+	[0x40000014] = [$id="CHECKING_FILE_SYSTEM", $desc="Checking file system on %wZ."],
+	[0x40000015] = [$id="FATAL_APP_EXIT", $desc="{Fatal Application Exit} %hs"],
+	[0x40000016] = [$id="PREDEFINED_HANDLE", $desc="The specified registry key is referenced by a predefined handle."],
+	[0x40000017] = [$id="WAS_UNLOCKED", $desc="{Page Unlocked} The page protection of a locked page was changed to 'No Access' and the page was unlocked from memory and from the process."],
+	[0x40000018] = [$id="SERVICE_NOTIFICATION", $desc="%hs"],
+	[0x40000019] = [$id="WAS_LOCKED", $desc="{Page Locked} One of the pages to lock was already locked."],
+	[0x4000001A] = [$id="LOG_HARD_ERROR", $desc="Application popup: %1 : %2"],
+	[0x4000001B] = [$id="ALREADY_WIN32", $desc="A Win32 process already exists."],
+	[0x4000001C] = [$id="WX86_UNSIMULATE", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x4000001D] = [$id="WX86_CONTINUE", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x4000001E] = [$id="WX86_SINGLE_STEP", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x4000001F] = [$id="WX86_BREAKPOINT", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x40000020] = [$id="WX86_EXCEPTION_CONTINUE", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x40000021] = [$id="WX86_EXCEPTION_LASTCHANCE", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x40000022] = [$id="WX86_EXCEPTION_CHAIN", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x40000023] = [$id="IMAGE_MACHINE_TYPE_MISMATCH_EXE", $desc="{Machine Type Mismatch} The image file %hs is valid but is for a machine type other than the current machine."],
+	[0x40000024] = [$id="NO_YIELD_PERFORMED", $desc="A yield execution was performed and no thread was available to run."],
+	[0x40000025] = [$id="TIMER_RESUME_IGNORED", $desc="The resume flag to a timer API was ignored."],
+	[0x40000026] = [$id="ARBITRATION_UNHANDLED", $desc="The arbiter has deferred arbitration of these resources to its parent."],
+	[0x40000027] = [$id="CARDBUS_NOT_SUPPORTED", $desc="The device has detected a CardBus card in its slot."],
+	[0x40000028] = [$id="WX86_CREATEWX86TIB", $desc="An exception status code that is used by the Win32 x86 emulation subsystem."],
+	[0x40000029] = [$id="MP_PROCESSOR_MISMATCH", $desc="The CPUs in this multiprocessor system are not all the same revision level. To use all processors, the operating system restricts itself to the features of the least capable processor in the system. If problems occur with this system, contact the CPU manufacturer to see if this mix of processors is supported."],
+	[0x4000002A] = [$id="HIBERNATED", $desc="The system was put into hibernation."],
+	[0x4000002B] = [$id="RESUME_HIBERNATION", $desc="The system was resumed from hibernation."],
+	[0x4000002C] = [$id="FIRMWARE_UPDATED", $desc="0x4000002D<br />STATUS_DRIVERS_LEAKING_LOCKED_PAGES"],
+	[0x4000002E] = [$id="MESSAGE_RETRIEVED", $desc="The ALPC message being canceled has already been retrieved from the queue on the other side."],
+	[0x4000002F] = [$id="SYSTEM_POWERSTATE_TRANSITION", $desc="The system power state is transitioning from %2 to %3."],
+	[0x40000030] = [$id="ALPC_CHECK_COMPLETION_LIST", $desc="The receive operation was successful. Check the ALPC completion list for the received message."],
+	[0x40000031] = [$id="SYSTEM_POWERSTATE_COMPLEX_TRANSITION", $desc="The system power state is transitioning from %2 to %3 but could enter %4."],
+	[0x40000032] = [$id="ACCESS_AUDIT_BY_POLICY", $desc="Access to %1 is monitored by policy rule %2."],
+	[0x40000033] = [$id="ABANDON_HIBERFILE", $desc="A valid hibernation file has been invalidated and should be abandoned."],
+	[0x40000034] = [$id="BIZRULES_NOT_ENABLED", $desc="Business rule scripts are disabled for the calling application."],
+	[0x40000294] = [$id="WAKE_SYSTEM", $desc="The system has awoken."],
+	[0x40000370] = [$id="DS_SHUTTING_DOWN", $desc="The directory service is shutting down."],
+	[0x40010001] = [$id="DBG_REPLY_LATER", $desc="Debugger will reply later."],
+	[0x40010002] = [$id="DBG_UNABLE_TO_PROVIDE_HANDLE", $desc="Debugger cannot provide a handle."],
+	[0x40010003] = [$id="DBG_TERMINATE_THREAD", $desc="Debugger terminated the thread."],
+	[0x40010004] = [$id="DBG_TERMINATE_PROCESS", $desc="Debugger terminated the process."],
+	[0x40010005] = [$id="DBG_CONTROL_C", $desc="Debugger obtained control of C."],
+	[0x40010006] = [$id="DBG_PRINTEXCEPTION_C", $desc="Debugger printed an exception on control C."],
+	[0x40010007] = [$id="DBG_RIPEXCEPTION", $desc="Debugger received a RIP exception."],
+	[0x40010008] = [$id="DBG_CONTROL_BREAK", $desc="Debugger received a control break."],
+	[0x40010009] = [$id="DBG_COMMAND_EXCEPTION", $desc="Debugger command communication exception."],
+	[0x40020056] = [$id="RPC_NT_UUID_LOCAL_ONLY", $desc="A UUID that is valid only on this computer has been allocated."],
+	[0x400200AF] = [$id="RPC_NT_SEND_INCOMPLETE", $desc="Some data remains to be sent in the request buffer."],
+	[0x400A0004] = [$id="CTX_CDM_CONNECT", $desc="The Client Drive Mapping Service has connected on Terminal Connection."],
+	[0x400A0005] = [$id="CTX_CDM_DISCONNECT", $desc="The Client Drive Mapping Service has disconnected on Terminal Connection."],
+	[0x4015000D] = [$id="SXS_RELEASE_ACTIVATION_CONTEXT", $desc="A kernel mode component is releasing a reference on an activation context."],
+	[0x40190034] = [$id="RECOVERY_NOT_NEEDED", $desc="The transactional resource manager is already consistent. Recovery is not needed."],
+	[0x40190035] = [$id="RM_ALREADY_STARTED", $desc="The transactional resource manager has already been started."],
+	[0x401A000C] = [$id="LOG_NO_RESTART", $desc="The log service encountered a log stream with no restart area."],
+	[0x401B00EC] = [$id="VIDEO_DRIVER_DEBUG_REPORT_REQUEST", $desc="{Display Driver Recovered From Failure} The %hs display driver has detected a failure and recovered from it. Some graphical operations may have failed. The next time you restart the machine, a dialog box appears, giving you an opportunity to upload data about this failure to Microsoft."],
+	[0x401E000A] = [$id="GRAPHICS_PARTIAL_DATA_POPULATED", $desc="The specified buffer is not big enough to contain the entire requested dataset. Partial data is populated up to the size of the buffer."],
+	[0x401E0117] = [$id="GRAPHICS_DRIVER_MISMATCH", $desc="The kernel driver detected a version mismatch between it and the user mode driver."],
+	[0x401E0307] = [$id="GRAPHICS_MODE_NOT_PINNED", $desc="No mode is pinned on the specified VidPN source/target."],
+	[0x401E031E] = [$id="GRAPHICS_NO_PREFERRED_MODE", $desc="The specified mode set does not specify a preference for one of its modes."],
+	[0x401E034B] = [$id="GRAPHICS_DATASET_IS_EMPTY", $desc="The specified dataset (for example, mode set, frequency range set, descriptor set, or topology) is empty."],
+	[0x401E034C] = [$id="GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET", $desc="The specified dataset (for example, mode set, frequency range set, descriptor set, or topology) does not contain any more elements."],
+	[0x401E0351] = [$id="GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED", $desc="The specified content transformation is not pinned on the specified VidPN present path."],
+	[0x401E042F] = [$id="GRAPHICS_UNKNOWN_CHILD_STATUS", $desc="The child device presence was not reliably detected."],
+	[0x401E0437] = [$id="GRAPHICS_LEADLINK_START_DEFERRED", $desc="Starting the lead adapter in a linked configuration has been temporarily deferred."],
+	[0x401E0439] = [$id="GRAPHICS_POLLING_TOO_FREQUENTLY", $desc="The display adapter is being polled for children too frequently at the same polling level."],
+	[0x401E043A] = [$id="GRAPHICS_START_DEFERRED", $desc="Starting the adapter has been temporarily deferred."],
+	[0x40230001] = [$id="NDIS_INDICATION_REQUIRED", $desc="The request will be completed later by an NDIS status indication."],
+	[0x80000001] = [$id="GUARD_PAGE_VIOLATION", $desc="{EXCEPTION} Guard Page Exception A page of memory that marks the end of a data structure, such as a stack or an array, has been accessed."],
+	[0x80000002] = [$id="DATATYPE_MISALIGNMENT", $desc="{EXCEPTION} Alignment Fault A data type misalignment was detected in a load or store instruction."],
+	[0x80000003] = [$id="BREAKPOINT", $desc="{EXCEPTION} Breakpoint A breakpoint has been reached."],
+	[0x80000004] = [$id="SINGLE_STEP", $desc="{EXCEPTION} Single Step A single step or trace operation has just been completed."],
+	[0x80000005] = [$id="BUFFER_OVERFLOW", $desc="{Buffer Overflow} The data was too large to fit into the specified buffer."],
+	[0x80000006] = [$id="NO_MORE_FILES", $desc="{No More Files} No more files were found which match the file specification."],
+	[0x80000007] = [$id="WAKE_SYSTEM_DEBUGGER", $desc="{Kernel Debugger Awakened} The system debugger was awakened by an interrupt."],
+	[0x8000000A] = [$id="HANDLES_CLOSED", $desc="{Handles Closed} Handles to objects have been automatically closed because of the requested operation."],
+	[0x8000000B] = [$id="NO_INHERITANCE", $desc="{Non-Inheritable ACL} An access control list (ACL) contains no components that can be inherited."],
+	[0x8000000C] = [$id="GUID_SUBSTITUTION_MADE", $desc="{GUID Substitution} During the translation of a globally unique identifier (GUID) to a Windows security ID (SID), no administratively defined GUID prefix was found. A substitute prefix was used, which will not compromise system security. However, this may provide a more restrictive access than intended."],
+	[0x8000000D] = [$id="PARTIAL_COPY", $desc="Because of protection conflicts, not all the requested bytes could be copied."],
+	[0x8000000E] = [$id="DEVICE_PAPER_EMPTY", $desc="{Out of Paper} The printer is out of paper."],
+	[0x8000000F] = [$id="DEVICE_POWERED_OFF", $desc="{Device Power Is Off} The printer power has been turned off."],
+	[0x80000010] = [$id="DEVICE_OFF_LINE", $desc="{Device Offline} The printer has been taken offline."],
+	[0x80000011] = [$id="DEVICE_BUSY", $desc="{Device Busy} The device is currently busy."],
+	[0x80000012] = [$id="NO_MORE_EAS", $desc="{No More EAs} No more extended attributes (EAs) were found for the file."],
+	[0x80000013] = [$id="INVALID_EA_NAME", $desc="{Illegal EA} The specified extended attribute (EA) name contains at least one illegal character."],
+	[0x80000014] = [$id="EA_LIST_INCONSISTENT", $desc="{Inconsistent EA List} The extended attribute (EA) list is inconsistent."],
+	[0x80000015] = [$id="INVALID_EA_FLAG", $desc="{Invalid EA Flag} An invalid extended attribute (EA) flag was set."],
+	[0x80000016] = [$id="VERIFY_REQUIRED", $desc="{Verifying Disk} The media has changed and a verify operation is in progress; therefore, no reads or writes may be performed to the device, except those that are used in the verify operation."],
+	[0x80000017] = [$id="EXTRANEOUS_INFORMATION", $desc="{Too Much Information} The specified access control list (ACL) contained more information than was expected."],
+	[0x80000018] = [$id="RXACT_COMMIT_NECESSARY", $desc="This warning level status indicates that the transaction state already exists for the registry subtree, but that a transaction commit was previously aborted. The commit has NOT been completed but has not been rolled back either; therefore, it may still be committed, if needed."],
+	[0x8000001A] = [$id="NO_MORE_ENTRIES", $desc="{No More Entries} No more entries are available from an enumeration operation."],
+	[0x8000001B] = [$id="FILEMARK_DETECTED", $desc="{Filemark Found} A filemark was detected."],
+	[0x8000001C] = [$id="MEDIA_CHANGED", $desc="{Media Changed} The media may have changed."],
+	[0x8000001D] = [$id="BUS_RESET", $desc="{I/O Bus Reset} An I/O bus reset was detected."],
+	[0x8000001E] = [$id="END_OF_MEDIA", $desc="{End of Media} The end of the media was encountered."],
+	[0x8000001F] = [$id="BEGINNING_OF_MEDIA", $desc="The beginning of a tape or partition has been detected."],
+	[0x80000020] = [$id="MEDIA_CHECK", $desc="{Media Changed} The media may have changed."],
+	[0x80000021] = [$id="SETMARK_DETECTED", $desc="A tape access reached a set mark."],
+	[0x80000022] = [$id="NO_DATA_DETECTED", $desc="During a tape access, the end of the data written is reached."],
+	[0x80000023] = [$id="REDIRECTOR_HAS_OPEN_HANDLES", $desc="The redirector is in use and cannot be unloaded."],
+	[0x80000024] = [$id="SERVER_HAS_OPEN_HANDLES", $desc="The server is in use and cannot be unloaded."],
+	[0x80000025] = [$id="ALREADY_DISCONNECTED", $desc="The specified connection has already been disconnected."],
+	[0x80000026] = [$id="LONGJUMP", $desc="A long jump has been executed."],
+	[0x80000027] = [$id="CLEANER_CARTRIDGE_INSTALLED", $desc="A cleaner cartridge is present in the tape library."],
+	[0x80000028] = [$id="PLUGPLAY_QUERY_VETOED", $desc="The Plug and Play query operation was not successful."],
+	[0x80000029] = [$id="UNWIND_CONSOLIDATE", $desc="A frame consolidation has been executed."],
+	[0x8000002A] = [$id="REGISTRY_HIVE_RECOVERED", $desc="{Registry Hive Recovered} The registry hive (file): %hs was corrupted and it has been recovered. Some data might have been lost."],
+	[0x8000002B] = [$id="DLL_MIGHT_BE_INSECURE", $desc="The application is attempting to run executable code from the module %hs. This may be insecure. An alternative, %hs, is available. Should the application use the secure module %hs?"],
+	[0x8000002C] = [$id="DLL_MIGHT_BE_INCOMPATIBLE", $desc="The application is loading executable code from the module %hs. This is secure but may be incompatible with previous releases of the operating system. An alternative, %hs, is available. Should the application use the secure module %hs?"],
+	[0x8000002D] = [$id="STOPPED_ON_SYMLINK", $desc="The create operation stopped after reaching a symbolic link."],
+	[0x80000288] = [$id="DEVICE_REQUIRES_CLEANING", $desc="The device has indicated that cleaning is necessary."],
+	[0x80000289] = [$id="DEVICE_DOOR_OPEN", $desc="The device has indicated that its door is open. Further operations require it closed and secured."],
+	[0x80000803] = [$id="DATA_LOST_REPAIR", $desc="0x80010001<br />DBG_EXCEPTION_NOT_HANDLED"],
+	[0x80130001] = [$id="CLUSTER_NODE_ALREADY_UP", $desc="The cluster node is already up."],
+	[0x80130002] = [$id="CLUSTER_NODE_ALREADY_DOWN", $desc="The cluster node is already down."],
+	[0x80130003] = [$id="CLUSTER_NETWORK_ALREADY_ONLINE", $desc="The cluster network is already online."],
+	[0x80130004] = [$id="CLUSTER_NETWORK_ALREADY_OFFLINE", $desc="The cluster network is already offline."],
+	[0x80130005] = [$id="CLUSTER_NODE_ALREADY_MEMBER", $desc="The cluster node is already a member of the cluster."],
+	[0x80190009] = [$id="COULD_NOT_RESIZE_LOG", $desc="The log could not be set to the requested size."],
+	[0x80190029] = [$id="NO_TXF_METADATA", $desc="There is no transaction metadata on the file."],
+	[0x80190031] = [$id="CANT_RECOVER_WITH_HANDLE_OPEN", $desc="The file cannot be recovered because there is a handle still open on it."],
+	[0x80190041] = [$id="TXF_METADATA_ALREADY_PRESENT", $desc="Transaction metadata is already present on this file and cannot be superseded."],
+	[0x80190042] = [$id="TRANSACTION_SCOPE_CALLBACKS_NOT_SET", $desc="A transaction scope could not be entered because the scope handler has not been initialized."],
+	[0x801B00EB] = [$id="VIDEO_HUNG_DISPLAY_DRIVER_THREAD_RECOVERED", $desc="{Display Driver Stopped Responding and recovered} The %hs display driver has stopped working normally. The recovery had been performed."],
+	[0x801C0001] = [$id="FLT_BUFFER_TOO_SMALL", $desc="{Buffer too small} The buffer is too small to contain the entry. No information has been written to the buffer."],
+	[0x80210001] = [$id="FVE_PARTIAL_METADATA", $desc="Volume metadata read or write is incomplete."],
+	[0x80210002] = [$id="FVE_TRANSIENT_STATE", $desc="BitLocker encryption keys were ignored because the volume was in a transient state."],
+	[0xC0000001] = [$id="UNSUCCESSFUL", $desc="{Operation Failed} The requested operation was unsuccessful."],
+	[0xC0000002] = [$id="NOT_IMPLEMENTED", $desc="{Not Implemented} The requested operation is not implemented."],
+	[0xC0000003] = [$id="INVALID_INFO_CLASS", $desc="{Invalid Parameter} The specified information class is not a valid information class for the specified object."],
+	[0xC0000004] = [$id="INFO_LENGTH_MISMATCH", $desc="The specified information record length does not match the length that is required for the specified information class."],
+	[0xC0000005] = [$id="ACCESS_VIOLATION", $desc="The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s."],
+	[0xC0000006] = [$id="IN_PAGE_ERROR", $desc="The instruction at 0x%08lx referenced memory at 0x%08lx. The required data was not placed into memory because of an I/O error status of 0x%08lx."],
+	[0xC0000007] = [$id="PAGEFILE_QUOTA", $desc="The page file quota for the process has been exhausted."],
+	[0xC0000008] = [$id="INVALID_HANDLE", $desc="An invalid HANDLE was specified."],
+	[0xC0000009] = [$id="BAD_INITIAL_STACK", $desc="An invalid initial stack was specified in a call to NtCreateThread."],
+	[0xC000000A] = [$id="BAD_INITIAL_PC", $desc="An invalid initial start address was specified in a call to NtCreateThread."],
+	[0xC000000B] = [$id="INVALID_CID", $desc="An invalid client ID was specified."],
+	[0xC000000C] = [$id="TIMER_NOT_CANCELED", $desc="An attempt was made to cancel or set a timer that has an associated APC and the specified thread is not the thread that originally set the timer with an associated APC routine."],
+	[0xC000000D] = [$id="INVALID_PARAMETER", $desc="An invalid parameter was passed to a service or function."],
+	[0xC000000E] = [$id="NO_SUCH_DEVICE", $desc="A device that does not exist was specified."],
+	[0xC000000F] = [$id="NO_SUCH_FILE", $desc="{File Not Found} The file %hs does not exist."],
+	[0xC0000010] = [$id="INVALID_DEVICE_REQUEST", $desc="The specified request is not a valid operation for the target device."],
+	[0xC0000011] = [$id="END_OF_FILE", $desc="The end-of-file marker has been reached. There is no valid data in the file beyond this marker."],
+	[0xC0000012] = [$id="WRONG_VOLUME", $desc="{Wrong Volume} The wrong volume is in the drive. Insert volume %hs into drive %hs."],
+	[0xC0000013] = [$id="NO_MEDIA_IN_DEVICE", $desc="{No Disk} There is no disk in the drive. Insert a disk into drive %hs."],
+	[0xC0000014] = [$id="UNRECOGNIZED_MEDIA", $desc="{Unknown Disk Format} The disk in drive %hs is not formatted properly. Check the disk, and reformat it, if needed."],
+	[0xC0000015] = [$id="NONEXISTENT_SECTOR", $desc="{Sector Not Found} The specified sector does not exist."],
+	[0xC0000016] = [$id="MORE_PROCESSING_REQUIRED", $desc="{Still Busy} The specified I/O request packet (IRP) cannot be disposed of because the I/O operation is not complete."],
+	[0xC0000017] = [$id="NO_MEMORY", $desc="{Not Enough Quota} Not enough virtual memory or paging file quota is available to complete the specified operation."],
+	[0xC0000018] = [$id="CONFLICTING_ADDRESSES", $desc="{Conflicting Address Range} The specified address range conflicts with the address space."],
+	[0xC0000019] = [$id="NOT_MAPPED_VIEW", $desc="The address range to unmap is not a mapped view."],
+	[0xC000001A] = [$id="UNABLE_TO_FREE_VM", $desc="The virtual memory cannot be freed."],
+	[0xC000001B] = [$id="UNABLE_TO_DELETE_SECTION", $desc="The specified section cannot be deleted."],
+	[0xC000001C] = [$id="INVALID_SYSTEM_SERVICE", $desc="An invalid system service was specified in a system service call."],
+	[0xC000001D] = [$id="ILLEGAL_INSTRUCTION", $desc="{EXCEPTION} Illegal Instruction An attempt was made to execute an illegal instruction."],
+	[0xC000001E] = [$id="INVALID_LOCK_SEQUENCE", $desc="{Invalid Lock Sequence} An attempt was made to execute an invalid lock sequence."],
+	[0xC000001F] = [$id="INVALID_VIEW_SIZE", $desc="{Invalid Mapping} An attempt was made to create a view for a section that is bigger than the section."],
+	[0xC0000020] = [$id="INVALID_FILE_FOR_SECTION", $desc="{Bad File} The attributes of the specified mapping file for a section of memory cannot be read."],
+	[0xC0000021] = [$id="ALREADY_COMMITTED", $desc="{Already Committed} The specified address range is already committed."],
+	[0xC0000022] = [$id="ACCESS_DENIED", $desc="{Access Denied} A process has requested access to an object but has not been granted those access rights."],
+	[0xC0000023] = [$id="BUFFER_TOO_SMALL", $desc="{Buffer Too Small} The buffer is too small to contain the entry. No information has been written to the buffer."],
+	[0xC0000024] = [$id="OBJECT_TYPE_MISMATCH", $desc="{Wrong Type} There is a mismatch between the type of object that is required by the requested operation and the type of object that is specified in the request."],
+	[0xC0000025] = [$id="NONCONTINUABLE_EXCEPTION", $desc="{EXCEPTION} Cannot Continue Windows cannot continue from this exception."],
+	[0xC0000026] = [$id="INVALID_DISPOSITION", $desc="An invalid exception disposition was returned by an exception handler."],
+	[0xC0000027] = [$id="UNWIND", $desc="Unwind exception code."],
+	[0xC0000028] = [$id="BAD_STACK", $desc="An invalid or unaligned stack was encountered during an unwind operation."],
+	[0xC0000029] = [$id="INVALID_UNWIND_TARGET", $desc="An invalid unwind target was encountered during an unwind operation."],
+	[0xC000002A] = [$id="NOT_LOCKED", $desc="An attempt was made to unlock a page of memory that was not locked."],
+	[0xC000002B] = [$id="PARITY_ERROR", $desc="A device parity error on an I/O operation."],
+	[0xC000002C] = [$id="UNABLE_TO_DECOMMIT_VM", $desc="An attempt was made to decommit uncommitted virtual memory."],
+	[0xC000002D] = [$id="NOT_COMMITTED", $desc="An attempt was made to change the attributes on memory that has not been committed."],
+	[0xC000002E] = [$id="INVALID_PORT_ATTRIBUTES", $desc="Invalid object attributes specified to NtCreatePort or invalid port attributes specified to NtConnectPort."],
+	[0xC000002F] = [$id="PORT_MESSAGE_TOO_LONG", $desc="The length of the message that was passed to NtRequestPort or NtRequestWaitReplyPort is longer than the maximum message that is allowed by the port."],
+	[0xC0000030] = [$id="INVALID_PARAMETER_MIX", $desc="An invalid combination of parameters was specified."],
+	[0xC0000031] = [$id="INVALID_QUOTA_LOWER", $desc="An attempt was made to lower a quota limit below the current usage."],
+	[0xC0000032] = [$id="DISK_CORRUPT_ERROR", $desc="{Corrupt Disk} The file system structure on the disk is corrupt and unusable. Run the Chkdsk utility on the volume %hs."],
+	[0xC0000033] = [$id="OBJECT_NAME_INVALID", $desc="The object name is invalid."],
+	[0xC0000034] = [$id="OBJECT_NAME_NOT_FOUND", $desc="The object name is not found."],
+	[0xC0000035] = [$id="OBJECT_NAME_COLLISION", $desc="The object name already exists."],
+	[0xC0000037] = [$id="PORT_DISCONNECTED", $desc="An attempt was made to send a message to a disconnected communication port."],
+	[0xC0000038] = [$id="DEVICE_ALREADY_ATTACHED", $desc="An attempt was made to attach to a device that was already attached to another device."],
+	[0xC0000039] = [$id="OBJECT_PATH_INVALID", $desc="The object path component was not a directory object."],
+	[0xC000003A] = [$id="OBJECT_PATH_NOT_FOUND", $desc="{Path Not Found} The path %hs does not exist."],
+	[0xC000003B] = [$id="OBJECT_PATH_SYNTAX_BAD", $desc="The object path component was not a directory object."],
+	[0xC000003C] = [$id="DATA_OVERRUN", $desc="{Data Overrun} A data overrun error occurred."],
+	[0xC000003D] = [$id="DATA_LATE_ERROR", $desc="{Data Late} A data late error occurred."],
+	[0xC000003E] = [$id="DATA_ERROR", $desc="{Data Error} An error occurred in reading or writing data."],
+	[0xC000003F] = [$id="CRC_ERROR", $desc="{Bad CRC} A cyclic redundancy check (CRC) checksum error occurred."],
+	[0xC0000040] = [$id="SECTION_TOO_BIG", $desc="{Section Too Large} The specified section is too big to map the file."],
+	[0xC0000041] = [$id="PORT_CONNECTION_REFUSED", $desc="The NtConnectPort request is refused."],
+	[0xC0000042] = [$id="INVALID_PORT_HANDLE", $desc="The type of port handle is invalid for the operation that is requested."],
+	[0xC0000043] = [$id="SHARING_VIOLATION", $desc="A file cannot be opened because the share access flags are incompatible."],
+	[0xC0000044] = [$id="QUOTA_EXCEEDED", $desc="Insufficient quota exists to complete the operation."],
+	[0xC0000045] = [$id="INVALID_PAGE_PROTECTION", $desc="The specified page protection was not valid."],
+	[0xC0000046] = [$id="MUTANT_NOT_OWNED", $desc="An attempt to release a mutant object was made by a thread that was not the owner of the mutant object."],
+	[0xC0000047] = [$id="SEMAPHORE_LIMIT_EXCEEDED", $desc="An attempt was made to release a semaphore such that its maximum count would have been exceeded."],
+	[0xC0000048] = [$id="PORT_ALREADY_SET", $desc="An attempt was made to set the DebugPort or ExceptionPort of a process, but a port already exists in the process, or an attempt was made to set the CompletionPort of a file but a port was already set in the file, or an attempt was made to set the associated completion port of an ALPC port but it is already set."],
+	[0xC0000049] = [$id="SECTION_NOT_IMAGE", $desc="An attempt was made to query image information on a section that does not map an image."],
+	[0xC000004A] = [$id="SUSPEND_COUNT_EXCEEDED", $desc="An attempt was made to suspend a thread whose suspend count was at its maximum."],
+	[0xC000004B] = [$id="THREAD_IS_TERMINATING", $desc="An attempt was made to suspend a thread that has begun termination."],
+	[0xC000004C] = [$id="BAD_WORKING_SET_LIMIT", $desc="An attempt was made to set the working set limit to an invalid value (for example, the minimum greater than maximum)."],
+	[0xC000004D] = [$id="INCOMPATIBLE_FILE_MAP", $desc="A section was created to map a file that is not compatible with an already existing section that maps the same file."],
+	[0xC000004E] = [$id="SECTION_PROTECTION", $desc="A view to a section specifies a protection that is incompatible with the protection of the initial view."],
+	[0xC000004F] = [$id="EAS_NOT_SUPPORTED", $desc="An operation involving EAs failed because the file system does not support EAs."],
+	[0xC0000050] = [$id="EA_TOO_LARGE", $desc="An EA operation failed because the EA set is too large."],
+	[0xC0000051] = [$id="NONEXISTENT_EA_ENTRY", $desc="An EA operation failed because the name or EA index is invalid."],
+	[0xC0000052] = [$id="NO_EAS_ON_FILE", $desc="The file for which EAs were requested has no EAs."],
+	[0xC0000053] = [$id="EA_CORRUPT_ERROR", $desc="The EA is corrupt and cannot be read."],
+	[0xC0000054] = [$id="FILE_LOCK_CONFLICT", $desc="A requested read/write cannot be granted due to a conflicting file lock."],
+	[0xC0000055] = [$id="LOCK_NOT_GRANTED", $desc="A requested file lock cannot be granted due to other existing locks."],
+	[0xC0000056] = [$id="DELETE_PENDING", $desc="A non-close operation has been requested of a file object that has a delete pending."],
+	[0xC0000057] = [$id="CTL_FILE_NOT_SUPPORTED", $desc="An attempt was made to set the control attribute on a file. This attribute is not supported in the destination file system."],
+	[0xC0000058] = [$id="UNKNOWN_REVISION", $desc="Indicates a revision number that was encountered or specified is not one that is known by the service. It may be a more recent revision than the service is aware of."],
+	[0xC0000059] = [$id="REVISION_MISMATCH", $desc="Indicates that two revision levels are incompatible."],
+	[0xC000005A] = [$id="INVALID_OWNER", $desc="Indicates a particular security ID may not be assigned as the owner of an object."],
+	[0xC000005B] = [$id="INVALID_PRIMARY_GROUP", $desc="Indicates a particular security ID may not be assigned as the primary group of an object."],
+	[0xC000005C] = [$id="NO_IMPERSONATION_TOKEN", $desc="An attempt has been made to operate on an impersonation token by a thread that is not currently impersonating a client."],
+	[0xC000005D] = [$id="CANT_DISABLE_MANDATORY", $desc="A mandatory group may not be disabled."],
+	[0xC000005E] = [$id="NO_LOGON_SERVERS", $desc="No logon servers are currently available to service the logon request."],
+	[0xC000005F] = [$id="NO_SUCH_LOGON_SESSION", $desc="A specified logon session does not exist. It may already have been terminated."],
+	[0xC0000060] = [$id="NO_SUCH_PRIVILEGE", $desc="A specified privilege does not exist."],
+	[0xC0000061] = [$id="PRIVILEGE_NOT_HELD", $desc="A required privilege is not held by the client."],
+	[0xC0000062] = [$id="INVALID_ACCOUNT_NAME", $desc="The name provided is not a properly formed account name."],
+	[0xC0000063] = [$id="USER_EXISTS", $desc="The specified account already exists."],
+	[0xC0000064] = [$id="NO_SUCH_USER", $desc="The specified account does not exist."],
+	[0xC0000065] = [$id="GROUP_EXISTS", $desc="The specified group already exists."],
+	[0xC0000066] = [$id="NO_SUCH_GROUP", $desc="The specified group does not exist."],
+	[0xC0000067] = [$id="MEMBER_IN_GROUP", $desc="The specified user account is already in the specified group account. Also used to indicate a group cannot be deleted because it contains a member."],
+	[0xC0000068] = [$id="MEMBER_NOT_IN_GROUP", $desc="The specified user account is not a member of the specified group account."],
+	[0xC0000069] = [$id="LAST_ADMIN", $desc="Indicates the requested operation would disable or delete the last remaining administration account. This is not allowed to prevent creating a situation in which the system cannot be administrated."],
+	[0xC000006A] = [$id="WRONG_PASSWORD", $desc="When trying to update a password, this return status indicates that the value provided as the current password is not correct."],
+	[0xC000006B] = [$id="ILL_FORMED_PASSWORD", $desc="When trying to update a password, this return status indicates that the value provided for the new password contains values that are not allowed in passwords."],
+	[0xC000006C] = [$id="PASSWORD_RESTRICTION", $desc="When trying to update a password, this status indicates that some password update rule has been violated. For example, the password may not meet length criteria."],
+	[0xC000006D] = [$id="LOGON_FAILURE", $desc="The attempted logon is invalid. This is either due to a bad username or authentication information."],
+	[0xC000006E] = [$id="ACCOUNT_RESTRICTION", $desc="Indicates a referenced user name and authentication information are valid, but some user account restriction has prevented successful authentication (such as time-of-day restrictions)."],
+	[0xC000006F] = [$id="INVALID_LOGON_HOURS", $desc="The user account has time restrictions and may not be logged onto at this time."],
+	[0xC0000070] = [$id="INVALID_WORKSTATION", $desc="The user account is restricted so that it may not be used to log on from the source workstation."],
+	[0xC0000071] = [$id="PASSWORD_EXPIRED", $desc="The user account password has expired."],
+	[0xC0000072] = [$id="ACCOUNT_DISABLED", $desc="The referenced account is currently disabled and may not be logged on to."],
+	[0xC0000073] = [$id="NONE_MAPPED", $desc="None of the information to be translated has been translated."],
+	[0xC0000074] = [$id="TOO_MANY_LUIDS_REQUESTED", $desc="The number of LUIDs requested may not be allocated with a single allocation."],
+	[0xC0000075] = [$id="LUIDS_EXHAUSTED", $desc="Indicates there are no more LUIDs to allocate."],
+	[0xC0000076] = [$id="INVALID_SUB_AUTHORITY", $desc="Indicates the sub-authority value is invalid for the particular use."],
+	[0xC0000077] = [$id="INVALID_ACL", $desc="Indicates the ACL structure is not valid."],
+	[0xC0000078] = [$id="INVALID_SID", $desc="Indicates the SID structure is not valid."],
+	[0xC0000079] = [$id="INVALID_SECURITY_DESCR", $desc="Indicates the SECURITY_DESCRIPTOR structure is not valid."],
+	[0xC000007A] = [$id="PROCEDURE_NOT_FOUND", $desc="Indicates the specified procedure address cannot be found in the DLL."],
+	[0xC000007B] = [$id="INVALID_IMAGE_FORMAT", $desc="{Bad Image} %hs is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support."],
+	[0xC000007C] = [$id="NO_TOKEN", $desc="An attempt was made to reference a token that does not exist. This is typically done by referencing the token that is associated with a thread when the thread is not impersonating a client."],
+	[0xC000007D] = [$id="BAD_INHERITANCE_ACL", $desc="Indicates that an attempt to build either an inherited ACL or ACE was not successful. This can be caused by a number of things. One of the more probable causes is the replacement of a CreatorId with a SID that did not fit into the ACE or ACL."],
+	[0xC000007E] = [$id="RANGE_NOT_LOCKED", $desc="The range specified in NtUnlockFile was not locked."],
+	[0xC000007F] = [$id="DISK_FULL", $desc="An operation failed because the disk was full."],
+	[0xC0000080] = [$id="SERVER_DISABLED", $desc="The GUID allocation server is disabled at the moment."],
+	[0xC0000081] = [$id="SERVER_NOT_DISABLED", $desc="The GUID allocation server is enabled at the moment."],
+	[0xC0000082] = [$id="TOO_MANY_GUIDS_REQUESTED", $desc="Too many GUIDs were requested from the allocation server at once."],
+	[0xC0000083] = [$id="GUIDS_EXHAUSTED", $desc="The GUIDs could not be allocated because the Authority Agent was exhausted."],
+	[0xC0000084] = [$id="INVALID_ID_AUTHORITY", $desc="The value provided was an invalid value for an identifier authority."],
+	[0xC0000085] = [$id="AGENTS_EXHAUSTED", $desc="No more authority agent values are available for the particular identifier authority value."],
+	[0xC0000086] = [$id="INVALID_VOLUME_LABEL", $desc="An invalid volume label has been specified."],
+	[0xC0000087] = [$id="SECTION_NOT_EXTENDED", $desc="A mapped section could not be extended."],
+	[0xC0000088] = [$id="NOT_MAPPED_DATA", $desc="Specified section to flush does not map a data file."],
+	[0xC0000089] = [$id="RESOURCE_DATA_NOT_FOUND", $desc="Indicates the specified image file did not contain a resource section."],
+	[0xC000008A] = [$id="RESOURCE_TYPE_NOT_FOUND", $desc="Indicates the specified resource type cannot be found in the image file."],
+	[0xC000008B] = [$id="RESOURCE_NAME_NOT_FOUND", $desc="Indicates the specified resource name cannot be found in the image file."],
+	[0xC000008C] = [$id="ARRAY_BOUNDS_EXCEEDED", $desc="{EXCEPTION} Array bounds exceeded."],
+	[0xC000008D] = [$id="FLOAT_DENORMAL_OPERAND", $desc="{EXCEPTION} Floating-point denormal operand."],
+	[0xC000008E] = [$id="FLOAT_DIVIDE_BY_ZERO", $desc="{EXCEPTION} Floating-point division by zero."],
+	[0xC000008F] = [$id="FLOAT_INEXACT_RESULT", $desc="{EXCEPTION} Floating-point inexact result."],
+	[0xC0000090] = [$id="FLOAT_INVALID_OPERATION", $desc="{EXCEPTION} Floating-point invalid operation."],
+	[0xC0000091] = [$id="FLOAT_OVERFLOW", $desc="{EXCEPTION} Floating-point overflow."],
+	[0xC0000092] = [$id="FLOAT_STACK_CHECK", $desc="{EXCEPTION} Floating-point stack check."],
+	[0xC0000093] = [$id="FLOAT_UNDERFLOW", $desc="{EXCEPTION} Floating-point underflow."],
+	[0xC0000094] = [$id="INTEGER_DIVIDE_BY_ZERO", $desc="{EXCEPTION} Integer division by zero."],
+	[0xC0000095] = [$id="INTEGER_OVERFLOW", $desc="{EXCEPTION} Integer overflow."],
+	[0xC0000096] = [$id="PRIVILEGED_INSTRUCTION", $desc="{EXCEPTION} Privileged instruction."],
+	[0xC0000097] = [$id="TOO_MANY_PAGING_FILES", $desc="An attempt was made to install more paging files than the system supports."],
+	[0xC0000098] = [$id="FILE_INVALID", $desc="The volume for a file has been externally altered such that the opened file is no longer valid."],
+	[0xC0000099] = [$id="ALLOTTED_SPACE_EXCEEDED", $desc="When a block of memory is allotted for future updates, such as the memory allocated to hold discretionary access control and primary group information, successive updates may exceed the amount of memory originally allotted. Because a quota may already have been charged to several processes that have handles to the object, it is not reasonable to alter the size of the allocated memory. Instead, a request that requires more memory than has been allotted must fail and the STATUS_ALLOTTED_SPACE_EXCEEDED error returned."],
+	[0xC000009A] = [$id="INSUFFICIENT_RESOURCES", $desc="Insufficient system resources exist to complete the API."],
+	[0xC000009B] = [$id="DFS_EXIT_PATH_FOUND", $desc="An attempt has been made to open a DFS exit path control file."],
+	[0xC000009C] = [$id="DEVICE_DATA_ERROR", $desc="There are bad blocks (sectors) on the hard disk."],
+	[0xC000009D] = [$id="DEVICE_NOT_CONNECTED", $desc="There is bad cabling, non-termination, or the controller is not able to obtain access to the hard disk."],
+	[0xC000009F] = [$id="FREE_VM_NOT_AT_BASE", $desc="Virtual memory cannot be freed because the base address is not the base of the region and a region size of zero was specified."],
+	[0xC00000A0] = [$id="MEMORY_NOT_ALLOCATED", $desc="An attempt was made to free virtual memory that is not allocated."],
+	[0xC00000A1] = [$id="WORKING_SET_QUOTA", $desc="The working set is not big enough to allow the requested pages to be locked."],
+	[0xC00000A2] = [$id="MEDIA_WRITE_PROTECTED", $desc="{Write Protect Error} The disk cannot be written to because it is write-protected. Remove the write protection from the volume %hs in drive %hs."],
+	[0xC00000A3] = [$id="DEVICE_NOT_READY", $desc="{Drive Not Ready} The drive is not ready for use; its door may be open. Check drive %hs and make sure that a disk is inserted and that the drive door is closed."],
+	[0xC00000A4] = [$id="INVALID_GROUP_ATTRIBUTES", $desc="The specified attributes are invalid or are incompatible with the attributes for the group as a whole."],
+	[0xC00000A5] = [$id="BAD_IMPERSONATION_LEVEL", $desc="A specified impersonation level is invalid. Also used to indicate that a required impersonation level was not provided."],
+	[0xC00000A6] = [$id="CANT_OPEN_ANONYMOUS", $desc="An attempt was made to open an anonymous-level token. Anonymous tokens may not be opened."],
+	[0xC00000A7] = [$id="BAD_VALIDATION_CLASS", $desc="The validation information class requested was invalid."],
+	[0xC00000A8] = [$id="BAD_TOKEN_TYPE", $desc="The type of a token object is inappropriate for its attempted use."],
+	[0xC00000A9] = [$id="BAD_MASTER_BOOT_RECORD", $desc="The type of a token object is inappropriate for its attempted use."],
+	[0xC00000AA] = [$id="INSTRUCTION_MISALIGNMENT", $desc="An attempt was made to execute an instruction at an unaligned address and the host system does not support unaligned instruction references."],
+	[0xC00000AB] = [$id="INSTANCE_NOT_AVAILABLE", $desc="The maximum named pipe instance count has been reached."],
+	[0xC00000AC] = [$id="PIPE_NOT_AVAILABLE", $desc="An instance of a named pipe cannot be found in the listening state."],
+	[0xC00000AD] = [$id="INVALID_PIPE_STATE", $desc="The named pipe is not in the connected or closing state."],
+	[0xC00000AE] = [$id="PIPE_BUSY", $desc="The specified pipe is set to complete operations and there are current I/O operations queued so that it cannot be changed to queue operations."],
+	[0xC00000AF] = [$id="ILLEGAL_FUNCTION", $desc="The specified handle is not open to the server end of the named pipe."],
+	[0xC00000B0] = [$id="PIPE_DISCONNECTED", $desc="The specified named pipe is in the disconnected state."],
+	[0xC00000B1] = [$id="PIPE_CLOSING", $desc="The specified named pipe is in the closing state."],
+	[0xC00000B2] = [$id="PIPE_CONNECTED", $desc="The specified named pipe is in the connected state."],
+	[0xC00000B3] = [$id="PIPE_LISTENING", $desc="The specified named pipe is in the listening state."],
+	[0xC00000B4] = [$id="INVALID_READ_MODE", $desc="The specified named pipe is not in message mode."],
+	[0xC00000B5] = [$id="IO_TIMEOUT", $desc="{Device Timeout} The specified I/O operation on %hs was not completed before the time-out period expired."],
+	[0xC00000B6] = [$id="FILE_FORCED_CLOSED", $desc="The specified file has been closed by another process."],
+	[0xC00000B7] = [$id="PROFILING_NOT_STARTED", $desc="Profiling is not started."],
+	[0xC00000B8] = [$id="PROFILING_NOT_STOPPED", $desc="Profiling is not stopped."],
+	[0xC00000B9] = [$id="COULD_NOT_INTERPRET", $desc="The passed ACL did not contain the minimum required information."],
+	[0xC00000BA] = [$id="FILE_IS_A_DIRECTORY", $desc="The file that was specified as a target is a directory, and the caller specified that it could be anything but a directory."],
+	[0xC00000BB] = [$id="NOT_SUPPORTED", $desc="The request is not supported."],
+	[0xC00000BC] = [$id="REMOTE_NOT_LISTENING", $desc="This remote computer is not listening."],
+	[0xC00000BD] = [$id="DUPLICATE_NAME", $desc="A duplicate name exists on the network."],
+	[0xC00000BE] = [$id="BAD_NETWORK_PATH", $desc="The network path cannot be located."],
+	[0xC00000BF] = [$id="NETWORK_BUSY", $desc="The network is busy."],
+	[0xC00000C0] = [$id="DEVICE_DOES_NOT_EXIST", $desc="This device does not exist."],
+	[0xC00000C1] = [$id="TOO_MANY_COMMANDS", $desc="The network BIOS command limit has been reached."],
+	[0xC00000C2] = [$id="ADAPTER_HARDWARE_ERROR", $desc="An I/O adapter hardware error has occurred."],
+	[0xC00000C3] = [$id="INVALID_NETWORK_RESPONSE", $desc="The network responded incorrectly."],
+	[0xC00000C4] = [$id="UNEXPECTED_NETWORK_ERROR", $desc="An unexpected network error occurred."],
+	[0xC00000C5] = [$id="BAD_REMOTE_ADAPTER", $desc="The remote adapter is not compatible."],
+	[0xC00000C6] = [$id="PRINT_QUEUE_FULL", $desc="The print queue is full."],
+	[0xC00000C7] = [$id="NO_SPOOL_SPACE", $desc="Space to store the file that is waiting to be printed is not available on the server."],
+	[0xC00000C8] = [$id="PRINT_CANCELLED", $desc="The requested print file has been canceled."],
+	[0xC00000C9] = [$id="NETWORK_NAME_DELETED", $desc="The network name was deleted."],
+	[0xC00000CA] = [$id="NETWORK_ACCESS_DENIED", $desc="Network access is denied."],
+	[0xC00000CB] = [$id="BAD_DEVICE_TYPE", $desc="{Incorrect Network Resource Type} The specified device type (LPT, for example) conflicts with the actual device type on the remote resource."],
+	[0xC00000CC] = [$id="BAD_NETWORK_NAME", $desc="{Network Name Not Found} The specified share name cannot be found on the remote server."],
+	[0xC00000CD] = [$id="TOO_MANY_NAMES", $desc="The name limit for the network adapter card of the local computer was exceeded."],
+	[0xC00000CE] = [$id="TOO_MANY_SESSIONS", $desc="The network BIOS session limit was exceeded."],
+	[0xC00000CF] = [$id="SHARING_PAUSED", $desc="File sharing has been temporarily paused."],
+	[0xC00000D0] = [$id="REQUEST_NOT_ACCEPTED", $desc="No more connections can be made to this remote computer at this time because the computer has already accepted the maximum number of connections."],
+	[0xC00000D1] = [$id="REDIRECTOR_PAUSED", $desc="Print or disk redirection is temporarily paused."],
+	[0xC00000D2] = [$id="NET_WRITE_FAULT", $desc="A network data fault occurred."],
+	[0xC00000D3] = [$id="PROFILING_AT_LIMIT", $desc="The number of active profiling objects is at the maximum and no more may be started."],
+	[0xC00000D4] = [$id="NOT_SAME_DEVICE", $desc="{Incorrect Volume} The destination file of a rename request is located on a different device than the source of the rename request."],
+	[0xC00000D5] = [$id="FILE_RENAMED", $desc="The specified file has been renamed and thus cannot be modified."],
+	[0xC00000D6] = [$id="VIRTUAL_CIRCUIT_CLOSED", $desc="{Network Request Timeout} The session with a remote server has been disconnected because the time-out interval for a request has expired."],
+	[0xC00000D7] = [$id="NO_SECURITY_ON_OBJECT", $desc="Indicates an attempt was made to operate on the security of an object that does not have security associated with it."],
+	[0xC00000D8] = [$id="CANT_WAIT", $desc="Used to indicate that an operation cannot continue without blocking for I/O."],
+	[0xC00000D9] = [$id="PIPE_EMPTY", $desc="Used to indicate that a read operation was done on an empty pipe."],
+	[0xC00000DA] = [$id="CANT_ACCESS_DOMAIN_INFO", $desc="Configuration information could not be read from the domain controller, either because the machine is unavailable or access has been denied."],
+	[0xC00000DB] = [$id="CANT_TERMINATE_SELF", $desc="Indicates that a thread attempted to terminate itself by default (called NtTerminateThread with NULL) and it was the last thread in the current process."],
+	[0xC00000DC] = [$id="INVALID_SERVER_STATE", $desc="Indicates the Sam Server was in the wrong state to perform the desired operation."],
+	[0xC00000DD] = [$id="INVALID_DOMAIN_STATE", $desc="Indicates the domain was in the wrong state to perform the desired operation."],
+	[0xC00000DE] = [$id="INVALID_DOMAIN_ROLE", $desc="This operation is only allowed for the primary domain controller of the domain."],
+	[0xC00000DF] = [$id="NO_SUCH_DOMAIN", $desc="The specified domain did not exist."],
+	[0xC00000E0] = [$id="DOMAIN_EXISTS", $desc="The specified domain already exists."],
+	[0xC00000E1] = [$id="DOMAIN_LIMIT_EXCEEDED", $desc="An attempt was made to exceed the limit on the number of domains per server for this release."],
+	[0xC00000E2] = [$id="OPLOCK_NOT_GRANTED", $desc="An error status returned when the opportunistic lock (oplock) request is denied."],
+	[0xC00000E3] = [$id="INVALID_OPLOCK_PROTOCOL", $desc="An error status returned when an invalid opportunistic lock (oplock) acknowledgment is received by a file system."],
+	[0xC00000E4] = [$id="INTERNAL_DB_CORRUPTION", $desc="This error indicates that the requested operation cannot be completed due to a catastrophic media failure or an on-disk data structure corruption."],
+	[0xC00000E5] = [$id="INTERNAL_ERROR", $desc="An internal error occurred."],
+	[0xC00000E6] = [$id="GENERIC_NOT_MAPPED", $desc="Indicates generic access types were contained in an access mask which should already be mapped to non-generic access types."],
+	[0xC00000E7] = [$id="BAD_DESCRIPTOR_FORMAT", $desc="Indicates a security descriptor is not in the necessary format (absolute or self-relative)."],
+	[0xC00000E8] = [$id="INVALID_USER_BUFFER", $desc="An access to a user buffer failed at an expected point in time. This code is defined because the caller does not want to accept STATUS_ACCESS_VIOLATION in its filter."],
+	[0xC00000E9] = [$id="UNEXPECTED_IO_ERROR", $desc="If an I/O error that is not defined in the standard FsRtl filter is returned, it is converted to the following error, which is guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."],
+	[0xC00000EA] = [$id="UNEXPECTED_MM_CREATE_ERR", $desc="If an MM error that is not defined in the standard FsRtl filter is returned, it is converted to one of the following errors, which are guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."],
+	[0xC00000EB] = [$id="UNEXPECTED_MM_MAP_ERROR", $desc="If an MM error that is not defined in the standard FsRtl filter is returned, it is converted to one of the following errors, which are guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."],
+	[0xC00000EC] = [$id="UNEXPECTED_MM_EXTEND_ERR", $desc="If an MM error that is not defined in the standard FsRtl filter is returned, it is converted to one of the following errors, which are guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."],
+	[0xC00000ED] = [$id="NOT_LOGON_PROCESS", $desc="The requested action is restricted for use by logon processes only. The calling process has not registered as a logon process."],
+	[0xC00000EE] = [$id="LOGON_SESSION_EXISTS", $desc="An attempt has been made to start a new session manager or LSA logon session by using an ID that is already in use."],
+	[0xC00000EF] = [$id="INVALID_PARAMETER_1", $desc="An invalid parameter was passed to a service or function as the first argument."],
+	[0xC00000F0] = [$id="INVALID_PARAMETER_2", $desc="An invalid parameter was passed to a service or function as the second argument."],
+	[0xC00000F1] = [$id="INVALID_PARAMETER_3", $desc="An invalid parameter was passed to a service or function as the third argument."],
+	[0xC00000F2] = [$id="INVALID_PARAMETER_4", $desc="An invalid parameter was passed to a service or function as the fourth argument."],
+	[0xC00000F3] = [$id="INVALID_PARAMETER_5", $desc="An invalid parameter was passed to a service or function as the fifth argument."],
+	[0xC00000F4] = [$id="INVALID_PARAMETER_6", $desc="An invalid parameter was passed to a service or function as the sixth argument."],
+	[0xC00000F5] = [$id="INVALID_PARAMETER_7", $desc="An invalid parameter was passed to a service or function as the seventh argument."],
+	[0xC00000F6] = [$id="INVALID_PARAMETER_8", $desc="An invalid parameter was passed to a service or function as the eighth argument."],
+	[0xC00000F7] = [$id="INVALID_PARAMETER_9", $desc="An invalid parameter was passed to a service or function as the ninth argument."],
+	[0xC00000F8] = [$id="INVALID_PARAMETER_10", $desc="An invalid parameter was passed to a service or function as the tenth argument."],
+	[0xC00000F9] = [$id="INVALID_PARAMETER_11", $desc="An invalid parameter was passed to a service or function as the eleventh argument."],
+	[0xC00000FA] = [$id="INVALID_PARAMETER_12", $desc="An invalid parameter was passed to a service or function as the twelfth argument."],
+	[0xC00000FB] = [$id="REDIRECTOR_NOT_STARTED", $desc="An attempt was made to access a network file, but the network software was not yet started."],
+	[0xC00000FC] = [$id="REDIRECTOR_STARTED", $desc="An attempt was made to start the redirector, but the redirector has already been started."],
+	[0xC00000FD] = [$id="STACK_OVERFLOW", $desc="A new guard page for the stack cannot be created."],
+	[0xC00000FE] = [$id="NO_SUCH_PACKAGE", $desc="A specified authentication package is unknown."],
+	[0xC00000FF] = [$id="BAD_FUNCTION_TABLE", $desc="A malformed function table was encountered during an unwind operation."],
+	[0xC0000100] = [$id="VARIABLE_NOT_FOUND", $desc="Indicates the specified environment variable name was not found in the specified environment block."],
+	[0xC0000101] = [$id="DIRECTORY_NOT_EMPTY", $desc="Indicates that the directory trying to be deleted is not empty."],
+	[0xC0000102] = [$id="FILE_CORRUPT_ERROR", $desc="{Corrupt File} The file or directory %hs is corrupt and unreadable. Run the Chkdsk utility."],
+	[0xC0000103] = [$id="NOT_A_DIRECTORY", $desc="A requested opened file is not a directory."],
+	[0xC0000104] = [$id="BAD_LOGON_SESSION_STATE", $desc="The logon session is not in a state that is consistent with the requested operation."],
+	[0xC0000105] = [$id="LOGON_SESSION_COLLISION", $desc="An internal LSA error has occurred. An authentication package has requested the creation of a logon session but the ID of an already existing logon session has been specified."],
+	[0xC0000106] = [$id="NAME_TOO_LONG", $desc="A specified name string is too long for its intended use."],
+	[0xC0000107] = [$id="FILES_OPEN", $desc="The user attempted to force close the files on a redirected drive, but there were opened files on the drive, and the user did not specify a sufficient level of force."],
+	[0xC0000108] = [$id="CONNECTION_IN_USE", $desc="The user attempted to force close the files on a redirected drive, but there were opened directories on the drive, and the user did not specify a sufficient level of force."],
+	[0xC0000109] = [$id="MESSAGE_NOT_FOUND", $desc="RtlFindMessage could not locate the requested message ID in the message table resource."],
+	[0xC000010A] = [$id="PROCESS_IS_TERMINATING", $desc="An attempt was made to duplicate an object handle into or out of an exiting process."],
+	[0xC000010B] = [$id="INVALID_LOGON_TYPE", $desc="Indicates an invalid value has been provided for the LogonType requested."],
+	[0xC000010C] = [$id="NO_GUID_TRANSLATION", $desc="Indicates that an attempt was made to assign protection to a file system file or directory and one of the SIDs in the security descriptor could not be translated into a GUID that could be stored by the file system. This causes the protection attempt to fail, which may cause a file creation attempt to fail."],
+	[0xC000010D] = [$id="CANNOT_IMPERSONATE", $desc="Indicates that an attempt has been made to impersonate via a named pipe that has not yet been read from."],
+	[0xC000010E] = [$id="IMAGE_ALREADY_LOADED", $desc="Indicates that the specified image is already loaded."],
+	[0xC0000117] = [$id="NO_LDT", $desc="Indicates that an attempt was made to change the size of the LDT for a process that has no LDT."],
+	[0xC0000118] = [$id="INVALID_LDT_SIZE", $desc="Indicates that an attempt was made to grow an LDT by setting its size, or that the size was not an even number of selectors."],
+	[0xC0000119] = [$id="INVALID_LDT_OFFSET", $desc="Indicates that the starting value for the LDT information was not an integral multiple of the selector size."],
+	[0xC000011A] = [$id="INVALID_LDT_DESCRIPTOR", $desc="Indicates that the user supplied an invalid descriptor when trying to set up LDT descriptors."],
+	[0xC000011B] = [$id="INVALID_IMAGE_NE_FORMAT", $desc="The specified image file did not have the correct format. It appears to be NE format."],
+	[0xC000011C] = [$id="RXACT_INVALID_STATE", $desc="Indicates that the transaction state of a registry subtree is incompatible with the requested operation. For example, a request has been made to start a new transaction with one already in progress, or a request has been made to apply a transaction when one is not currently in progress."],
+	[0xC000011D] = [$id="RXACT_COMMIT_FAILURE", $desc="Indicates an error has occurred during a registry transaction commit. The database has been left in an unknown, but probably inconsistent, state. The state of the registry transaction is left as COMMITTING."],
+	[0xC000011E] = [$id="MAPPED_FILE_SIZE_ZERO", $desc="An attempt was made to map a file of size zero with the maximum size specified as zero."],
+	[0xC000011F] = [$id="TOO_MANY_OPENED_FILES", $desc="Too many files are opened on a remote server. This error should only be returned by the Windows redirector on a remote drive."],
+	[0xC0000120] = [$id="CANCELLED", $desc="The I/O request was canceled."],
+	[0xC0000121] = [$id="CANNOT_DELETE", $desc="An attempt has been made to remove a file or directory that cannot be deleted."],
+	[0xC0000122] = [$id="INVALID_COMPUTER_NAME", $desc="Indicates a name that was specified as a remote computer name is syntactically invalid."],
+	[0xC0000123] = [$id="FILE_DELETED", $desc="An I/O request other than close was performed on a file after it was deleted, which can only happen to a request that did not complete before the last handle was closed via NtClose."],
+	[0xC0000124] = [$id="SPECIAL_ACCOUNT", $desc="Indicates an operation that is incompatible with built-in accounts has been attempted on a built-in (special) SAM account. For example, built-in accounts cannot be deleted."],
+	[0xC0000125] = [$id="SPECIAL_GROUP", $desc="The operation requested may not be performed on the specified group because it is a built-in special group."],
+	[0xC0000126] = [$id="SPECIAL_USER", $desc="The operation requested may not be performed on the specified user because it is a built-in special user."],
+	[0xC0000127] = [$id="MEMBERS_PRIMARY_GROUP", $desc="Indicates a member cannot be removed from a group because the group is currently the member's primary group."],
+	[0xC0000128] = [$id="FILE_CLOSED", $desc="An I/O request other than close and several other special case operations was attempted using a file object that had already been closed."],
+	[0xC0000129] = [$id="TOO_MANY_THREADS", $desc="Indicates a process has too many threads to perform the requested action. For example, assignment of a primary token may only be performed when a process has zero or one threads."],
+	[0xC000012A] = [$id="THREAD_NOT_IN_PROCESS", $desc="An attempt was made to operate on a thread within a specific process, but the specified thread is not in the specified process."],
+	[0xC000012B] = [$id="TOKEN_ALREADY_IN_USE", $desc="An attempt was made to establish a token for use as a primary token but the token is already in use. A token can only be the primary token of one process at a time."],
+	[0xC000012C] = [$id="PAGEFILE_QUOTA_EXCEEDED", $desc="The page file quota was exceeded."],
+	[0xC000012D] = [$id="COMMITMENT_LIMIT", $desc="{Out of Virtual Memory} Your system is low on virtual memory. To ensure that Windows runs correctly, increase the size of your virtual memory paging file. For more information, see Help."],
+	[0xC000012E] = [$id="INVALID_IMAGE_LE_FORMAT", $desc="The specified image file did not have the correct format: it appears to be LE format."],
+	[0xC000012F] = [$id="INVALID_IMAGE_NOT_MZ", $desc="The specified image file did not have the correct format: it did not have an initial MZ."],
+	[0xC0000130] = [$id="INVALID_IMAGE_PROTECT", $desc="The specified image file did not have the correct format: it did not have a proper e_lfarlc in the MZ header."],
+	[0xC0000131] = [$id="INVALID_IMAGE_WIN_16", $desc="The specified image file did not have the correct format: it appears to be a 16-bit Windows image."],
+	[0xC0000132] = [$id="LOGON_SERVER_CONFLICT", $desc="The Netlogon service cannot start because another Netlogon service running in the domain conflicts with the specified role."],
+	[0xC0000133] = [$id="TIME_DIFFERENCE_AT_DC", $desc="The time at the primary domain controller is different from the time at the backup domain controller or member server by too large an amount."],
+	[0xC0000134] = [$id="SYNCHRONIZATION_REQUIRED", $desc="The SAM database on a Windows Server is significantly out of synchronization with the copy on the domain controller. A complete synchronization is required."],
+	[0xC0000135] = [$id="DLL_NOT_FOUND", $desc="{Unable To Locate Component} This application has failed to start because %hs was not found. Reinstalling the application may fix this problem."],
+	[0xC0000136] = [$id="OPEN_FAILED", $desc="The NtCreateFile API failed. This error should never be returned to an application; it is a place holder for the Windows LAN Manager Redirector to use in its internal error-mapping routines."],
+	[0xC0000137] = [$id="IO_PRIVILEGE_FAILED", $desc="{Privilege Failed} The I/O permissions for the process could not be changed."],
+	[0xC0000138] = [$id="ORDINAL_NOT_FOUND", $desc="{Ordinal Not Found} The ordinal %ld could not be located in the dynamic link library %hs."],
+	[0xC0000139] = [$id="ENTRYPOINT_NOT_FOUND", $desc="{Entry Point Not Found} The procedure entry point %hs could not be located in the dynamic link library %hs."],
+	[0xC000013A] = [$id="CONTROL_C_EXIT", $desc="{Application Exit by CTRL+C} The application terminated as a result of a CTRL+C."],
+	[0xC000013B] = [$id="LOCAL_DISCONNECT", $desc="{Virtual Circuit Closed} The network transport on your computer has closed a network connection. There may or may not be I/O requests outstanding."],
+	[0xC000013C] = [$id="REMOTE_DISCONNECT", $desc="{Virtual Circuit Closed} The network transport on a remote computer has closed a network connection. There may or may not be I/O requests outstanding."],
+	[0xC000013D] = [$id="REMOTE_RESOURCES", $desc="{Insufficient Resources on Remote Computer} The remote computer has insufficient resources to complete the network request. For example, the remote computer may not have enough available memory to carry out the request at this time."],
+	[0xC000013E] = [$id="LINK_FAILED", $desc="{Virtual Circuit Closed} An existing connection (virtual circuit) has been broken at the remote computer. There is probably something wrong with the network software protocol or the network hardware on the remote computer."],
+	[0xC000013F] = [$id="LINK_TIMEOUT", $desc="{Virtual Circuit Closed} The network transport on your computer has closed a network connection because it had to wait too long for a response from the remote computer."],
+	[0xC0000140] = [$id="INVALID_CONNECTION", $desc="The connection handle that was given to the transport was invalid."],
+	[0xC0000141] = [$id="INVALID_ADDRESS", $desc="The address handle that was given to the transport was invalid."],
+	[0xC0000142] = [$id="DLL_INIT_FAILED", $desc="{DLL Initialization Failed} Initialization of the dynamic link library %hs failed. The process is terminating abnormally."],
+	[0xC0000143] = [$id="MISSING_SYSTEMFILE", $desc="{Missing System File} The required system file %hs is bad or missing."],
+	[0xC0000144] = [$id="UNHANDLED_EXCEPTION", $desc="{Application Error} The exception %s (0x%08lx) occurred in the application at location 0x%08lx."],
+	[0xC0000145] = [$id="APP_INIT_FAILURE", $desc="{Application Error} The application failed to initialize properly (0x%lx). Click OK to terminate the application."],
+	[0xC0000146] = [$id="PAGEFILE_CREATE_FAILED", $desc="{Unable to Create Paging File} The creation of the paging file %hs failed (%lx). The requested size was %ld."],
+	[0xC0000147] = [$id="NO_PAGEFILE", $desc="{No Paging File Specified} No paging file was specified in the system configuration."],
+	[0xC0000148] = [$id="INVALID_LEVEL", $desc="{Incorrect System Call Level} An invalid level was passed into the specified system call."],
+	[0xC0000149] = [$id="WRONG_PASSWORD_CORE", $desc="{Incorrect Password to LAN Manager Server} You specified an incorrect password to a LAN Manager 2.x or MS-NET server."],
+	[0xC000014A] = [$id="ILLEGAL_FLOAT_CONTEXT", $desc="{EXCEPTION} A real-mode application issued a floating-point instruction and floating-point hardware is not present."],
+	[0xC000014B] = [$id="PIPE_BROKEN", $desc="The pipe operation has failed because the other end of the pipe has been closed."],
+	[0xC000014C] = [$id="REGISTRY_CORRUPT", $desc="{The Registry Is Corrupt} The structure of one of the files that contains registry data is corrupt; the image of the file in memory is corrupt; or the file could not be recovered because the alternate copy or log was absent or corrupt."],
+	[0xC000014D] = [$id="REGISTRY_IO_FAILED", $desc="An I/O operation initiated by the Registry failed and cannot be recovered. The registry could not read in, write out, or flush one of the files that contain the system's image of the registry."],
+	[0xC000014E] = [$id="NO_EVENT_PAIR", $desc="An event pair synchronization operation was performed using the thread-specific client/server event pair object, but no event pair object was associated with the thread."],
+	[0xC000014F] = [$id="UNRECOGNIZED_VOLUME", $desc="The volume does not contain a recognized file system. Be sure that all required file system drivers are loaded and that the volume is not corrupt."],
+	[0xC0000150] = [$id="SERIAL_NO_DEVICE_INITED", $desc="No serial device was successfully initialized. The serial driver will unload."],
+	[0xC0000151] = [$id="NO_SUCH_ALIAS", $desc="The specified local group does not exist."],
+	[0xC0000152] = [$id="MEMBER_NOT_IN_ALIAS", $desc="The specified account name is not a member of the group."],
+	[0xC0000153] = [$id="MEMBER_IN_ALIAS", $desc="The specified account name is already a member of the group."],
+	[0xC0000154] = [$id="ALIAS_EXISTS", $desc="The specified local group already exists."],
+	[0xC0000155] = [$id="LOGON_NOT_GRANTED", $desc="A requested type of logon (for example, interactive, network, and service) is not granted by the local security policy of the target system. Ask the system administrator to grant the necessary form of logon."],
+	[0xC0000156] = [$id="TOO_MANY_SECRETS", $desc="The maximum number of secrets that may be stored in a single system was exceeded. The length and number of secrets is limited to satisfy U.S. State Department export restrictions."],
+	[0xC0000157] = [$id="SECRET_TOO_LONG", $desc="The length of a secret exceeds the maximum allowable length. The length and number of secrets is limited to satisfy U.S. State Department export restrictions."],
+	[0xC0000158] = [$id="INTERNAL_DB_ERROR", $desc="The local security authority (LSA) database contains an internal inconsistency."],
+	[0xC0000159] = [$id="FULLSCREEN_MODE", $desc="The requested operation cannot be performed in full-screen mode."],
+	[0xC000015A] = [$id="TOO_MANY_CONTEXT_IDS", $desc="During a logon attempt, the user's security context accumulated too many security IDs. This is a very unusual situation. Remove the user from some global or local groups to reduce the number of security IDs to incorporate into the security context."],
+	[0xC000015B] = [$id="LOGON_TYPE_NOT_GRANTED", $desc="A user has requested a type of logon (for example, interactive or network) that has not been granted. An administrator has control over who may logon interactively and through the network."],
+	[0xC000015C] = [$id="NOT_REGISTRY_FILE", $desc="The system has attempted to load or restore a file into the registry, and the specified file is not in the format of a registry file."],
+	[0xC000015D] = [$id="NT_CROSS_ENCRYPTION_REQUIRED", $desc="An attempt was made to change a user password in the security account manager without providing the necessary Windows cross-encrypted password."],
+	[0xC000015E] = [$id="DOMAIN_CTRLR_CONFIG_ERROR", $desc="A Windows Server has an incorrect configuration."],
+	[0xC000015F] = [$id="FT_MISSING_MEMBER", $desc="An attempt was made to explicitly access the secondary copy of information via a device control to the fault tolerance driver and the secondary copy is not present in the system."],
+	[0xC0000160] = [$id="ILL_FORMED_SERVICE_ENTRY", $desc="A configuration registry node that represents a driver service entry was ill-formed and did not contain the required value entries."],
+	[0xC0000161] = [$id="ILLEGAL_CHARACTER", $desc="An illegal character was encountered. For a multibyte character set, this includes a lead byte without a succeeding trail byte. For the Unicode character set this includes the characters 0xFFFF and 0xFFFE."],
+	[0xC0000162] = [$id="UNMAPPABLE_CHARACTER", $desc="No mapping for the Unicode character exists in the target multibyte code page."],
+	[0xC0000163] = [$id="UNDEFINED_CHARACTER", $desc="The Unicode character is not defined in the Unicode character set that is installed on the system."],
+	[0xC0000164] = [$id="FLOPPY_VOLUME", $desc="The paging file cannot be created on a floppy disk."],
+	[0xC0000165] = [$id="FLOPPY_ID_MARK_NOT_FOUND", $desc="{Floppy Disk Error} While accessing a floppy disk, an ID address mark was not found."],
+	[0xC0000166] = [$id="FLOPPY_WRONG_CYLINDER", $desc="{Floppy Disk Error} While accessing a floppy disk, the track address from the sector ID field was found to be different from the track address that is maintained by the controller."],
+	[0xC0000167] = [$id="FLOPPY_UNKNOWN_ERROR", $desc="{Floppy Disk Error} The floppy disk controller reported an error that is not recognized by the floppy disk driver."],
+	[0xC0000168] = [$id="FLOPPY_BAD_REGISTERS", $desc="{Floppy Disk Error} While accessing a floppy-disk, the controller returned inconsistent results via its registers."],
+	[0xC0000169] = [$id="DISK_RECALIBRATE_FAILED", $desc="{Hard Disk Error} While accessing the hard disk, a recalibrate operation failed, even after retries."],
+	[0xC000016A] = [$id="DISK_OPERATION_FAILED", $desc="{Hard Disk Error} While accessing the hard disk, a disk operation failed even after retries."],
+	[0xC000016B] = [$id="DISK_RESET_FAILED", $desc="{Hard Disk Error} While accessing the hard disk, a disk controller reset was needed, but even that failed."],
+	[0xC000016C] = [$id="SHARED_IRQ_BUSY", $desc="An attempt was made to open a device that was sharing an interrupt request (IRQ) with other devices. At least one other device that uses that IRQ was already opened. Two concurrent opens of devices that share an IRQ and only work via interrupts is not supported for the particular bus type that the devices use."],
+	[0xC000016D] = [$id="FT_ORPHANING", $desc="{FT Orphaning} A disk that is part of a fault-tolerant volume can no longer be accessed."],
+	[0xC000016E] = [$id="BIOS_FAILED_TO_CONNECT_INTERRUPT", $desc="The basic input/output system (BIOS) failed to connect a system interrupt to the device or bus for which the device is connected."],
+	[0xC0000172] = [$id="PARTITION_FAILURE", $desc="The tape could not be partitioned."],
+	[0xC0000173] = [$id="INVALID_BLOCK_LENGTH", $desc="When accessing a new tape of a multi-volume partition, the current blocksize is incorrect."],
+	[0xC0000174] = [$id="DEVICE_NOT_PARTITIONED", $desc="The tape partition information could not be found when loading a tape."],
+	[0xC0000175] = [$id="UNABLE_TO_LOCK_MEDIA", $desc="An attempt to lock the eject media mechanism failed."],
+	[0xC0000176] = [$id="UNABLE_TO_UNLOAD_MEDIA", $desc="An attempt to unload media failed."],
+	[0xC0000177] = [$id="EOM_OVERFLOW", $desc="The physical end of tape was detected."],
+	[0xC0000178] = [$id="NO_MEDIA", $desc="{No Media} There is no media in the drive. Insert media into drive %hs."],
+	[0xC000017A] = [$id="NO_SUCH_MEMBER", $desc="A member could not be added to or removed from the local group because the member does not exist."],
+	[0xC000017B] = [$id="INVALID_MEMBER", $desc="A new member could not be added to a local group because the member has the wrong account type."],
+	[0xC000017C] = [$id="KEY_DELETED", $desc="An illegal operation was attempted on a registry key that has been marked for deletion."],
+	[0xC000017D] = [$id="NO_LOG_SPACE", $desc="The system could not allocate the required space in a registry log."],
+	[0xC000017E] = [$id="TOO_MANY_SIDS", $desc="Too many SIDs have been specified."],
+	[0xC000017F] = [$id="LM_CROSS_ENCRYPTION_REQUIRED", $desc="An attempt was made to change a user password in the security account manager without providing the necessary LM cross-encrypted password."],
+	[0xC0000180] = [$id="KEY_HAS_CHILDREN", $desc="An attempt was made to create a symbolic link in a registry key that already has subkeys or values."],
+	[0xC0000181] = [$id="CHILD_MUST_BE_VOLATILE", $desc="An attempt was made to create a stable subkey under a volatile parent key."],
+	[0xC0000182] = [$id="DEVICE_CONFIGURATION_ERROR", $desc="The I/O device is configured incorrectly or the configuration parameters to the driver are incorrect."],
+	[0xC0000183] = [$id="DRIVER_INTERNAL_ERROR", $desc="An error was detected between two drivers or within an I/O driver."],
+	[0xC0000184] = [$id="INVALID_DEVICE_STATE", $desc="The device is not in a valid state to perform this request."],
+	[0xC0000185] = [$id="IO_DEVICE_ERROR", $desc="The I/O device reported an I/O error."],
+	[0xC0000186] = [$id="DEVICE_PROTOCOL_ERROR", $desc="A protocol error was detected between the driver and the device."],
+	[0xC0000187] = [$id="BACKUP_CONTROLLER", $desc="This operation is only allowed for the primary domain controller of the domain."],
+	[0xC0000188] = [$id="LOG_FILE_FULL", $desc="The log file space is insufficient to support this operation."],
+	[0xC0000189] = [$id="TOO_LATE", $desc="A write operation was attempted to a volume after it was dismounted."],
+	[0xC000018A] = [$id="NO_TRUST_LSA_SECRET", $desc="The workstation does not have a trust secret for the primary domain in the local LSA database."],
+	[0xC000018B] = [$id="NO_TRUST_SAM_ACCOUNT", $desc="The SAM database on the Windows Server does not have a computer account for this workstation trust relationship."],
+	[0xC000018C] = [$id="TRUSTED_DOMAIN_FAILURE", $desc="The logon request failed because the trust relationship between the primary domain and the trusted domain failed."],
+	[0xC000018D] = [$id="TRUSTED_RELATIONSHIP_FAILURE", $desc="The logon request failed because the trust relationship between this workstation and the primary domain failed."],
+	[0xC000018E] = [$id="EVENTLOG_FILE_CORRUPT", $desc="The Eventlog log file is corrupt."],
+	[0xC000018F] = [$id="EVENTLOG_CANT_START", $desc="No Eventlog log file could be opened. The Eventlog service did not start."],
+	[0xC0000190] = [$id="TRUST_FAILURE", $desc="The network logon failed. This may be because the validation authority cannot be reached."],
+	[0xC0000191] = [$id="MUTANT_LIMIT_EXCEEDED", $desc="An attempt was made to acquire a mutant such that its maximum count would have been exceeded."],
+	[0xC0000192] = [$id="NETLOGON_NOT_STARTED", $desc="An attempt was made to logon, but the NetLogon service was not started."],
+	[0xC0000193] = [$id="ACCOUNT_EXPIRED", $desc="The user account has expired."],
+	[0xC0000194] = [$id="POSSIBLE_DEADLOCK", $desc="{EXCEPTION} Possible deadlock condition."],
+	[0xC0000195] = [$id="NETWORK_CREDENTIAL_CONFLICT", $desc="Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again."],
+	[0xC0000196] = [$id="REMOTE_SESSION_LIMIT", $desc="An attempt was made to establish a session to a network server, but there are already too many sessions established to that server."],
+	[0xC0000197] = [$id="EVENTLOG_FILE_CHANGED", $desc="The log file has changed between reads."],
+	[0xC0000198] = [$id="NOLOGON_INTERDOMAIN_TRUST_ACCOUNT", $desc="The account used is an interdomain trust account. Use your global user account or local user account to access this server."],
+	[0xC0000199] = [$id="NOLOGON_WORKSTATION_TRUST_ACCOUNT", $desc="The account used is a computer account. Use your global user account or local user account to access this server."],
+	[0xC000019A] = [$id="NOLOGON_SERVER_TRUST_ACCOUNT", $desc="The account used is a server trust account. Use your global user account or local user account to access this server."],
+	[0xC000019B] = [$id="DOMAIN_TRUST_INCONSISTENT", $desc="The name or SID of the specified domain is inconsistent with the trust information for that domain."],
+	[0xC000019C] = [$id="FS_DRIVER_REQUIRED", $desc="A volume has been accessed for which a file system driver is required that has not yet been loaded."],
+	[0xC000019D] = [$id="IMAGE_ALREADY_LOADED_AS_DLL", $desc="Indicates that the specified image is already loaded as a DLL."],
+	[0xC000019E] = [$id="INCOMPATIBLE_WITH_GLOBAL_SHORT_NAME_REGISTRY_SETTING", $desc="Short name settings may not be changed on this volume due to the global registry setting."],
+	[0xC000019F] = [$id="SHORT_NAMES_NOT_ENABLED_ON_VOLUME", $desc="Short names are not enabled on this volume."],
+	[0xC00001A0] = [$id="SECURITY_STREAM_IS_INCONSISTENT", $desc="The security stream for the given volume is in an inconsistent state. Please run CHKDSK on the volume."],
+	[0xC00001A1] = [$id="INVALID_LOCK_RANGE", $desc="A requested file lock operation cannot be processed due to an invalid byte range."],
+	[0xC00001A2] = [$id="INVALID_ACE_CONDITION", $desc="The specified access control entry (ACE) contains an invalid condition."],
+	[0xC00001A3] = [$id="IMAGE_SUBSYSTEM_NOT_PRESENT", $desc="The subsystem needed to support the image type is not present."],
+	[0xC00001A4] = [$id="NOTIFICATION_GUID_ALREADY_DEFINED", $desc="The specified file already has a notification GUID associated with it."],
+	[0xC0000201] = [$id="NETWORK_OPEN_RESTRICTION", $desc="A remote open failed because the network open restrictions were not satisfied."],
+	[0xC0000202] = [$id="NO_USER_SESSION_KEY", $desc="There is no user session key for the specified logon session."],
+	[0xC0000203] = [$id="USER_SESSION_DELETED", $desc="The remote user session has been deleted."],
+	[0xC0000204] = [$id="RESOURCE_LANG_NOT_FOUND", $desc="Indicates the specified resource language ID cannot be found in the image file."],
+	[0xC0000205] = [$id="INSUFF_SERVER_RESOURCES", $desc="Insufficient server resources exist to complete the request."],
+	[0xC0000206] = [$id="INVALID_BUFFER_SIZE", $desc="The size of the buffer is invalid for the specified operation."],
+	[0xC0000207] = [$id="INVALID_ADDRESS_COMPONENT", $desc="The transport rejected the specified network address as invalid."],
+	[0xC0000208] = [$id="INVALID_ADDRESS_WILDCARD", $desc="The transport rejected the specified network address due to invalid use of a wildcard."],
+	[0xC0000209] = [$id="TOO_MANY_ADDRESSES", $desc="The transport address could not be opened because all the available addresses are in use."],
+	[0xC000020A] = [$id="ADDRESS_ALREADY_EXISTS", $desc="The transport address could not be opened because it already exists."],
+	[0xC000020B] = [$id="ADDRESS_CLOSED", $desc="The transport address is now closed."],
+	[0xC000020C] = [$id="CONNECTION_DISCONNECTED", $desc="The transport connection is now disconnected."],
+	[0xC000020D] = [$id="CONNECTION_RESET", $desc="The transport connection has been reset."],
+	[0xC000020E] = [$id="TOO_MANY_NODES", $desc="The transport cannot dynamically acquire any more nodes."],
+	[0xC000020F] = [$id="TRANSACTION_ABORTED", $desc="The transport aborted a pending transaction."],
+	[0xC0000210] = [$id="TRANSACTION_TIMED_OUT", $desc="The transport timed out a request that is waiting for a response."],
+	[0xC0000211] = [$id="TRANSACTION_NO_RELEASE", $desc="The transport did not receive a release for a pending response."],
+	[0xC0000212] = [$id="TRANSACTION_NO_MATCH", $desc="The transport did not find a transaction that matches the specific token."],
+	[0xC0000213] = [$id="TRANSACTION_RESPONDED", $desc="The transport had previously responded to a transaction request."],
+	[0xC0000214] = [$id="TRANSACTION_INVALID_ID", $desc="The transport does not recognize the specified transaction request ID."],
+	[0xC0000215] = [$id="TRANSACTION_INVALID_TYPE", $desc="The transport does not recognize the specified transaction request type."],
+	[0xC0000216] = [$id="NOT_SERVER_SESSION", $desc="The transport can only process the specified request on the server side of a session."],
+	[0xC0000217] = [$id="NOT_CLIENT_SESSION", $desc="The transport can only process the specified request on the client side of a session."],
+	[0xC0000218] = [$id="CANNOT_LOAD_REGISTRY_FILE", $desc="{Registry File Failure} The registry cannot load the hive (file): %hs or its log or alternate. It is corrupt, absent, or not writable."],
+	[0xC0000219] = [$id="DEBUG_ATTACH_FAILED", $desc="{Unexpected Failure in DebugActiveProcess} An unexpected failure occurred while processing a DebugActiveProcess API request. You may choose OK to terminate the process, or Cancel to ignore the error."],
+	[0xC000021A] = [$id="SYSTEM_PROCESS_TERMINATED", $desc="{Fatal System Error} The %hs system process terminated unexpectedly with a status of 0x%08x (0x%08x 0x%08x). The system has been shut down."],
+	[0xC000021B] = [$id="DATA_NOT_ACCEPTED", $desc="{Data Not Accepted} The TDI client could not handle the data received during an indication."],
+	[0xC000021C] = [$id="NO_BROWSER_SERVERS_FOUND", $desc="{Unable to Retrieve Browser Server List} The list of servers for this workgroup is not currently available."],
+	[0xC000021D] = [$id="VDM_HARD_ERROR", $desc="NTVDM encountered a hard error."],
+	[0xC000021E] = [$id="DRIVER_CANCEL_TIMEOUT", $desc="{Cancel Timeout} The driver %hs failed to complete a canceled I/O request in the allotted time."],
+	[0xC000021F] = [$id="REPLY_MESSAGE_MISMATCH", $desc="{Reply Message Mismatch} An attempt was made to reply to an LPC message, but the thread specified by the client ID in the message was not waiting on that message."],
+	[0xC0000220] = [$id="MAPPED_ALIGNMENT", $desc="{Mapped View Alignment Incorrect} An attempt was made to map a view of a file, but either the specified base address or the offset into the file were not aligned on the proper allocation granularity."],
+	[0xC0000221] = [$id="IMAGE_CHECKSUM_MISMATCH", $desc="{Bad Image Checksum} The image %hs is possibly corrupt. The header checksum does not match the computed checksum."],
+	[0xC0000222] = [$id="LOST_WRITEBEHIND_DATA", $desc="{Delayed Write Failed} Windows was unable to save all the data for the file %hs. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Try to save this file elsewhere."],
+	[0xC0000223] = [$id="CLIENT_SERVER_PARAMETERS_INVALID", $desc="The parameters passed to the server in the client/server shared memory window were invalid. Too much data may have been put in the shared memory window."],
+	[0xC0000224] = [$id="PASSWORD_MUST_CHANGE", $desc="The user password must be changed before logging on the first time."],
+	[0xC0000225] = [$id="NOT_FOUND", $desc="The object was not found."],
+	[0xC0000226] = [$id="NOT_TINY_STREAM", $desc="The stream is not a tiny stream."],
+	[0xC0000227] = [$id="RECOVERY_FAILURE", $desc="A transaction recovery failed."],
+	[0xC0000228] = [$id="STACK_OVERFLOW_READ", $desc="The request must be handled by the stack overflow code."],
+	[0xC0000229] = [$id="FAIL_CHECK", $desc="A consistency check failed."],
+	[0xC000022A] = [$id="DUPLICATE_OBJECTID", $desc="The attempt to insert the ID in the index failed because the ID is already in the index."],
+	[0xC000022B] = [$id="OBJECTID_EXISTS", $desc="The attempt to set the object ID failed because the object already has an ID."],
+	[0xC000022C] = [$id="CONVERT_TO_LARGE", $desc="Internal OFS status codes indicating how an allocation operation is handled. Either it is retried after the containing oNode is moved or the extent stream is converted to a large stream."],
+	[0xC000022D] = [$id="RETRY", $desc="The request needs to be retried."],
+	[0xC000022E] = [$id="FOUND_OUT_OF_SCOPE", $desc="The attempt to find the object found an object on the volume that matches by ID; however, it is out of the scope of the handle that is used for the operation."],
+	[0xC000022F] = [$id="ALLOCATE_BUCKET", $desc="The bucket array must be grown. Retry the transaction after doing so."],
+	[0xC0000230] = [$id="PROPSET_NOT_FOUND", $desc="The specified property set does not exist on the object."],
+	[0xC0000231] = [$id="MARSHALL_OVERFLOW", $desc="The user/kernel marshaling buffer has overflowed."],
+	[0xC0000232] = [$id="INVALID_VARIANT", $desc="The supplied variant structure contains invalid data."],
+	[0xC0000233] = [$id="DOMAIN_CONTROLLER_NOT_FOUND", $desc="A domain controller for this domain was not found."],
+	[0xC0000234] = [$id="ACCOUNT_LOCKED_OUT", $desc="The user account has been automatically locked because too many invalid logon attempts or password change attempts have been requested."],
+	[0xC0000235] = [$id="HANDLE_NOT_CLOSABLE", $desc="NtClose was called on a handle that was protected from close via NtSetInformationObject."],
+	[0xC0000236] = [$id="CONNECTION_REFUSED", $desc="The transport-connection attempt was refused by the remote system."],
+	[0xC0000237] = [$id="GRACEFUL_DISCONNECT", $desc="The transport connection was gracefully closed."],
+	[0xC0000238] = [$id="ADDRESS_ALREADY_ASSOCIATED", $desc="The transport endpoint already has an address associated with it."],
+	[0xC0000239] = [$id="ADDRESS_NOT_ASSOCIATED", $desc="An address has not yet been associated with the transport endpoint."],
+	[0xC000023A] = [$id="CONNECTION_INVALID", $desc="An operation was attempted on a nonexistent transport connection."],
+	[0xC000023B] = [$id="CONNECTION_ACTIVE", $desc="An invalid operation was attempted on an active transport connection."],
+	[0xC000023C] = [$id="NETWORK_UNREACHABLE", $desc="The remote network is not reachable by the transport."],
+	[0xC000023D] = [$id="HOST_UNREACHABLE", $desc="The remote system is not reachable by the transport."],
+	[0xC000023E] = [$id="PROTOCOL_UNREACHABLE", $desc="The remote system does not support the transport protocol."],
+	[0xC000023F] = [$id="PORT_UNREACHABLE", $desc="No service is operating at the destination port of the transport on the remote system."],
+	[0xC0000240] = [$id="REQUEST_ABORTED", $desc="The request was aborted."],
+	[0xC0000241] = [$id="CONNECTION_ABORTED", $desc="The transport connection was aborted by the local system."],
+	[0xC0000242] = [$id="BAD_COMPRESSION_BUFFER", $desc="The specified buffer contains ill-formed data."],
+	[0xC0000243] = [$id="USER_MAPPED_FILE", $desc="The requested operation cannot be performed on a file with a user mapped section open."],
+	[0xC0000244] = [$id="AUDIT_FAILED", $desc="{Audit Failed} An attempt to generate a security audit failed."],
+	[0xC0000245] = [$id="TIMER_RESOLUTION_NOT_SET", $desc="The timer resolution was not previously set by the current process."],
+	[0xC0000246] = [$id="CONNECTION_COUNT_LIMIT", $desc="A connection to the server could not be made because the limit on the number of concurrent connections for this account has been reached."],
+	[0xC0000247] = [$id="LOGIN_TIME_RESTRICTION", $desc="Attempting to log on during an unauthorized time of day for this account."],
+	[0xC0000248] = [$id="LOGIN_WKSTA_RESTRICTION", $desc="The account is not authorized to log on from this station."],
+	[0xC0000249] = [$id="IMAGE_MP_UP_MISMATCH", $desc="{UP/MP Image Mismatch} The image %hs has been modified for use on a uniprocessor system, but you are running it on a multiprocessor machine. Reinstall the image file."],
+	[0xC0000250] = [$id="INSUFFICIENT_LOGON_INFO", $desc="There is insufficient account information to log you on."],
+	[0xC0000251] = [$id="BAD_DLL_ENTRYPOINT", $desc="{Invalid DLL Entrypoint} The dynamic link library %hs is not written correctly. The stack pointer has been left in an inconsistent state. The entry point should be declared as WINAPI or STDCALL. Select YES to fail the DLL load. Select NO to continue execution. Selecting NO may cause the application to operate incorrectly."],
+	[0xC0000252] = [$id="BAD_SERVICE_ENTRYPOINT", $desc="{Invalid Service Callback Entrypoint} The %hs service is not written correctly. The stack pointer has been left in an inconsistent state. The callback entry point should be declared as WINAPI or STDCALL. Selecting OK will cause the service to continue operation. However, the service process may operate incorrectly."],
+	[0xC0000253] = [$id="LPC_REPLY_LOST", $desc="The server received the messages but did not send a reply."],
+	[0xC0000254] = [$id="IP_ADDRESS_CONFLICT1", $desc="There is an IP address conflict with another system on the network."],
+	[0xC0000255] = [$id="IP_ADDRESS_CONFLICT2", $desc="There is an IP address conflict with another system on the network."],
+	[0xC0000256] = [$id="REGISTRY_QUOTA_LIMIT", $desc="{Low On Registry Space} The system has reached the maximum size that is allowed for the system part of the registry. Additional storage requests will be ignored."],
+	[0xC0000257] = [$id="PATH_NOT_COVERED", $desc="The contacted server does not support the indicated part of the DFS namespace."],
+	[0xC0000258] = [$id="NO_CALLBACK_ACTIVE", $desc="A callback return system service cannot be executed when no callback is active."],
+	[0xC0000259] = [$id="LICENSE_QUOTA_EXCEEDED", $desc="The service being accessed is licensed for a particular number of connections. No more connections can be made to the service at this time because the service has already accepted the maximum number of connections."],
+	[0xC000025A] = [$id="PWD_TOO_SHORT", $desc="The password provided is too short to meet the policy of your user account. Choose a longer password."],
+	[0xC000025B] = [$id="PWD_TOO_RECENT", $desc="The policy of your user account does not allow you to change passwords too frequently. This is done to prevent users from changing back to a familiar, but potentially discovered, password. If you feel your password has been compromised, contact your administrator immediately to have a new one assigned."],
+	[0xC000025C] = [$id="PWD_HISTORY_CONFLICT", $desc="You have attempted to change your password to one that you have used in the past. The policy of your user account does not allow this. Select a password that you have not previously used."],
+	[0xC000025E] = [$id="PLUGPLAY_NO_DEVICE", $desc="You have attempted to load a legacy device driver while its device instance had been disabled."],
+	[0xC000025F] = [$id="UNSUPPORTED_COMPRESSION", $desc="The specified compression format is unsupported."],
+	[0xC0000260] = [$id="INVALID_HW_PROFILE", $desc="The specified hardware profile configuration is invalid."],
+	[0xC0000261] = [$id="INVALID_PLUGPLAY_DEVICE_PATH", $desc="The specified Plug and Play registry device path is invalid."],
+	[0xC0000262] = [$id="DRIVER_ORDINAL_NOT_FOUND", $desc="{Driver Entry Point Not Found} The %hs device driver could not locate the ordinal %ld in driver %hs."],
+	[0xC0000263] = [$id="DRIVER_ENTRYPOINT_NOT_FOUND", $desc="{Driver Entry Point Not Found} The %hs device driver could not locate the entry point %hs in driver %hs."],
+	[0xC0000264] = [$id="RESOURCE_NOT_OWNED", $desc="{Application Error} The application attempted to release a resource it did not own. Click OK to terminate the application."],
+	[0xC0000265] = [$id="TOO_MANY_LINKS", $desc="An attempt was made to create more links on a file than the file system supports."],
+	[0xC0000266] = [$id="QUOTA_LIST_INCONSISTENT", $desc="The specified quota list is internally inconsistent with its descriptor."],
+	[0xC0000267] = [$id="FILE_IS_OFFLINE", $desc="The specified file has been relocated to offline storage."],
+	[0xC0000268] = [$id="EVALUATION_EXPIRATION", $desc="{Windows Evaluation Notification} The evaluation period for this installation of Windows has expired. This system will shutdown in 1 hour. To restore access to this installation of Windows, upgrade this installation by using a licensed distribution of this product."],
+	[0xC0000269] = [$id="ILLEGAL_DLL_RELOCATION", $desc="{Illegal System DLL Relocation} The system DLL %hs was relocated in memory. The application will not run properly. The relocation occurred because the DLL %hs occupied an address range that is reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL."],
+	[0xC000026A] = [$id="LICENSE_VIOLATION", $desc="{License Violation} The system has detected tampering with your registered product type. This is a violation of your software license. Tampering with the product type is not permitted."],
+	[0xC000026B] = [$id="DLL_INIT_FAILED_LOGOFF", $desc="{DLL Initialization Failed} The application failed to initialize because the window station is shutting down."],
+	[0xC000026C] = [$id="DRIVER_UNABLE_TO_LOAD", $desc="{Unable to Load Device Driver} %hs device driver could not be loaded. Error Status was 0x%x."],
+	[0xC000026D] = [$id="DFS_UNAVAILABLE", $desc="DFS is unavailable on the contacted server."],
+	[0xC000026E] = [$id="VOLUME_DISMOUNTED", $desc="An operation was attempted to a volume after it was dismounted."],
+	[0xC000026F] = [$id="WX86_INTERNAL_ERROR", $desc="An internal error occurred in the Win32 x86 emulation subsystem."],
+	[0xC0000270] = [$id="WX86_FLOAT_STACK_CHECK", $desc="Win32 x86 emulation subsystem floating-point stack check."],
+	[0xC0000271] = [$id="VALIDATE_CONTINUE", $desc="The validation process needs to continue on to the next step."],
+	[0xC0000272] = [$id="NO_MATCH", $desc="There was no match for the specified key in the index."],
+	[0xC0000273] = [$id="NO_MORE_MATCHES", $desc="There are no more matches for the current index enumeration."],
+	[0xC0000275] = [$id="NOT_A_REPARSE_POINT", $desc="The NTFS file or directory is not a reparse point."],
+	[0xC0000276] = [$id="IO_REPARSE_TAG_INVALID", $desc="The Windows I/O reparse tag passed for the NTFS reparse point is invalid."],
+	[0xC0000277] = [$id="IO_REPARSE_TAG_MISMATCH", $desc="The Windows I/O reparse tag does not match the one that is in the NTFS reparse point."],
+	[0xC0000278] = [$id="IO_REPARSE_DATA_INVALID", $desc="The user data passed for the NTFS reparse point is invalid."],
+	[0xC0000279] = [$id="IO_REPARSE_TAG_NOT_HANDLED", $desc="The layered file system driver for this I/O tag did not handle it when needed."],
+	[0xC0000280] = [$id="REPARSE_POINT_NOT_RESOLVED", $desc="The NTFS symbolic link could not be resolved even though the initial file name is valid."],
+	[0xC0000281] = [$id="DIRECTORY_IS_A_REPARSE_POINT", $desc="The NTFS directory is a reparse point."],
+	[0xC0000282] = [$id="RANGE_LIST_CONFLICT", $desc="The range could not be added to the range list because of a conflict."],
+	[0xC0000283] = [$id="SOURCE_ELEMENT_EMPTY", $desc="The specified medium changer source element contains no media."],
+	[0xC0000284] = [$id="DESTINATION_ELEMENT_FULL", $desc="The specified medium changer destination element already contains media."],
+	[0xC0000285] = [$id="ILLEGAL_ELEMENT_ADDRESS", $desc="The specified medium changer element does not exist."],
+	[0xC0000286] = [$id="MAGAZINE_NOT_PRESENT", $desc="The specified element is contained in a magazine that is no longer present."],
+	[0xC0000287] = [$id="REINITIALIZATION_NEEDED", $desc="The device requires re-initialization due to hardware errors."],
+	[0xC000028A] = [$id="ENCRYPTION_FAILED", $desc="The file encryption attempt failed."],
+	[0xC000028B] = [$id="DECRYPTION_FAILED", $desc="The file decryption attempt failed."],
+	[0xC000028C] = [$id="RANGE_NOT_FOUND", $desc="The specified range could not be found in the range list."],
+	[0xC000028D] = [$id="NO_RECOVERY_POLICY", $desc="There is no encryption recovery policy configured for this system."],
+	[0xC000028E] = [$id="NO_EFS", $desc="The required encryption driver is not loaded for this system."],
+	[0xC000028F] = [$id="WRONG_EFS", $desc="The file was encrypted with a different encryption driver than is currently loaded."],
+	[0xC0000290] = [$id="NO_USER_KEYS", $desc="There are no EFS keys defined for the user."],
+	[0xC0000291] = [$id="FILE_NOT_ENCRYPTED", $desc="The specified file is not encrypted."],
+	[0xC0000292] = [$id="NOT_EXPORT_FORMAT", $desc="The specified file is not in the defined EFS export format."],
+	[0xC0000293] = [$id="FILE_ENCRYPTED", $desc="The specified file is encrypted and the user does not have the ability to decrypt it."],
+	[0xC0000295] = [$id="WMI_GUID_NOT_FOUND", $desc="The GUID passed was not recognized as valid by a WMI data provider."],
+	[0xC0000296] = [$id="WMI_INSTANCE_NOT_FOUND", $desc="The instance name passed was not recognized as valid by a WMI data provider."],
+	[0xC0000297] = [$id="WMI_ITEMID_NOT_FOUND", $desc="The data item ID passed was not recognized as valid by a WMI data provider."],
+	[0xC0000298] = [$id="WMI_TRY_AGAIN", $desc="The WMI request could not be completed and should be retried."],
+	[0xC0000299] = [$id="SHARED_POLICY", $desc="The policy object is shared and can only be modified at the root."],
+	[0xC000029A] = [$id="POLICY_OBJECT_NOT_FOUND", $desc="The policy object does not exist when it should."],
+	[0xC000029B] = [$id="POLICY_ONLY_IN_DS", $desc="The requested policy information only lives in the Ds."],
+	[0xC000029C] = [$id="VOLUME_NOT_UPGRADED", $desc="The volume must be upgraded to enable this feature."],
+	[0xC000029D] = [$id="REMOTE_STORAGE_NOT_ACTIVE", $desc="The remote storage service is not operational at this time."],
+	[0xC000029E] = [$id="REMOTE_STORAGE_MEDIA_ERROR", $desc="The remote storage service encountered a media error."],
+	[0xC000029F] = [$id="NO_TRACKING_SERVICE", $desc="The tracking (workstation) service is not running."],
+	[0xC00002A0] = [$id="SERVER_SID_MISMATCH", $desc="The server process is running under a SID that is different from the SID that is required by client."],
+	[0xC00002A1] = [$id="DS_NO_ATTRIBUTE_OR_VALUE", $desc="The specified directory service attribute or value does not exist."],
+	[0xC00002A2] = [$id="DS_INVALID_ATTRIBUTE_SYNTAX", $desc="The attribute syntax specified to the directory service is invalid."],
+	[0xC00002A3] = [$id="DS_ATTRIBUTE_TYPE_UNDEFINED", $desc="The attribute type specified to the directory service is not defined."],
+	[0xC00002A4] = [$id="DS_ATTRIBUTE_OR_VALUE_EXISTS", $desc="The specified directory service attribute or value already exists."],
+	[0xC00002A5] = [$id="DS_BUSY", $desc="The directory service is busy."],
+	[0xC00002A6] = [$id="DS_UNAVAILABLE", $desc="The directory service is unavailable."],
+	[0xC00002A7] = [$id="DS_NO_RIDS_ALLOCATED", $desc="The directory service was unable to allocate a relative identifier."],
+	[0xC00002A8] = [$id="DS_NO_MORE_RIDS", $desc="The directory service has exhausted the pool of relative identifiers."],
+	[0xC00002A9] = [$id="DS_INCORRECT_ROLE_OWNER", $desc="The requested operation could not be performed because the directory service is not the master for that type of operation."],
+	[0xC00002AA] = [$id="DS_RIDMGR_INIT_ERROR", $desc="The directory service was unable to initialize the subsystem that allocates relative identifiers."],
+	[0xC00002AB] = [$id="DS_OBJ_CLASS_VIOLATION", $desc="The requested operation did not satisfy one or more constraints that are associated with the class of the object."],
+	[0xC00002AC] = [$id="DS_CANT_ON_NON_LEAF", $desc="The directory service can perform the requested operation only on a leaf object."],
+	[0xC00002AD] = [$id="DS_CANT_ON_RDN", $desc="The directory service cannot perform the requested operation on the Relatively Defined Name (RDN) attribute of an object."],
+	[0xC00002AE] = [$id="DS_CANT_MOD_OBJ_CLASS", $desc="The directory service detected an attempt to modify the object class of an object."],
+	[0xC00002AF] = [$id="DS_CROSS_DOM_MOVE_FAILED", $desc="An error occurred while performing a cross domain move operation."],
+	[0xC00002B0] = [$id="DS_GC_NOT_AVAILABLE", $desc="Unable to contact the global catalog server."],
+	[0xC00002B1] = [$id="DIRECTORY_SERVICE_REQUIRED", $desc="The requested operation requires a directory service, and none was available."],
+	[0xC00002B2] = [$id="REPARSE_ATTRIBUTE_CONFLICT", $desc="The reparse attribute cannot be set because it is incompatible with an existing attribute."],
+	[0xC00002B3] = [$id="CANT_ENABLE_DENY_ONLY", $desc="A group marked \"use for deny only\" cannot be enabled."],
+	[0xC00002B4] = [$id="FLOAT_MULTIPLE_FAULTS", $desc="{EXCEPTION} Multiple floating-point faults."],
+	[0xC00002B5] = [$id="FLOAT_MULTIPLE_TRAPS", $desc="{EXCEPTION} Multiple floating-point traps."],
+	[0xC00002B6] = [$id="DEVICE_REMOVED", $desc="The device has been removed."],
+	[0xC00002B7] = [$id="JOURNAL_DELETE_IN_PROGRESS", $desc="The volume change journal is being deleted."],
+	[0xC00002B8] = [$id="JOURNAL_NOT_ACTIVE", $desc="The volume change journal is not active."],
+	[0xC00002B9] = [$id="NOINTERFACE", $desc="The requested interface is not supported."],
+	[0xC00002C1] = [$id="DS_ADMIN_LIMIT_EXCEEDED", $desc="A directory service resource limit has been exceeded."],
+	[0xC00002C2] = [$id="DRIVER_FAILED_SLEEP", $desc="{System Standby Failed} The driver %hs does not support standby mode. Updating this driver may allow the system to go to standby mode."],
+	[0xC00002C3] = [$id="MUTUAL_AUTHENTICATION_FAILED", $desc="Mutual Authentication failed. The server password is out of date at the domain controller."],
+	[0xC00002C4] = [$id="CORRUPT_SYSTEM_FILE", $desc="The system file %1 has become corrupt and has been replaced."],
+	[0xC00002C5] = [$id="DATATYPE_MISALIGNMENT_ERROR", $desc="{EXCEPTION} Alignment Error A data type misalignment error was detected in a load or store instruction."],
+	[0xC00002C6] = [$id="WMI_READ_ONLY", $desc="The WMI data item or data block is read-only."],
+	[0xC00002C7] = [$id="WMI_SET_FAILURE", $desc="The WMI data item or data block could not be changed."],
+	[0xC00002C8] = [$id="COMMITMENT_MINIMUM", $desc="{Virtual Memory Minimum Too Low} Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file. During this process, memory requests for some applications may be denied. For more information, see Help."],
+	[0xC00002C9] = [$id="REG_NAT_CONSUMPTION", $desc="{EXCEPTION} Register NaT consumption faults. A NaT value is consumed on a non-speculative instruction."],
+	[0xC00002CA] = [$id="TRANSPORT_FULL", $desc="The transport element of the medium changer contains media, which is causing the operation to fail."],
+	[0xC00002CB] = [$id="DS_SAM_INIT_FAILURE", $desc="Security Accounts Manager initialization failed because of the following error: %hs Error Status: 0x%x. Click OK to shut down this system and restart in Directory Services Restore Mode. Check the event log for more detailed information."],
+	[0xC00002CC] = [$id="ONLY_IF_CONNECTED", $desc="This operation is supported only when you are connected to the server."],
+	[0xC00002CD] = [$id="DS_SENSITIVE_GROUP_VIOLATION", $desc="Only an administrator can modify the membership list of an administrative group."],
+	[0xC00002CE] = [$id="PNP_RESTART_ENUMERATION", $desc="A device was removed so enumeration must be restarted."],
+	[0xC00002CF] = [$id="JOURNAL_ENTRY_DELETED", $desc="The journal entry has been deleted from the journal."],
+	[0xC00002D0] = [$id="DS_CANT_MOD_PRIMARYGROUPID", $desc="Cannot change the primary group ID of a domain controller account."],
+	[0xC00002D1] = [$id="SYSTEM_IMAGE_BAD_SIGNATURE", $desc="{Fatal System Error} The system image %s is not properly signed. The file has been replaced with the signed file. The system has been shut down."],
+	[0xC00002D2] = [$id="PNP_REBOOT_REQUIRED", $desc="The device will not start without a reboot."],
+	[0xC00002D3] = [$id="POWER_STATE_INVALID", $desc="The power state of the current device cannot support this request."],
+	[0xC00002D4] = [$id="DS_INVALID_GROUP_TYPE", $desc="The specified group type is invalid."],
+	[0xC00002D5] = [$id="DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN", $desc="In a mixed domain, no nesting of a global group if the group is security enabled."],
+	[0xC00002D6] = [$id="DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN", $desc="In a mixed domain, cannot nest local groups with other local groups, if the group is security enabled."],
+	[0xC00002D7] = [$id="DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER", $desc="A global group cannot have a local group as a member."],
+	[0xC00002D8] = [$id="DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER", $desc="A global group cannot have a universal group as a member."],
+	[0xC00002D9] = [$id="DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER", $desc="A universal group cannot have a local group as a member."],
+	[0xC00002DA] = [$id="DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER", $desc="A global group cannot have a cross-domain member."],
+	[0xC00002DB] = [$id="DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER", $desc="A local group cannot have another cross-domain local group as a member."],
+	[0xC00002DC] = [$id="DS_HAVE_PRIMARY_MEMBERS", $desc="Cannot change to a security-disabled group because primary members are in this group."],
+	[0xC00002DD] = [$id="WMI_NOT_SUPPORTED", $desc="The WMI operation is not supported by the data block or method."],
+	[0xC00002DE] = [$id="INSUFFICIENT_POWER", $desc="There is not enough power to complete the requested operation."],
+	[0xC00002DF] = [$id="SAM_NEED_BOOTKEY_PASSWORD", $desc="The Security Accounts Manager needs to get the boot password."],
+	[0xC00002E0] = [$id="SAM_NEED_BOOTKEY_FLOPPY", $desc="The Security Accounts Manager needs to get the boot key from the floppy disk."],
+	[0xC00002E1] = [$id="DS_CANT_START", $desc="The directory service cannot start."],
+	[0xC00002E2] = [$id="DS_INIT_FAILURE", $desc="The directory service could not start because of the following error: %hs Error Status: 0x%x. Click OK to shut down this system and restart in Directory Services Restore Mode. Check the event log for more detailed information."],
+	[0xC00002E3] = [$id="SAM_INIT_FAILURE", $desc="The Security Accounts Manager initialization failed because of the following error: %hs Error Status: 0x%x. Click OK to shut down this system and restart in Safe Mode. Check the event log for more detailed information."],
+	[0xC00002E4] = [$id="DS_GC_REQUIRED", $desc="The requested operation can be performed only on a global catalog server."],
+	[0xC00002E5] = [$id="DS_LOCAL_MEMBER_OF_LOCAL_ONLY", $desc="A local group can only be a member of other local groups in the same domain."],
+	[0xC00002E6] = [$id="DS_NO_FPO_IN_UNIVERSAL_GROUPS", $desc="Foreign security principals cannot be members of universal groups."],
+	[0xC00002E7] = [$id="DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED", $desc="Your computer could not be joined to the domain. You have exceeded the maximum number of computer accounts you are allowed to create in this domain. Contact your system administrator to have this limit reset or increased."],
+	[0xC00002E9] = [$id="CURRENT_DOMAIN_NOT_ALLOWED", $desc="This operation cannot be performed on the current domain."],
+	[0xC00002EA] = [$id="CANNOT_MAKE", $desc="The directory or file cannot be created."],
+	[0xC00002EB] = [$id="SYSTEM_SHUTDOWN", $desc="The system is in the process of shutting down."],
+	[0xC00002EC] = [$id="DS_INIT_FAILURE_CONSOLE", $desc="Directory Services could not start because of the following error: %hs Error Status: 0x%x. Click OK to shut down the system. You can use the recovery console to diagnose the system further."],
+	[0xC00002ED] = [$id="DS_SAM_INIT_FAILURE_CONSOLE", $desc="Security Accounts Manager initialization failed because of the following error: %hs Error Status: 0x%x. Click OK to shut down the system. You can use the recovery console to diagnose the system further."],
+	[0xC00002EE] = [$id="UNFINISHED_CONTEXT_DELETED", $desc="A security context was deleted before the context was completed. This is considered a logon failure."],
+	[0xC00002EF] = [$id="NO_TGT_REPLY", $desc="The client is trying to negotiate a context and the server requires user-to-user but did not send a TGT reply."],
+	[0xC00002F0] = [$id="OBJECTID_NOT_FOUND", $desc="An object ID was not found in the file."],
+	[0xC00002F1] = [$id="NO_IP_ADDRESSES", $desc="Unable to accomplish the requested task because the local machine does not have any IP addresses."],
+	[0xC00002F2] = [$id="WRONG_CREDENTIAL_HANDLE", $desc="The supplied credential handle does not match the credential that is associated with the security context."],
+	[0xC00002F3] = [$id="CRYPTO_SYSTEM_INVALID", $desc="The crypto system or checksum function is invalid because a required function is unavailable."],
+	[0xC00002F4] = [$id="MAX_REFERRALS_EXCEEDED", $desc="The number of maximum ticket referrals has been exceeded."],
+	[0xC00002F5] = [$id="MUST_BE_KDC", $desc="The local machine must be a Kerberos KDC (domain controller) and it is not."],
+	[0xC00002F6] = [$id="STRONG_CRYPTO_NOT_SUPPORTED", $desc="The other end of the security negotiation requires strong crypto but it is not supported on the local machine."],
+	[0xC00002F7] = [$id="TOO_MANY_PRINCIPALS", $desc="The KDC reply contained more than one principal name."],
+	[0xC00002F8] = [$id="NO_PA_DATA", $desc="Expected to find PA data for a hint of what etype to use, but it was not found."],
+	[0xC00002F9] = [$id="PKINIT_NAME_MISMATCH", $desc="The client certificate does not contain a valid UPN, or does not match the client name in the logon request. Contact your administrator."],
+	[0xC00002FA] = [$id="SMARTCARD_LOGON_REQUIRED", $desc="Smart card logon is required and was not used."],
+	[0xC00002FB] = [$id="KDC_INVALID_REQUEST", $desc="An invalid request was sent to the KDC."],
+	[0xC00002FC] = [$id="KDC_UNABLE_TO_REFER", $desc="The KDC was unable to generate a referral for the service requested."],
+	[0xC00002FD] = [$id="KDC_UNKNOWN_ETYPE", $desc="The encryption type requested is not supported by the KDC."],
+	[0xC00002FE] = [$id="SHUTDOWN_IN_PROGRESS", $desc="A system shutdown is in progress."],
+	[0xC00002FF] = [$id="SERVER_SHUTDOWN_IN_PROGRESS", $desc="The server machine is shutting down."],
+	[0xC0000300] = [$id="NOT_SUPPORTED_ON_SBS", $desc="This operation is not supported on a computer running Windows Server 2003 for Small Business Server."],
+	[0xC0000301] = [$id="WMI_GUID_DISCONNECTED", $desc="The WMI GUID is no longer available."],
+	[0xC0000302] = [$id="WMI_ALREADY_DISABLED", $desc="Collection or events for the WMI GUID is already disabled."],
+	[0xC0000303] = [$id="WMI_ALREADY_ENABLED", $desc="Collection or events for the WMI GUID is already enabled."],
+	[0xC0000304] = [$id="MFT_TOO_FRAGMENTED", $desc="The master file table on the volume is too fragmented to complete this operation."],
+	[0xC0000305] = [$id="COPY_PROTECTION_FAILURE", $desc="Copy protection failure."],
+	[0xC0000306] = [$id="CSS_AUTHENTICATION_FAILURE", $desc="Copy protection error—DVD CSS Authentication failed."],
+	[0xC0000307] = [$id="CSS_KEY_NOT_PRESENT", $desc="Copy protection error—The specified sector does not contain a valid key."],
+	[0xC0000308] = [$id="CSS_KEY_NOT_ESTABLISHED", $desc="Copy protection error—DVD session key not established."],
+	[0xC0000309] = [$id="CSS_SCRAMBLED_SECTOR", $desc="Copy protection error—The read failed because the sector is encrypted."],
+	[0xC000030A] = [$id="CSS_REGION_MISMATCH", $desc="Copy protection error—The region of the specified DVD does not correspond to the region setting of the drive."],
+	[0xC000030B] = [$id="CSS_RESETS_EXHAUSTED", $desc="Copy protection error—The region setting of the drive may be permanent."],
+	[0xC0000320] = [$id="PKINIT_FAILURE", $desc="The Kerberos protocol encountered an error while validating the KDC certificate during smart card logon. There is more information in the system event log."],
+	[0xC0000321] = [$id="SMARTCARD_SUBSYSTEM_FAILURE", $desc="The Kerberos protocol encountered an error while attempting to use the smart card subsystem."],
+	[0xC0000322] = [$id="NO_KERB_KEY", $desc="The target server does not have acceptable Kerberos credentials."],
+	[0xC0000350] = [$id="HOST_DOWN", $desc="The transport determined that the remote system is down."],
+	[0xC0000351] = [$id="UNSUPPORTED_PREAUTH", $desc="An unsupported pre-authentication mechanism was presented to the Kerberos package."],
+	[0xC0000352] = [$id="EFS_ALG_BLOB_TOO_BIG", $desc="The encryption algorithm that is used on the source file needs a bigger key buffer than the one that is used on the destination file."],
+	[0xC0000353] = [$id="PORT_NOT_SET", $desc="An attempt to remove a processes DebugPort was made, but a port was not already associated with the process."],
+	[0xC0000354] = [$id="DEBUGGER_INACTIVE", $desc="An attempt to do an operation on a debug port failed because the port is in the process of being deleted."],
+	[0xC0000355] = [$id="DS_VERSION_CHECK_FAILURE", $desc="This version of Windows is not compatible with the behavior version of the directory forest, domain, or domain controller."],
+	[0xC0000356] = [$id="AUDITING_DISABLED", $desc="The specified event is currently not being audited."],
+	[0xC0000357] = [$id="PRENT4_MACHINE_ACCOUNT", $desc="The machine account was created prior to Windows NT 4.0. The account needs to be recreated."],
+	[0xC0000358] = [$id="DS_AG_CANT_HAVE_UNIVERSAL_MEMBER", $desc="An account group cannot have a universal group as a member."],
+	[0xC0000359] = [$id="INVALID_IMAGE_WIN_32", $desc="The specified image file did not have the correct format; it appears to be a 32-bit Windows image."],
+	[0xC000035A] = [$id="INVALID_IMAGE_WIN_64", $desc="The specified image file did not have the correct format; it appears to be a 64-bit Windows image."],
+	[0xC000035B] = [$id="BAD_BINDINGS", $desc="The client's supplied SSPI channel bindings were incorrect."],
+	[0xC000035C] = [$id="NETWORK_SESSION_EXPIRED", $desc="The client session has expired; so the client must re-authenticate to continue accessing the remote resources."],
+	[0xC000035D] = [$id="APPHELP_BLOCK", $desc="The AppHelp dialog box canceled; thus preventing the application from starting."],
+	[0xC000035E] = [$id="ALL_SIDS_FILTERED", $desc="The SID filtering operation removed all SIDs."],
+	[0xC000035F] = [$id="NOT_SAFE_MODE_DRIVER", $desc="The driver was not loaded because the system is starting in safe mode."],
+	[0xC0000361] = [$id="ACCESS_DISABLED_BY_POLICY_DEFAULT", $desc="Access to %1 has been restricted by your Administrator by the default software restriction policy level."],
+	[0xC0000362] = [$id="ACCESS_DISABLED_BY_POLICY_PATH", $desc="Access to %1 has been restricted by your Administrator by location with policy rule %2 placed on path %3."],
+	[0xC0000363] = [$id="ACCESS_DISABLED_BY_POLICY_PUBLISHER", $desc="Access to %1 has been restricted by your Administrator by software publisher policy."],
+	[0xC0000364] = [$id="ACCESS_DISABLED_BY_POLICY_OTHER", $desc="Access to %1 has been restricted by your Administrator by policy rule %2."],
+	[0xC0000365] = [$id="FAILED_DRIVER_ENTRY", $desc="The driver was not loaded because it failed its initialization call."],
+	[0xC0000366] = [$id="DEVICE_ENUMERATION_ERROR", $desc="The device encountered an error while applying power or reading the device configuration. This may be caused by a failure of your hardware or by a poor connection."],
+	[0xC0000368] = [$id="MOUNT_POINT_NOT_RESOLVED", $desc="The create operation failed because the name contained at least one mount point that resolves to a volume to which the specified device object is not attached."],
+	[0xC0000369] = [$id="INVALID_DEVICE_OBJECT_PARAMETER", $desc="The device object parameter is either not a valid device object or is not attached to the volume that is specified by the file name."],
+	[0xC000036A] = [$id="MCA_OCCURED", $desc="A machine check error has occurred. Check the system event log for additional information."],
+	[0xC000036B] = [$id="DRIVER_BLOCKED_CRITICAL", $desc="Driver %2 has been blocked from loading."],
+	[0xC000036C] = [$id="DRIVER_BLOCKED", $desc="Driver %2 has been blocked from loading."],
+	[0xC000036D] = [$id="DRIVER_DATABASE_ERROR", $desc="There was error [%2] processing the driver database."],
+	[0xC000036E] = [$id="SYSTEM_HIVE_TOO_LARGE", $desc="System hive size has exceeded its limit."],
+	[0xC000036F] = [$id="INVALID_IMPORT_OF_NON_DLL", $desc="A dynamic link library (DLL) referenced a module that was neither a DLL nor the process's executable image."],
+	[0xC0000371] = [$id="NO_SECRETS", $desc="The local account store does not contain secret material for the specified account."],
+	[0xC0000372] = [$id="ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY", $desc="Access to %1 has been restricted by your Administrator by policy rule %2."],
+	[0xC0000373] = [$id="FAILED_STACK_SWITCH", $desc="The system was not able to allocate enough memory to perform a stack switch."],
+	[0xC0000374] = [$id="HEAP_CORRUPTION", $desc="A heap has been corrupted."],
+	[0xC0000380] = [$id="SMARTCARD_WRONG_PIN", $desc="An incorrect PIN was presented to the smart card."],
+	[0xC0000381] = [$id="SMARTCARD_CARD_BLOCKED", $desc="The smart card is blocked."],
+	[0xC0000382] = [$id="SMARTCARD_CARD_NOT_AUTHENTICATED", $desc="No PIN was presented to the smart card."],
+	[0xC0000383] = [$id="SMARTCARD_NO_CARD", $desc="No smart card is available."],
+	[0xC0000384] = [$id="SMARTCARD_NO_KEY_CONTAINER", $desc="The requested key container does not exist on the smart card."],
+	[0xC0000385] = [$id="SMARTCARD_NO_CERTIFICATE", $desc="The requested certificate does not exist on the smart card."],
+	[0xC0000386] = [$id="SMARTCARD_NO_KEYSET", $desc="The requested keyset does not exist."],
+	[0xC0000387] = [$id="SMARTCARD_IO_ERROR", $desc="A communication error with the smart card has been detected."],
+	[0xC0000388] = [$id="DOWNGRADE_DETECTED", $desc="The system detected a possible attempt to compromise security. Ensure that you can contact the server that authenticated you."],
+	[0xC0000389] = [$id="SMARTCARD_CERT_REVOKED", $desc="The smart card certificate used for authentication has been revoked. Contact your system administrator. There may be additional information in the event log."],
+	[0xC000038A] = [$id="ISSUING_CA_UNTRUSTED", $desc="An untrusted certificate authority was detected while processing the smart card certificate that is used for authentication. Contact your system administrator."],
+	[0xC000038B] = [$id="REVOCATION_OFFLINE_C", $desc="The revocation status of the smart card certificate that is used for authentication could not be determined. Contact your system administrator."],
+	[0xC000038C] = [$id="PKINIT_CLIENT_FAILURE", $desc="The smart card certificate used for authentication was not trusted. Contact your system administrator."],
+	[0xC000038D] = [$id="SMARTCARD_CERT_EXPIRED", $desc="The smart card certificate used for authentication has expired. Contact your system administrator."],
+	[0xC000038E] = [$id="DRIVER_FAILED_PRIOR_UNLOAD", $desc="The driver could not be loaded because a previous version of the driver is still in memory."],
+	[0xC000038F] = [$id="SMARTCARD_SILENT_CONTEXT", $desc="The smart card provider could not perform the action because the context was acquired as silent."],
+	[0xC0000401] = [$id="PER_USER_TRUST_QUOTA_EXCEEDED", $desc="The delegated trust creation quota of the current user has been exceeded."],
+	[0xC0000402] = [$id="ALL_USER_TRUST_QUOTA_EXCEEDED", $desc="The total delegated trust creation quota has been exceeded."],
+	[0xC0000403] = [$id="USER_DELETE_TRUST_QUOTA_EXCEEDED", $desc="The delegated trust deletion quota of the current user has been exceeded."],
+	[0xC0000404] = [$id="DS_NAME_NOT_UNIQUE", $desc="The requested name already exists as a unique identifier."],
+	[0xC0000405] = [$id="DS_DUPLICATE_ID_FOUND", $desc="The requested object has a non-unique identifier and cannot be retrieved."],
+	[0xC0000406] = [$id="DS_GROUP_CONVERSION_ERROR", $desc="The group cannot be converted due to attribute restrictions on the requested group type."],
+	[0xC0000407] = [$id="VOLSNAP_PREPARE_HIBERNATE", $desc="{Volume Shadow Copy Service} Wait while the Volume Shadow Copy Service prepares volume %hs for hibernation."],
+	[0xC0000408] = [$id="USER2USER_REQUIRED", $desc="Kerberos sub-protocol User2User is required."],
+	[0xC0000409] = [$id="STACK_BUFFER_OVERRUN", $desc="The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application."],
+	[0xC000040A] = [$id="NO_S4U_PROT_SUPPORT", $desc="The Kerberos subsystem encountered an error. A service for user protocol request was made against a domain controller which does not support service for user."],
+	[0xC000040B] = [$id="CROSSREALM_DELEGATION_FAILURE", $desc="An attempt was made by this server to make a Kerberos constrained delegation request for a target that is outside the server realm. This action is not supported and the resulting error indicates a misconfiguration on the allowed-to-delegate-to list for this server. Contact your administrator."],
+	[0xC000040C] = [$id="REVOCATION_OFFLINE_KDC", $desc="The revocation status of the domain controller certificate used for smart card authentication could not be determined. There is additional information in the system event log. Contact your system administrator."],
+	[0xC000040D] = [$id="ISSUING_CA_UNTRUSTED_KDC", $desc="An untrusted certificate authority was detected while processing the domain controller certificate used for authentication. There is additional information in the system event log. Contact your system administrator."],
+	[0xC000040E] = [$id="KDC_CERT_EXPIRED", $desc="The domain controller certificate used for smart card logon has expired. Contact your system administrator with the contents of your system event log."],
+	[0xC000040F] = [$id="KDC_CERT_REVOKED", $desc="The domain controller certificate used for smart card logon has been revoked. Contact your system administrator with the contents of your system event log."],
+	[0xC0000410] = [$id="PARAMETER_QUOTA_EXCEEDED", $desc="Data present in one of the parameters is more than the function can operate on."],
+	[0xC0000411] = [$id="HIBERNATION_FAILURE", $desc="The system has failed to hibernate (The error code is %hs). Hibernation will be disabled until the system is restarted."],
+	[0xC0000412] = [$id="DELAY_LOAD_FAILED", $desc="An attempt to delay-load a .dll or get a function address in a delay-loaded .dll failed."],
+	[0xC0000413] = [$id="AUTHENTICATION_FIREWALL_FAILED", $desc="Logon Failure: The machine you are logging onto is protected by an authentication firewall. The specified account is not allowed to authenticate to the machine."],
+	[0xC0000414] = [$id="VDM_DISALLOWED", $desc="%hs is a 16-bit application. You do not have permissions to execute 16-bit applications. Check your permissions with your system administrator."],
+	[0xC0000415] = [$id="HUNG_DISPLAY_DRIVER_THREAD", $desc="{Display Driver Stopped Responding} The %hs display driver has stopped working normally. Save your work and reboot the system to restore full display functionality. The next time you reboot the machine a dialog will be displayed giving you a chance to report this failure to Microsoft."],
+	[0xC0000416] = [$id="INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE", $desc="The Desktop heap encountered an error while allocating session memory. There is more information in the system event log."],
+	[0xC0000417] = [$id="INVALID_CRUNTIME_PARAMETER", $desc="An invalid parameter was passed to a C runtime function."],
+	[0xC0000418] = [$id="NTLM_BLOCKED", $desc="The authentication failed because NTLM was blocked."],
+	[0xC0000419] = [$id="DS_SRC_SID_EXISTS_IN_FOREST", $desc="The source object's SID already exists in destination forest."],
+	[0xC000041A] = [$id="DS_DOMAIN_NAME_EXISTS_IN_FOREST", $desc="The domain name of the trusted domain already exists in the forest."],
+	[0xC000041B] = [$id="DS_FLAT_NAME_EXISTS_IN_FOREST", $desc="The flat name of the trusted domain already exists in the forest."],
+	[0xC000041C] = [$id="INVALID_USER_PRINCIPAL_NAME", $desc="The User Principal Name (UPN) is invalid."],
+	[0xC0000420] = [$id="ASSERTION_FAILURE", $desc="There has been an assertion failure."],
+	[0xC0000421] = [$id="VERIFIER_STOP", $desc="Application verifier has found an error in the current process."],
+	[0xC0000423] = [$id="CALLBACK_POP_STACK", $desc="A user mode unwind is in progress."],
+	[0xC0000424] = [$id="INCOMPATIBLE_DRIVER_BLOCKED", $desc="%2 has been blocked from loading due to incompatibility with this system. Contact your software vendor for a compatible version of the driver."],
+	[0xC0000425] = [$id="HIVE_UNLOADED", $desc="Illegal operation attempted on a registry key which has already been unloaded."],
+	[0xC0000426] = [$id="COMPRESSION_DISABLED", $desc="Compression is disabled for this volume."],
+	[0xC0000427] = [$id="FILE_SYSTEM_LIMITATION", $desc="The requested operation could not be completed due to a file system limitation."],
+	[0xC0000428] = [$id="INVALID_IMAGE_HASH", $desc="The hash for image %hs cannot be found in the system catalogs. The image is likely corrupt or the victim of tampering."],
+	[0xC0000429] = [$id="NOT_CAPABLE", $desc="The implementation is not capable of performing the request."],
+	[0xC000042A] = [$id="REQUEST_OUT_OF_SEQUENCE", $desc="The requested operation is out of order with respect to other operations."],
+	[0xC000042B] = [$id="IMPLEMENTATION_LIMIT", $desc="An operation attempted to exceed an implementation-defined limit."],
+	[0xC000042C] = [$id="ELEVATION_REQUIRED", $desc="The requested operation requires elevation."],
+	[0xC000042D] = [$id="NO_SECURITY_CONTEXT", $desc="The required security context does not exist."],
+	[0xC000042E] = [$id="PKU2U_CERT_FAILURE", $desc="The PKU2U protocol encountered an error while attempting to utilize the associated certificates."],
+	[0xC0000432] = [$id="BEYOND_VDL", $desc="The operation was attempted beyond the valid data length of the file."],
+	[0xC0000433] = [$id="ENCOUNTERED_WRITE_IN_PROGRESS", $desc="The attempted write operation encountered a write already in progress for some portion of the range."],
+	[0xC0000434] = [$id="PTE_CHANGED", $desc="The page fault mappings changed in the middle of processing a fault so the operation must be retried."],
+	[0xC0000435] = [$id="PURGE_FAILED", $desc="The attempt to purge this file from memory failed to purge some or all the data from memory."],
+	[0xC0000440] = [$id="CRED_REQUIRES_CONFIRMATION", $desc="The requested credential requires confirmation."],
+	[0xC0000441] = [$id="CS_ENCRYPTION_INVALID_SERVER_RESPONSE", $desc="The remote server sent an invalid response for a file being opened with Client Side Encryption."],
+	[0xC0000442] = [$id="CS_ENCRYPTION_UNSUPPORTED_SERVER", $desc="Client Side Encryption is not supported by the remote server even though it claims to support it."],
+	[0xC0000443] = [$id="CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE", $desc="File is encrypted and should be opened in Client Side Encryption mode."],
+	[0xC0000444] = [$id="CS_ENCRYPTION_NEW_ENCRYPTED_FILE", $desc="A new encrypted file is being created and a $EFS needs to be provided."],
+	[0xC0000445] = [$id="CS_ENCRYPTION_FILE_NOT_CSE", $desc="The SMB client requested a CSE FSCTL on a non-CSE file."],
+	[0xC0000446] = [$id="INVALID_LABEL", $desc="Indicates a particular Security ID may not be assigned as the label of an object."],
+	[0xC0000450] = [$id="DRIVER_PROCESS_TERMINATED", $desc="The process hosting the driver for this device has terminated."],
+	[0xC0000451] = [$id="AMBIGUOUS_SYSTEM_DEVICE", $desc="The requested system device cannot be identified due to multiple indistinguishable devices potentially matching the identification criteria."],
+	[0xC0000452] = [$id="SYSTEM_DEVICE_NOT_FOUND", $desc="The requested system device cannot be found."],
+	[0xC0000453] = [$id="RESTART_BOOT_APPLICATION", $desc="This boot application must be restarted."],
+	[0xC0000454] = [$id="INSUFFICIENT_NVRAM_RESOURCES", $desc="Insufficient NVRAM resources exist to complete the API.  A reboot might be required."],
+	[0xC0000460] = [$id="NO_RANGES_PROCESSED", $desc="No ranges for the specified operation were able to be processed."],
+	[0xC0000463] = [$id="DEVICE_FEATURE_NOT_SUPPORTED", $desc="The storage device does not support Offload Write."],
+	[0xC0000464] = [$id="DEVICE_UNREACHABLE", $desc="Data cannot be moved because the source device cannot communicate with the destination device."],
+	[0xC0000465] = [$id="INVALID_TOKEN", $desc="The token representing the data is invalid or expired."],
+	[0xC0000500] = [$id="INVALID_TASK_NAME", $desc="The specified task name is invalid."],
+	[0xC0000501] = [$id="INVALID_TASK_INDEX", $desc="The specified task index is invalid."],
+	[0xC0000502] = [$id="THREAD_ALREADY_IN_TASK", $desc="The specified thread is already joining a task."],
+	[0xC0000503] = [$id="CALLBACK_BYPASS", $desc="A callback has requested to bypass native code."],
+	[0xC0000602] = [$id="FAIL_FAST_EXCEPTION", $desc="A fail fast exception occurred. Exception handlers will not be invoked and the process will be terminated immediately."],
+	[0xC0000603] = [$id="IMAGE_CERT_REVOKED", $desc="Windows cannot verify the digital signature for this file. The signing certificate for this file has been revoked."],
+	[0xC0000700] = [$id="PORT_CLOSED", $desc="The ALPC port is closed."],
+	[0xC0000701] = [$id="MESSAGE_LOST", $desc="The ALPC message requested is no longer available."],
+	[0xC0000702] = [$id="INVALID_MESSAGE", $desc="The ALPC message supplied is invalid."],
+	[0xC0000703] = [$id="REQUEST_CANCELED", $desc="The ALPC message has been canceled."],
+	[0xC0000704] = [$id="RECURSIVE_DISPATCH", $desc="Invalid recursive dispatch attempt."],
+	[0xC0000705] = [$id="LPC_RECEIVE_BUFFER_EXPECTED", $desc="No receive buffer has been supplied in a synchronous request."],
+	[0xC0000706] = [$id="LPC_INVALID_CONNECTION_USAGE", $desc="The connection port is used in an invalid context."],
+	[0xC0000707] = [$id="LPC_REQUESTS_NOT_ALLOWED", $desc="The ALPC port does not accept new request messages."],
+	[0xC0000708] = [$id="RESOURCE_IN_USE", $desc="The resource requested is already in use."],
+	[0xC0000709] = [$id="HARDWARE_MEMORY_ERROR", $desc="The hardware has reported an uncorrectable memory error."],
+	[0xC000070A] = [$id="THREADPOOL_HANDLE_EXCEPTION", $desc="Status 0x%08x was returned, waiting on handle 0x%x for wait 0x%p, in waiter 0x%p."],
+	[0xC000070B] = [$id="THREADPOOL_SET_EVENT_ON_COMPLETION_FAILED", $desc="After a callback to 0x%p(0x%p), a completion call to Set event(0x%p) failed with status 0x%08x."],
+	[0xC000070C] = [$id="THREADPOOL_RELEASE_SEMAPHORE_ON_COMPLETION_FAILED", $desc="After a callback to 0x%p(0x%p), a completion call to ReleaseSemaphore(0x%p, %d) failed with status 0x%08x."],
+	[0xC000070D] = [$id="THREADPOOL_RELEASE_MUTEX_ON_COMPLETION_FAILED", $desc="After a callback to 0x%p(0x%p), a completion call to ReleaseMutex(%p) failed with status 0x%08x."],
+	[0xC000070E] = [$id="THREADPOOL_FREE_LIBRARY_ON_COMPLETION_FAILED", $desc="After a callback to 0x%p(0x%p), a completion call to FreeLibrary(%p) failed with status 0x%08x."],
+	[0xC000070F] = [$id="THREADPOOL_RELEASED_DURING_OPERATION", $desc="The thread pool 0x%p was released while a thread was posting a callback to 0x%p(0x%p) to it."],
+	[0xC0000710] = [$id="CALLBACK_RETURNED_WHILE_IMPERSONATING", $desc="A thread pool worker thread is impersonating a client, after a callback to 0x%p(0x%p). This is unexpected, indicating that the callback is missing a call to revert the impersonation."],
+	[0xC0000711] = [$id="APC_RETURNED_WHILE_IMPERSONATING", $desc="A thread pool worker thread is impersonating a client, after executing an APC. This is unexpected, indicating that the APC is missing a call to revert the impersonation."],
+	[0xC0000712] = [$id="PROCESS_IS_PROTECTED", $desc="Either the target process, or the target thread's containing process, is a protected process."],
+	[0xC0000713] = [$id="MCA_EXCEPTION", $desc="A thread is getting dispatched with MCA EXCEPTION because of MCA."],
+	[0xC0000714] = [$id="CERTIFICATE_MAPPING_NOT_UNIQUE", $desc="The client certificate account mapping is not unique."],
+	[0xC0000715] = [$id="SYMLINK_CLASS_DISABLED", $desc="The symbolic link cannot be followed because its type is disabled."],
+	[0xC0000716] = [$id="INVALID_IDN_NORMALIZATION", $desc="Indicates that the specified string is not valid for IDN normalization."],
+	[0xC0000717] = [$id="NO_UNICODE_TRANSLATION", $desc="No mapping for the Unicode character exists in the target multi-byte code page."],
+	[0xC0000718] = [$id="ALREADY_REGISTERED", $desc="The provided callback is already registered."],
+	[0xC0000719] = [$id="CONTEXT_MISMATCH", $desc="The provided context did not match the target."],
+	[0xC000071A] = [$id="PORT_ALREADY_HAS_COMPLETION_LIST", $desc="The specified port already has a completion list."],
+	[0xC000071B] = [$id="CALLBACK_RETURNED_THREAD_PRIORITY", $desc="A threadpool worker thread entered a callback at thread base priority 0x%x and exited at priority 0x%x."],
+	[0xC000071C] = [$id="INVALID_THREAD", $desc="An invalid thread, handle %p, is specified for this operation. Possibly, a threadpool worker thread was specified."],
+	[0xC000071D] = [$id="CALLBACK_RETURNED_TRANSACTION", $desc="A threadpool worker thread entered a callback, which left transaction state."],
+	[0xC000071E] = [$id="CALLBACK_RETURNED_LDR_LOCK", $desc="A threadpool worker thread entered a callback, which left the loader lock held."],
+	[0xC000071F] = [$id="CALLBACK_RETURNED_LANG", $desc="A threadpool worker thread entered a callback, which left with preferred languages set."],
+	[0xC0000720] = [$id="CALLBACK_RETURNED_PRI_BACK", $desc="A threadpool worker thread entered a callback, which left with background priorities set."],
+	[0xC0000800] = [$id="DISK_REPAIR_DISABLED", $desc="The attempted operation required self healing to be enabled."],
+	[0xC0000801] = [$id="DS_DOMAIN_RENAME_IN_PROGRESS", $desc="The directory service cannot perform the requested operation because a domain rename operation is in progress."],
+	[0xC0000802] = [$id="DISK_QUOTA_EXCEEDED", $desc="An operation failed because the storage quota was exceeded."],
+	[0xC0000804] = [$id="CONTENT_BLOCKED", $desc="An operation failed because the content was blocked."],
+	[0xC0000805] = [$id="BAD_CLUSTERS", $desc="The operation could not be completed due to bad clusters on disk."],
+	[0xC0000806] = [$id="VOLUME_DIRTY", $desc="The operation could not be completed because the volume is dirty. Please run the Chkdsk utility and try again. "],
+	[0xC0000901] = [$id="FILE_CHECKED_OUT", $desc="This file is checked out or locked for editing by another user."],
+	[0xC0000902] = [$id="CHECKOUT_REQUIRED", $desc="The file must be checked out before saving changes."],
+	[0xC0000903] = [$id="BAD_FILE_TYPE", $desc="The file type being saved or retrieved has been blocked."],
+	[0xC0000904] = [$id="FILE_TOO_LARGE", $desc="The file size exceeds the limit allowed and cannot be saved."],
+	[0xC0000905] = [$id="FORMS_AUTH_REQUIRED", $desc="Access Denied. Before opening files in this location, you must first browse to the e.g. site and select the option to log on automatically."],
+	[0xC0000906] = [$id="VIRUS_INFECTED", $desc="The operation did not complete successfully because the file contains a virus."],
+	[0xC0000907] = [$id="VIRUS_DELETED", $desc="This file contains a virus and cannot be opened. Due to the nature of this virus, the file has been removed from this location."],
+	[0xC0000908] = [$id="BAD_MCFG_TABLE", $desc="The resources required for this device conflict with the MCFG table."],
+	[0xC0000909] = [$id="CANNOT_BREAK_OPLOCK", $desc="The operation did not complete successfully because it would cause an oplock to be broken. The caller has requested that existing oplocks not be broken."],
+	[0xC0009898] = [$id="WOW_ASSERTION", $desc="WOW Assertion Error."],
+	[0xC000A000] = [$id="INVALID_SIGNATURE", $desc="The cryptographic signature is invalid."],
+	[0xC000A001] = [$id="HMAC_NOT_SUPPORTED", $desc="The cryptographic provider does not support HMAC."],
+	[0xC000A010] = [$id="IPSEC_QUEUE_OVERFLOW", $desc="The IPsec queue overflowed."],
+	[0xC000A011] = [$id="ND_QUEUE_OVERFLOW", $desc="The neighbor discovery queue overflowed."],
+	[0xC000A012] = [$id="HOPLIMIT_EXCEEDED", $desc="An Internet Control Message Protocol (ICMP) hop limit exceeded error was received."],
+	[0xC000A013] = [$id="PROTOCOL_NOT_SUPPORTED", $desc="The protocol is not installed on the local machine."],
+	[0xC000A080] = [$id="LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED", $desc="{Delayed Write Failed} Windows was unable to save all the data for the file %hs; the data has been lost. This error may be caused by network connectivity issues. Try to save this file elsewhere."],
+	[0xC000A081] = [$id="LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR", $desc="{Delayed Write Failed} Windows was unable to save all the data for the file %hs; the data has been lost. This error was returned by the server on which the file exists. Try to save this file elsewhere."],
+	[0xC000A082] = [$id="LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR", $desc="{Delayed Write Failed} Windows was unable to save all the data for the file %hs; the data has been lost. This error may be caused if the device has been removed or the media is write-protected."],
+	[0xC000A083] = [$id="XML_PARSE_ERROR", $desc="Windows was unable to parse the requested XML data."],
+	[0xC000A084] = [$id="XMLDSIG_ERROR", $desc="An error was encountered while processing an XML digital signature."],
+	[0xC000A085] = [$id="WRONG_COMPARTMENT", $desc="This indicates that the caller made the connection request in the wrong routing compartment."],
+	[0xC000A086] = [$id="AUTHIP_FAILURE", $desc="This indicates that there was an AuthIP failure when attempting to connect to the remote host."],
+	[0xC000A087] = [$id="DS_OID_MAPPED_GROUP_CANT_HAVE_MEMBERS", $desc="OID mapped groups cannot have members."],
+	[0xC000A088] = [$id="DS_OID_NOT_FOUND", $desc="The specified OID cannot be found."],
+	[0xC000A100] = [$id="HASH_NOT_SUPPORTED", $desc="Hash generation for the specified version and hash type is not enabled on server."],
+	[0xC000A101] = [$id="HASH_NOT_PRESENT", $desc="The hash requests is not present or not up to date with the current file contents."],
+	[0xC000A2A1] = [$id="OFFLOAD_READ_FLT_NOT_SUPPORTED", $desc="A file system filter on the server has not opted in for Offload Read support."],
+	[0xC000A2A2] = [$id="OFFLOAD_WRITE_FLT_NOT_SUPPORTED", $desc="A file system filter on the server has not opted in for Offload Write support."],
+	[0xC000A2A3] = [$id="OFFLOAD_READ_FILE_NOT_SUPPORTED", $desc="Offload read operations cannot be performed on:"],
+	[0xC000A2A4] = [$id="OFFLOAD_WRITE_FILE_NOT_SUPPORTED", $desc="Offload write operations cannot be performed on:"],
+	[0xC0010001] = [$id="DBG_NO_STATE_CHANGE", $desc="The debugger did not perform a state change."],
+	[0xC0010002] = [$id="DBG_APP_NOT_IDLE", $desc="The debugger found that the application is not idle."],
+	[0xC0020001] = [$id="RPC_NT_INVALID_STRING_BINDING", $desc="The string binding is invalid."],
+	[0xC0020002] = [$id="RPC_NT_WRONG_KIND_OF_BINDING", $desc="The binding handle is not the correct type."],
+	[0xC0020003] = [$id="RPC_NT_INVALID_BINDING", $desc="The binding handle is invalid."],
+	[0xC0020004] = [$id="RPC_NT_PROTSEQ_NOT_SUPPORTED", $desc="The RPC protocol sequence is not supported."],
+	[0xC0020005] = [$id="RPC_NT_INVALID_RPC_PROTSEQ", $desc="The RPC protocol sequence is invalid."],
+	[0xC0020006] = [$id="RPC_NT_INVALID_STRING_UUID", $desc="The string UUID is invalid."],
+	[0xC0020007] = [$id="RPC_NT_INVALID_ENDPOINT_FORMAT", $desc="The endpoint format is invalid."],
+	[0xC0020008] = [$id="RPC_NT_INVALID_NET_ADDR", $desc="The network address is invalid."],
+	[0xC0020009] = [$id="RPC_NT_NO_ENDPOINT_FOUND", $desc="No endpoint was found."],
+	[0xC002000A] = [$id="RPC_NT_INVALID_TIMEOUT", $desc="The time-out value is invalid."],
+	[0xC002000B] = [$id="RPC_NT_OBJECT_NOT_FOUND", $desc="The object UUID was not found."],
+	[0xC002000C] = [$id="RPC_NT_ALREADY_REGISTERED", $desc="The object UUID has already been registered."],
+	[0xC002000D] = [$id="RPC_NT_TYPE_ALREADY_REGISTERED", $desc="The type UUID has already been registered."],
+	[0xC002000E] = [$id="RPC_NT_ALREADY_LISTENING", $desc="The RPC server is already listening."],
+	[0xC002000F] = [$id="RPC_NT_NO_PROTSEQS_REGISTERED", $desc="No protocol sequences have been registered."],
+	[0xC0020010] = [$id="RPC_NT_NOT_LISTENING", $desc="The RPC server is not listening."],
+	[0xC0020011] = [$id="RPC_NT_UNKNOWN_MGR_TYPE", $desc="The manager type is unknown."],
+	[0xC0020012] = [$id="RPC_NT_UNKNOWN_IF", $desc="The interface is unknown."],
+	[0xC0020013] = [$id="RPC_NT_NO_BINDINGS", $desc="There are no bindings."],
+	[0xC0020014] = [$id="RPC_NT_NO_PROTSEQS", $desc="There are no protocol sequences."],
+	[0xC0020015] = [$id="RPC_NT_CANT_CREATE_ENDPOINT", $desc="The endpoint cannot be created."],
+	[0xC0020016] = [$id="RPC_NT_OUT_OF_RESOURCES", $desc="Insufficient resources are available to complete this operation."],
+	[0xC0020017] = [$id="RPC_NT_SERVER_UNAVAILABLE", $desc="The RPC server is unavailable."],
+	[0xC0020018] = [$id="RPC_NT_SERVER_TOO_BUSY", $desc="The RPC server is too busy to complete this operation."],
+	[0xC0020019] = [$id="RPC_NT_INVALID_NETWORK_OPTIONS", $desc="The network options are invalid."],
+	[0xC002001A] = [$id="RPC_NT_NO_CALL_ACTIVE", $desc="No RPCs are active on this thread."],
+	[0xC002001B] = [$id="RPC_NT_CALL_FAILED", $desc="The RPC failed."],
+	[0xC002001C] = [$id="RPC_NT_CALL_FAILED_DNE", $desc="The RPC failed and did not execute."],
+	[0xC002001D] = [$id="RPC_NT_PROTOCOL_ERROR", $desc="An RPC protocol error occurred."],
+	[0xC002001F] = [$id="RPC_NT_UNSUPPORTED_TRANS_SYN", $desc="The RPC server does not support the transfer syntax."],
+	[0xC0020021] = [$id="RPC_NT_UNSUPPORTED_TYPE", $desc="The type UUID is not supported."],
+	[0xC0020022] = [$id="RPC_NT_INVALID_TAG", $desc="The tag is invalid."],
+	[0xC0020023] = [$id="RPC_NT_INVALID_BOUND", $desc="The array bounds are invalid."],
+	[0xC0020024] = [$id="RPC_NT_NO_ENTRY_NAME", $desc="The binding does not contain an entry name."],
+	[0xC0020025] = [$id="RPC_NT_INVALID_NAME_SYNTAX", $desc="The name syntax is invalid."],
+	[0xC0020026] = [$id="RPC_NT_UNSUPPORTED_NAME_SYNTAX", $desc="The name syntax is not supported."],
+	[0xC0020028] = [$id="RPC_NT_UUID_NO_ADDRESS", $desc="No network address is available to construct a UUID."],
+	[0xC0020029] = [$id="RPC_NT_DUPLICATE_ENDPOINT", $desc="The endpoint is a duplicate."],
+	[0xC002002A] = [$id="RPC_NT_UNKNOWN_AUTHN_TYPE", $desc="The authentication type is unknown."],
+	[0xC002002B] = [$id="RPC_NT_MAX_CALLS_TOO_SMALL", $desc="The maximum number of calls is too small."],
+	[0xC002002C] = [$id="RPC_NT_STRING_TOO_LONG", $desc="The string is too long."],
+	[0xC002002D] = [$id="RPC_NT_PROTSEQ_NOT_FOUND", $desc="The RPC protocol sequence was not found."],
+	[0xC002002E] = [$id="RPC_NT_PROCNUM_OUT_OF_RANGE", $desc="The procedure number is out of range."],
+	[0xC002002F] = [$id="RPC_NT_BINDING_HAS_NO_AUTH", $desc="The binding does not contain any authentication information."],
+	[0xC0020030] = [$id="RPC_NT_UNKNOWN_AUTHN_SERVICE", $desc="The authentication service is unknown."],
+	[0xC0020031] = [$id="RPC_NT_UNKNOWN_AUTHN_LEVEL", $desc="The authentication level is unknown."],
+	[0xC0020032] = [$id="RPC_NT_INVALID_AUTH_IDENTITY", $desc="The security context is invalid."],
+	[0xC0020033] = [$id="RPC_NT_UNKNOWN_AUTHZ_SERVICE", $desc="The authorization service is unknown."],
+	[0xC0020034] = [$id="EPT_NT_INVALID_ENTRY", $desc="The entry is invalid."],
+	[0xC0020035] = [$id="EPT_NT_CANT_PERFORM_OP", $desc="The operation cannot be performed."],
+	[0xC0020036] = [$id="EPT_NT_NOT_REGISTERED", $desc="No more endpoints are available from the endpoint mapper."],
+	[0xC0020037] = [$id="RPC_NT_NOTHING_TO_EXPORT", $desc="No interfaces have been exported."],
+	[0xC0020038] = [$id="RPC_NT_INCOMPLETE_NAME", $desc="The entry name is incomplete."],
+	[0xC0020039] = [$id="RPC_NT_INVALID_VERS_OPTION", $desc="The version option is invalid."],
+	[0xC002003A] = [$id="RPC_NT_NO_MORE_MEMBERS", $desc="There are no more members."],
+	[0xC002003B] = [$id="RPC_NT_NOT_ALL_OBJS_UNEXPORTED", $desc="There is nothing to unexport."],
+	[0xC002003C] = [$id="RPC_NT_INTERFACE_NOT_FOUND", $desc="The interface was not found."],
+	[0xC002003D] = [$id="RPC_NT_ENTRY_ALREADY_EXISTS", $desc="The entry already exists."],
+	[0xC002003E] = [$id="RPC_NT_ENTRY_NOT_FOUND", $desc="The entry was not found."],
+	[0xC002003F] = [$id="RPC_NT_NAME_SERVICE_UNAVAILABLE", $desc="The name service is unavailable."],
+	[0xC0020040] = [$id="RPC_NT_INVALID_NAF_ID", $desc="The network address family is invalid."],
+	[0xC0020041] = [$id="RPC_NT_CANNOT_SUPPORT", $desc="The requested operation is not supported."],
+	[0xC0020042] = [$id="RPC_NT_NO_CONTEXT_AVAILABLE", $desc="No security context is available to allow impersonation."],
+	[0xC0020043] = [$id="RPC_NT_INTERNAL_ERROR", $desc="An internal error occurred in the RPC."],
+	[0xC0020044] = [$id="RPC_NT_ZERO_DIVIDE", $desc="The RPC server attempted to divide an integer by zero."],
+	[0xC0020045] = [$id="RPC_NT_ADDRESS_ERROR", $desc="An addressing error occurred in the RPC server."],
+	[0xC0020046] = [$id="RPC_NT_FP_DIV_ZERO", $desc="A floating point operation at the RPC server caused a divide by zero."],
+	[0xC0020047] = [$id="RPC_NT_FP_UNDERFLOW", $desc="A floating point underflow occurred at the RPC server."],
+	[0xC0020048] = [$id="RPC_NT_FP_OVERFLOW", $desc="A floating point overflow occurred at the RPC server."],
+	[0xC0020049] = [$id="RPC_NT_CALL_IN_PROGRESS", $desc="An RPC is already in progress for this thread."],
+	[0xC002004A] = [$id="RPC_NT_NO_MORE_BINDINGS", $desc="There are no more bindings."],
+	[0xC002004B] = [$id="RPC_NT_GROUP_MEMBER_NOT_FOUND", $desc="The group member was not found."],
+	[0xC002004C] = [$id="EPT_NT_CANT_CREATE", $desc="The endpoint mapper database entry could not be created."],
+	[0xC002004D] = [$id="RPC_NT_INVALID_OBJECT", $desc="The object UUID is the nil UUID."],
+	[0xC002004F] = [$id="RPC_NT_NO_INTERFACES", $desc="No interfaces have been registered."],
+	[0xC0020050] = [$id="RPC_NT_CALL_CANCELLED", $desc="The RPC was canceled."],
+	[0xC0020051] = [$id="RPC_NT_BINDING_INCOMPLETE", $desc="The binding handle does not contain all the required information."],
+	[0xC0020052] = [$id="RPC_NT_COMM_FAILURE", $desc="A communications failure occurred during an RPC."],
+	[0xC0020053] = [$id="RPC_NT_UNSUPPORTED_AUTHN_LEVEL", $desc="The requested authentication level is not supported."],
+	[0xC0020054] = [$id="RPC_NT_NO_PRINC_NAME", $desc="No principal name was registered."],
+	[0xC0020055] = [$id="RPC_NT_NOT_RPC_ERROR", $desc="The error specified is not a valid Windows RPC error code."],
+	[0xC0020057] = [$id="RPC_NT_SEC_PKG_ERROR", $desc="A security package-specific error occurred."],
+	[0xC0020058] = [$id="RPC_NT_NOT_CANCELLED", $desc="The thread was not canceled."],
+	[0xC0020062] = [$id="RPC_NT_INVALID_ASYNC_HANDLE", $desc="Invalid asynchronous RPC handle."],
+	[0xC0020063] = [$id="RPC_NT_INVALID_ASYNC_CALL", $desc="Invalid asynchronous RPC call handle for this operation."],
+	[0xC0020064] = [$id="RPC_NT_PROXY_ACCESS_DENIED", $desc="Access to the HTTP proxy is denied."],
+	[0xC0030001] = [$id="RPC_NT_NO_MORE_ENTRIES", $desc="The list of RPC servers available for auto-handle binding has been exhausted."],
+	[0xC0030002] = [$id="RPC_NT_SS_CHAR_TRANS_OPEN_FAIL", $desc="The file designated by DCERPCCHARTRANS cannot be opened."],
+	[0xC0030003] = [$id="RPC_NT_SS_CHAR_TRANS_SHORT_FILE", $desc="The file containing the character translation table has fewer than 512 bytes."],
+	[0xC0030004] = [$id="RPC_NT_SS_IN_NULL_CONTEXT", $desc="A null context handle is passed as an [in] parameter."],
+	[0xC0030005] = [$id="RPC_NT_SS_CONTEXT_MISMATCH", $desc="The context handle does not match any known context handles."],
+	[0xC0030006] = [$id="RPC_NT_SS_CONTEXT_DAMAGED", $desc="The context handle changed during a call."],
+	[0xC0030007] = [$id="RPC_NT_SS_HANDLES_MISMATCH", $desc="The binding handles passed to an RPC do not match."],
+	[0xC0030008] = [$id="RPC_NT_SS_CANNOT_GET_CALL_HANDLE", $desc="The stub is unable to get the call handle."],
+	[0xC0030009] = [$id="RPC_NT_NULL_REF_POINTER", $desc="A null reference pointer was passed to the stub."],
+	[0xC003000A] = [$id="RPC_NT_ENUM_VALUE_OUT_OF_RANGE", $desc="The enumeration value is out of range."],
+	[0xC003000B] = [$id="RPC_NT_BYTE_COUNT_TOO_SMALL", $desc="The byte count is too small."],
+	[0xC003000C] = [$id="RPC_NT_BAD_STUB_DATA", $desc="The stub received bad data."],
+	[0xC0030059] = [$id="RPC_NT_INVALID_ES_ACTION", $desc="Invalid operation on the encoding/decoding handle."],
+	[0xC003005A] = [$id="RPC_NT_WRONG_ES_VERSION", $desc="Incompatible version of the serializing package."],
+	[0xC003005B] = [$id="RPC_NT_WRONG_STUB_VERSION", $desc="Incompatible version of the RPC stub."],
+	[0xC003005C] = [$id="RPC_NT_INVALID_PIPE_OBJECT", $desc="The RPC pipe object is invalid or corrupt."],
+	[0xC003005D] = [$id="RPC_NT_INVALID_PIPE_OPERATION", $desc="An invalid operation was attempted on an RPC pipe object."],
+	[0xC003005E] = [$id="RPC_NT_WRONG_PIPE_VERSION", $desc="Unsupported RPC pipe version."],
+	[0xC003005F] = [$id="RPC_NT_PIPE_CLOSED", $desc="The RPC pipe object has already been closed."],
+	[0xC0030060] = [$id="RPC_NT_PIPE_DISCIPLINE_ERROR", $desc="The RPC call completed before all pipes were processed."],
+	[0xC0030061] = [$id="RPC_NT_PIPE_EMPTY", $desc="No more data is available from the RPC pipe."],
+	[0xC0040035] = [$id="PNP_BAD_MPS_TABLE", $desc="A device is missing in the system BIOS MPS table. This device will not be used. Contact your system vendor for a system BIOS update."],
+	[0xC0040036] = [$id="PNP_TRANSLATION_FAILED", $desc="A translator failed to translate resources."],
+	[0xC0040037] = [$id="PNP_IRQ_TRANSLATION_FAILED", $desc="An IRQ translator failed to translate resources."],
+	[0xC0040038] = [$id="PNP_INVALID_ID", $desc="Driver %2 returned an invalid ID for a child device (%3)."],
+	[0xC0040039] = [$id="IO_REISSUE_AS_CACHED", $desc="Reissue the given operation as a cached I/O operation"],
+	[0xC00A0001] = [$id="CTX_WINSTATION_NAME_INVALID", $desc="Session name %1 is invalid."],
+	[0xC00A0002] = [$id="CTX_INVALID_PD", $desc="The protocol driver %1 is invalid."],
+	[0xC00A0003] = [$id="CTX_PD_NOT_FOUND", $desc="The protocol driver %1 was not found in the system path."],
+	[0xC00A0006] = [$id="CTX_CLOSE_PENDING", $desc="A close operation is pending on the terminal connection."],
+	[0xC00A0007] = [$id="CTX_NO_OUTBUF", $desc="No free output buffers are available."],
+	[0xC00A0008] = [$id="CTX_MODEM_INF_NOT_FOUND", $desc="The MODEM.INF file was not found."],
+	[0xC00A0009] = [$id="CTX_INVALID_MODEMNAME", $desc="The modem (%1) was not found in the MODEM.INF file."],
+	[0xC00A000A] = [$id="CTX_RESPONSE_ERROR", $desc="The modem did not accept the command sent to it. Verify that the configured modem name matches the attached modem."],
+	[0xC00A000B] = [$id="CTX_MODEM_RESPONSE_TIMEOUT", $desc="The modem did not respond to the command sent to it. Verify that the modem cable is properly attached and the modem is turned on."],
+	[0xC00A000C] = [$id="CTX_MODEM_RESPONSE_NO_CARRIER", $desc="Carrier detection has failed or the carrier has been dropped due to disconnection."],
+	[0xC00A000D] = [$id="CTX_MODEM_RESPONSE_NO_DIALTONE", $desc="A dial tone was not detected within the required time. Verify that the phone cable is properly attached and functional."],
+	[0xC00A000E] = [$id="CTX_MODEM_RESPONSE_BUSY", $desc="A busy signal was detected at a remote site on callback."],
+	[0xC00A000F] = [$id="CTX_MODEM_RESPONSE_VOICE", $desc="A voice was detected at a remote site on callback."],
+	[0xC00A0010] = [$id="CTX_TD_ERROR", $desc="Transport driver error."],
+	[0xC00A0012] = [$id="CTX_LICENSE_CLIENT_INVALID", $desc="The client you are using is not licensed to use this system. Your logon request is denied."],
+	[0xC00A0013] = [$id="CTX_LICENSE_NOT_AVAILABLE", $desc="The system has reached its licensed logon limit. Try again later."],
+	[0xC00A0014] = [$id="CTX_LICENSE_EXPIRED", $desc="The system license has expired. Your logon request is denied."],
+	[0xC00A0015] = [$id="CTX_WINSTATION_NOT_FOUND", $desc="The specified session cannot be found."],
+	[0xC00A0016] = [$id="CTX_WINSTATION_NAME_COLLISION", $desc="The specified session name is already in use."],
+	[0xC00A0017] = [$id="CTX_WINSTATION_BUSY", $desc="The requested operation cannot be completed because the terminal connection is currently processing a connect, disconnect, reset, or delete operation."],
+	[0xC00A0018] = [$id="CTX_BAD_VIDEO_MODE", $desc="An attempt has been made to connect to a session whose video mode is not supported by the current client."],
+	[0xC00A0022] = [$id="CTX_GRAPHICS_INVALID", $desc="The application attempted to enable DOS graphics mode. DOS graphics mode is not supported."],
+	[0xC00A0024] = [$id="CTX_NOT_CONSOLE", $desc="The requested operation can be performed only on the system console. This is most often the result of a driver or system DLL requiring direct console access."],
+	[0xC00A0026] = [$id="CTX_CLIENT_QUERY_TIMEOUT", $desc="The client failed to respond to the server connect message."],
+	[0xC00A0027] = [$id="CTX_CONSOLE_DISCONNECT", $desc="Disconnecting the console session is not supported."],
+	[0xC00A0028] = [$id="CTX_CONSOLE_CONNECT", $desc="Reconnecting a disconnected session to the console is not supported."],
+	[0xC00A002A] = [$id="CTX_SHADOW_DENIED", $desc="The request to control another session remotely was denied."],
+	[0xC00A002B] = [$id="CTX_WINSTATION_ACCESS_DENIED", $desc="A process has requested access to a session, but has not been granted those access rights."],
+	[0xC00A002E] = [$id="CTX_INVALID_WD", $desc="The terminal connection driver %1 is invalid."],
+	[0xC00A002F] = [$id="CTX_WD_NOT_FOUND", $desc="The terminal connection driver %1 was not found in the system path."],
+	[0xC00A0030] = [$id="CTX_SHADOW_INVALID", $desc="The requested session cannot be controlled remotely. You cannot control your own session, a session that is trying to control your session, a session that has no user logged on, or other sessions from the console."],
+	[0xC00A0031] = [$id="CTX_SHADOW_DISABLED", $desc="The requested session is not configured to allow remote control."],
+	[0xC00A0032] = [$id="RDP_PROTOCOL_ERROR", $desc="The RDP protocol component %2 detected an error in the protocol stream and has disconnected the client."],
+	[0xC00A0033] = [$id="CTX_CLIENT_LICENSE_NOT_SET", $desc="Your request to connect to this terminal server has been rejected. Your terminal server client license number has not been entered for this copy of the terminal client. Contact your system administrator for help in entering a valid, unique license number for this terminal server client. Click OK to continue."],
+	[0xC00A0034] = [$id="CTX_CLIENT_LICENSE_IN_USE", $desc="Your request to connect to this terminal server has been rejected. Your terminal server client license number is currently being used by another user. Contact your system administrator to obtain a new copy of the terminal server client with a valid, unique license number. Click OK to continue."],
+	[0xC00A0035] = [$id="CTX_SHADOW_ENDED_BY_MODE_CHANGE", $desc="The remote control of the console was terminated because the display mode was changed. Changing the display mode in a remote control session is not supported."],
+	[0xC00A0036] = [$id="CTX_SHADOW_NOT_RUNNING", $desc="Remote control could not be terminated because the specified session is not currently being remotely controlled."],
+	[0xC00A0037] = [$id="CTX_LOGON_DISABLED", $desc="Your interactive logon privilege has been disabled. Contact your system administrator."],
+	[0xC00A0038] = [$id="CTX_SECURITY_LAYER_ERROR", $desc="The terminal server security layer detected an error in the protocol stream and has disconnected the client."],
+	[0xC00A0039] = [$id="TS_INCOMPATIBLE_SESSIONS", $desc="The target session is incompatible with the current session."],
+	[0xC00B0001] = [$id="MUI_FILE_NOT_FOUND", $desc="The resource loader failed to find an MUI file."],
+	[0xC00B0002] = [$id="MUI_INVALID_FILE", $desc="The resource loader failed to load an MUI file because the file failed to pass validation."],
+	[0xC00B0003] = [$id="MUI_INVALID_RC_CONFIG", $desc="The RC manifest is corrupted with garbage data, is an unsupported version, or is missing a required item."],
+	[0xC00B0004] = [$id="MUI_INVALID_LOCALE_NAME", $desc="The RC manifest has an invalid culture name."],
+	[0xC00B0005] = [$id="MUI_INVALID_ULTIMATEFALLBACK_NAME", $desc="The RC manifest has and invalid ultimate fallback name."],
+	[0xC00B0006] = [$id="MUI_FILE_NOT_LOADED", $desc="The resource loader cache does not have a loaded MUI entry."],
+	[0xC00B0007] = [$id="RESOURCE_ENUM_USER_STOP", $desc="The user stopped resource enumeration."],
+	[0xC0130001] = [$id="CLUSTER_INVALID_NODE", $desc="The cluster node is not valid."],
+	[0xC0130002] = [$id="CLUSTER_NODE_EXISTS", $desc="The cluster node already exists."],
+	[0xC0130003] = [$id="CLUSTER_JOIN_IN_PROGRESS", $desc="A node is in the process of joining the cluster."],
+	[0xC0130004] = [$id="CLUSTER_NODE_NOT_FOUND", $desc="The cluster node was not found."],
+	[0xC0130005] = [$id="CLUSTER_LOCAL_NODE_NOT_FOUND", $desc="The cluster local node information was not found."],
+	[0xC0130006] = [$id="CLUSTER_NETWORK_EXISTS", $desc="The cluster network already exists."],
+	[0xC0130007] = [$id="CLUSTER_NETWORK_NOT_FOUND", $desc="The cluster network was not found."],
+	[0xC0130008] = [$id="CLUSTER_NETINTERFACE_EXISTS", $desc="The cluster network interface already exists."],
+	[0xC0130009] = [$id="CLUSTER_NETINTERFACE_NOT_FOUND", $desc="The cluster network interface was not found."],
+	[0xC013000A] = [$id="CLUSTER_INVALID_REQUEST", $desc="The cluster request is not valid for this object."],
+	[0xC013000B] = [$id="CLUSTER_INVALID_NETWORK_PROVIDER", $desc="The cluster network provider is not valid."],
+	[0xC013000C] = [$id="CLUSTER_NODE_DOWN", $desc="The cluster node is down."],
+	[0xC013000D] = [$id="CLUSTER_NODE_UNREACHABLE", $desc="The cluster node is not reachable."],
+	[0xC013000E] = [$id="CLUSTER_NODE_NOT_MEMBER", $desc="The cluster node is not a member of the cluster."],
+	[0xC013000F] = [$id="CLUSTER_JOIN_NOT_IN_PROGRESS", $desc="A cluster join operation is not in progress."],
+	[0xC0130010] = [$id="CLUSTER_INVALID_NETWORK", $desc="The cluster network is not valid."],
+	[0xC0130011] = [$id="CLUSTER_NO_NET_ADAPTERS", $desc="No network adapters are available."],
+	[0xC0130012] = [$id="CLUSTER_NODE_UP", $desc="The cluster node is up."],
+	[0xC0130013] = [$id="CLUSTER_NODE_PAUSED", $desc="The cluster node is paused."],
+	[0xC0130014] = [$id="CLUSTER_NODE_NOT_PAUSED", $desc="The cluster node is not paused."],
+	[0xC0130015] = [$id="CLUSTER_NO_SECURITY_CONTEXT", $desc="No cluster security context is available."],
+	[0xC0130016] = [$id="CLUSTER_NETWORK_NOT_INTERNAL", $desc="The cluster network is not configured for internal cluster communication."],
+	[0xC0130017] = [$id="CLUSTER_POISONED", $desc="The cluster node has been poisoned."],
+	[0xC0140001] = [$id="ACPI_INVALID_OPCODE", $desc="An attempt was made to run an invalid AML opcode."],
+	[0xC0140002] = [$id="ACPI_STACK_OVERFLOW", $desc="The AML interpreter stack has overflowed."],
+	[0xC0140003] = [$id="ACPI_ASSERT_FAILED", $desc="An inconsistent state has occurred."],
+	[0xC0140004] = [$id="ACPI_INVALID_INDEX", $desc="An attempt was made to access an array outside its bounds."],
+	[0xC0140005] = [$id="ACPI_INVALID_ARGUMENT", $desc="A required argument was not specified."],
+	[0xC0140006] = [$id="ACPI_FATAL", $desc="A fatal error has occurred."],
+	[0xC0140007] = [$id="ACPI_INVALID_SUPERNAME", $desc="An invalid SuperName was specified."],
+	[0xC0140008] = [$id="ACPI_INVALID_ARGTYPE", $desc="An argument with an incorrect type was specified."],
+	[0xC0140009] = [$id="ACPI_INVALID_OBJTYPE", $desc="An object with an incorrect type was specified."],
+	[0xC014000A] = [$id="ACPI_INVALID_TARGETTYPE", $desc="A target with an incorrect type was specified."],
+	[0xC014000B] = [$id="ACPI_INCORRECT_ARGUMENT_COUNT", $desc="An incorrect number of arguments was specified."],
+	[0xC014000C] = [$id="ACPI_ADDRESS_NOT_MAPPED", $desc="An address failed to translate."],
+	[0xC014000D] = [$id="ACPI_INVALID_EVENTTYPE", $desc="An incorrect event type was specified."],
+	[0xC014000E] = [$id="ACPI_HANDLER_COLLISION", $desc="A handler for the target already exists."],
+	[0xC014000F] = [$id="ACPI_INVALID_DATA", $desc="Invalid data for the target was specified."],
+	[0xC0140010] = [$id="ACPI_INVALID_REGION", $desc="An invalid region for the target was specified."],
+	[0xC0140011] = [$id="ACPI_INVALID_ACCESS_SIZE", $desc="An attempt was made to access a field outside the defined range."],
+	[0xC0140012] = [$id="ACPI_ACQUIRE_GLOBAL_LOCK", $desc="The global system lock could not be acquired."],
+	[0xC0140013] = [$id="ACPI_ALREADY_INITIALIZED", $desc="An attempt was made to reinitialize the ACPI subsystem."],
+	[0xC0140014] = [$id="ACPI_NOT_INITIALIZED", $desc="The ACPI subsystem has not been initialized."],
+	[0xC0140015] = [$id="ACPI_INVALID_MUTEX_LEVEL", $desc="An incorrect mutex was specified."],
+	[0xC0140016] = [$id="ACPI_MUTEX_NOT_OWNED", $desc="The mutex is not currently owned."],
+	[0xC0140017] = [$id="ACPI_MUTEX_NOT_OWNER", $desc="An attempt was made to access the mutex by a process that was not the owner."],
+	[0xC0140018] = [$id="ACPI_RS_ACCESS", $desc="An error occurred during an access to region space."],
+	[0xC0140019] = [$id="ACPI_INVALID_TABLE", $desc="An attempt was made to use an incorrect table."],
+	[0xC0140020] = [$id="ACPI_REG_HANDLER_FAILED", $desc="The registration of an ACPI event failed."],
+	[0xC0140021] = [$id="ACPI_POWER_REQUEST_FAILED", $desc="An ACPI power object failed to transition state."],
+	[0xC0150001] = [$id="SXS_SECTION_NOT_FOUND", $desc="The requested section is not present in the activation context."],
+	[0xC0150002] = [$id="SXS_CANT_GEN_ACTCTX", $desc="0xC0150003<br />STATUS_SXS_INVALID_ACTCTXDATA_FORMAT"],
+	[0xC0150004] = [$id="SXS_ASSEMBLY_NOT_FOUND", $desc="The referenced assembly is not installed on the system."],
+	[0xC0150005] = [$id="SXS_MANIFEST_FORMAT_ERROR", $desc="The manifest file does not begin with the required tag and format information."],
+	[0xC0150006] = [$id="SXS_MANIFEST_PARSE_ERROR", $desc="The manifest file contains one or more syntax errors."],
+	[0xC0150007] = [$id="SXS_ACTIVATION_CONTEXT_DISABLED", $desc="The application attempted to activate a disabled activation context."],
+	[0xC0150008] = [$id="SXS_KEY_NOT_FOUND", $desc="The requested lookup key was not found in any active activation context."],
+	[0xC0150009] = [$id="SXS_VERSION_CONFLICT", $desc="A component version required by the application conflicts with another component version that is already active."],
+	[0xC015000A] = [$id="SXS_WRONG_SECTION_TYPE", $desc="The type requested activation context section does not match the query API used."],
+	[0xC015000B] = [$id="SXS_THREAD_QUERIES_DISABLED", $desc="Lack of system resources has required isolated activation to be disabled for the current thread of execution."],
+	[0xC015000C] = [$id="SXS_ASSEMBLY_MISSING", $desc="The referenced assembly could not be found."],
+	[0xC015000E] = [$id="SXS_PROCESS_DEFAULT_ALREADY_SET", $desc="An attempt to set the process default activation context failed because the process default activation context was already set."],
+	[0xC015000F] = [$id="SXS_EARLY_DEACTIVATION", $desc="The activation context being deactivated is not the most recently activated one."],
+	[0xC0150010] = [$id="SXS_INVALID_DEACTIVATION", $desc="The activation context being deactivated is not active for the current thread of execution."],
+	[0xC0150011] = [$id="SXS_MULTIPLE_DEACTIVATION", $desc="The activation context being deactivated has already been deactivated."],
+	[0xC0150012] = [$id="SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY", $desc="The activation context of the system default assembly could not be generated."],
+	[0xC0150013] = [$id="SXS_PROCESS_TERMINATION_REQUESTED", $desc="A component used by the isolation facility has requested that the process be terminated."],
+	[0xC0150014] = [$id="SXS_CORRUPT_ACTIVATION_STACK", $desc="The activation context activation stack for the running thread of execution is corrupt."],
+	[0xC0150015] = [$id="SXS_CORRUPTION", $desc="The application isolation metadata for this process or thread has become corrupt."],
+	[0xC0150016] = [$id="SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE", $desc="The value of an attribute in an identity is not within the legal range."],
+	[0xC0150017] = [$id="SXS_INVALID_IDENTITY_ATTRIBUTE_NAME", $desc="The name of an attribute in an identity is not within the legal range."],
+	[0xC0150018] = [$id="SXS_IDENTITY_DUPLICATE_ATTRIBUTE", $desc="An identity contains two definitions for the same attribute."],
+	[0xC0150019] = [$id="SXS_IDENTITY_PARSE_ERROR", $desc="The identity string is malformed. This may be due to a trailing comma, more than two unnamed attributes, a missing attribute name, or a missing attribute value."],
+	[0xC015001A] = [$id="SXS_COMPONENT_STORE_CORRUPT", $desc="The component store has become corrupted."],
+	[0xC015001B] = [$id="SXS_FILE_HASH_MISMATCH", $desc="A component's file does not match the verification information present in the component manifest."],
+	[0xC015001C] = [$id="SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT", $desc="The identities of the manifests are identical, but their contents are different."],
+	[0xC015001D] = [$id="SXS_IDENTITIES_DIFFERENT", $desc="The component identities are different."],
+	[0xC015001E] = [$id="SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT", $desc="The assembly is not a deployment."],
+	[0xC015001F] = [$id="SXS_FILE_NOT_PART_OF_ASSEMBLY", $desc="The file is not a part of the assembly."],
+	[0xC0150020] = [$id="ADVANCED_INSTALLER_FAILED", $desc="An advanced installer failed during setup or servicing."],
+	[0xC0150021] = [$id="XML_ENCODING_MISMATCH", $desc="The character encoding in the XML declaration did not match the encoding used in the document."],
+	[0xC0150022] = [$id="SXS_MANIFEST_TOO_BIG", $desc="The size of the manifest exceeds the maximum allowed."],
+	[0xC0150023] = [$id="SXS_SETTING_NOT_REGISTERED", $desc="The setting is not registered."],
+	[0xC0150024] = [$id="SXS_TRANSACTION_CLOSURE_INCOMPLETE", $desc="One or more required transaction members are not present."],
+	[0xC0150025] = [$id="SMI_PRIMITIVE_INSTALLER_FAILED", $desc="The SMI primitive installer failed during setup or servicing."],
+	[0xC0150026] = [$id="GENERIC_COMMAND_FAILED", $desc="A generic command executable returned a result that indicates failure."],
+	[0xC0150027] = [$id="SXS_FILE_HASH_MISSING", $desc="A component is missing file verification information in its manifest."],
+	[0xC0190001] = [$id="TRANSACTIONAL_CONFLICT", $desc="The function attempted to use a name that is reserved for use by another transaction."],
+	[0xC0190002] = [$id="INVALID_TRANSACTION", $desc="The transaction handle associated with this operation is invalid."],
+	[0xC0190003] = [$id="TRANSACTION_NOT_ACTIVE", $desc="The requested operation was made in the context of a transaction that is no longer active."],
+	[0xC0190004] = [$id="TM_INITIALIZATION_FAILED", $desc="The transaction manager was unable to be successfully initialized. Transacted operations are not supported."],
+	[0xC0190005] = [$id="RM_NOT_ACTIVE", $desc="Transaction support within the specified file system resource manager was not started or was shut down due to an error."],
+	[0xC0190006] = [$id="RM_METADATA_CORRUPT", $desc="The metadata of the resource manager has been corrupted. The resource manager will not function."],
+	[0xC0190007] = [$id="TRANSACTION_NOT_JOINED", $desc="The resource manager attempted to prepare a transaction that it has not successfully joined."],
+	[0xC0190008] = [$id="DIRECTORY_NOT_RM", $desc="The specified directory does not contain a file system resource manager."],
+	[0xC019000A] = [$id="TRANSACTIONS_UNSUPPORTED_REMOTE", $desc="The remote server or share does not support transacted file operations."],
+	[0xC019000B] = [$id="LOG_RESIZE_INVALID_SIZE", $desc="The requested log size for the file system resource manager is invalid."],
+	[0xC019000C] = [$id="REMOTE_FILE_VERSION_MISMATCH", $desc="The remote server sent mismatching version number or Fid for a file opened with transactions."],
+	[0xC019000F] = [$id="CRM_PROTOCOL_ALREADY_EXISTS", $desc="The resource manager tried to register a protocol that already exists."],
+	[0xC0190010] = [$id="TRANSACTION_PROPAGATION_FAILED", $desc="The attempt to propagate the transaction failed."],
+	[0xC0190011] = [$id="CRM_PROTOCOL_NOT_FOUND", $desc="The requested propagation protocol was not registered as a CRM."],
+	[0xC0190012] = [$id="TRANSACTION_SUPERIOR_EXISTS", $desc="The transaction object already has a superior enlistment, and the caller attempted an operation that would have created a new superior. Only a single superior enlistment is allowed."],
+	[0xC0190013] = [$id="TRANSACTION_REQUEST_NOT_VALID", $desc="The requested operation is not valid on the transaction object in its current state."],
+	[0xC0190014] = [$id="TRANSACTION_NOT_REQUESTED", $desc="The caller has called a response API, but the response is not expected because the transaction manager did not issue the corresponding request to the caller."],
+	[0xC0190015] = [$id="TRANSACTION_ALREADY_ABORTED", $desc="It is too late to perform the requested operation, because the transaction has already been aborted."],
+	[0xC0190016] = [$id="TRANSACTION_ALREADY_COMMITTED", $desc="It is too late to perform the requested operation, because the transaction has already been committed."],
+	[0xC0190017] = [$id="TRANSACTION_INVALID_MARSHALL_BUFFER", $desc="The buffer passed in to NtPushTransaction or NtPullTransaction is not in a valid format."],
+	[0xC0190018] = [$id="CURRENT_TRANSACTION_NOT_VALID", $desc="The current transaction context associated with the thread is not a valid handle to a transaction object."],
+	[0xC0190019] = [$id="LOG_GROWTH_FAILED", $desc="An attempt to create space in the transactional resource manager's log failed. The failure status has been recorded in the event log."],
+	[0xC0190021] = [$id="OBJECT_NO_LONGER_EXISTS", $desc="The object (file, stream, or link) that corresponds to the handle has been deleted by a transaction savepoint rollback."],
+	[0xC0190022] = [$id="STREAM_MINIVERSION_NOT_FOUND", $desc="The specified file miniversion was not found for this transacted file open."],
+	[0xC0190023] = [$id="STREAM_MINIVERSION_NOT_VALID", $desc="The specified file miniversion was found but has been invalidated. The most likely cause is a transaction savepoint rollback."],
+	[0xC0190024] = [$id="MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION", $desc="A miniversion may be opened only in the context of the transaction that created it."],
+	[0xC0190025] = [$id="CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT", $desc="It is not possible to open a miniversion with modify access."],
+	[0xC0190026] = [$id="CANT_CREATE_MORE_STREAM_MINIVERSIONS", $desc="It is not possible to create any more miniversions for this stream."],
+	[0xC0190028] = [$id="HANDLE_NO_LONGER_VALID", $desc="The handle has been invalidated by a transaction. The most likely cause is the presence of memory mapping on a file or an open handle when the transaction ended or rolled back to savepoint."],
+	[0xC0190030] = [$id="LOG_CORRUPTION_DETECTED", $desc="The log data is corrupt."],
+	[0xC0190032] = [$id="RM_DISCONNECTED", $desc="The transaction outcome is unavailable because the resource manager responsible for it is disconnected."],
+	[0xC0190033] = [$id="ENLISTMENT_NOT_SUPERIOR", $desc="The request was rejected because the enlistment in question is not a superior enlistment."],
+	[0xC0190036] = [$id="FILE_IDENTITY_NOT_PERSISTENT", $desc="The file cannot be opened in a transaction because its identity depends on the outcome of an unresolved transaction."],
+	[0xC0190037] = [$id="CANT_BREAK_TRANSACTIONAL_DEPENDENCY", $desc="The operation cannot be performed because another transaction is depending on this property not changing."],
+	[0xC0190038] = [$id="CANT_CROSS_RM_BOUNDARY", $desc="The operation would involve a single file with two transactional resource managers and is, therefore, not allowed."],
+	[0xC0190039] = [$id="TXF_DIR_NOT_EMPTY", $desc="The $Txf directory must be empty for this operation to succeed."],
+	[0xC019003A] = [$id="INDOUBT_TRANSACTIONS_EXIST", $desc="The operation would leave a transactional resource manager in an inconsistent state and is therefore not allowed."],
+	[0xC019003B] = [$id="TM_VOLATILE", $desc="The operation could not be completed because the transaction manager does not have a log."],
+	[0xC019003C] = [$id="ROLLBACK_TIMER_EXPIRED", $desc="A rollback could not be scheduled because a previously scheduled rollback has already executed or been queued for execution."],
+	[0xC019003D] = [$id="TXF_ATTRIBUTE_CORRUPT", $desc="The transactional metadata attribute on the file or directory %hs is corrupt and unreadable."],
+	[0xC019003E] = [$id="EFS_NOT_ALLOWED_IN_TRANSACTION", $desc="The encryption operation could not be completed because a transaction is active."],
+	[0xC019003F] = [$id="TRANSACTIONAL_OPEN_NOT_ALLOWED", $desc="This object is not allowed to be opened in a transaction."],
+	[0xC0190040] = [$id="TRANSACTED_MAPPING_UNSUPPORTED_REMOTE", $desc="Memory mapping (creating a mapped section) a remote file under a transaction is not supported."],
+	[0xC0190043] = [$id="TRANSACTION_REQUIRED_PROMOTION", $desc="Promotion was required to allow the resource manager to enlist, but the transaction was set to disallow it."],
+	[0xC0190044] = [$id="CANNOT_EXECUTE_FILE_IN_TRANSACTION", $desc="This file is open for modification in an unresolved transaction and may be opened for execute only by a transacted reader."],
+	[0xC0190045] = [$id="TRANSACTIONS_NOT_FROZEN", $desc="The request to thaw frozen transactions was ignored because transactions were not previously frozen."],
+	[0xC0190046] = [$id="TRANSACTION_FREEZE_IN_PROGRESS", $desc="Transactions cannot be frozen because a freeze is already in progress."],
+	[0xC0190047] = [$id="NOT_SNAPSHOT_VOLUME", $desc="The target volume is not a snapshot volume. This operation is valid only on a volume mounted as a snapshot."],
+	[0xC0190048] = [$id="NO_SAVEPOINT_WITH_OPEN_FILES", $desc="The savepoint operation failed because files are open on the transaction, which is not permitted."],
+	[0xC0190049] = [$id="SPARSE_NOT_ALLOWED_IN_TRANSACTION", $desc="The sparse operation could not be completed because a transaction is active on the file."],
+	[0xC019004A] = [$id="TM_IDENTITY_MISMATCH", $desc="The call to create a transaction manager object failed because the Tm Identity that is stored in the log file does not match the Tm Identity that was passed in as an argument."],
+	[0xC019004B] = [$id="FLOATED_SECTION", $desc="I/O was attempted on a section object that has been floated as a result of a transaction ending. There is no valid data."],
+	[0xC019004C] = [$id="CANNOT_ACCEPT_TRANSACTED_WORK", $desc="The transactional resource manager cannot currently accept transacted work due to a transient condition, such as low resources."],
+	[0xC019004D] = [$id="CANNOT_ABORT_TRANSACTIONS", $desc="The transactional resource manager had too many transactions outstanding that could not be aborted. The transactional resource manager has been shut down."],
+	[0xC019004E] = [$id="TRANSACTION_NOT_FOUND", $desc="The specified transaction was unable to be opened because it was not found."],
+	[0xC019004F] = [$id="RESOURCEMANAGER_NOT_FOUND", $desc="The specified resource manager was unable to be opened because it was not found."],
+	[0xC0190050] = [$id="ENLISTMENT_NOT_FOUND", $desc="The specified enlistment was unable to be opened because it was not found."],
+	[0xC0190051] = [$id="TRANSACTIONMANAGER_NOT_FOUND", $desc="The specified transaction manager was unable to be opened because it was not found."],
+	[0xC0190052] = [$id="TRANSACTIONMANAGER_NOT_ONLINE", $desc="The specified resource manager was unable to create an enlistment because its associated transaction manager is not online."],
+	[0xC0190053] = [$id="TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION", $desc="The specified transaction manager was unable to create the objects contained in its log file in the Ob namespace. Therefore, the transaction manager was unable to recover."],
+	[0xC0190054] = [$id="TRANSACTION_NOT_ROOT", $desc="The call to create a superior enlistment on this transaction object could not be completed because the transaction object specified for the enlistment is a subordinate branch of the transaction. Only the root of the transaction can be enlisted as a superior."],
+	[0xC0190055] = [$id="TRANSACTION_OBJECT_EXPIRED", $desc="Because the associated transaction manager or resource manager has been closed, the handle is no longer valid."],
+	[0xC0190056] = [$id="COMPRESSION_NOT_ALLOWED_IN_TRANSACTION", $desc="The compression operation could not be completed because a transaction is active on the file."],
+	[0xC0190057] = [$id="TRANSACTION_RESPONSE_NOT_ENLISTED", $desc="The specified operation could not be performed on this superior enlistment because the enlistment was not created with the corresponding completion response in the NotificationMask."],
+	[0xC0190058] = [$id="TRANSACTION_RECORD_TOO_LONG", $desc="The specified operation could not be performed because the record to be logged was too long. This can occur because either there are too many enlistments on this transaction or the combined RecoveryInformation being logged on behalf of those enlistments is too long."],
+	[0xC0190059] = [$id="NO_LINK_TRACKING_IN_TRANSACTION", $desc="The link-tracking operation could not be completed because a transaction is active."],
+	[0xC019005A] = [$id="OPERATION_NOT_SUPPORTED_IN_TRANSACTION", $desc="This operation cannot be performed in a transaction."],
+	[0xC019005B] = [$id="TRANSACTION_INTEGRITY_VIOLATED", $desc="The kernel transaction manager had to abort or forget the transaction because it blocked forward progress."],
+	[0xC0190060] = [$id="EXPIRED_HANDLE", $desc="The handle is no longer properly associated with its transaction.  It may have been opened in a transactional resource manager that was subsequently forced to restart.  Please close the handle and open a new one."],
+	[0xC0190061] = [$id="TRANSACTION_NOT_ENLISTED", $desc="The specified operation could not be performed because the resource manager is not enlisted in the transaction."],
+	[0xC01A0001] = [$id="LOG_SECTOR_INVALID", $desc="The log service found an invalid log sector."],
+	[0xC01A0002] = [$id="LOG_SECTOR_PARITY_INVALID", $desc="The log service encountered a log sector with invalid block parity."],
+	[0xC01A0003] = [$id="LOG_SECTOR_REMAPPED", $desc="The log service encountered a remapped log sector."],
+	[0xC01A0004] = [$id="LOG_BLOCK_INCOMPLETE", $desc="The log service encountered a partial or incomplete log block."],
+	[0xC01A0005] = [$id="LOG_INVALID_RANGE", $desc="The log service encountered an attempt to access data outside the active log range."],
+	[0xC01A0006] = [$id="LOG_BLOCKS_EXHAUSTED", $desc="The log service user-log marshaling buffers are exhausted."],
+	[0xC01A0007] = [$id="LOG_READ_CONTEXT_INVALID", $desc="The log service encountered an attempt to read from a marshaling area with an invalid read context."],
+	[0xC01A0008] = [$id="LOG_RESTART_INVALID", $desc="The log service encountered an invalid log restart area."],
+	[0xC01A0009] = [$id="LOG_BLOCK_VERSION", $desc="The log service encountered an invalid log block version."],
+	[0xC01A000A] = [$id="LOG_BLOCK_INVALID", $desc="The log service encountered an invalid log block."],
+	[0xC01A000B] = [$id="LOG_READ_MODE_INVALID", $desc="The log service encountered an attempt to read the log with an invalid read mode."],
+	[0xC01A000D] = [$id="LOG_METADATA_CORRUPT", $desc="The log service encountered a corrupted metadata file."],
+	[0xC01A000E] = [$id="LOG_METADATA_INVALID", $desc="The log service encountered a metadata file that could not be created by the log file system."],
+	[0xC01A000F] = [$id="LOG_METADATA_INCONSISTENT", $desc="The log service encountered a metadata file with inconsistent data."],
+	[0xC01A0010] = [$id="LOG_RESERVATION_INVALID", $desc="The log service encountered an attempt to erroneously allocate or dispose reservation space."],
+	[0xC01A0011] = [$id="LOG_CANT_DELETE", $desc="The log service cannot delete the log file or the file system container."],
+	[0xC01A0012] = [$id="LOG_CONTAINER_LIMIT_EXCEEDED", $desc="The log service has reached the maximum allowable containers allocated to a log file."],
+	[0xC01A0013] = [$id="LOG_START_OF_LOG", $desc="The log service has attempted to read or write backward past the start of the log."],
+	[0xC01A0014] = [$id="LOG_POLICY_ALREADY_INSTALLED", $desc="The log policy could not be installed because a policy of the same type is already present."],
+	[0xC01A0015] = [$id="LOG_POLICY_NOT_INSTALLED", $desc="The log policy in question was not installed at the time of the request."],
+	[0xC01A0016] = [$id="LOG_POLICY_INVALID", $desc="The installed set of policies on the log is invalid."],
+	[0xC01A0017] = [$id="LOG_POLICY_CONFLICT", $desc="A policy on the log in question prevented the operation from completing."],
+	[0xC01A0018] = [$id="LOG_PINNED_ARCHIVE_TAIL", $desc="The log space cannot be reclaimed because the log is pinned by the archive tail."],
+	[0xC01A0019] = [$id="LOG_RECORD_NONEXISTENT", $desc="The log record is not a record in the log file."],
+	[0xC01A001A] = [$id="LOG_RECORDS_RESERVED_INVALID", $desc="The number of reserved log records or the adjustment of the number of reserved log records is invalid."],
+	[0xC01A001B] = [$id="LOG_SPACE_RESERVED_INVALID", $desc="The reserved log space or the adjustment of the log space is invalid."],
+	[0xC01A001C] = [$id="LOG_TAIL_INVALID", $desc="A new or existing archive tail or the base of the active log is invalid."],
+	[0xC01A001D] = [$id="LOG_FULL", $desc="The log space is exhausted."],
+	[0xC01A001E] = [$id="LOG_MULTIPLEXED", $desc="The log is multiplexed; no direct writes to the physical log are allowed."],
+	[0xC01A001F] = [$id="LOG_DEDICATED", $desc="The operation failed because the log is dedicated."],
+	[0xC01A0020] = [$id="LOG_ARCHIVE_NOT_IN_PROGRESS", $desc="The operation requires an archive context."],
+	[0xC01A0021] = [$id="LOG_ARCHIVE_IN_PROGRESS", $desc="Log archival is in progress."],
+	[0xC01A0022] = [$id="LOG_EPHEMERAL", $desc="The operation requires a nonephemeral log, but the log is ephemeral."],
+	[0xC01A0023] = [$id="LOG_NOT_ENOUGH_CONTAINERS", $desc="The log must have at least two containers before it can be read from or written to."],
+	[0xC01A0024] = [$id="LOG_CLIENT_ALREADY_REGISTERED", $desc="A log client has already registered on the stream."],
+	[0xC01A0025] = [$id="LOG_CLIENT_NOT_REGISTERED", $desc="A log client has not been registered on the stream."],
+	[0xC01A0026] = [$id="LOG_FULL_HANDLER_IN_PROGRESS", $desc="A request has already been made to handle the log full condition."],
+	[0xC01A0027] = [$id="LOG_CONTAINER_READ_FAILED", $desc="The log service encountered an error when attempting to read from a log container."],
+	[0xC01A0028] = [$id="LOG_CONTAINER_WRITE_FAILED", $desc="The log service encountered an error when attempting to write to a log container."],
+	[0xC01A0029] = [$id="LOG_CONTAINER_OPEN_FAILED", $desc="The log service encountered an error when attempting to open a log container."],
+	[0xC01A002A] = [$id="LOG_CONTAINER_STATE_INVALID", $desc="The log service encountered an invalid container state when attempting a requested action."],
+	[0xC01A002B] = [$id="LOG_STATE_INVALID", $desc="The log service is not in the correct state to perform a requested action."],
+	[0xC01A002C] = [$id="LOG_PINNED", $desc="The log space cannot be reclaimed because the log is pinned."],
+	[0xC01A002D] = [$id="LOG_METADATA_FLUSH_FAILED", $desc="The log metadata flush failed."],
+	[0xC01A002E] = [$id="LOG_INCONSISTENT_SECURITY", $desc="Security on the log and its containers is inconsistent."],
+	[0xC01A002F] = [$id="LOG_APPENDED_FLUSH_FAILED", $desc="Records were appended to the log or reservation changes were made, but the log could not be flushed."],
+	[0xC01A0030] = [$id="LOG_PINNED_RESERVATION", $desc="The log is pinned due to reservation consuming most of the log space. Free some reserved records to make space available."],
+	[0xC01B00EA] = [$id="VIDEO_HUNG_DISPLAY_DRIVER_THREAD", $desc="{Display Driver Stopped Responding} The %hs display driver has stopped working normally. Save your work and reboot the system to restore full display functionality. The next time you reboot the computer, a dialog box will allow you to upload data about this failure to Microsoft."],
+	[0xC01C0001] = [$id="FLT_NO_HANDLER_DEFINED", $desc="A handler was not defined by the filter for this operation."],
+	[0xC01C0002] = [$id="FLT_CONTEXT_ALREADY_DEFINED", $desc="A context is already defined for this object."],
+	[0xC01C0003] = [$id="FLT_INVALID_ASYNCHRONOUS_REQUEST", $desc="Asynchronous requests are not valid for this operation."],
+	[0xC01C0004] = [$id="FLT_DISALLOW_FAST_IO", $desc="This is an internal error code used by the filter manager to determine if a fast I/O operation should be forced down the input/output request packet (IRP) path. Minifilters should never return this value."],
+	[0xC01C0005] = [$id="FLT_INVALID_NAME_REQUEST", $desc="An invalid name request was made. The name requested cannot be retrieved at this time."],
+	[0xC01C0006] = [$id="FLT_NOT_SAFE_TO_POST_OPERATION", $desc="Posting this operation to a worker thread for further processing is not safe at this time because it could lead to a system deadlock."],
+	[0xC01C0007] = [$id="FLT_NOT_INITIALIZED", $desc="The Filter Manager was not initialized when a filter tried to register. Make sure that the Filter Manager is loaded as a driver."],
+	[0xC01C0008] = [$id="FLT_FILTER_NOT_READY", $desc="The filter is not ready for attachment to volumes because it has not finished initializing (FltStartFiltering has not been called)."],
+	[0xC01C0009] = [$id="FLT_POST_OPERATION_CLEANUP", $desc="The filter must clean up any operation-specific context at this time because it is being removed from the system before the operation is completed by the lower drivers."],
+	[0xC01C000A] = [$id="FLT_INTERNAL_ERROR", $desc="The Filter Manager had an internal error from which it cannot recover; therefore, the operation has failed. This is usually the result of a filter returning an invalid value from a pre-operation callback."],
+	[0xC01C000B] = [$id="FLT_DELETING_OBJECT", $desc="The object specified for this action is in the process of being deleted; therefore, the action requested cannot be completed at this time."],
+	[0xC01C000C] = [$id="FLT_MUST_BE_NONPAGED_POOL", $desc="A nonpaged pool must be used for this type of context."],
+	[0xC01C000D] = [$id="FLT_DUPLICATE_ENTRY", $desc="A duplicate handler definition has been provided for an operation."],
+	[0xC01C000E] = [$id="FLT_CBDQ_DISABLED", $desc="The callback data queue has been disabled."],
+	[0xC01C000F] = [$id="FLT_DO_NOT_ATTACH", $desc="Do not attach the filter to the volume at this time."],
+	[0xC01C0010] = [$id="FLT_DO_NOT_DETACH", $desc="Do not detach the filter from the volume at this time."],
+	[0xC01C0011] = [$id="FLT_INSTANCE_ALTITUDE_COLLISION", $desc="An instance already exists at this altitude on the volume specified."],
+	[0xC01C0012] = [$id="FLT_INSTANCE_NAME_COLLISION", $desc="An instance already exists with this name on the volume specified."],
+	[0xC01C0013] = [$id="FLT_FILTER_NOT_FOUND", $desc="The system could not find the filter specified."],
+	[0xC01C0014] = [$id="FLT_VOLUME_NOT_FOUND", $desc="The system could not find the volume specified."],
+	[0xC01C0015] = [$id="FLT_INSTANCE_NOT_FOUND", $desc="The system could not find the instance specified."],
+	[0xC01C0016] = [$id="FLT_CONTEXT_ALLOCATION_NOT_FOUND", $desc="No registered context allocation definition was found for the given request."],
+	[0xC01C0017] = [$id="FLT_INVALID_CONTEXT_REGISTRATION", $desc="An invalid parameter was specified during context registration."],
+	[0xC01C0018] = [$id="FLT_NAME_CACHE_MISS", $desc="The name requested was not found in the Filter Manager name cache and could not be retrieved from the file system."],
+	[0xC01C0019] = [$id="FLT_NO_DEVICE_OBJECT", $desc="The requested device object does not exist for the given volume."],
+	[0xC01C001A] = [$id="FLT_VOLUME_ALREADY_MOUNTED", $desc="The specified volume is already mounted."],
+	[0xC01C001B] = [$id="FLT_ALREADY_ENLISTED", $desc="The specified transaction context is already enlisted in a transaction."],
+	[0xC01C001C] = [$id="FLT_CONTEXT_ALREADY_LINKED", $desc="The specified context is already attached to another object."],
+	[0xC01C0020] = [$id="FLT_NO_WAITER_FOR_REPLY", $desc="No waiter is present for the filter's reply to this message."],
+	[0xC01D0001] = [$id="MONITOR_NO_DESCRIPTOR", $desc="A monitor descriptor could not be obtained."],
+	[0xC01D0002] = [$id="MONITOR_UNKNOWN_DESCRIPTOR_FORMAT", $desc="This release does not support the format of the obtained monitor descriptor."],
+	[0xC01D0003] = [$id="MONITOR_INVALID_DESCRIPTOR_CHECKSUM", $desc="The checksum of the obtained monitor descriptor is invalid."],
+	[0xC01D0004] = [$id="MONITOR_INVALID_STANDARD_TIMING_BLOCK", $desc="The monitor descriptor contains an invalid standard timing block."],
+	[0xC01D0005] = [$id="MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED", $desc="WMI data-block registration failed for one of the MSMonitorClass WMI subclasses."],
+	[0xC01D0006] = [$id="MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK", $desc="The provided monitor descriptor block is either corrupted or does not contain the monitor's detailed serial number."],
+	[0xC01D0007] = [$id="MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK", $desc="The provided monitor descriptor block is either corrupted or does not contain the monitor's user-friendly name."],
+	[0xC01D0008] = [$id="MONITOR_NO_MORE_DESCRIPTOR_DATA", $desc="There is no monitor descriptor data at the specified (offset or size) region."],
+	[0xC01D0009] = [$id="MONITOR_INVALID_DETAILED_TIMING_BLOCK", $desc="The monitor descriptor contains an invalid detailed timing block."],
+	[0xC01D000A] = [$id="MONITOR_INVALID_MANUFACTURE_DATE", $desc="Monitor descriptor contains invalid manufacture date."],
+	[0xC01E0000] = [$id="GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER", $desc="Exclusive mode ownership is needed to create an unmanaged primary allocation."],
+	[0xC01E0001] = [$id="GRAPHICS_INSUFFICIENT_DMA_BUFFER", $desc="The driver needs more DMA buffer space to complete the requested operation."],
+	[0xC01E0002] = [$id="GRAPHICS_INVALID_DISPLAY_ADAPTER", $desc="The specified display adapter handle is invalid."],
+	[0xC01E0003] = [$id="GRAPHICS_ADAPTER_WAS_RESET", $desc="The specified display adapter and all of its state have been reset."],
+	[0xC01E0004] = [$id="GRAPHICS_INVALID_DRIVER_MODEL", $desc="The driver stack does not match the expected driver model."],
+	[0xC01E0005] = [$id="GRAPHICS_PRESENT_MODE_CHANGED", $desc="Present happened but ended up into the changed desktop mode."],
+	[0xC01E0006] = [$id="GRAPHICS_PRESENT_OCCLUDED", $desc="Nothing to present due to desktop occlusion."],
+	[0xC01E0007] = [$id="GRAPHICS_PRESENT_DENIED", $desc="Not able to present due to denial of desktop access."],
+	[0xC01E0008] = [$id="GRAPHICS_CANNOTCOLORCONVERT", $desc="Not able to present with color conversion."],
+	[0xC01E000B] = [$id="GRAPHICS_PRESENT_REDIRECTION_DISABLED", $desc="Present redirection is disabled (desktop windowing management subsystem is off)."],
+	[0xC01E000C] = [$id="GRAPHICS_PRESENT_UNOCCLUDED", $desc="Previous exclusive VidPn source owner has released its ownership"],
+	[0xC01E0100] = [$id="GRAPHICS_NO_VIDEO_MEMORY", $desc="Not enough video memory is available to complete the operation."],
+	[0xC01E0101] = [$id="GRAPHICS_CANT_LOCK_MEMORY", $desc="Could not probe and lock the underlying memory of an allocation."],
+	[0xC01E0102] = [$id="GRAPHICS_ALLOCATION_BUSY", $desc="The allocation is currently busy."],
+	[0xC01E0103] = [$id="GRAPHICS_TOO_MANY_REFERENCES", $desc="An object being referenced has already reached the maximum reference count and cannot be referenced further."],
+	[0xC01E0104] = [$id="GRAPHICS_TRY_AGAIN_LATER", $desc="A problem could not be solved due to an existing condition. Try again later."],
+	[0xC01E0105] = [$id="GRAPHICS_TRY_AGAIN_NOW", $desc="A problem could not be solved due to an existing condition. Try again now."],
+	[0xC01E0106] = [$id="GRAPHICS_ALLOCATION_INVALID", $desc="The allocation is invalid."],
+	[0xC01E0107] = [$id="GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE", $desc="No more unswizzling apertures are currently available."],
+	[0xC01E0108] = [$id="GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED", $desc="The current allocation cannot be unswizzled by an aperture."],
+	[0xC01E0109] = [$id="GRAPHICS_CANT_EVICT_PINNED_ALLOCATION", $desc="The request failed because a pinned allocation cannot be evicted."],
+	[0xC01E0110] = [$id="GRAPHICS_INVALID_ALLOCATION_USAGE", $desc="The allocation cannot be used from its current segment location for the specified operation."],
+	[0xC01E0111] = [$id="GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION", $desc="A locked allocation cannot be used in the current command buffer."],
+	[0xC01E0112] = [$id="GRAPHICS_ALLOCATION_CLOSED", $desc="The allocation being referenced has been closed permanently."],
+	[0xC01E0113] = [$id="GRAPHICS_INVALID_ALLOCATION_INSTANCE", $desc="An invalid allocation instance is being referenced."],
+	[0xC01E0114] = [$id="GRAPHICS_INVALID_ALLOCATION_HANDLE", $desc="An invalid allocation handle is being referenced."],
+	[0xC01E0115] = [$id="GRAPHICS_WRONG_ALLOCATION_DEVICE", $desc="The allocation being referenced does not belong to the current device."],
+	[0xC01E0116] = [$id="GRAPHICS_ALLOCATION_CONTENT_LOST", $desc="The specified allocation lost its content."],
+	[0xC01E0200] = [$id="GRAPHICS_GPU_EXCEPTION_ON_DEVICE", $desc="A GPU exception was detected on the given device. The device cannot be scheduled."],
+	[0xC01E0300] = [$id="GRAPHICS_INVALID_VIDPN_TOPOLOGY", $desc="The specified VidPN topology is invalid."],
+	[0xC01E0301] = [$id="GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED", $desc="The specified VidPN topology is valid but is not supported by this model of the display adapter."],
+	[0xC01E0302] = [$id="GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED", $desc="The specified VidPN topology is valid but is not currently supported by the display adapter due to allocation of its resources."],
+	[0xC01E0303] = [$id="GRAPHICS_INVALID_VIDPN", $desc="The specified VidPN handle is invalid."],
+	[0xC01E0304] = [$id="GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE", $desc="The specified video present source is invalid."],
+	[0xC01E0305] = [$id="GRAPHICS_INVALID_VIDEO_PRESENT_TARGET", $desc="The specified video present target is invalid."],
+	[0xC01E0306] = [$id="GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED", $desc="The specified VidPN modality is not supported (for example, at least two of the pinned modes are not co-functional)."],
+	[0xC01E0308] = [$id="GRAPHICS_INVALID_VIDPN_SOURCEMODESET", $desc="The specified VidPN source mode set is invalid."],
+	[0xC01E0309] = [$id="GRAPHICS_INVALID_VIDPN_TARGETMODESET", $desc="The specified VidPN target mode set is invalid."],
+	[0xC01E030A] = [$id="GRAPHICS_INVALID_FREQUENCY", $desc="The specified video signal frequency is invalid."],
+	[0xC01E030B] = [$id="GRAPHICS_INVALID_ACTIVE_REGION", $desc="The specified video signal active region is invalid."],
+	[0xC01E030C] = [$id="GRAPHICS_INVALID_TOTAL_REGION", $desc="The specified video signal total region is invalid."],
+	[0xC01E0310] = [$id="GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE", $desc="The specified video present source mode is invalid."],
+	[0xC01E0311] = [$id="GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE", $desc="The specified video present target mode is invalid."],
+	[0xC01E0312] = [$id="GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET", $desc="The pinned mode must remain in the set on the VidPN's co-functional modality enumeration."],
+	[0xC01E0313] = [$id="GRAPHICS_PATH_ALREADY_IN_TOPOLOGY", $desc="The specified video present path is already in the VidPN's topology."],
+	[0xC01E0314] = [$id="GRAPHICS_MODE_ALREADY_IN_MODESET", $desc="The specified mode is already in the mode set."],
+	[0xC01E0315] = [$id="GRAPHICS_INVALID_VIDEOPRESENTSOURCESET", $desc="The specified video present source set is invalid."],
+	[0xC01E0316] = [$id="GRAPHICS_INVALID_VIDEOPRESENTTARGETSET", $desc="The specified video present target set is invalid."],
+	[0xC01E0317] = [$id="GRAPHICS_SOURCE_ALREADY_IN_SET", $desc="The specified video present source is already in the video present source set."],
+	[0xC01E0318] = [$id="GRAPHICS_TARGET_ALREADY_IN_SET", $desc="The specified video present target is already in the video present target set."],
+	[0xC01E0319] = [$id="GRAPHICS_INVALID_VIDPN_PRESENT_PATH", $desc="The specified VidPN present path is invalid."],
+	[0xC01E031A] = [$id="GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY", $desc="The miniport has no recommendation for augmenting the specified VidPN's topology."],
+	[0xC01E031B] = [$id="GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET", $desc="The specified monitor frequency range set is invalid."],
+	[0xC01E031C] = [$id="GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE", $desc="The specified monitor frequency range is invalid."],
+	[0xC01E031D] = [$id="GRAPHICS_FREQUENCYRANGE_NOT_IN_SET", $desc="The specified frequency range is not in the specified monitor frequency range set."],
+	[0xC01E031F] = [$id="GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET", $desc="The specified frequency range is already in the specified monitor frequency range set."],
+	[0xC01E0320] = [$id="GRAPHICS_STALE_MODESET", $desc="The specified mode set is stale. Reacquire the new mode set."],
+	[0xC01E0321] = [$id="GRAPHICS_INVALID_MONITOR_SOURCEMODESET", $desc="The specified monitor source mode set is invalid."],
+	[0xC01E0322] = [$id="GRAPHICS_INVALID_MONITOR_SOURCE_MODE", $desc="The specified monitor source mode is invalid."],
+	[0xC01E0323] = [$id="GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN", $desc="The miniport does not have a recommendation regarding the request to provide a functional VidPN given the current display adapter configuration."],
+	[0xC01E0324] = [$id="GRAPHICS_MODE_ID_MUST_BE_UNIQUE", $desc="The ID of the specified mode is being used by another mode in the set."],
+	[0xC01E0325] = [$id="GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION", $desc="The system failed to determine a mode that is supported by both the display adapter and the monitor connected to it."],
+	[0xC01E0326] = [$id="GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES", $desc="The number of video present targets must be greater than or equal to the number of video present sources."],
+	[0xC01E0327] = [$id="GRAPHICS_PATH_NOT_IN_TOPOLOGY", $desc="The specified present path is not in the VidPN's topology."],
+	[0xC01E0328] = [$id="GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE", $desc="The display adapter must have at least one video present source."],
+	[0xC01E0329] = [$id="GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET", $desc="The display adapter must have at least one video present target."],
+	[0xC01E032A] = [$id="GRAPHICS_INVALID_MONITORDESCRIPTORSET", $desc="The specified monitor descriptor set is invalid."],
+	[0xC01E032B] = [$id="GRAPHICS_INVALID_MONITORDESCRIPTOR", $desc="The specified monitor descriptor is invalid."],
+	[0xC01E032C] = [$id="GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET", $desc="The specified descriptor is not in the specified monitor descriptor set."],
+	[0xC01E032D] = [$id="GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET", $desc="The specified descriptor is already in the specified monitor descriptor set."],
+	[0xC01E032E] = [$id="GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE", $desc="The ID of the specified monitor descriptor is being used by another descriptor in the set."],
+	[0xC01E032F] = [$id="GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE", $desc="The specified video present target subset type is invalid."],
+	[0xC01E0330] = [$id="GRAPHICS_RESOURCES_NOT_RELATED", $desc="Two or more of the specified resources are not related to each other, as defined by the interface semantics."],
+	[0xC01E0331] = [$id="GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE", $desc="The ID of the specified video present source is being used by another source in the set."],
+	[0xC01E0332] = [$id="GRAPHICS_TARGET_ID_MUST_BE_UNIQUE", $desc="The ID of the specified video present target is being used by another target in the set."],
+	[0xC01E0333] = [$id="GRAPHICS_NO_AVAILABLE_VIDPN_TARGET", $desc="The specified VidPN source cannot be used because there is no available VidPN target to connect it to."],
+	[0xC01E0334] = [$id="GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER", $desc="The newly arrived monitor could not be associated with a display adapter."],
+	[0xC01E0335] = [$id="GRAPHICS_NO_VIDPNMGR", $desc="The particular display adapter does not have an associated VidPN manager."],
+	[0xC01E0336] = [$id="GRAPHICS_NO_ACTIVE_VIDPN", $desc="The VidPN manager of the particular display adapter does not have an active VidPN."],
+	[0xC01E0337] = [$id="GRAPHICS_STALE_VIDPN_TOPOLOGY", $desc="The specified VidPN topology is stale; obtain the new topology."],
+	[0xC01E0338] = [$id="GRAPHICS_MONITOR_NOT_CONNECTED", $desc="No monitor is connected on the specified video present target."],
+	[0xC01E0339] = [$id="GRAPHICS_SOURCE_NOT_IN_TOPOLOGY", $desc="The specified source is not part of the specified VidPN's topology."],
+	[0xC01E033A] = [$id="GRAPHICS_INVALID_PRIMARYSURFACE_SIZE", $desc="The specified primary surface size is invalid."],
+	[0xC01E033B] = [$id="GRAPHICS_INVALID_VISIBLEREGION_SIZE", $desc="The specified visible region size is invalid."],
+	[0xC01E033C] = [$id="GRAPHICS_INVALID_STRIDE", $desc="The specified stride is invalid."],
+	[0xC01E033D] = [$id="GRAPHICS_INVALID_PIXELFORMAT", $desc="The specified pixel format is invalid."],
+	[0xC01E033E] = [$id="GRAPHICS_INVALID_COLORBASIS", $desc="The specified color basis is invalid."],
+	[0xC01E033F] = [$id="GRAPHICS_INVALID_PIXELVALUEACCESSMODE", $desc="The specified pixel value access mode is invalid."],
+	[0xC01E0340] = [$id="GRAPHICS_TARGET_NOT_IN_TOPOLOGY", $desc="The specified target is not part of the specified VidPN's topology."],
+	[0xC01E0341] = [$id="GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT", $desc="Failed to acquire the display mode management interface."],
+	[0xC01E0342] = [$id="GRAPHICS_VIDPN_SOURCE_IN_USE", $desc="The specified VidPN source is already owned by a DMM client and cannot be used until that client releases it."],
+	[0xC01E0343] = [$id="GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN", $desc="The specified VidPN is active and cannot be accessed."],
+	[0xC01E0344] = [$id="GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL", $desc="The specified VidPN's present path importance ordinal is invalid."],
+	[0xC01E0345] = [$id="GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION", $desc="The specified VidPN's present path content geometry transformation is invalid."],
+	[0xC01E0346] = [$id="GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED", $desc="The specified content geometry transformation is not supported on the respective VidPN present path."],
+	[0xC01E0347] = [$id="GRAPHICS_INVALID_GAMMA_RAMP", $desc="The specified gamma ramp is invalid."],
+	[0xC01E0348] = [$id="GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED", $desc="The specified gamma ramp is not supported on the respective VidPN present path."],
+	[0xC01E0349] = [$id="GRAPHICS_MULTISAMPLING_NOT_SUPPORTED", $desc="Multisampling is not supported on the respective VidPN present path."],
+	[0xC01E034A] = [$id="GRAPHICS_MODE_NOT_IN_MODESET", $desc="The specified mode is not in the specified mode set."],
+	[0xC01E034D] = [$id="GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON", $desc="The specified VidPN topology recommendation reason is invalid."],
+	[0xC01E034E] = [$id="GRAPHICS_INVALID_PATH_CONTENT_TYPE", $desc="The specified VidPN present path content type is invalid."],
+	[0xC01E034F] = [$id="GRAPHICS_INVALID_COPYPROTECTION_TYPE", $desc="The specified VidPN present path copy protection type is invalid."],
+	[0xC01E0350] = [$id="GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS", $desc="Only one unassigned mode set can exist at any one time for a particular VidPN source or target."],
+	[0xC01E0352] = [$id="GRAPHICS_INVALID_SCANLINE_ORDERING", $desc="The specified scan line ordering type is invalid."],
+	[0xC01E0353] = [$id="GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED", $desc="The topology changes are not allowed for the specified VidPN."],
+	[0xC01E0354] = [$id="GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS", $desc="All available importance ordinals are being used in the specified topology."],
+	[0xC01E0355] = [$id="GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT", $desc="The specified primary surface has a different private-format attribute than the current primary surface."],
+	[0xC01E0356] = [$id="GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM", $desc="The specified mode-pruning algorithm is invalid."],
+	[0xC01E0357] = [$id="GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN", $desc="The specified monitor-capability origin is invalid."],
+	[0xC01E0358] = [$id="GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT", $desc="The specified monitor-frequency range constraint is invalid."],
+	[0xC01E0359] = [$id="GRAPHICS_MAX_NUM_PATHS_REACHED", $desc="The maximum supported number of present paths has been reached."],
+	[0xC01E035A] = [$id="GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION", $desc="The miniport requested that augmentation be canceled for the specified source of the specified VidPN's topology."],
+	[0xC01E035B] = [$id="GRAPHICS_INVALID_CLIENT_TYPE", $desc="The specified client type was not recognized."],
+	[0xC01E035C] = [$id="GRAPHICS_CLIENTVIDPN_NOT_SET", $desc="The client VidPN is not set on this adapter (for example, no user mode-initiated mode changes have taken place on this adapter)."],
+	[0xC01E0400] = [$id="GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED", $desc="The specified display adapter child device already has an external device connected to it."],
+	[0xC01E0401] = [$id="GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED", $desc="The display adapter child device does not support reporting a descriptor."],
+	[0xC01E0430] = [$id="GRAPHICS_NOT_A_LINKED_ADAPTER", $desc="The display adapter is not linked to any other adapters."],
+	[0xC01E0431] = [$id="GRAPHICS_LEADLINK_NOT_ENUMERATED", $desc="The lead adapter in a linked configuration was not enumerated yet."],
+	[0xC01E0432] = [$id="GRAPHICS_CHAINLINKS_NOT_ENUMERATED", $desc="Some chain adapters in a linked configuration have not yet been enumerated."],
+	[0xC01E0433] = [$id="GRAPHICS_ADAPTER_CHAIN_NOT_READY", $desc="The chain of linked adapters is not ready to start because of an unknown failure."],
+	[0xC01E0434] = [$id="GRAPHICS_CHAINLINKS_NOT_STARTED", $desc="An attempt was made to start a lead link display adapter when the chain links had not yet started."],
+	[0xC01E0435] = [$id="GRAPHICS_CHAINLINKS_NOT_POWERED_ON", $desc="An attempt was made to turn on a lead link display adapter when the chain links were turned off."],
+	[0xC01E0436] = [$id="GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE", $desc="The adapter link was found in an inconsistent state. Not all adapters are in an expected PNP/power state."],
+	[0xC01E0438] = [$id="GRAPHICS_NOT_POST_DEVICE_DRIVER", $desc="The driver trying to start is not the same as the driver for the posted display adapter."],
+	[0xC01E043B] = [$id="GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED", $desc="An operation is being attempted that requires the display adapter to be in a quiescent state."],
+	[0xC01E0500] = [$id="GRAPHICS_OPM_NOT_SUPPORTED", $desc="The driver does not support OPM."],
+	[0xC01E0501] = [$id="GRAPHICS_COPP_NOT_SUPPORTED", $desc="The driver does not support COPP."],
+	[0xC01E0502] = [$id="GRAPHICS_UAB_NOT_SUPPORTED", $desc="The driver does not support UAB."],
+	[0xC01E0503] = [$id="GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS", $desc="The specified encrypted parameters are invalid."],
+	[0xC01E0504] = [$id="GRAPHICS_OPM_PARAMETER_ARRAY_TOO_SMALL", $desc="An array passed to a function cannot hold all of the data that the function wants to put in it."],
+	[0xC01E0505] = [$id="GRAPHICS_OPM_NO_PROTECTED_OUTPUTS_EXIST", $desc="The GDI display device passed to this function does not have any active protected outputs."],
+	[0xC01E0506] = [$id="GRAPHICS_PVP_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME", $desc="The PVP cannot find an actual GDI display device that corresponds to the passed-in GDI display device name."],
+	[0xC01E0507] = [$id="GRAPHICS_PVP_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP", $desc="This function failed because the GDI display device passed to it was not attached to the Windows desktop."],
+	[0xC01E0508] = [$id="GRAPHICS_PVP_MIRRORING_DEVICES_NOT_SUPPORTED", $desc="The PVP does not support mirroring display devices because they do not have any protected outputs."],
+	[0xC01E050A] = [$id="GRAPHICS_OPM_INVALID_POINTER", $desc="The function failed because an invalid pointer parameter was passed to it. A pointer parameter is invalid if it is null, is not correctly aligned, or it points to an invalid address or a kernel mode address."],
+	[0xC01E050B] = [$id="GRAPHICS_OPM_INTERNAL_ERROR", $desc="An internal error caused an operation to fail."],
+	[0xC01E050C] = [$id="GRAPHICS_OPM_INVALID_HANDLE", $desc="The function failed because the caller passed in an invalid OPM user-mode handle."],
+	[0xC01E050D] = [$id="GRAPHICS_PVP_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE", $desc="This function failed because the GDI device passed to it did not have any monitors associated with it."],
+	[0xC01E050E] = [$id="GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH", $desc="A certificate could not be returned because the certificate buffer passed to the function was too small."],
+	[0xC01E050F] = [$id="GRAPHICS_OPM_SPANNING_MODE_ENABLED", $desc="DxgkDdiOpmCreateProtectedOutput() could not create a protected output because the video present yarget is in spanning mode."],
+	[0xC01E0510] = [$id="GRAPHICS_OPM_THEATER_MODE_ENABLED", $desc="DxgkDdiOpmCreateProtectedOutput() could not create a protected output because the video present target is in theater mode."],
+	[0xC01E0511] = [$id="GRAPHICS_PVP_HFS_FAILED", $desc="The function call failed because the display adapter's hardware functionality scan (HFS) failed to validate the graphics hardware."],
+	[0xC01E0512] = [$id="GRAPHICS_OPM_INVALID_SRM", $desc="The HDCP SRM passed to this function did not comply with section 5 of the HDCP 1.1 specification."],
+	[0xC01E0513] = [$id="GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP", $desc="The protected output cannot enable the HDCP system because it does not support it."],
+	[0xC01E0514] = [$id="GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP", $desc="The protected output cannot enable analog copy protection because it does not support it."],
+	[0xC01E0515] = [$id="GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA", $desc="The protected output cannot enable the CGMS-A protection technology because it does not support it."],
+	[0xC01E0516] = [$id="GRAPHICS_OPM_HDCP_SRM_NEVER_SET", $desc="DxgkDdiOPMGetInformation() cannot return the version of the SRM being used because the application never successfully passed an SRM to the protected output."],
+	[0xC01E0517] = [$id="GRAPHICS_OPM_RESOLUTION_TOO_HIGH", $desc="DxgkDdiOPMConfigureProtectedOutput() cannot enable the specified output protection technology because the output's screen resolution is too high."],
+	[0xC01E0518] = [$id="GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE", $desc="DxgkDdiOPMConfigureProtectedOutput() cannot enable HDCP because other physical outputs are using the display adapter's HDCP hardware."],
+	[0xC01E051A] = [$id="GRAPHICS_OPM_PROTECTED_OUTPUT_NO_LONGER_EXISTS", $desc="The operating system asynchronously destroyed this OPM-protected output because the operating system state changed. This error typically occurs because the monitor PDO associated with this protected output was removed or stopped, the protected output's session became a nonconsole session, or the protected output's desktop became inactive."],
+	[0xC01E051B] = [$id="GRAPHICS_OPM_SESSION_TYPE_CHANGE_IN_PROGRESS", $desc="OPM functions cannot be called when a session is changing its type. Three types of sessions currently exist: console, disconnected, and remote (RDP or ICA)."],
+	[0xC01E051C] = [$id="GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS", $desc="The DxgkDdiOPMGetCOPPCompatibleInformation, DxgkDdiOPMGetInformation, or DxgkDdiOPMConfigureProtectedOutput function failed. This error is returned only if a protected output has OPM semantics. "],
+	[0xC01E051D] = [$id="GRAPHICS_OPM_INVALID_INFORMATION_REQUEST", $desc="The DxgkDdiOPMGetInformation and DxgkDdiOPMGetCOPPCompatibleInformation functions return this error code if the passed-in sequence number is not the expected sequence number or the passed-in OMAC value is invalid."],
+	[0xC01E051E] = [$id="GRAPHICS_OPM_DRIVER_INTERNAL_ERROR", $desc="The function failed because an unexpected error occurred inside a display driver."],
+	[0xC01E051F] = [$id="GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS", $desc="The DxgkDdiOPMGetCOPPCompatibleInformation, DxgkDdiOPMGetInformation, or DxgkDdiOPMConfigureProtectedOutput function failed. This error is returned only if a protected output has COPP semantics. "],
+	[0xC01E0520] = [$id="GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED", $desc="The DxgkDdiOPMGetCOPPCompatibleInformation and DxgkDdiOPMConfigureProtectedOutput functions return this error if the display driver does not support the DXGKMDT_OPM_GET_ACP_AND_CGMSA_SIGNALING and DXGKMDT_OPM_SET_ACP_AND_CGMSA_SIGNALING GUIDs."],
+	[0xC01E0521] = [$id="GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST", $desc="The DxgkDdiOPMConfigureProtectedOutput function returns this error code if the passed-in sequence number is not the expected sequence number or the passed-in OMAC value is invalid."],
+	[0xC01E0580] = [$id="GRAPHICS_I2C_NOT_SUPPORTED", $desc="The monitor connected to the specified video output does not have an I2C bus."],
+	[0xC01E0581] = [$id="GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST", $desc="No device on the I2C bus has the specified address."],
+	[0xC01E0582] = [$id="GRAPHICS_I2C_ERROR_TRANSMITTING_DATA", $desc="An error occurred while transmitting data to the device on the I2C bus."],
+	[0xC01E0583] = [$id="GRAPHICS_I2C_ERROR_RECEIVING_DATA", $desc="An error occurred while receiving data from the device on the I2C bus."],
+	[0xC01E0584] = [$id="GRAPHICS_DDCCI_VCP_NOT_SUPPORTED", $desc="The monitor does not support the specified VCP code."],
+	[0xC01E0585] = [$id="GRAPHICS_DDCCI_INVALID_DATA", $desc="The data received from the monitor is invalid."],
+	[0xC01E0586] = [$id="GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE", $desc="A function call failed because a monitor returned an invalid timing status byte when the operating system used the DDC/CI get timing report and timing message command to get a timing report from a monitor."],
+	[0xC01E0587] = [$id="GRAPHICS_DDCCI_INVALID_CAPABILITIES_STRING", $desc="A monitor returned a DDC/CI capabilities string that did not comply with the ACCESS.bus 3.0, DDC/CI 1.1, or MCCS 2 Revision 1 specification."],
+	[0xC01E0588] = [$id="GRAPHICS_MCA_INTERNAL_ERROR", $desc="An internal error caused an operation to fail."],
+	[0xC01E0589] = [$id="GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND", $desc="An operation failed because a DDC/CI message had an invalid value in its command field."],
+	[0xC01E058A] = [$id="GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH", $desc="This error occurred because a DDC/CI message had an invalid value in its length field."],
+	[0xC01E058B] = [$id="GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM", $desc="This error occurred because the value in a DDC/CI message's checksum field did not match the message's computed checksum value. This error implies that the data was corrupted while it was being transmitted from a monitor to a computer."],
+	[0xC01E058C] = [$id="GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE", $desc="This function failed because an invalid monitor handle was passed to it."],
+	[0xC01E058D] = [$id="GRAPHICS_MONITOR_NO_LONGER_EXISTS", $desc="The operating system asynchronously destroyed the monitor that corresponds to this handle because the operating system's state changed. This error typically occurs because the monitor PDO associated with this handle was removed or stopped, or a display mode change occurred. A display mode change occurs when Windows sends a WM_DISPLAYCHANGE message to applications."],
+	[0xC01E05E0] = [$id="GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED", $desc="This function can be used only if a program is running in the local console session. It cannot be used if a program is running on a remote desktop session or on a terminal server session."],
+	[0xC01E05E1] = [$id="GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME", $desc="This function cannot find an actual GDI display device that corresponds to the specified GDI display device name."],
+	[0xC01E05E2] = [$id="GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP", $desc="The function failed because the specified GDI display device was not attached to the Windows desktop."],
+	[0xC01E05E3] = [$id="GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED", $desc="This function does not support GDI mirroring display devices because GDI mirroring display devices do not have any physical monitors associated with them."],
+	[0xC01E05E4] = [$id="GRAPHICS_INVALID_POINTER", $desc="The function failed because an invalid pointer parameter was passed to it. A pointer parameter is invalid if it is null, is not correctly aligned, or points to an invalid address or to a kernel mode address."],
+	[0xC01E05E5] = [$id="GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE", $desc="This function failed because the GDI device passed to it did not have a monitor associated with it."],
+	[0xC01E05E6] = [$id="GRAPHICS_PARAMETER_ARRAY_TOO_SMALL", $desc="An array passed to the function cannot hold all of the data that the function must copy into the array."],
+	[0xC01E05E7] = [$id="GRAPHICS_INTERNAL_ERROR", $desc="An internal error caused an operation to fail."],
+	[0xC01E05E8] = [$id="GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS", $desc="The function failed because the current session is changing its type. This function cannot be called when the current session is changing its type. Three types of sessions currently exist: console, disconnected, and remote (RDP or ICA)."],
+	[0xC0210000] = [$id="FVE_LOCKED_VOLUME", $desc="The volume must be unlocked before it can be used."],
+	[0xC0210001] = [$id="FVE_NOT_ENCRYPTED", $desc="The volume is fully decrypted and no key is available."],
+	[0xC0210002] = [$id="FVE_BAD_INFORMATION", $desc="The control block for the encrypted volume is not valid."],
+	[0xC0210003] = [$id="FVE_TOO_SMALL", $desc="Not enough free space remains on the volume to allow encryption."],
+	[0xC0210004] = [$id="FVE_FAILED_WRONG_FS", $desc="The partition cannot be encrypted because the file system is not supported."],
+	[0xC0210005] = [$id="FVE_FAILED_BAD_FS", $desc="The file system is inconsistent. Run the Check Disk utility."],
+	[0xC0210006] = [$id="FVE_FS_NOT_EXTENDED", $desc="The file system does not extend to the end of the volume."],
+	[0xC0210007] = [$id="FVE_FS_MOUNTED", $desc="This operation cannot be performed while a file system is mounted on the volume."],
+	[0xC0210008] = [$id="FVE_NO_LICENSE", $desc="BitLocker Drive Encryption is not included with this version of Windows."],
+	[0xC0210009] = [$id="FVE_ACTION_NOT_ALLOWED", $desc="The requested action was denied by the FVE control engine."],
+	[0xC021000A] = [$id="FVE_BAD_DATA", $desc="The data supplied is malformed."],
+	[0xC021000B] = [$id="FVE_VOLUME_NOT_BOUND", $desc="The volume is not bound to the system."],
+	[0xC021000C] = [$id="FVE_NOT_DATA_VOLUME", $desc="The volume specified is not a data volume."],
+	[0xC021000D] = [$id="FVE_CONV_READ_ERROR", $desc="A read operation failed while converting the volume."],
+	[0xC021000E] = [$id="FVE_CONV_WRITE_ERROR", $desc="A write operation failed while converting the volume."],
+	[0xC021000F] = [$id="FVE_OVERLAPPED_UPDATE", $desc="The control block for the encrypted volume was updated by another thread. Try again."],
+	[0xC0210010] = [$id="FVE_FAILED_SECTOR_SIZE", $desc="The volume encryption algorithm cannot be used on this sector size."],
+	[0xC0210011] = [$id="FVE_FAILED_AUTHENTICATION", $desc="BitLocker recovery authentication failed."],
+	[0xC0210012] = [$id="FVE_NOT_OS_VOLUME", $desc="The volume specified is not the boot operating system volume."],
+	[0xC0210013] = [$id="FVE_KEYFILE_NOT_FOUND", $desc="The BitLocker startup key or recovery password could not be read from external media."],
+	[0xC0210014] = [$id="FVE_KEYFILE_INVALID", $desc="The BitLocker startup key or recovery password file is corrupt or invalid."],
+	[0xC0210015] = [$id="FVE_KEYFILE_NO_VMK", $desc="The BitLocker encryption key could not be obtained from the startup key or the recovery password."],
+	[0xC0210016] = [$id="FVE_TPM_DISABLED", $desc="The TPM is disabled."],
+	[0xC0210017] = [$id="FVE_TPM_SRK_AUTH_NOT_ZERO", $desc="The authorization data for the SRK of the TPM is not zero."],
+	[0xC0210018] = [$id="FVE_TPM_INVALID_PCR", $desc="The system boot information changed or the TPM locked out access to BitLocker encryption keys until the computer is restarted."],
+	[0xC0210019] = [$id="FVE_TPM_NO_VMK", $desc="The BitLocker encryption key could not be obtained from the TPM."],
+	[0xC021001A] = [$id="FVE_PIN_INVALID", $desc="The BitLocker encryption key could not be obtained from the TPM and PIN."],
+	[0xC021001B] = [$id="FVE_AUTH_INVALID_APPLICATION", $desc="A boot application hash does not match the hash computed when BitLocker was turned on."],
+	[0xC021001C] = [$id="FVE_AUTH_INVALID_CONFIG", $desc="The Boot Configuration Data (BCD) settings are not supported or have changed because BitLocker was enabled."],
+	[0xC021001D] = [$id="FVE_DEBUGGER_ENABLED", $desc="Boot debugging is enabled. Run Windows Boot Configuration Data Store Editor (bcdedit.exe) to turn it off."],
+	[0xC021001E] = [$id="FVE_DRY_RUN_FAILED", $desc="The BitLocker encryption key could not be obtained."],
+	[0xC021001F] = [$id="FVE_BAD_METADATA_POINTER", $desc="The metadata disk region pointer is incorrect."],
+	[0xC0210020] = [$id="FVE_OLD_METADATA_COPY", $desc="The backup copy of the metadata is out of date."],
+	[0xC0210021] = [$id="FVE_REBOOT_REQUIRED", $desc="No action was taken because a system restart is required."],
+	[0xC0210022] = [$id="FVE_RAW_ACCESS", $desc="No action was taken because BitLocker Drive Encryption is in RAW access mode."],
+	[0xC0210023] = [$id="FVE_RAW_BLOCKED", $desc="BitLocker Drive Encryption cannot enter RAW access mode for this volume."],
+	[0xC0210026] = [$id="FVE_NO_FEATURE_LICENSE", $desc="This feature of BitLocker Drive Encryption is not included with this version of Windows."],
+	[0xC0210027] = [$id="FVE_POLICY_USER_DISABLE_RDV_NOT_ALLOWED", $desc="Group policy does not permit turning off BitLocker Drive Encryption on roaming data volumes."],
+	[0xC0210028] = [$id="FVE_CONV_RECOVERY_FAILED", $desc="Bitlocker Drive Encryption failed to recover from aborted conversion. This could be due to either all conversion logs being corrupted or the media being write-protected."],
+	[0xC0210029] = [$id="FVE_VIRTUALIZED_SPACE_TOO_BIG", $desc="The requested virtualization size is too big."],
+	[0xC0210030] = [$id="FVE_VOLUME_TOO_SMALL", $desc="The drive is too small to be protected using BitLocker Drive Encryption."],
+	[0xC0220001] = [$id="FWP_CALLOUT_NOT_FOUND", $desc="The callout does not exist."],
+	[0xC0220002] = [$id="FWP_CONDITION_NOT_FOUND", $desc="The filter condition does not exist."],
+	[0xC0220003] = [$id="FWP_FILTER_NOT_FOUND", $desc="The filter does not exist."],
+	[0xC0220004] = [$id="FWP_LAYER_NOT_FOUND", $desc="The layer does not exist."],
+	[0xC0220005] = [$id="FWP_PROVIDER_NOT_FOUND", $desc="The provider does not exist."],
+	[0xC0220006] = [$id="FWP_PROVIDER_CONTEXT_NOT_FOUND", $desc="The provider context does not exist."],
+	[0xC0220007] = [$id="FWP_SUBLAYER_NOT_FOUND", $desc="The sublayer does not exist."],
+	[0xC0220008] = [$id="FWP_NOT_FOUND", $desc="The object does not exist."],
+	[0xC0220009] = [$id="FWP_ALREADY_EXISTS", $desc="An object with that GUID or LUID already exists."],
+	[0xC022000A] = [$id="FWP_IN_USE", $desc="The object is referenced by other objects and cannot be deleted."],
+	[0xC022000B] = [$id="FWP_DYNAMIC_SESSION_IN_PROGRESS", $desc="The call is not allowed from within a dynamic session."],
+	[0xC022000C] = [$id="FWP_WRONG_SESSION", $desc="The call was made from the wrong session and cannot be completed."],
+	[0xC022000D] = [$id="FWP_NO_TXN_IN_PROGRESS", $desc="The call must be made from within an explicit transaction."],
+	[0xC022000E] = [$id="FWP_TXN_IN_PROGRESS", $desc="The call is not allowed from within an explicit transaction."],
+	[0xC022000F] = [$id="FWP_TXN_ABORTED", $desc="The explicit transaction has been forcibly canceled."],
+	[0xC0220010] = [$id="FWP_SESSION_ABORTED", $desc="The session has been canceled."],
+	[0xC0220011] = [$id="FWP_INCOMPATIBLE_TXN", $desc="The call is not allowed from within a read-only transaction."],
+	[0xC0220012] = [$id="FWP_TIMEOUT", $desc="The call timed out while waiting to acquire the transaction lock."],
+	[0xC0220013] = [$id="FWP_NET_EVENTS_DISABLED", $desc="The collection of network diagnostic events is disabled."],
+	[0xC0220014] = [$id="FWP_INCOMPATIBLE_LAYER", $desc="The operation is not supported by the specified layer."],
+	[0xC0220015] = [$id="FWP_KM_CLIENTS_ONLY", $desc="The call is allowed for kernel-mode callers only."],
+	[0xC0220016] = [$id="FWP_LIFETIME_MISMATCH", $desc="The call tried to associate two objects with incompatible lifetimes."],
+	[0xC0220017] = [$id="FWP_BUILTIN_OBJECT", $desc="The object is built-in and cannot be deleted."],
+	[0xC0220018] = [$id="FWP_TOO_MANY_BOOTTIME_FILTERS", $desc="The maximum number of boot-time filters has been reached."],
+	[0xC0220019] = [$id="FWP_NOTIFICATION_DROPPED", $desc="A notification could not be delivered because a message queue has reached maximum capacity."],
+	[0xC022001A] = [$id="FWP_TRAFFIC_MISMATCH", $desc="The traffic parameters do not match those for the security association context."],
+	[0xC022001B] = [$id="FWP_INCOMPATIBLE_SA_STATE", $desc="The call is not allowed for the current security association state."],
+	[0xC022001C] = [$id="FWP_NULL_POINTER", $desc="A required pointer is null."],
+	[0xC022001D] = [$id="FWP_INVALID_ENUMERATOR", $desc="An enumerator is not valid."],
+	[0xC022001E] = [$id="FWP_INVALID_FLAGS", $desc="The flags field contains an invalid value."],
+	[0xC022001F] = [$id="FWP_INVALID_NET_MASK", $desc="A network mask is not valid."],
+	[0xC0220020] = [$id="FWP_INVALID_RANGE", $desc="An FWP_RANGE is not valid."],
+	[0xC0220021] = [$id="FWP_INVALID_INTERVAL", $desc="The time interval is not valid."],
+	[0xC0220022] = [$id="FWP_ZERO_LENGTH_ARRAY", $desc="An array that must contain at least one element has a zero length."],
+	[0xC0220023] = [$id="FWP_NULL_DISPLAY_NAME", $desc="The displayData.name field cannot be null."],
+	[0xC0220024] = [$id="FWP_INVALID_ACTION_TYPE", $desc="The action type is not one of the allowed action types for a filter."],
+	[0xC0220025] = [$id="FWP_INVALID_WEIGHT", $desc="The filter weight is not valid."],
+	[0xC0220026] = [$id="FWP_MATCH_TYPE_MISMATCH", $desc="A filter condition contains a match type that is not compatible with the operands."],
+	[0xC0220027] = [$id="FWP_TYPE_MISMATCH", $desc="An FWP_VALUE or FWPM_CONDITION_VALUE is of the wrong type."],
+	[0xC0220028] = [$id="FWP_OUT_OF_BOUNDS", $desc="An integer value is outside the allowed range."],
+	[0xC0220029] = [$id="FWP_RESERVED", $desc="A reserved field is nonzero."],
+	[0xC022002A] = [$id="FWP_DUPLICATE_CONDITION", $desc="A filter cannot contain multiple conditions operating on a single field."],
+	[0xC022002B] = [$id="FWP_DUPLICATE_KEYMOD", $desc="A policy cannot contain the same keying module more than once."],
+	[0xC022002C] = [$id="FWP_ACTION_INCOMPATIBLE_WITH_LAYER", $desc="The action type is not compatible with the layer."],
+	[0xC022002D] = [$id="FWP_ACTION_INCOMPATIBLE_WITH_SUBLAYER", $desc="The action type is not compatible with the sublayer."],
+	[0xC022002E] = [$id="FWP_CONTEXT_INCOMPATIBLE_WITH_LAYER", $desc="The raw context or the provider context is not compatible with the layer."],
+	[0xC022002F] = [$id="FWP_CONTEXT_INCOMPATIBLE_WITH_CALLOUT", $desc="The raw context or the provider context is not compatible with the callout."],
+	[0xC0220030] = [$id="FWP_INCOMPATIBLE_AUTH_METHOD", $desc="The authentication method is not compatible with the policy type."],
+	[0xC0220031] = [$id="FWP_INCOMPATIBLE_DH_GROUP", $desc="The Diffie-Hellman group is not compatible with the policy type."],
+	[0xC0220032] = [$id="FWP_EM_NOT_SUPPORTED", $desc="An IKE policy cannot contain an Extended Mode policy."],
+	[0xC0220033] = [$id="FWP_NEVER_MATCH", $desc="The enumeration template or subscription will never match any objects."],
+	[0xC0220034] = [$id="FWP_PROVIDER_CONTEXT_MISMATCH", $desc="The provider context is of the wrong type."],
+	[0xC0220035] = [$id="FWP_INVALID_PARAMETER", $desc="The parameter is incorrect."],
+	[0xC0220036] = [$id="FWP_TOO_MANY_SUBLAYERS", $desc="The maximum number of sublayers has been reached."],
+	[0xC0220037] = [$id="FWP_CALLOUT_NOTIFICATION_FAILED", $desc="The notification function for a callout returned an error."],
+	[0xC0220038] = [$id="FWP_INCOMPATIBLE_AUTH_CONFIG", $desc="The IPsec authentication configuration is not compatible with the authentication type."],
+	[0xC0220039] = [$id="FWP_INCOMPATIBLE_CIPHER_CONFIG", $desc="The IPsec cipher configuration is not compatible with the cipher type."],
+	[0xC022003C] = [$id="FWP_DUPLICATE_AUTH_METHOD", $desc="A policy cannot contain the same auth method more than once."],
+	[0xC0220100] = [$id="FWP_TCPIP_NOT_READY", $desc="The TCP/IP stack is not ready."],
+	[0xC0220101] = [$id="FWP_INJECT_HANDLE_CLOSING", $desc="The injection handle is being closed by another thread."],
+	[0xC0220102] = [$id="FWP_INJECT_HANDLE_STALE", $desc="The injection handle is stale."],
+	[0xC0220103] = [$id="FWP_CANNOT_PEND", $desc="The classify cannot be pended."],
+	[0xC0230002] = [$id="NDIS_CLOSING", $desc="The binding to the network interface is being closed."],
+	[0xC0230004] = [$id="NDIS_BAD_VERSION", $desc="An invalid version was specified."],
+	[0xC0230005] = [$id="NDIS_BAD_CHARACTERISTICS", $desc="An invalid characteristics table was used."],
+	[0xC0230006] = [$id="NDIS_ADAPTER_NOT_FOUND", $desc="Failed to find the network interface or the network interface is not ready."],
+	[0xC0230007] = [$id="NDIS_OPEN_FAILED", $desc="Failed to open the network interface."],
+	[0xC0230008] = [$id="NDIS_DEVICE_FAILED", $desc="The network interface has encountered an internal unrecoverable failure."],
+	[0xC0230009] = [$id="NDIS_MULTICAST_FULL", $desc="The multicast list on the network interface is full."],
+	[0xC023000A] = [$id="NDIS_MULTICAST_EXISTS", $desc="An attempt was made to add a duplicate multicast address to the list."],
+	[0xC023000B] = [$id="NDIS_MULTICAST_NOT_FOUND", $desc="At attempt was made to remove a multicast address that was never added."],
+	[0xC023000C] = [$id="NDIS_REQUEST_ABORTED", $desc="The network interface aborted the request."],
+	[0xC023000D] = [$id="NDIS_RESET_IN_PROGRESS", $desc="The network interface cannot process the request because it is being reset."],
+	[0xC023000F] = [$id="NDIS_INVALID_PACKET", $desc="An attempt was made to send an invalid packet on a network interface."],
+	[0xC0230010] = [$id="NDIS_INVALID_DEVICE_REQUEST", $desc="The specified request is not a valid operation for the target device."],
+	[0xC0230011] = [$id="NDIS_ADAPTER_NOT_READY", $desc="The network interface is not ready to complete this operation."],
+	[0xC0230014] = [$id="NDIS_INVALID_LENGTH", $desc="The length of the buffer submitted for this operation is not valid."],
+	[0xC0230015] = [$id="NDIS_INVALID_DATA", $desc="The data used for this operation is not valid."],
+	[0xC0230016] = [$id="NDIS_BUFFER_TOO_SHORT", $desc="The length of the submitted buffer for this operation is too small."],
+	[0xC0230017] = [$id="NDIS_INVALID_OID", $desc="The network interface does not support this object identifier."],
+	[0xC0230018] = [$id="NDIS_ADAPTER_REMOVED", $desc="The network interface has been removed."],
+	[0xC0230019] = [$id="NDIS_UNSUPPORTED_MEDIA", $desc="The network interface does not support this media type."],
+	[0xC023001A] = [$id="NDIS_GROUP_ADDRESS_IN_USE", $desc="An attempt was made to remove a token ring group address that is in use by other components."],
+	[0xC023001B] = [$id="NDIS_FILE_NOT_FOUND", $desc="An attempt was made to map a file that cannot be found."],
+	[0xC023001C] = [$id="NDIS_ERROR_READING_FILE", $desc="An error occurred while NDIS tried to map the file."],
+	[0xC023001D] = [$id="NDIS_ALREADY_MAPPED", $desc="An attempt was made to map a file that is already mapped."],
+	[0xC023001E] = [$id="NDIS_RESOURCE_CONFLICT", $desc="An attempt to allocate a hardware resource failed because the resource is used by another component."],
+	[0xC023001F] = [$id="NDIS_MEDIA_DISCONNECTED", $desc="The I/O operation failed because the network media is disconnected or the wireless access point is out of range."],
+	[0xC0230022] = [$id="NDIS_INVALID_ADDRESS", $desc="The network address used in the request is invalid."],
+	[0xC023002A] = [$id="NDIS_PAUSED", $desc="The offload operation on the network interface has been paused."],
+	[0xC023002B] = [$id="NDIS_INTERFACE_NOT_FOUND", $desc="The network interface was not found."],
+	[0xC023002C] = [$id="NDIS_UNSUPPORTED_REVISION", $desc="The revision number specified in the structure is not supported."],
+	[0xC023002D] = [$id="NDIS_INVALID_PORT", $desc="The specified port does not exist on this network interface."],
+	[0xC023002E] = [$id="NDIS_INVALID_PORT_STATE", $desc="The current state of the specified port on this network interface does not support the requested operation."],
+	[0xC023002F] = [$id="NDIS_LOW_POWER_STATE", $desc="The miniport adapter is in a lower power state."],
+	[0xC02300BB] = [$id="NDIS_NOT_SUPPORTED", $desc="The network interface does not support this request."],
+	[0xC023100F] = [$id="NDIS_OFFLOAD_POLICY", $desc="The TCP connection is not offloadable because of a local policy setting."],
+	[0xC0231012] = [$id="NDIS_OFFLOAD_CONNECTION_REJECTED", $desc="The TCP connection is not offloadable by the Chimney offload target."],
+	[0xC0231013] = [$id="NDIS_OFFLOAD_PATH_REJECTED", $desc="The IP Path object is not in an offloadable state."],
+	[0xC0232000] = [$id="NDIS_DOT11_AUTO_CONFIG_ENABLED", $desc="The wireless LAN interface is in auto-configuration mode and does not support the requested parameter change operation."],
+	[0xC0232001] = [$id="NDIS_DOT11_MEDIA_IN_USE", $desc="The wireless LAN interface is busy and cannot perform the requested operation."],
+	[0xC0232002] = [$id="NDIS_DOT11_POWER_STATE_INVALID", $desc="The wireless LAN interface is power down and does not support the requested operation."],
+	[0xC0232003] = [$id="NDIS_PM_WOL_PATTERN_LIST_FULL", $desc="The list of wake on LAN patterns is full."],
+	[0xC0232004] = [$id="NDIS_PM_PROTOCOL_OFFLOAD_LIST_FULL", $desc="The list of low power protocol offloads is full."],
+	[0xC0360001] = [$id="IPSEC_BAD_SPI", $desc="The SPI in the packet does not match a valid IPsec SA."],
+	[0xC0360002] = [$id="IPSEC_SA_LIFETIME_EXPIRED", $desc="The packet was received on an IPsec SA whose lifetime has expired."],
+	[0xC0360003] = [$id="IPSEC_WRONG_SA", $desc="The packet was received on an IPsec SA that does not match the packet characteristics."],
+	[0xC0360004] = [$id="IPSEC_REPLAY_CHECK_FAILED", $desc="The packet sequence number replay check failed."],
+	[0xC0360005] = [$id="IPSEC_INVALID_PACKET", $desc="The IPsec header and/or trailer in the packet is invalid."],
+	[0xC0360006] = [$id="IPSEC_INTEGRITY_CHECK_FAILED", $desc="The IPsec integrity check failed."],
+	[0xC0360007] = [$id="IPSEC_CLEAR_TEXT_DROP", $desc="IPsec dropped a clear text packet."],
+	[0xC0360008] = [$id="IPSEC_AUTH_FIREWALL_DROP", $desc="IPsec dropped an incoming ESP packet in authenticated firewall mode.  This drop is benign."],
+	[0xC0360009] = [$id="IPSEC_THROTTLE_DROP", $desc="IPsec dropped a packet due to DOS throttle."],
+	[0xC0368000] = [$id="IPSEC_DOSP_BLOCK", $desc="IPsec Dos Protection matched an explicit block rule."],
+	[0xC0368001] = [$id="IPSEC_DOSP_RECEIVED_MULTICAST", $desc="IPsec Dos Protection received an IPsec specific multicast packet which is not allowed."],
+	[0xC0368002] = [$id="IPSEC_DOSP_INVALID_PACKET", $desc="IPsec Dos Protection received an incorrectly formatted packet."],
+	[0xC0368003] = [$id="IPSEC_DOSP_STATE_LOOKUP_FAILED", $desc="IPsec Dos Protection failed to lookup state."],
+	[0xC0368004] = [$id="IPSEC_DOSP_MAX_ENTRIES", $desc="IPsec Dos Protection failed to create state because there are already maximum number of entries allowed by policy."],
+	[0xC0368005] = [$id="IPSEC_DOSP_KEYMOD_NOT_ALLOWED", $desc="IPsec Dos Protection received an IPsec negotiation packet for a keying module which is not allowed by policy."],
+	[0xC0368006] = [$id="IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES", $desc="IPsec Dos Protection failed to create per internal IP ratelimit queue because there is already maximum number of queues allowed by policy."],
+	[0xC038005B] = [$id="VOLMGR_MIRROR_NOT_SUPPORTED", $desc="The system does not support mirrored volumes."],
+	[0xC038005C] = [$id="VOLMGR_RAID5_NOT_SUPPORTED", $desc="The system does not support RAID-5 volumes."],
+	[0xC03A0014] = [$id="VIRTDISK_PROVIDER_NOT_FOUND", $desc="A virtual disk support provider for the specified file was not found."],
+	[0xC03A0015] = [$id="VIRTDISK_NOT_VIRTUAL_DISK", $desc="The specified disk is not a virtual disk."],
+	[0xC03A0016] = [$id="VHD_PARENT_VHD_ACCESS_DENIED", $desc="The chain of virtual hard disks is inaccessible. The process has not been granted access rights to the parent virtual hard disk for the differencing disk."],
+	[0xC03A0017] = [$id="VHD_CHILD_PARENT_SIZE_MISMATCH", $desc="The chain of virtual hard disks is corrupted. There is a mismatch in the virtual sizes of the parent virtual hard disk and differencing disk."],
+	[0xC03A0018] = [$id="VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED", $desc="The chain of virtual hard disks is corrupted. A differencing disk is indicated in its own parent chain."],
+	[0xC03A0019] = [$id="VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT", $desc="The chain of virtual hard disks is inaccessible. There was an error opening a virtual hard disk further up the chain."],
+};
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.bro
new file mode 100644
index 0000000000..681fcb3c17
--- /dev/null
+++ b/scripts/base/protocols/smb/consts.bro
@@ -0,0 +1,130 @@
+module SMB;
+
+export {
+	type StatusCode: record {
+		id: string;
+		desc: string;
+	};
+
+	const statuses: table[count] of StatusCode = {
+		[0x00000000] = [$id="SUCCESS", $desc="The operation completed successfully."],
+	} &redef &default=function(i: count):StatusCode { local unknown=fmt("unknown-%d", i); return [$id=unknown, $desc=unknown]; };
+}
+
+module SMB1;
+
+export {
+	const commands: table[count] of string = {
+		[0x00] = "CREATE_DIRECTORY",
+		[0x01] = "DELETE_DIRECTORY",
+		[0x02] = "OPEN",
+		[0x03] = "CREATE",
+		[0x04] = "CLOSE",
+		[0x05] = "FLUSH",
+		[0x06] = "DELETE",
+		[0x07] = "RENAME",
+		[0x08] = "QUERY_INFORMATION",
+		[0x09] = "SET_INFORMATION",
+		[0x0A] = "READ",
+		[0x0B] = "WRITE",
+		[0x0C] = "LOCK_BYTE_RANGE",
+		[0x0D] = "UNLOCK_BYTE_RANGE",
+		[0x0E] = "CREATE_TEMPORARY",
+		[0x0F] = "CREATE_NEW",
+		[0x10] = "CHECK_DIRECTORY",
+		[0x11] = "PROCESS_EXIT",
+		[0x12] = "SEEK",
+		[0x13] = "LOCK_AND_READ",
+		[0x14] = "WRITE_AND_UNLOCK",
+		[0x1A] = "READ_RAW",
+		[0x1B] = "READ_MPX",
+		[0x1C] = "READ_MPX_SECONDARY",
+		[0x1D] = "WRITE_RAW",
+		[0x1E] = "WRITE_MPX",
+		[0x1F] = "WRITE_MPX_SECONDARY",
+		[0x20] = "WRITE_COMPLETE",
+		[0x21] = "QUERY_SERVER",
+		[0x22] = "SET_INFORMATION2",
+		[0x23] = "QUERY_INFORMATION2",
+		[0x24] = "LOCKING_ANDX",
+		[0x25] = "TRANSACTION",
+		[0x26] = "TRANSACTION_SECONDARY",
+		[0x27] = "IOCTL",
+		[0x28] = "IOCTL_SECONDARY",
+		[0x29] = "COPY",
+		[0x2A] = "MOVE",
+		[0x2B] = "ECHO",
+		[0x2C] = "WRITE_AND_CLOSE",
+		[0x2D] = "OPEN_ANDX",
+		[0x2E] = "READ_ANDX",
+		[0x2F] = "WRITE_ANDX",
+		[0x30] = "NEW_FILE_SIZE",
+		[0x31] = "CLOSE_AND_TREE_DISC",
+		[0x32] = "TRANSACTION2",
+		[0x33] = "TRANSACTION2_SECONDARY",
+		[0x34] = "FIND_CLOSE2",
+		[0x35] = "FIND_NOTIFY_CLOSE",
+		[0x70] = "TREE_CONNECT",
+		[0x71] = "TREE_DISCONNECT",
+		[0x72] = "NEGOTIATE",
+		[0x73] = "SESSION_SETUP_ANDX",
+		[0x74] = "LOGOFF_ANDX",
+		[0x75] = "TREE_CONNECT_ANDX",
+		[0x80] = "QUERY_INFORMATION_DISK",
+		[0x81] = "SEARCH",
+		[0x82] = "FIND",
+		[0x83] = "FIND_UNIQUE",
+		[0x84] = "FIND_CLOSE",
+		[0xA0] = "NT_TRANSACT",
+		[0xA1] = "NT_TRANSACT_SECONDARY",
+		[0xA2] = "NT_CREATE_ANDX",
+		[0xA4] = "NT_CANCEL",
+		[0xA5] = "NT_RENAME",
+		[0xC0] = "OPEN_PRINT_FILE",
+		[0xC1] = "WRITE_PRINT_FILE",
+		[0xC2] = "CLOSE_PRINT_FILE",
+		[0xC3] = "GET_PRINT_QUEUE",
+		[0xD8] = "READ_BULK",
+		[0xD9] = "WRITE_BULK",
+		[0xDA] = "WRITE_BULK_DATA",
+	} &default=function(i: count):string { return fmt("unknown-%d", i); };
+}
+
+module SMB2;
+
+export {
+	const commands: table[count] of string = {
+		[0]  = "NEGOTIATE_PROTOCOL",
+		[1]  = "SESSION_SETUP",
+		[2]  = "LOGOFF",
+		[3]  = "TREE_CONNECT",
+		[4]  = "TREE_DISCONNECT",
+		[5]  = "CREATE",
+		[6]  = "CLOSE",
+		[7]  = "FLUSH",
+		[8]  = "READ",
+		[9]  = "WRITE",
+		[10] = "LOCK",
+		[11] = "IOCTL",
+		[12] = "CANCEL",
+		[13] = "ECHO",
+		[14] = "QUERY_DIRECTORY",
+		[15] = "CHANGE_NOTIFY",
+		[16] = "QUERY_INFO",
+		[17] = "SET_INFO",
+		[18] = "OPLOCK_BREAK"
+	} &default=function(i: count): string { return fmt("unknown-%d", i); };
+
+	const dialects: table[count] of string = {
+		[0x0202] = "2.002",
+		[0x0210] = "2.1",
+		[0x0300] = "3.0",
+		[0x0302] = "3.02",
+	} &default=function(i: count): string { return fmt("unknown-%d", i); };
+
+	const share_types: table[count] of string = {
+		[1] = "DISK",
+		[2] = "PIPE",
+		[3] = "PRINT",
+	} &default=function(i: count): string { return fmt("unknown-%d", i); };
+}
diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.bro
new file mode 100644
index 0000000000..dde3d179a7
--- /dev/null
+++ b/scripts/base/protocols/smb/files.bro
@@ -0,0 +1,63 @@
+@load base/frameworks/files
+
+module SMB;
+
+export {
+	## Default file handle provider for SMB.
+	global get_file_handle: function(c: connection, is_orig: bool): string;
+
+	## Default file describer for SMB.
+	global describe_file: function(f: fa_file): string;
+}
+
+function get_file_handle(c: connection, is_orig: bool): string
+	{
+	if ( ! (c$smb?$current_file &&
+	        ((c$smb$current_file?$name && c$smb$current_file$name !in pipe_names) || 
+	         c$smb$current_file?$path)) )
+		{
+		# TODO: figure out what are the cases where this happens.
+		return "";
+		}
+
+	local current_file = c$smb$current_file;
+	local path_name = current_file?$path ? current_file$path : "";
+	local file_name = current_file?$name ? current_file$name : "";
+	# Include last_mod time if available because if a file has been modified it
+	# should be considered a new file.
+	local last_mod  = current_file?$times ? current_file$times$modified : double_to_time(0.0);
+	return cat(Analyzer::ANALYZER_SMB, c$id$orig_h, c$id$resp_h, path_name, file_name, last_mod);
+	}
+
+function describe_file(f: fa_file): string
+	{
+	# This shouldn't be needed, but just in case...
+	if ( f$source != "SMB" )
+		return "";
+
+	for ( cid in f$conns )
+		{
+		local info = f$conns[cid];
+		if ( info?$smb && info$smb?$current_file && info$smb$current_file?$name )
+			return info$smb$current_file$name;
+		}
+	return "";
+	}
+
+event bro_init() &priority=5
+	{
+	Files::register_protocol(Analyzer::ANALYZER_SMB,
+	                         [$get_file_handle = SMB::get_file_handle,
+	                          $describe        = SMB::describe_file]);
+	}
+
+event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priority=5
+	{
+	if ( c?$smb && c$smb?$current_file )
+		{
+		c$smb$current_file$fuid = f$id;
+
+		if ( c$smb$current_file?$name )
+			f$info$filename = c$smb$current_file$name;
+		}
+	}
diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
new file mode 100644
index 0000000000..945a0ee01d
--- /dev/null
+++ b/scripts/base/protocols/smb/main.bro
@@ -0,0 +1,199 @@
+module SMB;
+
+export {
+	redef enum Log::ID += { 
+		CMD_LOG,
+		MAPPING_LOG,
+		FILES_LOG
+	};
+	
+	## Abstracted actions for SMB file actions.
+	type FileAction: enum {
+		FILE_READ,
+		FILE_WRITE,
+		FILE_OPEN,
+		FILE_CLOSE,
+		FILE_UNKNOWN,
+	};
+
+	const logged_file_actions: set[FileAction] = {
+		FILE_OPEN,
+		FILE_READ,
+		FILE_WRITE,
+	};
+
+	## These are files names that are used for special 
+	## cases by the file system and would not be 
+	## considered "normal" files.
+	const pipe_names: set[string] = {
+		"\\netdfs",
+		"\\spoolss",
+		"\\NETLOGON",
+		"\\winreg",
+		"\\lsarpc",
+		"\\samr",
+		"\\srvsvc",
+		"srvsvc",
+		"MsFteWds",
+		"\\wkssvc",
+	};
+
+	type FileInfo: record {
+		## Time when the file was first discovered.
+		ts             : time    &log;
+		uid            : string  &log;
+		id             : conn_id &log;
+		fuid           : string  &log;
+
+		## Action this log record represents.
+		action         : FileAction  &log &default=FILE_UNKNOWN;
+
+		## Path pulled from the tree this file was transferred to or from.
+		path           : string  &log &optional;
+		## Filename if one was seen.
+		name           : string  &log &optional;
+
+		## Total size of the file.
+		size           : count   &log &default=0;
+		## Last time this file was modified.
+		times          : SMB::MACTimes    &log &optional;
+	};
+	
+	type TreeInfo: record {
+		## Time when the tree was mapped.
+		ts                 : time   &log &optional;
+
+		uid                : string  &log;
+		id                 : conn_id &log;
+
+		## Name of the tree path.
+		path               : string &log &optional;
+		service            : string &log &optional;
+		native_file_system : string &log &optional;
+
+		## If this is SMB2, a share type will be included.
+		share_type         : string &log &optional;
+	};
+	
+	type CmdInfo: record {
+		## The command.
+		command              : string   &optional;
+
+		## If the command referenced a file, store it here.
+		referenced_file      : FileInfo &optional;
+		## If the command referenced a tree, store it here.
+		referenced_tree      : TreeInfo &optional;
+	};
+	
+	type Info: record {
+		ts: time &log;
+		uid: string &log;
+		id: conn_id &log;
+
+		## Version of SMB for the command.
+		version: string &log;
+
+		## Command sent by the client.
+		command: string &log &optional;
+
+		## Server reply to the client's command
+		status: string &log &optional;
+		
+		## If this is related to a tree, this is the tree
+		## that was used for the current command. 
+		tree: string &log &optional;
+
+		## The negotiated dialect for the connection.
+		dialect: string &log &optional;
+
+		## Round trip time from the request to the response.
+		rtt: interval &log &optional;
+
+		## A reference to the current command.
+		current_cmd    : CmdInfo     &optional;
+
+		## A reference to the current file.
+		current_file   : FileInfo    &optional;
+		
+		## A reference to the current tree.
+		current_tree   : TreeInfo    &optional;
+		
+		## Indexed on MID to map responses to requests.
+		pending_cmds   : table[count] of CmdInfo    &optional;
+		## File map to retrieve file information based on the file ID.
+		fid_map        : table[count] of FileInfo   &optional;
+		## Tree map to retrieve tree information based on the tree ID.
+		tid_map        : table[count] of TreeInfo   &optional;
+	};
+	
+	redef record connection += {
+		smb : Info &optional;
+	};
+
+	## This is an internally used function.
+	const set_current_file: function(smb: Info, file_id: count) &redef;
+
+	## This is an internally used function.
+	const write_file_log: function(f: FileInfo) &redef;
+}
+
+redef record connection += {
+	smb_pending_cmds : table[count, count] of Info &default=table();
+};
+
+redef record FileInfo += {
+	## ID referencing this file.
+	fid            : count   &optional;
+
+	## Maintain a reference to the file record.
+	f              : fa_file &optional;
+};
+
+const ports = { 139/tcp, 445/tcp };
+redef likely_server_ports += { ports };
+
+event bro_init() &priority=5
+	{
+	Log::create_stream(CMD_LOG, [$columns=SMB::Info]);
+	Log::create_stream(FILES_LOG, [$columns=SMB::FileInfo]);
+	Log::create_stream(MAPPING_LOG, [$columns=SMB::TreeInfo]);
+
+	Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, ports);
+	}
+
+function set_current_file(smb: Info, file_id: count)
+	{
+	if ( file_id !in smb$fid_map )
+		{
+		smb$fid_map[file_id] = smb$current_cmd$referenced_file;
+		smb$fid_map[file_id]$fid = file_id;
+		}
+	
+	smb$current_file = smb$fid_map[file_id];
+	}
+
+function write_file_log(f: FileInfo)
+	{
+	if ( f?$name && 
+	     f$name !in pipe_names &&
+	     f$action in logged_file_actions )
+		{
+		Log::write(FILES_LOG, f);
+		}
+	}
+
+event file_state_remove(f: fa_file) &priority=-5
+	{
+	if ( f$source != "SMB" )
+		return;
+	
+	for ( id in f$conns )
+		{
+		local c = f$conns[id];
+		if ( c?$smb && c$smb?$current_file)
+			{
+			write_file_log(c$smb$current_file);
+			}
+		return;
+		}
+	}
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/pipe.bro b/scripts/base/protocols/smb/pipe.bro
new file mode 100644
index 0000000000..d9f201d455
--- /dev/null
+++ b/scripts/base/protocols/smb/pipe.bro
@@ -0,0 +1,59 @@
+module SMB;
+
+export {
+	redef enum Log::ID += {
+		ATSVC_LOG,
+	};
+
+	type ATSvcInfo: record {
+	## Time of the request
+	ts	: time &log;
+	## UID of the connection
+	uid	: string &log;
+	## Connection info
+	id	: conn_id &log;
+	## Command (add, enum, delete, etc.)
+	command : string &log;
+	## Argument
+	arg	: string &log;
+	## Server the command was issued to
+	server	: string &log;
+	## Result of the command
+	result	: string &log &optional;
+	};
+}
+
+redef record connection += {
+	smb_atsvc: ATSvcInfo &optional;
+};
+
+event bro_init() &priority=5
+	{
+	Log::create_stream(ATSVC_LOG, [$columns=ATSvcInfo]);
+	}
+
+event smb_atsvc_job_add(c: connection, server: string, job: string)
+	{
+	local info: ATSvcInfo;
+	info$ts = network_time();
+	info$uid = c$uid;
+	info$id = c$id;
+	info$command = "Add job";
+	info$arg = job;
+	info$server = server;
+
+	c$smb_atsvc = info;
+	}
+
+event smb_atsvc_job_id(c: connection, id: count, status: count)
+	{
+	if ( !c?$smb_atsvc )
+		return;
+	if ( status == 0 )
+		c$smb_atsvc$result = "success";
+	else
+		c$smb_atsvc$result = "failed";
+
+	Log::write(ATSVC_LOG, c$smb_atsvc);
+	delete c$smb_atsvc;
+	}
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
new file mode 100644
index 0000000000..5aeee80c30
--- /dev/null
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -0,0 +1,194 @@
+module SMB1;
+
+redef record SMB::Info += {
+	smb1_offered_dialects: string_vec &optional;
+};
+
+event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=5
+	{
+	if ( ! c?$smb )
+		{
+		local info: SMB::Info = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB1"];
+		info$fid_map = table();
+		info$tid_map = table();
+		info$pending_cmds = table();
+		c$smb = info;
+		}
+	
+	local smb = c$smb;
+	local tid = hdr$tid;
+	local pid = hdr$pid;
+	local uid = hdr$uid;
+	local mid = hdr$mid;
+	
+	if ( tid !in smb$tid_map )
+		{
+		local tmp_tree: SMB::TreeInfo = [$uid=c$uid, $id=c$id];
+		smb$tid_map[tid] = tmp_tree;
+		}
+	smb$current_tree = smb$tid_map[tid];
+	
+	if ( mid !in smb$pending_cmds )
+		{
+		local tmp_cmd: SMB::CmdInfo;
+		tmp_cmd$command = SMB1::commands[hdr$command];
+
+		local tmp_file: SMB::FileInfo;
+		tmp_file$ts = network_time();
+		tmp_file$id = c$id;
+		tmp_file$uid = c$uid;
+		tmp_cmd$referenced_file = tmp_file;
+		tmp_cmd$referenced_tree = smb$current_tree;
+		
+		smb$pending_cmds[mid] = tmp_cmd;
+		}
+	
+	smb$current_cmd = smb$pending_cmds[mid];
+	smb$command = smb$current_cmd$command;
+
+	if ( is_orig )
+		{
+		smb$ts = network_time();
+		}
+	else
+		{
+		smb$rtt = network_time() - smb$ts;
+		smb$status = SMB::statuses[hdr$status]$id;
+		}
+}
+
+event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=-5
+	{
+	if ( !is_orig )
+		# This is a response and the command is no longer pending
+		# so let's get rid of it.
+		delete c$smb$pending_cmds[hdr$mid];
+
+	if ( c?$smb )
+		Log::write(SMB::CMD_LOG, c$smb);
+	}
+
+
+event smb1_negotiate_request(c: connection, hdr: SMB1::Header, dialects: string_vec) &priority=5
+	{
+	c$smb$smb1_offered_dialects = dialects;
+	}
+
+event smb1_negotiate_response(c: connection, hdr: SMB1::Header, response: SMB1::NegotiateResponse) &priority=5
+	{
+	if ( c$smb?$smb1_offered_dialects )
+		{
+		if ( response?$ntlm )
+			c$smb$dialect = c$smb$smb1_offered_dialects[response$ntlm$dialect_index];
+		delete c$smb$smb1_offered_dialects;
+		}
+	}
+
+event smb1_tree_connect_andx_request(c: connection, hdr: SMB1::Header, path: string, service: string) &priority=5
+	{
+	c$smb$current_cmd$referenced_tree$path = path;
+	c$smb$current_cmd$referenced_tree$service = service;
+	c$smb$current_tree$ts=network_time();
+	}
+
+event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service: string, native_file_system: string) &priority=5
+	{
+	c$smb$current_cmd$referenced_tree$native_file_system = native_file_system;
+	c$smb$current_tree = c$smb$current_cmd$referenced_tree;
+	c$smb$tid_map[hdr$tid] = c$smb$current_tree;
+	}
+
+event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service: string, native_file_system: string) &priority=-5
+	{
+	Log::write(SMB::MAPPING_LOG, c$smb$current_tree);
+	}
+
+event smb1_nt_create_andx_request(c: connection, hdr: SMB1::Header, name: string) &priority=5
+	{
+	c$smb$current_cmd$referenced_file$name = name;
+	c$smb$current_file = c$smb$current_cmd$referenced_file;
+	c$smb$current_file$action = SMB::FILE_OPEN;
+	}
+
+event smb1_nt_create_andx_response(c: connection, hdr: SMB1::Header, file_id: count, file_size: count, times: SMB::MACTimes) &priority=5
+	{
+	if ( ! c$smb?$current_file )
+		{
+		c$smb$current_file = c$smb$current_cmd$referenced_file;
+		c$smb$current_file$action = SMB::FILE_OPEN;
+		}
+	c$smb$current_file$fid = file_id;
+	c$smb$current_file$size = file_size;
+
+	# I'm seeing negative data from IPC tree transfers
+	if ( time_to_double(times$modified) > 0.0 )
+		c$smb$current_file$times = times;
+	
+	# We can identify the file by its file id now so let's stick it 
+	# in the file map.
+	c$smb$fid_map[file_id] = c$smb$current_file;
+
+	SMB::write_file_log(c$smb$current_file);
+	}
+	
+event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count) &priority=5
+	{
+	SMB::set_current_file(c$smb, file_id);
+	c$smb$current_file$action = SMB::FILE_READ;
+
+	if ( c$smb$current_tree?$path && !c$smb$current_file?$path )
+		c$smb$current_file$path = c$smb$current_tree$path;
+
+	#write_file_log(c$smb$current_file);
+	}
+	
+event smb1_read_andx_response(c: connection, hdr: SMB1::Header, data_len: count) &priority=5
+	{
+	#print "read andx response!";
+	}
+
+event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count) &priority=5
+	{
+	SMB::set_current_file(c$smb, file_id);
+	c$smb$current_file$action = SMB::FILE_WRITE;
+	}
+	
+event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count) &priority=-5
+	{
+	if ( c$smb$current_tree?$path && !c$smb$current_file?$path )
+		c$smb$current_file$path = c$smb$current_tree$path;
+
+	#write_file_log(c$smb$current_file);
+	}
+
+#event smb1_write_andx_response(c: connection, hdr: SMB1::Header, written_bytes: count) &priority=5
+#	{
+#	# Do i really need to do anything here?  Maybe do a weird if the number of bytes written is odd?
+#	}
+
+event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &priority=5
+	{
+	SMB::set_current_file(c$smb, file_id);
+	c$smb$current_file$action = SMB::FILE_CLOSE;
+	}
+
+event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &priority=-5
+	{
+	if ( file_id in c$smb$fid_map )
+		{
+		local fl = c$smb$fid_map[file_id];
+		fl$uid = c$uid;
+		fl$id = c$id;
+		# Need to check for existence of path in case tree connect message wasn't seen.
+		if ( c$smb$current_tree?$path )
+			fl$path = c$smb$current_tree$path;
+		delete c$smb$fid_map[file_id];
+
+		SMB::write_file_log(fl);
+		}
+	else
+		{
+		# A reporter message is not right...
+		#Reporter::warning("attempting to close an unknown file!");
+		}
+	}
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
new file mode 100644
index 0000000000..7dc36c3717
--- /dev/null
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -0,0 +1,183 @@
+module SMB2;
+
+redef record SMB::Info += {
+	smb2_offered_dialects: index_vec &optional;
+};
+
+event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=5
+	{
+	if ( ! c?$smb )
+		{
+		local info: SMB::Info = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2"];
+		info$fid_map = table();
+		info$tid_map = table();
+		info$pending_cmds = table();
+		c$smb = info;
+		}
+	
+	local smb = c$smb;
+	local tid = hdr$tree_id;
+	local pid = hdr$process_id;
+	local mid = hdr$message_id;
+	local sid = hdr$session_id;
+	
+	if ( tid !in smb$tid_map )
+		{
+		local tmp_tree: SMB::TreeInfo = [$uid=c$uid, $id=c$id];
+		smb$tid_map[tid] = tmp_tree;
+		}
+	smb$current_tree = smb$tid_map[tid];
+	
+	if ( mid !in smb$pending_cmds )
+		{
+		local tmp_cmd: SMB::CmdInfo;
+		tmp_cmd$command = SMB2::commands[hdr$command];
+
+		local tmp_file: SMB::FileInfo;
+		tmp_file$ts = network_time();
+		tmp_file$id = c$id;
+		tmp_file$uid = c$uid;
+		tmp_cmd$referenced_file = tmp_file;
+		tmp_cmd$referenced_tree = smb$current_tree;
+		
+		smb$pending_cmds[mid] = tmp_cmd;
+		}
+	
+	smb$current_cmd = smb$pending_cmds[mid];
+	smb$command = smb$current_cmd$command;
+
+	if ( is_orig )
+		{
+		smb$ts = network_time();
+		}
+	else
+		{
+		smb$rtt = network_time() - smb$ts;
+		smb$status = SMB::statuses[hdr$status]$id;
+		}
+	}
+
+event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=-5
+	{
+	if ( !is_orig )
+		# This is a response and the command is no longer pending
+		# so let's get rid of it.
+		delete c$smb$pending_cmds[hdr$message_id];
+
+	if ( c?$smb )
+		Log::write(SMB::CMD_LOG, c$smb);
+	}
+
+event smb2_negotiate_request(c: connection, hdr: SMB2::Header, dialects: index_vec) &priority=5
+	{
+	c$smb$smb2_offered_dialects = dialects;
+	}
+
+event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::NegotiateResponse)
+	{
+	if ( c$smb?$smb2_offered_dialects )
+		{
+		for ( i in c$smb$smb2_offered_dialects )
+			{
+			if ( response$dialect_revision == c$smb$smb2_offered_dialects[i] )
+				{
+				c$smb$dialect = SMB2::dialects[response$dialect_revision];
+				break;
+				}
+			}
+		delete c$smb$smb2_offered_dialects;
+		}
+	}
+
+event smb2_tree_connect_request(c: connection, hdr: SMB2::Header, path: string) &priority=5
+	{
+	c$smb$current_cmd$referenced_tree$path = path;
+	c$smb$current_tree$ts=network_time();
+	}
+
+event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse) &priority=5
+	{
+	c$smb$current_tree = c$smb$current_cmd$referenced_tree;
+	c$smb$current_tree$share_type = SMB2::share_types[response$share_type];
+	c$smb$tid_map[hdr$tree_id] = c$smb$current_tree;
+	}
+
+event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse) &priority=-5
+	{
+	Log::write(SMB::MAPPING_LOG, c$smb$current_tree);
+	}
+
+event smb2_create_request(c: connection, hdr: SMB2::Header, name: string) &priority=5
+	{
+	c$smb$current_cmd$referenced_file$name = name;
+	c$smb$current_file = c$smb$current_cmd$referenced_file;
+	c$smb$current_file$action = SMB::FILE_OPEN;
+	}
+
+event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, file_size: count, times: SMB::MACTimes, attrs: SMB2::FileAttrs) &priority=5
+	{
+	if ( ! c$smb?$current_file )
+		{
+		c$smb$current_file = c$smb$current_cmd$referenced_file;
+		c$smb$current_file$action = SMB::FILE_OPEN;
+		}
+	c$smb$current_file$fid = file_id$persistent+file_id$volatile;
+	c$smb$current_file$size = file_size;
+
+	# I'm seeing negative data from IPC tree transfers
+	if ( time_to_double(times$modified) > 0.0 )
+		c$smb$current_file$times = times;
+	
+	# We can identify the file by its file id now so let's stick it 
+	# in the file map.
+	c$smb$fid_map[file_id$persistent+file_id$volatile] = c$smb$current_file;
+
+	SMB::write_file_log(c$smb$current_file);
+	}
+
+event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
+	{
+	SMB::set_current_file(c$smb, file_id$persistent+file_id$volatile);
+	c$smb$current_file$action = SMB::FILE_READ;
+
+	if ( c$smb$current_tree?$path && !c$smb$current_file?$path )
+		c$smb$current_file$path = c$smb$current_tree$path;
+
+	#write_file_log(c$smb$current_file);
+	}
+
+event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
+	{
+	SMB::set_current_file(c$smb, file_id$persistent+file_id$volatile);
+	c$smb$current_file$action = SMB::FILE_WRITE;
+
+	if ( c$smb$current_tree?$path && ! c$smb$current_file?$path )
+		c$smb$current_file$path = c$smb$current_tree$path;
+	}
+
+event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID) &priority=5
+	{
+	SMB::set_current_file(c$smb, file_id$persistent+file_id$volatile);
+	c$smb$current_file$action = SMB::FILE_CLOSE;
+	}
+
+event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID) &priority=-5
+	{
+	if ( file_id$persistent+file_id$volatile in c$smb$fid_map )
+		{
+		local fl = c$smb$fid_map[file_id$persistent+file_id$volatile];
+		fl$uid = c$uid;
+		fl$id = c$id;
+		# Need to check for existence of path in case tree connect message wasn't seen.
+		if ( c$smb$current_tree?$path )
+			fl$path = c$smb$current_tree$path;
+		delete c$smb$fid_map[file_id$persistent+file_id$volatile];
+
+		SMB::write_file_log(fl);
+		}
+	else
+		{
+		# A reporter message is not right...
+		#Reporter::warning("attempting to close an unknown file!");
+		}
+	}
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index feec283197..ef05ad353c 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -1,4 +1,3 @@
-
 include(BroPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DIR})
@@ -6,6 +5,75 @@ include_directories(AFTER  ${CMAKE_CURRENT_BINARY_DIR}/../dce-rpc)
 
 bro_plugin_begin(Bro SMB)
 bro_plugin_cc(SMB.cc Plugin.cc)
-bro_plugin_bif(events.bif)
-bro_plugin_pac(smb.pac smb-protocol.pac smb-pipe.pac smb-mailslot.pac)
+bro_plugin_bif(
+	smb_ntlmssp.bif
+	smb_pipe.bif
+  
+	smb1_com_check_directory.bif
+	smb1_com_close.bif
+	smb1_com_create_directory.bif
+	smb1_com_echo.bif
+	smb1_com_logoff_andx.bif
+	smb1_com_negotiate.bif
+	smb1_com_nt_create_andx.bif
+	smb1_com_nt_cancel.bif
+	smb1_com_query_information.bif
+	smb1_com_read_andx.bif
+	smb1_com_session_setup_andx.bif
+	smb1_com_tree_connect_andx.bif
+	smb1_com_tree_disconnect.bif
+	smb1_com_write_andx.bif
+	smb1_events.bif
+
+	smb2_com_close.bif
+	smb2_com_create.bif
+	smb2_com_negotiate.bif
+	smb2_com_read.bif
+	smb2_com_session_setup.bif
+	smb2_com_tree_connect.bif
+	smb2_com_tree_disconnect.bif
+	smb2_com_write.bif
+	smb2_events.bif
+
+	types.bif)
+bro_plugin_pac(
+	smb.pac
+	smb-common.pac
+	smb-strings.pac
+	smb-time.pac
+	smb-pipe.pac
+	smb-mailslot.pac
+	smb-ntlmssp.pac
+
+	smb1-protocol.pac
+	smb1-com-check-directory.pac
+	smb1-com-close.pac
+	smb1-com-create-directory.pac
+	smb1-com-echo.pac
+	smb1-com-locking-andx.pac
+	smb1-com-logoff-andx.pac
+	smb1-com-negotiate.pac
+	smb1-com-nt-cancel.pac
+	smb1-com-nt-create-andx.pac
+	smb1-com-nt-transact.pac
+	smb1-com-query-information.pac
+	smb1-com-read-andx.pac
+	smb1-com-session-setup-andx.pac
+	smb1-com-transaction-secondary.pac
+	smb1-com-transaction.pac
+	smb1-com-transaction2.pac
+	smb1-com-tree-connect-andx.pac
+	smb1-com-tree-disconnect.pac
+	smb1-com-write-andx.pac
+
+	smb2-protocol.pac
+	smb2-com-close.pac
+	smb2-com-create.pac
+	smb2-com-negotiate.pac
+	smb2-com-read.pac
+	smb2-com-session-setup.pac
+	smb2-com-tree-connect.pac
+	smb2-com-tree-disconnect.pac
+	smb2-com-write.pac
+)
 bro_plugin_end()
diff --git a/src/analyzer/protocol/smb/Plugin.cc b/src/analyzer/protocol/smb/Plugin.cc
index af564c067c..6f6d8b28b9 100644
--- a/src/analyzer/protocol/smb/Plugin.cc
+++ b/src/analyzer/protocol/smb/Plugin.cc
@@ -1,4 +1,3 @@
-
 #include "plugin/Plugin.h"
 
 #include "SMB.h"
@@ -7,5 +6,36 @@ BRO_PLUGIN_BEGIN(Bro, SMB)
 	BRO_PLUGIN_DESCRIPTION("SMB analyzer");
 	BRO_PLUGIN_ANALYZER("SMB", smb::SMB_Analyzer);
 	BRO_PLUGIN_SUPPORT_ANALYZER("Contents_SMB");
-	BRO_PLUGIN_BIF_FILE(events);
+	BRO_PLUGIN_BIF_FILE(smb1_events);
+	BRO_PLUGIN_BIF_FILE(smb2_events);
+
+	BRO_PLUGIN_BIF_FILE(smb_ntlmssp);
+	BRO_PLUGIN_BIF_FILE(smb_pipe);
+
+	BRO_PLUGIN_BIF_FILE(types);
+
+	BRO_PLUGIN_BIF_FILE(smb1_com_check_directory);
+	BRO_PLUGIN_BIF_FILE(smb1_com_close);
+	BRO_PLUGIN_BIF_FILE(smb1_com_create_directory);
+	BRO_PLUGIN_BIF_FILE(smb1_com_echo);
+	BRO_PLUGIN_BIF_FILE(smb1_com_logoff_andx);
+	BRO_PLUGIN_BIF_FILE(smb1_com_negotiate);
+	BRO_PLUGIN_BIF_FILE(smb1_com_nt_create_andx);
+	BRO_PLUGIN_BIF_FILE(smb1_com_nt_cancel);
+	BRO_PLUGIN_BIF_FILE(smb1_com_query_information);
+	BRO_PLUGIN_BIF_FILE(smb1_com_read_andx);
+	BRO_PLUGIN_BIF_FILE(smb1_com_session_setup_andx);
+	BRO_PLUGIN_BIF_FILE(smb1_com_tree_connect_andx);
+	BRO_PLUGIN_BIF_FILE(smb1_com_tree_disconnect);
+	BRO_PLUGIN_BIF_FILE(smb1_com_write_andx);
+
+	BRO_PLUGIN_BIF_FILE(smb2_com_close);
+	BRO_PLUGIN_BIF_FILE(smb2_com_create);
+	BRO_PLUGIN_BIF_FILE(smb2_com_negotiate);
+	BRO_PLUGIN_BIF_FILE(smb2_com_read);
+	BRO_PLUGIN_BIF_FILE(smb2_com_session_setup);
+	BRO_PLUGIN_BIF_FILE(smb2_com_tree_connect);
+	BRO_PLUGIN_BIF_FILE(smb2_com_tree_disconnect);
+	BRO_PLUGIN_BIF_FILE(smb2_com_write);
+
 BRO_PLUGIN_END
diff --git a/src/analyzer/protocol/smb/SMB.cc b/src/analyzer/protocol/smb/SMB.cc
index 9d388a0886..643c8a4ae6 100644
--- a/src/analyzer/protocol/smb/SMB.cc
+++ b/src/analyzer/protocol/smb/SMB.cc
@@ -1,1235 +1,193 @@
-// See the file "COPYING" in the main distribution directory for copyright.
-
-#include "NetVar.h"
 #include "SMB.h"
-#include "smb_pac.h"
-#include "Val.h"
-#include "Reporter.h"
-
-#include "events.bif.h"
 
 using namespace analyzer::smb;
 
-namespace {
-	const bool DEBUG_smb_ipc = true;
+// This was 1<<17 originally but was changed due to larger messages
+// being seen.
+#define SMB_MAX_LEN (1<<18)
+
+SMB_Analyzer::SMB_Analyzer(Connection *conn)
+: tcp::TCP_ApplicationAnalyzer("SMB", conn)
+	{
+	chunks=0;
+	interp = new binpac::SMB::SMB_Conn(this);
+	AddSupportAnalyzer(new Contents_SMB(conn, true));
+	AddSupportAnalyzer(new Contents_SMB(conn, false));
 }
 
-#define BYTEORDER_SWAP16(n) ((256 * ((n) & 0xff)) + ((n) >> 8))
-
-enum SMB_Command {
-#define SMB_COMMAND(name, value) name = value,
-#include "SMB_COM.def"
-#undef SMB_COMMAND
-};
-
-enum SMB_Transaction_Command {
-	HOST_ANNOUNCEMENT = 1,
-	ANNOUCEMENT_REQUEST = 2,
-	REQUEST_ELECTION = 8,
-	GET_BACKUP_LIST_REQUEST = 9,
-	GET_BACKUP_LIST_RESPONSE = 10,
-	BECOME_BACKUP_REQUEST = 11,
-	DOMAIN_ANNOUNCEMENT = 12,
-	MASTER_ANNOUNCEMENT = 13,
-	RESET_BROWSER_STATE = 14,
-	LOCAL_MASTER_ANNOUNCEMENT = 15,
-};
-
-const char* SMB_command_name[256];
-StringVal* SMB_command_str[256];
-const char* SMB_trans_command_name[256];
-StringVal* SMB_trans_command_str[256];
-
-static void init_SMB_command_name()
+SMB_Analyzer::~SMB_Analyzer()
 	{
-	static int initialized = 0;
-	if ( initialized )
-		return;
+	delete interp;
+	}
 
-	initialized = 1;
+void SMB_Analyzer::Done()
+	{
+	TCP_ApplicationAnalyzer::Done();
 
-	for ( int i = 0; i < 256; ++i )
+	interp->FlowEOF(true);
+	interp->FlowEOF(false);
+	}
+
+void SMB_Analyzer::EndpointEOF(bool is_orig)
+	{
+	TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
+	interp->FlowEOF(is_orig);
+	}
+	
+void SMB_Analyzer::Undelivered(uint64 seq, int len, bool orig)
+	{
+	TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
+	interp->NewGap(orig, len);
+	}
+
+void SMB_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
+	{
+	TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
+
+	assert(TCP());
+
+	try 
 		{
-		SMB_command_name[i] = "<unknown>";
-		SMB_command_str[i] = 0;
-		}
-
-#define SMB_COMMAND(name, value) SMB_command_name[value] = #name;
-#include "SMB_COM.def"
-#undef SMB_COMMAND
-#define SMB_COMMAND(name, value) SMB_trans_command_name[value] = #name;
-	SMB_COMMAND(HOST_ANNOUNCEMENT, 1)
-	SMB_COMMAND(ANNOUCEMENT_REQUEST, 2)
-	SMB_COMMAND(REQUEST_ELECTION, 8)
-	SMB_COMMAND(GET_BACKUP_LIST_REQUEST, 9)
-	SMB_COMMAND(GET_BACKUP_LIST_RESPONSE, 10)
-	SMB_COMMAND(BECOME_BACKUP_REQUEST, 11)
-	SMB_COMMAND(DOMAIN_ANNOUNCEMENT, 12)
-	SMB_COMMAND(MASTER_ANNOUNCEMENT, 13)
-	SMB_COMMAND(RESET_BROWSER_STATE, 14)
-	SMB_COMMAND(LOCAL_MASTER_ANNOUNCEMENT, 15)
-
-	}
-
-StringVal* get_SMB_command_str(int cmd)
-	{
-	if ( ! SMB_command_str[cmd] )
-		SMB_command_str[cmd] = new StringVal(SMB_command_name[cmd]);
-
-	return SMB_command_str[cmd];
-	}
-
-// ### TODO: the list of IPC pipes needs a lot of expansion.
-static int lookup_IPC_name(BroString* name)
-	{
-	static const char* IPC_pipe_names[] = {
-		"\\locator", "\\epmapper", "\\samr", "\\lsarpc", 0
-	};
-
-	for ( int i = 0; IPC_pipe_names[i]; ++i )
-		{
-		if ( size_t(name->Len()) == strlen(IPC_pipe_names[i]) &&
-		     strncmp((const char*) name->Bytes(),
-			     IPC_pipe_names[i], name->Len()) == 0 )
-			return i + 1;
-		}
-
-	return IPC_NONE;
-	}
-
-SMB_Session::SMB_Session(analyzer::Analyzer* arg_analyzer)
-	{
-	analyzer = arg_analyzer;
-	req_cmd = 0;
-	smb_mailslot_prot = false;
-	smb_pipe_prot = false;
-	dce_rpc_session = 0;
-	init_SMB_command_name();
-
-	// Strangely, one does not have to connect to IPC$ before
-	// making DCE/RPC calls. So we assume that it's always IPC
-	// unless confirmed otherwise.
-
-	is_IPC = true;
-	IPC_pipe = IPC_NONE;
-
-	transaction_name = 0;
-	transaction_subcmd = 0;
-
-	andx_[0] = andx_[1] = 0;
-	set_andx(0, 0);
-	set_andx(1, 0);
-
-	}
-
-SMB_Session::~SMB_Session()
-	{
-	binpac::Unref(andx_[0]);
-	binpac::Unref(andx_[1]);
-	Unref(transaction_name);
-	delete dce_rpc_session;
-	}
-
-void SMB_Session::set_andx(int is_orig, binpac::SMB::SMB_andx* andx)
-	{
-	int ind = is_orig ? 1 : 0;
-	if ( andx )
-		andx->Ref();
-
-	binpac::Unref(andx_[ind]);
-
-	andx_[ind] = andx;
-	}
-
-void SMB_Session::Deliver(int is_orig, int len, const u_char* data)
-	{
-	if ( len == 0 )
-		return;
-
-	try
-		{
-		const u_char* data_start = data;
-		const u_char* data_end = data + len;
-
-		binpac::SMB::SMB_header hdr;
-		int hdr_len = hdr.Parse(data, data_end);
-
-		data += hdr_len;
-
-		int next_command = hdr.command();
-
-		while ( data < data_end )
-			{
-			SMB_Body body(data, data_end);
-			set_andx(is_orig, 0);
-			ParseMessage(is_orig, next_command, hdr, body);
-
-			int next = AndxOffset(is_orig, next_command);
-			if ( next <= 0 )
-				break;
-
-			//Weird(fmt("ANDX! at %d", next));
-			const u_char* tmp = data_start + next;
-			if ( data_start + next < data + body.length() )
-				{
-				Weird(fmt("ANDX buffer overlapping: next = %d, buffer_end = %" PRIuPTR, next, data + body.length() - data_start));
-				break;
-				}
-
-			data = data_start + next;
-			}
+		interp->NewData(orig, data, data + len);
+		// Let's assume that if there are no binpac exceptions after 
+		// 3 data chunks that this is probably actually SMB.
+		if ( chunks >= 3 )
+			ProtocolConfirmation();
+		else
+			++chunks;
 		}
 	catch ( const binpac::Exception& e )
 		{
-		analyzer->Weird(e.msg().c_str());
+		  ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+		  //printf(fmt("Binpac exception: %s", e.c_msg()));
 		}
 	}
 
-void SMB_Session::ParseMessage(int is_orig, int cmd,
-				binpac::SMB::SMB_header const& hdr,
-				SMB_Body const& body)
+
+
+Contents_SMB::Contents_SMB(Connection* conn, bool orig)
+: TCP_SupportAnalyzer("Contents_SMB", conn, orig)
 	{
-	if ( smb_message )
-		{
-		val_list* vl = new val_list;
-		StringVal* cmd_str = get_SMB_command_str(cmd);
-		Ref(cmd_str);
-
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new Val(is_orig, TYPE_BOOL));
-		vl->append(cmd_str);
-		vl->append(new Val(body.length(), TYPE_COUNT));
-		vl->append(new StringVal(body.length(),
-					(const char*) body.data()));
-
-		analyzer->ConnectionEvent(smb_message, vl);
-		}
-
-	if ( is_orig )
-		req_cmd = cmd;
-
-	// What if there's an error?
-	// if ( hdr.status->status() || hdr.status->dos_error() )
-	// The command code in the header might be right, but
-	// the response is probably mangled :-(.
-
-	int ci = hdr.status()->val_case_index();
-	if ( (ci == 1 && hdr.status()->status()) ||
-	     (ci == 0 && (hdr.status()->dos_error()->error_class() ||
-			  hdr.status()->dos_error()->error())) )
-		{
-		unsigned int error = 0;
-
-		switch ( ci ) {
-		case 0:
-			error = hdr.status()->dos_error()->error_class() << 24 ||
-				hdr.status()->dos_error()->error();
-			break;
-		case 1:
-			error = hdr.status()->status();
-			break;
-		}
-
-		val_list* vl = new val_list;
-		StringVal* cmd_str = get_SMB_command_str(cmd);
-		Ref(cmd_str);
-
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new Val(cmd, TYPE_COUNT));
-		vl->append(cmd_str);
-		vl->append(new StringVal(body.length(),
-					(const char*) body.data()));
-
-		analyzer->ConnectionEvent(smb_error, vl);
-
-		// Is this the right behavior?
-		return;
-		}
-
-	int ret = 0;
-	switch ( cmd ) {
-	case SMB_COM_TREE_CONNECT_ANDX:
-		if ( is_orig )
-			ret = ParseTreeConnectAndx(hdr, body);
-		else
-			ret = ParseAndx(is_orig, hdr, body);
-		break;
-
-	case SMB_COM_NT_CREATE_ANDX:
-		if ( is_orig )
-			ret = ParseNtCreateAndx(hdr, body);
-		else
-			ret = ParseAndx(is_orig, hdr, body);
-		break;
-
-	case SMB_COM_TRANSACTION:
-	case SMB_COM_TRANSACTION2:
-	case SMB_COM_TRANSACTION_SECONDARY:
-	case SMB_COM_TRANSACTION2_SECONDARY:
-		ret = ParseTransaction(is_orig, cmd, hdr, body);
-		break;
-
-	case SMB_COM_READ_ANDX:
-		if ( is_orig )
-			ret = ParseReadAndx(hdr, body);
-		else
-			ret = ParseReadAndxResponse(hdr, body);
-		break;
-
-	case SMB_COM_WRITE_ANDX:
-		if ( is_orig )
-			ret = ParseWriteAndx(hdr, body);
-		else
-			ret = ParseWriteAndxResponse(hdr, body);
-		break;
-
-	case SMB_COM_NEGOTIATE:
-		if ( is_orig )
-			ret = ParseNegotiate(hdr, body);
-		else
-			ret = ParseNegotiateResponse(hdr, body);
-		break;
-
-	case SMB_COM_CLOSE:
-		ret = ParseClose(is_orig, hdr, body);
-		break;
-
-	case SMB_COM_TREE_DISCONNECT:
-		ret = ParseTreeDisconnect(is_orig, hdr, body);
-		break;
-
-	case SMB_COM_LOGOFF_ANDX:
-		if ( is_orig )
-			ret = ParseLogoffAndx(is_orig, hdr, body);
-		else
-			ret = ParseAndx(is_orig, hdr, body);
-		break;
-
-	case SMB_COM_SESSION_SETUP_ANDX:
-		if ( is_orig )
-			ret = ParseSetupAndx(is_orig, hdr, body);
-		else
-			ret = ParseAndx(is_orig, hdr, body);
-		break;
-
-	default:
-		Weird(fmt("unknown_SMB_command(0x%x)", cmd));
-		break;
-	}
-
-	if ( ret == -1 )
-		Weird("SMB_parsing_error");
-	}
-
-int SMB_Session::ParseNegotiate(binpac::SMB::SMB_header const& hdr,
-				SMB_Body const& body)
-	{
-	binpac::SMB::SMB_negotiate msg;
-	msg.Parse(body.data(), body.data() + body.length());
-
-	if ( smb_com_negotiate )
-		{
-		TableVal* t = new TableVal(smb_negotiate);
-		for ( int i = 0; i < int(msg.dialects()->size()); ++i )
-			{
-			binpac::SMB::SMB_dialect* d = (*msg.dialects())[i];
-			BroString* tmp = ExtractString(d->dialectname());
-			t->Assign(new Val(i, TYPE_COUNT), new StringVal(tmp));
-			}
-
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(t);
-
-		analyzer->ConnectionEvent(smb_com_negotiate, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseNegotiateResponse(binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_negotiate_response msg;
-	msg.Parse(body.data(), body.data() + body.length());
-
-	if ( smb_com_negotiate_response )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new Val(msg.dialect_index(), TYPE_COUNT));
-
-		analyzer->ConnectionEvent(smb_com_negotiate_response, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseSetupAndx(int is_orig, binpac::SMB::SMB_header const& hdr,
-				SMB_Body const& body)
- 	{
-	// The binpac type depends on the negotiated server settings -
-	// possibly we can just pick the "right" format here, and use that?
-
-	if ( hdr.flags2() & 0x0800 )
-		{
-		binpac::SMB::SMB_setup_andx_ext msg(hdr.unicode());
-		msg.Parse(body.data(), body.data() + body.length());
-		set_andx(1, msg.andx());
-		}
-	else
-		{
-		binpac::SMB::SMB_setup_andx_basic msg(hdr.unicode());
-		msg.Parse(body.data(), body.data() + body.length());
-		set_andx(1, msg.andx());
-		}
-
-	if ( smb_com_setup_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-
-		analyzer->ConnectionEvent(smb_com_setup_andx, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseClose(int is_orig, binpac::SMB::SMB_header const& hdr,
-				SMB_Body const& body)
-	{
-	if ( smb_com_close )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-
-		analyzer->ConnectionEvent(smb_com_close, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseLogoffAndx(int is_orig,
-					binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
- 	binpac::SMB::SMB_generic_andx msg;
- 	msg.Parse(body.data(), body.data() + body.length());
- 	if ( msg.word_count() > 0 )
-		set_andx(is_orig, msg.andx());
-
-	if ( smb_com_logoff_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-
-		analyzer->ConnectionEvent(smb_com_logoff_andx, vl);
-		}
-
- 	return 0;
- 	}
- 
-int SMB_Session::ParseAndx(int is_orig, binpac::SMB::SMB_header const& hdr,
-				SMB_Body const& body)
-	{
-	// This is a generic ANDX event generator.  It passes the header
-	// and the ANDX data out to the policy.
-	try
-		{
-		binpac::SMB::SMB_generic_andx msg;
-		msg.Parse(body.data(), body.data() + body.length());
-		if ( msg.word_count() > 0 )
-			set_andx(is_orig, msg.andx());
-
-		if ( smb_com_generic_andx )
-			{
-			val_list* vl = new val_list;
-			vl->append(analyzer->BuildConnVal());
-			vl->append(BuildHeaderVal(hdr));
-			vl->append(new StringVal(msg.data().length(),
-					(char *) msg.data().begin()));
-
-			analyzer->ConnectionEvent(smb_com_generic_andx, vl);
-			}
-		}
-	catch ( const binpac::Exception& )
-		{
-		Weird("smb_andx_command_failed_to_parse");
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseTreeConnectAndx(binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_tree_connect_andx req(hdr.unicode());
-
-	req.Parse(body.data(), body.data() + body.length());
-	set_andx(1, req.andx());
-
-	BroString* path = ExtractString(req.path());
-	BroString* service = ExtractString(req.service());
-
-	// Replicate path.
-	BroString* norm_path = new BroString(path->Bytes(), path->Len(), 1);
-	norm_path->ToUpper();
-
-	RecordVal* r = new RecordVal(smb_tree_connect);
-	r->Assign(0, new Val(req.flags(), TYPE_COUNT));
-	r->Assign(1, new StringVal(req.password_length(),
-					(const char*) req.password()));
-	r->Assign(2, new StringVal(path));
-	r->Assign(3, new StringVal(service));
-
-	if ( strstr_n(norm_path->Len(), norm_path->Bytes(), 5,
-		      (const u_char*) "\\IPC$") != -1 )
-		is_IPC = true;	// TODO: change is_IPC to 0 on tree_disconnect
-	else
-		is_IPC = false;
-
-	delete norm_path;
-
-	if ( smb_com_tree_connect_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(r);
-
-		analyzer->ConnectionEvent(smb_com_tree_connect_andx, vl);
-		}
-	else
-		{
-		delete path;
-		delete service;
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseTreeDisconnect(int is_orig,
-					binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_tree_disconnect msg(hdr.unicode());
-	msg.Parse(body.data(), body.data() + body.length());
-
-	if ( smb_com_nt_create_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-
-		analyzer->ConnectionEvent(smb_com_tree_disconnect, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseNtCreateAndx(binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_nt_create_andx req(hdr.unicode());
-	req.Parse(body.data(), body.data() + body.length());
-	set_andx(1, req.andx());
-
-	BroString* name = ExtractString(req.name());
-
-	IPC_pipe = (enum IPC_named_pipe) lookup_IPC_name(name);
-
-	if ( smb_com_nt_create_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new StringVal(name));
-
-		analyzer->ConnectionEvent(smb_com_nt_create_andx, vl);
-		}
-	else
-		delete name;
-
-	return 0;
-	}
-
-int SMB_Session::ParseReadAndx(binpac::SMB::SMB_header const& hdr,
-				SMB_Body const& body)
-	{
-	binpac::SMB::SMB_read_andx req;
-	req.Parse(body.data(), body.data() + body.length());
-	set_andx(1, req.andx());
-
-	if ( smb_com_read_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new StringVal(""));
-
-		analyzer->ConnectionEvent(smb_com_read_andx, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseReadAndxResponse(binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_read_andx_response resp;
-	resp.Parse(body.data(), body.data() + body.length());
-	set_andx(0, resp.andx());
-
-	int data_count = resp.data_length();
-	const u_char* data = resp.data().begin();
-
-	if ( smb_com_read_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new StringVal(data_count, (const char*) data));
-
-		analyzer->ConnectionEvent(smb_com_read_andx, vl);
-		}
-
-	CheckRPC(0, data_count, data);
-
-	return 0;
-	}
-
-int SMB_Session::ParseWriteAndx(binpac::SMB::SMB_header const& hdr,
-				SMB_Body const& body)
-	{
-	binpac::SMB::SMB_write_andx req;
-	req.Parse(body.data(), body.data() + body.length());
-	set_andx(1, req.andx());
-
-	int data_count = req.data_length();
-	const u_char* data = req.data().begin();
-
-	if ( smb_com_write_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new StringVal(data_count, (const char*) data));
-
-		analyzer->ConnectionEvent(smb_com_write_andx, vl);
-		}
-
-	CheckRPC(1, data_count, data);
-
-	return 0;
-	}
-
-int SMB_Session::ParseWriteAndxResponse(binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_write_andx_response resp;
-	resp.Parse(body.data(), body.data() + body.length());
-	set_andx(0, resp.andx());
-
-	if ( smb_com_write_andx )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new StringVal(""));
-
-		analyzer->ConnectionEvent(smb_com_write_andx, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::TransactionEvent(EventHandlerPtr f, int is_orig,
-				binpac::SMB::SMB_header const &hdr,
-				binpac::SMB::SMB_transaction const &trans,
-				int data_count,
-				binpac::SMB::SMB_transaction_data* data)
-	{
-	if ( f )
-		{
-		val_list* vl = new val_list;
-
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(BuildTransactionVal(trans));
-		vl->append(BuildTransactionDataVal(data));
-		vl->append(new Val(is_orig, TYPE_BOOL));
-
-		analyzer->ConnectionEvent(f, vl);
-		}
-
-	else if ( smb_com_transaction )
-		{ // generic transaction
-		}
-
-	return 0;
-	}
-
-int SMB_Session::TransactionEvent(EventHandlerPtr f, int is_orig,
-			binpac::SMB::SMB_header const &hdr,
-			binpac::SMB::SMB_transaction_secondary const &trans,
-			int data_count, binpac::SMB::SMB_transaction_data* data)
-	{
-	if ( f )
-		{
-		val_list* vl = new val_list;
-
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(BuildTransactionVal(trans));
-		vl->append(BuildTransactionDataVal(data));
-		vl->append(new Val(is_orig, TYPE_BOOL));
-
-		analyzer->ConnectionEvent(f, vl);
-		}
-
-	else if ( smb_com_transaction )
-		{ // generic transaction
-		}
-
-	return 0;
-	}
-
-int SMB_Session::TransactionEvent(EventHandlerPtr f, int is_orig,
-			binpac::SMB::SMB_header const &hdr,
-			binpac::SMB::SMB_transaction_response const &trans,
-			int data_count, binpac::SMB::SMB_transaction_data* data)
-	{
-	if ( f )
-		{
-		val_list* vl = new val_list;
-
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(BuildTransactionVal(trans));
-		vl->append(BuildTransactionDataVal(data));
-		vl->append(new Val(is_orig, TYPE_BOOL));
-
-		analyzer->ConnectionEvent(f, vl);
-		}
-
-	else if ( smb_com_transaction )
-		{ // generic transaction
-		}
-
-	return 0;
-	}
-
-int SMB_Session::ParseTransaction(int is_orig, int cmd,
-					binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	switch ( cmd ) {
-	case SMB_COM_TRANSACTION:
-	case SMB_COM_TRANSACTION2:
-	case SMB_COM_TRANSACTION_SECONDARY:
-	case SMB_COM_TRANSACTION2_SECONDARY:
-		break;
-
-	default:
-		reporter->AnalyzerError(analyzer,
-		  "command mismatch for SMB_Session::ParseTransaction");
-		return 0;
-	}
-
-	if ( ! is_orig )
-		return ParseTransactionResponse(cmd, hdr, body);
-
-	if ( cmd == SMB_COM_TRANSACTION || cmd == SMB_COM_TRANSACTION2 )
-		return ParseTransactionRequest(cmd, hdr, body);
-
-	return ParseTransactionSecondaryRequest(cmd, hdr, body);
-	}
-
-int SMB_Session::ParseTransactionRequest(int cmd,
-					binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_transaction trans(cmd == SMB_COM_TRANSACTION ? 1 : 2,
-						hdr.unicode());
-
-	trans.Parse(body.data(), body.data() + body.length());
-
-	if ( transaction_name )
-		{
-		Unref(transaction_name);
-		transaction_name = 0;
-		}
-
-	if ( cmd == SMB_COM_TRANSACTION )
-		{
-		binpac::SMB::SMB_transaction_data* trans_data = trans.data();
-
-		//transaction_name = new StringVal(ExtractString(trans.name()));
-		//if ( is_orig )
-		//	Weird(fmt("smb_transaction subcmd: 0x%x", transaction_subcmd));
-
-		if ( trans_data->val_case_index() ==
-			binpac::SMB::SMB_MAILSLOT_BROWSE &&
-		     trans_data->mailslot() )
-			{ // Mailslot transaction event
-			return TransactionEvent(smb_com_trans_mailslot, true,
-				hdr, trans, trans.data_count(), trans.data());
-			}
-
-		else if ( trans_data->val_case_index() ==
-				binpac::SMB::SMB_PIPE && trans_data->pipe() )
-			{ // Pipe
-			return TransactionEvent(smb_com_trans_pipe, true, hdr,
-				trans, trans.data_count(), trans.data());
-			}
-
-		else if ( trans_data->val_case_index() ==
-				binpac::SMB::SMB_RAP && trans_data->rap() )
-			{ // Remote Administration Protocol
-			return TransactionEvent(smb_com_trans_rap, true, hdr,
-				trans, trans.data_count(), trans.data());
-			}
-
-		else
-			{
-			// SOME UNKNOWN TRANSACTION TYPE - COULD BE RPC STILL!
-			if ( trans.data_count() > 0 && trans.setup_count() == 2 )
-				{
-				if ( CheckRPC(true, trans.data_count(),
-					trans_data->pipe()->data().begin()) )
-					{
-					if ( cmd != SMB_COM_TRANSACTION ||
-					     transaction_subcmd != 0x26 )
-						Weird(fmt("RPC through unknown command: 0x%x/0x%x", cmd, transaction_subcmd));
-					}
-				}
-			}
-		}
-
-	if ( cmd == SMB_COM_TRANSACTION2 )
-		{
-		switch ( transaction_subcmd ) {
-		case 0x3: // QueryFSInfo
-		case 0x5: // QueryPathInfo
-		case 0x7: // QueryFileInfo
-		case 0x8: // SetFileInfo
-			break;
-
-		case 0x10:
-			// if ( is_orig )
-			return ParseGetDFSReferral(hdr, trans.param_count(),
-						trans.parameters().begin());
-
-		default:
-			// if ( is_orig )
-			Weird(fmt("Unknown smb_transaction2 subcmd: 0x%x",
-					transaction_subcmd));
-			break;
-		}
-		}
-
-	if ( smb_com_transaction )
-		return TransactionEvent(smb_com_transaction, true, hdr,
-					trans, trans.data_count(),
-					trans.data());
-	else
-		return 0;
-
-#if 0
-	// TODO: LANMAN transaction uses the first u_short of
-	// parameters as subcmd
-
-	if ( trans.setup_count() > 0 )
-		transaction_subcmd = (*trans.setup())[0];
-
-	else if ( strncmp( transaction_name->CheckString(), "\\PIPE\\", 6 ) == 0 )
-		transaction_subcmd = 0;
-
-	else if ( strncmp( transaction_name->CheckString(), "\\MAILSLOT\\", 10 ) == 0 )
-		transaction_subcmd = 0;
-
-	else
-		Weird("transaction_subcmd_missing");
-#endif
-	}
-
-int SMB_Session::ParseTransactionSecondaryRequest(int cmd,
-					binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_transaction_secondary trans(hdr.unicode());
-	trans.Parse(body.data(), body.data() + body.length());
-
-	return TransactionEvent(smb_com_transaction2, true, hdr,
-				trans, trans.data_count(), trans.data());
-	}
-
-int SMB_Session::ParseTransactionResponse(int cmd,
-					binpac::SMB::SMB_header const& hdr,
-					SMB_Body const& body)
-	{
-	binpac::SMB::SMB_transaction_response trans(hdr.unicode());
-	trans.Parse(body.data(), body.data() + body.length());
-
-	if ( body.word_count() == 0 )
-		{ // interim response
-		// Does the transaction get parsed correctly?!
-		return TransactionEvent(smb_com_transaction, false, hdr,
-					trans, 0, NULL);
-		}
-
-	return TransactionEvent(smb_com_transaction, false, hdr,
-				trans, trans.data_count(), trans.data());
-	}
-
-int SMB_Session::ParseGetDFSReferral(binpac::SMB::SMB_header const& hdr,
-					int param_count, const u_char* param)
-	{
-	binpac::SMB::SMB_get_dfs_referral req(hdr.unicode());
-	req.Parse(param, param + param_count);
-
-	if ( smb_get_dfs_referral )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(BuildHeaderVal(hdr));
-		vl->append(new Val(req.max_referral_level(), TYPE_COUNT));
-		vl->append(new StringVal(ExtractString(req.file_name())));
-
-		analyzer->ConnectionEvent(smb_get_dfs_referral, vl);
-		}
-
-	return 0;
-	}
-
-int SMB_Session::AndxOffset(int is_orig, int& next_command) const
-	{
-	if ( ! andx(is_orig) )
-		return -1;
-
-	next_command = andx(is_orig)->command();
-	if ( next_command != 0xff )
-		return andx(is_orig)->offset();
-	else
-		return -1;
-	}
-
-void SMB_Session::Weird(const char* msg)
-	{
-	analyzer->Weird(msg);
-	}
-
-// Extract a NUL-terminated string from [data, data+len-1]. The
-// input can be in Unicode (little endian), and the returned string
-// will be in ASCII.  Note, Unicode strings have NUL characters
-// at the end of them already.  Adding an additional NUL byte at
-// the end leads to embedded-NUL warnings (CheckString() run time error).
-
-BroString* SMB_Session::ExtractString(binpac::SMB::SMB_string const* s)
-	{
-	return s->unicode() ? ExtractString(s->u()) : ExtractString(s->a());
-	}
-
-BroString* SMB_Session::ExtractString(binpac::SMB::SMB_ascii_string const* s)
-	{
-	bool add_NUL = true;
-	int n = s->size();
-
-	if ( n > 0 && (*s)[n - 1] == '\0' )
-		add_NUL = false;	// already has a NUL
-
-	if ( add_NUL )
-		++n;
-
-	u_char* b = new u_char[n];
-	int i;
-	for ( i = 0; i < int(s->size()); ++i )
-		b[i] = (*s)[i];
-
-	if ( add_NUL )
-		b[i] = '\0';
-
-	return new BroString(1, b, n - 1);
-	}
-
-BroString* SMB_Session::ExtractString(binpac::SMB::SMB_unicode_string const* s)
-	{
-	bool add_NUL = true;
-	int n = s->s()->size();
-
-	if ( n > 0 && ((*s->s())[n - 1] & 0xff) == '\0' )
-		add_NUL = false;	// already has a NUL
-
-	if ( add_NUL )
-		++n;
-
-	u_char* b = new u_char[n];
-
-	int i;
-	for ( i = 0; i < int(s->s()->size()); ++i )
-		{
-		uint16 x = (*s->s())[i];
-		if ( x & 0xff00 )
-			Weird(fmt("unicode string confusion: 0x%04x", x));
-
-		b[i] = u_char(x & 0xff);
-		}
-
-	if ( add_NUL )
-		b[i] = '\0';
-
-	return new BroString(1, b, n - 1);
-	}
-
-Val* SMB_Session::BuildHeaderVal(binpac::SMB::SMB_header const& hdr)
-	{
-	RecordVal* r = new RecordVal(smb_hdr);
-
-	unsigned int status = 0;
-
-	try
-		{
-		// FIXME: does this work?  We need to catch exceptions :-(
-		// or use guard functions.
-		status = hdr.status()->status() ||
-			    hdr.status()->dos_error()->error_class() << 24 ||
-			    hdr.status()->dos_error()->error();
-		}
-	catch ( const binpac::Exception& )
-		{ // do nothing
-		}
-
-	r->Assign(0, new Val(hdr.command(), TYPE_COUNT));
-	r->Assign(1, new Val(status, TYPE_COUNT));
-	r->Assign(2, new Val(hdr.flags(), TYPE_COUNT));
-	r->Assign(3, new Val(hdr.flags2(), TYPE_COUNT));
-	r->Assign(4, new Val(hdr.tid(), TYPE_COUNT));
-	r->Assign(5, new Val(hdr.pid(), TYPE_COUNT));
-	r->Assign(6, new Val(hdr.uid(), TYPE_COUNT));
-	r->Assign(7, new Val(hdr.mid(), TYPE_COUNT));
-
-	return r;
-	}
-
-Val* SMB_Session::BuildTransactionVal(binpac::SMB::SMB_transaction const& trans)
-	{
-	RecordVal* r = new RecordVal(smb_trans);
-
-	// r->Assign(0, new Val(variable, type));
-
-	return r;
-	}
-
-Val* SMB_Session::BuildTransactionVal(binpac::SMB::SMB_transaction_secondary const& trans)
-	{
-	RecordVal* r = new RecordVal(smb_trans);
-
-	// r->Assign(0, new Val(variable, type));
-
-	return r;
-	}
-
-Val* SMB_Session::BuildTransactionVal(binpac::SMB::SMB_transaction_response const& trans)
-	{
-	RecordVal* r = new RecordVal(smb_trans);
-
-	// r->Assign(0, new Val(variable, type));
-
-	return r;
-	}
-
-Val* SMB_Session::BuildTransactionDataVal(binpac::SMB::SMB_transaction_data *data)
-	{
-	RecordVal* r = new RecordVal(smb_trans_data);
-
-	// r->Assign(0, new Val(variable, type));
-
-	return r;
-	}
-
-bool SMB_Session::LooksLikeRPC(int len, const u_char* msg)
-	{
-	try
-		{
-		binpac::DCE_RPC_Simple::DCE_RPC_Header h;
-		h.Parse(msg, msg + len);
-
-		if ( h.rpc_vers() == 5 && h.rpc_vers_minor() == 0 )
-			{
-			unsigned short frag_len = h.frag_length();
-			if ( frag_len == len ||
-			     BYTEORDER_SWAP16(frag_len) == len )
-				{
-				if ( ! is_IPC && DEBUG_smb_ipc )
-					analyzer->Weird("TreeConnect to IPC missing");
-				return true;
-				}
-			else
-				{
-				analyzer->Weird(fmt("endianness %d", h.byteorder()));
-				analyzer->Weird(fmt("length mismatch: %d != %d",
-					h.frag_length(), len));
-				return false;
-				}
-			}
-		}
-	catch ( const binpac::Exception& )
-		{ // do nothing
-		}
-
-	return false;
-	}
-
-bool SMB_Session::CheckRPC(int is_orig, int data_count, const u_char *data)
-	{
-	if ( LooksLikeRPC(data_count, data) )
-		{
-		if ( ! dce_rpc_session )
-			dce_rpc_session = new dce_rpc::DCE_RPC_Session(analyzer);
-
-		dce_rpc_session->DeliverPDU(is_orig, data_count, data);
-
-		return true;
-		}
-
-	return false;
-	}
-
-Contents_SMB::Contents_SMB(Connection* conn, bool orig, SMB_Session* s)
-: tcp::TCP_SupportAnalyzer("CONTENTS_SMB", conn, orig)
-	{
-	smb_session = s;
-	msg_buf = 0;
+	state = WAIT_FOR_HDR;
+	resync_state = INSYNC;
+	first_time = last_time = 0.0;
 	msg_len = 0;
-	buf_len = 0;
-	buf_n = 0;
+	msg_type = 0;
 	}
 
-void Contents_SMB::InitMsgBuf()
+void Contents_SMB::Init()
 	{
-	delete [] msg_buf;
-	msg_buf = new u_char[msg_len];
-	buf_len = msg_len;
-	buf_n = 0;
+	TCP_SupportAnalyzer::Init();
+
+	NeedResync();
 	}
 
 Contents_SMB::~Contents_SMB()
 	{
-	delete [] msg_buf;
+	}
+
+
+void Contents_SMB::Undelivered(uint64 seq, int len, bool orig)
+	{
+	TCP_SupportAnalyzer::Undelivered(seq, len, orig);
+	NeedResync();
+	}
+
+bool Contents_SMB::HasSMBHeader(const u_char* data)
+	{
+	return (strncmp((const char*) data+4, "\xffSMB", 4) == 0 ||
+	        strncmp((const char*) data+4, "\xfeSMB", 4) == 0);
 	}
 
 void Contents_SMB::DeliverSMB(int len, const u_char* data)
 	{
 	// Check the 4-byte header.
-	if ( strncmp((const char*) data, "\xffSMB", 4) )
+	if ( ! HasSMBHeader(data) )
 		{
-		Conn()->Weird(fmt("SMB-over-TCP header error: %02x%02x%02x%02x, \\x%02x%c%c%c",
-			dshdr[0], dshdr[1], dshdr[2], dshdr[3],
+		Conn()->Weird(fmt("SMB-over-TCP header error: %02x %05x, >>\\x%02x%c%c%c<<",
+			//dshdr[0], dshdr[1], dshdr[2], dshdr[3],
+			msg_type, msg_len,
 			data[0], data[1], data[2], data[3]));
-		SetSkip(1);
+		NeedResync();
 		}
 	else
-		smb_session->Deliver(IsOrig(), len, data);
+		{
+		ForwardStream(len, data, IsOrig());
+		}
+	}
 
-	buf_n = 0;
+bool Contents_SMB::CheckResync(int& len, const u_char*& data, bool orig)
+	{
+	if (resync_state == INSYNC)
+		return true;
+
+	// This is an attempt to re-synchronize the stream after a content gap.  
+	// Returns true if we are in sync. 
+	// Returns false otherwise (we are in resync mode)
+	//
+	// We try to look for the beginning of a SMB message, assuming 
+	// SMB messages start at packet boundaries (though they may span 
+	// over multiple packets) (note that the data* of DeliverStream()
+	// usually starts at a packet boundrary). 
+	//
+	// Now lets see whether data points to the beginning of a
+	// SMB message. If the resync processs is successful, we should
+	// be at the beginning of a frame.
+
+	// check if the SMB header starts with an SMB1 or SMB2 marker
+	if ( ! HasSMBHeader(data) )
+		{
+		NeedResync();
+		return false;
+		}
+
+	resync_state = INSYNC;
+	first_time = last_time = 0.0;
 	msg_len = 0;
+	msg_type = 0;
+	return true;
 	}
 
 void Contents_SMB::DeliverStream(int len, const u_char* data, bool orig)
 	{
-	tcp::TCP_SupportAnalyzer::DeliverStream(len, data, orig);
+	TCP_SupportAnalyzer::DeliverStream(len, data, orig);
+	
+	if (!CheckResync(len, data, orig))
+		return;   // Not in sync yet. Still resyncing
 
 	while ( len > 0 )
 		{
-		if ( ! msg_len )
+		switch (state) {
+		case WAIT_FOR_HDR:
 			{
-			// Get the SMB-over-TCP header (4 bytes).
-			while ( buf_n < 4 && len > 0 )
+			// We have the 4 bytes header now
+
+			// This does not abide the spec, but we've seen it 
+			// in real traffic.
+			if (data[1] > 2)
+				Conn()->Weird(fmt("NetBIOS session flags > 2: %d", data[1]));
+			msg_len = 0;
+			msg_type = data[0];
+			for ( int i = 1; i < 4; i++)
+				msg_len = (msg_len << 8) + data[i];
+			msg_len+=4;
+			msg_buf.Init(SMB_MAX_LEN+4, msg_len);
+			state = WAIT_FOR_DATA;
+			}
+			break;
+		case WAIT_FOR_DATA:
+			{
+			bool got_all_data = msg_buf.ConsumeChunk(data, len);
+			if ( got_all_data )
 				{
-				dshdr[buf_n] = *data;
-				++buf_n; ++data; --len;
-				}
-
-			if ( buf_n < 4 )
-				return;
-
-			buf_n = 0;
-			for ( int i = 1; i < 4; ++i )
-				msg_len = ( msg_len << 8 ) + dshdr[i];
-
-			if ( dshdr[0] != 0 )
-				{
-				// Netbios header indicates this is NOT
-				// a session message ...
-				//	0x81 = session request
-				//	0x82 = positive response
-				//	0x83 = neg response
-				//	0x84 = retarget(?)
-				//	0x85 = keepalive
-				// Maybe we should just generate a Netbios
-				// event and die?
-				Conn()->Weird("SMB checked Netbios type and found != 0");
-				SetSkip(1);
-				return;
-				}
-
-			else if ( msg_len <= 4 )
-				{
-				Conn()->Weird("SMB message length error");
-				SetSkip(1);
-				return;
+				const u_char *dummy_p = msg_buf.GetBuf();
+				int dummy_len = (int) msg_buf.GetFill();
+				DeliverSMB(dummy_len, dummy_p);
+				
+				state = WAIT_FOR_HDR;
 				}
 			}
-
-		if ( buf_n == 0 && msg_len <= len )
-			{
-			// The fast lane:
-			// Keep msg_len -- it will be changed in DeliverSMB
-			int mlen = msg_len;
-			DeliverSMB(msg_len, data);
-			len -= mlen;
-			data += mlen;
-			}
-
-		else
-			{
-			if ( buf_len < msg_len )
-				InitMsgBuf();
-
-			while ( buf_n < msg_len && len > 0 )
-				{
-				msg_buf[buf_n] = *data;
-				++buf_n;
-				++data;
-				--len;
-				}
-
-			if ( buf_n < msg_len )
-				return;
-
-			DeliverSMB(msg_len, msg_buf);
-			}
-		}
-	}
-
-SMB_Analyzer::SMB_Analyzer(Connection* conn)
-: tcp::TCP_ApplicationAnalyzer("SMB", conn)
-	{
-	smb_session = new SMB_Session(this);
-	o_smb = new Contents_SMB(conn, true, smb_session);
-	r_smb = new Contents_SMB(conn, false, smb_session);
-	AddSupportAnalyzer(o_smb);
-	AddSupportAnalyzer(r_smb);
-	}
-
-SMB_Analyzer::~SMB_Analyzer()
-	{
-	delete smb_session;
+			break;
+		} // end switch
+		} // end while
 	}
diff --git a/src/analyzer/protocol/smb/SMB.h b/src/analyzer/protocol/smb/SMB.h
index b54852e5b7..ab70b424e0 100644
--- a/src/analyzer/protocol/smb/SMB.h
+++ b/src/analyzer/protocol/smb/SMB.h
@@ -1,5 +1,3 @@
-// See the file "COPYING" in the main distribution directory for copyright.
-
 #ifndef ANALYZER_PROTOCOL_SMB_SMB_H
 #define ANALYZER_PROTOCOL_SMB_SMB_H
 
@@ -7,7 +5,7 @@
 // Reference: http://www.snia.org/tech_activities/CIFS/CIFS-TR-1p00_FINAL.pdf
 
 #include "analyzer/protocol/tcp/TCP.h"
-#include "analyzer/protocol/dce-rpc/DCE_RPC.h"
+#include "analyzer/protocol/rpc/RPC.h"
 #include "smb_pac.h"
 
 namespace analyzer { namespace smb {
@@ -19,182 +17,68 @@ enum IPC_named_pipe {
 	IPC_SAMR,	// Security Account Manager
 };
 
-class SMB_Body : public binpac::SMB::SMB_body {
-public:
-	SMB_Body(const u_char* data, const u_char* data_end)
-		: binpac::SMB::SMB_body()
-		{
-		data_ = data;
-		Parse(data, data_end);
-		data_length_ = body_length();
-		if ( data + data_length_ > data_end )
-			data_length_ = data_end - data;
-		}
-
-	const u_char* data() const	{ return data_; }
-	int length() const 		{ return data_length_; }
-
-protected:
-	const u_char* data_;
-	int data_length_;
-};
-
-class SMB_Session {
-public:
-	SMB_Session(analyzer::Analyzer* analyzer);
-	~SMB_Session();
-
-	void Deliver(int is_orig, int len, const u_char* msg);
-
-protected:
-	void ParseMessage(int is_orig, int cmd,
-				binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseNegotiate(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseNegotiateResponse(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseAndx(int is_orig, binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseClose(int is_orig, binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseLogoffAndx(int is_orig, binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseSetupAndx(int is_orig, binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseTreeConnectAndx(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseTreeDisconnect(int is_orig, binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseNtCreateAndx(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseReadAndx(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseReadAndxResponse(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseWriteAndx(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseWriteAndxResponse(binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseTransaction(int is_orig, int cmd,
-				binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int TransactionEvent(EventHandlerPtr f, int is_orig,
-				binpac::SMB::SMB_header const &hdr,
-				binpac::SMB::SMB_transaction const &trans,
-				int data_count,
-				binpac::SMB::SMB_transaction_data* data);
-
-	int TransactionEvent(EventHandlerPtr f, int is_orig,
-				binpac::SMB::SMB_header const &hdr,
-				binpac::SMB::SMB_transaction_secondary const &trans,
-				int data_count,
-				binpac::SMB::SMB_transaction_data* data);
-
-	int TransactionEvent(EventHandlerPtr f, int is_orig,
-				binpac::SMB::SMB_header const &hdr,
-				binpac::SMB::SMB_transaction_response const &trans,
-				int data_count,
-				binpac::SMB::SMB_transaction_data* data);
-
-	int ParseTransactionRequest(int cmd,
-				binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseTransactionSecondaryRequest(int cmd,
-				binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseTransactionResponse(int cmd,
-				binpac::SMB::SMB_header const &hdr,
-				SMB_Body const &body);
-
-	int ParseGetDFSReferral(binpac::SMB::SMB_header const &hdr,
-				int param_count, const u_char* param);
-
-	BroString* ExtractString(binpac::SMB::SMB_string const* s);
-	BroString* ExtractString(binpac::SMB::SMB_ascii_string const* s);
-	BroString* ExtractString(binpac::SMB::SMB_unicode_string const* s);
-
-	bool LooksLikeRPC(int len, const u_char* msg);
-	bool CheckRPC(int is_orig, int len, const u_char* msg);
-
-	int AndxOffset(int is_orig, int &next_command) const;
-
-	void Weird(const char* msg);
-
-	const binpac::SMB::SMB_andx* const andx(int is_orig) const
-		{
-		return is_orig ? andx_[1] : andx_[0];
-		}
-
-	void set_andx(int is_orig, binpac::SMB::SMB_andx* andx);
-	 
-	Val* BuildHeaderVal(binpac::SMB::SMB_header const &hdr);
-	Val* BuildTransactionVal(binpac::SMB::SMB_transaction const &trans);
-	Val* BuildTransactionVal(binpac::SMB::SMB_transaction_secondary const &trans);
-	Val* BuildTransactionVal(binpac::SMB::SMB_transaction_response const &trans);
-	Val* BuildTransactionDataVal(binpac::SMB::SMB_transaction_data* data);
-
-	analyzer::Analyzer* analyzer;
-	dce_rpc::DCE_RPC_Session* dce_rpc_session;
-	enum IPC_named_pipe IPC_pipe;
-	int is_IPC;
-	int req_cmd;
-	uint16 transaction_subcmd;
-	bool smb_mailslot_prot;
-	bool smb_pipe_prot;
-	StringVal* transaction_name;
-	binpac::SMB::SMB_andx* andx_[2];
-};
 
 class Contents_SMB : public tcp::TCP_SupportAnalyzer {
 public:
-	Contents_SMB(Connection* conn, bool orig, SMB_Session* smb_session);
+	Contents_SMB(Connection* conn, bool orig);
 	~Contents_SMB();
 
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
 
 protected:
-	void InitMsgBuf();
+	typedef enum {
+		WAIT_FOR_HDR,
+		WAIT_FOR_DATA
+	} state_t;
+	typedef enum {
+		NEED_RESYNC,
+		INSYNC,
+	} resync_state_t;
+	virtual void Init();
+	virtual bool CheckResync(int& len, const u_char*& data, bool orig);
+	virtual void Undelivered(uint64 seq, int len, bool orig);
+	virtual void NeedResync() {
+		resync_state = NEED_RESYNC;
+		state = WAIT_FOR_HDR;
+	}
+
+	bool HasSMBHeader(const u_char* data);
 
 	void DeliverSMB(int len, const u_char* data);
 
-	SMB_Session* smb_session;
-	u_char dshdr[4];
-	u_char* msg_buf;
+	binpac::SMB::SMB_Conn* smb_session;
+
+	rpc::RPC_Reasm_Buffer hdr_buf; // Reassembles the NetBIOS length and glue.
+	rpc::RPC_Reasm_Buffer msg_buf; // Reassembles the SMB message.
 	int msg_len;
-	int buf_n;	// number of bytes in msg_buf
-	int buf_len;	// size off msg_buf
+	int msg_type;
+	double first_time;   // timestamp of first packet of current message
+	double last_time;    // timestamp of last pakcet of current message
+	state_t state;
+	resync_state_t resync_state;
 };
 
 class SMB_Analyzer : public tcp::TCP_ApplicationAnalyzer {
 public:
 	SMB_Analyzer(Connection* conn);
-	~SMB_Analyzer();
+	virtual ~SMB_Analyzer();
+	
+	virtual void Done();
+	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	virtual void Undelivered(uint64 seq, int len, bool orig);
+	virtual void EndpointEOF(bool is_orig);
 
 	static analyzer::Analyzer* InstantiateAnalyzer(Connection* conn)
 		{ return new SMB_Analyzer(conn); }
 
 protected:
-	SMB_Session* smb_session;
+	binpac::SMB::SMB_Conn* interp;
 	Contents_SMB* o_smb;
 	Contents_SMB* r_smb;
+
+	// Count the number of chunks received by the analyzer
+	// but only used to count the first few.
+	uint8 chunks;
 };
 
 } } // namespace analyzer::* 
diff --git a/src/analyzer/protocol/smb/SMB_COM.def b/src/analyzer/protocol/smb/SMB_COM.def
index c9b04bc380..12216de814 100644
--- a/src/analyzer/protocol/smb/SMB_COM.def
+++ b/src/analyzer/protocol/smb/SMB_COM.def
@@ -73,3 +73,5 @@ SMB_COMMAND(SMB_COM_GET_PRINT_QUEUE, 0xC3)
 SMB_COMMAND(SMB_COM_READ_BULK, 0xD8)
 SMB_COMMAND(SMB_COM_WRITE_BULK, 0xD9)
 SMB_COMMAND(SMB_COM_WRITE_BULK_DATA, 0xDA)
+SMB_COMMAND(SMB_COM_INVALID, 0xFE)
+SMB_COMMAND(SMB_COM_NO_ANDX_COMMAND, 0xFF)
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/dce_rpc-protocol.pac b/src/analyzer/protocol/smb/dce_rpc-protocol.pac
new file mode 100644
index 0000000000..5e0ccc8cab
--- /dev/null
+++ b/src/analyzer/protocol/smb/dce_rpc-protocol.pac
@@ -0,0 +1,125 @@
+# Definitions for DCE RPC.
+
+enum dce_rpc_ptype {
+	DCE_RPC_REQUEST,
+	DCE_RPC_PING,
+	DCE_RPC_RESPONSE,
+	DCE_RPC_FAULT,
+	DCE_RPC_WORKING,
+	DCE_RPC_NOCALL,
+	DCE_RPC_REJECT,
+	DCE_RPC_ACK,
+	DCE_RPC_CL_CANCEL,
+	DCE_RPC_FACK,
+	DCE_RPC_CANCEL_ACK,
+	DCE_RPC_BIND,
+	DCE_RPC_BIND_ACK,
+	DCE_RPC_BIND_NAK,
+	DCE_RPC_ALTER_CONTEXT,
+	DCE_RPC_ALTER_CONTEXT_RESP,
+	DCE_RPC_SHUTDOWN,
+	DCE_RPC_CO_CANCEL,
+	DCE_RPC_ORPHANED,
+};
+
+type uuid = bytestring &length = 16;
+
+type context_handle = record {
+	cxt_attributes:		uint32;
+	cxt_uuid:		uuid;
+};
+
+type rpc_if_id_t = record {
+	if_uuid		: uuid;
+	vers_major	: uint16;
+	vers_minor	: uint16;
+};
+
+type NDR_Format = record {
+	intchar		: uint8;
+	floatspec	: uint8;
+	reserved	: padding[2];
+} &let {
+	byteorder = (intchar >> 4) ? littleendian : bigendian;
+};
+
+#### There might be a endianness problem here: the frag_length
+# causes problems despite the NDR_Format having a byteorder set.
+
+type DCE_RPC_Header = record {
+	rpc_vers	: uint8 &check(rpc_vers == 5);
+	rpc_vers_minor	: uint8;
+	PTYPE		: uint8;
+	pfc_flags	: uint8;
+	packed_drep	: NDR_Format;
+	frag_length	: uint16;
+	auth_length	: uint16;
+	call_id		: uint32;
+} &let {
+	frag = pfc_flags & 4;
+	lastfrag = (! frag) || (pfc_flags & 2);
+} &byteorder = packed_drep.byteorder;
+
+type p_context_id_t = uint16;
+
+type p_syntax_id_t = record {
+	if_uuid		: uuid;
+	if_version	: uint32;
+};
+
+type p_cont_elem_t = record {
+	p_cont_id	: p_context_id_t;
+	n_transfer_syn	: uint8;
+	reserved	: padding[1];
+	abstract_syntax	: p_syntax_id_t;
+	transfer_syntaxes : p_syntax_id_t[n_transfer_syn];
+};
+
+type p_cont_list_t = record {
+	n_context_elem	: uint8;
+	reserved	: padding[3];
+	p_cont_elem	: p_cont_elem_t[n_context_elem];
+};
+
+type DCE_RPC_Bind = record {
+	max_xmit_frag	: uint16;
+	max_recv_frag	: uint16;
+	assoc_group_id	: uint32;
+	p_context_elem	: p_cont_list_t;
+};
+
+type DCE_RPC_AlterContext = record {
+	max_xmit_frag	: uint16;
+	max_recv_frag	: uint16;
+	assoc_group_id	: uint32;
+	p_context_elem	: p_cont_list_t;
+};
+
+type DCE_RPC_Request = record {
+	alloc_hint	: uint32;
+	p_cont_id	: p_context_id_t;
+	opnum		: uint16;
+	# object	: uuid;
+	# stub_pad_0	: padding align 8;
+	stub		: bytestring &restofdata;
+};
+
+type DCE_RPC_Response = record {
+	alloc_hint	: uint32;
+	p_cont_id	: p_context_id_t;
+	cancel_count	: uint8;
+	reserved	: uint8;
+	# stub_pad_0	: padding align 8;
+	stub		: bytestring &restofdata;
+};
+
+type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
+	DCE_RPC_BIND	 -> bind	: DCE_RPC_Bind;
+	DCE_RPC_REQUEST	 -> request	: DCE_RPC_Request;
+	DCE_RPC_RESPONSE -> response	: DCE_RPC_Response;
+	default		 -> other	: bytestring &restofdata;
+};
+
+type DCE_RPC_Auth(header: DCE_RPC_Header) = uint8[header.auth_length];
+
+
diff --git a/src/analyzer/protocol/smb/pipe-mssql-tds.pac b/src/analyzer/protocol/smb/pipe-mssql-tds.pac
new file mode 100644
index 0000000000..c50fbe069a
--- /dev/null
+++ b/src/analyzer/protocol/smb/pipe-mssql-tds.pac
@@ -0,0 +1,69 @@
+# Packet Documentation
+# http://msdn.microsoft.com/en-us/library/dd305039.aspx
+
+type TDS_PDU = record {
+	header:  TDS_Header;
+	message: TDS_Message(header);
+} &byteorder=bigendian &length=header.len;
+
+type TDS_Header = record {
+	message_type: uint8; # http://msdn.microsoft.com/en-us/library/dd304214.aspx
+	status: uint8;       # http://msdn.microsoft.com/en-us/library/dd358342.aspx
+	len: uint16;
+	spid: uint16;        # process id.  server needs to send it.  client can too.
+	packet_id: uint8;
+	window: uint8;       # should be 0
+} &let {
+	eom: bool = ((status>>1) & 1) == 1;
+};
+
+type TDS_Message(h: TDS_Header) = case h.message_type of {
+	0x01    -> sql_batch: SQL_Batch(h);
+	# 0x04    -> token_stream: TDS_Token[];
+	default -> blah : bytestring &transient &restofdata;
+};
+
+	function proc_testing(a: SQL_Batch): bool
+		%{
+		printf("%.6f query: %s\n", network_time(), smb2_string2stringval(${a.query})->CheckString());
+
+		return true;
+		%}
+
+type SQL_Batch(h: TDS_Header) = record {
+	#total_len            : uint32;
+	#
+	#header_len           : uint32;
+	#header_type          : uint16;
+	#trans_descriptor     : uint64;
+	#outstanding_requests : uint32;
+
+	#query: SMB2_string(total_len-header_len);
+	query: SMB2_string(h.len-8);
+} &let {
+	proc: bool = proc_testing(this);
+};
+
+
+type TDS_Token = record {
+	token_type: uint8;
+	token: case token_type of {
+		0xE3    -> envchange : TDS_Token_EnvChange;
+		0xAB    -> info      : TDS_Token_Info;
+		default -> blah      : bytestring &transient &restofdata;
+	};
+};
+
+
+type TDS_Token_EnvChange = record {
+	len: uint16;
+	envchange_type: uint8;
+	new_value: bytestring &length=len-2;
+	#tab: RE/\x09/;
+	#old_value: bytestring &length=
+};
+
+type TDS_Token_Info = record {
+	
+};
+
diff --git a/src/analyzer/protocol/smb/smb-common.pac b/src/analyzer/protocol/smb/smb-common.pac
new file mode 100644
index 0000000000..b25f35ee53
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb-common.pac
@@ -0,0 +1,280 @@
+enum SMBVersion {
+	SMB1 = 0xff534d42, # \xffSMB
+	SMB2 = 0xfe534d42, # \xfeSMB
+};
+
+enum TransactionType {
+	SMB_MAILSLOT_BROWSE, # \MAILSLOT\BROWSE - MS Browse Protocol
+	SMB_MAILSLOT_LANMAN, # \MAILSLOT\LANMAN - deprecated cmds
+	SMB_PIPE,            # \PIPE\* named pipes?
+	SMB_RAP,             # \PIPE\LANMAN - remote administration protocol
+	SMB_UNKNOWN,         # there are probably lots of these
+};
+
+enum SMB_Command {
+	SMB_COM_CREATE_DIRECTORY = 0x00,
+	SMB_COM_DELETE_DIRECTORY = 0x01,
+	SMB_COM_OPEN = 0x02,
+	SMB_COM_CREATE = 0x03,
+	SMB_COM_CLOSE = 0x04,
+	SMB_COM_FLUSH = 0x05,
+	SMB_COM_DELETE = 0x06,
+	SMB_COM_RENAME = 0x07,
+	SMB_COM_QUERY_INFORMATION = 0x08,
+	SMB_COM_SET_INFORMATION = 0x09,
+	SMB_COM_READ = 0x0A,
+	SMB_COM_WRITE = 0x0B,
+	SMB_COM_LOCK_BYTE_RANGE = 0x0C,
+	SMB_COM_UNLOCK_BYTE_RANGE = 0x0D,
+	SMB_COM_CREATE_TEMPORARY = 0x0E,
+	SMB_COM_CREATE_NEW = 0x0F,
+	SMB_COM_CHECK_DIRECTORY = 0x10,
+	SMB_COM_PROCESS_EXIT = 0x11,
+	SMB_COM_SEEK = 0x12,
+	SMB_COM_LOCK_AND_READ = 0x13,
+	SMB_COM_WRITE_AND_UNLOCK = 0x14,
+	SMB_COM_READ_RAW = 0x1A,
+	SMB_COM_READ_MPX = 0x1B,
+	SMB_COM_READ_MPX_SECONDARY = 0x1C,
+	SMB_COM_WRITE_RAW = 0x1D,
+	SMB_COM_WRITE_MPX = 0x1E,
+	SMB_COM_WRITE_MPX_SECONDARY = 0x1F,
+	SMB_COM_WRITE_COMPLETE = 0x20,
+	SMB_COM_QUERY_SERVER = 0x21,
+	SMB_COM_SET_INFORMATION2 = 0x22,
+	SMB_COM_QUERY_INFORMATION2 = 0x23,
+	SMB_COM_LOCKING_ANDX = 0x24,
+	SMB_COM_TRANSACTION = 0x25,
+	SMB_COM_TRANSACTION_SECONDARY = 0x26,
+	SMB_COM_IOCTL = 0x27,
+	SMB_COM_IOCTL_SECONDARY = 0x28,
+	SMB_COM_COPY = 0x29,
+	SMB_COM_MOVE = 0x2A,
+	SMB_COM_ECHO = 0x2B,
+	SMB_COM_WRITE_AND_CLOSE = 0x2C,
+	SMB_COM_OPEN_ANDX = 0x2D,
+	SMB_COM_READ_ANDX = 0x2E,
+	SMB_COM_WRITE_ANDX = 0x2F,
+	SMB_COM_NEW_FILE_SIZE = 0x30,
+	SMB_COM_CLOSE_AND_TREE_DISC = 0x31,
+	SMB_COM_TRANSACTION2 = 0x32,
+	SMB_COM_TRANSACTION2_SECONDARY = 0x33,
+	SMB_COM_FIND_CLOSE2 = 0x34,
+	SMB_COM_FIND_NOTIFY_CLOSE = 0x35,
+	
+	SMB_COM_TREE_CONNECT = 0x70,
+	SMB_COM_TREE_DISCONNECT = 0x71,
+	SMB_COM_NEGOTIATE = 0x72,
+	SMB_COM_SESSION_SETUP_ANDX = 0x73,
+	SMB_COM_LOGOFF_ANDX = 0x74,
+	SMB_COM_TREE_CONNECT_ANDX = 0x75,
+	SMB_COM_QUERY_INFORMATION_DISK = 0x80,
+	SMB_COM_SEARCH = 0x81,
+	SMB_COM_FIND = 0x82,
+	SMB_COM_FIND_UNIQUE = 0x83,
+	SMB_COM_FIND_CLOSE = 0x84,
+	SMB_COM_NT_TRANSACT = 0xA0,
+	SMB_COM_NT_TRANSACT_SECONDARY = 0xA1,
+	SMB_COM_NT_CREATE_ANDX = 0xA2,
+	SMB_COM_NT_CANCEL = 0xA4,
+	SMB_COM_NT_RENAME = 0xA5,
+	SMB_COM_OPEN_PRINT_FILE = 0xC0,
+	SMB_COM_WRITE_PRINT_FILE = 0xC1,
+	SMB_COM_CLOSE_PRINT_FILE = 0xC2,
+	SMB_COM_GET_PRINT_QUEUE = 0xC3,
+	SMB_COM_READ_BULK = 0xD8,
+	SMB_COM_WRITE_BULK = 0xD9,
+	SMB_COM_WRITE_BULK_DATA = 0xDA,	
+};
+
+enum SMB_Status {
+	# 0x000
+	STATUS_SUCCESS				= 0x00000000,
+	STATUS_NOTIFY_ENUM_DIR			= 0x0000010C,
+	STATUS_INVALID_SMB			= 0x00010002,
+	STATUS_SMB_BAD_TID			= 0x00050002,
+	STATUS_SMB_BAD_FID			= 0x00060001,
+	STATUS_OS2_INVALID_ACCESS		= 0x000C0001,
+	# 0x001
+	STATUS_SMB_BAD_COMMAND			= 0x00160002,
+	# 0x005
+	STATUS_SMB_BAD_UID			= 0x005B0002,
+	# 0x007
+	STATUS_OS2_NO_MORE_SIDS			= 0x00710001,
+	STATUS_OS2_INVALID_LEVEL		= 0x007C0001,
+	# 0x008
+	STATUS_OS2_NEGATIVE_SEEK		= 0x00830001,
+	# 0x00A
+	STATUS_OS2_CANCEL_VIOLATION		= 0x00AD0001,
+	STATUS_OS2_ATOMIC_LOCKS_NOT_SUPPORTED	= 0x00AE0001,
+	# 0x00F
+	STATUS_SMB_USE_MPX			= 0x00FA0002,
+	STATUS_SMB_USE_STANDARD			= 0x00FB0002,
+	STATUS_SMB_CONTINUE_MPX			= 0x00FC0002,
+	# 0x01
+	STATUS_OS2_CANNOT_COPY			= 0x010A0001,
+	STATUS_OS2_EAS_DIDNT_FIT		= 0x01130001,
+	# 0x03
+	STATUS_OS2_EA_ACCESS_DENIED		= 0x03E20001,
+	# 0x8
+	STATUS_BUFFER_OVERFLOW			= 0x80000005,
+	STATUS_NO_MORE_FILES			= 0x80000006,
+	STATUS_DEVICE_PAPER_EMPTY		= 0x8000000E,
+	STATUS_STOPPED_ON_SYMLINK		= 0x8000002D,
+	# 0xC000000
+	STATUS_UNSUCCESSFUL			= 0xC0000001,
+	STATUS_NOT_IMPLEMENTED			= 0xC0000002,
+	STATUS_INVALID_INFO_CLASS		= 0xC0000003,
+	STATUS_INVALID_HANDLE			= 0xC0000008,
+	STATUS_INVALID_PARAMETER		= 0xC000000D,
+	STATUS_NO_SUCH_DEVICE			= 0xC000000E,
+	STATUS_NO_SUCH_FILE			= 0xC000000F,
+	# 0xC000001
+	STATUS_INVALID_DEVICE_REQUEST		= 0xC0000010,
+	STATUS_END_OF_FILE			= 0xC0000011,
+	STATUS_WRONG_VOLUME			= 0xC0000012,
+	STATUS_NONEXISTENT_SECTOR		= 0xC0000015,
+	STATUS_NO_MEDIA_IN_DEVICE		= 0xC0000013,
+	STATUS_MORE_PROCESSING_REQUIRED		= 0xC0000016,
+	STATUS_INVALID_LOCK_SEQUENCE		= 0xC000001E,
+	STATUS_INVALID_VIEW_SIZE		= 0xC000001F,
+	# 0xC000002
+	STATUS_ALREADY_COMMITTED		= 0xC0000021,
+	STATUS_ACCESS_DENIED			= 0xC0000022,
+	STATUS_BUFFER_TOO_SMALL			= 0xC0000023,
+	STATUS_OBJECT_TYPE_MISMATCH		= 0xC0000024,
+	STATUS_HANDLE_NOT_CLOSABLE		= 0xC0000025,
+	# 0xC000003
+	STATUS_DISK_CORRUPT_ERROR		= 0xC0000032,
+	STATUS_OBJECT_NAME_NOT_FOUND		= 0xC0000034,
+	STATUS_OBJECT_NAME_COLLISION		= 0xC0000035,
+	STATUS_PORT_DISCONNECTED		= 0xC0000037,
+	STATUS_OBJECT_PATH_INVALID		= 0xC0000039,
+	STATUS_OBJECT_PATH_NOT_FOUND		= 0xC000003A,
+	STATUS_OBJECT_PATH_SYNTAX_BAD		= 0xC000003B,
+	STATUS_DATA_ERROR			= 0xC000003E,
+	STATUS_CRC_ERROR			= 0xC000003F,
+	# 0xC000004
+	STATUS_SECTION_TOO_BIG			= 0xC0000040,
+	STATUS_PORT_CONNECTION_REFUSED		= 0xC0000041,
+	STATUS_INVALID_PORT_HANDLE		= 0xC0000042,
+	STATUS_SHARING_VIOLATION		= 0xC0000043,
+	STATUS_THREAD_IS_TERMINATING		= 0xC000004B,
+	STATUS_EAS_NOT_SUPPORTED		= 0xC000004F,
+	# 0xC000005
+	STATUS_EA_TOO_LARGE			= 0xC0000050,
+	STATUS_FILE_LOCK_CONFLICT		= 0xC0000054,
+	STATUS_LOCK_NOT_GRANTED			= 0xC0000055,
+	STATUS_DELETE_PENDING			= 0xC0000056,
+	# 0xC000006
+	STATUS_PRIVILEGE_NOT_HELD		= 0xC0000061,
+	STATUS_LOGON_FAILURE			= 0xC000006D,
+	STATUS_WRONG_PASSWORD			= 0xC000006A,
+	STATUS_INVALID_LOGON_HOURS		= 0xC000006F,
+	# 0xC000007
+	STATUS_INVALID_WORKSTATION		= 0xC0000070,
+	STATUS_PASSWORD_EXPIRED			= 0xC0000071,
+	STATUS_ACCOUNT_DISABLED			= 0xC0000072,
+	STATUS_RANGE_NOT_LOCKED			= 0xC000007E,
+	STATUS_DISK_FULL			= 0xC000007F,
+	# 0xC000009
+	STATUS_TOO_MANY_PAGING_FILES		= 0xC0000097,
+	STATUS_DFS_EXIT_PATH_FOUND		= 0xC000009B,
+	STATUS_DEVICE_DATA_ERROR		= 0xC000009C,
+	# 0xC00000A
+	STATUS_MEDIA_WRITE_PROTECTED		= 0xC00000A2,
+	STATUS_BAD_IMPERSONATION_LEVEL		= 0xC00000A5,
+	STATUS_INSTANCE_NOT_AVAILABLE		= 0xC00000AB,
+	STATUS_PIPE_NOT_AVAILABLE		= 0xC00000AC,
+	STATUS_PIPE_STATE			= 0xC00000AD,
+	STATUS_PIPE_BUSY			= 0xC00000AE,
+	STATUS_ILLEGAL_FUNCTION			= 0xC00000AF,
+	# 0xC00000B
+	STATUS_PIPE_DISCONNECTED		= 0xC00000B0,
+	STATUS_PIPE_CLOSING			= 0xC00000B1,
+	STATUS_INVALID_READ_MODE		= 0xC00000B4,
+	STATUS_IO_TIMEOUT			= 0xC00000B5,
+	STATUS_FILE_IS_A_DIRECTORY		= 0xC00000BA,
+	STATUS_NOT_SUPPORTED			= 0xC00000BB,
+	# 0xC00000C
+	STATUS_UNEXPECTED_NETWORK_ERROR		= 0xC00000C4,
+	STATUS_PRINT_QUEUE_FULL			= 0xC00000C6,
+	STATUS_NO_SPOOL_SPACE			= 0xC00000C7,
+	STATUS_PRINT_CANCELLED			= 0xC00000C8,
+	STATUS_NETWORK_NAME_DELETED		= 0xC00000C9,
+	STATUS_NETWORK_ACCESS_DENIED		= 0xC00000CA,
+	STATUS_BAD_DEVICE_TYPE			= 0xC00000CB,
+	STATUS_BAD_NETWORK_NAME			= 0xC00000CC,
+	STATUS_TOO_MANY_SESSIONS		= 0xC00000CE,
+	# 0xC00000D
+	STATUS_REQUEST_NOT_ACCEPTED		= 0xC00000D0,
+	STATUS_NOT_SAME_DEVICE			= 0xC00000D4,
+	STATUS_FILE_RENAMED			= 0xC00000D5,
+	STATUS_PIPE_EMPTY			= 0xC00000D9,
+	# 0xC00000F
+	STATUS_REDIRECTOR_NOT_STARTED		= 0xC00000FB,
+	# 0xC00001
+	STATUS_DIRECTORY_NOT_EMPTY		= 0xC0000101,
+	STATUS_PROCESS_IS_TERMINATING		= 0xC000010A,
+	STATUS_TOO_MANY_OPENED_FILES		= 0xC000011F,
+	STATUS_CANNOT_DELETE			= 0xC0000121,
+	STATUS_FILE_DELETED			= 0xC0000123,
+	STATUS_FILE_CLOSED			= 0xC0000128,
+	STATUS_INVALID_DEVICE_STATE		= 0xC0000184,
+	STATUS_ACCOUNT_EXPIRED			= 0xC0000193,
+	# 0xC00002
+	STATUS_USER_SESSION_DELETED		= 0xC0000203,
+	STATUS_INSUFF_SERVER_RESOURCES		= 0xC0000205,
+	STATUS_PASSWORD_MUST_CHANGE		= 0xC0000224,
+	STATUS_ACCOUNT_LOCKED_OUT		= 0xC0000234,
+	STATUS_PATH_NOT_COVERED			= 0xC0000257,
+	# 0xC00003
+	STATUS_NETWORK_SESSION_EXPIRED		= 0xC000035C,
+	# 0xC0002
+	STATUS_SMB_TOO_MANY_UIDS		= 0xC000205A,
+	# 0xF
+	STATUS_SMB_NO_SUPPORT			= 0xFFFF0002,
+};
+
+function determine_transaction_type(setup_count: int, name: SMB_string): TransactionType
+	%{
+	// This logic needs to be verified! the relationship between
+	// setup_count and type is very unclear.
+	if ( name == NULL )
+		{
+		return SMB_UNKNOWN;
+		}
+	//if ( bytestring_caseprefix( extract_string(name),
+	//		"\\PIPE\\LANMAN" ) )
+	//	{
+	//	return SMB_RAP;
+	//	}
+	//
+	//if ( bytestring_caseprefix( extract_string(name), "\\MAILSLOT\\LANMAN" ) )
+	//	{
+	//	return SMB_MAILSLOT_LANMAN;
+	//	//return SMB_MAILSLOT_BROWSE;
+	//	}
+	//
+	//if ( bytestring_caseprefix( extract_string(name), "\\MAILSLOT\\NET\\NETLOGON" ) )
+	//	{
+	//	/* Don't really know what to do here, its got a Mailslot
+	//	 * type but its a deprecated packet format that handles
+	//	 * old windows logon
+	//	 */
+	//	return SMB_UNKNOWN;
+	//	}
+	//
+	if ( ${name.u.s}->size() == 14 && ${name.u.s[0]} == '\\' && ${name.u.s[2]} == 'P' && ${name.u.s[4]} == 'I' && ${name.u.s[6]} == 'P' && ${name.u.s[8]} == 'E' && ${name.u.s[10]} == '\\')
+		{
+		return SMB_PIPE;
+		}
+	
+	//if ( setup_count == 3 ||
+	//     bytestring_caseprefix( extract_string(name), "\\MAILSLOT\\" ) )
+	//	{
+	//	return SMB_MAILSLOT_BROWSE;
+	//	}
+	
+	return SMB_UNKNOWN;
+	%}
diff --git a/src/analyzer/protocol/smb/smb-mailslot.pac b/src/analyzer/protocol/smb/smb-mailslot.pac
index a386ae105c..9bbcdeed5f 100644
--- a/src/analyzer/protocol/smb/smb-mailslot.pac
+++ b/src/analyzer/protocol/smb/smb-mailslot.pac
@@ -1,4 +1,3 @@
-
 enum SMB_MailSlot_opcode {
 	HOST_ANNOUNCEMENT		= 1,
 	ANNOUCEMENT_REQUEST	= 2,
diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
new file mode 100644
index 0000000000..d95177c5a3
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -0,0 +1,399 @@
+refine connection SMB_Conn += {
+	function unicode_to_ascii(s: bytestring, length: uint16, is_unicode: bool): bytestring
+		%{
+		if ( !is_unicode ) return s;
+
+		char* buf;
+
+		buf = new char[(length/2) + 1];
+		
+		for ( int i = 0; i < length; i += 2 )
+			buf[i/2] = s[i];
+		buf[length/2] = 0;
+		return bytestring((uint8*) buf, (length/2));
+		%}
+
+	function build_negotiate_flag_record(val: SMB_NTLM_Negotiate_Flags): BroVal
+		%{
+		RecordVal* flags = new RecordVal(BifType::Record::SMB::NTLMNegotiateFlags);
+		flags->Assign(0, new Val(${val.negotiate_56}, TYPE_BOOL));
+		flags->Assign(1, new Val(${val.negotiate_key_exch}, TYPE_BOOL));
+		flags->Assign(2, new Val(${val.negotiate_128}, TYPE_BOOL));
+		flags->Assign(3, new Val(${val.negotiate_version}, TYPE_BOOL));
+		flags->Assign(4, new Val(${val.negotiate_target_info}, TYPE_BOOL));
+
+		flags->Assign(5, new Val(${val.request_non_nt_session_key}, TYPE_BOOL));
+		flags->Assign(6, new Val(${val.negotiate_identify}, TYPE_BOOL));
+		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity}, TYPE_BOOL));
+		flags->Assign(8, new Val(${val.target_type_server}, TYPE_BOOL));
+		flags->Assign(9, new Val(${val.target_type_domain}, TYPE_BOOL));
+
+		flags->Assign(10, new Val(${val.negotiate_always_sign}, TYPE_BOOL));
+		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, TYPE_BOOL));
+		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied}, TYPE_BOOL));
+		flags->Assign(13, new Val(${val.negotiate_anonymous_connection}, TYPE_BOOL));
+		flags->Assign(14, new Val(${val.negotiate_ntlm}, TYPE_BOOL));
+
+		flags->Assign(15, new Val(${val.negotiate_lm_key}, TYPE_BOOL));
+		flags->Assign(16, new Val(${val.negotiate_datagram}, TYPE_BOOL));
+		flags->Assign(17, new Val(${val.negotiate_seal}, TYPE_BOOL));
+		flags->Assign(18, new Val(${val.negotiate_sign}, TYPE_BOOL));
+		flags->Assign(19, new Val(${val.request_target}, TYPE_BOOL));
+
+		flags->Assign(20, new Val(${val.negotiate_oem}, TYPE_BOOL));
+		flags->Assign(21, new Val(${val.negotiate_unicode}, TYPE_BOOL));
+
+		return flags;
+		%}
+
+	function build_version_record(val: SMB_NTLM_Version): BroVal
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMVersion);
+		result->Assign(0, new Val(${val.major_version}, TYPE_COUNT));
+		result->Assign(1, new Val(${val.minor_version}, TYPE_COUNT));
+		result->Assign(2, new Val(${val.build_number}, TYPE_COUNT));
+		result->Assign(3, new Val(${val.ntlm_revision}, TYPE_COUNT));
+
+		return result;
+		%}
+
+	function build_av_record(val: SMB_NTLM_AV_Pair_Sequence): BroVal
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAVs);
+		for ( uint i = 0; ${val.pairs[i].id} != 0; i++ ) {
+			switch ( ${val.pairs[i].id} ) {
+				case 1:
+					result->Assign(0, bytestring_to_val(${val.pairs[i].nb_computer_name.data}));
+					break;
+				case 2:
+					result->Assign(1, bytestring_to_val(${val.pairs[i].nb_domain_name.data}));
+					break;
+				case 3:
+					result->Assign(2, bytestring_to_val(${val.pairs[i].dns_computer_name.data}));
+					break;
+				case 4:
+					result->Assign(3, bytestring_to_val(${val.pairs[i].dns_domain_name.data}));
+					break;
+				case 5:
+					result->Assign(4, bytestring_to_val(${val.pairs[i].dns_tree_name.data}));
+					break;
+				case 6:
+					result->Assign(5, new Val(${val.pairs[i].constrained_auth}, TYPE_BOOL));
+					break;
+				case 7:
+					result->Assign(6, filetime2brotime(${val.pairs[i].timestamp}));
+					break;
+				case 8:
+					result->Assign(7, new Val(${val.pairs[i].single_host.machine_id}, TYPE_COUNT));
+					break;
+				case 9:
+					result->Assign(8, bytestring_to_val(${val.pairs[i].target_name.data}));
+					break;
+			}
+		}
+		return result;
+		%}
+
+	function proc_smb_ntlm_accept(header: SMB_Header): bool
+		%{
+		BifEvent::generate_smb_ntlm_accepted(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+		return true;
+		%}
+
+	function proc_smb_ntlm_negotiate(header: SMB_Header, val: SMB_NTLM_Negotiate): bool
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMNegotiate);
+		result->Assign(0, build_negotiate_flag_record(${val.flags}));
+		if ( ${val.flags.negotiate_oem_domain_supplied} )      result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+		if ( ${val.flags.negotiate_oem_workstation_supplied} ) result->Assign(2, bytestring_to_val(${val.workstation.string.data}));
+		if ( ${val.flags.negotiate_version} )                  result->Assign(3, build_version_record(${val.version}));
+
+		BifEvent::generate_smb_ntlm_negotiate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
+		
+		return true;
+		%}
+		
+	function proc_smb_ntlm_challenge(header: SMB_Header, val: SMB_NTLM_Challenge): bool
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMChallenge);
+		result->Assign(0, build_negotiate_flag_record(${val.flags}));
+		if ( ${val.flags.request_target} )          result->Assign(1, bytestring_to_val(${val.target_name.string.data}));
+		if ( ${val.flags.negotiate_version} )       result->Assign(2, build_version_record(${val.version}));
+		if ( ${val.flags.negotiate_target_info} )   result->Assign(3, build_av_record(${val.target_info}));
+		
+		BifEvent::generate_smb_ntlm_challenge(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
+		
+		return true;
+		%}
+
+	function proc_smb_ntlm_authenticate(header: SMB_Header, val: SMB_NTLM_Authenticate): bool
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAuthenticate);
+		result->Assign(0, build_negotiate_flag_record(${val.flags}));
+		result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+		result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
+		result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
+		if ( ${val.flags.negotiate_version} )       result->Assign(4, build_version_record(${val.version}));
+
+		BifEvent::generate_smb_ntlm_authenticate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
+
+		return true;
+		%}
+
+	function convert_der_num(is_long: bool, first: uint8, fields: bytestring): uint64
+		%{
+		if (!is_long) return first;
+
+		int result;
+		result = 0;
+
+		for (uint i = 0; i < fields.length(); i++)
+			{
+			result << 8;
+			result += ${fields[i]};
+			}
+		return result;
+		%}
+
+	function test_accepted(m: SMB_NTLM_SSP): bool
+		%{
+		if ( ${m.gssapi}->size() < 4 )
+			return false;
+		return ( ${m.gssapi[3].tag} == 10 && ${m.gssapi[3].value} == "\x00" );		         
+		%}
+
+};
+
+type DER_Length = record {
+	first : uint8;
+	rest  : bytestring &length=size;
+} &let {
+	is_long_form : bool = (first >= 128);
+	size	     : uint8 = is_long_form ? first % 128 : 0;
+	value        : uint64 = $context.connection.convert_der_num(is_long_form, first, rest);
+};
+
+type DER_ASN = record {
+	tag: uint8;
+	length: DER_Length;
+	skip_constructed: case (is_primitive && (tag != 0x04) ) of {
+		true -> value: bytestring &length=length.value;
+		false -> nothing: empty;
+	} &requires(is_primitive);
+} &let {
+	is_primitive: bool = (tag & 0x20) == 0;
+	last: bool = tag == 0x04;
+};
+
+type SMB_NTLM_SSP(header: SMB_Header) = record {
+	gssapi     : DER_ASN[] &until ($element.last);
+	skip_accepted: case ( is_accepted ) of {
+		true  -> nothing: empty;
+		false -> token: SMB_NTLM_Neg_Token(header);
+	} &requires(is_accepted);
+} &let {
+	is_accepted: bool = $context.connection.test_accepted(this);
+	proc:        bool = $context.connection.proc_smb_ntlm_accept(header) &if(is_accepted);
+};
+
+type SMB_NTLM_Neg_Token(header: SMB_Header) = record {
+	identifier : bytestring &length=8;
+	msg_type   : uint32;
+	msg	   : case msg_type of {
+		0 -> accept       : empty;
+		1 -> negotiate    : SMB_NTLM_Negotiate(header, 12);
+		2 -> challenge    : SMB_NTLM_Challenge(header, 12);
+		3 -> authenticate : SMB_NTLM_Authenticate(header, 12);
+	};
+} &let {
+	is_accept	: bool = (msg_type == 0);
+	is_negotiate    : bool = (msg_type == 1);
+	is_challenge    : bool = (msg_type == 2);
+	is_authenticate : bool = (msg_type == 3);
+	proc		: bool = $context.connection.proc_smb_ntlm_accept(header) &if is_accept;
+};
+
+type SMB_NTLM_Negotiate(header: SMB_Header, offset: uint16) = record {
+	flags		   : SMB_NTLM_Negotiate_Flags;
+	domain_name_fields : SMB_NTLM_StringData;
+	workstation_fields : SMB_NTLM_StringData;
+	version_present	   : case flags.negotiate_version of {
+		true -> version: SMB_NTLM_Version;
+		false -> no_version: empty;
+	};
+	payload		   : bytestring &restofdata;
+} &let {
+	absolute_offset    : uint16 = offsetof(payload) + offset;
+	domain_name	   : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
+	workstation	   : SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
+	proc		   : bool = $context.connection.proc_smb_ntlm_negotiate(header, this);
+};
+
+type SMB_NTLM_Challenge(header: SMB_Header, offset: uint16) = record {
+	target_name_fields : SMB_NTLM_StringData;
+	flags		   : SMB_NTLM_Negotiate_Flags;
+	challenge	   : uint64;
+	reserved	   : padding[8];
+	target_info_fields : SMB_NTLM_StringData;
+	version_present	   : case flags.negotiate_version of {
+		true -> version: SMB_NTLM_Version;
+		false -> no_version: empty;
+	};
+	payload            : bytestring &restofdata;
+} &let {
+	absolute_offset    : uint16 = offsetof(payload) + offset;
+	target_name	   : SMB_NTLM_String(target_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.request_target);
+	target_info	   : SMB_NTLM_AV_Pair_Sequence(target_info_fields.offset - absolute_offset) withinput payload &if(flags.negotiate_target_info);
+	proc		   : bool = $context.connection.proc_smb_ntlm_challenge(header, this);
+};
+
+type SMB_NTLM_Authenticate(header: SMB_Header, offset: uint16) = record {
+	lm_challenge_response_fields : SMB_NTLM_StringData;
+	nt_challenge_response_fields : SMB_NTLM_StringData;
+	domain_name_fields	     : SMB_NTLM_StringData;
+	user_name_fields	     : SMB_NTLM_StringData;
+	workstation_fields	     : SMB_NTLM_StringData;
+	encrypted_session_key_fields : SMB_NTLM_StringData;
+	flags		             : SMB_NTLM_Negotiate_Flags;
+	version_present	   : case flags.negotiate_version of {
+		true -> version: SMB_NTLM_Version;
+		false -> no_version: empty;
+	};
+	mic		             : bytestring &length=16;
+	payload			     : bytestring &restofdata;
+} &let {
+	absolute_offset              : uint16 = offsetof(payload) + offset;
+	domain_name		     : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload;
+	user_name		     : SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload;
+	workstation		     : SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload;
+	encrypted_session_key	     : SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
+#	lm_response		     : SMB_LM_Response(lm_challenge_response_fields.offset - absolute_offset) withinput payload &if(lm_challenge_response_fields.length > 0);
+#	ntlm_response		     : SMB_NTLM_Response(nt_challenge_response_fields.offset - absolute_offset) withinput payload &if(nt_challenge_response_fields.length == 24);
+#	ntlmv2_response		     : SMB_NTLM_Response(nt_challenge_response_fields.offset - absolute_offset) withinput payload &if(nt_challenge_response_fields.length > 24);	 
+	proc		             : bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
+};
+
+type SMB_NTLM_Version = record {
+	major_version	: uint8;
+	minor_version	: uint8;
+	build_number	: uint16;
+	reserved	: padding[3];
+	ntlm_revision	: uint8;
+};
+
+type SMB_NTLM_StringData = record {
+	length     : uint16;
+	max_length : uint16;
+	offset	   : uint32;
+};
+
+type SMB_Fixed_Length_String(unicode: bool) = record {
+	s: bytestring &restofdata;
+} &let {
+	data: bytestring = $context.connection.unicode_to_ascii(s, sizeof(s), unicode);
+};
+
+type SMB_NTLM_String(fields: SMB_NTLM_StringData, offset: uint16, unicode: bool) = record {
+	      : padding to fields.offset - offset;
+	string: SMB_Fixed_Length_String(unicode) &length=fields.length;
+};
+
+type SMB_NTLM_AV_Pair_Sequence(offset: uint16) = record {
+	     : padding to offset;
+	pairs: SMB_NTLM_AV_Pair[] &until ($element.last);
+};
+
+type SMB_NTLM_AV_Pair = record {
+	id         : uint16;
+	length     : uint16;
+	value_case : case id of {
+		0x0000 -> av_eol            : empty;
+		0x0001 -> nb_computer_name  : SMB_Fixed_Length_String(true) &length=length;
+		0x0002 -> nb_domain_name    : SMB_Fixed_Length_String(true) &length=length;
+		0x0003 -> dns_computer_name : SMB_Fixed_Length_String(true) &length=length;
+		0x0004 -> dns_domain_name   : SMB_Fixed_Length_String(true) &length=length;
+		0x0005 -> dns_tree_name     : SMB_Fixed_Length_String(true) &length=length;
+		0x0006 -> av_flags          : uint32;
+		0x0007 -> timestamp         : uint64;
+		0x0008 -> single_host       : SMB_NTLM_Single_Host;
+		0x0009 -> target_name       : SMB_Fixed_Length_String(true) &length=length;
+		0x000a -> channel_bindings  : uint16;
+	};
+} &let {
+	last		 : bool = ( id == 0x0000);
+	# av_flags refinement
+	constrained_auth : bool = (av_flags & 0x00000001) > 0 &if ( id == 0x0006);
+	mic_present      : bool = (av_flags & 0x00000002) > 0 &if ( id == 0x0006);
+	untrusted_source : bool = (av_flags & 0x00000004) > 0 &if ( id == 0x0006);	
+};
+
+type SMB_NTLM_Single_Host = record {
+	size	     : uint32;
+	padpad	     : padding[4];
+	data_present : uint32;
+	optional     : case custom_data_present of {
+		true  -> custom_data : bytestring &length=4;
+		false -> nothing     : empty;
+	};
+	machine_id   : uint32;
+} &let {
+	custom_data_present : bool = (data_present & 0x00000001) > 0;
+};
+
+type SMB_LM_Response(offset: uint16) = record {
+	# This can be either LM (24 byte response) or
+	# LMv2 (16 byte response + 8 byte client challenge. No way to
+	# know for sure.
+	padpad   : padding to offset;
+	response : bytestring &length=24;
+};
+
+type SMB_NTLM_Response(offset: uint16) = record {
+	padpad   : padding to offset;
+	response : bytestring &length=24;
+};
+
+type SMB_NTLMv2_Response(flags: SMB_NTLM_Negotiate_Flags, offset: uint16) = record {
+	padpad           : padding to offset;
+	response         : bytestring &length=16;
+	client_challenge : SMB_NTLMv2_Client_Challenge(flags);
+};
+
+type SMB_NTLMv2_Client_Challenge(flags: SMB_NTLM_Negotiate_Flags) = record {
+	resp_type	 : uint8;
+	max_resp_type	 : uint8;
+	reserved	 : padding[6];
+	timestamp	 : uint64;
+	client_challenge : bytestring &length=8;
+	reserved2	 : padding[4];
+	av_pairs	 : SMB_NTLM_AV_Pair_Sequence(0);
+};
+
+type SMB_NTLM_Negotiate_Flags = record {
+	flags              : uint32;
+} &let {
+	negotiate_56                       : bool = (flags & 0x80000000) > 0;
+	negotiate_key_exch         	   : bool = (flags & 0x40000000) > 0;
+	negotiate_128	           	   : bool = (flags & 0x20000000) > 0;
+	negotiate_version          	   : bool = (flags & 0x02000000) > 0;
+	negotiate_target_info              : bool = (flags & 0x00800000) > 0;
+	request_non_nt_session_key         : bool = (flags & 0x00400000) > 0;
+	negotiate_identify	           : bool = (flags & 0x00100000) > 0;
+	negotiate_extended_sessionsecurity : bool = (flags & 0x00040000) > 0;
+	target_type_server	   	   : bool = (flags & 0x00020000) > 0;
+	target_type_domain	   	   : bool = (flags & 0x00010000) > 0;
+	negotiate_always_sign	   	   : bool = (flags & 0x00008000) > 0;
+	negotiate_oem_workstation_supplied : bool = (flags & 0x00002000) > 0;
+	negotiate_oem_domain_supplied  	   : bool = (flags & 0x00001000) > 0;
+	negotiate_anonymous_connection 	   : bool = (flags & 0x00000400) > 0;
+	negotiate_ntlm                     : bool = (flags & 0x00000100) > 0;
+	negotiate_lm_key 	           : bool = (flags & 0x00000080) > 0;
+	negotiate_datagram                 : bool = (flags & 0x00000040) > 0;
+	negotiate_seal                     : bool = (flags & 0x00000020) > 0;
+	negotiate_sign 	                   : bool = (flags & 0x00000008) > 0;
+	request_target                     : bool = (flags & 0x00000004) > 0;
+	negotiate_oem   	           : bool = (flags & 0x00000002) > 0;
+	negotiate_unicode                  : bool = (flags & 0x00000001) > 0;
+	is_oem				   : bool = !negotiate_unicode && negotiate_oem;
+	is_invalid			   : bool = !negotiate_unicode && !negotiate_oem;
+};
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index aa8f7a4db3..e2e957be06 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -1,12 +1,46 @@
 # this won't work correctly yet, since sometimes the parameters
 # field in the transaction takes up all of the data field
 
+%include dce_rpc-protocol.pac
+
+refine connection SMB_Conn += {
+       function proc_smb_atsvc_job_add(val: AT_SVC_NetrJobAdd): bool
+       		%{
+		if ( smb_atsvc_job_add )
+			{
+			BifEvent::generate_smb_atsvc_job_add(bro_analyzer(), bro_analyzer()->Conn(), smb_string2stringval(${val.server.string}), smb_string2stringval(${val.command.string}));
+			}
+		return true;
+		%}
+
+       function proc_smb_atsvc_job_id(val: AT_SVC_JobID): bool
+       		%{
+		if ( smb_atsvc_job_id )
+			{
+			BifEvent::generate_smb_atsvc_job_id(bro_analyzer(), bro_analyzer()->Conn(), ${val.id}, ${val.status});
+			}
+		return true;
+		%}
+
+	function determine_pipe_msg_type(hdr: DCE_RPC_Header, opnum: uint8): uint8
+		%{
+		if ( !is_atsvc ) return 0;
+		if ( ${hdr.PTYPE} == 0 && ${opnum} == 0 ) return 1;
+		if ( ${hdr.PTYPE} == 2 && ${opnum} == 0 ) return 2;
+		return 0;
+		%}
+
+};
+
 type SMB_Pipe_message( unicode: bool, byte_count: uint16, sub_cmd: uint16 ) = record { 
-
-	# there's a problem with byte_count here, not sure why ... its
-	# not the real length of the rest of the packet
-	data : bytestring &restofdata; 
-
+	rpc      : DCE_RPC_Header;
+	todo     : padding[6]; # These fields are currently missing from DCE/RPC for some reason.
+	opnum    : uint8;
+	pipe_type: case $context.connection.determine_pipe_msg_type(rpc, opnum) of {
+		1       -> atsvc_request : AT_SVC_Request(unicode, opnum);
+		2       -> atsvc_reply   : AT_SVC_Reply(unicode, opnum);
+		default -> unknown       : bytestring &restofdata; 
+	};
 } &byteorder = littleendian;
 
 type SMB_RAP_message( unicode: bool, byte_count: uint16 ) = record { 
@@ -17,3 +51,46 @@ type SMB_RAP_message( unicode: bool, byte_count: uint16 ) = record {
 	data : bytestring &restofdata; 
 
 } &byteorder = littleendian;
+
+type AT_SVC_Request(unicode: bool, opnum: uint8) = record {
+ 	empty: padding[1];
+	op: case opnum of {
+		0 -> add: AT_SVC_NetrJobAdd(unicode);
+		default -> unknown: bytestring &restofdata;
+	};
+};
+
+type AT_SVC_String_Pointer(unicode: bool) = record {
+	referent_id : uint32;
+	max_count   : uint32;
+	offset	    : uint32;
+	actual_count: uint32;
+	string	    : SMB_string(unicode, offsetof(string));
+};
+
+type AT_SVC_NetrJobAdd(unicode: bool) = record {
+	server       : AT_SVC_String_Pointer(unicode);
+	unknown      : padding[2];
+	job_time     : uint32;
+	days_of_month: uint32;
+	days_of_week : uint8;
+	flags        : uint8;
+	unknown2     : padding[2];
+	command      : AT_SVC_String_Pointer(unicode);
+} &let {
+	proc: bool = $context.connection.proc_smb_atsvc_job_add(this);
+};
+
+type AT_SVC_Reply(unicode: bool, opnum: uint16) = record {
+	op: case opnum of {
+		0 -> add: AT_SVC_JobID(unicode);
+		default -> unknown: bytestring &restofdata;
+	};
+};
+
+type AT_SVC_JobID(unicode: bool) = record {
+	id: uint32;
+	status: uint32;
+} &let {
+	proc: bool = $context.connection.proc_smb_atsvc_job_id(this);
+};
diff --git a/src/analyzer/protocol/smb/smb-protocol.pac b/src/analyzer/protocol/smb/smb-protocol.pac
index 585edfacd6..2a53ca9d7f 100644
--- a/src/analyzer/protocol/smb/smb-protocol.pac
+++ b/src/analyzer/protocol/smb/smb-protocol.pac
@@ -336,7 +336,7 @@ type SMB_read_andx_response = record {
 	byte_count	: uint16;
 	pad		: padding[padding_length];
 	data		: bytestring &length = data_length;
-	# Chris: the length here is causing problems - could we be having
+	# The length here is causing problems - could we be having
 	# issues with the packet format or is the data_length just not
 	# right. The problem is that the padding isn't always filled right,
 	# espeically when its not the first command in the packet.
diff --git a/src/analyzer/protocol/smb/smb-strings.pac b/src/analyzer/protocol/smb/smb-strings.pac
new file mode 100644
index 0000000000..6496af51cb
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb-strings.pac
@@ -0,0 +1,144 @@
+function uint8s_to_stringval(s: uint8[]): StringVal
+	%{
+	int length = 0;
+
+	const char* sp;
+	bool ascii = true;
+
+	vector<uint8>* data = s;
+	length = data->size();
+	// Scan the string once to see if it's all ascii
+	// embedded in UCS-2 (16 bit unicode).
+	for( int i = 1; i < length; i=i+2 )
+		{
+		// Find characters in odd positions that aren't null.
+		if ( (*data)[i] != 0x00 )
+			{
+			ascii = false;
+			break;
+			}
+		}
+
+	char *buf = new char[length];
+
+	for ( int i = 0; i < length; i=i+2)
+		{
+		if ( ascii )
+			{
+			int j = i/2;
+			buf[j] = (*data)[i];
+			}
+		else
+			{
+			// Flip the bytes because they are transferred in little endian.
+			buf[i] = (*data)[i+1];
+			buf[i+1] = (*data)[i];
+			}
+		}
+
+	if ( ascii )
+		{
+		length = length / 2;
+		if ( length > 0 && buf[length-1] == 0x00 )
+			--length;
+		}
+	else if ( length >= 2 && buf[length-1] == 0 && buf[length-2] == 0 )
+		{
+		// If the last 2 bytes are nulls, cut them with the length.
+		length = length-2;
+		}
+
+	StringVal *output = new StringVal(length, buf);
+	delete [] buf;
+	return output;
+	%}
+
+function extract_string(s: SMB_string) : StringVal
+	%{
+	int length = 0;
+
+	const char* sp;
+	bool ascii = true;
+
+	if ( s->val_case_index() == 0 )
+		{
+		length = s->a()->size();
+		char *buf = new char[length];
+
+		for ( int i = 0; i < length; i++)
+			{
+			unsigned char t = (*(s->a()))[i];
+			buf[i] = t;
+			}
+
+		if ( length > 0 && buf[length] == 0x00 )
+			length--;
+
+		StringVal *ret = new StringVal(length, buf);
+		delete [] buf;
+		return ret;
+		}
+
+	else
+		{
+		return uint8s_to_stringval(s->u()->s());
+		}
+	%}
+
+function smb_string2stringval(s: SMB_string) : StringVal
+	%{
+	return extract_string(s);
+	%}
+
+function smb2_string2stringval(s: SMB2_string) : StringVal
+	%{
+	return uint8s_to_stringval(s->s());
+	%}
+
+type SMB_ascii_string = uint8[] &until($element == 0x00);
+
+refine connection SMB_Conn += {
+	%member{
+		SMB_unicode_string *me;
+	%}
+
+	%init{
+		me = 0;
+	%}
+
+	function store_this_unicode_string(s: SMB_unicode_string): bool
+		%{
+		me = s;
+		return true;
+		%}
+
+	function get_prev_elem(): uint8
+		%{
+		if ( me && (me->s()->size() & 1) == 0 && me->s()->size() > 1 )
+			{
+			return me->s()->at(me->s()->size() - 2);
+			}
+		else
+			return 0xFF;
+		%}
+};
+
+type SMB_unicode_string(offset: int) = record {
+	pad : uint8[offset & 1] &let {
+		# Save off a pointer to this string instance.
+		prev: bool = $context.connection.store_this_unicode_string(this);
+	};
+	# Access the end of the string stored in this instance
+	# to see if the previous character was a null.
+	s   : uint8[] &until($element == 0x00 && $context.connection.get_prev_elem() == 0x00);
+} &byteorder=littleendian;
+
+
+type SMB_string(unicode: bool, offset: int) = case unicode of {
+	true  -> u: SMB_unicode_string(offset);
+	false -> a: SMB_ascii_string;
+};
+
+type SMB2_string(len: int) = record {
+	s : uint8[len];
+};
diff --git a/src/analyzer/protocol/smb/smb-time.pac b/src/analyzer/protocol/smb/smb-time.pac
new file mode 100644
index 0000000000..6f1ffc90e9
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb-time.pac
@@ -0,0 +1,44 @@
+function SMB_BuildMACTimes(modify: uint64, access: uint64, create: uint64, change: uint64): BroVal
+	%{
+	RecordVal* r = new RecordVal(BifType::Record::SMB::MACTimes);
+
+	r->Assign(0, filetime2brotime(modify));
+	r->Assign(1, filetime2brotime(access));
+	r->Assign(2, filetime2brotime(create));
+	r->Assign(3, filetime2brotime(change));
+
+	return r;
+	%}
+
+function filetime2brotime(ts: uint64): Val
+	%{
+	double secs = (ts / 10000000.0);
+
+	// Bro can't support times back to the 1600's 
+	// so we subtract a lot of seconds.
+	Val* bro_ts = new Val(secs - 11644473600.0, TYPE_TIME);
+	
+	return bro_ts;
+	%}
+
+type SMB_timestamp32 = uint32;
+type SMB_timestamp = uint64;
+
+type SMB_time = record {
+	two_seconds : uint16;
+	minutes     : uint16;
+	hours       : uint16;
+} &byteorder = littleendian;
+
+type SMB_date = record {
+	day   : uint16;
+	month : uint16;
+	year  : uint16;
+} &byteorder = littleendian;
+
+
+#type SMB2_timestamp = record {
+#	lowbits           : uint32;
+#	highbits          : uint32;
+#} &byteorder = littleendian;
+#
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index 1fdab27d90..f4ff41a680 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -2,11 +2,130 @@
 %include bro.pac
 
 %extern{
-#include "events.bif.h"
+#include "smb1_events.bif.h"
+#include "smb2_events.bif.h"
+
+#include "types.bif.h"
+
+#include "smb_ntlmssp.bif.h"
+#include "smb_pipe.bif.h"
+
+#include "smb1_com_check_directory.bif.h"
+#include "smb1_com_close.bif.h"
+#include "smb1_com_create_directory.bif.h"
+#include "smb1_com_echo.bif.h"
+#include "smb1_com_logoff_andx.bif.h"
+#include "smb1_com_negotiate.bif.h"
+#include "smb1_com_nt_cancel.bif.h"
+#include "smb1_com_nt_create_andx.bif.h"
+#include "smb1_com_query_information.bif.h"
+#include "smb1_com_read_andx.bif.h"
+#include "smb1_com_session_setup_andx.bif.h"
+#include "smb1_com_tree_connect_andx.bif.h"
+#include "smb1_com_tree_disconnect.bif.h"
+#include "smb1_com_write_andx.bif.h"
+
+#include "smb2_com_close.bif.h"
+#include "smb2_com_create.bif.h"
+#include "smb2_com_negotiate.bif.h"
+#include "smb2_com_read.bif.h"
+#include "smb2_com_session_setup.bif.h"
+#include "smb2_com_tree_connect.bif.h"
+#include "smb2_com_tree_disconnect.bif.h"
+#include "smb2_com_write.bif.h"
 %}
 
-analyzer SMB withcontext { };
+analyzer SMB withcontext {
+	connection:  SMB_Conn;
+	flow:        SMB_Flow;
+};
+
+connection SMB_Conn(bro_analyzer: BroAnalyzer) {
+	upflow   = SMB_Flow(true);
+	downflow = SMB_Flow(false);
+};
+
+%include smb-strings.pac
+%include smb-common.pac
+%include smb-time.pac
+
+%include smb-ntlmssp.pac
+
+# SMB1 Commands
+%include smb1-com-check-directory.pac
+%include smb1-com-close.pac
+%include smb1-com-create-directory.pac
+%include smb1-com-echo.pac
+%include smb1-com-locking-andx.pac
+%include smb1-com-logoff-andx.pac
+%include smb1-com-negotiate.pac
+%include smb1-com-nt-cancel.pac
+%include smb1-com-nt-create-andx.pac
+%include smb1-com-nt-transact.pac
+%include smb1-com-query-information.pac
+%include smb1-com-read-andx.pac
+%include smb1-com-session-setup-andx.pac
+%include smb1-com-transaction-secondary.pac
+%include smb1-com-transaction.pac
+%include smb1-com-transaction2.pac
+%include smb1-com-tree-connect-andx.pac
+%include smb1-com-tree-disconnect.pac
+%include smb1-com-write-andx.pac
 
-%include smb-protocol.pac
 %include smb-mailslot.pac
 %include smb-pipe.pac
+
+# SMB2 Commands
+%include smb2-com-close.pac
+%include smb2-com-create.pac
+%include smb2-com-negotiate.pac
+%include smb2-com-read.pac
+%include smb2-com-session-setup.pac
+%include smb2-com-tree-connect.pac
+%include smb2-com-tree-disconnect.pac
+%include smb2-com-write.pac
+
+type uint24 = record {
+	byte1 : uint8;
+	byte2 : uint8;
+	byte3 : uint8;
+};
+
+function to_int(num: uint24): uint32
+	%{
+	return (num->byte1() << 16) | (num->byte2() << 8) | num->byte3();
+	%}
+
+type SMB_TCP(is_orig: bool) = record {
+	# These are technically NetBIOS fields but it's considered 
+	# to be SMB directly over TCP.  The fields are essentially
+	# the NBSS protocol but it's only used for framing here.
+	message_type : uint8;
+	len24        : uint24;
+	body         : case message_type of {
+		# SMB/SMB2 packets are required to use NBSS session messages.
+		0       -> nbss : SMB_Protocol_Identifier(is_orig, len);
+
+		# TODO: support more nbss message types?
+		default -> skip : bytestring &transient &restofdata;
+	};
+} &let {
+	len : uint32 = to_int(len24);
+} &byteorder = littleendian &length=len+4;
+
+type SMB_Protocol_Identifier(is_orig: bool, msg_len: uint32) = record {
+	# Sort of cheating by reading this in as an integer instead of a string.
+	protocol          : uint32 &byteorder=bigendian;
+	smb_1_or_2        : case protocol of {
+		SMB1    -> smb1    : SMB_PDU(is_orig, msg_len);
+		SMB2    -> smb2    : SMB2_PDU(is_orig);
+		default -> unknown : empty;
+	};
+};
+
+%include smb1-protocol.pac
+%include smb2-protocol.pac
+
+flow SMB_Flow(is_orig: bool) {
+	flowunit = SMB_TCP(is_orig) withcontext(connection, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-check-directory.pac b/src/analyzer/protocol/smb/smb1-com-check-directory.pac
new file mode 100644
index 0000000000..3b661033a3
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-check-directory.pac
@@ -0,0 +1,37 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_check_directory_request(header: SMB_Header, val: SMB1_check_directory_request): bool
+		%{
+		if ( smb1_check_directory_request )
+			BifEvent::generate_smb1_check_directory_request(bro_analyzer(), bro_analyzer()->Conn(),
+									BuildHeaderVal(header), 
+									smb_string2stringval(${val.directory_name}));
+		return true;
+		%}
+
+	function proc_smb1_check_directory_response(header: SMB_Header, val: SMB1_check_directory_response): bool
+		%{
+		if ( smb1_check_directory_response )
+			BifEvent::generate_smb1_check_directory_response(bro_analyzer(), bro_analyzer()->Conn(),
+									 BuildHeaderVal(header)); 
+		return true;
+		%}
+
+};
+
+type SMB1_check_directory_request(header: SMB_Header) = record {
+	word_count : uint8;
+
+	byte_count     : uint16;
+	buffer_format  : uint8; # must be 0x04
+	directory_name : SMB_string(header.unicode, offsetof(directory_name));
+} &let {
+	proc : bool = $context.connection.proc_smb1_check_directory_request(header, this);
+};
+
+type SMB1_check_directory_response(header: SMB_Header) = record {
+	word_count : uint8;
+	byte_count : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb1_check_directory_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-close.pac b/src/analyzer/protocol/smb/smb1-com-close.pac
new file mode 100644
index 0000000000..d609c48849
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-close.pac
@@ -0,0 +1,36 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_close_request(h: SMB_Header, val: SMB1_close_request): bool
+		%{
+		is_atsvc = false;
+		
+		if ( smb1_close_request )
+			BifEvent::generate_smb1_close_request(bro_analyzer(),
+			                                     bro_analyzer()->Conn(),
+			                                     BuildHeaderVal(h),
+			                                     ${val.file_id});
+
+		// This is commented out for the moment because it caused problems
+		// with extraction because the file kept having the same name due
+		// to repeatedly having the same file uid.  This results in files
+		// effectively falling of SMB solely by expiration instead of 
+		// manually being closed.
+
+		//file_mgr->EndOfFile(bro_analyzer()->GetAnalyzerTag(),
+		//		    bro_analyzer()->Conn(), h->is_orig());
+
+		return true;
+		%}
+
+};
+
+
+type SMB1_close_request(header: SMB_Header) = record {
+	word_count           : uint8;
+	file_id              : uint16;
+	last_modified_time   : SMB_timestamp32;
+	
+	byte_count           : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb1_close_request(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-create-directory.pac b/src/analyzer/protocol/smb/smb1-com-create-directory.pac
new file mode 100644
index 0000000000..4a7bd96455
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-create-directory.pac
@@ -0,0 +1,36 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_create_directory_request(header: SMB_Header, val: SMB1_create_directory_request): bool
+		%{
+		if ( smb1_create_directory_request )
+			BifEvent::generate_smb1_create_directory_request(bro_analyzer(), bro_analyzer()->Conn(),
+									 BuildHeaderVal(header), 
+									 smb_string2stringval(${val.directory_name}));
+		return true;
+		%}
+	function proc_smb1_create_directory_response(header: SMB_Header, val: SMB1_create_directory_response): bool
+		%{
+		if ( smb1_create_directory_response )
+			BifEvent::generate_smb1_create_directory_response(bro_analyzer(), bro_analyzer()->Conn(),
+									  BuildHeaderVal(header)); 
+		return true;
+		%}
+
+};
+
+type SMB1_create_directory_request(header: SMB_Header) = record {
+	word_count      : uint8;
+	byte_count      : uint16;
+	buffer_format   : uint8;
+	directory_name  : SMB_string(header.unicode, offsetof(directory_name));
+} &let {
+	proc : bool = $context.connection.proc_smb1_create_directory_request(header, this);
+};
+
+type SMB1_create_directory_response(header: SMB_Header) = record {
+	word_count      : uint8;
+	byte_count      : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb1_create_directory_response(header, this);
+};
+
diff --git a/src/analyzer/protocol/smb/smb1-com-echo.pac b/src/analyzer/protocol/smb/smb1-com-echo.pac
new file mode 100644
index 0000000000..eea16cd669
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-echo.pac
@@ -0,0 +1,41 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_echo_request(header: SMB_Header, val: SMB1_echo_request): bool
+		%{
+		if ( smb1_echo_request )
+			BifEvent::generate_smb1_echo_request(bro_analyzer(), bro_analyzer()->Conn(), bytestring_to_val(${val.data}));
+		return true;
+		%}
+	
+	function proc_smb1_echo_response(header: SMB_Header, val: SMB1_echo_response): bool
+		%{
+		if ( smb1_echo_response )
+			BifEvent::generate_smb1_echo_response(bro_analyzer(), bro_analyzer()->Conn(), bytestring_to_val(${val.data}));
+		return true;
+		%}
+
+};
+
+
+# http://msdn.microsoft.com/en-us/library/ee441746.aspx
+type SMB1_echo_request(header: SMB_Header) = record {
+	word_count : uint8;
+	echo_count : uint16;
+
+	byte_count : uint16;
+	data       : bytestring &length=byte_count;
+} &let {
+	proc : bool = $context.connection.proc_smb1_echo_request(header, this);
+};
+
+# http://msdn.microsoft.com/en-us/library/ee441626.aspx
+type SMB1_echo_response(header: SMB_Header) = record {
+	word_count : uint8;
+	seq_num    : uint16;
+
+	byte_count : uint16;
+	data       : bytestring &length=byte_count;
+} &let {
+	proc : bool = $context.connection.proc_smb1_echo_response(header, this);
+};
+
diff --git a/src/analyzer/protocol/smb/smb1-com-locking-andx.pac b/src/analyzer/protocol/smb/smb1-com-locking-andx.pac
new file mode 100644
index 0000000000..8ba468b66d
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-locking-andx.pac
@@ -0,0 +1,59 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_locking_andx_request(header: SMB_Header, val: SMB1_locking_andx_request): bool
+		%{
+		//printf("locking_andx_request\n");
+		return true;
+		%}
+
+	function proc_smb1_locking_andx_response(header: SMB_Header, val: SMB1_locking_andx_response): bool
+		%{
+		//printf("locking_andx_response\n");
+		return true;
+		%}
+
+};
+
+type LOCKING_ANDX_RANGE32 = record {
+	pid         : uint16;
+	byte_offset : uint32;
+	byte_len    : uint32;
+};
+
+type LOCKING_ANDX_RANGE64 = record {
+	pid         : uint16;
+	pad         : uint16;
+	byte_offset : uint64;
+	byte_len    : uint64;
+};
+
+# http://msdn.microsoft.com/en-us/library/ee442004.aspx
+type SMB1_locking_andx_request(header: SMB_Header) = record {
+	word_count            : uint8;
+	andx                  : SMB_andx;
+	file_id               : uint16;
+	type_of_lock          : uint8;
+	new_op_lock_level     : uint8;
+	timeout               : uint32;
+	num_requested_unlocks : uint16;
+	num_requested_locks   : uint16;
+
+	bytecount   : uint16;
+	unlocks     : case $context.connection.get_offset_len() of {
+		32 -> unlocks32 : LOCKING_ANDX_RANGE32[num_requested_unlocks];
+		64 -> unlocks64 : LOCKING_ANDX_RANGE64[num_requested_unlocks];
+	};
+	locks       : case $context.connection.get_offset_len() of {
+		32 -> locks32 : LOCKING_ANDX_RANGE32[num_requested_locks];
+		64 -> locks64 : LOCKING_ANDX_RANGE64[num_requested_locks];
+	};
+} &let {
+	proc : bool = $context.connection.proc_smb1_locking_andx_request(header, this);
+};
+
+# http://msdn.microsoft.com/en-us/library/ee441519.aspx
+type SMB1_locking_andx_response(header: SMB_Header) = record {
+	
+} &let {
+	proc : bool = $context.connection.proc_smb1_locking_andx_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-logoff-andx.pac b/src/analyzer/protocol/smb/smb1-com-logoff-andx.pac
new file mode 100644
index 0000000000..eb4b12616d
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-logoff-andx.pac
@@ -0,0 +1,19 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_logoff_andx(header: SMB_Header, val: SMB1_logoff_andx): bool
+		%{
+		if ( smb1_logoff_andx )
+			BifEvent::generate_smb1_logoff_andx(bro_analyzer(), bro_analyzer()->Conn(), ${val.is_orig});
+
+		return true;
+		%}
+
+};
+
+type SMB1_logoff_andx(header: SMB_Header, is_orig: bool) = record {
+	word_count  : uint8;
+	andx        : SMB_andx;
+	byte_count  : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb1_logoff_andx(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-negotiate.pac b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
new file mode 100644
index 0000000000..e16c144a8c
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
@@ -0,0 +1,281 @@
+# This is an original Core Protocol command.  
+#
+# This command is used to initiate an SMB connection between the
+# client and the server. An SMB_COM_NEGOTIATE exchange MUST be
+# completed before any other SMB messages are sent to the server.
+#
+# There MUST be only one SMB_COM_NEGOTIATE exchange per SMB
+# connection. Subsequent SMB_COM_NEGOTIATE requests received by the
+# server MUST be rejected with error responses. The server MUST NOT
+# take any other action.
+
+%header{
+	double time_from_lanman(const uint16 two_seconds, const uint16 minutes, const uint16 hours, 
+	       			const uint16 day, const uint16 month, const uint16 year, const uint16 tz);
+	double time_from_ntlm(const uint64 time, const uint16 tz);
+%}
+
+%code{
+
+	double time_from_lanman(const uint16 two_seconds, const uint16 minutes, const uint16 hours, 
+	       			const uint16 day, const uint16 month, const uint16 year, const uint16 tz)
+		{
+		tm lTime;
+		lTime.tm_sec = two_seconds * 2;
+		lTime.tm_min = minutes;
+		lTime.tm_hour = hours;
+		lTime.tm_mday = day;
+		lTime.tm_mon = month;
+		lTime.tm_year = 1980 + year;
+		time_t lResult = mktime(&lTime);
+		return lResult + tz;
+		}
+
+	double time_from_ntlm(const uint64 time, const uint16 tz)
+		{
+		return (time - 11644473600)/100000000.0;
+		}
+%}
+
+refine connection SMB_Conn += {
+
+	function proc_smb1_negotiate_request(header: SMB_Header, val: SMB1_negotiate_request): bool
+		%{
+		if ( smb1_negotiate_request )
+			{
+			VectorVal* dialects = new VectorVal(string_vec);
+			for ( unsigned int i = 0; i < ${val.dialects}->size(); ++i )
+				{
+				StringVal* dia = smb_string2stringval((*${val.dialects})[i]->name());
+				dialects->Assign(i, dia);
+				}
+			BifEvent::generate_smb1_negotiate_request(bro_analyzer(), bro_analyzer()->Conn(),
+			                                         BuildHeaderVal(header),
+			                                         dialects);
+			}
+
+		return true;
+		%}
+
+	function proc_smb1_negotiate_response(header: SMB_Header, val: SMB1_negotiate_response): bool
+		%{
+		if ( smb1_negotiate_response )
+			{
+			RecordVal* response = new RecordVal(BifType::Record::SMB1::NegotiateResponse);
+
+			RecordVal* core;
+			RecordVal* lanman;
+			RecordVal* ntlm;
+
+			RecordVal* security;
+			RecordVal* raw;
+			RecordVal* capabilities;
+			switch ( ${val.word_count} ) 
+				{
+				case 0x01:
+					core = new RecordVal(BifType::Record::SMB1::NegotiateResponseCore);
+					core->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
+					core->Assign(1, new Val(${val.dialect_index}, TYPE_COUNT));
+					core->Assign(2, new Val(${val.core.byte_count}, TYPE_COUNT));
+
+					response->Assign(0, core);
+					break;
+				case 0x0d:
+					security = new RecordVal(BifType::Record::SMB1::NegotiateResponseSecurity);
+					security->Assign(0, new Val(${val.lanman.security_user_level}, TYPE_BOOL));
+					security->Assign(1, new Val(${val.lanman.security_challenge_response}, TYPE_BOOL));
+
+					raw = new RecordVal(BifType::Record::SMB1::NegotiateRawMode);
+					raw->Assign(0, new Val(${val.lanman.raw_read_supported}, TYPE_BOOL));
+					raw->Assign(1, new Val(${val.lanman.raw_write_supported}, TYPE_BOOL));
+
+					lanman = new RecordVal(BifType::Record::SMB1::NegotiateResponseLANMAN);
+					lanman->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
+					lanman->Assign(1, new Val(${val.dialect_index}, TYPE_COUNT));
+					lanman->Assign(2, security);
+					lanman->Assign(3, new Val(${val.lanman.max_buffer_size}, TYPE_COUNT));
+					lanman->Assign(4, new Val(${val.lanman.max_mpx_count}, TYPE_COUNT));
+					
+					lanman->Assign(5, new Val(${val.lanman.max_number_vcs}, TYPE_COUNT));
+					lanman->Assign(6, raw);
+					lanman->Assign(7, new Val(${val.lanman.session_key}, TYPE_COUNT));
+					lanman->Assign(8, new Val(time_from_lanman(${val.lanman.server_time.two_seconds}, ${val.lanman.server_time.minutes}, 
+							  	                   ${val.lanman.server_time.hours}, ${val.lanman.server_date.day}, 
+									           ${val.lanman.server_date.month}, ${val.lanman.server_date.year}, 
+									           ${val.lanman.server_tz}), TYPE_TIME));
+					lanman->Assign(9, bytestring_to_val(${val.lanman.encryption_key}));
+
+					lanman->Assign(10, smb_string2stringval(${val.lanman.primary_domain}));
+					
+					response->Assign(1, lanman);
+					break;
+
+				case 0x11:
+					security = new RecordVal(BifType::Record::SMB1::NegotiateResponseSecurity);
+					security->Assign(0, new Val(${val.ntlm.security_user_level}, TYPE_BOOL));
+					security->Assign(1, new Val(${val.ntlm.security_challenge_response}, TYPE_BOOL));
+					security->Assign(2, new Val(${val.ntlm.security_signatures_enabled}, TYPE_BOOL));
+					security->Assign(3, new Val(${val.ntlm.security_signatures_required}, TYPE_BOOL));
+
+					capabilities = new RecordVal(BifType::Record::SMB1::NegotiateCapabilities);
+					capabilities->Assign(0, new Val(${val.ntlm.capabilities_raw_mode}, TYPE_BOOL));
+					capabilities->Assign(1, new Val(${val.ntlm.capabilities_mpx_mode}, TYPE_BOOL));
+					capabilities->Assign(2, new Val(${val.ntlm.capabilities_unicode}, TYPE_BOOL));
+					capabilities->Assign(3, new Val(${val.ntlm.capabilities_large_files}, TYPE_BOOL));
+					capabilities->Assign(4, new Val(${val.ntlm.capabilities_nt_smbs}, TYPE_BOOL));
+
+					capabilities->Assign(5, new Val(${val.ntlm.capabilities_rpc_remote_apis}, TYPE_BOOL));
+					capabilities->Assign(6, new Val(${val.ntlm.capabilities_status32}, TYPE_BOOL));
+					capabilities->Assign(7, new Val(${val.ntlm.capabilities_level_2_oplocks}, TYPE_BOOL));
+					capabilities->Assign(8, new Val(${val.ntlm.capabilities_lock_and_read}, TYPE_BOOL));
+					capabilities->Assign(9, new Val(${val.ntlm.capabilities_nt_find}, TYPE_BOOL));
+
+					capabilities->Assign(10, new Val(${val.ntlm.capabilities_dfs}, TYPE_BOOL));
+					capabilities->Assign(11, new Val(${val.ntlm.capabilities_infolevel_passthru}, TYPE_BOOL));
+					capabilities->Assign(12, new Val(${val.ntlm.capabilities_large_readx}, TYPE_BOOL));
+					capabilities->Assign(13, new Val(${val.ntlm.capabilities_large_writex}, TYPE_BOOL));
+					capabilities->Assign(14, new Val(${val.ntlm.capabilities_unix}, TYPE_BOOL));
+
+					capabilities->Assign(15, new Val(${val.ntlm.capabilities_bulk_transfer}, TYPE_BOOL));
+					capabilities->Assign(16, new Val(${val.ntlm.capabilities_compressed_data}, TYPE_BOOL));
+					capabilities->Assign(17, new Val(${val.ntlm.capabilities_extended_security}, TYPE_BOOL));
+
+					ntlm = new RecordVal(BifType::Record::SMB1::NegotiateResponseNTLM);
+					ntlm->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
+					ntlm->Assign(1, new Val(${val.dialect_index}, TYPE_COUNT));
+					ntlm->Assign(2, security);
+					ntlm->Assign(3, new Val(${val.ntlm.max_buffer_size}, TYPE_COUNT));
+					ntlm->Assign(4, new Val(${val.ntlm.max_mpx_count}, TYPE_COUNT));
+					
+					ntlm->Assign(5, new Val(${val.ntlm.max_number_vcs}, TYPE_COUNT));
+					ntlm->Assign(6, new Val(${val.ntlm.max_raw_size}, TYPE_COUNT));
+					ntlm->Assign(7, new Val(${val.ntlm.session_key}, TYPE_COUNT));
+					ntlm->Assign(8, capabilities);
+					ntlm->Assign(9, new Val(time_from_ntlm(${val.ntlm.server_time}, ${val.ntlm.server_tz}), TYPE_TIME));
+
+					if ( ${val.ntlm.capabilities_extended_security} == false ) 
+						{
+						ntlm->Assign(10, bytestring_to_val(${val.ntlm.encryption_key}));
+						ntlm->Assign(11, smb_string2stringval(${val.ntlm.domain_name}));
+						}
+					else
+						{
+						ntlm->Assign(12, bytestring_to_val(${val.ntlm.server_guid}));
+	//					ntlm->Assign(13, bytestring_to_val(${val.ntlm.security_blob}));
+						}
+					
+					response->Assign(2, ntlm);
+					break;
+				}
+			BifEvent::generate_smb1_negotiate_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), response);
+			}
+		return true;
+		%}
+
+};
+
+type SMB_dialect = record {
+	buffer_format  : uint8; # must be 0x2 for dialect
+	name           : SMB_string(0,0);
+};
+
+type SMB1_negotiate_request(header: SMB_Header) = record {
+	word_count: uint8;	# must be 0
+	byte_count: uint16;
+	dialects:   SMB_dialect[] &length=byte_count;
+} &let {
+	proc : bool = $context.connection.proc_smb1_negotiate_request(header, this);
+};
+
+type SMB1_negotiate_response(header: SMB_Header) = record {
+	word_count:    uint8; 
+	dialect_index: uint16;
+	response:      case word_count of {
+		0x01	-> core   : SMB1_negotiate_core_response;
+		0x0d	-> lanman : SMB1_negotiate_lanman_response(header);
+		0x11	-> ntlm   : SMB1_negotiate_ntlm_response(header);
+	};
+} &let {
+	proc: bool = $context.connection.proc_smb1_negotiate_response(header, this);
+};
+
+type SMB1_negotiate_core_response = record {
+	byte_count: uint16;
+};
+
+type SMB1_negotiate_lanman_response(header: SMB_Header) = record {
+	security_flags:        uint16; # expanded in &let
+	max_buffer_size:       uint16;
+	max_mpx_count:         uint16;
+	max_number_vcs:        uint16;
+	raw_mode:	       uint16; # expanded in &let
+	session_key:	       uint32;
+	server_time:	       SMB_time;
+	server_date:	       SMB_date;
+	server_tz:	       uint16;
+	encryption_key_length: uint16;
+	reserved:	       uint16; # must be zero
+	byte_count:	       uint16; # count of data bytes
+	encryption_key:	       bytestring &length=encryption_key_length;
+	primary_domain:	       SMB_string(header.unicode, offsetof(primary_domain));
+} &let {
+	security_user_level:         bool = ( security_flags & 0x1 ) > 0;
+	security_challenge_response: bool = ( security_flags & 0x2 ) > 0;
+	raw_read_supported:	     bool = ( raw_mode & 0x1 ) > 0;
+	raw_write_supported:	     bool = ( raw_mode & 0x2 ) > 0;
+};
+
+type SMB1_negotiate_ntlm_response(header: SMB_Header) = record {
+	security_flags:         uint8;  # Expanded in &let
+	max_mpx_count:          uint16;
+	max_number_vcs:         uint16;
+	max_buffer_size:        uint32;
+	max_raw_size: 	        uint32;
+	session_key: 	        uint32;
+	capabilities: 	        uint32; # Expanded in &let
+	server_time: 	        uint64;
+	server_tz: 	        uint16;
+	encryption_key_length:  uint8;
+	byte_count: 	        uint16;
+	encryption_key_present: case capabilities_extended_security of {
+		false	-> encryption_key: bytestring &length=encryption_key_length;
+		true	-> no_key: empty;
+	} &requires(capabilities_extended_security);
+	domain_name_present: case capabilities_extended_security of {
+		false	-> domain_name: SMB_string(header.unicode, offsetof(domain_name_present));
+		true	-> no_name: empty;
+	} &requires(capabilities_extended_security);
+	server_guid_present: case capabilities_extended_security of {
+		true	-> server_guid: bytestring &length=16;
+		false	-> no_guid: empty;
+	} &requires(capabilities_extended_security);
+	security_blob_present: case capabilities_extended_security of {
+		true	-> security_blob: SMB_NTLM_SSP(header) &length=(byte_count-16);
+		false	-> no_blob: empty;
+	} &requires(capabilities_extended_security);
+} &let {
+	security_user_level:             bool = ( security_flags & 0x1 ) > 0;
+	security_challenge_response:  	 bool = ( security_flags & 0x2 ) > 0;
+	security_signatures_enabled:  	 bool = ( security_flags & 0x4 ) > 0;
+	security_signatures_required: 	 bool = ( security_flags & 0x8 ) > 0;
+	capabilities_raw_mode:        	 bool = (capabilities & 0x1 ) > 0;
+	capabilities_mpx_mode:        	 bool = (capabilities & 0x2 ) > 0;
+	capabilities_unicode:         	 bool = (capabilities & 0x4 ) > 0;
+	capabilities_large_files:     	 bool = (capabilities & 0x8 ) > 0;
+	capabilities_nt_smbs:         	 bool = (capabilities & 0x10 ) > 0;
+	capabilities_rpc_remote_apis: 	 bool = (capabilities & 0x20 ) > 0;
+	capabilities_status32: 	      	 bool = (capabilities & 0x40 ) > 0;
+	capabilities_level_2_oplocks: 	 bool = (capabilities & 0x80 ) > 0;
+	capabilities_lock_and_read:   	 bool = (capabilities & 0x100 ) > 0;
+	capabilities_nt_find:         	 bool = (capabilities & 0x200 ) > 0;
+	capabilities_dfs:     	      	 bool = (capabilities & 0x1000 ) > 0;
+	capabilities_infolevel_passthru: bool = (capabilities & 0x2000 ) > 0;
+	capabilities_large_readx:     	 bool = (capabilities & 0x4000 ) > 0;
+	capabilities_large_writex: 	 bool = (capabilities & 0x8000 ) > 0;
+	capabilities_unix:     	      	 bool = (capabilities & 0x00800000 ) > 0;
+	capabilities_reserved: 		 bool = (capabilities & 0x02000000 ) > 0;
+	capabilities_bulk_transfer:      bool = (capabilities & 0x20000000 ) > 0;
+	capabilities_compressed_data: 	 bool = (capabilities & 0x40000000 ) > 0;
+	capabilities_extended_security:  bool = (capabilities & 0x80000000 ) > 0;
+};
+
diff --git a/src/analyzer/protocol/smb/smb1-com-nt-cancel.pac b/src/analyzer/protocol/smb/smb1-com-nt-cancel.pac
new file mode 100644
index 0000000000..44c6b10974
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-nt-cancel.pac
@@ -0,0 +1,18 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_nt_cancel_request(header: SMB_Header, val: SMB1_nt_cancel_request): bool
+		%{
+		if ( smb1_nt_cancel_request )
+			BifEvent::generate_smb1_nt_cancel_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+		return true;
+		%}
+
+};
+
+type SMB1_nt_cancel_request(header: SMB_Header) = record {
+	word_count : uint8;
+
+	byte_count : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb1_nt_cancel_request(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac b/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
new file mode 100644
index 0000000000..8d3bbea892
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
@@ -0,0 +1,120 @@
+refine connection SMB_Conn += {
+
+	%member{
+       		bool is_atsvc;
+	%}
+
+	%init{
+		is_atsvc = false;
+	%}
+
+	function isATSVC(): bool
+		%{
+		return is_atsvc;
+		%}
+
+	function proc_smb1_nt_create_andx_request(header: SMB_Header, val: SMB1_nt_create_andx_request): bool
+		%{
+		if ( ${val.filename.u.s}->size() == 14 && ${val.filename.u.s[0]} == '\\' && ${val.filename.u.s[2]} == 'a' && ${val.filename.u.s[4]} == 't' && ${val.filename.u.s[6]} == 's' && ${val.filename.u.s[8]} == 'v' && ${val.filename.u.s[10]} == 'c' )
+			is_atsvc = true;
+			
+		if ( smb1_nt_create_andx_request )
+			{
+			// name_length         : uint16;
+			// flags               : uint32;
+			// root_dir_file_id    : uint32;
+			// desired_access      : uint32;
+			// alloc_size          : uint64;
+			// ext_file_attrs      : uint32;
+			// share_access        : uint32;
+			// create_disposition  : uint32;
+			// create_options      : uint32;
+			// impersonation_level : uint32;
+			// security_flags      : uint8;
+			// 
+			// byte_count          : uint16;
+			// filename            : SMB_string(header.unicode, offsetof(filename)) &length=name_length;
+
+			BifEvent::generate_smb1_nt_create_andx_request(bro_analyzer(),
+			                                              bro_analyzer()->Conn(),
+			                                              BuildHeaderVal(header),
+			                                              smb_string2stringval(${val.filename}));
+			}
+		return true;
+		%}
+
+	function proc_smb1_nt_create_andx_response(header: SMB_Header, val: SMB1_nt_create_andx_response): bool
+		%{
+		if ( smb1_nt_create_andx_response )
+			{
+			BifEvent::generate_smb1_nt_create_andx_response(bro_analyzer(),
+			                                               bro_analyzer()->Conn(),
+			                                               BuildHeaderVal(header),
+			                                               ${val.file_id},
+			                                               ${val.end_of_file},
+			                                               SMB_BuildMACTimes(${val.last_write_time},
+			                                                                 ${val.last_access_time},
+			                                                                 ${val.create_time},
+			                                                                 ${val.last_change_time}));
+			}
+
+		if ( ${val.end_of_file} > 0 )
+			{
+			file_mgr->SetSize(${val.end_of_file}, 
+			                  bro_analyzer()->GetAnalyzerTag(),
+			                  bro_analyzer()->Conn(),
+			                  header->is_orig());
+			}
+
+		return true;
+		%}
+
+};
+
+
+type SMB1_nt_create_andx_request(header: SMB_Header) = record {
+	word_count          : uint8;
+	andx                : SMB_andx;
+	reserved            : uint8;
+	
+	name_length         : uint16;
+	flags               : uint32;
+	root_dir_file_id    : uint32;
+	desired_access      : uint32;
+	alloc_size          : uint64;
+	ext_file_attrs      : uint32;
+	share_access        : uint32;
+	create_disposition  : uint32;
+	create_options      : uint32;
+	impersonation_level : uint32;
+	security_flags      : uint8;
+	
+	byte_count          : uint16;
+	filename            : SMB_string(header.unicode, offsetof(filename));
+	
+	andx_command        : SMB_andx_command(header, 1, andx.command);
+} &let {
+	proc : bool = $context.connection.proc_smb1_nt_create_andx_request(header, this);
+};
+
+type SMB1_nt_create_andx_response(header: SMB_Header) = record {
+	word_count         : uint8;
+	andx               : SMB_andx;
+	oplock_level       : uint8;
+	file_id            : uint16;
+	create_disposition : uint32;
+	create_time        : SMB_timestamp;
+	last_access_time   : SMB_timestamp;
+	last_write_time    : SMB_timestamp;
+	last_change_time   : SMB_timestamp;
+	ext_file_attrs     : uint32;
+	allocation_size    : uint64;
+	end_of_file        : uint64;
+	resource_type      : uint16;
+	nm_pipe_status     : uint16;
+	directory          : uint8;
+	
+	byte_count         : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb1_nt_create_andx_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-nt-transact.pac b/src/analyzer/protocol/smb/smb1-com-nt-transact.pac
new file mode 100644
index 0000000000..3b16eaf5d0
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-nt-transact.pac
@@ -0,0 +1,29 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_nt_transact_request(header: SMB_Header, val: SMB1_nt_transact_request): bool
+		%{
+		//printf("nt_transact_request\n");
+		return true;
+		%}
+
+	function proc_smb1_nt_transact_response(header: SMB_Header, val: SMB1_nt_transact_response): bool
+		%{
+		//printf("nt_transact_response\n");
+		return true;
+		%}
+
+};
+
+# http://msdn.microsoft.com/en-us/library/ee441534.aspx
+type SMB1_nt_transact_request(header: SMB_Header) = record {
+	word_count          : uint8;
+} &let {
+	proc : bool = $context.connection.proc_smb1_nt_transact_request(header, this);
+};
+
+# http://msdn.microsoft.com/en-us/library/ee442112.aspx
+type SMB1_nt_transact_response(header: SMB_Header) = record {
+	word_count         : uint8;
+} &let {
+	proc : bool = $context.connection.proc_smb1_nt_transact_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-open-andx.pac b/src/analyzer/protocol/smb/smb1-com-open-andx.pac
new file mode 100644
index 0000000000..80f0d2e490
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-open-andx.pac
@@ -0,0 +1,77 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_open_andx_request(h: SMB_Header, val: SMB1_open_andx_request): bool
+		%{
+		if ( smb1_open_andx_request )
+			BifEvent::generate_smb1_open_andx_request(bro_analyzer(),
+			                                          bro_analyzer()->Conn(),
+			                                          BuildHeaderVal(h),
+			                                          ${val.flags},
+			                                          ${val.access_mode},
+													  ${val.search_attrs},
+													  ${val.file_attrs},
+													  ${val.creation_time},
+													  ${val.open_mode},
+													  ${val.allocation_size},
+													  ${val.timeout},
+			                                          smb_string2stringval(${val.filename}));
+
+		return true;
+		%}
+
+	function proc_smb1_open_andx_response(h: SMB_Header, val: SMB1_open_andx_response): bool
+		%{
+		if ( smb1_open_andx_response )
+			BifEvent::generate_smb1_open_andx_response(bro_analyzer(),
+			                                           bro_analyzer()->Conn(),
+			                                           BuildHeaderVal(h),
+													   ${val.fid},
+													   ${val.file_attrs},
+													   ${val.last_write_time},
+													   ${val.file_data_size},
+													   ${val.access_rights},
+													   ${val.resource_type},
+													   ${val.nm_pipe_status},
+													   ${val.open_results});
+
+		return true;
+		%}
+
+};
+
+
+
+type SMB1_open_andx_request(header: SMB_Header) = record {
+	word_count        : uint8;
+	andx           	  : SMB_andx;
+	flags		   	  : uint16;
+	access_mode	   	  : uint16;
+	search_attrs   	  : uint16;
+	file_attrs	   	  : uint16;
+	creation_time  	  : uint32;
+	open_mode	   	  : uint16;
+	allocation_size   : uint32;
+	timeout		      : uint32;
+	reserved	   	  : padding[2];
+	byte_count	   	  : uint16;
+	filename	   	  : SMB_string(header.unicode, offsetof(filename);
+} &let {
+	proc        : bool   = $context.connection.proc_smb1_open_andx_request(header, this);
+} &byteorder=littleendian;
+
+type SMB1_open_andx_response(header: SMB_Header) = record {
+	word_count        : uint8;
+	andx              : SMB_andx;
+	fid				  : uint16;
+	file_attrs		  : uint16;
+	last_write_time	  : uint32;
+	file_data_size	  : uint32;
+	access_rights	  : uint16;
+	resource_type	  : uint16;
+	nm_pipe_status	  : uint16;
+	open_results	  : uint16;
+	reserved		  : padding[3];
+	byte_count		  : uint16;
+} &let {
+	proc        : bool   = $context.connection.proc_smb1_open_andx_response(header, this);
+} &byteorder=littleendian;
diff --git a/src/analyzer/protocol/smb/smb1-com-query-information.pac b/src/analyzer/protocol/smb/smb1-com-query-information.pac
new file mode 100644
index 0000000000..e09e688c35
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-query-information.pac
@@ -0,0 +1,41 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_query_information_request(header: SMB_Header, val: SMB1_query_information_request): bool
+		%{
+		if ( smb1_query_information_request )
+			BifEvent::generate_smb1_query_information_request(bro_analyzer(),
+			                                                 bro_analyzer()->Conn(),
+			                                                 BuildHeaderVal(header),
+			                                                 smb_string2stringval(${val.filename}));
+		return true;
+		%}
+
+	function proc_smb1_query_information_response(header: SMB_Header, val: SMB1_query_information_response): bool
+		%{
+		//printf("query_information_response\n");
+		return true;
+		%}
+
+};
+
+type SMB1_query_information_request(header: SMB_Header) = record {
+	word_count    : uint8;
+	
+	byte_count    : uint16;
+	buffer_format : uint8;
+	filename      : SMB_string(header.unicode, offsetof(filename));
+} &let {
+	proc : bool = $context.connection.proc_smb1_query_information_request(header, this);
+};
+
+type SMB1_query_information_response(header: SMB_Header) = record {
+	word_count      : uint8;
+	file_attribs    : uint16;
+	last_write_time : SMB_time;
+	file_size       : uint32;
+	reserved        : uint16[5];
+	byte_count      : uint16 &check($element == 0);
+} &let {
+	proc : bool = $context.connection.proc_smb1_query_information_response(header, this);
+};
+
diff --git a/src/analyzer/protocol/smb/smb1-com-read-andx.pac b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
new file mode 100644
index 0000000000..cbd9881feb
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
@@ -0,0 +1,88 @@
+refine connection SMB_Conn += {
+
+	%member{
+		// Track read offsets to provide correct 
+		// offsets for file manager.
+		std::map<uint16,uint64> read_offsets;
+	%}
+
+	function proc_smb1_read_andx_request(h: SMB_Header, val: SMB1_read_andx_request): bool
+		%{
+		if ( smb1_read_andx_request )
+			BifEvent::generate_smb1_read_andx_request(bro_analyzer(),
+			                                         bro_analyzer()->Conn(),
+			                                         BuildHeaderVal(h),
+			                                         ${val.file_id},
+			                                         ${val.offset},
+			                                         ${val.max_count});
+
+		read_offsets[${h.mid}] = ${val.offset};
+		return true;
+		%}
+
+	function proc_smb1_read_andx_response(h: SMB_Header, val: SMB1_read_andx_response): bool
+		%{
+		if ( smb1_read_andx_response )
+			BifEvent::generate_smb1_read_andx_response(bro_analyzer(),
+			                                          bro_analyzer()->Conn(),
+			                                          BuildHeaderVal(h),
+			                                          ${val.data_len});
+
+		if ( ${val.data_len} > 0 )
+			{
+			uint64 offset = read_offsets[${h.mid}];
+			read_offsets.erase(${h.mid});
+
+			file_mgr->DataIn(${val.data}.begin(), ${val.data_len}, offset,
+			                 bro_analyzer()->GetAnalyzerTag(),
+			                 bro_analyzer()->Conn(), h->is_orig());
+			}
+
+		return true;
+		%}
+
+};
+
+
+
+type SMB1_read_andx_request(header: SMB_Header) = record {
+	word_count     : uint8;
+	andx           : SMB_andx;
+	file_id        : uint16;
+	offset_low     : uint32;
+	max_count_low  : uint16;
+	min_count      : uint16;
+	max_count_high : uint32;
+	remaining      : uint16;
+	offset_high_u  : case word_count of {
+		0x0C    -> offset_high_tmp : uint32;
+		default -> null            : empty;
+	};
+
+	byte_count     : uint16;
+} &let {
+	offset_high : uint32 = (word_count == 0x0C) ? offset_high_tmp : 0;
+	offset      : uint64 = (offset_high * 0x10000) + offset_low;
+	max_count   : uint64 = (max_count_high * 0x10000) + max_count_low;
+	proc        : bool   = $context.connection.proc_smb1_read_andx_request(header, this);
+} &byteorder=littleendian;
+
+type SMB1_read_andx_response(header: SMB_Header) = record {
+	word_count        : uint8;
+	andx              : SMB_andx;
+	available         : uint16;
+	data_compact_mode : uint16;
+	reserved1         : uint16;
+	data_len_low      : uint16;
+	data_offset       : uint16;
+	data_len_high     : uint16;
+	reserved2         : uint64;
+	
+	byte_count        : uint16;
+	pad               : padding to data_offset - SMB_Header_length;
+	data              : bytestring &length=data_len;
+} &let {
+	padding_len : uint8  = (header.unicode == 1) ? 1 : 0;
+	data_len    : uint32 = (data_len_high << 16) + data_len_low;
+	proc        : bool   = $context.connection.proc_smb1_read_andx_response(header, this);
+} &byteorder=littleendian;
diff --git a/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
new file mode 100644
index 0000000000..ec83465700
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
@@ -0,0 +1,229 @@
+## This SMB is used to further "Set up" the session normally just
+## established via the negotiate protocol.
+##
+## One primary function is to perform a "user logon" in the case
+## where the server is in user level security mode. The UID in the
+## SMB header is set by the client to by the userid desired for the
+## AccountName and validated by the AccountPassword.
+
+refine connection SMB_Conn += {
+
+	function proc_smb1_session_setup_andx_request(header: SMB_Header, val: SMB1_session_setup_andx_request): bool
+		%{
+		if ( smb1_session_setup_andx_request )
+			{
+			RecordVal* request = new RecordVal(BifType::Record::SMB1::SessionSetupAndXRequest);
+			RecordVal* capabilities;
+			
+			request->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
+			switch ( ${val.word_count} ) {
+				case 10:	// pre NT LM 0.12
+					request->Assign(1, new Val(${val.lanman.max_buffer_size}, TYPE_COUNT));
+					request->Assign(2, new Val(${val.lanman.max_mpx_count}, TYPE_COUNT));
+					request->Assign(3, new Val(${val.lanman.vc_number}, TYPE_COUNT));
+					request->Assign(4, new Val(${val.lanman.session_key}, TYPE_COUNT));
+
+					request->Assign(5, smb_string2stringval(${val.lanman.native_os}));
+					request->Assign(6, smb_string2stringval(${val.lanman.native_lanman}));
+					request->Assign(7, smb_string2stringval(${val.lanman.account_name}));
+					request->Assign(8, bytestring_to_val(${val.lanman.account_password}));
+					request->Assign(9, smb_string2stringval(${val.lanman.primary_domain}));
+
+					break;
+				case 12:	// NT LM 0.12 with extended security
+					capabilities = new RecordVal(BifType::Record::SMB1::SessionSetupAndXCapabilities);
+				 	capabilities->Assign(0, new Val(${val.ntlm_extended_security.capabilities.unicode}, TYPE_BOOL));
+				 	capabilities->Assign(1, new Val(${val.ntlm_extended_security.capabilities.large_files}, TYPE_BOOL));
+				 	capabilities->Assign(2, new Val(${val.ntlm_extended_security.capabilities.nt_smbs}, TYPE_BOOL));
+				 	capabilities->Assign(3, new Val(${val.ntlm_extended_security.capabilities.status32}, TYPE_BOOL));
+				 	capabilities->Assign(4, new Val(${val.ntlm_extended_security.capabilities.level_2_oplocks}, TYPE_BOOL));
+				 	capabilities->Assign(5, new Val(${val.ntlm_extended_security.capabilities.nt_find}, TYPE_BOOL));
+				
+					request->Assign(1, new Val(${val.ntlm_extended_security.max_buffer_size}, TYPE_COUNT));
+					request->Assign(2, new Val(${val.ntlm_extended_security.max_mpx_count}, TYPE_COUNT));
+					request->Assign(3, new Val(${val.ntlm_extended_security.vc_number}, TYPE_COUNT));
+					request->Assign(4, new Val(${val.ntlm_extended_security.session_key}, TYPE_COUNT));
+
+					request->Assign(5, smb_string2stringval(${val.ntlm_extended_security.native_os}));
+					request->Assign(6, smb_string2stringval(${val.ntlm_extended_security.native_lanman}));
+
+					//request->Assign(12, bytestring_to_val(${val.ntlm_extended_security.security_blob}));
+					request->Assign(13, capabilities);
+					break;
+					
+				case 13:	// NT LM 0.12 without extended security
+					capabilities = new RecordVal(BifType::Record::SMB1::SessionSetupAndXCapabilities);
+				 	capabilities->Assign(0, new Val(${val.ntlm_nonextended_security.capabilities.unicode}, TYPE_BOOL));
+				 	capabilities->Assign(1, new Val(${val.ntlm_nonextended_security.capabilities.large_files}, TYPE_BOOL));
+				 	capabilities->Assign(2, new Val(${val.ntlm_nonextended_security.capabilities.nt_smbs}, TYPE_BOOL));
+				 	capabilities->Assign(3, new Val(${val.ntlm_nonextended_security.capabilities.status32}, TYPE_BOOL));
+				 	capabilities->Assign(4, new Val(${val.ntlm_nonextended_security.capabilities.level_2_oplocks}, TYPE_BOOL));
+				 	capabilities->Assign(5, new Val(${val.ntlm_nonextended_security.capabilities.nt_find}, TYPE_BOOL));
+				
+					request->Assign(1, new Val(${val.ntlm_nonextended_security.max_buffer_size}, TYPE_COUNT));
+					request->Assign(2, new Val(${val.ntlm_nonextended_security.max_mpx_count}, TYPE_COUNT));
+					request->Assign(3, new Val(${val.ntlm_nonextended_security.vc_number}, TYPE_COUNT));
+					request->Assign(4, new Val(${val.ntlm_nonextended_security.session_key}, TYPE_COUNT));
+
+					request->Assign(5, smb_string2stringval(${val.ntlm_nonextended_security.native_os}));
+					request->Assign(6, smb_string2stringval(${val.ntlm_nonextended_security.native_lanman}));
+					request->Assign(7, smb_string2stringval(${val.ntlm_nonextended_security.account_name}));
+					request->Assign(9, smb_string2stringval(${val.ntlm_nonextended_security.primary_domain}));
+
+					request->Assign(10, bytestring_to_val(${val.ntlm_nonextended_security.case_insensitive_password}));
+					request->Assign(11, bytestring_to_val(${val.ntlm_nonextended_security.case_sensitive_password}));
+					request->Assign(13, capabilities);
+					break;
+				}
+
+			BifEvent::generate_smb1_session_setup_andx_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), request);
+			}
+		return true;
+		%}
+		
+	function proc_smb1_session_setup_andx_response(header: SMB_Header, val: SMB1_session_setup_andx_response): bool
+		%{
+		if ( smb1_session_setup_andx_response )
+			{
+			RecordVal* response = new RecordVal(BifType::Record::SMB1::SessionSetupAndXResponse);
+
+			response->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
+			switch ( ${val.word_count} )
+				{
+				case 3:		// pre NT LM 0.12
+					response->Assign(1, new Val(${val.lanman.is_guest}, TYPE_BOOL));
+					response->Assign(2, smb_string2stringval(${val.lanman.native_os}));
+					response->Assign(3, smb_string2stringval(${val.lanman.native_lanman}));
+					response->Assign(4, smb_string2stringval(${val.lanman.primary_domain}));
+					break;
+				case 4:		// NT LM 0.12
+					response->Assign(1, new Val(${val.ntlm.is_guest}, TYPE_BOOL));
+					response->Assign(2, smb_string2stringval(${val.ntlm.native_os}));
+					response->Assign(3, smb_string2stringval(${val.ntlm.native_lanman}));
+					response->Assign(4, smb_string2stringval(${val.ntlm.primary_domain}));
+					//response->Assign(5, bytestring_to_val(${val.ntlm.security_blob}));
+					break;
+				case 0:		// Error!
+					break;
+				}
+			
+			BifEvent::generate_smb1_session_setup_andx_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), response);
+			}
+		
+		return true;
+		%}
+
+};
+
+type SMB1_session_setup_andx_request(header: SMB_Header) = record {
+	word_count       : uint8;
+	lanman_or_ntlm	 : case word_count of {
+		0x0a -> lanman: SMB1_session_setup_andx_request_lanman(header);
+		0x0c -> ntlm_extended_security: SMB1_session_setup_andx_request_ntlm_extended_security(header);
+		0x0d -> ntlm_nonextended_security: SMB1_session_setup_andx_request_ntlm_nonextended_security(header);
+	};
+} &let {
+	proc: bool = $context.connection.proc_smb1_session_setup_andx_request(header, this);
+};
+
+type SMB1_session_setup_andx_response(header: SMB_Header) = record {
+	word_count       : uint8;
+	lanman_or_ntlm	 : case word_count of {
+		0x03    -> lanman: SMB1_session_setup_andx_response_lanman(header);
+		0x04    -> ntlm: SMB1_session_setup_andx_response_ntlm(header);
+		default -> error: uint16;
+	};
+} &let {
+	proc: bool = $context.connection.proc_smb1_session_setup_andx_response(header, this);
+};
+
+type SMB1_session_setup_andx_request_lanman(header: SMB_Header) = record {
+	andx		 : SMB_andx;
+	max_buffer_size	 : uint16;
+	max_mpx_count	 : uint16;
+	vc_number	 : uint16;
+	session_key	 : uint32;
+	password_length	 : uint16;
+	reserved	 : uint32;
+	byte_count	 : uint16;
+	account_password : bytestring &length=password_length;
+	# offset + 1 due to word_count in the parent type
+	account_name	 : SMB_string(header.unicode, offsetof(account_name) + 1);
+	primary_domain	 : SMB_string(header.unicode, offsetof(primary_domain) + 1);
+	native_os	 : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman	 : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+};
+
+type SMB1_session_setup_andx_response_lanman(header: SMB_Header) = record {
+	andx	       : SMB_andx;
+	action	       : uint16;
+	byte_count     : uint16;
+	# offset + 1 due to word_count in the parent type
+	native_os      : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman  : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+	primary_domain : SMB_string(header.unicode, offsetof(primary_domain) + 1);
+} &let {
+	is_guest: bool = ( action & 0x1 ) > 0;
+};
+
+type SMB1_session_setup_andx_request_ntlm_capabilities = record {
+	capabilities	                 : uint32;
+} &let {
+	unicode         : bool = ( capabilities & 0x0004 ) > 0;
+	large_files     : bool = ( capabilities & 0x0008 ) > 0;
+	nt_smbs         : bool = ( capabilities & 0x0010 ) > 0;
+	status32        : bool = ( capabilities & 0x0040 ) > 0;
+	level_2_oplocks : bool = ( capabilities & 0x0080 ) > 0;
+	nt_find		: bool = ( capabilities & 0x0200 ) > 0;
+};
+
+type SMB1_session_setup_andx_request_ntlm_nonextended_security(header: SMB_Header) = record {
+	andx		                 : SMB_andx;
+	max_buffer_size	                 : uint16;
+	max_mpx_count	                 : uint16;
+	vc_number	                 : uint16;
+	session_key	                 : uint32;
+	case_insensitive_password_length : uint16;
+	case_sensitive_password_length   : uint16;
+	reserved	                 : uint32;
+	capabilities			 : SMB1_session_setup_andx_request_ntlm_capabilities;
+	byte_count	                 : uint16;
+	case_insensitive_password        : bytestring &length=case_insensitive_password_length;
+	case_sensitive_password          : bytestring &length=case_sensitive_password_length;
+	# offset + 1 due to word_count in the parent type
+	account_name			 : SMB_string(header.unicode, offsetof(account_name) + 1);
+	primary_domain			 : SMB_string(header.unicode, offsetof(primary_domain) + 1);
+	native_os	                 : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman	                 : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+};
+
+type SMB1_session_setup_andx_request_ntlm_extended_security(header: SMB_Header) = record {
+	andx		          : SMB_andx;
+	max_buffer_size	          : uint16;
+	max_mpx_count	          : uint16;
+	vc_number	          : uint16;
+	session_key	          : uint32;
+	security_blob_length	  : uint16;
+	reserved	          : uint32;
+	capabilities	          : SMB1_session_setup_andx_request_ntlm_capabilities;
+	byte_count	          : uint16;
+	security_blob		  : SMB_NTLM_SSP(header) &length=security_blob_length;
+	# offset + 1 due to word_count in the parent type
+	native_os	          : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman	          : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+};
+
+type SMB1_session_setup_andx_response_ntlm(header: SMB_Header) = record {
+	andx		     : SMB_andx;
+	action		     : uint16;
+	security_blob_length : uint16;
+	byte_count	     : uint16;
+	security_blob	     : SMB_NTLM_SSP(header) &length=security_blob_length;
+	# offset + 1 due to word_count in the parent type
+	native_os	     : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman	     : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+	primary_domain	     : SMB_string(header.unicode, offsetof(primary_domain) + 1);
+} &let {
+	is_guest: bool = ( action & 0x1 ) > 0;
+};
+
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac b/src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac
new file mode 100644
index 0000000000..67bc3d4d4b
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac
@@ -0,0 +1,17 @@
+type SMB1_transaction_secondary_request(header: SMB_Header) = record {
+	word_count          : uint8;
+	total_param_count   : uint16;
+	total_data_count    : uint16;
+	param_count         : uint16;
+	param_offset        : uint16;
+	param_displacement  : uint16;
+	data_count          : uint16;
+	data_offset         : uint16;
+	data_displacement   : uint16;
+	
+	byte_count          : uint16;
+	pad1                : padding to param_offset - SMB_Header_length;
+	parameters          : bytestring &length = param_count;
+	pad2                : padding to data_offset - SMB_Header_length;
+	data                : SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
new file mode 100644
index 0000000000..822675be09
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -0,0 +1,90 @@
+enum Trans_subcommands {
+	NT_TRANSACT_QUERY_QUOTA = 0x0007,
+	NT_TRANSACT_SET_QUOTA = 0x0008,
+	NT_TRANSACT_CREATE2 = 0x0009,
+};
+
+
+refine connection SMB_Conn += {
+
+	function proc_smb1_transaction_request(header: SMB_Header, val: SMB1_transaction_request): bool
+		%{
+		//printf("transaction_request\n");
+		return true;
+		%}
+	function proc_smb1_transaction_response(header: SMB_Header, val: SMB1_transaction_response): bool
+		%{
+		//printf("transaction_response\n");
+		return true;
+		%}
+
+};
+
+
+type SMB1_transaction_data(header: SMB_Header, count: uint16, sub_cmd: uint16,
+                          trans_type: TransactionType ) = case trans_type of {
+#	SMB_MAILSLOT_BROWSE -> mailslot : SMB_MailSlot_message(header.unicode, count);
+#	SMB_MAILSLOT_LANMAN -> lanman   : SMB_MailSlot_message(header.unicode, count);
+#	SMB_RAP             -> rap      : SMB_Pipe_message(header.unicode, count, sub_cmd);
+	SMB_PIPE            -> pipe     : SMB_Pipe_message(header.unicode, count, sub_cmd);
+#	SMB_UNKNOWN         -> unknown  : bytestring &restofdata;
+#	default             -> data     : bytestring &restofdata;
+};
+
+type SMB1_transaction_request(header: SMB_Header) = record {
+	word_count          : uint8;
+	total_param_count   : uint16;
+	total_data_count    : uint16;
+	max_param_count     : uint16;
+	max_data_count      : uint16;
+	max_setup_count     : uint8;
+	reserved1           : uint8;
+	flags               : uint16;
+	timeout             : uint32;
+	reserved2           : uint16;
+	param_count         : uint16;
+	param_offset        : uint16;
+	data_count          : uint16;
+	data_offset         : uint16;
+	setup_count         : uint8;
+	reserved3           : uint8;
+	setup               : uint16[setup_count];
+	
+	byte_count          : uint16;
+	name                : SMB_string(header.unicode, offsetof(name));
+	pad1                : padding to param_offset - SMB_Header_length;
+	parameters          : bytestring &length = param_count;
+	pad2                : padding to data_offset - SMB_Header_length;
+	data                : SMB1_transaction_data(header, data_count, sub_cmd, determine_transaction_type(setup_count, name));
+} &let {
+	sub_cmd : uint16 = setup_count ? setup[0] : 0;
+	proc : bool = $context.connection.proc_smb1_transaction_request(header, this);
+};
+
+
+type SMB1_transaction_response(header: SMB_Header) = record {
+	word_count          : uint8;
+	total_param_count   : uint16;
+	total_data_count    : uint16;
+	reserved            : uint16;
+	param_count         : uint16;
+	param_offset        : uint16;
+	param_displacement  : uint16;
+	data_count          : uint16;
+	data_offset         : uint16;
+	data_displacement   : uint16;
+	setup_count         : uint8;
+	reserved2           : uint8;
+	setup               : uint16[setup_count];
+	
+	byte_count          : uint16;
+	pad0                : padding to param_offset - SMB_Header_length;
+	parameters          : bytestring &length = param_count;
+	pad1                : padding to data_offset - SMB_Header_length;
+	handle_response	    : case $context.connection.isATSVC() of {
+		true -> pipe_data : SMB1_transaction_data(header, data_count, 0, SMB_PIPE);
+#		false -> unk_data : SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
+	};
+} &let {
+	proc : bool = $context.connection.proc_smb1_transaction_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction2.pac b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
new file mode 100644
index 0000000000..cff496c054
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
@@ -0,0 +1,308 @@
+enum Trans2_subcommands {
+	TRANS2_OPEN2 = 0x0000,
+	TRANS2_FIND_FIRST2 = 0x0001,
+	TRANS2_FIND_NEXT2 = 0x0002,
+	TRANS2_QUERY_FS_INFORMATION = 0x0003,
+	TRANS2_SET_FS_INFORMATION = 0x0004,
+	TRANS2_QUERY_PATH_INFORMATION = 0x0005,
+	TRANS2_SET_PATH_INFORMATION = 0x0006,
+	TRANS2_QUERY_FILE_INFORMATION = 0x0007,
+	TRANS2_SET_FILE_INFORMATION = 0x0008,
+	TRANS2_FSCTL = 0x0009,
+	TRANS2_IOCTL2 = 0x000a,
+	TRANS2_FIND_NOTIFY_FIRST = 0x000b,
+	TRANS2_FIND_NOTIFY_NEXT = 0x000c,
+	TRANS2_CREATE_DIRECTORY = 0x000d,
+	TRANS2_SESSION_SETUP = 0x000e,
+	TRANS2_GET_DFS_REFERRAL = 0x0010,
+	TRANS2_REPORT_DFS_INCONSISTENCY = 0x0011,
+};
+
+refine connection SMB_Conn += {
+
+	function proc_smb1_transaction2_request(header: SMB_Header, val: SMB1_transaction2_request): bool
+		%{
+		//printf("transaction2_request  sub command: %d\n", ${val.sub_cmd});
+		return true;
+		%}
+
+	function proc_smb1_transaction2_response(header: SMB_Header, val: SMB1_transaction2_response): bool
+		%{
+		//printf("transaction2_response  sub command: %d\n", ${val.sub_cmd});
+		return true;
+		%}
+
+};
+
+type SMB1_transaction2_request(header: SMB_Header) = record {
+	word_count          : uint8;
+	total_param_count   : uint16;
+	total_data_count    : uint16;
+	max_param_count     : uint16;
+	max_data_count      : uint16;
+	max_setup_count     : uint8;
+	reserved1           : uint8;
+	flags               : uint16;
+	timeout             : uint32;
+	reserved2           : uint16;
+	param_count         : uint16;
+	param_offset        : uint16;
+	data_count          : uint16;
+	data_offset         : uint16;
+	setup_count         : uint8;
+	reserved3           : uint8;
+	
+	# I suspect this needs a word_count check
+	#setup               : uint16[setup_count];
+	sub_cmd              : uint16;
+
+	byte_count          : uint16;
+	#stuff               : bytestring &length=byte_count;
+	pad1                : padding to (param_offset - SMB_Header_length);
+	parameters : case sub_cmd of {
+		TRANS2_FIND_FIRST2            -> find_first2      : trans2_find_first2_request(header);
+		TRANS2_QUERY_FS_INFORMATION   -> query_fs_info    : trans2_query_fs_info_request(header);
+		TRANS2_QUERY_PATH_INFORMATION -> query_path_info  : trans2_query_path_info_request(header);
+		TRANS2_QUERY_FILE_INFORMATION -> query_file_info  : trans2_query_file_info_request(header);
+		TRANS2_SET_FILE_INFORMATION   -> set_file_info    : trans2_set_file_info_request(header);
+		TRANS2_GET_DFS_REFERRAL       -> get_dfs_referral : trans2_get_dfs_referral_request(header);
+		default -> blah : bytestring &restofdata &transient;
+	};
+	#pad2                : padding to (data_offset - SMB_Header_length);
+	#data                : bytestring &length=data_count;
+} &let {
+	proc : bool = $context.connection.proc_smb1_transaction2_request(header, this);
+};
+
+type SMB1_transaction2_response(header: SMB_Header) = record {
+	word_count          : uint8;
+	total_param_count   : uint16;
+	total_data_count    : uint16;
+	reserved1           : uint16;
+	param_count         : uint16;
+	param_offset        : uint16;
+	param_displacement  : uint16;
+	data_count          : uint16;
+	data_offset         : uint16;
+	data_displacement   : uint16;
+	setup_count         : uint8;
+	reserved2           : uint8;
+	#setup               : uint16[setup_count];
+
+	byte_count          : uint16;
+	stuff               : bytestring &length=byte_count;
+
+	#pad1                : padding to (param_offset - SMB_Header_length);
+	#parameters          : bytestring &length = byte_count;
+	#pad2                : padding to (data_offset - SMB_Header_length);
+	#data                : bytestring &length = data_count; # TODO: make SMB1_transaction2_data structure -- SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
+} &let {
+	proc : bool = $context.connection.proc_smb1_transaction2_response(header, this);
+};
+
+###########################################
+
+refine connection SMB_Conn += {
+
+	function proc_trans2_find_first2_request(header: SMB_Header, val: trans2_find_first2_request): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_find_first2 request!\n");
+		return true;
+		%}
+
+	function proc_trans2_find_first2_response(header: SMB_Header, val: trans2_find_first2_response): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_find_first2 response!\n");
+		return true;
+		%}
+
+};
+
+type trans2_find_first2_request(header: SMB_Header) = record {
+	search_attrs        : uint16;
+	search_count        : uint16;
+	flags               : uint16;
+	info_level          : uint16;
+	search_storage_type : uint32;
+	file_name           : SMB_string(header.unicode, offsetof(file_name));
+} &let {
+	proc : bool = $context.connection.proc_trans2_find_first2_request(header, this);
+};
+
+type trans2_find_first2_response(header: SMB_Header) = record {
+	sid : uint16;
+	search_count : uint16;
+	end_of_search : uint16;
+	ea_error_offset : uint16;
+	last_name_offset : uint16;
+} &let {
+	proc : bool = $context.connection.proc_trans2_find_first2_response(header, this);
+};
+
+###########################################
+
+refine connection SMB_Conn += {
+
+	function proc_trans2_query_fs_info_request(header: SMB_Header, val: trans2_query_fs_info_request): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_query_fs_info request!\n");
+		return true;
+		%}
+
+	function proc_trans2_query_fs_info_response(header: SMB_Header, val: trans2_query_fs_info_response): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_query_fs_info response!\n");
+		return true;
+		%}
+
+};
+
+type trans2_query_fs_info_request(header: SMB_Header) = record {
+	# TODO: implement this.
+} &let {
+	proc : bool = $context.connection.proc_trans2_query_fs_info_request(header, this);
+};
+
+type trans2_query_fs_info_response(header: SMB_Header) = record {
+	# TODO: implement this.
+} &let {
+	proc : bool = $context.connection.proc_trans2_query_fs_info_response(header, this);
+};
+
+###########################################
+
+refine connection SMB_Conn += {
+
+	function proc_trans2_query_path_info_request(header: SMB_Header, val: trans2_query_path_info_request): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_query_path_info request!\n");
+		return true;
+		%}
+
+	function proc_trans2_query_path_info_response(header: SMB_Header, val: trans2_query_path_info_response): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_query_path_info response!\n");
+		return true;
+		%}
+
+};
+
+type trans2_query_path_info_request(header: SMB_Header) = record {
+	level_of_interest : uint16;
+	reserved          : uint32;
+	file_name         : SMB_string(header.unicode, offsetof(file_name));
+} &let {
+	proc : bool = $context.connection.proc_trans2_query_path_info_request(header, this);
+};
+
+type trans2_query_path_info_response(header: SMB_Header) = record {
+	# TODO: implement this.
+} &let {
+	proc : bool = $context.connection.proc_trans2_query_path_info_response(header, this);
+};
+
+###########################################
+
+refine connection SMB_Conn += {
+
+	function proc_trans2_query_file_info_request(header: SMB_Header, val: trans2_query_file_info_request): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_query_file_info request!\n");
+		return true;
+		%}
+
+	function proc_trans2_query_file_info_response(header: SMB_Header, val: trans2_query_file_info_response): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_query_file_info response!\n");
+		return true;
+		%}
+
+};
+
+type trans2_query_file_info_request(header: SMB_Header) = record {
+	file_id           : uint16;
+	level_of_interest : uint16;
+} &let {
+	proc : bool = $context.connection.proc_trans2_query_file_info_request(header, this);
+};
+
+type trans2_query_file_info_response(header: SMB_Header) = record {
+	# TODO: implement this.
+} &let {
+	proc : bool = $context.connection.proc_trans2_query_file_info_response(header, this);
+};
+
+###########################################
+
+refine connection SMB_Conn += {
+
+	function proc_trans2_set_file_info_request(header: SMB_Header, val: trans2_set_file_info_request): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_set_file_info request!\n");
+		return true;
+		%}
+
+	function proc_trans2_set_file_info_response(header: SMB_Header, val: trans2_set_file_info_response): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_set_file_info response!\n");
+		return true;
+		%}
+
+};
+
+type trans2_set_file_info_request(header: SMB_Header) = record {
+	# TODO: implement this.
+} &let {
+	proc : bool = $context.connection.proc_trans2_set_file_info_request(header, this);
+};
+
+type trans2_set_file_info_response(header: SMB_Header) = record {
+	# TODO: implement this.
+} &let {
+	proc : bool = $context.connection.proc_trans2_set_file_info_response(header, this);
+};
+
+###########################################
+
+refine connection SMB_Conn += {
+
+	function proc_trans2_get_dfs_referral_request(header: SMB_Header, val: trans2_get_dfs_referral_request): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_get_dfs_referral request!\n");
+		return true;
+		%}
+
+	function proc_trans2_get_dfs_referral_response(header: SMB_Header, val: trans2_get_dfs_referral_response): bool
+		%{
+		// TODO: implement this.
+		//printf("trans2_get_dfs_referral response!\n");
+		return true;
+		%}
+
+};
+
+type trans2_get_dfs_referral_request(header: SMB_Header) = record {
+	max_referral_level  : uint16;
+	file_name           : SMB_string(header.unicode, offsetof(file_name));
+} &let {
+	proc : bool = $context.connection.proc_trans2_get_dfs_referral_request(header, this);
+};
+
+type trans2_get_dfs_referral_response(header: SMB_Header) = record {
+	# TODO: implement this.
+} &let {
+	proc : bool = $context.connection.proc_trans2_get_dfs_referral_response(header, this);
+};
+
+###########################################
diff --git a/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
new file mode 100644
index 0000000000..25ddfc59f5
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
@@ -0,0 +1,54 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_tree_connect_andx_request(header: SMB_Header, val: SMB1_tree_connect_andx_request): bool
+		%{
+		if ( smb1_tree_connect_andx_request )
+			BifEvent::generate_smb1_tree_connect_andx_request(bro_analyzer(),
+			                                                  bro_analyzer()->Conn(),
+			                                                  BuildHeaderVal(header),
+			                                                  smb_string2stringval(${val.path}),
+			                                                  smb_string2stringval(${val.service}));
+		return true;
+		%}
+
+	function proc_smb1_tree_connect_andx_response(header: SMB_Header, val: SMB1_tree_connect_andx_response): bool
+		%{
+		if ( smb1_tree_connect_andx_response )
+			BifEvent::generate_smb1_tree_connect_andx_response(bro_analyzer(),
+			                                                   bro_analyzer()->Conn(),
+			                                                   BuildHeaderVal(header),
+			                                                   smb_string2stringval(${val.service}),
+			                                                   smb_string2stringval(${val.native_file_system}));
+
+		return true;
+		%}
+
+};
+
+type SMB1_tree_connect_andx_request(header: SMB_Header) = record {
+	word_count      : uint8;
+	andx	        : SMB_andx;
+	flags	        : uint16;
+	password_length : uint16;
+	
+	byte_count      : uint16;
+	password        : uint8[password_length];
+	path            : SMB_string(header.unicode, offsetof(path));
+	service         : SMB_string(0, offsetof(service));
+} &let {
+	proc : bool = $context.connection.proc_smb1_tree_connect_andx_request(header, this);
+};
+
+type SMB1_tree_connect_andx_response(header: SMB_Header) = record {
+	word_count         : uint8;
+	andx		   : SMB_andx;
+	optional_support   : uint16;
+	pad                : padding[(word_count-3)*2];
+	
+	byte_count         : uint16;
+	service            : SMB_string(0, offsetof(service));
+	native_file_system : SMB_string(header.unicode, offsetof(native_file_system));
+} &let {
+	proc : bool = $context.connection.proc_smb1_tree_connect_andx_response(header, this);
+};
+
diff --git a/src/analyzer/protocol/smb/smb1-com-tree-disconnect.pac b/src/analyzer/protocol/smb/smb1-com-tree-disconnect.pac
new file mode 100644
index 0000000000..f41c1bcabd
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-tree-disconnect.pac
@@ -0,0 +1,21 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_tree_disconnect(header: SMB_Header, val: SMB1_tree_disconnect): bool
+		%{
+		if ( smb1_tree_disconnect )
+			BifEvent::generate_smb1_tree_disconnect(bro_analyzer(), 
+			                                        bro_analyzer()->Conn(),
+			                                        BuildHeaderVal(header), 
+			                                        ${val.is_orig});
+		return true;
+		%}
+
+};
+
+type SMB1_tree_disconnect(header: SMB_Header, is_orig: bool) = record {
+	word_count : uint8;
+	
+	byte_count : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb1_tree_disconnect(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-write-andx.pac b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
new file mode 100644
index 0000000000..bf3063c2ef
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
@@ -0,0 +1,75 @@
+refine connection SMB_Conn += {
+
+	function proc_smb1_write_andx_request(h: SMB_Header, val: SMB1_write_andx_request): bool
+		%{
+		if ( smb1_write_andx_request )
+			BifEvent::generate_smb1_write_andx_request(bro_analyzer(),
+			                                           bro_analyzer()->Conn(),
+			                                           BuildHeaderVal(h),
+			                                           ${val.file_id},
+			                                           ${val.offset},
+			                                           ${val.data_len});
+
+		if ( ${val.data}.length() > 0 )
+			{
+			file_mgr->DataIn(${val.data}.begin(), ${val.data}.length(), 
+			                 ${val.offset},
+			                 bro_analyzer()->GetAnalyzerTag(),
+			                 bro_analyzer()->Conn(), h->is_orig());
+			}
+
+		return true;
+		%}
+
+	function proc_smb1_write_andx_response(h: SMB_Header, val: SMB1_write_andx_response): bool
+		%{
+		if ( smb1_write_andx_response )
+			BifEvent::generate_smb1_write_andx_response(bro_analyzer(),
+			                                           bro_analyzer()->Conn(),
+			                                           BuildHeaderVal(h),
+			                                           ${val.written_bytes});
+
+		return true;
+		%}
+
+};
+
+type SMB1_write_andx_request(header: SMB_Header) = record {
+	word_count    : uint8;
+	andx          : SMB_andx;
+	file_id       : uint16;
+	offset_low    : uint32;
+	timeout       : uint32;
+	write_mode    : uint16;
+	remaining     : uint16;
+	data_len_high : uint16;
+	data_len_low  : uint16;
+	data_offset   : uint16;
+	offset_high_u : case word_count of {
+		0x0E      -> offset_high_tmp : uint32;
+		default   -> null            : empty;
+	};
+	
+	byte_count    : uint16;
+	pad           : padding to data_offset - SMB_Header_length;
+	data          : bytestring &length=data_len;
+} &let {
+	data_len    : uint32 = (data_len_high << 16) + data_len_low;
+	offset_high : uint32 = (word_count == 0x0E) ? offset_high_tmp : 0;
+	offset      : uint64 = (offset_high * 0x10000) + offset_low;
+	proc        : bool   = $context.connection.proc_smb1_write_andx_request(header, this);
+};
+
+type SMB1_write_andx_response(header: SMB_Header) = record {
+	word_count   : uint8;
+	andx         : SMB_andx;
+	written_low  : uint16;
+	remaining    : uint16;
+	written_high : uint16;
+	reserved     : uint16;
+	
+	byte_count   : uint16;
+} &let {
+	written_bytes : uint32 = (written_high * 0x10000) + written_low;
+	proc          : bool   = $context.connection.proc_smb1_write_andx_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb1-protocol.pac b/src/analyzer/protocol/smb/smb1-protocol.pac
new file mode 100644
index 0000000000..341c6abbf8
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-protocol.pac
@@ -0,0 +1,325 @@
+%extern{
+#include "file_analysis/Manager.h"
+%}
+
+refine connection SMB_Conn += {
+	function BuildHeaderVal(hdr: SMB_Header): BroVal
+		%{
+		RecordVal* r = new RecordVal(BifType::Record::SMB1::Header);
+
+		//unsigned int status = 0;
+		//
+		//try
+		//	{
+		//	// FIXME: does this work?  We need to catch exceptions :-(
+		//	// or use guard functions.
+		//	status = ${hdr.status.error} ||
+		//	         ${hdr.status.dos_error.error_class} << 24 ||
+		//	         ${hdr.status.dos_error.error_class};
+		//	}
+		//catch ( const binpac::Exception& )
+		//	{ // do nothing
+		//	}
+
+		r->Assign(0, new Val(${hdr.command}, TYPE_COUNT));
+		r->Assign(1, new Val(${hdr.status}, TYPE_COUNT));
+		r->Assign(2, new Val(${hdr.flags}, TYPE_COUNT));
+		r->Assign(3, new Val(${hdr.flags2}, TYPE_COUNT));
+		r->Assign(4, new Val(${hdr.tid}, TYPE_COUNT));
+		r->Assign(5, new Val(${hdr.pid}, TYPE_COUNT));
+		r->Assign(6, new Val(${hdr.uid}, TYPE_COUNT));
+		r->Assign(7, new Val(${hdr.mid}, TYPE_COUNT));
+
+		return r;
+		%}
+
+	function proc_smb_message(h: SMB_Header, is_orig: bool): bool
+		%{
+		if ( smb1_message )
+			{
+			BifEvent::generate_smb1_message(bro_analyzer(), bro_analyzer()->Conn(),
+			                                BuildHeaderVal(h),
+			                                is_orig);
+			}
+		return true;
+		%}
+
+	function proc_smb_empty_response(header: SMB_Header): bool
+		%{
+		if ( smb1_empty_response )
+			{
+			BifEvent::generate_smb1_empty_response(bro_analyzer(),
+			                                       bro_analyzer()->Conn(),
+			                                       BuildHeaderVal(header));
+			}
+		return true;
+		%}
+
+	function proc_smb_no_msg(h: SMB_Header, is_orig: bool): bool
+		%{
+		if ( ${h.status} == STATUS_SUCCESS )
+			{
+			if ( smb1_empty_response )
+				{
+				BifEvent::generate_smb1_empty_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(h));
+				}
+			}
+		else
+			{
+			BifEvent::generate_smb1_error(bro_analyzer(),
+			                              bro_analyzer()->Conn(),
+			                              BuildHeaderVal(h));
+			}
+		return true;
+		%}
+
+};
+
+type SMB_dos_error = record {
+	error_class : uint8;
+	reserved    : uint8;
+	error       : uint16;
+};
+
+type SMB_error(err_status_type: int) = case err_status_type of {
+	0       -> dos_error  : SMB_dos_error;
+	default -> error      : uint32;
+};
+
+type SMB_andx = record {
+	command  : uint8;
+	reserved : uint8;
+	offset   : uint16;
+} &byteorder = littleendian;
+
+type SMB_PDU(is_orig: bool, msg_len: uint32) = record {
+	header     : SMB_Header(is_orig);
+	message    : case msg_len of {
+		# Message length of 35 means that the actual message is
+		# only three bytes which means it's an empty response.
+		35      -> no_msg : SMB_No_Message(header, is_orig);
+		default -> msg    : SMB_Message(header, header.command, is_orig);
+	};
+};
+
+type SMB_No_Message(header: SMB_Header, is_orig: bool) = record {
+	x : bytestring &length=3 &transient;
+} &let {
+	proc : bool = $context.connection.proc_smb_no_msg(header, is_orig);
+};
+
+type SMB_empty_response(header: SMB_Header) = record {
+	word_count   : uint8;
+	byte_count   : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb_empty_response(header);
+};
+
+type SMB_Message(header: SMB_Header, command: uint8, is_orig: bool) = case is_orig of {
+	true    ->  request   : SMB_Message_Request(header, command, is_orig);
+	false   ->  response  : SMB_Message_Response(header, command, is_orig);
+};
+
+type SMB_andx_command(header: SMB_Header, is_orig: bool, command: uint8) = case command of {
+	0xff    -> no_futher_commands : empty;
+	default -> message            : SMB_Message(header, command, is_orig);
+};
+
+type SMB_Message_Request(header: SMB_Header, command: uint8, is_orig: bool) = case command of {
+	# SMB1 Command Extensions
+	#SMB_COM_OPEN_ANDX                -> open_andx              : SMB_open_andx_request(header);
+	SMB_COM_READ_ANDX                -> read_andx              : SMB1_read_andx_request(header);
+	SMB_COM_WRITE_ANDX               -> write_andx             : SMB1_write_andx_request(header);
+	SMB_COM_TRANSACTION2             -> transaction2           : SMB1_transaction2_request(header);
+	SMB_COM_NEGOTIATE                -> negotiate              : SMB1_negotiate_request(header);
+	SMB_COM_SESSION_SETUP_ANDX       -> session_setup_andx     : SMB1_session_setup_andx_request(header);
+	SMB_COM_TREE_CONNECT_ANDX        -> tree_connect_andx      : SMB1_tree_connect_andx_request(header);
+	SMB_COM_NT_TRANSACT              -> nt_transact            : SMB1_nt_transact_request(header);
+	SMB_COM_NT_CREATE_ANDX           -> nt_create_andx         : SMB1_nt_create_andx_request(header);
+
+#	SMB_COM_CREATE_DIRECTORY         -> create_directory       : SMB1_create_directory_request(header);
+#	#SMB_COM_DELETE_DIRECTORY         -> delete_directory       : SMB_delete_directory_request(header);
+#	#SMB_COM_OPEN                     -> open                   : SMB_open_request(header);
+#	#SMB_COM_CREATE                   -> create                 : SMB_create_request(header);
+	SMB_COM_CLOSE                    -> close                  : SMB1_close_request(header);
+#	#SMB_COM_FLUSH                    -> flush                  : SMB_flush_request(header);
+#	#SMB_COM_DELETE                   -> delete                 : SMB_delete_request(header);
+#	#SMB_COM_RENAME                   -> rename                 : SMB_rename_request(header);
+	SMB_COM_QUERY_INFORMATION        -> query_information      : SMB1_query_information_request(header);
+#	#SMB_COM_SET_INFORMATION          -> set_information        : SMB_set_information_request(header);
+#	#SMB_COM_READ                     -> read                   : SMB_read_request(header);
+#	#SMB_COM_WRITE                    -> write                  : SMB_write_request(header);
+#	#SMB_COM_LOCK_BYTE_RANGE          -> lock_byte_range        : SMB_lock_byte_range_request(header);
+#	#SMB_COM_UNLOCK_BYTE_RANGE        -> unlock_byte_range      : SMB_unlock_byte_range_request(header);
+#	#SMB_COM_CREATE_TEMPORARY         -> create_temporary       : SMB_create_temporary_request(header);
+#	#SMB_COM_CREATE_NEW               -> create_new             : SMB_create_new_request(header);
+	SMB_COM_CHECK_DIRECTORY          -> check_directory        : SMB1_check_directory_request(header);
+#	#SMB_COM_PROCESS_EXIT             -> process_exit           : SMB_process_exit_request(header);
+#	#SMB_COM_SEEK                     -> seek                   : SMB_seek_request(header);
+#	#SMB_COM_LOCK_AND_READ            -> lock_and_read          : SMB_lock_and_read_request(header);
+#	#SMB_COM_WRITE_AND_UNLOCK         -> write_and_unlock       : SMB_write_and_unlock_request(header);
+#	#SMB_COM_READ_RAW                 -> read_raw               : SMB_read_raw_request(header);
+#	#SMB_COM_READ_MPX                 -> read_mpx               : SMB_read_mpx_request(header);
+#	#SMB_COM_READ_MPX_SECONDARY       -> read_mpx_secondary     : SMB_read_mpx_secondary_request(header);
+#	#SMB_COM_WRITE_RAW                -> write_raw              : SMB_write_raw_request(header);
+#	#SMB_COM_WRITE_MPX                -> write_mpx              : SMB_write_mpx_request(header);
+#	#SMB_COM_WRITE_MPX_SECONDARY      -> write_mpx_secondary    : SMB_write_mpx_secondary_request(header);
+#	#SMB_COM_WRITE_COMPLETE           -> write_complete         : SMB_write_complete_request(header);
+#	#SMB_COM_QUERY_SERVER             -> query_server           : SMB_query_server_request(header);
+#	#SMB_COM_SET_INFORMATION2         -> set_information2       : SMB_set_information2_request(header);
+#	#SMB_COM_QUERY_INFORMATION2       -> query_information2     : SMB_query_information2_request(header);
+	SMB_COM_LOCKING_ANDX             -> locking_andx           : SMB1_locking_andx_request(header);
+	SMB_COM_TRANSACTION              -> transaction            : SMB1_transaction_request(header);
+#	SMB_COM_TRANSACTION_SECONDARY    -> transaction_secondary  : SMB1_transaction_secondary_request(header);
+#	#SMB_COM_IOCTL                    -> ioctl                  : SMB_ioctl_request(header);
+#	#SMB_COM_IOCTL_SECONDARY          -> ioctl_secondary        : SMB_ioctl_secondary_request(header);
+#	#SMB_COM_COPY                     -> copy                   : SMB_copy_request(header);
+#	#SMB_COM_MOVE                     -> move                   : SMB_move_request(header);
+	SMB_COM_ECHO                     -> echo                   : SMB1_echo_request(header);
+#	#SMB_COM_WRITE_AND_CLOSE          -> write_and_close        : SMB_write_and_close_request(header);
+#	#SMB_COM_NEW_FILE_SIZE            -> new_file_size          : SMB_new_file_size_request(header);
+#	#SMB_COM_CLOSE_AND_TREE_DISC      -> close_and_tree_disc    : SMB_close_and_tree_disc_request(header);
+#	#SMB_COM_TRANSACTION2_SECONDARY   -> transaction2_secondary : SMB1_transaction2_secondary_request(header);
+#	#SMB_COM_FIND_CLOSE2              -> find_close2            : SMB_find_close2_request(header);
+#	#SMB_COM_FIND_NOTIFY_CLOSE        -> find_notify_close      : SMB_find_notify_close_request(header);
+#	#SMB_COM_TREE_CONNECT             -> tree_connect           : SMB_tree_connect_request(header);
+	SMB_COM_TREE_DISCONNECT          -> tree_disconnect        : SMB1_tree_disconnect(header, is_orig);
+	SMB_COM_LOGOFF_ANDX              -> logoff_andx            : SMB1_logoff_andx(header, is_orig);
+#	#SMB_COM_QUERY_INFORMATION_DISK   -> query_information_disk : SMB_query_information_disk_request(header);
+#	#SMB_COM_SEARCH                   -> search                 : SMB_search_request(header);
+#	#SMB_COM_FIND                     -> find                   : SMB_find_request(header);
+#	#SMB_COM_FIND_UNIQUE              -> find_unique            : SMB_find_unique_request(header);
+#	#SMB_COM_FIND_CLOSE               -> find_close             : SMB_find_close_request(header);
+#	#SMB_COM_NT_TRANSACT_SECONDARY    -> nt_transact_secondary  : SMB_nt_transact_secondary_request(header);
+	SMB_COM_NT_CANCEL                -> nt_cancel              : SMB1_nt_cancel_request(header);
+#	#SMB_COM_NT_RENAME                -> nt_rename              : SMB_nt_rename_request(header);
+#	#SMB_COM_OPEN_PRINT_FILE          -> open_print_file        : SMB_open_print_file_request(header);
+#	#SMB_COM_WRITE_PRINT_FILE         -> write_print_file       : SMB_write_print_file_request(header);
+#	#SMB_COM_CLOSE_PRINT_FILE         -> close_print_file       : SMB_close_print_file_request(header);
+#	#SMB_COM_GET_PRINT_QUEUE          -> get_print_queue        : SMB_get_print_queue_request(header);
+#	#SMB_COM_READ_BULK                -> read_bulk              : SMB_read_bulk_request(header);
+#	#SMB_COM_WRITE_BULK               -> write_bulk             : SMB_write_bulk_request(header);
+#	#SMB_COM_WRITE_BULK_DATA          -> write_bulk_data        : SMB_write_bulk_data_request(header);
+	default                          -> unknown_msg            : bytestring &restofdata; # TODO: do something different here!
+} &byteorder = littleendian;
+
+type SMB_Message_Response(header: SMB_Header, command: uint8, is_orig: bool) = case command of {
+	# SMB1 Command Extensions
+	#SMB_COM_OPEN_ANDX                -> open_andx              : SMB_open_andx_response(header);
+	SMB_COM_READ_ANDX                -> read_andx              : SMB1_read_andx_response(header);
+	SMB_COM_WRITE_ANDX               -> write_andx             : SMB1_write_andx_response(header);
+	SMB_COM_TRANSACTION2             -> transaction2           : SMB1_transaction2_response(header);
+	SMB_COM_NEGOTIATE                -> negotiate              : SMB1_negotiate_response(header);
+	SMB_COM_SESSION_SETUP_ANDX       -> session_setup_andx     : SMB1_session_setup_andx_response(header);
+	SMB_COM_TREE_CONNECT_ANDX        -> tree_connect_andx      : SMB1_tree_connect_andx_response(header);
+	SMB_COM_NT_TRANSACT              -> nt_transact            : SMB1_nt_transact_response(header);
+	SMB_COM_NT_CREATE_ANDX           -> nt_create_andx         : SMB1_nt_create_andx_response(header);
+
+#	SMB_COM_CREATE_DIRECTORY         -> create_directory       : SMB1_create_directory_response(header);
+#	#SMB_COM_DELETE_DIRECTORY         -> delete_directory       : SMB_delete_directory_response(header);
+#	#SMB_COM_OPEN                     -> open                   : SMB_open_response(header);
+#	#SMB_COM_CREATE                   -> create                 : SMB_create_response(header);
+	SMB_COM_CLOSE                    -> close                  : SMB_empty_response(header);
+#	#SMB_COM_FLUSH                    -> flush                  : SMB_flush_response(header);
+#	#SMB_COM_DELETE                   -> delete                 : SMB_delete_response(header);
+#	#SMB_COM_RENAME                   -> rename                 : SMB_rename_response(header);
+	SMB_COM_QUERY_INFORMATION        -> query_information      : SMB1_query_information_response(header);
+#	#SMB_COM_SET_INFORMATION          -> set_information        : SMB_set_information_response(header);
+#	#SMB_COM_READ                     -> read                   : SMB_read_response(header);
+#	#SMB_COM_WRITE                    -> write                  : SMB_write_response(header);
+#	#SMB_COM_LOCK_BYTE_RANGE          -> lock_byte_range        : SMB_lock_byte_range_response(header);
+#	#SMB_COM_UNLOCK_BYTE_RANGE        -> unlock_byte_range      : SMB_unlock_byte_range_response(header);
+#	#SMB_COM_CREATE_TEMPORARY         -> create_temporary       : SMB_create_temporary_response(header);
+#	#SMB_COM_CREATE_NEW               -> create_new             : SMB_create_new_response(header);
+	SMB_COM_CHECK_DIRECTORY          -> check_directory        : SMB1_check_directory_response(header);
+#	#SMB_COM_PROCESS_EXIT             -> process_exit           : SMB_process_exit_response(header);
+#	#SMB_COM_SEEK                     -> seek                   : SMB_seek_response(header);
+#	#SMB_COM_LOCK_AND_READ            -> lock_and_read          : SMB_lock_and_read_response(header);
+#	#SMB_COM_WRITE_AND_UNLOCK         -> write_and_unlock       : SMB_write_and_unlock_response(header);
+#	#SMB_COM_READ_RAW                 -> read_raw               : SMB_read_raw_response(header);
+#	#SMB_COM_READ_MPX                 -> read_mpx               : SMB_read_mpx_response(header);
+#	#SMB_COM_READ_MPX_SECONDARY       -> read_mpx_secondary     : SMB_read_mpx_secondary_response(header);
+#	#SMB_COM_WRITE_RAW                -> write_raw              : SMB_write_raw_response(header);
+#	#SMB_COM_WRITE_MPX                -> write_mpx              : SMB_write_mpx_response(header);
+#	#SMB_COM_WRITE_MPX_SECONDARY      -> write_mpx_secondary    : SMB_write_mpx_secondary_response(header);
+#	#SMB_COM_WRITE_COMPLETE           -> write_complete         : SMB_write_complete_response(header);
+#	#SMB_COM_QUERY_SERVER             -> query_server           : SMB_query_server_response(header);
+#	#SMB_COM_SET_INFORMATION2         -> set_information2       : SMB_set_information2_response(header);
+#	#SMB_COM_QUERY_INFORMATION2       -> query_information2     : SMB_query_information2_response(header);
+	SMB_COM_LOCKING_ANDX             -> locking_andx           : SMB1_locking_andx_response(header);
+	SMB_COM_TRANSACTION              -> transaction            : SMB1_transaction_response(header);
+#	#SMB_COM_IOCTL                    -> ioctl                  : SMB_ioctl_response(header);
+#	#SMB_COM_IOCTL_SECONDARY          -> ioctl_secondary        : SMB_ioctl_secondary_response(header);
+#	#SMB_COM_COPY                     -> copy                   : SMB_copy_response(header);
+#	#SMB_COM_MOVE                     -> move                   : SMB_move_response(header);
+	SMB_COM_ECHO                     -> echo                   : SMB1_echo_response(header);
+#	#SMB_COM_WRITE_AND_CLOSE          -> write_and_close        : SMB_write_and_close_response(header);
+#	#SMB_COM_NEW_FILE_SIZE            -> new_file_size          : SMB_new_file_size_response(header);
+#	#SMB_COM_CLOSE_AND_TREE_DISC      -> close_and_tree_disc    : SMB_close_and_tree_disc_response(header);
+#	#SMB_COM_TRANSACTION2_SECONDARY   -> transaction2_secondary : SMB1_transaction2_secondary_response(header);
+#	#SMB_COM_FIND_CLOSE2              -> find_close2            : SMB_find_close2_response(header);
+#	#SMB_COM_FIND_NOTIFY_CLOSE        -> find_notify_close      : SMB_find_notify_close_response(header);
+#	#SMB_COM_TREE_CONNECT             -> tree_connect           : SMB_tree_connect_response(header);
+	SMB_COM_TREE_DISCONNECT          -> tree_disconnect        : SMB1_tree_disconnect(header, is_orig);
+	SMB_COM_LOGOFF_ANDX              -> logoff_andx            : SMB1_logoff_andx(header, is_orig);
+#	#SMB_COM_QUERY_INFORMATION_DISK   -> query_information_disk : SMB_query_information_disk_response(header);
+#	#SMB_COM_SEARCH                   -> search                 : SMB_search_response(header);
+#	#SMB_COM_FIND                     -> find                   : SMB_find_response(header);
+#	#SMB_COM_FIND_UNIQUE              -> find_unique            : SMB_find_unique_response(header);
+#	#SMB_COM_FIND_CLOSE               -> find_close             : SMB_find_close_response(header);
+#	#SMB_COM_NT_TRANSACT_SECONDARY    -> nt_transact_secondary  : SMB_nt_transact_secondary_response(header);
+	#SMB_COM_NT_CANCEL                -> nt_cancel              : SMB1_nt_cancel_response(header);
+#	#SMB_COM_NT_RENAME                -> nt_rename              : SMB_nt_rename_response(header);
+#	#SMB_COM_OPEN_PRINT_FILE          -> open_print_file        : SMB_open_print_file_response(header);
+#	#SMB_COM_WRITE_PRINT_FILE         -> write_print_file       : SMB_write_print_file_response(header);
+#	#SMB_COM_CLOSE_PRINT_FILE         -> close_print_file       : SMB_close_print_file_response(header);
+#	#SMB_COM_GET_PRINT_QUEUE          -> get_print_queue        : SMB_get_print_queue_response(header);
+#	#SMB_COM_READ_BULK                -> read_bulk              : SMB_read_bulk_response(header);
+#	#SMB_COM_WRITE_BULK               -> write_bulk             : SMB_write_bulk_response(header);
+#	#SMB_COM_WRITE_BULK_DATA          -> write_bulk_data        : SMB_write_bulk_data_response(header);
+	default                          -> unknown_msg            : bytestring &restofdata;
+} &byteorder = littleendian;
+
+
+type SMB_Header(is_orig: bool) = record {
+	command           : uint8;
+	#status            : SMB_error(err_status_type);
+	status            : uint32;
+	flags             : uint8;
+	flags2            : uint16;
+	pid_high          : uint16;
+	security_features : uint8[8];
+	reserved          : uint16;
+	tid               : uint16;
+	pid_low           : uint16;
+	uid               : uint16;
+	mid               : uint16;
+} &let {
+	err_status_type = (flags2 >> 14) & 1;
+	unicode         = (flags2 >> 15) & 1;
+	pid             = (pid_high * 0x10000) + pid_low;
+	proc : bool = $context.connection.proc_smb_message(this, is_orig);
+} &byteorder=littleendian;
+
+# TODO: compute this as
+# let SMB_Header_length = sizeof(SMB_Header);
+let SMB_Header_length = 32;
+
+
+refine connection SMB_Conn += {
+
+	%member{
+		int offset_len;
+	%}
+
+	%init{
+		// This needs to be set to some actual value.
+		// TODO: figure out where the hell to get this value from...
+		offset_len = 64;
+	%}
+
+	function get_offset_len(): int
+		%{
+		return offset_len;
+		%}
+};
diff --git a/src/analyzer/protocol/smb/smb1_com_check_directory.bif b/src/analyzer/protocol/smb/smb1_com_check_directory.bif
new file mode 100644
index 0000000000..481b120a8a
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_check_directory.bif
@@ -0,0 +1,5 @@
+## TODO
+event smb1_check_directory_request%(c: connection, hdr: SMB1::Header, directory_name: string%);
+
+## TODO
+event smb1_check_directory_response%(c: connection, hdr: SMB1::Header%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_close.bif b/src/analyzer/protocol/smb/smb1_com_close.bif
new file mode 100644
index 0000000000..9ffb614cc1
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_close.bif
@@ -0,0 +1,13 @@
+## Generated for SMB/CIFS request messages of type *close*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## file_id: The file identifier being closed.
+event smb1_close_request%(c: connection, hdr: SMB1::Header, file_id: count%);
+
diff --git a/src/analyzer/protocol/smb/smb1_com_create_directory.bif b/src/analyzer/protocol/smb/smb1_com_create_directory.bif
new file mode 100644
index 0000000000..2a402851a9
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_create_directory.bif
@@ -0,0 +1,5 @@
+## TODO
+event smb1_create_directory_request%(c: connection, hdr: SMB1::Header, directory_name: string%);
+
+## TODO
+event smb1_create_directory_response%(c: connection, hdr: SMB1::Header%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_echo.bif b/src/analyzer/protocol/smb/smb1_com_echo.bif
new file mode 100644
index 0000000000..cd2900488e
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_echo.bif
@@ -0,0 +1,5 @@
+## TODO
+event smb1_echo_request%(c: connection, data: string%);
+
+## TODO
+event smb1_echo_response%(c: connection, data: string%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_logoff_andx.bif b/src/analyzer/protocol/smb/smb1_com_logoff_andx.bif
new file mode 100644
index 0000000000..ce6508e719
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_logoff_andx.bif
@@ -0,0 +1,11 @@
+## Generated for SMB/CIFS messages of type *logoff andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+event smb1_logoff_andx%(c: connection, is_orig: bool%);
+
diff --git a/src/analyzer/protocol/smb/smb1_com_negotiate.bif b/src/analyzer/protocol/smb/smb1_com_negotiate.bif
new file mode 100644
index 0000000000..4c0ad96883
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_negotiate.bif
@@ -0,0 +1,33 @@
+## Generated for SMB/CIFS messages of type *negotiate*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+event smb1_negotiate_request%(c: connection, hdr: SMB1::Header, dialects: string_vec%);
+
+## Generated for SMB/CIFS messages of type *negotiate response*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for more
+## information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses both
+## SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## dialect_index: The ``dialect`` indicated in the message.
+event smb1_negotiate_response%(c: connection, hdr: SMB1::Header, response: SMB1::NegotiateResponse%);
+
+#### Types
+
+type SMB1::NegotiateResponse: record;
+type SMB1::NegotiateResponseCore: record;
+type SMB1::NegotiateResponseLANMAN: record;
+type SMB1::NegotiateResponseNTLM: record;
+type SMB1::NegotiateResponseSecurity: record;
+type SMB1::NegotiateRawMode: record;
+type SMB1::NegotiateCapabilities: record;
diff --git a/src/analyzer/protocol/smb/smb1_com_nt_cancel.bif b/src/analyzer/protocol/smb/smb1_com_nt_cancel.bif
new file mode 100644
index 0000000000..2e53103690
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_nt_cancel.bif
@@ -0,0 +1,2 @@
+## TODO
+event smb1_nt_cancel_request%(c: connection, hdr: SMB1::Header%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif b/src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif
new file mode 100644
index 0000000000..365b7dfed5
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif
@@ -0,0 +1,15 @@
+## Generated for SMB/CIFS messages of type *nt create andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## name: The ``name`` attribute  specified in the message.
+event smb1_nt_create_andx_request%(c: connection, hdr: SMB1::Header, file_name: string%);
+event smb1_nt_create_andx_response%(c: connection, hdr: SMB1::Header, file_id: count, file_size: count, times: SMB::MACTimes%);
+
+
diff --git a/src/analyzer/protocol/smb/smb1_com_open_andx.bif b/src/analyzer/protocol/smb/smb1_com_open_andx.bif
new file mode 100644
index 0000000000..3df6da6a65
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_open_andx.bif
@@ -0,0 +1,38 @@
+## Generated for SMB/CIFS request messages of type *open andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## flags: Flags requesting attribute data and locking.
+##
+## access_mode: The requested access mode.
+##
+## search_attrs: The set of attributes that the file MUST have in order to be found.
+##
+## file_attrs: The set of attributes that the file is to have if the file needs to be created.
+##
+## creation_time: The time of creation if the file is created.
+##
+## open_mode: The way a file s 
+##
+## length: The number of bytes being requested.
+event smb1_open_andx_request%(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count%);
+
+## Generated for SMB/CIFS response messages of type *open andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## data_len: The length of data from the requested file.
+event smb1_open_andx_response%(c: connection, hdr: SMB1::Header, data_len: count%);
+
diff --git a/src/analyzer/protocol/smb/smb1_com_query_information.bif b/src/analyzer/protocol/smb/smb1_com_query_information.bif
new file mode 100644
index 0000000000..a209f3d777
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_query_information.bif
@@ -0,0 +1,3 @@
+# TODO
+event smb1_query_information_request%(c: connection, hdr: SMB1::Header, filename: string%);
+
diff --git a/src/analyzer/protocol/smb/smb1_com_read_andx.bif b/src/analyzer/protocol/smb/smb1_com_read_andx.bif
new file mode 100644
index 0000000000..f0589a754e
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_read_andx.bif
@@ -0,0 +1,30 @@
+## Generated for SMB/CIFS request messages of type *read andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## file_id: The file identifier being written to.
+##
+## offset: The byte offset the requested read begins at.
+##
+## length: The number of bytes being requested.
+event smb1_read_andx_request%(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count%);
+
+## Generated for SMB/CIFS response messages of type *read andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## data_len: The length of data from the requested file.
+event smb1_read_andx_response%(c: connection, hdr: SMB1::Header, data_len: count%);
+
diff --git a/src/analyzer/protocol/smb/smb1_com_session_setup_andx.bif b/src/analyzer/protocol/smb/smb1_com_session_setup_andx.bif
new file mode 100644
index 0000000000..a59a4c6af9
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_session_setup_andx.bif
@@ -0,0 +1,33 @@
+## Generated for SMB/CIFS requests of type *setup andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## request: The parsed request data of the SMB message. See init-bare for more details.
+##
+event smb1_session_setup_andx_request%(c: connection, hdr: SMB1::Header, request: SMB1::SessionSetupAndXRequest%);
+
+## Generated for SMB/CIFS responses of type *setup andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## response: The parsed response data of the SMB message. See init-bare for more details.
+##
+event smb1_session_setup_andx_response%(c: connection, hdr: SMB1::Header, response: SMB1::SessionSetupAndXResponse%);
+
+#### Types
+
+type SMB1::SessionSetupAndXRequest: record;
+type SMB1::SessionSetupAndXResponse: record;
+type SMB1::SessionSetupAndXCapabilities: record;
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif b/src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif
new file mode 100644
index 0000000000..9ac2e4fd48
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif
@@ -0,0 +1,16 @@
+## Generated for SMB/CIFS messages of type *tree connect andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## path: The ``path`` attribute specified in the message.
+##
+## service: The ``service`` attribute specified in the message.
+event smb1_tree_connect_andx_request%(c: connection, hdr: SMB1::Header, path: string, service: string%);
+event smb1_tree_connect_andx_response%(c: connection, hdr: SMB1::Header, service: string, native_file_system: string%);
+
diff --git a/src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif b/src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif
new file mode 100644
index 0000000000..55a1b5cefd
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif
@@ -0,0 +1,9 @@
+## Generated for SMB/CIFS messages of type *tree disconnect*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+event smb1_tree_disconnect%(c: connection, hdr: SMB1::Header, is_orig: bool%);
+
diff --git a/src/analyzer/protocol/smb/smb1_com_write_andx.bif b/src/analyzer/protocol/smb/smb1_com_write_andx.bif
new file mode 100644
index 0000000000..35886596f4
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_write_andx.bif
@@ -0,0 +1,27 @@
+## Generated for SMB/CIFS request messages of type *write andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## offset: The byte offset into the referenced file data is being written.
+##
+## data: The data being written.
+event smb1_write_andx_request%(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count%);
+
+## Generated for SMB/CIFS response messages of type *write andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## written_bytes: The number of bytes the server reported having actually written.
+event smb1_write_andx_response%(c: connection, hdr: SMB1::Header, written_bytes: count%);
diff --git a/src/analyzer/protocol/smb/smb1_events.bif b/src/analyzer/protocol/smb/smb1_events.bif
new file mode 100644
index 0000000000..e2e1c1572e
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_events.bif
@@ -0,0 +1,29 @@
+## Generated for all SMB/CIFS messages.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## is_orig: True if the message was sent by the originator of the underlying
+##       transport-level connection.
+event smb1_message%(c: connection, hdr: SMB1::Header, is_orig: bool%);
+
+## Generated when there is an SMB response with no message body.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+event smb1_empty_response%(c: connection, hdr: SMB1::Header%);
+
+## Generated for SMB/CIFS messages that indicate an error. This event is
+## triggered by an SMB header including a status that signals an error.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+event smb1_error%(c: connection, hdr: SMB1::Header%);
+
diff --git a/src/analyzer/protocol/smb/smb2-com-close.pac b/src/analyzer/protocol/smb/smb2-com-close.pac
new file mode 100644
index 0000000000..05ead765fe
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-close.pac
@@ -0,0 +1,63 @@
+refine connection SMB_Conn += {
+
+	function proc_smb2_close_request(h: SMB2_Header, val: SMB2_close_request): bool
+		%{
+		if ( smb2_close_request )
+			{
+			BifEvent::generate_smb2_close_request(bro_analyzer(),
+			                                      bro_analyzer()->Conn(),
+			                                      BuildSMB2HeaderVal(h),
+			                                      BuildSMB2GUID(${val.file_id}));
+			}
+
+		return true;
+		%}
+
+	function proc_smb2_close_response(h: SMB2_Header, val: SMB2_close_response): bool
+		%{
+		if ( smb2_close_response )
+			{
+			RecordVal* resp = new RecordVal(BifType::Record::SMB2::CloseResponse);
+
+			resp->Assign(0, new Val(${val.alloc_size}, TYPE_COUNT));
+			resp->Assign(1, new Val(${val.eof}, TYPE_COUNT));
+			resp->Assign(2, SMB_BuildMACTimes(${val.last_write_time},
+			                                  ${val.last_access_time},
+			                                  ${val.creation_time}, 
+			                                  ${val.change_time}));
+			resp->Assign(3, smb2_file_attrs_to_bro(${val.file_attrs}));
+
+			BifEvent::generate_smb2_close_response(bro_analyzer(), 
+			                                       bro_analyzer()->Conn(),
+			                                       BuildSMB2HeaderVal(h),
+			                                       resp);
+			}
+
+		return true;
+		%}
+};
+
+type SMB2_close_request(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	flags               : uint16;
+	reserved            : uint32;
+	file_id             : SMB2_guid;
+} &let {
+	proc: bool = $context.connection.proc_smb2_close_request(header, this);
+};
+
+type SMB2_close_response(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	flags               : uint16;
+	reserved            : uint32;
+	
+	creation_time       : SMB_timestamp;
+	last_access_time    : SMB_timestamp;
+	last_write_time     : SMB_timestamp;
+	change_time         : SMB_timestamp;
+	alloc_size          : uint64;
+	eof                 : uint64;
+	file_attrs          : SMB2_file_attributes;
+} &let {
+	proc: bool = $context.connection.proc_smb2_close_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb2-com-create.pac b/src/analyzer/protocol/smb/smb2-com-create.pac
new file mode 100644
index 0000000000..a26f4e355f
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-create.pac
@@ -0,0 +1,115 @@
+refine connection SMB_Conn += {
+
+	function proc_smb2_create_request(h: SMB2_Header, val: SMB2_create_request): bool
+		%{
+		if ( smb2_create_request )
+			{
+			BifEvent::generate_smb2_create_request(bro_analyzer(),
+			                                       bro_analyzer()->Conn(),
+			                                       BuildSMB2HeaderVal(h),
+			                                       smb2_string2stringval(${val.filename}));
+			}
+
+		return true;
+		%}
+
+	function proc_smb2_create_response(h: SMB2_Header, val: SMB2_create_response): bool
+		%{
+		if ( smb2_create_response )
+			{
+			BifEvent::generate_smb2_create_response(bro_analyzer(), 
+			                                        bro_analyzer()->Conn(),
+			                                        BuildSMB2HeaderVal(h),
+			                                        BuildSMB2GUID(${val.file_id}),
+			                                        ${val.eof},
+			                                        SMB_BuildMACTimes(${val.last_write_time}, 
+			                                                          ${val.last_access_time}, 
+			                                                          ${val.creation_time}, 
+			                                                          ${val.change_time}),
+			                                        smb2_file_attrs_to_bro(${val.file_attrs}));
+			}
+
+		if ( ${val.eof} > 0 )
+			{
+			file_mgr->SetSize(${val.eof}, 
+			                  bro_analyzer()->GetAnalyzerTag(),
+			                  bro_analyzer()->Conn(),
+			                  h->is_orig());
+			}
+
+		return true;
+		%}
+};
+
+type SMB2_create_context = record {
+	next_offset       : uint32;
+	name_offset       : uint16;
+	name_len          : uint16;
+	reserved          : uint16;
+	data_offset       : uint16;
+	data_len          : uint32;
+	name_pad          : padding to name_offset;
+	name              : SMB2_string(name_len);
+	data_pad          : padding to data_offset;
+	data              : SMB2_string(data_len);
+	next_context_pad  : padding to next_offset;
+};
+
+type SMB2_create_request(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	sec_flags_reserved  : uint8;  # ignored
+	oplock              : uint8;
+	impersonation_level : uint32;
+	flags               : bytestring &length=8; # ignored
+	reserved            : bytestring &length=8; # ignored
+	access_mask         : uint32;
+	file_attrs          : SMB2_file_attributes;
+	share_access        : uint32;
+	disposition         : uint32;
+	create_options      : uint32;
+	filename_offset     : uint16;
+	filename_len        : uint16;
+	context_offset      : uint32;
+	context_len         : uint32;
+	filename_pad        : padding to filename_offset - header.head_length;
+	filename            : SMB2_string(filename_len);
+	# If there are no context records, the context_offset will
+	# be set to zero so we need to deal with that to avoid
+	# negative wrap around in the padding.
+	context_pad         : padding to (context_offset==0 ? 0 : context_offset - header.head_length);
+	create : case context_len of {
+		0       -> blank    : empty;
+		default -> contexts : SMB2_create_context[] &length=context_len;
+	};
+} &let {
+	proc : bool = $context.connection.proc_smb2_create_request(header, this);
+};
+
+
+type SMB2_create_response(header: SMB2_Header) = record {
+	structure_size   : uint16;
+	oplock           : uint8;
+	reserved         : uint8;
+	create_action    : uint32;
+	creation_time    : SMB_timestamp;
+	last_access_time : SMB_timestamp;
+	last_write_time  : SMB_timestamp;
+	change_time      : SMB_timestamp;
+	alloc_size       : uint64;
+	eof              : uint64;
+	file_attrs       : SMB2_file_attributes;
+	reserved2        : uint32;
+	file_id          : SMB2_guid;
+	context_offset   : uint32;
+	context_len      : uint32;
+	# If there are no context records, the context_offset will
+	# be set to zero so we need to deal with that to avoid
+	# negative wrap around in the padding.
+	context_pad      : padding to (context_offset==0 ? 0 : context_offset - header.head_length);
+	create : case context_len of {
+		0       -> blank    : empty;
+		default -> contexts : SMB2_create_context[] &length=context_len;
+	};
+} &let {
+	proc : bool = $context.connection.proc_smb2_create_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb2-com-negotiate.pac b/src/analyzer/protocol/smb/smb2-com-negotiate.pac
new file mode 100644
index 0000000000..956d7b0bdf
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-negotiate.pac
@@ -0,0 +1,68 @@
+refine connection SMB_Conn += {
+	
+	function proc_smb2_negotiate_request(h: SMB2_Header, val: SMB2_negotiate_request) : bool
+		%{
+		if ( smb2_negotiate_request )
+			{
+			VectorVal* dialects = new VectorVal(index_vec);
+			for ( unsigned int i = 0; i < ${val.dialects}->size(); ++i )
+				{
+				dialects->Assign(i, new Val((*${val.dialects})[i], TYPE_COUNT));
+				}
+			BifEvent::generate_smb2_negotiate_request(bro_analyzer(), bro_analyzer()->Conn(),
+			                                          BuildSMB2HeaderVal(h),
+			                                          dialects);
+			}
+
+		return true;
+		%}
+		
+	function proc_smb2_negotiate_response(h: SMB2_Header, val: SMB2_negotiate_response) : bool
+		%{
+		if ( smb2_negotiate_response )
+			{
+			RecordVal* nr = new RecordVal(BifType::Record::SMB2::NegotiateResponse);
+		
+			nr->Assign(0, new Val(${val.dialect_revision}, TYPE_COUNT));
+			nr->Assign(1, new Val(${val.security_mode}, TYPE_COUNT));
+			nr->Assign(2, BuildSMB2GUID(${val.server_guid})),
+			nr->Assign(3, filetime2brotime(${val.system_time}));
+			nr->Assign(4, filetime2brotime(${val.server_start_time}));
+			BifEvent::generate_smb2_negotiate_response(bro_analyzer(), bro_analyzer()->Conn(),
+			                                           BuildSMB2HeaderVal(h),
+			                                           nr);
+			}
+		
+		return true;
+		%}
+};
+
+type SMB2_negotiate_request(header: SMB2_Header) = record {
+	structure_size    : uint16;          # client MUST set this to 36
+	dialect_count     : uint16;          # must be > 0
+	security_mode     : uint16;          # there is a list of required modes
+	reserved          : padding[2];      # must be set to 0
+	capabilities      : uint32;          # must be set to 0
+	client_guid       : SMB2_guid;    # guid if client implements SMB 2.1 dialect, otherwise set to 0
+	client_start_time : SMB_timestamp;   # must be set to 0
+	dialects          : uint16[dialect_count];
+} &byteorder=littleendian, &let {
+	proc : bool = $context.connection.proc_smb2_negotiate_request(header, this);
+};
+
+type SMB2_negotiate_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	security_mode     : uint16;
+	dialect_revision  : uint16;
+	reserved          : padding[2];
+	server_guid       : SMB2_guid;
+	capabilities      : uint32;
+	max_transact_size : uint32;
+	max_read_size     : uint32;
+	max_write_size    : uint32;
+	system_time       : SMB_timestamp;
+	server_start_time : SMB_timestamp;
+	security          : SMB2_security;
+} &byteorder=littleendian, &let {
+	proc : bool = $context.connection.proc_smb2_negotiate_response(header, this);
+};
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb2-com-read.pac b/src/analyzer/protocol/smb/smb2-com-read.pac
new file mode 100644
index 0000000000..9fb4d9ce08
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-read.pac
@@ -0,0 +1,73 @@
+refine connection SMB_Conn += {
+	
+	%member{
+		// Track read offsets to provide correct 
+		// offsets for file manager.
+		std::map<uint16,uint64> smb2_read_offsets;
+	%}
+
+	function proc_smb2_read_request(h: SMB2_Header, val: SMB2_read_request) : bool
+		%{
+		if ( smb2_read_request )
+			{
+			BifEvent::generate_smb2_read_request(bro_analyzer(),
+			                                     bro_analyzer()->Conn(),
+			                                     BuildSMB2HeaderVal(h),
+			                                     BuildSMB2GUID(${val.file_id}),
+			                                     ${val.offset},
+			                                     ${val.read_len});
+			}
+		
+		smb2_read_offsets[${h.message_id}] = ${val.offset};
+
+		return true;
+		%}
+
+	function proc_smb2_read_response(h: SMB2_Header, val: SMB2_read_response) : bool
+		%{
+		if ( ${val.data_len} > 0 )
+			{
+			uint64 offset = smb2_read_offsets[${h.message_id}];
+			smb2_read_offsets.erase(${h.message_id});
+
+			file_mgr->DataIn(${val.data}.begin(), ${val.data_len}, offset,
+			                 bro_analyzer()->GetAnalyzerTag(),
+			                 bro_analyzer()->Conn(), h->is_orig());
+			}
+
+		return true;
+		%}
+
+};
+
+type SMB2_read_request(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	pad                 : uint8;
+	reserved            : uint8;
+	read_len            : uint32;
+	offset              : uint64;
+	file_id             : SMB2_guid;
+	minimum_count       : uint32;
+	channel             : uint32;
+	remaining_bytes     : uint32;
+	channel_info_offset : uint16;
+	channel_info_len    : uint16;
+
+	# These aren't used.
+	pad               : padding to channel_info_offset - header.head_length;
+	buffer            : bytestring &length = channel_info_len;
+} &let {
+	proc: bool = $context.connection.proc_smb2_read_request(header, this);
+};
+
+type SMB2_read_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	data_offset       : uint16;
+	data_len          : uint32;
+	data_remaining    : uint32;
+	reserved          : uint32;
+	pad               : padding to data_offset - header.head_length;
+	data              : bytestring &length=data_len;
+} &let {
+	proc: bool = $context.connection.proc_smb2_read_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb2-com-session-setup.pac b/src/analyzer/protocol/smb/smb2-com-session-setup.pac
new file mode 100644
index 0000000000..ecf7e757be
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-session-setup.pac
@@ -0,0 +1,64 @@
+refine connection SMB_Conn += {
+
+	function proc_smb2_session_setup_request(h: SMB2_Header, val: SMB2_session_setup_request): bool
+		%{
+		if ( smb2_session_setup_request )
+			{
+			RecordVal* req = new RecordVal(BifType::Record::SMB2::SessionSetupRequest);
+			req->Assign(0, new Val(${val.security_mode}, TYPE_COUNT));
+
+			BifEvent::generate_smb2_session_setup_request(bro_analyzer(),
+			                                              bro_analyzer()->Conn(),
+			                                              BuildSMB2HeaderVal(h),
+			                                              req);
+			}
+
+		return true;
+		%}
+
+	function proc_smb2_session_setup_response(h: SMB2_Header, val: SMB2_session_setup_response): bool
+		%{
+		if ( smb2_session_setup_response )
+			{
+			RecordVal* flags = new RecordVal(BifType::Record::SMB2::SessionSetupFlags);
+			flags->Assign(0, new Val(${val.flag_guest}, TYPE_BOOL));
+			flags->Assign(1, new Val(${val.flag_anonymous}, TYPE_BOOL));
+			flags->Assign(2, new Val(${val.flag_encrypt}, TYPE_BOOL));
+
+			RecordVal* resp = new RecordVal(BifType::Record::SMB2::SessionSetupResponse);
+			resp->Assign(0, flags);
+
+			BifEvent::generate_smb2_session_setup_response(bro_analyzer(), 
+			                                               bro_analyzer()->Conn(),
+			                                               BuildSMB2HeaderVal(h),
+			                                               resp);
+			}
+
+		return true;
+		%}
+};
+
+
+type SMB2_session_setup_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	vc_number         : uint8;
+	security_mode     : uint8;
+	capabilities      : uint32;
+	channel           : uint32;
+	security          : SMB2_security;
+} &let {
+	proc: bool = $context.connection.proc_smb2_session_setup_request(header, this);
+};
+
+type SMB2_session_setup_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	session_flags     : uint16;
+	security          : SMB2_security;
+} &let {
+	flag_guest     = (session_flags & 0x1) > 0;
+	flag_anonymous = (session_flags & 0x2) > 0;
+	flag_encrypt = (session_flags & 0x4) > 0;
+
+} &let {
+	proc: bool = $context.connection.proc_smb2_session_setup_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb2-com-tree-connect.pac b/src/analyzer/protocol/smb/smb2-com-tree-connect.pac
new file mode 100644
index 0000000000..5c6ae8020d
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-tree-connect.pac
@@ -0,0 +1,55 @@
+refine connection SMB_Conn += {
+
+	function proc_smb2_tree_connect_request(header: SMB2_Header, val: SMB2_tree_connect_request): bool
+		%{
+		if ( smb2_tree_connect_request )
+			BifEvent::generate_smb2_tree_connect_request(bro_analyzer(),
+			                                             bro_analyzer()->Conn(),
+			                                             BuildSMB2HeaderVal(header),
+			                                             smb2_string2stringval(${val.path}));
+		
+		return true;
+		%}
+
+	function proc_smb2_tree_connect_response(header: SMB2_Header, val: SMB2_tree_connect_response): bool
+		%{
+		if ( smb2_tree_connect_response )
+			{
+			RecordVal* resp = new RecordVal(BifType::Record::SMB2::TreeConnectResponse);
+
+			resp->Assign(0, new Val(${val.share_type}, TYPE_COUNT));
+
+			BifEvent::generate_smb2_tree_connect_response(bro_analyzer(),
+			                                              bro_analyzer()->Conn(),
+			                                              BuildSMB2HeaderVal(header),
+			                                              resp);
+			}
+
+		return true;
+		%}
+
+};
+
+type SMB2_tree_connect_request(header: SMB2_Header) = record {
+	structure_size : uint16;
+	reserved       : padding[2];
+	path_offset    : uint16;
+	path_length    : uint16;
+
+	pad            : padding to path_offset - header.head_length;
+	path           : SMB2_string(path_length);
+} &let {
+	proc: bool = $context.connection.proc_smb2_tree_connect_request(header, this);
+};
+
+type SMB2_tree_connect_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	share_type        : uint8;
+	reserved          : padding[1];
+	share_flags       : uint32;
+	capabilities      : uint32;
+	maximal_access    : uint32;
+} &let {
+	proc: bool = $context.connection.proc_smb2_tree_connect_response(header, this);
+};
+
diff --git a/src/analyzer/protocol/smb/smb2-com-tree-disconnect.pac b/src/analyzer/protocol/smb/smb2-com-tree-disconnect.pac
new file mode 100644
index 0000000000..4413b56952
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-tree-disconnect.pac
@@ -0,0 +1,9 @@
+type SMB2_tree_disconnect_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+};
+
+type SMB2_tree_disconnect_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+};
diff --git a/src/analyzer/protocol/smb/smb2-com-write.pac b/src/analyzer/protocol/smb/smb2-com-write.pac
new file mode 100644
index 0000000000..64a9d72254
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-write.pac
@@ -0,0 +1,60 @@
+refine connection SMB_Conn += {
+
+	function proc_smb2_write_request(h: SMB2_Header, val: SMB2_write_request) : bool
+		%{
+		if ( smb2_write_request )
+			{
+			BifEvent::generate_smb2_write_request(bro_analyzer(), 
+			                                      bro_analyzer()->Conn(),
+			                                      BuildSMB2HeaderVal(h),
+			                                      BuildSMB2GUID(${val.file_id}),
+			                                      ${val.offset},
+			                                      ${val.data_len});
+			}
+
+		if ( ${val.data}.length() > 0 )
+			{
+			file_mgr->DataIn(${val.data}.begin(), ${val.data_len}, ${val.offset},
+			                 bro_analyzer()->GetAnalyzerTag(),
+			                 bro_analyzer()->Conn(), h->is_orig());
+			}
+
+		return true;
+		%}
+
+	function proc_smb2_write_response(h: SMB2_Header, val: SMB2_write_response) : bool
+		%{
+
+		return true;
+		%}
+
+};
+
+
+type SMB2_write_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	data_offset       : uint16;
+	data_len          : uint32;
+	offset            : uint64;
+	file_id           : SMB2_guid;
+	channel           : uint32; # ignore
+	data_remaining    : uint32;
+	channel_info_offset : uint16; # ignore
+	channel_info_len  : uint16; # ignore
+	flags             : uint32;
+	pad               : padding to data_offset - header.head_length;
+	data              : bytestring &length=data_len;
+} &let {
+	proc : bool = $context.connection.proc_smb2_write_request(header, this);
+};
+
+type SMB2_write_response(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	reserved            : uint16;
+	write_count         : uint32;
+	remaining           : uint32;
+	channel_info_offset : uint16;
+	channel_info_len    : uint16;
+} &let {
+	proc : bool = $context.connection.proc_smb2_write_response(header, this);
+};
diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac
new file mode 100644
index 0000000000..09299fe086
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-protocol.pac
@@ -0,0 +1,426 @@
+# Documentation for SMB2 protocol from here: 
+#     http://msdn.microsoft.com/en-us/library/cc246497(v=PROT.13).aspx
+
+enum smb2_commands {
+	SMB2_NEGOTIATE_PROTOCOL = 0,
+	SMB2_SESSION_SETUP      = 1,
+	SMB2_LOGOFF             = 2,
+	SMB2_TREE_CONNECT       = 3,
+	SMB2_TREE_DISCONNECT    = 4,
+	SMB2_CREATE             = 5,
+	SMB2_CLOSE              = 6,
+	SMB2_FLUSH              = 7,
+	SMB2_READ               = 8,
+	SMB2_WRITE              = 9,
+	SMB2_LOCK               = 10,
+	SMB2_IOCTL              = 11,
+	SMB2_CANCEL             = 12,
+	SMB2_ECHO               = 13,
+	SMB2_QUERY_DIRECTORY    = 14,
+	SMB2_CHANGE_NOTIFY      = 15,
+	SMB2_QUERY_INFO         = 16,
+	SMB2_SET_INFO           = 17,
+	SMB2_OPLOCK_BREAK       = 18,
+};
+
+type SMB2_PDU(is_orig: bool) = record {
+	header     : SMB2_Header(is_orig);
+	message    : case header.status of {
+		# Status 0 indicates success.  In the case of a 
+		# request this should just happen to work out due to
+		# how the fields are set.
+		0          -> msg                      : SMB2_Message(header, is_orig);
+		0xC0000016 -> more_processing_required : SMB2_Message(header, is_orig);
+		default    -> err                      : SMB2_error_response(header);
+	};
+};
+
+type SMB2_Message(header: SMB2_Header, is_orig: bool) = case is_orig of {
+	true  -> request  : SMB2_Message_Request(header);
+	false -> response : SMB2_Message_Response(header);
+} &byteorder = littleendian;
+
+type SMB2_Message_Request(header: SMB2_Header) = case header.command of {
+	SMB2_NEGOTIATE_PROTOCOL -> negotiate_protocol  : SMB2_negotiate_request(header);
+	SMB2_SESSION_SETUP      -> session_setup       : SMB2_session_setup_request(header);
+	SMB2_TREE_CONNECT       -> tree_connect        : SMB2_tree_connect_request(header);
+	SMB2_TREE_DISCONNECT    -> tree_disconnect     : SMB2_tree_disconnect_request(header);
+	SMB2_CREATE             -> create              : SMB2_create_request(header);
+	SMB2_CLOSE              -> close               : SMB2_close_request(header);
+	SMB2_FLUSH              -> flush               : SMB2_flush_request(header);
+	SMB2_READ               -> read                : SMB2_read_request(header);
+	SMB2_WRITE              -> write               : SMB2_write_request(header);
+	SMB2_LOCK               -> lock                : SMB2_lock_request(header);
+	SMB2_IOCTL              -> ioctl               : SMB2_ioctl_request(header);
+	SMB2_CANCEL             -> cancel              : SMB2_cancel_request(header);
+	SMB2_ECHO               -> echo                : SMB2_echo_request(header);
+	SMB2_QUERY_DIRECTORY    -> query_directory     : SMB2_query_directory_request(header);
+	SMB2_CHANGE_NOTIFY      -> change_notify       : SMB2_change_notify_request(header);
+	SMB2_QUERY_INFO         -> query_info          : SMB2_query_info_request(header);
+	SMB2_SET_INFO           -> set_info            : SMB2_set_info_request(header);
+	SMB2_OPLOCK_BREAK       -> oplock_break        : SMB2_oplock_break(header);
+	
+	default                 -> unknown_msg         : empty; # TODO: do something different here!
+} &byteorder = littleendian;
+
+type SMB2_Message_Response(header: SMB2_Header) = case header.command of {
+	SMB2_NEGOTIATE_PROTOCOL -> negotiate_protocol  : SMB2_negotiate_response(header);
+	SMB2_SESSION_SETUP      -> session_setup       : SMB2_session_setup_response(header);
+	SMB2_TREE_CONNECT       -> tree_connect        : SMB2_tree_connect_response(header);
+	SMB2_TREE_DISCONNECT    -> tree_disconnect     : SMB2_tree_disconnect_response(header);
+	SMB2_CREATE             -> create              : SMB2_create_response(header);
+	SMB2_CLOSE              -> close               : SMB2_close_response(header);
+	SMB2_FLUSH              -> flush               : SMB2_flush_response(header);
+	SMB2_READ               -> read                : SMB2_read_response(header);
+	SMB2_WRITE              -> write               : SMB2_write_response(header);
+	SMB2_LOCK               -> lock                : SMB2_lock_response(header);
+	SMB2_IOCTL              -> ioctl               : SMB2_ioctl_response(header);
+	SMB2_ECHO               -> echo                : SMB2_echo_response(header);
+	SMB2_QUERY_DIRECTORY    -> query_directory     : SMB2_query_directory_response(header);
+	SMB2_CHANGE_NOTIFY      -> change_notify       : SMB2_change_notify_response(header);
+	SMB2_QUERY_INFO         -> query_info          : SMB2_query_info_response(header);
+	SMB2_SET_INFO           -> set_info            : SMB2_set_info_response(header);
+	SMB2_OPLOCK_BREAK       -> oplock_break        : SMB2_oplock_break(header);
+
+	default                 -> unknown_msg         : empty; # TODO: do something different here!
+} &byteorder=littleendian;
+
+refine connection SMB_Conn += {
+
+	function BuildSMB2HeaderVal(hdr: SMB2_Header): BroVal
+		%{
+		RecordVal* r = new RecordVal(BifType::Record::SMB2::Header);
+
+		r->Assign(0, new Val(${hdr.credit_charge}, TYPE_COUNT));
+		r->Assign(1, new Val(${hdr.status}, TYPE_COUNT));
+		r->Assign(2, new Val(${hdr.command}, TYPE_COUNT));
+		r->Assign(3, new Val(${hdr.credits}, TYPE_COUNT));
+		r->Assign(4, new Val(${hdr.flags}, TYPE_COUNT));
+		r->Assign(5, new Val(${hdr.message_id}, TYPE_COUNT));
+		r->Assign(6, new Val(${hdr.process_id}, TYPE_COUNT));
+		r->Assign(7, new Val(${hdr.tree_id}, TYPE_COUNT));
+		r->Assign(8, new Val(${hdr.session_id}, TYPE_COUNT));
+		r->Assign(9, bytestring_to_val(${hdr.signature}));
+	
+		return r;
+		%}
+
+	function BuildSMB2GUID(file_id: SMB2_guid): BroVal
+		%{
+		RecordVal* r = new RecordVal(BifType::Record::SMB2::GUID);
+
+		r->Assign(0, new Val(${file_id.persistent}, TYPE_COUNT));
+		r->Assign(1, new Val(${file_id._volatile}, TYPE_COUNT));
+
+		return r;
+		%}
+
+	function proc_smb2_message(h: SMB2_Header, is_orig: bool): bool
+		%{
+		//if ( ${h.command} == SMB2_READ )
+		//	printf("got a read %s command\n", is_orig ? "request" : "response");
+
+		if ( smb2_message )
+			{
+			BifEvent::generate_smb2_message(bro_analyzer(), bro_analyzer()->Conn(),
+			                                BuildSMB2HeaderVal(h),
+			                                is_orig);
+			}
+		return true;
+		%}
+};
+
+function smb2_file_attrs_to_bro(val: SMB2_file_attributes): BroVal
+	%{
+	RecordVal* r = new RecordVal(BifType::Record::SMB2::FileAttrs);
+
+	r->Assign(0, new Val(${val.read_only}, TYPE_BOOL));
+	r->Assign(1, new Val(${val.hidden}, TYPE_BOOL));
+	r->Assign(2, new Val(${val.system}, TYPE_BOOL));
+	r->Assign(3, new Val(${val.directory}, TYPE_BOOL));
+	r->Assign(4, new Val(${val.archive}, TYPE_BOOL));
+	r->Assign(5, new Val(${val.normal}, TYPE_BOOL));
+	r->Assign(6, new Val(${val.temporary}, TYPE_BOOL));
+	r->Assign(7, new Val(${val.sparse_file}, TYPE_BOOL));
+	r->Assign(8, new Val(${val.reparse_point}, TYPE_BOOL));
+	r->Assign(9, new Val(${val.compressed}, TYPE_BOOL));
+	r->Assign(10, new Val(${val.offline}, TYPE_BOOL));
+	r->Assign(11, new Val(${val.not_content_indexed}, TYPE_BOOL));
+	r->Assign(12, new Val(${val.encrypted}, TYPE_BOOL));
+	r->Assign(13, new Val(${val.integrity_stream}, TYPE_BOOL));
+	r->Assign(14, new Val(${val.no_scrub_data}, TYPE_BOOL));
+
+	return r;
+	%}
+
+type SMB2_file_attributes = record {
+	flags : uint32;
+} &let {
+	read_only           : bool = ( flags & 0x00000001 ) > 0;
+	hidden              : bool = ( flags & 0x00000002 ) > 0;
+	system              : bool = ( flags & 0x00000004 ) > 0;
+	directory           : bool = ( flags & 0x00000010 ) > 0;
+	archive             : bool = ( flags & 0x00000020 ) > 0;
+	normal              : bool = ( flags & 0x00000080 ) > 0;
+	temporary           : bool = ( flags & 0x00000100 ) > 0;
+	sparse_file         : bool = ( flags & 0x00000200 ) > 0;
+	reparse_point       : bool = ( flags & 0x00000400 ) > 0;
+	compressed          : bool = ( flags & 0x00000800 ) > 0;
+	offline             : bool = ( flags & 0x00001000 ) > 0;
+	not_content_indexed : bool = ( flags & 0x00002000 ) > 0;
+	encrypted           : bool = ( flags & 0x00004000 ) > 0;
+	integrity_stream    : bool = ( flags & 0x00008000 ) > 0;
+	no_scrub_data       : bool = ( flags & 0x00020000 ) > 0;
+};
+
+type SMB2_Header(is_orig: bool) = record {
+	head_length   : uint16;
+	credit_charge : uint16;
+	status        : uint32;
+	command       : uint16;
+	credits       : uint16;
+	flags         : uint32;
+	next_command  : uint32;
+	message_id    : uint64;
+	process_id    : uint32;
+	tree_id       : uint32;
+	session_id    : uint64;
+	signature     : bytestring &length = 16;
+} &let {
+	response = (flags >> 24) & 1;
+	async    = (flags >> 25) & 1;
+	related  = (flags >> 26) & 1;
+	msigned  = (flags >> 27) & 1;
+	dfs      = (flags) & 1;
+	proc : bool = $context.connection.proc_smb2_message(this, is_orig);
+} &byteorder=littleendian;
+
+type SMB2_security = record {
+	buffer_offset     : uint16;
+	buffer_len        : uint16;
+	# TODO: handle previous session IDs
+	sec_buffer        : bytestring &length = buffer_len;
+} &byteorder = littleendian;
+
+
+# file ids and guids are the same thing and need unified somehow.
+type SMB2_guid = record {
+	persistent : uint64;
+	_volatile   : uint64;
+};
+
+type SMB2_lock = record {
+	offset            : uint64;
+	len               : uint64;
+	flags             : uint32;
+};
+
+type SMB2_File_Notify_Information = record {
+	next_entry_offset : uint32;
+	action            : uint32;
+	filename_len      : uint32;
+	filename          : SMB2_string(filename_len);
+};
+
+type SMB2_symlink_error(byte_count: uint32) = record {
+	sym_link_length   : uint32;
+	sym_link_err_tag  : uint32;
+	reparse_tag       : uint32;
+	reparse_data_len  : uint16;
+	unparsed_path_len : uint16;
+	sub_name_offset   : uint16;
+	sub_name_length   : uint16;
+	print_name_offset : uint16;
+	print_name_length : uint16;
+	flags             : uint32;
+	path_buffer       : bytestring &length = sub_name_length+print_name_length;
+} &let {
+	absolute_target_path  = (flags == 0x00000000);
+	symlink_flag_relative = (flags == 0x00000001);
+} &byteorder = littleendian;
+
+type SMB2_error_data(byte_count: uint32) = case byte_count of {
+	0       -> empty: empty;
+	default -> error: SMB2_symlink_error(byte_count);
+} &byteorder = littleendian;
+
+type SMB2_error_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : padding[2];
+	byte_count        : uint32;
+	error_data        : SMB2_error_data(byte_count);
+} &byteorder = littleendian;
+
+type SMB2_logoff_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+};
+
+type SMB2_logoff_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+};
+
+type SMB2_flush_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved1         : uint16;
+	reserved2         : uint32;
+	file_id           : SMB2_guid;
+};
+
+type SMB2_flush_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved1         : uint16;
+};
+
+type SMB2_lock_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	lock_count        : uint16;
+	lock_seq          : uint32;
+	file_id           : SMB2_guid;
+	locks             : SMB2_lock[lock_count];
+};
+
+type SMB2_lock_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16; # ignore
+};
+
+type SMB2_ioctl_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+	ctl_code          : uint32;
+	file_id           : SMB2_guid;
+	input_offset      : uint32;
+	input_count       : uint32;
+	max_input_resp    : uint32;
+	output_offset     : uint32;
+	output_count      : uint32;
+	max_output_resp   : uint32;
+	flags             : uint32;
+	reserved2         : uint32;
+	pad               : padding to input_offset - header.head_length;
+	input_buffer      : bytestring &length = input_count;
+	pad2              : padding to output_offset - header.head_length;
+	output_buffer     : bytestring &length=output_count;
+};
+
+type SMB2_ioctl_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+	ctl_code          : uint32;
+	file_id           : SMB2_guid;
+	input_offset      : uint32;
+	input_count       : uint32;
+	output_offset     : uint32;
+	output_count      : uint32;
+	flags             : uint32;
+	reserved2         : uint32;
+	pad               : padding to input_offset - header.head_length;
+	input_buffer      : bytestring &length=input_count;
+	pad2              : padding to output_offset - header.head_length;
+	output_buffer     : bytestring &length=output_count;
+};
+
+type SMB2_cancel_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+};
+
+type SMB2_echo_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+};
+
+type SMB2_echo_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+};
+
+type SMB2_query_directory_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	_class            : uint8;
+	flags             : uint8;
+	file_index        : uint32;
+	file_id           : SMB2_guid;
+	file_name_offset  : uint16;
+	file_name_len     : uint16;
+	output_buffer_len : uint32;
+	pad               : padding to file_name_offset - header.head_length;
+	file_name         : bytestring &length = file_name_len;
+};
+
+type SMB2_query_directory_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	buffer_offset     : uint16;
+	buffer_len        : uint32;
+	pad               : padding to buffer_offset - header.head_length;
+	buffer            : bytestring &length = buffer_len;
+};
+
+type SMB2_change_notify_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	flags             : uint16;
+	output_buffer_len : uint32;
+	file_id           : SMB2_guid;
+	completion_filter : uint32;
+	reserved          : uint32;
+};
+
+type SMB2_change_notify_response(header: SMB2_Header) = record {
+	structure_size       : uint16;
+	output_buffer_offset : uint16;
+	output_buffer_len    : uint32;
+	pad                  : padding to output_buffer_offset - header.head_length;
+	buffer               : SMB2_File_Notify_Information[] &length = output_buffer_len;
+};
+
+type SMB2_query_info_request(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	info_type           : uint8;
+	file_info_class     : uint8;
+	output_buffer_len   : uint32;
+	input_buffer_offset : uint16;
+	reserved            : uint16;
+	input_buffer_len    : uint32;
+	additional_info     : uint32;
+	flags               : uint32;
+	file_id             : SMB2_guid;
+	pad                 : padding to input_buffer_offset - header.head_length;
+	buffer              : bytestring &length = input_buffer_len;
+};
+
+type SMB2_query_info_response(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	buffer_offset       : uint16;
+	buffer_len          : uint32;
+	pad                 : padding to buffer_offset - header.head_length;
+	# TODO: a new structure needs to be created for this.
+	buffer              : bytestring &length = buffer_len;
+};
+
+type SMB2_set_info_request(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	info_type           : uint8;
+	file_info_class     : uint8;
+	buffer_len          : uint32;
+	buffer_offset       : uint16;
+	reserved            : uint16;
+	additional_info     : uint32;
+	file_id             : SMB2_guid;
+	pad                 : padding to buffer_offset - header.head_length;
+	# TODO: a new structure needs to be created for this.
+	buffer              : bytestring &length = buffer_len;
+};
+
+type SMB2_set_info_response(header: SMB2_Header) = record {
+	structure_size      : uint16;
+};
+
+type SMB2_oplock_break(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	oplock_level        : uint8;
+	reserved            : uint8;
+	reserved2           : uint32;
+	file_id             : SMB2_guid;
+};
diff --git a/src/analyzer/protocol/smb/smb2_com_close.bif b/src/analyzer/protocol/smb/smb2_com_close.bif
new file mode 100644
index 0000000000..27d7369175
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_close.bif
@@ -0,0 +1,4 @@
+event smb2_close_request%(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID%);
+event smb2_close_response%(c: connection, hdr: SMB2::Header, response: SMB2::CloseResponse%);
+
+type SMB2::CloseResponse: record;
diff --git a/src/analyzer/protocol/smb/smb2_com_create.bif b/src/analyzer/protocol/smb/smb2_com_create.bif
new file mode 100644
index 0000000000..39c5979053
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_create.bif
@@ -0,0 +1,2 @@
+event smb2_create_request%(c: connection, hdr: SMB2::Header, file_name: string%);
+event smb2_create_response%(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, size: count, times: SMB::MACTimes, attrs: SMB2::FileAttrs%);
diff --git a/src/analyzer/protocol/smb/smb2_com_negotiate.bif b/src/analyzer/protocol/smb/smb2_com_negotiate.bif
new file mode 100644
index 0000000000..370491f5ec
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_negotiate.bif
@@ -0,0 +1,21 @@
+## Generated for SMB2 messages of type *negotiate*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## dialects: A vector of the client's supported dialects.
+event smb2_negotiate_request%(c: connection, hdr: SMB2::Header, dialects: index_vec%);
+
+## Generated for SMB2 messages of type *negotiate response*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## response: The negotiate response data structure.
+event smb2_negotiate_response%(c: connection, hdr: SMB2::Header, response: SMB2::NegotiateResponse%);
+
+#### Types
+
+type SMB2::NegotiateResponse: record;
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb2_com_read.bif b/src/analyzer/protocol/smb/smb2_com_read.bif
new file mode 100644
index 0000000000..d219063df4
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_read.bif
@@ -0,0 +1,12 @@
+## Generated for SMB2 request messages of type *read*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## file_id: The GUID being used for the file.
+##
+## offset: How far into the file this read should be taking place.
+##
+## length: The number of bytes of the file being read.
+event smb2_read_request%(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count%);
diff --git a/src/analyzer/protocol/smb/smb2_com_session_setup.bif b/src/analyzer/protocol/smb/smb2_com_session_setup.bif
new file mode 100644
index 0000000000..03873ac834
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_session_setup.bif
@@ -0,0 +1,8 @@
+event smb2_session_setup_request%(c: connection, hdr: SMB2::Header, request: SMB2::SessionSetupRequest%);
+event smb2_session_setup_response%(c: connection, hdr: SMB2::Header, response: SMB2::SessionSetupResponse%);
+
+#### Types
+
+type SMB2::SessionSetupRequest: record;
+type SMB2::SessionSetupResponse: record;
+type SMB2::SessionSetupFlags: record;
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb2_com_tree_connect.bif b/src/analyzer/protocol/smb/smb2_com_tree_connect.bif
new file mode 100644
index 0000000000..466ae34a74
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_tree_connect.bif
@@ -0,0 +1,4 @@
+event smb2_tree_connect_request%(c: connection, hdr: SMB2::Header, path: string%);
+event smb2_tree_connect_response%(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse%);
+
+type SMB2::TreeConnectResponse: record;
diff --git a/src/analyzer/protocol/smb/smb2_com_tree_disconnect.bif b/src/analyzer/protocol/smb/smb2_com_tree_disconnect.bif
new file mode 100644
index 0000000000..8b13789179
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_tree_disconnect.bif
@@ -0,0 +1 @@
+
diff --git a/src/analyzer/protocol/smb/smb2_com_write.bif b/src/analyzer/protocol/smb/smb2_com_write.bif
new file mode 100644
index 0000000000..729ad55805
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_write.bif
@@ -0,0 +1,12 @@
+## Generated for SMB2 request messages of type *write*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## file_id: The GUID being used for the file.
+##
+## offset: How far into the file this write should be taking place.
+##
+## length: The number of bytes of the file being written.
+event smb2_write_request%(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count%);
diff --git a/src/analyzer/protocol/smb/smb2_events.bif b/src/analyzer/protocol/smb/smb2_events.bif
new file mode 100644
index 0000000000..20a090f06b
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_events.bif
@@ -0,0 +1,5 @@
+event smb2_message%(c: connection, hdr: SMB2::Header, is_orig: bool%);
+
+
+
+
diff --git a/src/analyzer/protocol/smb/smb_ntlmssp.bif b/src/analyzer/protocol/smb/smb_ntlmssp.bif
new file mode 100644
index 0000000000..4b2f99a482
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb_ntlmssp.bif
@@ -0,0 +1,64 @@
+## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI NTLM message of type *negotiate*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## negotiate: The parsed data of the NTLM message. See init-bare for more details.
+##
+event smb_ntlm_negotiate%(c: connection, hdr: SMB1::Header, request: SMB::NTLMNegotiate%);
+
+## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI NTLM message of type *challenge*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## negotiate: The parsed data of the NTLM message. See init-bare for more details.
+##
+event smb_ntlm_challenge%(c: connection, hdr: SMB1::Header, request: SMB::NTLMChallenge%);
+
+## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI NTLM message of type *authenticate*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## negotiate: The parsed data of the NTLM message. See init-bare for more details.
+##
+event smb_ntlm_authenticate%(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate%);
+
+## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI message of type *accept-completed*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+event smb_ntlm_accepted%(c: connection, hdr: SMB1::Header%);
+
+
+#### Types
+
+type SMB::NTLMNegotiate: record;
+type SMB::NTLMChallenge: record;
+type SMB::NTLMAuthenticate: record;
+
+type SMB::NTLMNegotiateFlags: record;
+type SMB::NTLMVersion: record;
+type SMB::NTLMAVs: record;
diff --git a/src/analyzer/protocol/smb/smb_pipe.bif b/src/analyzer/protocol/smb/smb_pipe.bif
new file mode 100644
index 0000000000..b4116781b8
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb_pipe.bif
@@ -0,0 +1,6 @@
+## TODO
+event smb_atsvc_job_add%(c: connection, server: string, job: string%);
+
+## TODO
+event smb_atsvc_job_id%(c: connection, id: count, status: count%);
+
diff --git a/src/analyzer/protocol/smb/types.bif b/src/analyzer/protocol/smb/types.bif
new file mode 100644
index 0000000000..4714046a62
--- /dev/null
+++ b/src/analyzer/protocol/smb/types.bif
@@ -0,0 +1,7 @@
+type SMB::MACTimes: record;
+
+type SMB1::Header: record;
+
+type SMB2::Header: record;
+type SMB2::GUID: record;
+type SMB2::FileAttrs: record;
\ No newline at end of file

From a06577d2858f505af936153ff3aac62448cb0380 Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Tue, 2 Sep 2014 20:44:26 -0400
Subject: [PATCH 02/84] Update the NetBIOS analyzer for the SMB changes.

---
 src/analyzer/protocol/netbios/NetbiosSSN.cc | 37 ++++++++++-----------
 src/analyzer/protocol/netbios/NetbiosSSN.h  | 10 +++---
 2 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/src/analyzer/protocol/netbios/NetbiosSSN.cc b/src/analyzer/protocol/netbios/NetbiosSSN.cc
index d65a152b2f..ef48df3917 100644
--- a/src/analyzer/protocol/netbios/NetbiosSSN.cc
+++ b/src/analyzer/protocol/netbios/NetbiosSSN.cc
@@ -47,11 +47,10 @@ NetbiosDGM_RawMsgHdr::NetbiosDGM_RawMsgHdr(const u_char*& data, int& len)
 	}
 
 
-NetbiosSSN_Interpreter::NetbiosSSN_Interpreter(analyzer::Analyzer* arg_analyzer,
-					       smb::SMB_Session* arg_smb_session)
+NetbiosSSN_Interpreter::NetbiosSSN_Interpreter(Analyzer* arg_analyzer)
 	{
 	analyzer = arg_analyzer;
-	smb_session = arg_smb_session;
+	//smb_session = arg_smb_session;
 	}
 
 int NetbiosSSN_Interpreter::ParseMessage(unsigned int type, unsigned int flags,
@@ -106,11 +105,11 @@ int NetbiosSSN_Interpreter::ParseMessage(unsigned int type, unsigned int flags,
 int NetbiosSSN_Interpreter::ParseDatagram(const u_char* data, int len,
 						int is_query)
 	{
-	if ( smb_session )
-		{
-		smb_session->Deliver(is_query, len, data);
-		return 0;
-		}
+	//if ( smb_session )
+	//	{
+	//	smb_session->Deliver(is_query, len, data);
+	//	return 0;
+	//	}
 
 	return 0;
  	}
@@ -132,8 +131,8 @@ int NetbiosSSN_Interpreter::ParseBroadcast(const u_char* data, int len,
 	delete srcname;
 	delete dstname;
 
-	if ( smb_session )
-		smb_session->Deliver(is_query, len, data);
+	//if ( smb_session )
+	//	smb_session->Deliver(is_query, len, data);
 
 	return 0;
 	}
@@ -188,12 +187,12 @@ int NetbiosSSN_Interpreter::ParseSessionMsg(const u_char* data, int len,
 		return 0;
 		}
 
-	if ( smb_session )
-		{
-		smb_session->Deliver(is_query, len, data);
-		return 0;
-		}
-	else
+	//if ( smb_session )
+	//	{
+	//	smb_session->Deliver(is_query, len, data);
+	//	return 0;
+	//	}
+	//else
 		{
 		analyzer->Weird("no_smb_session_using_parsesambamsg");
 		data += 4;
@@ -458,8 +457,8 @@ void Contents_NetbiosSSN::DeliverStream(int len, const u_char* data, bool orig)
 NetbiosSSN_Analyzer::NetbiosSSN_Analyzer(Connection* conn)
 : tcp::TCP_ApplicationAnalyzer("NETBIOS", conn)
 	{
-	smb_session = new smb::SMB_Session(this);
-	interp = new NetbiosSSN_Interpreter(this, smb_session);
+	//smb_session = new SMB_Session(this);
+	interp = new NetbiosSSN_Interpreter(this);
 	orig_netbios = resp_netbios = 0;
 	did_session_done = 0;
 
@@ -481,7 +480,7 @@ NetbiosSSN_Analyzer::NetbiosSSN_Analyzer(Connection* conn)
 NetbiosSSN_Analyzer::~NetbiosSSN_Analyzer()
 	{
 	delete interp;
-	delete smb_session;
+	//delete smb_session;
 	}
 
 void NetbiosSSN_Analyzer::Done()
diff --git a/src/analyzer/protocol/netbios/NetbiosSSN.h b/src/analyzer/protocol/netbios/NetbiosSSN.h
index 7fbe967841..79fe796116 100644
--- a/src/analyzer/protocol/netbios/NetbiosSSN.h
+++ b/src/analyzer/protocol/netbios/NetbiosSSN.h
@@ -5,7 +5,7 @@
 
 #include "analyzer/protocol/udp/UDP.h"
 #include "analyzer/protocol/tcp/TCP.h"
-#include "analyzer/protocol/smb/SMB.h"
+//#include "analyzer/protocol/smb/SMB.h"
 
 namespace analyzer { namespace netbios_ssn {
 
@@ -64,7 +64,7 @@ struct NetbiosDGM_RawMsgHdr {
 
 class NetbiosSSN_Interpreter {
 public:
-	NetbiosSSN_Interpreter(analyzer::Analyzer* analyzer, smb::SMB_Session* smb_session);
+	NetbiosSSN_Interpreter(Analyzer* analyzer);
 
 	int ParseMessage(unsigned int type, unsigned int flags,
 			const u_char* data, int len, int is_query);
@@ -99,8 +99,8 @@ protected:
 			u_char*& xname, int& xlen);
 
 protected:
-	analyzer::Analyzer* analyzer;
-	smb::SMB_Session* smb_session;
+	Analyzer* analyzer;
+	//SMB_Session* smb_session;
 };
 
 
@@ -159,7 +159,7 @@ protected:
 	void ExpireTimer(double t);
 
 	NetbiosSSN_Interpreter* interp;
-	smb::SMB_Session* smb_session;
+	//SMB_Session* smb_session;
 	Contents_NetbiosSSN* orig_netbios;
 	Contents_NetbiosSSN* resp_netbios;
 	int did_session_done;

From f1696ab534d55e3713d7a66d19b74420b0215760 Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Tue, 2 Sep 2014 20:44:58 -0400
Subject: [PATCH 03/84] Update NetVar for the SMB changes.

---
 src/NetVar.cc                        |  16 +-
 src/NetVar.h                         |   8 +-
 src/analyzer/protocol/smb/events.bif | 495 ---------------------------
 3 files changed, 3 insertions(+), 516 deletions(-)
 delete mode 100644 src/analyzer/protocol/smb/events.bif

diff --git a/src/NetVar.cc b/src/NetVar.cc
index 0a11a754bb..0c880e0486 100644
--- a/src/NetVar.cc
+++ b/src/NetVar.cc
@@ -20,6 +20,7 @@ TableType* string_set;
 TableType* string_array;
 TableType* count_set;
 VectorType* string_vec;
+VectorType* index_vec;
 VectorType* mime_matches;
 RecordType* mime_match;
 
@@ -101,13 +102,6 @@ RecordType* pm_callit_request;
 
 RecordType* ntp_msg;
 
-TableVal* samba_cmds;
-RecordType* smb_hdr;
-RecordType* smb_trans;
-RecordType* smb_trans_data;
-RecordType* smb_tree_connect;
-TableType* smb_negotiate;
-
 RecordType* geo_location;
 
 RecordType* entropy_test_result;
@@ -329,6 +323,7 @@ void init_net_var()
 	string_set = internal_type("string_set")->AsTableType();
 	string_array = internal_type("string_array")->AsTableType();
 	string_vec = internal_type("string_vec")->AsVectorType();
+	index_vec = internal_type("index_vec")->AsVectorType();
 	mime_match = internal_type("mime_match")->AsRecordType();
 	mime_matches = internal_type("mime_matches")->AsVectorType();
 
@@ -424,13 +419,6 @@ void init_net_var()
 
 	ntp_msg = internal_type("ntp_msg")->AsRecordType();
 
-	samba_cmds = internal_val("samba_cmds")->AsTableVal();
-	smb_hdr = internal_type("smb_hdr")->AsRecordType();
-	smb_trans = internal_type("smb_trans")->AsRecordType();
-	smb_trans_data = internal_type("smb_trans_data")->AsRecordType();
-	smb_tree_connect = internal_type("smb_tree_connect")->AsRecordType();
-	smb_negotiate = internal_type("smb_negotiate")->AsTableType();
-
 	geo_location = internal_type("geo_location")->AsRecordType();
 
 	entropy_test_result = internal_type("entropy_test_result")->AsRecordType();
diff --git a/src/NetVar.h b/src/NetVar.h
index c726c793b2..4cdbd2766e 100644
--- a/src/NetVar.h
+++ b/src/NetVar.h
@@ -23,6 +23,7 @@ extern TableType* string_set;
 extern TableType* string_array;
 extern TableType* count_set;
 extern VectorType* string_vec;
+extern VectorType* index_vec;
 extern VectorType* mime_matches;
 extern RecordType* mime_match;
 
@@ -104,13 +105,6 @@ extern RecordType* pm_callit_request;
 
 extern RecordType* ntp_msg;
 
-extern TableVal* samba_cmds;
-extern RecordType* smb_hdr;
-extern RecordType* smb_trans;
-extern RecordType* smb_trans_data;
-extern RecordType* smb_tree_connect;
-extern TableType* smb_negotiate;
-
 extern RecordType* geo_location;
 
 extern RecordType* entropy_test_result;
diff --git a/src/analyzer/protocol/smb/events.bif b/src/analyzer/protocol/smb/events.bif
deleted file mode 100644
index 74cb1feb77..0000000000
--- a/src/analyzer/protocol/smb/events.bif
+++ /dev/null
@@ -1,495 +0,0 @@
-## Generated for all SMB/CIFS messages.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## is_orig: True if the message was sent by the originator of the underlying
-##       transport-level connection.
-##
-## cmd: A string mnemonic of the SMB command code.
-##
-## body_length: The length of the SMB message body, i.e. the data starting after
-##         the SMB header.
-##
-## body: The raw SMB message body, i.e., the data starting after the SMB header.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction smb_com_transaction2
-##    smb_com_tree_connect_andx smb_com_tree_disconnect smb_com_write_andx smb_error
-##    smb_get_dfs_referral
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_message%(c: connection, hdr: smb_hdr, is_orig: bool, cmd: string, body_length: count, body: string%);
-
-## Generated for SMB/CIFS messages of type *tree connect andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## path: The ``path`` attribute specified in the message.
-##
-## service: The ``service`` attribute specified in the message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction smb_com_transaction2
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_tree_connect_andx%(c: connection, hdr: smb_hdr, path: string, service: string%);
-
-## Generated for SMB/CIFS messages of type *tree disconnect*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction smb_com_transaction2
-##    smb_com_tree_connect_andx  smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_tree_disconnect%(c: connection, hdr: smb_hdr%);
-
-## Generated for SMB/CIFS messages of type *nt create andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## name: The ``name`` attribute specified in the message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_read_andx
-##    smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_nt_create_andx%(c: connection, hdr: smb_hdr, name: string%);
-
-## Generated for SMB/CIFS messages of type *nt transaction*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## trans: The parsed transaction header.
-##
-## data: The raw transaction data.
-##
-## is_orig: True if the message was sent by the originator of the connection.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_pipe
-##    smb_com_trans_rap smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_transaction%(c: connection, hdr: smb_hdr, trans: smb_trans, data: smb_trans_data, is_orig: bool%);
-
-## Generated for SMB/CIFS messages of type *nt transaction 2*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## trans: The parsed transaction header.
-##
-## data: The raw transaction data.
-##
-## is_orig: True if the message was sent by the originator of the connection.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_pipe
-##    smb_com_trans_rap smb_com_transaction smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_transaction2%(c: connection, hdr: smb_hdr, trans: smb_trans, data: smb_trans_data, is_orig: bool%);
-
-## Generated for SMB/CIFS messages of type *transaction mailslot*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## trans: The parsed transaction header.
-##
-## data: The raw transaction data.
-##
-## is_orig: True if the message was sent by the originator of the connection.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_trans_mailslot%(c: connection, hdr: smb_hdr, trans: smb_trans, data: smb_trans_data, is_orig: bool%);
-
-## Generated for SMB/CIFS messages of type *transaction rap*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## trans: The parsed transaction header.
-##
-## data: The raw transaction data.
-##
-## is_orig: True if the message was sent by the originator of the connection.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe  smb_com_transaction smb_com_transaction2
-##    smb_com_tree_connect_andx smb_com_tree_disconnect smb_com_write_andx smb_error
-##    smb_get_dfs_referral smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_trans_rap%(c: connection, hdr: smb_hdr, trans: smb_trans, data: smb_trans_data, is_orig: bool%);
-
-## Generated for SMB/CIFS messages of type *transaction pipe*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## trans: The parsed transaction header.
-##
-## data: The raw transaction data.
-##
-## is_orig: True if the message was sent by the originator of the connection.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_trans_pipe%(c: connection, hdr: smb_hdr, trans: smb_trans, data: smb_trans_data, is_orig: bool%);
-
-## Generated for SMB/CIFS messages of type *read andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## data: Always empty.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_read_andx%(c: connection, hdr: smb_hdr, data: string%);
-
-## Generated for SMB/CIFS messages of type *read andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## data: Always empty.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction smb_com_transaction2
-##    smb_com_tree_connect_andx smb_com_tree_disconnect  smb_error
-##    smb_get_dfs_referral smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_write_andx%(c: connection, hdr: smb_hdr, data: string%);
-
-## Generated for SMB/CIFS messages of type *get dfs referral*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## max_referral_level: The ``max_referral_level`` attribute specified in the
-##                     message.
-##
-## file_name: The ``filene_name`` attribute specified in the message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction smb_com_transaction2
-##    smb_com_tree_connect_andx smb_com_tree_disconnect smb_com_write_andx smb_error
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_get_dfs_referral%(c: connection, hdr: smb_hdr, max_referral_level: count, file_name: string%);
-
-## Generated for SMB/CIFS messages of type *negotiate*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate_response smb_com_nt_create_andx smb_com_read_andx smb_com_setup_andx
-##    smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap smb_com_transaction
-##    smb_com_transaction2 smb_com_tree_connect_andx smb_com_tree_disconnect
-##    smb_com_write_andx smb_error smb_get_dfs_referral smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_negotiate%(c: connection, hdr: smb_hdr%);
-
-## Generated for SMB/CIFS messages of type *negotiate response*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## dialect_index: The ``dialect`` indicated in the message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate  smb_com_nt_create_andx smb_com_read_andx smb_com_setup_andx
-##    smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap smb_com_transaction
-##    smb_com_transaction2 smb_com_tree_connect_andx smb_com_tree_disconnect
-##    smb_com_write_andx smb_error smb_get_dfs_referral smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_negotiate_response%(c: connection, hdr: smb_hdr, dialect_index: count%);
-
-## Generated for SMB/CIFS messages of type *setup andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx  smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_setup_andx%(c: connection, hdr: smb_hdr%);
-
-## Generated for SMB/CIFS messages of type *generic andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## .. bro:see:: smb_com_close  smb_com_logoff_andx smb_com_negotiate
-##    smb_com_negotiate_response smb_com_nt_create_andx smb_com_read_andx
-##    smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_generic_andx%(c: connection, hdr: smb_hdr%);
-
-## Generated for SMB/CIFS messages of type *close*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## .. bro:see::  smb_com_generic_andx smb_com_logoff_andx smb_com_negotiate
-##    smb_com_negotiate_response smb_com_nt_create_andx smb_com_read_andx
-##    smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_close%(c: connection, hdr: smb_hdr%);
-
-## Generated for SMB/CIFS messages of type *logoff andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_negotiate
-##    smb_com_negotiate_response smb_com_nt_create_andx smb_com_read_andx
-##    smb_com_setup_andx smb_com_trans_mailslot smb_com_trans_pipe smb_com_trans_rap
-##    smb_com_transaction smb_com_transaction2 smb_com_tree_connect_andx
-##    smb_com_tree_disconnect smb_com_write_andx smb_error smb_get_dfs_referral
-##    smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_com_logoff_andx%(c: connection, hdr: smb_hdr%);
-
-## Generated for SMB/CIFS messages that indicate an error. This event is
-## triggered by an SMB header including a status that signals an error.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## cmd: The SMB command code.
-##
-## cmd_str: A string mnemonic of the SMB command code.
-##
-## data: The raw SMB message body, i.e., the data starting after the SMB header.
-##
-## .. bro:see:: smb_com_close smb_com_generic_andx smb_com_logoff_andx
-##    smb_com_negotiate smb_com_negotiate_response smb_com_nt_create_andx
-##    smb_com_read_andx smb_com_setup_andx smb_com_trans_mailslot
-##    smb_com_trans_pipe smb_com_trans_rap smb_com_transaction smb_com_transaction2
-##    smb_com_tree_connect_andx smb_com_tree_disconnect smb_com_write_andx
-##    smb_get_dfs_referral smb_message
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event smb_error%(c: connection, hdr: smb_hdr, cmd: count, cmd_str: string, data: string%);
-

From e4ca5881278e1508f73f3f44e0cb31a44770034b Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sat, 27 Sep 2014 03:11:01 -0400
Subject: [PATCH 04/84] Does the initial effort to add the SMB2 SetInfo command
 and better handle file lengths.

---
 scripts/base/init-bare.bro                    |  4 ++
 scripts/base/protocols/smb/files.bro          |  3 ++
 scripts/base/protocols/smb/smb1-main.bro      |  7 ++-
 scripts/base/protocols/smb/smb2-main.bro      |  8 ++++
 src/analyzer/protocol/smb/CMakeLists.txt      |  2 +
 src/analyzer/protocol/smb/smb.pac             |  2 +
 .../protocol/smb/smb1-com-nt-create-andx.pac  |  8 ++--
 src/analyzer/protocol/smb/smb2-com-create.pac |  8 ++--
 .../protocol/smb/smb2-com-set-info.pac        | 48 +++++++++++++++++++
 src/analyzer/protocol/smb/smb2-protocol.pac   | 18 -------
 .../protocol/smb/smb2_com_set_info.bif        |  3 ++
 11 files changed, 83 insertions(+), 28 deletions(-)
 create mode 100644 src/analyzer/protocol/smb/smb2-com-set-info.pac
 create mode 100644 src/analyzer/protocol/smb/smb2_com_set_info.bif

diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro
index e4c69c07bb..49752ff12f 100644
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@@ -2706,6 +2706,10 @@ export {
 		flags: SMB2::SessionSetupFlags;
 	};
 
+	type SMB2::SetInfoRequest: record {
+		eof: count;
+	};
+
 	type SMB2::TreeConnectResponse: record {
 		share_type: count;
 	};
diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.bro
index dde3d179a7..8c4eb083e3 100644
--- a/scripts/base/protocols/smb/files.bro
+++ b/scripts/base/protocols/smb/files.bro
@@ -57,6 +57,9 @@ event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priori
 		{
 		c$smb$current_file$fuid = f$id;
 
+		if ( c$smb$current_file$size > 0 )
+			f$total_bytes = c$smb$current_file$size;
+
 		if ( c$smb$current_file?$name )
 			f$info$filename = c$smb$current_file$name;
 		}
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 5aeee80c30..8dc38806ed 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -127,10 +127,13 @@ event smb1_nt_create_andx_response(c: connection, hdr: SMB1::Header, file_id: co
 	# We can identify the file by its file id now so let's stick it 
 	# in the file map.
 	c$smb$fid_map[file_id] = c$smb$current_file;
-
-	SMB::write_file_log(c$smb$current_file);
 	}
 	
+event smb1_nt_create_andx_response(c: connection, hdr: SMB1::Header, file_id: count, file_size: count, times: SMB::MACTimes) &priority=-5
+	{
+	SMB::write_file_log(c$smb$current_file);
+	}
+
 event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count) &priority=5
 	{
 	SMB::set_current_file(c$smb, file_id);
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index 7dc36c3717..a5bff4a3dc 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -131,10 +131,18 @@ event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID
 	# We can identify the file by its file id now so let's stick it 
 	# in the file map.
 	c$smb$fid_map[file_id$persistent+file_id$volatile] = c$smb$current_file;
+	}
 
+event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, file_size: count, times: SMB::MACTimes, attrs: SMB2::FileAttrs) &priority=-5
+	{
 	SMB::write_file_log(c$smb$current_file);
 	}
 
+event smb2_set_info_request(c: connection, hdr: SMB2::Header, request: SMB2::SetInfoRequest) &priority=5
+	{
+	c$smb$current_file$size = request$eof;
+	}
+
 event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
 	{
 	SMB::set_current_file(c$smb, file_id$persistent+file_id$volatile);
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index ef05ad353c..4dbb4d1d31 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -30,6 +30,7 @@ bro_plugin_bif(
 	smb2_com_negotiate.bif
 	smb2_com_read.bif
 	smb2_com_session_setup.bif
+	smb2_com_set_info.bif
 	smb2_com_tree_connect.bif
 	smb2_com_tree_disconnect.bif
 	smb2_com_write.bif
@@ -72,6 +73,7 @@ bro_plugin_pac(
 	smb2-com-negotiate.pac
 	smb2-com-read.pac
 	smb2-com-session-setup.pac
+	smb2-com-set-info.pac
 	smb2-com-tree-connect.pac
 	smb2-com-tree-disconnect.pac
 	smb2-com-write.pac
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index f4ff41a680..802b5be123 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -30,6 +30,7 @@
 #include "smb2_com_negotiate.bif.h"
 #include "smb2_com_read.bif.h"
 #include "smb2_com_session_setup.bif.h"
+#include "smb2_com_set_info.bif.h"
 #include "smb2_com_tree_connect.bif.h"
 #include "smb2_com_tree_disconnect.bif.h"
 #include "smb2_com_write.bif.h"
@@ -81,6 +82,7 @@ connection SMB_Conn(bro_analyzer: BroAnalyzer) {
 %include smb2-com-negotiate.pac
 %include smb2-com-read.pac
 %include smb2-com-session-setup.pac
+%include smb2-com-set-info.pac
 %include smb2-com-tree-connect.pac
 %include smb2-com-tree-disconnect.pac
 %include smb2-com-write.pac
diff --git a/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac b/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
index 8d3bbea892..81e3429d1b 100644
--- a/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
@@ -60,10 +60,10 @@ refine connection SMB_Conn += {
 
 		if ( ${val.end_of_file} > 0 )
 			{
-			file_mgr->SetSize(${val.end_of_file}, 
-			                  bro_analyzer()->GetAnalyzerTag(),
-			                  bro_analyzer()->Conn(),
-			                  header->is_orig());
+			//file_mgr->SetSize(${val.end_of_file}, 
+			//                  bro_analyzer()->GetAnalyzerTag(),
+			//                  bro_analyzer()->Conn(),
+			//                  header->is_orig());
 			}
 
 		return true;
diff --git a/src/analyzer/protocol/smb/smb2-com-create.pac b/src/analyzer/protocol/smb/smb2-com-create.pac
index a26f4e355f..870298aef9 100644
--- a/src/analyzer/protocol/smb/smb2-com-create.pac
+++ b/src/analyzer/protocol/smb/smb2-com-create.pac
@@ -31,10 +31,10 @@ refine connection SMB_Conn += {
 
 		if ( ${val.eof} > 0 )
 			{
-			file_mgr->SetSize(${val.eof}, 
-			                  bro_analyzer()->GetAnalyzerTag(),
-			                  bro_analyzer()->Conn(),
-			                  h->is_orig());
+			//file_mgr->SetSize(${val.eof}, 
+			//                  bro_analyzer()->GetAnalyzerTag(),
+			//                  bro_analyzer()->Conn(),
+			//                  h->is_orig());
 			}
 
 		return true;
diff --git a/src/analyzer/protocol/smb/smb2-com-set-info.pac b/src/analyzer/protocol/smb/smb2-com-set-info.pac
new file mode 100644
index 0000000000..e12333f47f
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-set-info.pac
@@ -0,0 +1,48 @@
+enum smb2_set_info_type {
+	SMB2_0_INFO_FILE       = 0x01,
+	SMB2_0_INFO_FILESYSTEM = 0x02,
+	SMB2_0_INFO_SECURITY   = 0x03,
+	SMB2_0_INFO_QUOTA      = 0x04
+};
+
+refine connection SMB_Conn += {
+
+	function proc_smb2_set_info_request(h: SMB2_Header, val: SMB2_set_info_request): bool
+		%{
+		if ( smb2_set_info_request && 
+		     ${val.info_type} == SMB2_0_INFO_FILE &&
+		     ${val.file_info_class} == 0x14 )
+			{
+			RecordVal* req = new RecordVal(BifType::Record::SMB2::SetInfoRequest);
+			req->Assign(0, new Val(${val.eof}, TYPE_COUNT));
+
+			BifEvent::generate_smb2_set_info_request(bro_analyzer(),
+			                                         bro_analyzer()->Conn(),
+			                                         BuildSMB2HeaderVal(h),
+			                                         req);
+			}
+
+		return true;
+		%}
+};
+
+type SMB2_set_info_request(header: SMB2_Header) = record {
+	structure_size      : uint16;
+	info_type           : uint8;
+	file_info_class     : uint8; # this needs a switch below
+	buffer_len          : uint32;
+	buffer_offset       : uint16;
+	reserved            : uint16;
+	additional_info     : uint32;
+	file_id             : SMB2_guid;
+	pad                 : padding to buffer_offset - header.head_length;
+
+	# TODO: a new structure needs to be created for this.
+	eof                 : uint64;
+} &let {
+	proc: bool = $context.connection.proc_smb2_set_info_request(header, this);
+};
+
+type SMB2_set_info_response(header: SMB2_Header) = record {
+	structure_size      : uint16;
+};
diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac
index 09299fe086..8d8be281a3 100644
--- a/src/analyzer/protocol/smb/smb2-protocol.pac
+++ b/src/analyzer/protocol/smb/smb2-protocol.pac
@@ -399,24 +399,6 @@ type SMB2_query_info_response(header: SMB2_Header) = record {
 	buffer              : bytestring &length = buffer_len;
 };
 
-type SMB2_set_info_request(header: SMB2_Header) = record {
-	structure_size      : uint16;
-	info_type           : uint8;
-	file_info_class     : uint8;
-	buffer_len          : uint32;
-	buffer_offset       : uint16;
-	reserved            : uint16;
-	additional_info     : uint32;
-	file_id             : SMB2_guid;
-	pad                 : padding to buffer_offset - header.head_length;
-	# TODO: a new structure needs to be created for this.
-	buffer              : bytestring &length = buffer_len;
-};
-
-type SMB2_set_info_response(header: SMB2_Header) = record {
-	structure_size      : uint16;
-};
-
 type SMB2_oplock_break(header: SMB2_Header) = record {
 	structure_size      : uint16;
 	oplock_level        : uint8;
diff --git a/src/analyzer/protocol/smb/smb2_com_set_info.bif b/src/analyzer/protocol/smb/smb2_com_set_info.bif
new file mode 100644
index 0000000000..c750f88b32
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2_com_set_info.bif
@@ -0,0 +1,3 @@
+event smb2_set_info_request%(c: connection, hdr: SMB2::Header, request: SMB2::SetInfoRequest%);
+
+type SMB2::SetInfoRequest: record;

From 9a947eaffebbbf056edbd8ab9f33147422fa0875 Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Fri, 3 Oct 2014 19:19:07 -0400
Subject: [PATCH 05/84] Redo the NTLM parsing to correctly parse ASN.1.
 Previously, this was causing it to prematurely raise a protocol violation on
 many (most?) connections.

---
 .../protocol/smb/smb-ntlmssp-asn1.pac         |  57 ++++++
 src/analyzer/protocol/smb/smb-ntlmssp.pac     | 174 +++++++++---------
 src/analyzer/protocol/smb/smb.pac             |   1 +
 3 files changed, 149 insertions(+), 83 deletions(-)
 create mode 100644 src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac

diff --git a/src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac b/src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac
new file mode 100644
index 0000000000..0cb459d26c
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac
@@ -0,0 +1,57 @@
+# Supporting types for ASN.1
+#
+# From the Kerberos analyzer
+#
+# TODO: Figure out a way to include this code only once.
+
+type ASN1Encoding = record {
+     meta:    ASN1EncodingMeta;
+     content: bytestring &length = meta.length;
+};
+
+type ASN1EncodingMeta = record {
+     tag:      uint8;
+     len:      uint8;
+     more_len: bytestring &length = long_len ? len & 0x7f : 0;
+} &let {
+     long_len: bool = len & 0x80;
+     length:   uint64 = long_len ? binary_to_int64(more_len) : len & 0x7f;
+	 index:    uint8 = tag - 160;
+};
+
+type ASN1Integer = record {
+     encoding: ASN1Encoding;
+};
+
+type ASN1OctetString = record {
+     encoding: ASN1Encoding;
+};
+
+type SequenceElement(grab_content: bool) = record {
+     index_meta: ASN1EncodingMeta;
+     have_content: case grab_content of {
+     	true  -> data: ASN1Encoding;
+		false -> meta: ASN1EncodingMeta;
+     };
+} &let {
+     index: uint8 = index_meta.index;
+     length: uint64 = index_meta.length;
+};
+
+type Array = record {
+     array_meta: ASN1EncodingMeta;
+     data: ASN1Encoding[];
+};
+
+function binary_to_int64(bs: bytestring): int64
+	%{
+	int64 rval = 0;
+
+	for ( int i = 0; i < bs.length(); ++i )
+	    {
+	    uint64 byte = bs[i];
+	    rval |= byte << (8 * (bs.length() - (i + 1)));
+	    }
+
+	return rval;
+	%}
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
index d95177c5a3..c57ca4287b 100644
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -94,9 +94,22 @@ refine connection SMB_Conn += {
 		return result;
 		%}
 
-	function proc_smb_ntlm_accept(header: SMB_Header): bool
+	function proc_smb_ntlm_ssp(header: SMB_Header, val:SMB_NTLM_SSP): bool
 		%{
-		BifEvent::generate_smb_ntlm_accepted(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+		if ( ${val.gssapi.is_init} )
+			return true;
+		for ( uint i = 0; i < ${val.gssapi.resp.args}->size(); ++i )
+			{
+			switch ( ${val.gssapi.resp.args[i].seq_meta.index} )
+				{
+				case 0:
+					if ( ${val.gssapi.resp.args[i].args.neg_state} == 0 )
+					 	BifEvent::generate_smb_ntlm_accepted(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+					break;
+				default:
+					break;
+				}
+			}
 		return true;
 		%}
 
@@ -130,87 +143,85 @@ refine connection SMB_Conn += {
 		%{
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAuthenticate);
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-		result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
-		result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
-		result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
-		if ( ${val.flags.negotiate_version} )       result->Assign(4, build_version_record(${val.version}));
+//		result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+//		result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
+//		result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
+//		if ( ${val.flags.negotiate_version} )       result->Assign(4, build_version_record(${val.version}));
 
 		BifEvent::generate_smb_ntlm_authenticate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
 
 		return true;
 		%}
 
-	function convert_der_num(is_long: bool, first: uint8, fields: bytestring): uint64
-		%{
-		if (!is_long) return first;
-
-		int result;
-		result = 0;
-
-		for (uint i = 0; i < fields.length(); i++)
-			{
-			result << 8;
-			result += ${fields[i]};
-			}
-		return result;
-		%}
-
-	function test_accepted(m: SMB_NTLM_SSP): bool
-		%{
-		if ( ${m.gssapi}->size() < 4 )
-			return false;
-		return ( ${m.gssapi[3].tag} == 10 && ${m.gssapi[3].value} == "\x00" );		         
-		%}
-
 };
 
-type DER_Length = record {
-	first : uint8;
-	rest  : bytestring &length=size;
+type GSSAPI_NEG_TOKEN(header: SMB_Header) = record {
+	wrapper 		 : ASN1EncodingMeta;
+	have_oid	     : case is_init of {
+		true  -> oid: ASN1Encoding;
+		false -> no_oid: empty;
+	};
+	have_init_wrapper: case is_init of {
+		true  -> init_wrapper: ASN1EncodingMeta;
+		false -> no_init_wrapper: empty;
+	};
+	msg_type         : case is_init of {
+		true  -> init: GSSAPI_NEG_TOKEN_INIT(header);
+		false -> resp: GSSAPI_NEG_TOKEN_RESP(header);
+	};
 } &let {
-	is_long_form : bool = (first >= 128);
-	size	     : uint8 = is_long_form ? first % 128 : 0;
-	value        : uint64 = $context.connection.convert_der_num(is_long_form, first, rest);
+	is_init: bool = wrapper.tag == 0x60;
 };
 
-type DER_ASN = record {
-	tag: uint8;
-	length: DER_Length;
-	skip_constructed: case (is_primitive && (tag != 0x04) ) of {
-		true -> value: bytestring &length=length.value;
-		false -> nothing: empty;
-	} &requires(is_primitive);
-} &let {
-	is_primitive: bool = (tag & 0x20) == 0;
-	last: bool = tag == 0x04;
+type GSSAPI_NEG_TOKEN_INIT(header: SMB_Header) = record {
+	seq_meta: ASN1EncodingMeta;
+	args	: GSSAPI_NEG_TOKEN_INIT_Arg(header)[];
+};
+
+type GSSAPI_NEG_TOKEN_INIT_Arg(header: SMB_Header) = record {
+	seq_meta: ASN1EncodingMeta;
+	args	: GSSAPI_NEG_TOKEN_INIT_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
+};
+
+type GSSAPI_NEG_TOKEN_INIT_Arg_Data(header: SMB_Header, index: uint8) = case index of {
+	0 -> mech_type_list	: ASN1Encoding;
+	1 -> req_flags		: ASN1Encoding;
+	2 -> mech_token		: SMB_NTLM_SSP_Token(header);
+	3 -> mech_list_mic	: ASN1OctetString;
+};
+
+type GSSAPI_NEG_TOKEN_RESP(header: SMB_Header) = record {
+	seq_meta: ASN1EncodingMeta;
+	args	: GSSAPI_NEG_TOKEN_RESP_Arg(header)[];
+};
+
+type GSSAPI_NEG_TOKEN_RESP_Arg(header: SMB_Header) = record {
+	seq_meta: ASN1EncodingMeta;
+	args	: GSSAPI_NEG_TOKEN_RESP_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
+};
+
+type GSSAPI_NEG_TOKEN_RESP_Arg_Data(header: SMB_Header, index: uint8) = case index of {
+	0 -> neg_state		: ASN1Integer;
+	1 -> supported_mech	: ASN1Encoding;
+	2 -> response_token	: SMB_NTLM_SSP_Token(header);
+	3 -> mech_list_mic	: ASN1OctetString;
 };
 
 type SMB_NTLM_SSP(header: SMB_Header) = record {
-	gssapi     : DER_ASN[] &until ($element.last);
-	skip_accepted: case ( is_accepted ) of {
-		true  -> nothing: empty;
-		false -> token: SMB_NTLM_Neg_Token(header);
-	} &requires(is_accepted);
+	gssapi   : GSSAPI_NEG_TOKEN(header);
 } &let {
-	is_accepted: bool = $context.connection.test_accepted(this);
-	proc:        bool = $context.connection.proc_smb_ntlm_accept(header) &if(is_accepted);
+	proc:        bool = $context.connection.proc_smb_ntlm_ssp(header, this);
 };
 
-type SMB_NTLM_Neg_Token(header: SMB_Header) = record {
-	identifier : bytestring &length=8;
-	msg_type   : uint32;
-	msg	   : case msg_type of {
-		0 -> accept       : empty;
-		1 -> negotiate    : SMB_NTLM_Negotiate(header, 12);
-		2 -> challenge    : SMB_NTLM_Challenge(header, 12);
-		3 -> authenticate : SMB_NTLM_Authenticate(header, 12);
-	};
-} &let {
-	is_accept	: bool = (msg_type == 0);
-	is_negotiate    : bool = (msg_type == 1);
-	is_challenge    : bool = (msg_type == 2);
-	is_authenticate : bool = (msg_type == 3);
-	proc		: bool = $context.connection.proc_smb_ntlm_accept(header) &if is_accept;
+type SMB_NTLM_SSP_Token(header: SMB_Header) = record {
+	meta: ASN1EncodingMeta;
+	signature: bytestring &length=8;
+	msg_type : uint32;
+	msg      : case msg_type of {
+	 	1 -> negotiate   : SMB_NTLM_Negotiate(header, offsetof(msg) - offsetof(signature));
+		2 -> challenge   : SMB_NTLM_Challenge(header, offsetof(msg) - offsetof(signature));
+		3 -> authenticate: SMB_NTLM_Authenticate(header, offsetof(msg) - offsetof(signature));
+	};	 
 };
 
 type SMB_NTLM_Negotiate(header: SMB_Header, offset: uint16) = record {
@@ -259,17 +270,14 @@ type SMB_NTLM_Authenticate(header: SMB_Header, offset: uint16) = record {
 		true -> version: SMB_NTLM_Version;
 		false -> no_version: empty;
 	};
-	mic		             : bytestring &length=16;
+#	mic		             : bytestring &length=16;
 	payload			     : bytestring &restofdata;
 } &let {
 	absolute_offset              : uint16 = offsetof(payload) + offset;
-	domain_name		     : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload;
-	user_name		     : SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload;
-	workstation		     : SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload;
-	encrypted_session_key	     : SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
-#	lm_response		     : SMB_LM_Response(lm_challenge_response_fields.offset - absolute_offset) withinput payload &if(lm_challenge_response_fields.length > 0);
-#	ntlm_response		     : SMB_NTLM_Response(nt_challenge_response_fields.offset - absolute_offset) withinput payload &if(nt_challenge_response_fields.length == 24);
-#	ntlmv2_response		     : SMB_NTLM_Response(nt_challenge_response_fields.offset - absolute_offset) withinput payload &if(nt_challenge_response_fields.length > 24);	 
+	domain_name		     : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
+	user_name		     : SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
+	workstation		     : SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
+	encrypted_session_key	     : SMB_NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
 	proc		             : bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
 };
 
@@ -287,15 +295,15 @@ type SMB_NTLM_StringData = record {
 	offset	   : uint32;
 };
 
-type SMB_Fixed_Length_String(unicode: bool) = record {
-	s: bytestring &restofdata;
+type SMB_Fixed_Length_String(unicode: bool, length: uint16) = record {
+	s: bytestring &length=length;
 } &let {
 	data: bytestring = $context.connection.unicode_to_ascii(s, sizeof(s), unicode);
 };
 
 type SMB_NTLM_String(fields: SMB_NTLM_StringData, offset: uint16, unicode: bool) = record {
 	      : padding to fields.offset - offset;
-	string: SMB_Fixed_Length_String(unicode) &length=fields.length;
+	string: SMB_Fixed_Length_String(unicode, fields.length) &length=fields.length;
 };
 
 type SMB_NTLM_AV_Pair_Sequence(offset: uint16) = record {
@@ -308,15 +316,15 @@ type SMB_NTLM_AV_Pair = record {
 	length     : uint16;
 	value_case : case id of {
 		0x0000 -> av_eol            : empty;
-		0x0001 -> nb_computer_name  : SMB_Fixed_Length_String(true) &length=length;
-		0x0002 -> nb_domain_name    : SMB_Fixed_Length_String(true) &length=length;
-		0x0003 -> dns_computer_name : SMB_Fixed_Length_String(true) &length=length;
-		0x0004 -> dns_domain_name   : SMB_Fixed_Length_String(true) &length=length;
-		0x0005 -> dns_tree_name     : SMB_Fixed_Length_String(true) &length=length;
+		0x0001 -> nb_computer_name  : SMB_Fixed_Length_String(true, length) &length=length;
+		0x0002 -> nb_domain_name    : SMB_Fixed_Length_String(true, length) &length=length;
+		0x0003 -> dns_computer_name : SMB_Fixed_Length_String(true, length) &length=length;
+		0x0004 -> dns_domain_name   : SMB_Fixed_Length_String(true, length) &length=length;
+		0x0005 -> dns_tree_name     : SMB_Fixed_Length_String(true, length) &length=length;
 		0x0006 -> av_flags          : uint32;
 		0x0007 -> timestamp         : uint64;
 		0x0008 -> single_host       : SMB_NTLM_Single_Host;
-		0x0009 -> target_name       : SMB_Fixed_Length_String(true) &length=length;
+		0x0009 -> target_name       : SMB_Fixed_Length_String(true, length) &length=length;
 		0x000a -> channel_bindings  : uint16;
 	};
 } &let {
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index f4ff41a680..bbb70f4771 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -49,6 +49,7 @@ connection SMB_Conn(bro_analyzer: BroAnalyzer) {
 %include smb-common.pac
 %include smb-time.pac
 
+%include smb-ntlmssp-asn1.pac
 %include smb-ntlmssp.pac
 
 # SMB1 Commands

From ad0ce3481d35c9f161ff29a3a6c1fadaea020dbd Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Mon, 6 Oct 2014 12:37:59 -0400
Subject: [PATCH 06/84] A couple more small fixes for NTLM.

---
 src/analyzer/protocol/smb/smb-ntlmssp.pac | 26 +++++++++++------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
index c57ca4287b..95e445018b 100644
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -143,10 +143,10 @@ refine connection SMB_Conn += {
 		%{
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAuthenticate);
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-//		result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
-//		result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
-//		result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
-//		if ( ${val.flags.negotiate_version} )       result->Assign(4, build_version_record(${val.version}));
+		if ( ${val.flags.negotiate_oem_domain_supplied} )		result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+		if ( ${val.user_name_fields.length} > 0 )				result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
+		if ( ${val.flags.negotiate_oem_workstation_supplied} )	result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
+		if ( ${val.flags.negotiate_version} )       result->Assign(4, build_version_record(${val.version}));
 
 		BifEvent::generate_smb_ntlm_authenticate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
 
@@ -295,15 +295,15 @@ type SMB_NTLM_StringData = record {
 	offset	   : uint32;
 };
 
-type SMB_Fixed_Length_String(unicode: bool, length: uint16) = record {
-	s: bytestring &length=length;
+type SMB_Fixed_Length_String(unicode: bool) = record {
+	s: bytestring &restofdata;
 } &let {
 	data: bytestring = $context.connection.unicode_to_ascii(s, sizeof(s), unicode);
 };
 
 type SMB_NTLM_String(fields: SMB_NTLM_StringData, offset: uint16, unicode: bool) = record {
 	      : padding to fields.offset - offset;
-	string: SMB_Fixed_Length_String(unicode, fields.length) &length=fields.length;
+	string: SMB_Fixed_Length_String(unicode) &length=fields.length;
 };
 
 type SMB_NTLM_AV_Pair_Sequence(offset: uint16) = record {
@@ -316,15 +316,15 @@ type SMB_NTLM_AV_Pair = record {
 	length     : uint16;
 	value_case : case id of {
 		0x0000 -> av_eol            : empty;
-		0x0001 -> nb_computer_name  : SMB_Fixed_Length_String(true, length) &length=length;
-		0x0002 -> nb_domain_name    : SMB_Fixed_Length_String(true, length) &length=length;
-		0x0003 -> dns_computer_name : SMB_Fixed_Length_String(true, length) &length=length;
-		0x0004 -> dns_domain_name   : SMB_Fixed_Length_String(true, length) &length=length;
-		0x0005 -> dns_tree_name     : SMB_Fixed_Length_String(true, length) &length=length;
+		0x0001 -> nb_computer_name  : SMB_Fixed_Length_String(true) &length=length;
+		0x0002 -> nb_domain_name    : SMB_Fixed_Length_String(true) &length=length;
+		0x0003 -> dns_computer_name : SMB_Fixed_Length_String(true) &length=length;
+		0x0004 -> dns_domain_name   : SMB_Fixed_Length_String(true) &length=length;
+		0x0005 -> dns_tree_name     : SMB_Fixed_Length_String(true) &length=length;
 		0x0006 -> av_flags          : uint32;
 		0x0007 -> timestamp         : uint64;
 		0x0008 -> single_host       : SMB_NTLM_Single_Host;
-		0x0009 -> target_name       : SMB_Fixed_Length_String(true, length) &length=length;
+		0x0009 -> target_name       : SMB_Fixed_Length_String(true) &length=length;
 		0x000a -> channel_bindings  : uint16;
 	};
 } &let {

From 06dffb592b3270c111420916cf4b1316db01625d Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Mon, 6 Oct 2014 13:38:18 -0400
Subject: [PATCH 07/84] Trivial: Clean up whitespace/make it more consistent.

---
 src/analyzer/protocol/smb/smb-ntlmssp.pac | 300 ++++++++++++----------
 1 file changed, 166 insertions(+), 134 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
index 95e445018b..054ff76d6f 100644
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -16,32 +16,32 @@ refine connection SMB_Conn += {
 	function build_negotiate_flag_record(val: SMB_NTLM_Negotiate_Flags): BroVal
 		%{
 		RecordVal* flags = new RecordVal(BifType::Record::SMB::NTLMNegotiateFlags);
-		flags->Assign(0, new Val(${val.negotiate_56}, TYPE_BOOL));
-		flags->Assign(1, new Val(${val.negotiate_key_exch}, TYPE_BOOL));
-		flags->Assign(2, new Val(${val.negotiate_128}, TYPE_BOOL));
-		flags->Assign(3, new Val(${val.negotiate_version}, TYPE_BOOL));
-		flags->Assign(4, new Val(${val.negotiate_target_info}, TYPE_BOOL));
+		flags->Assign(0, new Val(${val.negotiate_56}, 							TYPE_BOOL));
+		flags->Assign(1, new Val(${val.negotiate_key_exch}, 					TYPE_BOOL));
+		flags->Assign(2, new Val(${val.negotiate_128}, 							TYPE_BOOL));
+		flags->Assign(3, new Val(${val.negotiate_version}, 						TYPE_BOOL));
+		flags->Assign(4, new Val(${val.negotiate_target_info}, 					TYPE_BOOL));
 
-		flags->Assign(5, new Val(${val.request_non_nt_session_key}, TYPE_BOOL));
-		flags->Assign(6, new Val(${val.negotiate_identify}, TYPE_BOOL));
-		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity}, TYPE_BOOL));
-		flags->Assign(8, new Val(${val.target_type_server}, TYPE_BOOL));
-		flags->Assign(9, new Val(${val.target_type_domain}, TYPE_BOOL));
+		flags->Assign(5, new Val(${val.request_non_nt_session_key}, 			TYPE_BOOL));
+		flags->Assign(6, new Val(${val.negotiate_identify}, 					TYPE_BOOL));
+		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity}, 	TYPE_BOOL));
+		flags->Assign(8, new Val(${val.target_type_server}, 					TYPE_BOOL));
+		flags->Assign(9, new Val(${val.target_type_domain}, 					TYPE_BOOL));
 
-		flags->Assign(10, new Val(${val.negotiate_always_sign}, TYPE_BOOL));
-		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, TYPE_BOOL));
-		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied}, TYPE_BOOL));
-		flags->Assign(13, new Val(${val.negotiate_anonymous_connection}, TYPE_BOOL));
-		flags->Assign(14, new Val(${val.negotiate_ntlm}, TYPE_BOOL));
+		flags->Assign(10, new Val(${val.negotiate_always_sign}, 				TYPE_BOOL));
+		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, 	TYPE_BOOL));
+		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied}, 		TYPE_BOOL));
+		flags->Assign(13, new Val(${val.negotiate_anonymous_connection}, 		TYPE_BOOL));
+		flags->Assign(14, new Val(${val.negotiate_ntlm}, 						TYPE_BOOL));
 
-		flags->Assign(15, new Val(${val.negotiate_lm_key}, TYPE_BOOL));
-		flags->Assign(16, new Val(${val.negotiate_datagram}, TYPE_BOOL));
-		flags->Assign(17, new Val(${val.negotiate_seal}, TYPE_BOOL));
-		flags->Assign(18, new Val(${val.negotiate_sign}, TYPE_BOOL));
-		flags->Assign(19, new Val(${val.request_target}, TYPE_BOOL));
+		flags->Assign(15, new Val(${val.negotiate_lm_key}, 						TYPE_BOOL));
+		flags->Assign(16, new Val(${val.negotiate_datagram}, 					TYPE_BOOL));
+		flags->Assign(17, new Val(${val.negotiate_seal}, 						TYPE_BOOL));
+		flags->Assign(18, new Val(${val.negotiate_sign}, 						TYPE_BOOL));
+		flags->Assign(19, new Val(${val.request_target}, 						TYPE_BOOL));
 
-		flags->Assign(20, new Val(${val.negotiate_oem}, TYPE_BOOL));
-		flags->Assign(21, new Val(${val.negotiate_unicode}, TYPE_BOOL));
+		flags->Assign(20, new Val(${val.negotiate_oem}, 						TYPE_BOOL));
+		flags->Assign(21, new Val(${val.negotiate_unicode}, 					TYPE_BOOL));
 
 		return flags;
 		%}
@@ -51,7 +51,7 @@ refine connection SMB_Conn += {
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMVersion);
 		result->Assign(0, new Val(${val.major_version}, TYPE_COUNT));
 		result->Assign(1, new Val(${val.minor_version}, TYPE_COUNT));
-		result->Assign(2, new Val(${val.build_number}, TYPE_COUNT));
+		result->Assign(2, new Val(${val.build_number}, 	TYPE_COUNT));
 		result->Assign(3, new Val(${val.ntlm_revision}, TYPE_COUNT));
 
 		return result;
@@ -117,9 +117,15 @@ refine connection SMB_Conn += {
 		%{
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMNegotiate);
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-		if ( ${val.flags.negotiate_oem_domain_supplied} )      result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
-		if ( ${val.flags.negotiate_oem_workstation_supplied} ) result->Assign(2, bytestring_to_val(${val.workstation.string.data}));
-		if ( ${val.flags.negotiate_version} )                  result->Assign(3, build_version_record(${val.version}));
+
+		if ( ${val.flags.negotiate_oem_domain_supplied} )
+			result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+
+		if ( ${val.flags.negotiate_oem_workstation_supplied} )
+			result->Assign(2, bytestring_to_val(${val.workstation.string.data}));
+
+		if ( ${val.flags.negotiate_version} )
+			result->Assign(3, build_version_record(${val.version}));
 
 		BifEvent::generate_smb_ntlm_negotiate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
 		
@@ -130,9 +136,15 @@ refine connection SMB_Conn += {
 		%{
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMChallenge);
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-		if ( ${val.flags.request_target} )          result->Assign(1, bytestring_to_val(${val.target_name.string.data}));
-		if ( ${val.flags.negotiate_version} )       result->Assign(2, build_version_record(${val.version}));
-		if ( ${val.flags.negotiate_target_info} )   result->Assign(3, build_av_record(${val.target_info}));
+
+		if ( ${val.flags.request_target} )
+			result->Assign(1, bytestring_to_val(${val.target_name.string.data}));
+
+		if ( ${val.flags.negotiate_version} )
+			result->Assign(2, build_version_record(${val.version}));
+
+		if ( ${val.flags.negotiate_target_info} )
+			result->Assign(3, build_av_record(${val.target_info}));
 		
 		BifEvent::generate_smb_ntlm_challenge(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
 		
@@ -143,10 +155,18 @@ refine connection SMB_Conn += {
 		%{
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAuthenticate);
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-		if ( ${val.flags.negotiate_oem_domain_supplied} )		result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
-		if ( ${val.user_name_fields.length} > 0 )				result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
-		if ( ${val.flags.negotiate_oem_workstation_supplied} )	result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
-		if ( ${val.flags.negotiate_version} )       result->Assign(4, build_version_record(${val.version}));
+
+		if ( ${val.flags.negotiate_oem_domain_supplied} )
+			result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+
+		if ( ${val.user_name_fields.length} > 0 )
+			result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
+
+		if ( ${val.flags.negotiate_oem_workstation_supplied} )
+			result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
+
+		if ( ${val.flags.negotiate_version} )
+			result->Assign(4, build_version_record(${val.version}));
 
 		BifEvent::generate_smb_ntlm_authenticate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
 
@@ -184,7 +204,7 @@ type GSSAPI_NEG_TOKEN_INIT_Arg(header: SMB_Header) = record {
 };
 
 type GSSAPI_NEG_TOKEN_INIT_Arg_Data(header: SMB_Header, index: uint8) = case index of {
-	0 -> mech_type_list	: ASN1Encoding;
+	0 -> mech_type_list : ASN1Encoding;
 	1 -> req_flags		: ASN1Encoding;
 	2 -> mech_token		: SMB_NTLM_SSP_Token(header);
 	3 -> mech_list_mic	: ASN1OctetString;
@@ -208,84 +228,88 @@ type GSSAPI_NEG_TOKEN_RESP_Arg_Data(header: SMB_Header, index: uint8) = case ind
 };
 
 type SMB_NTLM_SSP(header: SMB_Header) = record {
-	gssapi   : GSSAPI_NEG_TOKEN(header);
+	gssapi: GSSAPI_NEG_TOKEN(header);
 } &let {
 	proc:        bool = $context.connection.proc_smb_ntlm_ssp(header, this);
 };
 
 type SMB_NTLM_SSP_Token(header: SMB_Header) = record {
-	meta: ASN1EncodingMeta;
-	signature: bytestring &length=8;
-	msg_type : uint32;
-	msg      : case msg_type of {
-	 	1 -> negotiate   : SMB_NTLM_Negotiate(header, offsetof(msg) - offsetof(signature));
-		2 -> challenge   : SMB_NTLM_Challenge(header, offsetof(msg) - offsetof(signature));
-		3 -> authenticate: SMB_NTLM_Authenticate(header, offsetof(msg) - offsetof(signature));
+	meta		: ASN1EncodingMeta;
+	signature	: bytestring &length=8;
+	msg_type 	: uint32;
+	msg      	: case msg_type of {
+	 	1 -> negotiate   	: SMB_NTLM_Negotiate(header, offsetof(msg) - offsetof(signature));
+		2 -> challenge		: SMB_NTLM_Challenge(header, offsetof(msg) - offsetof(signature));
+		3 -> authenticate	: SMB_NTLM_Authenticate(header, offsetof(msg) - offsetof(signature));
 	};	 
 };
 
 type SMB_NTLM_Negotiate(header: SMB_Header, offset: uint16) = record {
-	flags		   : SMB_NTLM_Negotiate_Flags;
-	domain_name_fields : SMB_NTLM_StringData;
-	workstation_fields : SMB_NTLM_StringData;
-	version_present	   : case flags.negotiate_version of {
-		true -> version: SMB_NTLM_Version;
-		false -> no_version: empty;
+	flags		   		: SMB_NTLM_Negotiate_Flags;
+	domain_name_fields 	: SMB_NTLM_StringData;
+	workstation_fields	: SMB_NTLM_StringData;
+	version_present	  	: case flags.negotiate_version of {
+		true  -> version	: SMB_NTLM_Version;
+		false -> no_version	: empty;
 	};
-	payload		   : bytestring &restofdata;
+	payload		   		: bytestring &restofdata;
 } &let {
-	absolute_offset    : uint16 = offsetof(payload) + offset;
-	domain_name	   : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
-	workstation	   : SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
-	proc		   : bool = $context.connection.proc_smb_ntlm_negotiate(header, this);
+	absolute_offset	: uint16 = offsetof(payload) + offset;
+	domain_name	   	: SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
+	workstation	   	: SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
+	proc		   	: bool = $context.connection.proc_smb_ntlm_negotiate(header, this);
 };
 
 type SMB_NTLM_Challenge(header: SMB_Header, offset: uint16) = record {
-	target_name_fields : SMB_NTLM_StringData;
-	flags		   : SMB_NTLM_Negotiate_Flags;
-	challenge	   : uint64;
-	reserved	   : padding[8];
-	target_info_fields : SMB_NTLM_StringData;
-	version_present	   : case flags.negotiate_version of {
-		true -> version: SMB_NTLM_Version;
-		false -> no_version: empty;
+	target_name_fields	: SMB_NTLM_StringData;
+	flags		   		: SMB_NTLM_Negotiate_Flags;
+	challenge	   		: uint64;
+	reserved	   		: padding[8];
+	target_info_fields 	: SMB_NTLM_StringData;
+	version_present	   	: case flags.negotiate_version of {
+		true  -> version	: SMB_NTLM_Version;
+		false -> no_version	: empty;
 	};
-	payload            : bytestring &restofdata;
+	payload            	: bytestring &restofdata;
 } &let {
-	absolute_offset    : uint16 = offsetof(payload) + offset;
-	target_name	   : SMB_NTLM_String(target_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.request_target);
-	target_info	   : SMB_NTLM_AV_Pair_Sequence(target_info_fields.offset - absolute_offset) withinput payload &if(flags.negotiate_target_info);
-	proc		   : bool = $context.connection.proc_smb_ntlm_challenge(header, this);
+	absolute_offset	: uint16 = offsetof(payload) + offset;
+	target_name	   	: SMB_NTLM_String(target_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.request_target);
+	target_info	   	: SMB_NTLM_AV_Pair_Sequence(target_info_fields.offset - absolute_offset) withinput payload &if(flags.negotiate_target_info);
+	proc		   	: bool = $context.connection.proc_smb_ntlm_challenge(header, this);
 };
 
 type SMB_NTLM_Authenticate(header: SMB_Header, offset: uint16) = record {
-	lm_challenge_response_fields : SMB_NTLM_StringData;
-	nt_challenge_response_fields : SMB_NTLM_StringData;
-	domain_name_fields	     : SMB_NTLM_StringData;
-	user_name_fields	     : SMB_NTLM_StringData;
-	workstation_fields	     : SMB_NTLM_StringData;
-	encrypted_session_key_fields : SMB_NTLM_StringData;
-	flags		             : SMB_NTLM_Negotiate_Flags;
-	version_present	   : case flags.negotiate_version of {
-		true -> version: SMB_NTLM_Version;
-		false -> no_version: empty;
+	lm_challenge_response_fields: SMB_NTLM_StringData;
+	nt_challenge_response_fields: SMB_NTLM_StringData;
+	domain_name_fields	     	: SMB_NTLM_StringData;
+	user_name_fields	     	: SMB_NTLM_StringData;
+	workstation_fields	     	: SMB_NTLM_StringData;
+	encrypted_session_key_fields: SMB_NTLM_StringData;
+	flags		             	: SMB_NTLM_Negotiate_Flags;
+	version_present	   			: case flags.negotiate_version of {
+		true  -> version	: SMB_NTLM_Version;
+		false -> no_version	: empty;
 	};
-#	mic		             : bytestring &length=16;
-	payload			     : bytestring &restofdata;
+
+#   Windows NT, 2000, XP, and 2003 don't have the MIC field
+#	TODO - figure out how to parse this for those that do have it
+#	mic		             		: bytestring &length=16;
+
+	payload			     		: bytestring &restofdata;
 } &let {
-	absolute_offset              : uint16 = offsetof(payload) + offset;
-	domain_name		     : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
-	user_name		     : SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
-	workstation		     : SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
-	encrypted_session_key	     : SMB_NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
-	proc		             : bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
+	absolute_offset			: uint16 = offsetof(payload) + offset;
+	domain_name				: SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
+	user_name				: SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
+	workstation				: SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
+	encrypted_session_key	: SMB_NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
+	proc					: bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
 };
 
 type SMB_NTLM_Version = record {
 	major_version	: uint8;
 	minor_version	: uint8;
 	build_number	: uint16;
-	reserved	: padding[3];
+	reserved		: padding[3];
 	ntlm_revision	: uint8;
 };
 
@@ -328,80 +352,88 @@ type SMB_NTLM_AV_Pair = record {
 		0x000a -> channel_bindings  : uint16;
 	};
 } &let {
-	last		 : bool = ( id == 0x0000);
+	last		 	: bool = ( id == 0x0000);
 	# av_flags refinement
-	constrained_auth : bool = (av_flags & 0x00000001) > 0 &if ( id == 0x0006);
-	mic_present      : bool = (av_flags & 0x00000002) > 0 &if ( id == 0x0006);
-	untrusted_source : bool = (av_flags & 0x00000004) > 0 &if ( id == 0x0006);	
+	constrained_auth: bool = (av_flags & 0x00000001) > 0 &if ( id == 0x0006);
+	mic_present     : bool = (av_flags & 0x00000002) > 0 &if ( id == 0x0006);
+	untrusted_source: bool = (av_flags & 0x00000004) > 0 &if ( id == 0x0006);	
 };
 
 type SMB_NTLM_Single_Host = record {
-	size	     : uint32;
-	padpad	     : padding[4];
-	data_present : uint32;
-	optional     : case custom_data_present of {
+	size	    : uint32;
+	padpad	    : padding[4];
+	data_present: uint32;
+	optional    : case custom_data_present of {
 		true  -> custom_data : bytestring &length=4;
 		false -> nothing     : empty;
 	};
-	machine_id   : uint32;
+	machine_id	: uint32;
 } &let {
-	custom_data_present : bool = (data_present & 0x00000001) > 0;
+	custom_data_present: bool = (data_present & 0x00000001) > 0;
 };
 
 type SMB_LM_Response(offset: uint16) = record {
 	# This can be either LM (24 byte response) or
 	# LMv2 (16 byte response + 8 byte client challenge. No way to
 	# know for sure.
-	padpad   : padding to offset;
-	response : bytestring &length=24;
+	padpad  : padding to offset;
+	response: bytestring &length=24;
 };
 
 type SMB_NTLM_Response(offset: uint16) = record {
-	padpad   : padding to offset;
-	response : bytestring &length=24;
+	padpad  : padding to offset;
+	response: bytestring &length=24;
 };
 
 type SMB_NTLMv2_Response(flags: SMB_NTLM_Negotiate_Flags, offset: uint16) = record {
-	padpad           : padding to offset;
-	response         : bytestring &length=16;
-	client_challenge : SMB_NTLMv2_Client_Challenge(flags);
+	padpad          : padding to offset;
+	response        : bytestring &length=16;
+	client_challenge: SMB_NTLMv2_Client_Challenge(flags);
 };
 
 type SMB_NTLMv2_Client_Challenge(flags: SMB_NTLM_Negotiate_Flags) = record {
-	resp_type	 : uint8;
-	max_resp_type	 : uint8;
-	reserved	 : padding[6];
-	timestamp	 : uint64;
-	client_challenge : bytestring &length=8;
-	reserved2	 : padding[4];
-	av_pairs	 : SMB_NTLM_AV_Pair_Sequence(0);
+	resp_type	 	: uint8;
+	max_resp_type	: uint8;
+	reserved	 	: padding[6];
+	timestamp	 	: uint64;
+	client_challenge: bytestring &length=8;
+	reserved2	 	: padding[4];
+	av_pairs	 	: SMB_NTLM_AV_Pair_Sequence(0);
 };
 
 type SMB_NTLM_Negotiate_Flags = record {
-	flags              : uint32;
+	flags: uint32;
 } &let {
-	negotiate_56                       : bool = (flags & 0x80000000) > 0;
-	negotiate_key_exch         	   : bool = (flags & 0x40000000) > 0;
-	negotiate_128	           	   : bool = (flags & 0x20000000) > 0;
-	negotiate_version          	   : bool = (flags & 0x02000000) > 0;
-	negotiate_target_info              : bool = (flags & 0x00800000) > 0;
-	request_non_nt_session_key         : bool = (flags & 0x00400000) > 0;
-	negotiate_identify	           : bool = (flags & 0x00100000) > 0;
-	negotiate_extended_sessionsecurity : bool = (flags & 0x00040000) > 0;
-	target_type_server	   	   : bool = (flags & 0x00020000) > 0;
-	target_type_domain	   	   : bool = (flags & 0x00010000) > 0;
-	negotiate_always_sign	   	   : bool = (flags & 0x00008000) > 0;
-	negotiate_oem_workstation_supplied : bool = (flags & 0x00002000) > 0;
-	negotiate_oem_domain_supplied  	   : bool = (flags & 0x00001000) > 0;
-	negotiate_anonymous_connection 	   : bool = (flags & 0x00000400) > 0;
-	negotiate_ntlm                     : bool = (flags & 0x00000100) > 0;
-	negotiate_lm_key 	           : bool = (flags & 0x00000080) > 0;
-	negotiate_datagram                 : bool = (flags & 0x00000040) > 0;
-	negotiate_seal                     : bool = (flags & 0x00000020) > 0;
-	negotiate_sign 	                   : bool = (flags & 0x00000008) > 0;
-	request_target                     : bool = (flags & 0x00000004) > 0;
-	negotiate_oem   	           : bool = (flags & 0x00000002) > 0;
-	negotiate_unicode                  : bool = (flags & 0x00000001) > 0;
-	is_oem				   : bool = !negotiate_unicode && negotiate_oem;
-	is_invalid			   : bool = !negotiate_unicode && !negotiate_oem;
+	negotiate_56						: bool = (flags & 0x80000000) > 0;
+	negotiate_key_exch					: bool = (flags & 0x40000000) > 0;
+	negotiate_128						: bool = (flags & 0x20000000) > 0;
+	
+	negotiate_version					: bool = (flags & 0x02000000) > 0;
+	
+	negotiate_target_info				: bool = (flags & 0x00800000) > 0;
+	request_non_nt_session_key			: bool = (flags & 0x00400000) > 0;
+	negotiate_identify					: bool = (flags & 0x00100000) > 0;
+	
+	negotiate_extended_sessionsecurity	: bool = (flags & 0x00040000) > 0;
+	target_type_server					: bool = (flags & 0x00020000) > 0;
+	target_type_domain					: bool = (flags & 0x00010000) > 0;
+
+	negotiate_always_sign				: bool = (flags & 0x00008000) > 0;
+	negotiate_oem_workstation_supplied	: bool = (flags & 0x00002000) > 0;
+	negotiate_oem_domain_supplied		: bool = (flags & 0x00001000) > 0;
+
+	negotiate_anonymous_connection		: bool = (flags & 0x00000400) > 0;
+	negotiate_ntlm						: bool = (flags & 0x00000100) > 0;
+
+	negotiate_lm_key					: bool = (flags & 0x00000080) > 0;
+	negotiate_datagram					: bool = (flags & 0x00000040) > 0;
+	negotiate_seal						: bool = (flags & 0x00000020) > 0;
+
+	negotiate_sign						: bool = (flags & 0x00000008) > 0;
+	request_target						: bool = (flags & 0x00000004) > 0;
+	negotiate_oem						: bool = (flags & 0x00000002) > 0;
+	negotiate_unicode					: bool = (flags & 0x00000001) > 0;
+
+	is_oem								: bool = !negotiate_unicode && negotiate_oem;
+	is_invalid							: bool = !negotiate_unicode && !negotiate_oem;
 };

From a6de23aaa33799ae176c06e928f8301575c24a7e Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Tue, 7 Oct 2014 16:31:02 -0400
Subject: [PATCH 08/84] Refine transaction2 support, rewrite SMB scripts.

---
 scripts/base/init-bare.bro                    |  28 +++
 scripts/base/protocols/smb/consts.bro         |  37 ++++
 scripts/base/protocols/smb/files.bro          |  22 +-
 scripts/base/protocols/smb/main.bro           | 171 ++++++++--------
 scripts/base/protocols/smb/smb1-main.bro      | 192 ++++++++++--------
 scripts/base/protocols/smb/smb2-main.bro      | 173 ++++++++--------
 src/analyzer/protocol/smb/CMakeLists.txt      |   1 +
 src/analyzer/protocol/smb/smb.pac             |   1 +
 .../protocol/smb/smb1-com-transaction2.pac    |  16 +-
 .../protocol/smb/smb1_com_transaction2.bif    |  53 +++++
 10 files changed, 428 insertions(+), 266 deletions(-)
 create mode 100644 src/analyzer/protocol/smb/smb1_com_transaction2.bif

diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro
index e4c69c07bb..7719e2959b 100644
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@@ -2635,6 +2635,34 @@ export {
 		security_blob	: string &optional;
 	};
 
+	type SMB1::Find_First2_Request_Args: record {
+		## File attributes to apply as a constraint to the search
+		search_attrs		: string;
+		## Max search results
+		search_count		: count;
+		## Misc. flags for how the server should manage the transaction
+		## once results are returned
+		flags				: count;
+		## How detailed the information returned in the results should be
+		info_level			: count;
+		## Specify whether to search for directories or files
+		search_storage_type	: count;
+		## The string to serch for (note: may contain wildcards)
+		file_name			: string;
+	};
+
+	type SMB1::Find_First2_Response_Args: record {
+		## The server generated search identifier
+		sid				: count;
+		## Number of results returned by the search
+		search_count	: count;
+		## Whether or not the search can be continued using
+		## the TRANS2_FIND_NEXT2 transaction
+		end_of_search	: bool;
+		## An extended attribute name that couldn't be retrieved
+		ext_attr_error	: string &optional;
+	};
+
 
 }
 
diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.bro
index 681fcb3c17..965541c640 100644
--- a/scripts/base/protocols/smb/consts.bro
+++ b/scripts/base/protocols/smb/consts.bro
@@ -9,6 +9,23 @@ export {
 	const statuses: table[count] of StatusCode = {
 		[0x00000000] = [$id="SUCCESS", $desc="The operation completed successfully."],
 	} &redef &default=function(i: count):StatusCode { local unknown=fmt("unknown-%d", i); return [$id=unknown, $desc=unknown]; };
+
+	## These are files names that are used for special 
+	## cases by the file system and would not be 
+	## considered "normal" files.
+	const pipe_names: set[string] = {
+		"\\netdfs",
+		"\\spoolss",
+		"\\NETLOGON",
+		"\\winreg",
+		"\\lsarpc",
+		"\\samr",
+		"\\srvsvc",
+		"srvsvc",
+		"MsFteWds",
+		"\\wkssvc",
+	};
+
 }
 
 module SMB1;
@@ -88,6 +105,26 @@ export {
 		[0xD9] = "WRITE_BULK",
 		[0xDA] = "WRITE_BULK_DATA",
 	} &default=function(i: count):string { return fmt("unknown-%d", i); };
+
+	const trans2_sub_commands: table[count] of string = {
+		[0x00] = "OPEN2",	
+		[0x01] = "FIND_FIRST2",	
+		[0x02] = "FIND_NEXT2",	
+		[0x03] = "QUERY_FS_INFORMATION",	
+		[0x04] = "SET_FS_INFORMATION",	
+		[0x05] = "QUERY_PATH_INFORMATION",	
+		[0x06] = "SET_PATH_INFORMATION",	
+		[0x07] = "QUERY_FILE_INFORMATION",	
+		[0x08] = "SET_FILE_INFORMATION",	
+		[0x09] = "FSCTL",	
+		[0x0A] = "IOCTL",	
+		[0x0B] = "FIND_NOTIFY_FIRST",	
+		[0x0C] = "FIND_NOTIFY_NEXT",	
+		[0x0D] = "CREATE_DIRECTORY",	
+		[0x0E] = "SESSION_SETUP",	
+		[0x10] = "GET_DFS_REFERRAL",	
+		[0x11] = "REPORT_DFS_INCONSISTENCY",	
+	} &default=function(i: count):string { return fmt("unknown-trans2-sub-cmd-%d", i); };
 }
 
 module SMB2;
diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.bro
index dde3d179a7..2d2b82d0e0 100644
--- a/scripts/base/protocols/smb/files.bro
+++ b/scripts/base/protocols/smb/files.bro
@@ -12,15 +12,15 @@ export {
 
 function get_file_handle(c: connection, is_orig: bool): string
 	{
-	if ( ! (c$smb?$current_file &&
-	        ((c$smb$current_file?$name && c$smb$current_file$name !in pipe_names) || 
-	         c$smb$current_file?$path)) )
+	if ( ! (c$smb_state?$current_file &&
+	        ((c$smb_state$current_file?$name && c$smb_state$current_file$name !in pipe_names) || 
+	         c$smb_state$current_file?$path)) )
 		{
-		# TODO: figure out what are the cases where this happens.
+		# TODO - figure out what are the cases where this happens.
 		return "";
 		}
 
-	local current_file = c$smb$current_file;
+	local current_file = c$smb_state$current_file;
 	local path_name = current_file?$path ? current_file$path : "";
 	local file_name = current_file?$name ? current_file$name : "";
 	# Include last_mod time if available because if a file has been modified it
@@ -38,8 +38,8 @@ function describe_file(f: fa_file): string
 	for ( cid in f$conns )
 		{
 		local info = f$conns[cid];
-		if ( info?$smb && info$smb?$current_file && info$smb$current_file?$name )
-			return info$smb$current_file$name;
+		if ( info?$smb_state && info$smb_state?$current_file && info$smb_state$current_file?$name )
+			return info$smb_state$current_file$name;
 		}
 	return "";
 	}
@@ -53,11 +53,11 @@ event bro_init() &priority=5
 
 event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priority=5
 	{
-	if ( c?$smb && c$smb?$current_file )
+	if ( c?$smb_state && c$smb_state?$current_file )
 		{
-		c$smb$current_file$fuid = f$id;
+		c$smb_state$current_file$fuid = f$id;
 
-		if ( c$smb$current_file?$name )
-			f$info$filename = c$smb$current_file$name;
+		if ( c$smb_state$current_file?$name )
+			f$info$filename = c$smb_state$current_file$name;
 		}
 	}
diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 945a0ee01d..5204336eb9 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -1,3 +1,5 @@
+@load ./consts
+
 module SMB;
 
 export {
@@ -16,105 +18,100 @@ export {
 		FILE_UNKNOWN,
 	};
 
+	## The file actions which are logged.
 	const logged_file_actions: set[FileAction] = {
 		FILE_OPEN,
 		FILE_READ,
 		FILE_WRITE,
-	};
-
-	## These are files names that are used for special 
-	## cases by the file system and would not be 
-	## considered "normal" files.
-	const pipe_names: set[string] = {
-		"\\netdfs",
-		"\\spoolss",
-		"\\NETLOGON",
-		"\\winreg",
-		"\\lsarpc",
-		"\\samr",
-		"\\srvsvc",
-		"srvsvc",
-		"MsFteWds",
-		"\\wkssvc",
-	};
+	} &redef;
 
+	## The server response statuses which are *not* logged.
+	const ignored_command_statuses: set[string] = {
+		"MORE_PROCESSING_REQUIRED",
+	} &redef;
+	
+	## This record is for the smb_files.log
 	type FileInfo: record {
 		## Time when the file was first discovered.
-		ts             : time    &log;
-		uid            : string  &log;
-		id             : conn_id &log;
-		fuid           : string  &log;
-
+		ts				: time    &log;
+		## Unique ID of the connection the file was sent over.
+		uid				: string  &log;
+		## ID of the connection the file was sent over.
+		id				: conn_id &log;
+		## Unique ID of the file.
+		fuid			: string  &log &optional;
+		
 		## Action this log record represents.
-		action         : FileAction  &log &default=FILE_UNKNOWN;
-
+		action			: FileAction  &log &default=FILE_UNKNOWN;
 		## Path pulled from the tree this file was transferred to or from.
-		path           : string  &log &optional;
+		path			: string  &log &optional;
 		## Filename if one was seen.
-		name           : string  &log &optional;
-
+		name			: string  &log &optional;
 		## Total size of the file.
-		size           : count   &log &default=0;
+		size			: count   &log &default=0;
 		## Last time this file was modified.
-		times          : SMB::MACTimes    &log &optional;
+		times			: SMB::MACTimes    &log &optional;
 	};
-	
+
+	## This record is for the smb_mapping.log
 	type TreeInfo: record {
 		## Time when the tree was mapped.
-		ts                 : time   &log &optional;
-
-		uid                : string  &log;
-		id                 : conn_id &log;
+		ts					: time   &log &optional;
+		## Unique ID of the connection the tree was mapped over.
+		uid					: string  &log;
+		## ID of the connection the tree was mapped over.
+		id					: conn_id &log;
 
 		## Name of the tree path.
-		path               : string &log &optional;
-		service            : string &log &optional;
-		native_file_system : string &log &optional;
-
+		path				: string &log &optional;
+		## The type of resource of the tree (disk share, printer share, named pipe, etc.)
+		service				: string &log &optional;
+		## File system of the tree.
+		native_file_system	: string &log &optional;
 		## If this is SMB2, a share type will be included.
-		share_type         : string &log &optional;
+		share_type			: string &log &optional;
 	};
-	
+
+	## This record is for the smb_cmd.log
 	type CmdInfo: record {
-		## The command.
-		command              : string   &optional;
-
-		## If the command referenced a file, store it here.
-		referenced_file      : FileInfo &optional;
-		## If the command referenced a tree, store it here.
-		referenced_tree      : TreeInfo &optional;
-	};
-	
-	type Info: record {
-		ts: time &log;
-		uid: string &log;
-		id: conn_id &log;
-
-		## Version of SMB for the command.
-		version: string &log;
-
-		## Command sent by the client.
-		command: string &log &optional;
-
-		## Server reply to the client's command
-		status: string &log &optional;
+		## Timestamp of the command request
+		ts				: time &log;
+		## Unique ID of the connection the request was sent over
+		uid				: string &log;
+		## ID of the connection the request was sent over
+		id				: conn_id &log;
 		
-		## If this is related to a tree, this is the tree
-		## that was used for the current command. 
-		tree: string &log &optional;
-
-		## The negotiated dialect for the connection.
-		dialect: string &log &optional;
-
+		## The command sent by the client
+		command			: string &log;
+		## The subcommand sent by the client, if present
+		sub_command		: string &log &optional;
+		## Command argument sent by the client, if any
+		argument		: string &log &optional;
+		
+		## Server reply to the client's command
+		status			: string &log &optional;
 		## Round trip time from the request to the response.
-		rtt: interval &log &optional;
+		rtt				: interval &log &optional;
+		## Version of SMB for the command
+		version			: string &log;
 
+		## If this is related to a tree, this is the tree
+		## that was used for the current command.
+		tree			: string &log &optional;
+		
+		## If the command referenced a file, store it here.
+		referenced_file	: FileInfo &optional;
+		## If the command referenced a tree, store it here.
+		referenced_tree	: TreeInfo &optional;
+	};
+
+	## This record stores the SMB state of in-flight commands,
+	## the file and tree map of the connection.
+	type State: record {
 		## A reference to the current command.
 		current_cmd    : CmdInfo     &optional;
-
 		## A reference to the current file.
 		current_file   : FileInfo    &optional;
-		
 		## A reference to the current tree.
 		current_tree   : TreeInfo    &optional;
 		
@@ -127,20 +124,22 @@ export {
 	};
 	
 	redef record connection += {
-		smb : Info &optional;
+		smb_state : State &optional;
 	};
 
+	## Internal use only
+	## Some commands shouldn't be logged by the smb1_message event
+	const deferred_logging_cmds: set[string] = {
+		"NEGOTIATE",
+	};
+	
 	## This is an internally used function.
-	const set_current_file: function(smb: Info, file_id: count) &redef;
+	const set_current_file: function(smb_state: State, file_id: count) &redef;
 
 	## This is an internally used function.
 	const write_file_log: function(f: FileInfo) &redef;
 }
 
-redef record connection += {
-	smb_pending_cmds : table[count, count] of Info &default=table();
-};
-
 redef record FileInfo += {
 	## ID referencing this file.
 	fid            : count   &optional;
@@ -154,22 +153,22 @@ redef likely_server_ports += { ports };
 
 event bro_init() &priority=5
 	{
-	Log::create_stream(CMD_LOG, [$columns=SMB::Info]);
+	Log::create_stream(CMD_LOG, [$columns=SMB::CmdInfo]);
 	Log::create_stream(FILES_LOG, [$columns=SMB::FileInfo]);
 	Log::create_stream(MAPPING_LOG, [$columns=SMB::TreeInfo]);
 
 	Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, ports);
 	}
 
-function set_current_file(smb: Info, file_id: count)
+function set_current_file(smb_state: State, file_id: count)
 	{
-	if ( file_id !in smb$fid_map )
+	if ( file_id !in smb_state$fid_map )
 		{
-		smb$fid_map[file_id] = smb$current_cmd$referenced_file;
-		smb$fid_map[file_id]$fid = file_id;
+		smb_state$fid_map[file_id] = smb_state$current_cmd$referenced_file;
+		smb_state$fid_map[file_id]$fid = file_id;
 		}
 	
-	smb$current_file = smb$fid_map[file_id];
+	smb_state$current_file = smb_state$fid_map[file_id];
 	}
 
 function write_file_log(f: FileInfo)
@@ -190,9 +189,9 @@ event file_state_remove(f: fa_file) &priority=-5
 	for ( id in f$conns )
 		{
 		local c = f$conns[id];
-		if ( c?$smb && c$smb?$current_file)
+		if ( c?$smb_state && c$smb_state?$current_file)
 			{
-			write_file_log(c$smb$current_file);
+			write_file_log(c$smb_state$current_file);
 			}
 		return;
 		}
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 5aeee80c30..ca25eabc2f 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -1,194 +1,216 @@
 module SMB1;
 
-redef record SMB::Info += {
+redef record SMB::CmdInfo += {
+	## Dialects offered by the client	
 	smb1_offered_dialects: string_vec &optional;
 };
 
 event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=5
 	{
-	if ( ! c?$smb )
+	if ( ! c?$smb_state )
 		{
-		local info: SMB::Info = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB1"];
-		info$fid_map = table();
-		info$tid_map = table();
-		info$pending_cmds = table();
-		c$smb = info;
+		local state: SMB::State;
+		state$fid_map = table();
+		state$tid_map = table();
+		state$pending_cmds = table();
+		c$smb_state = state;
 		}
-	
-	local smb = c$smb;
+
+	local smb_state = c$smb_state;
 	local tid = hdr$tid;
 	local pid = hdr$pid;
 	local uid = hdr$uid;
 	local mid = hdr$mid;
 	
-	if ( tid !in smb$tid_map )
+	if ( tid !in smb_state$tid_map )
 		{
 		local tmp_tree: SMB::TreeInfo = [$uid=c$uid, $id=c$id];
-		smb$tid_map[tid] = tmp_tree;
+		smb_state$tid_map[tid] = tmp_tree;
 		}
-	smb$current_tree = smb$tid_map[tid];
+	smb_state$current_tree = smb_state$tid_map[tid];
 	
-	if ( mid !in smb$pending_cmds )
+	if ( mid !in smb_state$pending_cmds )
 		{
-		local tmp_cmd: SMB::CmdInfo;
-		tmp_cmd$command = SMB1::commands[hdr$command];
+		local tmp_cmd: SMB::CmdInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB1", $command = SMB1::commands[hdr$command]];
 
-		local tmp_file: SMB::FileInfo;
-		tmp_file$ts = network_time();
-		tmp_file$id = c$id;
-		tmp_file$uid = c$uid;
+		local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
 		tmp_cmd$referenced_file = tmp_file;
-		tmp_cmd$referenced_tree = smb$current_tree;
+		tmp_cmd$referenced_tree = smb_state$current_tree;
 		
-		smb$pending_cmds[mid] = tmp_cmd;
+		smb_state$pending_cmds[mid] = tmp_cmd;
 		}
 	
-	smb$current_cmd = smb$pending_cmds[mid];
-	smb$command = smb$current_cmd$command;
+	smb_state$current_cmd = smb_state$pending_cmds[mid];
 
-	if ( is_orig )
+	if ( !is_orig )
 		{
-		smb$ts = network_time();
-		}
-	else
-		{
-		smb$rtt = network_time() - smb$ts;
-		smb$status = SMB::statuses[hdr$status]$id;
+		smb_state$current_cmd$rtt = network_time() - smb_state$current_cmd$ts;
+		smb_state$current_cmd$status = SMB::statuses[hdr$status]$id;
 		}
 }
 
 event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=-5
 	{
+	# Is this a response?
 	if ( !is_orig )
-		# This is a response and the command is no longer pending
-		# so let's get rid of it.
-		delete c$smb$pending_cmds[hdr$mid];
+		{
+		if ( ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses ) &&
+		     ( c$smb_state$current_cmd$command !in SMB::deferred_logging_cmds ) )
+			{
+			Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+			}
+		delete c$smb_state$pending_cmds[hdr$mid];
+		}
+	}
 
-	if ( c?$smb )
-		Log::write(SMB::CMD_LOG, c$smb);
+
+event smb1_transaction2_request(c: connection, hdr: SMB1::Header, sub_cmd: count)
+	{
+	c$smb_state$current_cmd$sub_command = SMB1::trans2_sub_commands[sub_cmd];
 	}
 
 
 event smb1_negotiate_request(c: connection, hdr: SMB1::Header, dialects: string_vec) &priority=5
 	{
-	c$smb$smb1_offered_dialects = dialects;
+	c$smb_state$current_cmd$smb1_offered_dialects = dialects;
 	}
 
 event smb1_negotiate_response(c: connection, hdr: SMB1::Header, response: SMB1::NegotiateResponse) &priority=5
 	{
-	if ( c$smb?$smb1_offered_dialects )
+	if ( c$smb_state$current_cmd?$smb1_offered_dialects )
 		{
 		if ( response?$ntlm )
-			c$smb$dialect = c$smb$smb1_offered_dialects[response$ntlm$dialect_index];
-		delete c$smb$smb1_offered_dialects;
+			{
+			c$smb_state$current_cmd$argument = c$smb_state$current_cmd$smb1_offered_dialects[response$ntlm$dialect_index];
+			}
+
+		delete c$smb_state$current_cmd$smb1_offered_dialects;
 		}
 	}
-
+	
+event smb1_negotiate_response(c: connection, hdr: SMB1::Header, response: SMB1::NegotiateResponse) &priority=-5
+	{
+	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+		{
+		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+		}
+	}
+	
 event smb1_tree_connect_andx_request(c: connection, hdr: SMB1::Header, path: string, service: string) &priority=5
 	{
-	c$smb$current_cmd$referenced_tree$path = path;
-	c$smb$current_cmd$referenced_tree$service = service;
-	c$smb$current_tree$ts=network_time();
+	local tmp_tree: SMB::TreeInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $path=path, $service=service];
+
+	c$smb_state$current_cmd$referenced_tree = tmp_tree;
+	c$smb_state$current_cmd$argument = path;
 	}
 
 event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service: string, native_file_system: string) &priority=5
 	{
-	c$smb$current_cmd$referenced_tree$native_file_system = native_file_system;
-	c$smb$current_tree = c$smb$current_cmd$referenced_tree;
-	c$smb$tid_map[hdr$tid] = c$smb$current_tree;
+	c$smb_state$current_cmd$referenced_tree$native_file_system = native_file_system;
+	c$smb_state$current_tree = c$smb_state$current_cmd$referenced_tree;
+	c$smb_state$tid_map[hdr$tid] = c$smb_state$current_tree;
 	}
 
 event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service: string, native_file_system: string) &priority=-5
 	{
-	Log::write(SMB::MAPPING_LOG, c$smb$current_tree);
+	Log::write(SMB::MAPPING_LOG, c$smb_state$current_tree);
 	}
 
 event smb1_nt_create_andx_request(c: connection, hdr: SMB1::Header, name: string) &priority=5
 	{
-	c$smb$current_cmd$referenced_file$name = name;
-	c$smb$current_file = c$smb$current_cmd$referenced_file;
-	c$smb$current_file$action = SMB::FILE_OPEN;
+	local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
+	c$smb_state$current_cmd$referenced_file = tmp_file;
+	c$smb_state$current_cmd$referenced_file$name = name;
+	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
+	c$smb_state$current_file = c$smb_state$current_cmd$referenced_file;
 	}
 
 event smb1_nt_create_andx_response(c: connection, hdr: SMB1::Header, file_id: count, file_size: count, times: SMB::MACTimes) &priority=5
 	{
-	if ( ! c$smb?$current_file )
-		{
-		c$smb$current_file = c$smb$current_cmd$referenced_file;
-		c$smb$current_file$action = SMB::FILE_OPEN;
-		}
-	c$smb$current_file$fid = file_id;
-	c$smb$current_file$size = file_size;
+	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
+	c$smb_state$current_cmd$referenced_file$fid = file_id;
+	c$smb_state$current_cmd$referenced_file$size = file_size;
 
 	# I'm seeing negative data from IPC tree transfers
 	if ( time_to_double(times$modified) > 0.0 )
-		c$smb$current_file$times = times;
+		c$smb_state$current_cmd$referenced_file$times = times;
 	
 	# We can identify the file by its file id now so let's stick it 
 	# in the file map.
-	c$smb$fid_map[file_id] = c$smb$current_file;
-
-	SMB::write_file_log(c$smb$current_file);
+	c$smb_state$fid_map[file_id] = c$smb_state$current_cmd$referenced_file;
+	
+	c$smb_state$current_file = c$smb_state$fid_map[file_id];
+	
+	SMB::write_file_log(c$smb_state$current_file);
 	}
 	
 event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count) &priority=5
 	{
-	SMB::set_current_file(c$smb, file_id);
-	c$smb$current_file$action = SMB::FILE_READ;
-
-	if ( c$smb$current_tree?$path && !c$smb$current_file?$path )
-		c$smb$current_file$path = c$smb$current_tree$path;
-
-	#write_file_log(c$smb$current_file);
+	SMB::set_current_file(c$smb_state, file_id);
+	c$smb_state$current_file$action = SMB::FILE_READ;
 	}
 	
-event smb1_read_andx_response(c: connection, hdr: SMB1::Header, data_len: count) &priority=5
+event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count) &priority=-5
 	{
-	#print "read andx response!";
+	if ( c$smb_state$current_tree?$path && !c$smb_state$current_file?$path )
+		c$smb_state$current_file$path = c$smb_state$current_tree$path;
+	
+	# TODO - Why is this commented out?
+	#write_file_log(c$smb_state$current_file);
 	}
+	
+#event smb1_read_andx_response(c: connection, hdr: SMB1::Header, data_len: count) &priority=5
+#	{
+#	# TODO - determine what to do here
+#	}
 
 event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count) &priority=5
 	{
-	SMB::set_current_file(c$smb, file_id);
-	c$smb$current_file$action = SMB::FILE_WRITE;
+	SMB::set_current_file(c$smb_state, file_id);
+	c$smb_state$current_file$action = SMB::FILE_WRITE;
 	}
 	
 event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count) &priority=-5
 	{
-	if ( c$smb$current_tree?$path && !c$smb$current_file?$path )
-		c$smb$current_file$path = c$smb$current_tree$path;
+	if ( c$smb_state$current_tree?$path && !c$smb_state$current_file?$path )
+		c$smb_state$current_file$path = c$smb_state$current_tree$path;
 
-	#write_file_log(c$smb$current_file);
+	# TODO - Why is this commented out?
+	#write_file_log(c$smb_state$current_file);
 	}
 
 #event smb1_write_andx_response(c: connection, hdr: SMB1::Header, written_bytes: count) &priority=5
 #	{
-#	# Do i really need to do anything here?  Maybe do a weird if the number of bytes written is odd?
+#	# TODO - determine what to do here
 #	}
 
 event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &priority=5
 	{
-	SMB::set_current_file(c$smb, file_id);
-	c$smb$current_file$action = SMB::FILE_CLOSE;
+	SMB::set_current_file(c$smb_state, file_id);
+	c$smb_state$current_file$action = SMB::FILE_CLOSE;
 	}
 
 event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &priority=-5
 	{
-	if ( file_id in c$smb$fid_map )
+	if ( file_id in c$smb_state$fid_map )
 		{
-		local fl = c$smb$fid_map[file_id];
-		fl$uid = c$uid;
-		fl$id = c$id;
+		local fl = c$smb_state$fid_map[file_id];
 		# Need to check for existence of path in case tree connect message wasn't seen.
-		if ( c$smb$current_tree?$path )
-			fl$path = c$smb$current_tree$path;
-		delete c$smb$fid_map[file_id];
+		if ( c$smb_state$current_tree?$path )
+			fl$path = c$smb_state$current_tree$path;
+		delete c$smb_state$fid_map[file_id];
 
 		SMB::write_file_log(fl);
 		}
 	else
 		{
+		# TODO - Determine correct action
 		# A reporter message is not right...
 		#Reporter::warning("attempting to close an unknown file!");
 		}
 	}
+
+event smb1_trans2_get_dfs_referral_request(c: connection, hdr: SMB1::Header, file_name: string, max_referral_level: count)
+	{
+	c$smb_state$current_cmd$argument = file_name;
+	}
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index 7dc36c3717..295a8afe2d 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -1,182 +1,195 @@
 module SMB2;
 
-redef record SMB::Info += {
+redef record SMB::CmdInfo += {
+	## Dialects offered by the client	
 	smb2_offered_dialects: index_vec &optional;
 };
 
 event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=5
 	{
-	if ( ! c?$smb )
+	if ( ! c?$smb_state )
 		{
-		local info: SMB::Info = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2"];
-		info$fid_map = table();
-		info$tid_map = table();
-		info$pending_cmds = table();
-		c$smb = info;
+		local state: SMB::State;
+		state$fid_map = table();
+		state$tid_map = table();
+		state$pending_cmds = table();
+		c$smb_state = state;
 		}
 	
-	local smb = c$smb;
+	local smb_state = c$smb_state;
 	local tid = hdr$tree_id;
 	local pid = hdr$process_id;
 	local mid = hdr$message_id;
 	local sid = hdr$session_id;
 	
-	if ( tid !in smb$tid_map )
+	if ( tid !in smb_state$tid_map )
 		{
 		local tmp_tree: SMB::TreeInfo = [$uid=c$uid, $id=c$id];
-		smb$tid_map[tid] = tmp_tree;
+		smb_state$tid_map[tid] = tmp_tree;
 		}
-	smb$current_tree = smb$tid_map[tid];
+	smb_state$current_tree = smb_state$tid_map[tid];
 	
-	if ( mid !in smb$pending_cmds )
+	if ( mid !in smb_state$pending_cmds )
 		{
-		local tmp_cmd: SMB::CmdInfo;
-		tmp_cmd$command = SMB2::commands[hdr$command];
+		local tmp_cmd: SMB::CmdInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2", $command = SMB2::commands[hdr$command]];
 
-		local tmp_file: SMB::FileInfo;
-		tmp_file$ts = network_time();
-		tmp_file$id = c$id;
-		tmp_file$uid = c$uid;
+		local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
 		tmp_cmd$referenced_file = tmp_file;
-		tmp_cmd$referenced_tree = smb$current_tree;
+		tmp_cmd$referenced_tree = smb_state$current_tree;
 		
-		smb$pending_cmds[mid] = tmp_cmd;
+		smb_state$pending_cmds[mid] = tmp_cmd;
 		}
 	
-	smb$current_cmd = smb$pending_cmds[mid];
-	smb$command = smb$current_cmd$command;
+	smb_state$current_cmd = smb_state$pending_cmds[mid];
 
-	if ( is_orig )
+	if ( !is_orig )
 		{
-		smb$ts = network_time();
-		}
-	else
-		{
-		smb$rtt = network_time() - smb$ts;
-		smb$status = SMB::statuses[hdr$status]$id;
+		smb_state$current_cmd$rtt = network_time() - smb_state$current_cmd$ts;
+		smb_state$current_cmd$status = SMB::statuses[hdr$status]$id;
 		}
 	}
 
 event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=-5
 	{
+	# Is this a response?
 	if ( !is_orig )
-		# This is a response and the command is no longer pending
-		# so let's get rid of it.
-		delete c$smb$pending_cmds[hdr$message_id];
-
-	if ( c?$smb )
-		Log::write(SMB::CMD_LOG, c$smb);
+		{
+		if ( ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses ) &&
+		     ( c$smb_state$current_cmd$command !in SMB::deferred_logging_cmds ) )
+			{
+			Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+			}
+		delete c$smb_state$pending_cmds[hdr$message_id];
+		}
 	}
 
 event smb2_negotiate_request(c: connection, hdr: SMB2::Header, dialects: index_vec) &priority=5
 	{
-	c$smb$smb2_offered_dialects = dialects;
+	c$smb_state$current_cmd$smb2_offered_dialects = dialects;
 	}
 
-event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::NegotiateResponse)
+event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::NegotiateResponse) &priority=5
 	{
-	if ( c$smb?$smb2_offered_dialects )
+	if ( c$smb_state$current_cmd?$smb2_offered_dialects )
 		{
-		for ( i in c$smb$smb2_offered_dialects )
+		for ( i in c$smb_state$current_cmd$smb2_offered_dialects )
 			{
-			if ( response$dialect_revision == c$smb$smb2_offered_dialects[i] )
+			if ( response$dialect_revision == c$smb_state$current_cmd$smb2_offered_dialects[i] )
 				{
-				c$smb$dialect = SMB2::dialects[response$dialect_revision];
+				c$smb_state$current_cmd$argument = SMB2::dialects[response$dialect_revision];
 				break;
 				}
 			}
-		delete c$smb$smb2_offered_dialects;
+		delete c$smb_state$current_cmd$smb2_offered_dialects;
 		}
 	}
 
+event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::NegotiateResponse) &priority=5
+	{
+	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+		{
+		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+		}	
+	}
+	
 event smb2_tree_connect_request(c: connection, hdr: SMB2::Header, path: string) &priority=5
 	{
-	c$smb$current_cmd$referenced_tree$path = path;
-	c$smb$current_tree$ts=network_time();
+	local tmp_tree: SMB::TreeInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $path=path];
+
+	c$smb_state$current_cmd$referenced_tree = tmp_tree;
 	}
 
 event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse) &priority=5
 	{
-	c$smb$current_tree = c$smb$current_cmd$referenced_tree;
-	c$smb$current_tree$share_type = SMB2::share_types[response$share_type];
-	c$smb$tid_map[hdr$tree_id] = c$smb$current_tree;
+	c$smb_state$current_cmd$referenced_tree$share_type = SMB2::share_types[response$share_type];
+	c$smb_state$current_tree = c$smb_state$current_cmd$referenced_tree;
+	c$smb_state$tid_map[hdr$tree_id] = c$smb_state$current_tree;
 	}
 
 event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse) &priority=-5
 	{
-	Log::write(SMB::MAPPING_LOG, c$smb$current_tree);
+	Log::write(SMB::MAPPING_LOG, c$smb_state$current_tree);
 	}
 
 event smb2_create_request(c: connection, hdr: SMB2::Header, name: string) &priority=5
 	{
-	c$smb$current_cmd$referenced_file$name = name;
-	c$smb$current_file = c$smb$current_cmd$referenced_file;
-	c$smb$current_file$action = SMB::FILE_OPEN;
+	local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
+	c$smb_state$current_cmd$referenced_file = tmp_file;
+	c$smb_state$current_cmd$referenced_file$name = name;
+	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
+	c$smb_state$current_file = c$smb_state$current_cmd$referenced_file;
 	}
 
 event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, file_size: count, times: SMB::MACTimes, attrs: SMB2::FileAttrs) &priority=5
 	{
-	if ( ! c$smb?$current_file )
-		{
-		c$smb$current_file = c$smb$current_cmd$referenced_file;
-		c$smb$current_file$action = SMB::FILE_OPEN;
-		}
-	c$smb$current_file$fid = file_id$persistent+file_id$volatile;
-	c$smb$current_file$size = file_size;
+	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
+	c$smb_state$current_cmd$referenced_file$fid = file_id$persistent+file_id$volatile;
+	c$smb_state$current_cmd$referenced_file$size = file_size;
 
 	# I'm seeing negative data from IPC tree transfers
 	if ( time_to_double(times$modified) > 0.0 )
-		c$smb$current_file$times = times;
+		c$smb_state$current_cmd$referenced_file$times = times;
 	
 	# We can identify the file by its file id now so let's stick it 
 	# in the file map.
-	c$smb$fid_map[file_id$persistent+file_id$volatile] = c$smb$current_file;
-
-	SMB::write_file_log(c$smb$current_file);
+	c$smb_state$fid_map[file_id$persistent+file_id$volatile] = c$smb_state$current_cmd$referenced_file;
+	
+	c$smb_state$current_file = c$smb_state$fid_map[file_id$persistent+file_id$volatile];
+	
+	SMB::write_file_log(c$smb_state$current_file);
 	}
 
 event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
 	{
-	SMB::set_current_file(c$smb, file_id$persistent+file_id$volatile);
-	c$smb$current_file$action = SMB::FILE_READ;
+	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
+	c$smb_state$current_file$action = SMB::FILE_READ;
+	}
 
-	if ( c$smb$current_tree?$path && !c$smb$current_file?$path )
-		c$smb$current_file$path = c$smb$current_tree$path;
+event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=-5
+	{ 
+	if ( c$smb_state$current_tree?$path && !c$smb_state$current_file?$path )
+		c$smb_state$current_file$path = c$smb_state$current_tree$path;
 
-	#write_file_log(c$smb$current_file);
+	# TODO - Why is this commented out?
+	#write_file_log(c$smb_state$current_file);
 	}
 
 event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
 	{
-	SMB::set_current_file(c$smb, file_id$persistent+file_id$volatile);
-	c$smb$current_file$action = SMB::FILE_WRITE;
+	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
+	c$smb_state$current_file$action = SMB::FILE_WRITE;
+	}
 
-	if ( c$smb$current_tree?$path && ! c$smb$current_file?$path )
-		c$smb$current_file$path = c$smb$current_tree$path;
+event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=-5
+	{
+	if ( c$smb_state$current_tree?$path && ! c$smb_state$current_file?$path )
+		c$smb_state$current_file$path = c$smb_state$current_tree$path;
+
+	# TODO - Why is this commented out?
+	#write_file_log(c$smb_state$current_file);
 	}
 
 event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID) &priority=5
 	{
-	SMB::set_current_file(c$smb, file_id$persistent+file_id$volatile);
-	c$smb$current_file$action = SMB::FILE_CLOSE;
+	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
+	c$smb_state$current_file$action = SMB::FILE_CLOSE;
 	}
 
 event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID) &priority=-5
 	{
-	if ( file_id$persistent+file_id$volatile in c$smb$fid_map )
+	if ( file_id$persistent+file_id$volatile in c$smb_state$fid_map )
 		{
-		local fl = c$smb$fid_map[file_id$persistent+file_id$volatile];
-		fl$uid = c$uid;
-		fl$id = c$id;
+		local fl = c$smb_state$fid_map[file_id$persistent+file_id$volatile];
 		# Need to check for existence of path in case tree connect message wasn't seen.
-		if ( c$smb$current_tree?$path )
-			fl$path = c$smb$current_tree$path;
-		delete c$smb$fid_map[file_id$persistent+file_id$volatile];
+		if ( c$smb_state$current_tree?$path )
+			fl$path = c$smb_state$current_tree$path;
+		delete c$smb_state$fid_map[file_id$persistent+file_id$volatile];
 
 		SMB::write_file_log(fl);
 		}
 	else
 		{
+		# TODO - Determine correct action
 		# A reporter message is not right...
 		#Reporter::warning("attempting to close an unknown file!");
 		}
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index ef05ad353c..64cb6fe558 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -20,6 +20,7 @@ bro_plugin_bif(
 	smb1_com_query_information.bif
 	smb1_com_read_andx.bif
 	smb1_com_session_setup_andx.bif
+	smb1_com_transaction2.bif
 	smb1_com_tree_connect_andx.bif
 	smb1_com_tree_disconnect.bif
 	smb1_com_write_andx.bif
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index bbb70f4771..597e54a7c1 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -21,6 +21,7 @@
 #include "smb1_com_query_information.bif.h"
 #include "smb1_com_read_andx.bif.h"
 #include "smb1_com_session_setup_andx.bif.h"
+#include "smb1_com_transaction2.bif.h"
 #include "smb1_com_tree_connect_andx.bif.h"
 #include "smb1_com_tree_disconnect.bif.h"
 #include "smb1_com_write_andx.bif.h"
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction2.pac b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
index cff496c054..b8ea3f8975 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction2.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
@@ -22,13 +22,16 @@ refine connection SMB_Conn += {
 
 	function proc_smb1_transaction2_request(header: SMB_Header, val: SMB1_transaction2_request): bool
 		%{
-		//printf("transaction2_request  sub command: %d\n", ${val.sub_cmd});
+		if ( smb1_transaction2_request )
+			BifEvent::generate_smb1_transaction2_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), ${val.sub_cmd});
+		
 		return true;
 		%}
 
 	function proc_smb1_transaction2_response(header: SMB_Header, val: SMB1_transaction2_response): bool
 		%{
-		//printf("transaction2_response  sub command: %d\n", ${val.sub_cmd});
+//		if ( smb1_transaction2_response )
+//			BifEvent::generate_smb1_transaction2_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), new Val(${val.sub_cmd}, TYPE_COUNT));
 		return true;
 		%}
 
@@ -278,8 +281,13 @@ refine connection SMB_Conn += {
 
 	function proc_trans2_get_dfs_referral_request(header: SMB_Header, val: trans2_get_dfs_referral_request): bool
 		%{
-		// TODO: implement this.
-		//printf("trans2_get_dfs_referral request!\n");
+		if ( smb1_trans2_get_dfs_referral_request )
+			{
+			BifEvent::generate_smb1_trans2_get_dfs_referral_request(bro_analyzer(), bro_analyzer()->Conn(), \
+																	BuildHeaderVal(header), \
+																	smb_string2stringval(${val.file_name}),\
+																	${val.max_referral_level});
+			}
 		return true;
 		%}
 
diff --git a/src/analyzer/protocol/smb/smb1_com_transaction2.bif b/src/analyzer/protocol/smb/smb1_com_transaction2.bif
new file mode 100644
index 0000000000..1430098f00
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_transaction2.bif
@@ -0,0 +1,53 @@
+### Requests
+
+
+# TODO - Description
+event smb1_transaction2_request%(c: connection, hdr: SMB1::Header, sub_cmd: count%);
+
+# TODO - Description
+event smb1_trans2_find_first2_request%(c: connection, hdr: SMB1::Header, args: SMB1::Find_First2_Request_Args%);
+
+# TODO - Implementation
+# event smb1_trans2_fs_info_request%(c: connection, hdr: SMB1::Header, ??? %);
+
+# TODO - Description
+event smb1_trans2_query_path_info_request%(c: connection, hdr: SMB1::Header, file_name: string, level_of_interest: count%);
+
+# TODO - Description
+event smb1_trans2_query_file_info_request%(c: connection, hdr: SMB1::Header, file_id: count, level_of_interest: count%);
+
+# TODO - Implementation
+# event smb1_trans2_set_file_info_request(c: connection, hdr: SMB1::Header, ??? %);
+
+# TODO - Description
+event smb1_trans2_get_dfs_referral_request%(c: connection, hdr: SMB1::Header, file_name: string, max_referral_level: count%);
+
+### Responses
+
+
+# TODO - Description
+event smb1_transaction2_response%(c: connection, hdr: SMB1::Header, sub_cmd: count%);
+
+# TODO - Description
+event smb1_trans2_find_first2_response%(c: connection, hdr: SMB1::Header, args: SMB1::Find_First2_Response_Args%);
+
+# TODO - Implementation
+# event smb1_trans2_fs_info_response%(c: connection, hdr: SMB1::Header, ??? %);
+
+# TODO - Implementation
+# event smb1_trans2_query_path_info_response%(c: connection, hdr: SMB1::Header, ??? %);
+
+# TODO - Implementation
+# event smb1_trans2_query_file_info_response%(c: connection, hdr: SMB1::Header, ??? %);
+
+# TODO - Implementation
+# event smb1_trans2_set_file_info_response%(c: connection, hdr: SMB1::Header, ??? %);
+
+# TODO - Implementation
+# event smb1_trans2_get_dfs_referral_response%(c: connection, hdr: SMB1::Header, ??? %);
+
+
+### Types
+
+type SMB1::Find_First2_Request_Args: record;
+type SMB1::Find_First2_Response_Args: record;
\ No newline at end of file

From 0d615b0319abed6396b246073bef7e5a262820be Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Tue, 7 Oct 2014 17:32:01 -0400
Subject: [PATCH 09/84] Add more SMB subcommands and arguments. Log SMB1 error
 messages too.

---
 scripts/base/protocols/smb/main.bro           |  2 +
 scripts/base/protocols/smb/smb1-main.bro      | 49 +++++++++++++++++++
 src/analyzer/protocol/smb/smb-ntlmssp.pac     |  8 +--
 .../smb/smb1-com-session-setup-andx.pac       |  2 +-
 src/analyzer/protocol/smb/smb1-protocol.pac   |  2 +-
 src/analyzer/protocol/smb/smb1_events.bif     |  5 +-
 6 files changed, 61 insertions(+), 7 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 5204336eb9..e58fc4c1e3 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -126,11 +126,13 @@ export {
 	redef record connection += {
 		smb_state : State &optional;
 	};
+	
 
 	## Internal use only
 	## Some commands shouldn't be logged by the smb1_message event
 	const deferred_logging_cmds: set[string] = {
 		"NEGOTIATE",
+		"SESSION_SETUP_ANDX",
 	};
 	
 	## This is an internally used function.
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index ca25eabc2f..d740ef6313 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -213,4 +213,53 @@ event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &prio
 event smb1_trans2_get_dfs_referral_request(c: connection, hdr: SMB1::Header, file_name: string, max_referral_level: count)
 	{
 	c$smb_state$current_cmd$argument = file_name;
+	}
+
+event smb1_session_setup_andx_response(c: connection, hdr: SMB1::Header, response: SMB1::SessionSetupAndXResponse) &priority=-5
+	{
+	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+		{
+		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+		}
+	}
+	
+event smb_ntlm_negotiate(c: connection, hdr: SMB1::Header, request: SMB::NTLMNegotiate)
+	{
+	c$smb_state$current_cmd$sub_command = "NTLMSSP_NEGOTIATE";
+	}
+
+event smb1_error(c: connection, hdr: SMB1::Header, is_orig: bool)
+	{
+	if ( ! is_orig )
+		{
+		# This is for deferred commands only.
+		# The more specific messages won't fire for errors
+		if ( ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses ) &&
+		     ( c$smb_state$current_cmd$command in SMB::deferred_logging_cmds ) )
+			{
+			Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+			}
+		}
+	}
+	
+event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate)
+	{
+	c$smb_state$current_cmd$sub_command = "NTLMSSP_AUTHENTICATE";
+
+	local user: string = "";
+	if ( ( request?$domain_name && request$domain_name != "" ) && ( request?$user_name && request$user_name != "" ) )
+		user = fmt("%s\\%s", request$domain_name, request$user_name);	
+	else if ( ( request?$workstation && request$workstation != "" ) && ( request?$user_name && request$user_name != "" ) )
+		user = fmt("%s\\%s", request$workstation, request$user_name);
+	else if ( request?$user_name && request$user_name != "" )
+		user = request$user_name;
+	else if ( request?$domain_name && request$domain_name != "" )
+		user = fmt("%s\\", request$domain_name);
+	else if ( request?$workstation && request$workstation != "" )
+		user = fmt("%s\\", request$workstation);
+
+	if ( user != "" )
+		{
+		c$smb_state$current_cmd$argument = user;
+		}
 	}
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
index 054ff76d6f..bb1c353281 100644
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -156,13 +156,13 @@ refine connection SMB_Conn += {
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAuthenticate);
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
 
-		if ( ${val.flags.negotiate_oem_domain_supplied} )
+		if ( ${val.domain_name_fields.length} > 0 )
 			result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
 
 		if ( ${val.user_name_fields.length} > 0 )
 			result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
 
-		if ( ${val.flags.negotiate_oem_workstation_supplied} )
+		if ( ${val.workstation_fields.length} > 0 )
 			result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
 
 		if ( ${val.flags.negotiate_version} )
@@ -298,9 +298,9 @@ type SMB_NTLM_Authenticate(header: SMB_Header, offset: uint16) = record {
 	payload			     		: bytestring &restofdata;
 } &let {
 	absolute_offset			: uint16 = offsetof(payload) + offset;
-	domain_name				: SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
+	domain_name				: SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(domain_name_fields.length > 0);
 	user_name				: SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
-	workstation				: SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
+	workstation				: SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(workstation_fields.length > 0);
 	encrypted_session_key	: SMB_NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
 	proc					: bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
 };
diff --git a/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
index ec83465700..acf4bfc20a 100644
--- a/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
@@ -103,7 +103,7 @@ refine connection SMB_Conn += {
 					response->Assign(4, smb_string2stringval(${val.ntlm.primary_domain}));
 					//response->Assign(5, bytestring_to_val(${val.ntlm.security_blob}));
 					break;
-				case 0:		// Error!
+				default:		// Error!
 					break;
 				}
 			
diff --git a/src/analyzer/protocol/smb/smb1-protocol.pac b/src/analyzer/protocol/smb/smb1-protocol.pac
index 341c6abbf8..19afc626b6 100644
--- a/src/analyzer/protocol/smb/smb1-protocol.pac
+++ b/src/analyzer/protocol/smb/smb1-protocol.pac
@@ -68,7 +68,7 @@ refine connection SMB_Conn += {
 			{
 			BifEvent::generate_smb1_error(bro_analyzer(),
 			                              bro_analyzer()->Conn(),
-			                              BuildHeaderVal(h));
+			                              BuildHeaderVal(h), is_orig);
 			}
 		return true;
 		%}
diff --git a/src/analyzer/protocol/smb/smb1_events.bif b/src/analyzer/protocol/smb/smb1_events.bif
index e2e1c1572e..1de3e777f6 100644
--- a/src/analyzer/protocol/smb/smb1_events.bif
+++ b/src/analyzer/protocol/smb/smb1_events.bif
@@ -25,5 +25,8 @@ event smb1_empty_response%(c: connection, hdr: SMB1::Header%);
 ## c: The connection.
 ##
 ## hdr: The parsed header of the SMB message.
-event smb1_error%(c: connection, hdr: SMB1::Header%);
+##
+## is_orig: True if the message was sent by the originator of the underlying
+##       transport-level connection.
+event smb1_error%(c: connection, hdr: SMB1::Header, is_orig: bool%);
 

From 261f6e8c45b72644bc848f32eee675face3d80a3 Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Wed, 8 Oct 2014 12:06:33 -0400
Subject: [PATCH 10/84] Fix a segfault, and add script-level support for some
 more commands.

---
 scripts/base/protocols/smb/smb1-main.bro      |  8 ++
 .../protocol/smb/smb1-com-open-andx.pcap      | 79 +++++++++++++++++++
 .../protocol/smb/smb1-com-transaction.pac     |  4 +-
 .../protocol/smb/smb1-com-transaction2.pac    | 10 ++-
 4 files changed, 97 insertions(+), 4 deletions(-)
 create mode 100644 src/analyzer/protocol/smb/smb1-com-open-andx.pcap

diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index d740ef6313..996770819d 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -123,6 +123,7 @@ event smb1_nt_create_andx_request(c: connection, hdr: SMB1::Header, name: string
 	c$smb_state$current_cmd$referenced_file$name = name;
 	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
 	c$smb_state$current_file = c$smb_state$current_cmd$referenced_file;
+	c$smb_state$current_cmd$argument = name;
 	}
 
 event smb1_nt_create_andx_response(c: connection, hdr: SMB1::Header, file_id: count, file_size: count, times: SMB::MACTimes) &priority=5
@@ -148,6 +149,7 @@ event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, o
 	{
 	SMB::set_current_file(c$smb_state, file_id);
 	c$smb_state$current_file$action = SMB::FILE_READ;
+	c$smb_state$current_cmd$argument = c$smb_state$current_file$name;
 	}
 	
 event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count) &priority=-5
@@ -168,6 +170,7 @@ event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count,
 	{
 	SMB::set_current_file(c$smb_state, file_id);
 	c$smb_state$current_file$action = SMB::FILE_WRITE;
+	c$smb_state$current_cmd$argument = c$smb_state$current_file$name;
 	}
 	
 event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count) &priority=-5
@@ -215,6 +218,11 @@ event smb1_trans2_get_dfs_referral_request(c: connection, hdr: SMB1::Header, fil
 	c$smb_state$current_cmd$argument = file_name;
 	}
 
+event smb1_trans2_query_path_info_request(c: connection, hdr: SMB1::Header, file_name: string, level_of_interets: count)
+	{
+	c$smb_state$current_cmd$argument = file_name;
+	}
+	
 event smb1_session_setup_andx_response(c: connection, hdr: SMB1::Header, response: SMB1::SessionSetupAndXResponse) &priority=-5
 	{
 	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
diff --git a/src/analyzer/protocol/smb/smb1-com-open-andx.pcap b/src/analyzer/protocol/smb/smb1-com-open-andx.pcap
new file mode 100644
index 0000000000..5c8eaeb66a
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1-com-open-andx.pcap
@@ -0,0 +1,79 @@
+# Copyright (c) Broala LLC. All Rights Reserved. No use or distribution without permission.
+
+refine connection SMB_Conn += {
+
+	function proc_smb1_open_andx_request(h: SMB_Header, val: SMB1_open_andx_request): bool
+		%{
+		if ( smb1_open_andx_request )
+			BifEvent::generate_smb1_open_andx_request(bro_analyzer(),
+			                                          bro_analyzer()->Conn(),
+			                                          BuildHeaderVal(h),
+			                                          ${val.flags},
+			                                          ${val.access_mode},
+													  ${val.search_attrs},
+													  ${val.file_attrs},
+													  ${val.creation_time},
+													  ${val.open_mode},
+													  ${val.allocation_size},
+													  ${val.timeout},
+			                                          smb_string2stringval(${val.filename}));
+
+		return true;
+		%}
+
+	function proc_smb1_open_andx_response(h: SMB_Header, val: SMB1_open_andx_response): bool
+		%{
+		if ( smb1_open_andx_response )
+			BifEvent::generate_smb1_open_andx_response(bro_analyzer(),
+			                                           bro_analyzer()->Conn(),
+			                                           BuildHeaderVal(h),
+													   ${val.fid},
+													   ${val.file_attrs},
+													   ${val.last_write_time},
+													   ${val.file_data_size},
+													   ${val.access_rights},
+													   ${val.resource_type},
+													   ${val.nm_pipe_status},
+													   ${val.open_results});
+
+		return true;
+		%}
+
+};
+
+
+
+type SMB1_open_andx_request(header: SMB_Header) = record {
+	word_count        : uint8;
+	andx           	  : SMB_andx;
+	flags		   	  : uint16;
+	access_mode	   	  : uint16;
+	search_attrs   	  : uint16;
+	file_attrs	   	  : uint16;
+	creation_time  	  : uint32;
+	open_mode	   	  : uint16;
+	allocation_size   : uint32;
+	timeout		      : uint32;
+	reserved	   	  : padding[2];
+	byte_count	   	  : uint16;
+	filename	   	  : SMB_string(header.unicode, offsetof(filename);
+} &let {
+	proc        : bool   = $context.connection.proc_smb1_open_andx_request(header, this);
+} &byteorder=littleendian;
+
+type SMB1_open_andx_response(header: SMB_Header) = record {
+	word_count        : uint8;
+	andx              : SMB_andx;
+	fid				  : uint16;
+	file_attrs		  : uint16;
+	last_write_time	  : uint32;
+	file_data_size	  : uint32;
+	access_rights	  : uint16;
+	resource_type	  : uint16;
+	nm_pipe_status	  : uint16;
+	open_results	  : uint16;
+	reserved		  : padding[3];
+	byte_count		  : uint16;
+} &let {
+	proc        : bool   = $context.connection.proc_smb1_open_andx_response(header, this);
+} &byteorder=littleendian;
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index 822675be09..d0e2a0e352 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -27,7 +27,7 @@ type SMB1_transaction_data(header: SMB_Header, count: uint16, sub_cmd: uint16,
 #	SMB_MAILSLOT_LANMAN -> lanman   : SMB_MailSlot_message(header.unicode, count);
 #	SMB_RAP             -> rap      : SMB_Pipe_message(header.unicode, count, sub_cmd);
 	SMB_PIPE            -> pipe     : SMB_Pipe_message(header.unicode, count, sub_cmd);
-#	SMB_UNKNOWN         -> unknown  : bytestring &restofdata;
+	SMB_UNKNOWN         -> unknown  : bytestring &restofdata;
 #	default             -> data     : bytestring &restofdata;
 };
 
@@ -83,7 +83,7 @@ type SMB1_transaction_response(header: SMB_Header) = record {
 	pad1                : padding to data_offset - SMB_Header_length;
 	handle_response	    : case $context.connection.isATSVC() of {
 		true -> pipe_data : SMB1_transaction_data(header, data_count, 0, SMB_PIPE);
-#		false -> unk_data : SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
+		false -> unk_data : SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
 	};
 } &let {
 	proc : bool = $context.connection.proc_smb1_transaction_response(header, this);
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction2.pac b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
index b8ea3f8975..16cedef09f 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction2.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
@@ -182,8 +182,14 @@ refine connection SMB_Conn += {
 
 	function proc_trans2_query_path_info_request(header: SMB_Header, val: trans2_query_path_info_request): bool
 		%{
-		// TODO: implement this.
-		//printf("trans2_query_path_info request!\n");
+		if ( smb1_trans2_query_path_info_request )
+			{
+			BifEvent::generate_smb1_trans2_query_path_info_request(bro_analyzer(), bro_analyzer()->Conn(), \
+																   BuildHeaderVal(header), \
+																   smb_string2stringval(${val.file_name}),\
+																   ${val.level_of_interest});
+			
+			}
 		return true;
 		%}
 

From f38a580c8cb1767b952a0f3710f98048d779e52d Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Wed, 8 Oct 2014 16:29:51 -0400
Subject: [PATCH 11/84] Add support for transaction2 Find_First2.

---
 scripts/base/init-bare.bro                        |  2 +-
 scripts/base/protocols/smb/smb1-main.bro          |  5 +++++
 .../protocol/smb/smb1-com-transaction2.pac        | 15 +++++++++++++--
 3 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro
index 4643ff4ccd..f49249c29b 100644
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@@ -2628,7 +2628,7 @@ export {
 
 	type SMB1::Find_First2_Request_Args: record {
 		## File attributes to apply as a constraint to the search
-		search_attrs		: string;
+		search_attrs		: count;
 		## Max search results
 		search_count		: count;
 		## Misc. flags for how the server should manage the transaction
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 996770819d..82f8b156fe 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -222,6 +222,11 @@ event smb1_trans2_query_path_info_request(c: connection, hdr: SMB1::Header, file
 	{
 	c$smb_state$current_cmd$argument = file_name;
 	}
+
+event smb1_trans2_find_first2_request(c: connection, hdr: SMB1::Header, args: SMB1::Find_First2_Request_Args)
+	{
+	c$smb_state$current_cmd$argument = args$file_name;
+	}
 	
 event smb1_session_setup_andx_response(c: connection, hdr: SMB1::Header, response: SMB1::SessionSetupAndXResponse) &priority=-5
 	{
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction2.pac b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
index 16cedef09f..561f879cf9 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction2.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
@@ -109,8 +109,19 @@ refine connection SMB_Conn += {
 
 	function proc_trans2_find_first2_request(header: SMB_Header, val: trans2_find_first2_request): bool
 		%{
-		// TODO: implement this.
-		//printf("trans2_find_first2 request!\n");
+		if ( smb1_trans2_find_first2_request )
+			{
+			RecordVal* result = new RecordVal(BifType::Record::SMB1::Find_First2_Request_Args);
+			result->Assign(0, new Val(${val.search_attrs}, TYPE_COUNT));
+			result->Assign(1, new Val(${val.search_count}, TYPE_COUNT));
+			result->Assign(2, new Val(${val.flags}, TYPE_COUNT));
+			result->Assign(3, new Val(${val.info_level}, TYPE_COUNT));
+			result->Assign(4, new Val(${val.search_storage_type}, TYPE_COUNT));
+			result->Assign(5, smb_string2stringval(${val.file_name}));
+			BifEvent::generate_smb1_trans2_find_first2_request(bro_analyzer(), bro_analyzer()->Conn(), \
+															   BuildHeaderVal(header), result);
+			
+			}
 		return true;
 		%}
 

From 10db1b552d3c75d4b3336c026781fbe54e920ebc Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Wed, 8 Oct 2014 17:23:20 -0400
Subject: [PATCH 12/84] Add username tracking

---
 scripts/base/protocols/smb/main.bro      | 14 +++++++--
 scripts/base/protocols/smb/smb1-main.bro | 38 ++++++++++++++++++++++--
 2 files changed, 46 insertions(+), 6 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index e58fc4c1e3..5fee370366 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -95,9 +95,14 @@ export {
 		## Version of SMB for the command
 		version			: string &log;
 
+		## Authenticated username, if available
+		username		: string &log &optional;
+		
 		## If this is related to a tree, this is the tree
 		## that was used for the current command.
 		tree			: string &log &optional;
+		## The type of tree (disk share, printer share, named pipe, etc.)
+		tree_service	: string &log &optional;
 		
 		## If the command referenced a file, store it here.
 		referenced_file	: FileInfo &optional;
@@ -116,11 +121,13 @@ export {
 		current_tree   : TreeInfo    &optional;
 		
 		## Indexed on MID to map responses to requests.
-		pending_cmds   : table[count] of CmdInfo    &optional;
+		pending_cmds: table[count] of CmdInfo   &optional;
 		## File map to retrieve file information based on the file ID.
-		fid_map        : table[count] of FileInfo   &optional;
+		fid_map     : table[count] of FileInfo  &optional;
 		## Tree map to retrieve tree information based on the tree ID.
-		tid_map        : table[count] of TreeInfo   &optional;
+		tid_map     : table[count] of TreeInfo  &optional;
+		## User map to retrieve user name based on the user ID.
+		uid_map		: table[count] of string	&optional;
 	};
 	
 	redef record connection += {
@@ -133,6 +140,7 @@ export {
 	const deferred_logging_cmds: set[string] = {
 		"NEGOTIATE",
 		"SESSION_SETUP_ANDX",
+		"TREE_CONNECT_ANDX",
 	};
 	
 	## This is an internally used function.
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 82f8b156fe..dd887cd2ca 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -12,22 +12,37 @@ event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=5
 		local state: SMB::State;
 		state$fid_map = table();
 		state$tid_map = table();
+		state$uid_map = table();
 		state$pending_cmds = table();
 		c$smb_state = state;
 		}
 
 	local smb_state = c$smb_state;
 	local tid = hdr$tid;
-	local pid = hdr$pid;
 	local uid = hdr$uid;
+	local pid = hdr$pid;
 	local mid = hdr$mid;
-	
+
+	if ( uid in smb_state$uid_map )
+		{
+		smb_state$current_cmd$username = smb_state$uid_map[uid];
+		}
+
 	if ( tid !in smb_state$tid_map )
 		{
 		local tmp_tree: SMB::TreeInfo = [$uid=c$uid, $id=c$id];
 		smb_state$tid_map[tid] = tmp_tree;
 		}
 	smb_state$current_tree = smb_state$tid_map[tid];
+	if ( smb_state$current_tree?$path )
+		{
+		smb_state$current_cmd$tree = smb_state$current_tree$path;
+		}
+		
+	if ( smb_state$current_tree?$service )
+		{
+		smb_state$current_cmd$tree_service = smb_state$current_tree$service;
+		}
 	
 	if ( mid !in smb_state$pending_cmds )
 		{
@@ -106,7 +121,11 @@ event smb1_tree_connect_andx_request(c: connection, hdr: SMB1::Header, path: str
 
 event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service: string, native_file_system: string) &priority=5
 	{
+	c$smb_state$current_cmd$referenced_tree$service = service;
+	c$smb_state$current_cmd$tree_service = service;
+	
 	c$smb_state$current_cmd$referenced_tree$native_file_system = native_file_system;
+
 	c$smb_state$current_tree = c$smb_state$current_cmd$referenced_tree;
 	c$smb_state$tid_map[hdr$tid] = c$smb_state$current_tree;
 	}
@@ -114,6 +133,11 @@ event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service:
 event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service: string, native_file_system: string) &priority=-5
 	{
 	Log::write(SMB::MAPPING_LOG, c$smb_state$current_tree);
+
+	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+		{
+		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+		}
 	}
 
 event smb1_nt_create_andx_request(c: connection, hdr: SMB1::Header, name: string) &priority=5
@@ -201,6 +225,9 @@ event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &prio
 		# Need to check for existence of path in case tree connect message wasn't seen.
 		if ( c$smb_state$current_tree?$path )
 			fl$path = c$smb_state$current_tree$path;
+
+		c$smb_state$current_cmd$argument = fl$name;
+		
 		delete c$smb_state$fid_map[file_id];
 
 		SMB::write_file_log(fl);
@@ -269,10 +296,15 @@ event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLM
 	else if ( request?$domain_name && request$domain_name != "" )
 		user = fmt("%s\\", request$domain_name);
 	else if ( request?$workstation && request$workstation != "" )
-		user = fmt("%s\\", request$workstation);
+		user = fmt("%s", request$workstation);
 
 	if ( user != "" )
 		{
 		c$smb_state$current_cmd$argument = user;
 		}
+
+	if ( hdr$uid !in c$smb_state$uid_map )
+		{
+		c$smb_state$uid_map[hdr$uid] = user;
+		}
 	}
\ No newline at end of file

From 466a1e55e8635bba64c8c1fa06f09cf3151f5084 Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Wed, 8 Oct 2014 17:23:32 -0400
Subject: [PATCH 13/84] Fix SMB string handling.

---
 src/analyzer/protocol/smb/smb-strings.pac | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb-strings.pac b/src/analyzer/protocol/smb/smb-strings.pac
index 6496af51cb..f72225752b 100644
--- a/src/analyzer/protocol/smb/smb-strings.pac
+++ b/src/analyzer/protocol/smb/smb-strings.pac
@@ -47,7 +47,6 @@ function uint8s_to_stringval(s: uint8[]): StringVal
 		// If the last 2 bytes are nulls, cut them with the length.
 		length = length-2;
 		}
-
 	StringVal *output = new StringVal(length, buf);
 	delete [] buf;
 	return output;
@@ -71,7 +70,7 @@ function extract_string(s: SMB_string) : StringVal
 			buf[i] = t;
 			}
 
-		if ( length > 0 && buf[length] == 0x00 )
+		if ( length > 0 && buf[length-1] == 0x00 )
 			length--;
 
 		StringVal *ret = new StringVal(length, buf);

From c4eb7e23771e394482186d8d415821cf5b81bec5 Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Wed, 8 Oct 2014 18:01:55 -0400
Subject: [PATCH 14/84] Add support for TRANSACTION subcommands.

---
 scripts/base/protocols/smb/consts.bro              | 14 ++++++++++++++
 scripts/base/protocols/smb/smb1-main.bro           |  5 +++++
 src/analyzer/protocol/smb/CMakeLists.txt           |  1 +
 src/analyzer/protocol/smb/smb.pac                  |  1 +
 src/analyzer/protocol/smb/smb1-com-transaction.pac |  4 +++-
 src/analyzer/protocol/smb/smb1_com_transaction.bif |  1 +
 6 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 src/analyzer/protocol/smb/smb1_com_transaction.bif

diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.bro
index 965541c640..82d9087c08 100644
--- a/scripts/base/protocols/smb/consts.bro
+++ b/scripts/base/protocols/smb/consts.bro
@@ -125,6 +125,20 @@ export {
 		[0x10] = "GET_DFS_REFERRAL",	
 		[0x11] = "REPORT_DFS_INCONSISTENCY",	
 	} &default=function(i: count):string { return fmt("unknown-trans2-sub-cmd-%d", i); };
+
+	const trans_sub_commands: table[count] of string = {
+		[0x01] = "SET_NMPIPE_STATE",	
+		[0x11] = "RAW_READ_NMPIPE",	
+		[0x21] = "QUERY_NMPIPE_STATE",	
+		[0x22] = "QUERY_NMPIPE_INFO",	
+		[0x23] = "PEEK_NMPIPE",	
+		[0x26] = "TRANSACT_NMPIPE",	
+		[0x31] = "RAW_WRITE_NMPIPE",	
+		[0x36] = "READ_NMPIPE",	
+		[0x37] = "WRITE_NMPIPE",	
+		[0x53] = "WAIT_NMPIPE",	
+		[0x54] = "CALL_NMPIPE",	
+	} &default=function(i: count):string { return fmt("unknown-trans-sub-cmd-%d", i); };
 }
 
 module SMB2;
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index dd887cd2ca..af3aca97e4 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -307,4 +307,9 @@ event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLM
 		{
 		c$smb_state$uid_map[hdr$uid] = user;
 		}
+	}
+
+event smb1_transaction_request(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count)
+	{
+	c$smb_state$current_cmd$sub_command = SMB1::trans_sub_commands[sub_cmd];
 	}
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index 64cb6fe558..301ff1b17f 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -20,6 +20,7 @@ bro_plugin_bif(
 	smb1_com_query_information.bif
 	smb1_com_read_andx.bif
 	smb1_com_session_setup_andx.bif
+	smb1_com_transaction.bif
 	smb1_com_transaction2.bif
 	smb1_com_tree_connect_andx.bif
 	smb1_com_tree_disconnect.bif
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index 597e54a7c1..8249780e5a 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -21,6 +21,7 @@
 #include "smb1_com_query_information.bif.h"
 #include "smb1_com_read_andx.bif.h"
 #include "smb1_com_session_setup_andx.bif.h"
+#include "smb1_com_transaction.bif.h"
 #include "smb1_com_transaction2.bif.h"
 #include "smb1_com_tree_connect_andx.bif.h"
 #include "smb1_com_tree_disconnect.bif.h"
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index d0e2a0e352..915a2e3c81 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -9,7 +9,9 @@ refine connection SMB_Conn += {
 
 	function proc_smb1_transaction_request(header: SMB_Header, val: SMB1_transaction_request): bool
 		%{
-		//printf("transaction_request\n");
+		if ( smb1_transaction_request )
+			BifEvent::generate_smb1_transaction_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
+														 smb_string2stringval(${val.name}), ${val.sub_cmd});
 		return true;
 		%}
 	function proc_smb1_transaction_response(header: SMB_Header, val: SMB1_transaction_response): bool
diff --git a/src/analyzer/protocol/smb/smb1_com_transaction.bif b/src/analyzer/protocol/smb/smb1_com_transaction.bif
new file mode 100644
index 0000000000..05fe0fae67
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_transaction.bif
@@ -0,0 +1 @@
+event smb1_transaction_request%(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count%);
\ No newline at end of file

From 9a73033b191b8cc26c209fe8df1c88d294d5149b Mon Sep 17 00:00:00 2001
From: Vlad Grigorescu <grigorescu@gmail.com>
Date: Thu, 9 Oct 2014 21:06:38 -0400
Subject: [PATCH 15/84] Redo DCE/RPC code.

---
 scripts/base/protocols/smb/consts.bro         |  90 +++
 scripts/base/protocols/smb/main.bro           |  10 +-
 scripts/base/protocols/smb/smb1-main.bro      |  52 +-
 src/analyzer/protocol/smb/DCE_RPC.cc          | 588 ++++++++++++++++++
 src/analyzer/protocol/smb/DCE_RPC.h           | 191 ++++++
 .../protocol/smb/dce_rpc-protocol.pac         |  11 +
 src/analyzer/protocol/smb/smb-pipe.pac        |  89 +--
 src/analyzer/protocol/smb/smb-protocol.pac    |   6 +-
 src/analyzer/protocol/smb/smb1-com-close.pac  |   2 -
 .../protocol/smb/smb1-com-nt-create-andx.pac  |  17 -
 .../protocol/smb/smb1-com-read-andx.pac       |   7 +-
 .../protocol/smb/smb1-com-transaction.pac     |  26 +-
 .../smb/smb1-com-tree-connect-andx.pac        |   1 +
 .../protocol/smb/smb1-com-write-andx.pac      |   5 +-
 .../protocol/smb/smb1_com_transaction.bif     |   6 +-
 src/analyzer/protocol/smb/smb_pipe.bif        |  14 +-
 16 files changed, 1036 insertions(+), 79 deletions(-)
 create mode 100644 src/analyzer/protocol/smb/DCE_RPC.cc
 create mode 100644 src/analyzer/protocol/smb/DCE_RPC.h

diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.bro
index 82d9087c08..86c470024c 100644
--- a/scripts/base/protocols/smb/consts.bro
+++ b/scripts/base/protocols/smb/consts.bro
@@ -26,6 +26,96 @@ export {
 		"\\wkssvc",
 	};
 
+	## The UUIDs used by the various RPC endpoints
+	const rpc_uuids: table[string] of string = {
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188"] = "Server Service",
+		["6bffd098-a112-3610-9833-46c3f87e345a"] = "Workstation Service",
+	} &redef &default=function(i: string):string { return fmt("unknown-uuid-%s", i); };
+
+	## Server service sub commands
+	const srv_cmds: table[count] of string = {
+		[8]  = "NetrConnectionEnum",
+		[9]  = "NetrFileEnum",
+		[10] = "NetrFileGetInfo",
+		[11] = "NetrFileClose",
+		[12] = "NetrSessionEnum",
+		[13] = "NetrSessionDel",
+		[14] = "NetrShareAdd",
+		[15] = "NetrShareEnum",
+		[16] = "NetrShareGetInfo",
+		[17] = "NetrShareSetInfo",
+		[18] = "NetrShareDel",
+		[19] = "NetrShareDelSticky",
+		[20] = "NetrShareCheck",
+		[21] = "NetrServerGetInfo",
+		[22] = "NetrServerSetInfo",
+		[23] = "NetrServerDiskEnum",
+		[24] = "NetrServerStatisticsGet",
+		[25] = "NetrServerTransportAdd",
+		[26] = "NetrServerTransportEnum",
+		[27] = "NetrServerTransportDel",
+		[28] = "NetrRemoteTOD",
+		[30] = "NetprPathType",
+		[31] = "NetprPathCanonicalize",
+		[32] = "NetprPathCompare",
+		[33] = "NetprNameValidate",
+		[34] = "NetprNameCanonicalize",
+		[35] = "NetprNameCompare",
+		[36] = "NetrShareEnumSticky",
+		[37] = "NetrShareDelStart",
+		[38] = "NetrShareDelCommit",
+		[39] = "NetrGetFileSecurity",
+		[40] = "NetrSetFileSecurity",
+		[41] = "NetrServerTransportAddEx",
+		[43] = "NetrDfsGetVersion",
+		[44] = "NetrDfsCreateLocalPartition",
+		[45] = "NetrDfsDeleteLocalPartition",
+		[46] = "NetrDfsSetLocalVolumeState",
+		[48] = "NetrDfsCreateExitPoint",
+		[49] = "NetrDfsDeleteExitPoint",
+		[50] = "NetrDfsModifyPrefix",
+		[51] = "NetrDfsFixLocalVolume",
+		[52] = "NetrDfsManagerReportSiteInfo",
+		[53] = "NetrServerTransportDelEx",
+		[54] = "NetrServerAliasAdd",
+		[55] = "NetrServerAliasEnum",
+		[56] = "NetrServerAliasDel",
+		[57] = "NetrShareDelEx",
+	} &redef &default=function(i: count):string { return fmt("unknown-srv-command-%d", i); };
+
+	## Workstation service sub commands
+	const wksta_cmds: table[count] of string = {
+		[0]  = "NetrWkstaGetInfo",
+		[1]  = "NetrWkstaSetInfo",
+		[2]  = "NetrWkstaUserEnum",
+		[5]  = "NetrWkstaTransportEnum",
+		[6]  = "NetrWkstaTransportAdd",
+		[7]  = "NetrWkstaTransportDel",
+		[8]  = "NetrUseAdd",
+		[9]  = "NetrUseGetInfo",
+		[10] = "NetrUseDel",
+		[11] = "NetrUseEnum",
+		[13] = "NetrWorkstationStatisticsGet",
+		[20] = "NetrGetJoinInformation",
+		[22] = "NetrJoinDomain2",
+		[23] = "NetrUnjoinDomain2",
+		[24] = "NetrRenameMachineInDomain2",
+		[25] = "NetrValidateName2",
+		[26] = "NetrGetJoinableOUs2",
+		[27] = "NetrAddAlternateComputerName",
+		[28] = "NetrRemoveAlternateComputerName",
+		[29] = "NetrSetPrimaryComputerName",
+		[30] = "NetrEnumerateComputerNames",
+	} &redef &default=function(i: count):string { return fmt("unknown-wksta-command-%d", i); };
+
+	type rpc_cmd_table: table[count] of string;
+	
+	## The subcommands for RPC endpoints
+	const rpc_sub_cmds: table[string] of rpc_cmd_table = {
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188"] = srv_cmds,
+		["6bffd098-a112-3610-9833-46c3f87e345a"] = wksta_cmds,	
+	} &redef &default=function(i: string):rpc_cmd_table { return table() &default=function(j: string):string { return fmt("unknown-uuid-%s", j); }; };
+	
 }
 
 module SMB1;
diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 5fee370366..206fd344f2 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -128,6 +128,8 @@ export {
 		tid_map     : table[count] of TreeInfo  &optional;
 		## User map to retrieve user name based on the user ID.
 		uid_map		: table[count] of string	&optional;
+		## Pipe map to retrieve UUID based on the file ID of a pipe.
+		pipe_map	: table[count] of string	&optional;
 	};
 	
 	redef record connection += {
@@ -139,6 +141,7 @@ export {
 	## Some commands shouldn't be logged by the smb1_message event
 	const deferred_logging_cmds: set[string] = {
 		"NEGOTIATE",
+		"READ_ANDX",
 		"SESSION_SETUP_ANDX",
 		"TREE_CONNECT_ANDX",
 	};
@@ -152,10 +155,13 @@ export {
 
 redef record FileInfo += {
 	## ID referencing this file.
-	fid            : count   &optional;
+	fid	: count   &optional;
 
 	## Maintain a reference to the file record.
-	f              : fa_file &optional;
+	f	: fa_file &optional;
+
+	## UUID referencing this file if DCE/RPC
+	uuid: string &optional;
 };
 
 const ports = { 139/tcp, 445/tcp };
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index af3aca97e4..ae343d4de1 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -13,6 +13,7 @@ event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=5
 		state$fid_map = table();
 		state$tid_map = table();
 		state$uid_map = table();
+		state$pipe_map = table();
 		state$pending_cmds = table();
 		c$smb_state = state;
 		}
@@ -180,21 +181,25 @@ event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, o
 	{
 	if ( c$smb_state$current_tree?$path && !c$smb_state$current_file?$path )
 		c$smb_state$current_file$path = c$smb_state$current_tree$path;
-	
+
 	# TODO - Why is this commented out?
 	#write_file_log(c$smb_state$current_file);
 	}
 	
-#event smb1_read_andx_response(c: connection, hdr: SMB1::Header, data_len: count) &priority=5
-#	{
-#	# TODO - determine what to do here
-#	}
+event smb1_read_andx_response(c: connection, hdr: SMB1::Header, data_len: count) &priority=5
+	{
+	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+		{
+		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+		}
+	}
 
 event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count) &priority=5
 	{
 	SMB::set_current_file(c$smb_state, file_id);
 	c$smb_state$current_file$action = SMB::FILE_WRITE;
-	c$smb_state$current_cmd$argument = c$smb_state$current_file$name;
+	if ( !c$smb_state$current_cmd?$argument )
+		c$smb_state$current_cmd$argument = c$smb_state$current_file$name;
 	}
 	
 event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count) &priority=-5
@@ -312,4 +317,37 @@ event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLM
 event smb1_transaction_request(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count)
 	{
 	c$smb_state$current_cmd$sub_command = SMB1::trans_sub_commands[sub_cmd];
-	}
\ No newline at end of file
+	}
+
+event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count)
+	{
+	c$smb_state$pipe_map[file_id] = c$smb_state$current_file$uuid;
+	}
+
+event smb_pipe_bind_ack_response(c: connection, hdr: SMB1::Header)
+	{
+	c$smb_state$current_cmd$sub_command = "RPC_BIND_ACK";
+	c$smb_state$current_cmd$argument = SMB::rpc_uuids[c$smb_state$current_file$uuid];	
+	}
+	
+event smb_pipe_bind_request(c: connection, hdr: SMB1::Header, uuid: string, version: string)
+	{
+	c$smb_state$current_cmd$sub_command = "RPC_BIND";
+	c$smb_state$current_file$uuid = uuid;
+	c$smb_state$current_cmd$argument = fmt("%s v%s", SMB::rpc_uuids[uuid], version);
+	}
+
+event smb_pipe_request(c: connection, hdr: SMB1::Header, op_num: count)
+	{
+	c$smb_state$current_cmd$argument = fmt("%s: %s", SMB::rpc_uuids[c$smb_state$current_file$uuid],
+									   				 SMB::rpc_sub_cmds[c$smb_state$current_file$uuid][op_num]);
+	}
+	
+#event smb1_transaction_setup(c: connection, hdr: SMB1::Header, op_code: count, file_id: count)
+#	{
+#	local uuid = SMB::rpc_uuids[c$smb_state$pipe_map[file_id]];
+#	if ( uuid in SMB::rpc_uuids )
+#		{
+#		print fmt("smb1_transaction_setup %s", SMB::rap_cmds[op_code]);
+#		}
+#	}
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/DCE_RPC.cc b/src/analyzer/protocol/smb/DCE_RPC.cc
new file mode 100644
index 0000000000..dd31cfa8a7
--- /dev/null
+++ b/src/analyzer/protocol/smb/DCE_RPC.cc
@@ -0,0 +1,588 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#include "config.h"
+
+#include <stdlib.h>
+#include <string>
+#include <map>
+
+using namespace std;
+
+#include "DCE_RPC.h"
+#include "Sessions.h"
+
+#include "analyzer/Manager.h"
+
+#include "events.bif.h"
+
+using namespace analyzer::dce_rpc;
+
+#define xbyte(b, n) (((const u_char*) (b))[n])
+
+#define extract_uint16(little_endian, bytes) \
+	((little_endian) ? \
+	 uint16(xbyte(bytes, 0)) | ((uint16(xbyte(bytes, 1))) << 8) : \
+	 uint16(xbyte(bytes, 1)) | ((uint16(xbyte(bytes, 0))) << 8))
+
+static int uuid_index[] = {
+	3, 2, 1, 0,
+	5, 4, 7, 6,
+	8, 9, 10, 11,
+	12, 13, 14, 15
+};
+
+const char* analyzer::dce_rpc::uuid_to_string(const u_char* uuid_data)
+	{
+	static char s[1024];
+	char* sp = s;
+
+	for ( int i = 0; i < 16; ++i )
+		{
+		if ( i == 4 || i == 6 || i == 8 || i == 10 )
+			sp += snprintf(sp, s + sizeof(s) - sp, "-");
+
+		int j = uuid_index[i];
+		sp += snprintf(sp, s + sizeof(s) - sp, "%02x", uuid_data[j]);
+		}
+
+	return s;
+	}
+
+UUID::UUID()
+	{
+	memset(data, 0, 16);
+	s = uuid_to_string(data);
+	}
+
+UUID::UUID(const u_char d[16])
+	{
+	memcpy(data, d, 16);
+	s = uuid_to_string(data);
+	}
+
+UUID::UUID(const binpac::bytestring& uuid)
+	{
+	if ( uuid.length() != 16 )
+		reporter->InternalError("UUID length error");
+	memcpy(data, uuid.begin(), 16);
+	s = uuid_to_string(data);
+	}
+
+UUID::UUID(const char* str)
+	{
+	s = string(str);
+	const char* sp = str;
+	int i;
+	for ( i = 0; i < 16; ++i )
+		{
+		if ( *sp == '-' )
+			++sp;
+		if ( ! *sp || ! *(sp+1) )
+			break;
+
+		data[uuid_index[i]] =
+			(u_char) (decode_hex(*sp) * 16 + decode_hex(*(sp+1)));
+		}
+
+	if ( i != 16 )
+		reporter->InternalError("invalid UUID string: %s", str);
+	}
+
+typedef map<UUID, BifEnum::dce_rpc_if_id> uuid_map_t;
+
+static uuid_map_t& well_known_uuid_map()
+	{
+	static uuid_map_t the_map;
+	static bool initialized = false;
+
+	if ( initialized )
+		return the_map;
+
+	using namespace BifEnum;
+
+	the_map[UUID("e1af8308-5d1f-11c9-91a4-08002b14a0fa")] = DCE_RPC_epmapper;
+
+	the_map[UUID("afa8bd80-7d8a-11c9-bef4-08002b102989")] = DCE_RPC_mgmt;
+
+	// It's said that the following interfaces are merely aliases.
+	the_map[UUID("12345778-1234-abcd-ef00-0123456789ab")] = DCE_RPC_lsarpc;
+	the_map[UUID("12345678-1234-abcd-ef00-01234567cffb")] = DCE_RPC_netlogon;
+	the_map[UUID("12345778-1234-abcd-ef00-0123456789ac")] = DCE_RPC_samr;
+
+	// The next group of aliases.
+	the_map[UUID("4b324fc8-1670-01d3-1278-5a47bf6ee188")] = DCE_RPC_srvsvc;
+	the_map[UUID("12345678-1234-abcd-ef00-0123456789ab")] = DCE_RPC_spoolss;
+	the_map[UUID("45f52c28-7f9f-101a-b52b-08002b2efabe")] = DCE_RPC_winspipe;
+	the_map[UUID("6bffd098-a112-3610-9833-46c3f87e345a")] = DCE_RPC_wkssvc;
+
+	// DRS - NT directory replication service.
+	the_map[UUID("e3514235-4b06-11d1-ab04-00c04fc2dcd2")] = DCE_RPC_drs;
+
+	// "The IOXIDResolver RPC interface (formerly known as
+	// IObjectExporter) is remotely used to reach the local object
+	// resolver (OR)."
+	the_map[UUID("99fcfec4-5260-101b-bbcb-00aa0021347a")] = DCE_RPC_oxid;
+
+	the_map[UUID("3919286a-b10c-11d0-9ba8-00c04fd92ef5")] = DCE_RPC_lsa_ds;
+
+	the_map[UUID("000001a0-0000-0000-c000-000000000046")] = DCE_RPC_ISCMActivator;
+
+	initialized = true;
+	return the_map;
+	}
+
+// Used to remember mapped DCE/RPC endpoints and parse the follow-up
+// connections as DCE/RPC sessions.
+map<dce_rpc_endpoint_addr, UUID> dce_rpc_endpoints;
+
+static bool is_mapped_dce_rpc_endpoint(const dce_rpc_endpoint_addr& addr)
+	{
+	return dce_rpc_endpoints.find(addr) != dce_rpc_endpoints.end();
+	}
+
+bool is_mapped_dce_rpc_endpoint(const ConnID* id, TransportProto proto)
+	{
+	if ( id->dst_addr.GetFamily() == IPv6 )
+		// TODO: Does the protocol support v6 addresses? #773
+		return false;
+
+	dce_rpc_endpoint_addr addr;
+	addr.addr = id->dst_addr;
+	addr.port = ntohs(id->dst_port);
+	addr.proto = proto;
+
+	return is_mapped_dce_rpc_endpoint(addr);
+	}
+
+static void add_dce_rpc_endpoint(const dce_rpc_endpoint_addr& addr,
+					const UUID& uuid)
+	{
+	DEBUG_MSG("Adding endpoint %s @ %s\n",
+		uuid.to_string(), addr.to_string().c_str());
+	dce_rpc_endpoints[addr] = uuid;
+
+	// FIXME: Once we can pass the cookie to the analyzer, we can get rid
+	// of the dce_rpc_endpoints table.
+	// FIXME: Don't hard-code the timeout.
+
+	analyzer_mgr->ScheduleAnalyzer(IPAddr(), addr.addr, addr.port, addr.proto,
+				       "DCE_RPC", 5 * 60);
+	}
+
+DCE_RPC_Header::DCE_RPC_Header(analyzer::Analyzer* a, const u_char* b)
+	{
+	analyzer = a;
+	bytes = b;
+
+	// This checks whether it's both the first fragment *and*
+	// the last fragment.
+	if ( (bytes[3] & 0x3) != 0x3 )
+		{
+		fragmented = 1;
+		Weird("Fragmented DCE/RPC message");
+		}
+	else
+		fragmented = 0;
+
+	ptype = (BifEnum::dce_rpc_ptype) bytes[2];
+	frag_len = extract_uint16(LittleEndian(), bytes + 8);
+	}
+
+DCE_RPC_Session::DCE_RPC_Session(analyzer::Analyzer* a)
+: analyzer(a),
+  if_uuid("00000000-0000-0000-0000-000000000000"),
+  if_id(BifEnum::DCE_RPC_unknown_if)
+	{
+	opnum = -1;
+	}
+
+bool DCE_RPC_Session::LooksLikeRPC(int len, const u_char* msg)
+	{
+	// if ( ! is_IPC )
+	//	return false;
+
+	try
+		{
+		binpac::DCE_RPC_Simple::DCE_RPC_Header h;
+		h.Parse(msg, msg + len);
+		if ( h.rpc_vers() == 5 && h.rpc_vers_minor() == 0 )
+			{
+			if ( h.frag_length() == len )
+				return true;
+			else
+				{
+				DEBUG_MSG("length mismatch: %d != %d\n",
+					h.frag_length(), len);
+				return false;
+				}
+			}
+		}
+	catch ( const binpac::Exception& )
+		{
+		// do nothing
+		}
+
+	return false;
+	}
+
+void DCE_RPC_Session::DeliverPDU(int is_orig, int len, const u_char* data)
+	{
+	if ( dce_rpc_message )
+		{
+		val_list* vl = new val_list;
+		vl->append(analyzer->BuildConnVal());
+		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(new EnumVal(data[2], BifType::Enum::dce_rpc_ptype));
+		vl->append(new StringVal(len, (const char*) data));
+
+		analyzer->ConnectionEvent(dce_rpc_message, vl);
+		}
+
+	try
+		{
+		// TODO: handle incremental input
+		binpac::DCE_RPC_Simple::DCE_RPC_PDU pdu;
+		pdu.Parse(data, data + len);
+
+		switch ( pdu.header()->PTYPE() ) {
+		case binpac::DCE_RPC_Simple::DCE_RPC_BIND:
+		case binpac::DCE_RPC_Simple::DCE_RPC_ALTER_CONTEXT:
+			DeliverBind(&pdu);
+			break;
+
+		case binpac::DCE_RPC_Simple::DCE_RPC_REQUEST:
+			DeliverRequest(&pdu);
+			break;
+
+		case binpac::DCE_RPC_Simple::DCE_RPC_RESPONSE:
+			DeliverResponse(&pdu);
+			break;
+		}
+		}
+	catch ( const binpac::Exception& e )
+		{
+		analyzer->Weird(e.msg().c_str());
+		}
+	}
+
+void DCE_RPC_Session::DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
+	{
+	binpac::DCE_RPC_Simple::DCE_RPC_Bind* bind = pdu->body()->bind();
+
+	for ( int i = 0; i < bind->p_context_elem()->n_context_elem(); ++i )
+		{
+		binpac::DCE_RPC_Simple::p_cont_elem_t* elem =
+			(*bind->p_context_elem()->p_cont_elem())[i];
+
+		if_uuid = UUID(elem->abstract_syntax()->if_uuid().begin());
+		uuid_map_t::const_iterator uuid_it =
+			well_known_uuid_map().find(if_uuid);
+
+		if ( uuid_it == well_known_uuid_map().end() )
+			{
+#ifdef DEBUG
+			// conn->Weird(fmt("Unknown DCE_RPC interface %s",
+			// 		if_uuid.to_string()));
+#endif
+			if_id = BifEnum::DCE_RPC_unknown_if;
+			}
+		else
+			if_id = uuid_it->second;
+
+		if ( dce_rpc_bind )
+			{
+			val_list* vl = new val_list;
+			vl->append(analyzer->BuildConnVal());
+			vl->append(new StringVal(if_uuid.to_string()));
+			// vl->append(new EnumVal(if_id, BifType::Enum::dce_rpc_if_id));
+
+			analyzer->ConnectionEvent(dce_rpc_bind, vl);
+			}
+		}
+	}
+
+void DCE_RPC_Session::DeliverRequest(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
+	{
+	binpac::DCE_RPC_Simple::DCE_RPC_Request* req = pdu->body()->request();
+
+	opnum = req->opnum();
+
+	if ( dce_rpc_request )
+		{
+		val_list* vl = new val_list;
+		vl->append(analyzer->BuildConnVal());
+		vl->append(new Val(opnum, TYPE_COUNT));
+		vl->append(new StringVal(req->stub().length(),
+			(const char*) req->stub().begin()));
+
+		analyzer->ConnectionEvent(dce_rpc_request, vl);
+		}
+
+	switch ( if_id ) {
+	case BifEnum::DCE_RPC_epmapper:
+		DeliverEpmapperRequest(pdu, req);
+		break;
+
+	default:
+		break;
+	}
+	}
+
+void DCE_RPC_Session::DeliverResponse(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
+	{
+	binpac::DCE_RPC_Simple::DCE_RPC_Response* resp = pdu->body()->response();
+
+	if ( dce_rpc_response )
+		{
+		val_list* vl = new val_list;
+		vl->append(analyzer->BuildConnVal());
+		vl->append(new Val(opnum, TYPE_COUNT));
+		vl->append(new StringVal(resp->stub().length(),
+			(const char*) resp->stub().begin()));
+		analyzer->ConnectionEvent(dce_rpc_response, vl);
+		}
+
+	switch ( if_id ) {
+	case BifEnum::DCE_RPC_epmapper:
+		DeliverEpmapperResponse(pdu, resp);
+		break;
+
+	default:
+		break;
+	}
+	}
+
+void DCE_RPC_Session::DeliverEpmapperRequest(
+	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* /* pdu */,
+	const binpac::DCE_RPC_Simple::DCE_RPC_Request* /* req */)
+	{
+	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
+	// ### TODO(rpang): generate an event on epmapper request
+	}
+
+void DCE_RPC_Session::DeliverEpmapperResponse(
+	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
+	const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp)
+	{
+	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
+	switch ( opnum ) {
+	case 3:	// Map
+		DeliverEpmapperMapResponse(pdu, resp);
+		break;
+	}
+	}
+
+
+void DCE_RPC_Session::DeliverEpmapperMapResponse(
+	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
+	const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp)
+	{
+	try
+		{
+		binpac::DCE_RPC_Simple::epmapper_map_resp epm_resp;
+
+		epm_resp.Parse(resp->stub().begin(), resp->stub().end(),
+				pdu->byteorder());
+
+		for ( unsigned int twr_i = 0;
+		      twr_i < epm_resp.towers()->actual_count(); ++twr_i )
+			{
+			binpac::DCE_RPC_Simple::epm_tower* twr =
+				(*epm_resp.towers()->towers())[twr_i]->tower();
+
+			mapped.addr = dce_rpc_endpoint_addr();
+			mapped.uuid = UUID();
+
+			for ( int floor_i = 0; floor_i < twr->num_floors();
+			      ++floor_i )
+				{
+				binpac::DCE_RPC_Simple::epm_floor* floor =
+						(*twr->floors())[floor_i];
+
+				switch ( floor->protocol() ) {
+				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_UUID:
+					if ( floor_i == 0 )
+						mapped.uuid = UUID(floor->lhs()->data()->uuid()->if_uuid());
+					break;
+
+				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_TCP:
+					mapped.addr.port =
+						floor->rhs()->data()->tcp();
+					mapped.addr.proto = TRANSPORT_TCP;
+					break;
+
+				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_UDP:
+					mapped.addr.port =
+						floor->rhs()->data()->udp();
+					mapped.addr.proto = TRANSPORT_UDP;
+					break;
+
+				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_IP:
+					uint32 hostip = floor->rhs()->data()->ip();
+					mapped.addr.addr = IPAddr(IPv4, &hostip, IPAddr::Host);
+					break;
+				}
+				}
+
+			if ( mapped.addr.is_valid_addr() )
+				add_dce_rpc_endpoint(mapped.addr, mapped.uuid);
+
+			if ( epm_map_response )
+				{
+				val_list* vl = new val_list;
+				vl->append(analyzer->BuildConnVal());
+				vl->append(new StringVal(mapped.uuid.to_string()));
+				vl->append(new PortVal(mapped.addr.port, mapped.addr.proto));
+				vl->append(new AddrVal(mapped.addr.addr));
+
+				analyzer->ConnectionEvent(epm_map_response, vl);
+				}
+			}
+		}
+	catch ( const binpac::Exception& e )
+		{
+		analyzer->Weird(e.msg().c_str());
+		}
+	}
+
+Contents_DCE_RPC_Analyzer::Contents_DCE_RPC_Analyzer(Connection* conn,
+		bool orig, DCE_RPC_Session* arg_session, bool speculative)
+: tcp::TCP_SupportAnalyzer("CONTENTS_DCE_RPC", conn, orig)
+	{
+	session = arg_session;
+	msg_buf = 0;
+	buf_len = 0;
+	speculation = speculative ? 0 : 1;
+
+	InitState();
+	}
+
+void Contents_DCE_RPC_Analyzer::InitState()
+	{
+	// Allocate space for header.
+	if ( ! msg_buf )
+		{
+		buf_len = DCE_RPC_HEADER_LENGTH;
+		msg_buf = new u_char[buf_len];
+		}
+
+	buf_n = 0;
+	msg_len = 0;
+	hdr = 0;
+	}
+
+Contents_DCE_RPC_Analyzer::~Contents_DCE_RPC_Analyzer()
+	{
+	delete [] msg_buf;
+	delete hdr;
+	}
+
+void Contents_DCE_RPC_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
+	{
+	tcp::TCP_SupportAnalyzer::DeliverStream(len, data, orig);
+
+	tcp::TCP_Analyzer* tcp =
+		static_cast<tcp::TCP_ApplicationAnalyzer*>(Parent())->TCP();
+
+	if ( tcp->HadGap(orig) || tcp->IsPartial() )
+		return;
+
+	if ( speculation == 0 ) // undecided
+		{
+		if ( ! DCE_RPC_Session::LooksLikeRPC(len, data) )
+			speculation = -1;
+		else
+			speculation = 1;
+		}
+
+	if ( speculation < 0 )
+		return;
+
+	ASSERT(buf_len >= DCE_RPC_HEADER_LENGTH);
+	while ( len > 0 )
+		{
+		if ( buf_n < DCE_RPC_HEADER_LENGTH )
+			{
+			while ( buf_n < DCE_RPC_HEADER_LENGTH && len > 0 )
+				{
+				msg_buf[buf_n] = *data;
+				++buf_n; ++data; --len;
+				}
+
+			if ( buf_n < DCE_RPC_HEADER_LENGTH )
+				break;
+			else
+				{
+				if ( ! ParseHeader() )
+					return;
+				}
+			}
+
+		while ( buf_n < msg_len && len > 0 )
+			{
+			msg_buf[buf_n] = *data;
+			++buf_n; ++data; --len;
+			}
+
+		if ( buf_n < msg_len )
+			break;
+		else
+			{
+			if ( msg_len > 0 )
+				DeliverPDU(msg_len, msg_buf);
+			// Reset for next message
+			InitState();
+			}
+		}
+	}
+
+void Contents_DCE_RPC_Analyzer::DeliverPDU(int len, const u_char* data)
+	{
+	session->DeliverPDU(IsOrig(), len, data);
+	}
+
+bool Contents_DCE_RPC_Analyzer::ParseHeader()
+	{
+	delete hdr;
+	hdr = 0;
+
+	if ( msg_buf[0] != 5 )	// DCE/RPC version
+		{
+		Conn()->Weird("DCE/RPC_version_error (non-DCE/RPC?)");
+		Conn()->SetSkip(1);
+		msg_len = 0;
+		return false;
+		}
+
+	hdr = new DCE_RPC_Header(this, msg_buf);
+
+	msg_len = hdr->FragLen();
+	if ( msg_len > buf_len )
+		{
+		u_char* new_msg_buf = new u_char[msg_len];
+		memcpy(new_msg_buf, msg_buf, buf_n);
+		delete [] msg_buf;
+		buf_len = msg_len;
+		msg_buf = new_msg_buf;
+		hdr->SetBytes(new_msg_buf);
+		}
+
+	return true;
+	}
+
+DCE_RPC_Analyzer::DCE_RPC_Analyzer(Connection* conn, bool arg_speculative)
+: tcp::TCP_ApplicationAnalyzer("DCE_RPC", conn)
+	{
+	session = new DCE_RPC_Session(this);
+	speculative = arg_speculative;
+
+	AddSupportAnalyzer(new Contents_DCE_RPC_Analyzer(conn, true, session,
+								speculative));
+	AddSupportAnalyzer(new Contents_DCE_RPC_Analyzer(conn, false, session,
+								speculative));
+	}
+
+DCE_RPC_Analyzer::~DCE_RPC_Analyzer()
+	{
+	delete session;
+	}
diff --git a/src/analyzer/protocol/smb/DCE_RPC.h b/src/analyzer/protocol/smb/DCE_RPC.h
new file mode 100644
index 0000000000..cd3910bf42
--- /dev/null
+++ b/src/analyzer/protocol/smb/DCE_RPC.h
@@ -0,0 +1,191 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#ifndef ANALYZER_PROTOCOL_DCE_RPC_DCE_RPC_H
+#define ANALYZER_PROTOCOL_DCE_RPC_DCE_RPC_H
+
+// NOTE: This is a somewhat crude analyzer for DCE/RPC (used on Microsoft
+// Windows systems) and shouldn't be considered as stable.
+
+#include "NetVar.h"
+#include "analyzer/protocol/tcp/TCP.h"
+#include "analyzer/protocol/dce-rpc/events.bif.h"
+#include "IPAddr.h"
+
+#include "dce_rpc_simple_pac.h"
+
+
+namespace analyzer { namespace dce_rpc {
+
+class UUID {
+public:
+	UUID();
+	UUID(const u_char data[16]);
+	UUID(const binpac::bytestring &uuid);
+	UUID(const char* s);
+
+	const char* to_string() const	{ return s.c_str(); }
+	const string& str() const	{ return s; }
+	bool operator==(const UUID& u) const
+		{ return s == u.str(); }
+	bool operator<(const UUID& u) const
+		{ return s < u.str(); }
+
+protected:
+	u_char data[16];
+	string s;
+};
+
+const char* uuid_to_string(const u_char* uuid_data);
+
+struct dce_rpc_endpoint_addr {
+	// All fields are in host byteorder.
+	IPAddr addr;
+	u_short port;
+	TransportProto proto;
+
+	dce_rpc_endpoint_addr()
+		{
+		addr = IPAddr();
+		port = 0;
+		proto = TRANSPORT_UNKNOWN;
+		}
+
+	bool is_valid_addr() const
+		{ return addr != IPAddr() && port != 0 && proto != TRANSPORT_UNKNOWN; }
+
+	bool operator<(dce_rpc_endpoint_addr const &e) const
+		{
+		if ( addr != e.addr )
+			return addr < e.addr;
+		if ( proto != e.proto )
+			return proto < e.proto;
+		if ( port != e.port )
+			return port < e.port;
+
+		return false;
+		}
+
+	string to_string() const
+		{
+		static char buf[128];
+		snprintf(buf, sizeof(buf), "%s/%d/%s",
+			addr.AsString().c_str(), port,
+			proto == TRANSPORT_TCP ? "tcp" :
+			(proto == TRANSPORT_UDP ? "udp" : "?"));
+
+		return string(buf);
+		}
+};
+
+/*
+enum DCE_RPC_PTYPE {
+	DCE_RPC_REQUEST, DCE_RPC_PING, DCE_RPC_RESPONSE, DCE_RPC_FAULT,
+	DCE_RPC_WORKING, DCE_RPC_NOCALL, DCE_RPC_REJECT, DCE_RPC_ACK,
+	DCE_RPC_CL_CANCEL, DCE_RPC_FACK, DCE_RPC_CANCEL_ACK, DCE_RPC_BIND,
+	DCE_RPC_BIND_ACK, DCE_RPC_BIND_NAK, DCE_RPC_ALTER_CONTEXT,
+	DCE_RPC_ALTER_CONTEXT_RESP, DCE_RPC_SHUTDOWN, DCE_RPC_CO_CANCEL,
+	DCE_RPC_ORPHANED,
+};
+*/
+
+#define DCE_RPC_HEADER_LENGTH 16
+
+class DCE_RPC_Header {
+public:
+	DCE_RPC_Header(analyzer::Analyzer* a, const u_char* bytes);
+
+	BifEnum::dce_rpc_ptype PTYPE() const	{ return ptype; }
+	int FragLen() const		{ return frag_len; }
+	int LittleEndian() const	{ return bytes[4] >> 4; }
+	bool Fragmented() const		{ return fragmented; }
+
+	void Weird(const char* msg)	{ analyzer->Weird(msg); }
+	void SetBytes(const u_char* b)	{ bytes = b; }
+
+protected:
+	analyzer::Analyzer* analyzer;
+	const u_char* bytes;
+	BifEnum::dce_rpc_ptype ptype;
+	int frag_len;
+	bool fragmented;
+};
+
+// Create a general DCE_RPC_Session class so that it can be used in
+// case the RPC conversation is tunneled through other connections,
+// e.g. through an SMB session.
+
+class DCE_RPC_Session {
+public:
+	DCE_RPC_Session(analyzer::Analyzer* a);
+	virtual ~DCE_RPC_Session() {}
+	virtual void DeliverPDU(int is_orig, int len, const u_char* data);
+
+	static bool LooksLikeRPC(int len, const u_char* msg);
+	static bool any_dce_rpc_event()
+		{ return dce_rpc_message || dce_rpc_bind || dce_rpc_request; }
+
+protected:
+	void DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
+	void DeliverRequest(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
+	void DeliverResponse(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
+
+	void DeliverEpmapperRequest(
+			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
+			const binpac::DCE_RPC_Simple::DCE_RPC_Request* req);
+	void DeliverEpmapperResponse(
+			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
+			const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp);
+	void DeliverEpmapperMapResponse(
+			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
+			const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp);
+
+	analyzer::Analyzer* analyzer;
+	UUID if_uuid;
+	BifEnum::dce_rpc_if_id if_id;
+	int opnum;
+	struct {
+		dce_rpc_endpoint_addr addr;
+		UUID uuid;
+	} mapped;
+};
+
+class Contents_DCE_RPC_Analyzer : public tcp::TCP_SupportAnalyzer {
+public:
+	Contents_DCE_RPC_Analyzer(Connection* conn, bool orig, DCE_RPC_Session* session,
+		bool speculative);
+	~Contents_DCE_RPC_Analyzer();
+
+protected:
+	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	virtual void DeliverPDU(int len, const u_char* data);
+
+	void InitState();
+
+	int speculation;
+	u_char* msg_buf;
+	int msg_len;
+	int buf_n;	// number of bytes in msg_buf
+	int buf_len;	// size off msg_buf
+	DCE_RPC_Header* hdr;
+
+	bool ParseHeader();
+
+	DCE_RPC_Session* session;
+};
+
+class DCE_RPC_Analyzer : public tcp::TCP_ApplicationAnalyzer {
+public:
+	DCE_RPC_Analyzer(Connection* conn, bool speculative = false);
+	~DCE_RPC_Analyzer();
+
+	static analyzer::Analyzer* Instantiate(Connection* conn)
+		{ return new DCE_RPC_Analyzer(conn); }
+
+protected:
+	DCE_RPC_Session* session;
+	bool speculative;
+};
+
+} } // namespace analyzer::* 
+
+#endif /* dce_rpc_h */
diff --git a/src/analyzer/protocol/smb/dce_rpc-protocol.pac b/src/analyzer/protocol/smb/dce_rpc-protocol.pac
index 5e0ccc8cab..20b7edc1ef 100644
--- a/src/analyzer/protocol/smb/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/smb/dce_rpc-protocol.pac
@@ -88,6 +88,16 @@ type DCE_RPC_Bind = record {
 	p_context_elem	: p_cont_list_t;
 };
 
+type DCE_RPC_Bind_Ack = record {
+	max_xmit_frag	: uint16;
+	max_recv_frag	: uint16;
+	assoc_group_id	: uint32;
+	sec_addr_length : uint16;
+	sec_addr		: bytestring &length=sec_addr_length;
+	pad				: padding align 4;
+	p_context_elem	: p_cont_list_t;
+};
+
 type DCE_RPC_AlterContext = record {
 	max_xmit_frag	: uint16;
 	max_recv_frag	: uint16;
@@ -115,6 +125,7 @@ type DCE_RPC_Response = record {
 
 type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
 	DCE_RPC_BIND	 -> bind	: DCE_RPC_Bind;
+	DCE_RPC_BIND_ACK -> bind_ack: DCE_RPC_Bind_Ack;
 	DCE_RPC_REQUEST	 -> request	: DCE_RPC_Request;
 	DCE_RPC_RESPONSE -> response	: DCE_RPC_Response;
 	default		 -> other	: bytestring &restofdata;
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index e2e957be06..46d589a140 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -3,44 +3,67 @@
 
 %include dce_rpc-protocol.pac
 
+%extern{
+	#include "DCE_RPC.h"
+%}
+
 refine connection SMB_Conn += {
-       function proc_smb_atsvc_job_add(val: AT_SVC_NetrJobAdd): bool
-       		%{
-		if ( smb_atsvc_job_add )
-			{
-			BifEvent::generate_smb_atsvc_job_add(bro_analyzer(), bro_analyzer()->Conn(), smb_string2stringval(${val.server.string}), smb_string2stringval(${val.command.string}));
-			}
-		return true;
-		%}
 
-       function proc_smb_atsvc_job_id(val: AT_SVC_JobID): bool
-       		%{
-		if ( smb_atsvc_job_id )
-			{
-			BifEvent::generate_smb_atsvc_job_id(bro_analyzer(), bro_analyzer()->Conn(), ${val.id}, ${val.status});
-			}
-		return true;
-		%}
-
-	function determine_pipe_msg_type(hdr: DCE_RPC_Header, opnum: uint8): uint8
+	function get_tree_is_pipe(tree_id: uint16): bool
 		%{
-		if ( !is_atsvc ) return 0;
-		if ( ${hdr.PTYPE} == 0 && ${opnum} == 0 ) return 1;
-		if ( ${hdr.PTYPE} == 2 && ${opnum} == 0 ) return 2;
-		return 0;
+		if ( tree_is_pipe_map.count(tree_id) == 0 )
+			return false;
+		return tree_is_pipe_map[tree_id];
 		%}
 
+	function set_tree_is_pipe(tree_id: uint16, is_pipe: bool): bool
+		%{
+		tree_is_pipe_map[tree_id] = is_pipe;
+		return true;		
+		%}
+
+	%member{
+		map<uint16,bool> tree_is_pipe_map;
+	%}
+
+	function proc_smb_pipe_message(val: SMB_Pipe_message, header: SMB_Header): bool
+		%{
+		switch ( ${val.rpc_header.PTYPE} ) {
+		case DCE_RPC_REQUEST:
+			if ( smb_pipe_request )
+				BifEvent::generate_smb_pipe_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
+													${val.rpc_body.request.opnum});
+			break;
+		case DCE_RPC_RESPONSE:
+			if ( smb_pipe_response )
+				BifEvent::generate_smb_pipe_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+			break;
+		case DCE_RPC_BIND_ACK:
+			if ( smb_pipe_bind_ack_response )
+				BifEvent::generate_smb_pipe_bind_ack_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+			break;
+		case DCE_RPC_BIND:
+			if ( smb_pipe_bind_request )
+			   // TODO - the version number needs to be calculated properly
+				BifEvent::generate_smb_pipe_bind_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
+												    new StringVal(analyzer::dce_rpc::uuid_to_string(bytestring_to_val(${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid})->Bytes())), new StringVal(fmt("%d.0", ${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_version})));
+			break;			
+		}
+		
+		return true;
+		%}
 };
 
-type SMB_Pipe_message( unicode: bool, byte_count: uint16, sub_cmd: uint16 ) = record { 
-	rpc      : DCE_RPC_Header;
-	todo     : padding[6]; # These fields are currently missing from DCE/RPC for some reason.
-	opnum    : uint8;
-	pipe_type: case $context.connection.determine_pipe_msg_type(rpc, opnum) of {
-		1       -> atsvc_request : AT_SVC_Request(unicode, opnum);
-		2       -> atsvc_reply   : AT_SVC_Reply(unicode, opnum);
-		default -> unknown       : bytestring &restofdata; 
-	};
+type SMB_Pipe_message(header: SMB_Header, byte_count: uint16) = record { 
+	rpc_header : DCE_RPC_Header;
+	rpc_body   : DCE_RPC_Body(rpc_header);
+#	pipe_type: case $context.connection.determine_pipe_msg_type(rpc, opnum) of {
+#		1       -> atsvc_request : AT_SVC_Request(unicode, opnum);
+#		2       -> atsvc_reply   : AT_SVC_Reply(unicode, opnum);
+#		default -> unknown       : bytestring &restofdata; 
+#	};
+} &let {
+	proc: bool = $context.connection.proc_smb_pipe_message(this, header);
 } &byteorder = littleendian;
 
 type SMB_RAP_message( unicode: bool, byte_count: uint16 ) = record { 
@@ -77,8 +100,6 @@ type AT_SVC_NetrJobAdd(unicode: bool) = record {
 	flags        : uint8;
 	unknown2     : padding[2];
 	command      : AT_SVC_String_Pointer(unicode);
-} &let {
-	proc: bool = $context.connection.proc_smb_atsvc_job_add(this);
 };
 
 type AT_SVC_Reply(unicode: bool, opnum: uint16) = record {
@@ -91,6 +112,4 @@ type AT_SVC_Reply(unicode: bool, opnum: uint16) = record {
 type AT_SVC_JobID(unicode: bool) = record {
 	id: uint32;
 	status: uint32;
-} &let {
-	proc: bool = $context.connection.proc_smb_atsvc_job_id(this);
 };
diff --git a/src/analyzer/protocol/smb/smb-protocol.pac b/src/analyzer/protocol/smb/smb-protocol.pac
index 2a53ca9d7f..5ee96bf31f 100644
--- a/src/analyzer/protocol/smb/smb-protocol.pac
+++ b/src/analyzer/protocol/smb/smb-protocol.pac
@@ -379,8 +379,8 @@ type SMB_transaction_data(unicode: bool, count: uint16, sub_cmd: uint16,
 
 	SMB_MAILSLOT_BROWSE -> mailslot : SMB_MailSlot_message(unicode, count);
 	SMB_MAILSLOT_LANMAN -> lanman : SMB_MailSlot_message(unicode, count);
-	SMB_RAP -> rap	: SMB_Pipe_message(unicode, count, sub_cmd);
-	SMB_PIPE -> pipe : SMB_Pipe_message(unicode, count, sub_cmd);
+	SMB_RAP -> rap	: SMB_Pipe_message(unicode, count);
+	SMB_PIPE -> pipe : SMB_Pipe_message(unicode, count);
 	SMB_UNKNOWN -> unknown : bytestring &restofdata;
 	default -> data : bytestring &restofdata;
 
@@ -416,7 +416,7 @@ type SMB_transaction(trans_type: int, unicode: bool) = record {
 						determine_transaction_type( setup_count, name_string( this )));
 } &let {
 	# does this work?
-	sub_cmd : uint16 = setup_count ? setup[0] : 0;
+	sub_cmd : uint16 = setup_count ? setup.op_code : 0;
 
 } &byteorder = littleendian;
 
diff --git a/src/analyzer/protocol/smb/smb1-com-close.pac b/src/analyzer/protocol/smb/smb1-com-close.pac
index d609c48849..aafc31addc 100644
--- a/src/analyzer/protocol/smb/smb1-com-close.pac
+++ b/src/analyzer/protocol/smb/smb1-com-close.pac
@@ -2,8 +2,6 @@ refine connection SMB_Conn += {
 
 	function proc_smb1_close_request(h: SMB_Header, val: SMB1_close_request): bool
 		%{
-		is_atsvc = false;
-		
 		if ( smb1_close_request )
 			BifEvent::generate_smb1_close_request(bro_analyzer(),
 			                                     bro_analyzer()->Conn(),
diff --git a/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac b/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
index 8d3bbea892..337a7763ba 100644
--- a/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-nt-create-andx.pac
@@ -1,23 +1,6 @@
 refine connection SMB_Conn += {
-
-	%member{
-       		bool is_atsvc;
-	%}
-
-	%init{
-		is_atsvc = false;
-	%}
-
-	function isATSVC(): bool
-		%{
-		return is_atsvc;
-		%}
-
 	function proc_smb1_nt_create_andx_request(header: SMB_Header, val: SMB1_nt_create_andx_request): bool
 		%{
-		if ( ${val.filename.u.s}->size() == 14 && ${val.filename.u.s[0]} == '\\' && ${val.filename.u.s[2]} == 'a' && ${val.filename.u.s[4]} == 't' && ${val.filename.u.s[6]} == 's' && ${val.filename.u.s[8]} == 'v' && ${val.filename.u.s[10]} == 'c' )
-			is_atsvc = true;
-			
 		if ( smb1_nt_create_andx_request )
 			{
 			// name_length         : uint16;
diff --git a/src/analyzer/protocol/smb/smb1-com-read-andx.pac b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
index cbd9881feb..5f9e564ee0 100644
--- a/src/analyzer/protocol/smb/smb1-com-read-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
@@ -28,7 +28,7 @@ refine connection SMB_Conn += {
 			                                          BuildHeaderVal(h),
 			                                          ${val.data_len});
 
-		if ( ${val.data_len} > 0 )
+		if ( !get_tree_is_pipe(${h.tid}) && ( ${val.data_len} > 0 ) )
 			{
 			uint64 offset = read_offsets[${h.mid}];
 			read_offsets.erase(${h.mid});
@@ -80,7 +80,10 @@ type SMB1_read_andx_response(header: SMB_Header) = record {
 	
 	byte_count        : uint16;
 	pad               : padding to data_offset - SMB_Header_length;
-	data              : bytestring &length=data_len;
+	is_pipe		  : case $context.connection.get_tree_is_pipe(header.tid) of {
+		true  -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
+		default -> data : bytestring &length=data_len;
+	} &requires(data_len);
 } &let {
 	padding_len : uint8  = (header.unicode == 1) ? 1 : 0;
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index 915a2e3c81..b5c19a332a 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -14,12 +14,21 @@ refine connection SMB_Conn += {
 														 smb_string2stringval(${val.name}), ${val.sub_cmd});
 		return true;
 		%}
+
 	function proc_smb1_transaction_response(header: SMB_Header, val: SMB1_transaction_response): bool
 		%{
 		//printf("transaction_response\n");
 		return true;
 		%}
 
+	function proc_smb1_transaction_setup(header: SMB_Header, val: SMB1_transaction_setup): bool
+		%{
+		if ( smb1_transaction_setup )
+			BifEvent::generate_smb1_transaction_setup(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
+													  ${val.op_code}, ${val.file_id});
+		return true;
+		%}
+
 };
 
 
@@ -27,12 +36,19 @@ type SMB1_transaction_data(header: SMB_Header, count: uint16, sub_cmd: uint16,
                           trans_type: TransactionType ) = case trans_type of {
 #	SMB_MAILSLOT_BROWSE -> mailslot : SMB_MailSlot_message(header.unicode, count);
 #	SMB_MAILSLOT_LANMAN -> lanman   : SMB_MailSlot_message(header.unicode, count);
-#	SMB_RAP             -> rap      : SMB_Pipe_message(header.unicode, count, sub_cmd);
-	SMB_PIPE            -> pipe     : SMB_Pipe_message(header.unicode, count, sub_cmd);
+#	SMB_RAP             -> rap      : SMB_Pipe_message(header.unicode, count);
+	SMB_PIPE            -> pipe     : SMB_Pipe_message(header, count);
 	SMB_UNKNOWN         -> unknown  : bytestring &restofdata;
 #	default             -> data     : bytestring &restofdata;
 };
 
+type SMB1_transaction_setup(header: SMB_Header) = record {
+	op_code	: uint16;
+	file_id : uint16;
+} &let {
+	proc: bool = $context.connection.proc_smb1_transaction_setup(header, this);
+}
+
 type SMB1_transaction_request(header: SMB_Header) = record {
 	word_count          : uint8;
 	total_param_count   : uint16;
@@ -50,7 +66,7 @@ type SMB1_transaction_request(header: SMB_Header) = record {
 	data_offset         : uint16;
 	setup_count         : uint8;
 	reserved3           : uint8;
-	setup               : uint16[setup_count];
+	setup               : SMB1_transaction_setup(header);
 	
 	byte_count          : uint16;
 	name                : SMB_string(header.unicode, offsetof(name));
@@ -59,7 +75,7 @@ type SMB1_transaction_request(header: SMB_Header) = record {
 	pad2                : padding to data_offset - SMB_Header_length;
 	data                : SMB1_transaction_data(header, data_count, sub_cmd, determine_transaction_type(setup_count, name));
 } &let {
-	sub_cmd : uint16 = setup_count ? setup[0] : 0;
+	sub_cmd : uint16 = setup_count ? setup.op_code : 0;
 	proc : bool = $context.connection.proc_smb1_transaction_request(header, this);
 };
 
@@ -83,7 +99,7 @@ type SMB1_transaction_response(header: SMB_Header) = record {
 	pad0                : padding to param_offset - SMB_Header_length;
 	parameters          : bytestring &length = param_count;
 	pad1                : padding to data_offset - SMB_Header_length;
-	handle_response	    : case $context.connection.isATSVC() of {
+	handle_response	    : case $context.connection.get_tree_is_pipe(header.tid) of {
 		true -> pipe_data : SMB1_transaction_data(header, data_count, 0, SMB_PIPE);
 		false -> unk_data : SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
 	};
diff --git a/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
index 25ddfc59f5..cb7f63d548 100644
--- a/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
@@ -13,6 +13,7 @@ refine connection SMB_Conn += {
 
 	function proc_smb1_tree_connect_andx_response(header: SMB_Header, val: SMB1_tree_connect_andx_response): bool
 		%{
+		set_tree_is_pipe(${header.tid}, strcmp((const char*) smb_string2stringval(${val.service})->Bytes(), "IPC") == 0);
 		if ( smb1_tree_connect_andx_response )
 			BifEvent::generate_smb1_tree_connect_andx_response(bro_analyzer(),
 			                                                   bro_analyzer()->Conn(),
diff --git a/src/analyzer/protocol/smb/smb1-com-write-andx.pac b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
index bf3063c2ef..f508a62e68 100644
--- a/src/analyzer/protocol/smb/smb1-com-write-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
@@ -52,7 +52,10 @@ type SMB1_write_andx_request(header: SMB_Header) = record {
 	
 	byte_count    : uint16;
 	pad           : padding to data_offset - SMB_Header_length;
-	data          : bytestring &length=data_len;
+	is_pipe		  : case $context.connection.get_tree_is_pipe(header.tid) of {
+		true  -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
+		default -> data : bytestring &length=data_len;
+	} &requires(data_len);
 } &let {
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
 	offset_high : uint32 = (word_count == 0x0E) ? offset_high_tmp : 0;
diff --git a/src/analyzer/protocol/smb/smb1_com_transaction.bif b/src/analyzer/protocol/smb/smb1_com_transaction.bif
index 05fe0fae67..3ab02a51e6 100644
--- a/src/analyzer/protocol/smb/smb1_com_transaction.bif
+++ b/src/analyzer/protocol/smb/smb1_com_transaction.bif
@@ -1 +1,5 @@
-event smb1_transaction_request%(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count%);
\ No newline at end of file
+# TODO - Description
+event smb1_transaction_request%(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count%);
+
+# TODO - Description
+event smb1_transaction_setup%(c: connection, hdr: SMB1::Header, op_code: count, file_id: count%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb_pipe.bif b/src/analyzer/protocol/smb/smb_pipe.bif
index b4116781b8..9bc65166f7 100644
--- a/src/analyzer/protocol/smb/smb_pipe.bif
+++ b/src/analyzer/protocol/smb/smb_pipe.bif
@@ -1,6 +1,12 @@
-## TODO
-event smb_atsvc_job_add%(c: connection, server: string, job: string%);
+## TODO - Description
+event smb_pipe_bind_request%(c: connection, hdr: SMB1::Header, uuid: string, version: string%);
 
-## TODO
-event smb_atsvc_job_id%(c: connection, id: count, status: count%);
+## TODO - Description
+event smb_pipe_bind_ack_response%(c: connection, hdr: SMB1::Header%);
+
+## TODO - Description
+event smb_pipe_request%(c: connection, hdr: SMB1::Header, op_num: count%);
+
+## TODO - Description
+event smb_pipe_response%(c: connection, hdr: SMB1::Header%);
 

From af8c1d229bb87c2e996a40fe10041e576c743289 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 18 Feb 2016 22:57:10 -0500
Subject: [PATCH 16/84] Fix some small SMB issues

 - Remove some fields from set_info that were causing trouble.
 - Improve some SMB2 error handling.
---
 src/analyzer/protocol/smb/smb2-com-set-info.pac |  9 ++++++---
 src/analyzer/protocol/smb/smb2-protocol.pac     | 11 ++++++-----
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb2-com-set-info.pac b/src/analyzer/protocol/smb/smb2-com-set-info.pac
index e12333f47f..95d5adcbbf 100644
--- a/src/analyzer/protocol/smb/smb2-com-set-info.pac
+++ b/src/analyzer/protocol/smb/smb2-com-set-info.pac
@@ -14,7 +14,8 @@ refine connection SMB_Conn += {
 		     ${val.file_info_class} == 0x14 )
 			{
 			RecordVal* req = new RecordVal(BifType::Record::SMB2::SetInfoRequest);
-			req->Assign(0, new Val(${val.eof}, TYPE_COUNT));
+			//req->Assign(0, new Val(${val.eof}, TYPE_COUNT));
+			req->Assign(0, new Val(0, TYPE_COUNT));
 
 			BifEvent::generate_smb2_set_info_request(bro_analyzer(),
 			                                         bro_analyzer()->Conn(),
@@ -35,10 +36,12 @@ type SMB2_set_info_request(header: SMB2_Header) = record {
 	reserved            : uint16;
 	additional_info     : uint32;
 	file_id             : SMB2_guid;
-	pad                 : padding to buffer_offset - header.head_length;
+
+	# These are difficult to deal with.
+	#pad                 : padding to (buffer_offset - header.head_length);
 
 	# TODO: a new structure needs to be created for this.
-	eof                 : uint64;
+	#eof                 : uint64;
 } &let {
 	proc: bool = $context.connection.proc_smb2_set_info_request(header, this);
 };
diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac
index 8d8be281a3..7831a5ba0e 100644
--- a/src/analyzer/protocol/smb/smb2-protocol.pac
+++ b/src/analyzer/protocol/smb/smb2-protocol.pac
@@ -30,7 +30,8 @@ type SMB2_PDU(is_orig: bool) = record {
 		# request this should just happen to work out due to
 		# how the fields are set.
 		0          -> msg                      : SMB2_Message(header, is_orig);
-		0xC0000016 -> more_processing_required : SMB2_Message(header, is_orig);
+		STATUS_BUFFER_OVERFLOW          -> buffer_overflow : SMB2_Message(header, is_orig);
+		STATUS_MORE_PROCESSING_REQUIRED -> more_processing_required : SMB2_Message(header, is_orig);
 		default    -> err                      : SMB2_error_response(header);
 	};
 };
@@ -239,16 +240,16 @@ type SMB2_symlink_error(byte_count: uint32) = record {
 	symlink_flag_relative = (flags == 0x00000001);
 } &byteorder = littleendian;
 
-type SMB2_error_data(byte_count: uint32) = case byte_count of {
-	0       -> empty: empty;
-	default -> error: SMB2_symlink_error(byte_count);
+type SMB2_error_data(header: SMB2_Header, byte_count: uint32) = case byte_count of {
+	0                      -> empty:        empty;
+	default                -> error:        SMB2_symlink_error(byte_count);
 } &byteorder = littleendian;
 
 type SMB2_error_response(header: SMB2_Header) = record {
 	structure_size    : uint16;
 	reserved          : padding[2];
 	byte_count        : uint32;
-	error_data        : SMB2_error_data(byte_count);
+	error_data        : SMB2_error_data(header, byte_count);
 } &byteorder = littleendian;
 
 type SMB2_logoff_request(header: SMB2_Header) = record {

From dbb5992f432aafa89c7bef8567277d4e32b13a5e Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 19 Feb 2016 00:23:05 -0500
Subject: [PATCH 17/84] Disable the smb_cmd.log by default.

---
 scripts/base/protocols/smb/main.bro      | 4 ++++
 scripts/base/protocols/smb/smb1-main.bro | 2 +-
 scripts/base/protocols/smb/smb2-main.bro | 2 +-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 945a0ee01d..d13f9f9f64 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -130,6 +130,10 @@ export {
 		smb : Info &optional;
 	};
 
+	## Optionally write out the SMB commands log.  This is 
+	## primarily useful for debugging so is disabled by default.
+	const write_cmd_log = F &redef;
+
 	## This is an internally used function.
 	const set_current_file: function(smb: Info, file_id: count) &redef;
 
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 8dc38806ed..78a203b0c3 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -64,7 +64,7 @@ event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=-5
 		# so let's get rid of it.
 		delete c$smb$pending_cmds[hdr$mid];
 
-	if ( c?$smb )
+	if ( SMB::write_cmd_log && c?$smb )
 		Log::write(SMB::CMD_LOG, c$smb);
 	}
 
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index a5bff4a3dc..7380784192 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -64,7 +64,7 @@ event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=-5
 		# so let's get rid of it.
 		delete c$smb$pending_cmds[hdr$message_id];
 
-	if ( c?$smb )
+	if ( SMB::write_cmd_log && c?$smb )
 		Log::write(SMB::CMD_LOG, c$smb);
 	}
 

From 41e2eaa02d0d815c551ed17acab937b441608964 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 1 Mar 2016 14:16:45 -0500
Subject: [PATCH 18/84] Source clean up and some fixes for SMB.

 - Remove the separate string handling for NTLM.
 - Fixed a crash in RPC Bind handling when no context
   elements are included.
---
 scripts/base/protocols/smb/smb1-main.bro  |  7 ++--
 scripts/base/protocols/smb/smb2-main.bro  |  2 +-
 src/analyzer/protocol/smb/smb-ntlmssp.pac | 44 ++++++++---------------
 src/analyzer/protocol/smb/smb-pipe.pac    | 33 ++++++++++++-----
 4 files changed, 44 insertions(+), 42 deletions(-)

diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 6c8694e04c..4756554ce0 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -168,7 +168,6 @@ event smb1_nt_create_andx_response(c: connection, hdr: SMB1::Header, file_id: co
 	
 	c$smb_state$current_file = c$smb_state$fid_map[file_id];
 	
-
 	SMB::write_file_log(c$smb_state$current_file);
 	}
 
@@ -176,7 +175,8 @@ event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, o
 	{
 	SMB::set_current_file(c$smb_state, file_id);
 	c$smb_state$current_file$action = SMB::FILE_READ;
-	c$smb_state$current_cmd$argument = c$smb_state$current_file$name;
+	if ( c$smb_state$current_file?$name )
+		c$smb_state$current_cmd$argument = c$smb_state$current_file$name;
 	}
 	
 event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count) &priority=-5
@@ -323,7 +323,8 @@ event smb1_transaction_request(c: connection, hdr: SMB1::Header, name: string, s
 
 event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count)
 	{
-	c$smb_state$pipe_map[file_id] = c$smb_state$current_file$uuid;
+	if ( c$smb_state$current_file?$uuid )
+		c$smb_state$pipe_map[file_id] = c$smb_state$current_file$uuid;
 	}
 
 event smb_pipe_bind_ack_response(c: connection, hdr: SMB1::Header)
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index a27d6a87d0..e668d9b2fd 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -142,7 +142,7 @@ event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID
 
 event smb2_set_info_request(c: connection, hdr: SMB2::Header, request: SMB2::SetInfoRequest) &priority=5
 	{
-	c$smb$current_file$size = request$eof;
+	c$smb_state$current_file$size = request$eof;
 	}
 
 event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
index bb1c353281..bcb27b9b9b 100644
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -1,18 +1,4 @@
 refine connection SMB_Conn += {
-	function unicode_to_ascii(s: bytestring, length: uint16, is_unicode: bool): bytestring
-		%{
-		if ( !is_unicode ) return s;
-
-		char* buf;
-
-		buf = new char[(length/2) + 1];
-		
-		for ( int i = 0; i < length; i += 2 )
-			buf[i/2] = s[i];
-		buf[length/2] = 0;
-		return bytestring((uint8*) buf, (length/2));
-		%}
-
 	function build_negotiate_flag_record(val: SMB_NTLM_Negotiate_Flags): BroVal
 		%{
 		RecordVal* flags = new RecordVal(BifType::Record::SMB::NTLMNegotiateFlags);
@@ -63,19 +49,19 @@ refine connection SMB_Conn += {
 		for ( uint i = 0; ${val.pairs[i].id} != 0; i++ ) {
 			switch ( ${val.pairs[i].id} ) {
 				case 1:
-					result->Assign(0, bytestring_to_val(${val.pairs[i].nb_computer_name.data}));
+					result->Assign(0, uint8s_to_stringval(${val.pairs[i].nb_computer_name.data}));
 					break;
 				case 2:
-					result->Assign(1, bytestring_to_val(${val.pairs[i].nb_domain_name.data}));
+					result->Assign(1, uint8s_to_stringval(${val.pairs[i].nb_domain_name.data}));
 					break;
 				case 3:
-					result->Assign(2, bytestring_to_val(${val.pairs[i].dns_computer_name.data}));
+					result->Assign(2, uint8s_to_stringval(${val.pairs[i].dns_computer_name.data}));
 					break;
 				case 4:
-					result->Assign(3, bytestring_to_val(${val.pairs[i].dns_domain_name.data}));
+					result->Assign(3, uint8s_to_stringval(${val.pairs[i].dns_domain_name.data}));
 					break;
 				case 5:
-					result->Assign(4, bytestring_to_val(${val.pairs[i].dns_tree_name.data}));
+					result->Assign(4, uint8s_to_stringval(${val.pairs[i].dns_tree_name.data}));
 					break;
 				case 6:
 					result->Assign(5, new Val(${val.pairs[i].constrained_auth}, TYPE_BOOL));
@@ -87,7 +73,7 @@ refine connection SMB_Conn += {
 					result->Assign(7, new Val(${val.pairs[i].single_host.machine_id}, TYPE_COUNT));
 					break;
 				case 9:
-					result->Assign(8, bytestring_to_val(${val.pairs[i].target_name.data}));
+					result->Assign(8, uint8s_to_stringval(${val.pairs[i].target_name.data}));
 					break;
 			}
 		}
@@ -119,10 +105,10 @@ refine connection SMB_Conn += {
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
 
 		if ( ${val.flags.negotiate_oem_domain_supplied} )
-			result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+			result->Assign(1, uint8s_to_stringval(${val.domain_name.string.data}));
 
 		if ( ${val.flags.negotiate_oem_workstation_supplied} )
-			result->Assign(2, bytestring_to_val(${val.workstation.string.data}));
+			result->Assign(2, uint8s_to_stringval(${val.workstation.string.data}));
 
 		if ( ${val.flags.negotiate_version} )
 			result->Assign(3, build_version_record(${val.version}));
@@ -138,7 +124,7 @@ refine connection SMB_Conn += {
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
 
 		if ( ${val.flags.request_target} )
-			result->Assign(1, bytestring_to_val(${val.target_name.string.data}));
+			result->Assign(1, uint8s_to_stringval(${val.target_name.string.data}));
 
 		if ( ${val.flags.negotiate_version} )
 			result->Assign(2, build_version_record(${val.version}));
@@ -157,13 +143,13 @@ refine connection SMB_Conn += {
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
 
 		if ( ${val.domain_name_fields.length} > 0 )
-			result->Assign(1, bytestring_to_val(${val.domain_name.string.data}));
+			result->Assign(1, uint8s_to_stringval(${val.domain_name.string.data}));
 
 		if ( ${val.user_name_fields.length} > 0 )
-			result->Assign(2, bytestring_to_val(${val.user_name.string.data}));
+			result->Assign(2, uint8s_to_stringval(${val.user_name.string.data}));
 
 		if ( ${val.workstation_fields.length} > 0 )
-			result->Assign(3, bytestring_to_val(${val.workstation.string.data}));
+			result->Assign(3, uint8s_to_stringval(${val.workstation.string.data}));
 
 		if ( ${val.flags.negotiate_version} )
 			result->Assign(4, build_version_record(${val.version}));
@@ -320,9 +306,7 @@ type SMB_NTLM_StringData = record {
 };
 
 type SMB_Fixed_Length_String(unicode: bool) = record {
-	s: bytestring &restofdata;
-} &let {
-	data: bytestring = $context.connection.unicode_to_ascii(s, sizeof(s), unicode);
+	data: uint8[] &restofdata;
 };
 
 type SMB_NTLM_String(fields: SMB_NTLM_StringData, offset: uint16, unicode: bool) = record {
@@ -356,7 +340,7 @@ type SMB_NTLM_AV_Pair = record {
 	# av_flags refinement
 	constrained_auth: bool = (av_flags & 0x00000001) > 0 &if ( id == 0x0006);
 	mic_present     : bool = (av_flags & 0x00000002) > 0 &if ( id == 0x0006);
-	untrusted_source: bool = (av_flags & 0x00000004) > 0 &if ( id == 0x0006);	
+	untrusted_source: bool = (av_flags & 0x00000004) > 0 &if ( id == 0x0006);
 };
 
 type SMB_NTLM_Single_Host = record {
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index 46d589a140..f09cb6d53c 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -31,23 +31,40 @@ refine connection SMB_Conn += {
 		switch ( ${val.rpc_header.PTYPE} ) {
 		case DCE_RPC_REQUEST:
 			if ( smb_pipe_request )
-				BifEvent::generate_smb_pipe_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
-													${val.rpc_body.request.opnum});
+				BifEvent::generate_smb_pipe_request(bro_analyzer(), 
+				                                    bro_analyzer()->Conn(),
+				                                    BuildHeaderVal(header),
+				                                    ${val.rpc_body.request.opnum});
 			break;
 		case DCE_RPC_RESPONSE:
 			if ( smb_pipe_response )
-				BifEvent::generate_smb_pipe_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+				BifEvent::generate_smb_pipe_response(bro_analyzer(), 
+				                                     bro_analyzer()->Conn(), 
+				                                     BuildHeaderVal(header));
 			break;
 		case DCE_RPC_BIND_ACK:
 			if ( smb_pipe_bind_ack_response )
-				BifEvent::generate_smb_pipe_bind_ack_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+				BifEvent::generate_smb_pipe_bind_ack_response(bro_analyzer(), 
+				                                              bro_analyzer()->Conn(),
+				                                              BuildHeaderVal(header));
 			break;
 		case DCE_RPC_BIND:
 			if ( smb_pipe_bind_request )
-			   // TODO - the version number needs to be calculated properly
-				BifEvent::generate_smb_pipe_bind_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
-												    new StringVal(analyzer::dce_rpc::uuid_to_string(bytestring_to_val(${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid})->Bytes())), new StringVal(fmt("%d.0", ${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_version})));
-			break;			
+				{
+				// TODO - the version number needs to be calculated properly
+				if ( ${val.rpc_body.bind.p_context_elem.n_context_elem} > 0 )
+					{
+					const char * uuid = analyzer::dce_rpc::uuid_to_string(${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid}.begin());
+					uint32_t version = ${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_version};
+
+					BifEvent::generate_smb_pipe_bind_request(bro_analyzer(), 
+					                                         bro_analyzer()->Conn(), 
+					                                         BuildHeaderVal(header),
+					                                         new StringVal(uuid), 
+					                                         new StringVal(fmt("%d.0", version)));
+					}
+				}
+			break;
 		}
 		
 		return true;

From d453dc149cccc67bfb6f531dbebde8d5ecca29dd Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 3 Mar 2016 14:27:15 -0500
Subject: [PATCH 19/84] A lot of changes to SMB analyzer.

 - Add beginning of infrastructure for pipe support in SMB2.
 - Improve identification of non-file tree mappings.
 - Stop passing pipe data to the file analysis framework.
 - Reduce log volume in smb_files.log by watching for repeated
   files being seen so that you don't end up with nearly
   the exact same log line over and over and over.
 - Lots of little whitespace and indentation changes.
---
 scripts/base/protocols/smb/main.bro           | 93 ++++++++++++++-----
 scripts/base/protocols/smb/pipe.bro           | 63 ++++++-------
 scripts/base/protocols/smb/smb1-main.bro      |  4 +-
 scripts/base/protocols/smb/smb2-main.bro      | 86 ++++++++++++++---
 src/analyzer/protocol/smb/SMB.cc              |  9 +-
 src/analyzer/protocol/smb/smb-pipe.pac        | 53 +++++------
 .../protocol/smb/smb1-com-transaction.pac     | 27 +++---
 .../smb/smb1-com-tree-connect-andx.pac        |  2 +-
 .../protocol/smb/smb1-com-write-andx.pac      |  2 +-
 .../protocol/smb/smb2-com-negotiate.pac       |  2 +-
 src/analyzer/protocol/smb/smb2-com-read.pac   | 10 +-
 .../protocol/smb/smb2-com-tree-connect.pac    |  3 +-
 src/analyzer/protocol/smb/smb2-com-write.pac  | 30 +++---
 src/analyzer/protocol/smb/smb2-protocol.pac   |  6 ++
 14 files changed, 252 insertions(+), 138 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index e054ad15fe..246f578022 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -10,19 +10,42 @@ export {
 	};
 	
 	## Abstracted actions for SMB file actions.
-	type FileAction: enum {
+	type Action: enum {
 		FILE_READ,
 		FILE_WRITE,
 		FILE_OPEN,
 		FILE_CLOSE,
 		FILE_UNKNOWN,
+
+		PIPE_READ,
+		PIPE_WRITE,
+		PIPE_OPEN,
+		PIPE_CLOSE,
+
+		PRINT_READ,
+		PRINT_WRITE,
+		PRINT_OPEN,
+		PRINT_CLOSE,
+
+		UNKNOWN_READ,
+		UNKNOWN_WRITE,
+		UNKNOWN_OPEN,
+		UNKNOWN_CLOSE,
 	};
 
 	## The file actions which are logged.
-	const logged_file_actions: set[FileAction] = {
+	const logged_file_actions: set[Action] = {
 		FILE_OPEN,
 		FILE_READ,
 		FILE_WRITE,
+
+		PIPE_OPEN,
+		PIPE_CLOSE,
+
+		PRINT_OPEN,
+		PRINT_CLOSE,
+
+		UNKNOWN_OPEN,
 	} &redef;
 
 	## The server response statuses which are *not* logged.
@@ -42,7 +65,7 @@ export {
 		fuid			: string  &log &optional;
 		
 		## Action this log record represents.
-		action			: FileAction  &log &default=FILE_UNKNOWN;
+		action			: Action  &log &optional;
 		## Path pulled from the tree this file was transferred to or from.
 		path			: string  &log &optional;
 		## Filename if one was seen.
@@ -50,26 +73,26 @@ export {
 		## Total size of the file.
 		size			: count   &log &default=0;
 		## Last time this file was modified.
-		times			: SMB::MACTimes    &log &optional;
+		times			: SMB::MACTimes &log &optional;
 	};
 
 	## This record is for the smb_mapping.log
 	type TreeInfo: record {
 		## Time when the tree was mapped.
-		ts					: time   &log &optional;
+		ts                  : time   &log &optional;
 		## Unique ID of the connection the tree was mapped over.
-		uid					: string  &log;
+		uid                 : string  &log;
 		## ID of the connection the tree was mapped over.
-		id					: conn_id &log;
+		id                  : conn_id &log;
 
 		## Name of the tree path.
-		path				: string &log &optional;
+		path                : string &log &optional;
 		## The type of resource of the tree (disk share, printer share, named pipe, etc.)
-		service				: string &log &optional;
+		service             : string &log &optional;
 		## File system of the tree.
-		native_file_system	: string &log &optional;
+		native_file_system  : string &log &optional;
 		## If this is SMB2, a share type will be included.
-		share_type			: string &log &optional;
+		share_type          : string &log &default="UNKNOWN";
 	};
 
 	## This record is for the smb_cmd.log
@@ -121,15 +144,20 @@ export {
 		current_tree   : TreeInfo    &optional;
 		
 		## Indexed on MID to map responses to requests.
-		pending_cmds: table[count] of CmdInfo   &optional;
+		pending_cmds : table[count] of CmdInfo   &optional;
 		## File map to retrieve file information based on the file ID.
-		fid_map     : table[count] of FileInfo  &optional;
+		fid_map      : table[count] of FileInfo  &optional;
 		## Tree map to retrieve tree information based on the tree ID.
-		tid_map     : table[count] of TreeInfo  &optional;
+		tid_map      : table[count] of TreeInfo  &optional;
 		## User map to retrieve user name based on the user ID.
-		uid_map		: table[count] of string	&optional;
+		uid_map      : table[count] of string    &optional;
 		## Pipe map to retrieve UUID based on the file ID of a pipe.
-		pipe_map	: table[count] of string	&optional;
+		pipe_map     : table[count] of string    &optional;
+
+		## A set of recent files to avoid logging the same
+		## files over and over in the smb files log.
+		## This only applies to files seen in a single connection.
+		recent_files : set[string] &default=string_set() &read_expire=3min;
 	};
 	
 	redef record connection += {
@@ -154,18 +182,18 @@ export {
 	const set_current_file: function(smb_state: State, file_id: count) &redef;
 
 	## This is an internally used function.
-	const write_file_log: function(f: FileInfo) &redef;
+	const write_file_log: function(state: State) &redef;
 }
 
 redef record FileInfo += {
 	## ID referencing this file.
-	fid	: count   &optional;
+	fid  : count   &optional;
 
 	## Maintain a reference to the file record.
-	f	: fa_file &optional;
+	f    : fa_file &optional;
 
 	## UUID referencing this file if DCE/RPC
-	uuid: string &optional;
+	uuid : string &optional;
 };
 
 const ports = { 139/tcp, 445/tcp };
@@ -191,12 +219,33 @@ function set_current_file(smb_state: State, file_id: count)
 	smb_state$current_file = smb_state$fid_map[file_id];
 	}
 
-function write_file_log(f: FileInfo)
+function write_file_log(state: State)
 	{
+	local f = state$current_file;
 	if ( f?$name && 
 	     f$name !in pipe_names &&
 	     f$action in logged_file_actions )
 		{
+		# Everything in this if statement is to avoid overlogging
+		# of the same data from a single connection based on recently
+		# seen files in the SMB::State $recent_files field.
+		if ( f?$times )
+			{
+			local file_ident = cat(f$action,
+			                       f?$fuid ? f$fuid : "",
+			                       f?$name ? f$name : "",
+			                       f?$path ? f$path : "",
+			                       f$size,
+			                       f$times);
+			if ( file_ident in state$recent_files )
+				{
+				# We've already seen this file and don't want to log it again.
+				return;
+				}
+			else
+				add state$recent_files[file_ident];
+			}
+		
 		Log::write(FILES_LOG, f);
 		}
 	}
@@ -211,7 +260,7 @@ event file_state_remove(f: fa_file) &priority=-5
 		local c = f$conns[id];
 		if ( c?$smb_state && c$smb_state?$current_file)
 			{
-			write_file_log(c$smb_state$current_file);
+			write_file_log(c$smb_state);
 			}
 		return;
 		}
diff --git a/scripts/base/protocols/smb/pipe.bro b/scripts/base/protocols/smb/pipe.bro
index d9f201d455..6057c73700 100644
--- a/scripts/base/protocols/smb/pipe.bro
+++ b/scripts/base/protocols/smb/pipe.bro
@@ -6,25 +6,18 @@ export {
 	};
 
 	type ATSvcInfo: record {
-	## Time of the request
-	ts	: time &log;
-	## UID of the connection
-	uid	: string &log;
-	## Connection info
-	id	: conn_id &log;
-	## Command (add, enum, delete, etc.)
-	command : string &log;
-	## Argument
-	arg	: string &log;
-	## Server the command was issued to
-	server	: string &log;
-	## Result of the command
-	result	: string &log &optional;
+		ts       : time    &log; ##< Time of the request
+		uid      : string  &log; ##< UID of the connection
+		id       : conn_id &log; ##< Connection info
+		command  : string  &log; ##< Command (add, enum, delete, etc.)
+		arg      : string  &log; ##< Argument
+		server   : string  &log; ##< Server the command was issued to
+		result   : string  &log &optional; ##< Result of the command
 	};
 }
 
-redef record connection += {
-	smb_atsvc: ATSvcInfo &optional;
+redef record SMB::State += {
+	pipe_atsvc: ATSvcInfo &optional;
 };
 
 event bro_init() &priority=5
@@ -32,28 +25,28 @@ event bro_init() &priority=5
 	Log::create_stream(ATSVC_LOG, [$columns=ATSvcInfo]);
 	}
 
-event smb_atsvc_job_add(c: connection, server: string, job: string)
+event smb_atsvc_job_add(c: connection, server: string, job: string) &priority=5
 	{
-	local info: ATSvcInfo;
-	info$ts = network_time();
-	info$uid = c$uid;
-	info$id = c$id;
-	info$command = "Add job";
-	info$arg = job;
-	info$server = server;
-
-	c$smb_atsvc = info;
+	local info = ATSvcInfo($ts=network_time(),
+	                       $uid = c$uid,
+	                       $id = c$id,
+	                       $command = "Add job",
+	                       $arg = job,
+	                       $server = server);
+	c$smb_state$pipe_atsvc = info;
 	}
 
-event smb_atsvc_job_id(c: connection, id: count, status: count)
+event smb_atsvc_job_id(c: connection, id: count, status: count) &priority=5
 	{
-	if ( !c?$smb_atsvc )
-		return;
-	if ( status == 0 )
-		c$smb_atsvc$result = "success";
-	else
-		c$smb_atsvc$result = "failed";
+	if ( c$smb_state?$pipe_atsvc )
+		c$smb_state$pipe_atsvc$result = (status==0) ? "success" : "failed";
+	}
 
-	Log::write(ATSVC_LOG, c$smb_atsvc);
-	delete c$smb_atsvc;
+event smb_atsvc_job_id(c: connection, id: count, status: count) &priority=-5
+	{
+	if ( c$smb_state?$pipe_atsvc )
+		{
+		Log::write(ATSVC_LOG, c$smb_state$pipe_atsvc);
+		delete c$smb_state$pipe_atsvc;
+		}
 	}
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 4756554ce0..d0f9bb3c1e 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -168,7 +168,7 @@ event smb1_nt_create_andx_response(c: connection, hdr: SMB1::Header, file_id: co
 	
 	c$smb_state$current_file = c$smb_state$fid_map[file_id];
 	
-	SMB::write_file_log(c$smb_state$current_file);
+	SMB::write_file_log(c$smb_state);
 	}
 
 event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, length: count) &priority=5
@@ -237,7 +237,7 @@ event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &prio
 		
 		delete c$smb_state$fid_map[file_id];
 
-		SMB::write_file_log(fl);
+		SMB::write_file_log(c$smb_state);
 		}
 	else
 		{
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index e668d9b2fd..60c3edf425 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -28,7 +28,7 @@ event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=5
 		smb_state$tid_map[tid] = tmp_tree;
 		}
 	smb_state$current_tree = smb_state$tid_map[tid];
-	
+
 	if ( mid !in smb_state$pending_cmds )
 		{
 		local tmp_cmd: SMB::CmdInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2", $command = SMB2::commands[hdr$command]];
@@ -114,30 +114,43 @@ event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB
 
 event smb2_create_request(c: connection, hdr: SMB2::Header, name: string) &priority=5
 	{
-	local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
+	local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $name=name];
+
+	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+		{
+		case "DISK":
+			tmp_file$action = SMB::FILE_OPEN;
+			break;
+		case "PIPE":
+			tmp_file$action = SMB::PIPE_OPEN;
+			break;
+		case "PRINT":
+			tmp_file$action = SMB::PRINT_OPEN;
+			break;
+		default:
+			tmp_file$action = SMB::UNKNOWN_OPEN;
+			break;
+		}
 	c$smb_state$current_cmd$referenced_file = tmp_file;
-	c$smb_state$current_cmd$referenced_file$name = name;
-	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
 	c$smb_state$current_file = c$smb_state$current_cmd$referenced_file;
 	}
 
 event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, file_size: count, times: SMB::MACTimes, attrs: SMB2::FileAttrs) &priority=5
 	{
-	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
 	c$smb_state$current_cmd$referenced_file$fid = file_id$persistent+file_id$volatile;
 	c$smb_state$current_cmd$referenced_file$size = file_size;
 
 	# I'm seeing negative data from IPC tree transfers
 	if ( time_to_double(times$modified) > 0.0 )
 		c$smb_state$current_cmd$referenced_file$times = times;
-	
+
 	# We can identify the file by its file id now so let's stick it 
 	# in the file map.
 	c$smb_state$fid_map[file_id$persistent+file_id$volatile] = c$smb_state$current_cmd$referenced_file;
 	
 	c$smb_state$current_file = c$smb_state$fid_map[file_id$persistent+file_id$volatile];
-	
-	SMB::write_file_log(c$smb_state$current_file);
+
+	SMB::write_file_log(c$smb_state);
 	}
 
 event smb2_set_info_request(c: connection, hdr: SMB2::Header, request: SMB2::SetInfoRequest) &priority=5
@@ -148,7 +161,22 @@ event smb2_set_info_request(c: connection, hdr: SMB2::Header, request: SMB2::Set
 event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
 	{
 	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
-	c$smb_state$current_file$action = SMB::FILE_READ;
+
+	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+		{
+		case "DISK":
+			c$smb_state$current_file$action = SMB::FILE_READ;
+			break;
+		case "PIPE":
+			c$smb_state$current_file$action = SMB::PIPE_READ;
+			break;
+		case "PRINT":
+			c$smb_state$current_file$action = SMB::PRINT_READ;
+			break;
+		default:
+			c$smb_state$current_file$action = SMB::UNKNOWN_OPEN;
+			break;
+		}
 	}
 
 event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=-5
@@ -157,13 +185,28 @@ event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, o
 		c$smb_state$current_file$path = c$smb_state$current_tree$path;
 
 	# TODO - Why is this commented out?
-	#write_file_log(c$smb_state$current_file);
+	#write_file_log(c$smb_state);
 	}
 
 event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
 	{
 	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
-	c$smb_state$current_file$action = SMB::FILE_WRITE;
+
+	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+		{
+		case "DISK":
+			c$smb_state$current_file$action = SMB::FILE_WRITE;
+			break;
+		case "PIPE":
+			c$smb_state$current_file$action = SMB::PIPE_WRITE;
+			break;
+		case "PRINT":
+			c$smb_state$current_file$action = SMB::PRINT_WRITE;
+			break;
+		default:
+			c$smb_state$current_file$action = SMB::UNKNOWN_WRITE;
+			break;
+		}
 	}
 
 event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=-5
@@ -172,13 +215,28 @@ event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID,
 		c$smb_state$current_file$path = c$smb_state$current_tree$path;
 
 	# TODO - Why is this commented out?
-	#write_file_log(c$smb_state$current_file);
+	#write_file_log(c$smb_state);
 	}
 
 event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID) &priority=5
 	{
 	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
-	c$smb_state$current_file$action = SMB::FILE_CLOSE;
+
+	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+		{
+		case "DISK":
+			c$smb_state$current_file$action = SMB::FILE_CLOSE;
+			break;
+		case "PIPE":
+			c$smb_state$current_file$action = SMB::PIPE_CLOSE;
+			break;
+		case "PRINT":
+			c$smb_state$current_file$action = SMB::PRINT_CLOSE;
+			break;
+		default:
+			c$smb_state$current_file$action = SMB::UNKNOWN_CLOSE;
+			break;
+		}
 	}
 
 event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID) &priority=-5
@@ -191,7 +249,7 @@ event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID)
 			fl$path = c$smb_state$current_tree$path;
 		delete c$smb_state$fid_map[file_id$persistent+file_id$volatile];
 
-		SMB::write_file_log(fl);
+		SMB::write_file_log(c$smb_state);
 		}
 	else
 		{
diff --git a/src/analyzer/protocol/smb/SMB.cc b/src/analyzer/protocol/smb/SMB.cc
index 643c8a4ae6..19e7dec13f 100644
--- a/src/analyzer/protocol/smb/SMB.cc
+++ b/src/analyzer/protocol/smb/SMB.cc
@@ -58,8 +58,8 @@ void SMB_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
 		}
 	catch ( const binpac::Exception& e )
 		{
-		  ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
-		  //printf(fmt("Binpac exception: %s", e.c_msg()));
+		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+		//printf(fmt("Binpac exception: %s", e.c_msg()));
 		}
 	}
 
@@ -161,11 +161,6 @@ void Contents_SMB::DeliverStream(int len, const u_char* data, bool orig)
 		case WAIT_FOR_HDR:
 			{
 			// We have the 4 bytes header now
-
-			// This does not abide the spec, but we've seen it 
-			// in real traffic.
-			if (data[1] > 2)
-				Conn()->Weird(fmt("NetBIOS session flags > 2: %d", data[1]));
 			msg_len = 0;
 			msg_type = data[0];
 			for ( int i = 1; i < 4; i++)
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index f09cb6d53c..78de7d048b 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -8,6 +8,9 @@
 %}
 
 refine connection SMB_Conn += {
+	%member{
+		map<uint16,bool> tree_is_pipe_map;
+	%}
 
 	function get_tree_is_pipe(tree_id: uint16): bool
 		%{
@@ -19,13 +22,9 @@ refine connection SMB_Conn += {
 	function set_tree_is_pipe(tree_id: uint16, is_pipe: bool): bool
 		%{
 		tree_is_pipe_map[tree_id] = is_pipe;
-		return true;		
+		return true;
 		%}
 
-	%member{
-		map<uint16,bool> tree_is_pipe_map;
-	%}
-
 	function proc_smb_pipe_message(val: SMB_Pipe_message, header: SMB_Header): bool
 		%{
 		switch ( ${val.rpc_header.PTYPE} ) {
@@ -83,45 +82,43 @@ type SMB_Pipe_message(header: SMB_Header, byte_count: uint16) = record {
 	proc: bool = $context.connection.proc_smb_pipe_message(this, header);
 } &byteorder = littleendian;
 
-type SMB_RAP_message( unicode: bool, byte_count: uint16 ) = record { 
-
-	rap_code : uint16;
-	param_desc : SMB_string(unicode, offsetof(param_desc) );
-	data_desc : SMB_string(unicode, offsetof(data_desc) );
-	data : bytestring &restofdata; 
-
+type SMB_RAP_message(unicode: bool, byte_count: uint16) = record { 
+	rap_code   : uint16;
+	param_desc : SMB_string(unicode, offsetof(param_desc));
+	data_desc  : SMB_string(unicode, offsetof(data_desc));
+	data       : bytestring &restofdata; 
 } &byteorder = littleendian;
 
 type AT_SVC_Request(unicode: bool, opnum: uint8) = record {
  	empty: padding[1];
 	op: case opnum of {
-		0 -> add: AT_SVC_NetrJobAdd(unicode);
-		default -> unknown: bytestring &restofdata;
+		0       -> add     : AT_SVC_NetrJobAdd(unicode);
+		default -> unknown : bytestring &restofdata;
 	};
 };
 
 type AT_SVC_String_Pointer(unicode: bool) = record {
-	referent_id : uint32;
-	max_count   : uint32;
-	offset	    : uint32;
-	actual_count: uint32;
-	string	    : SMB_string(unicode, offsetof(string));
+	referent_id  : uint32;
+	max_count    : uint32;
+	offset       : uint32;
+	actual_count : uint32;
+	string       : SMB_string(unicode, offsetof(string));
 };
 
 type AT_SVC_NetrJobAdd(unicode: bool) = record {
-	server       : AT_SVC_String_Pointer(unicode);
-	unknown      : padding[2];
-	job_time     : uint32;
-	days_of_month: uint32;
-	days_of_week : uint8;
-	flags        : uint8;
-	unknown2     : padding[2];
-	command      : AT_SVC_String_Pointer(unicode);
+	server        : AT_SVC_String_Pointer(unicode);
+	unknown       : padding[2];
+	job_time      : uint32;
+	days_of_month : uint32;
+	days_of_week  : uint8;
+	flags         : uint8;
+	unknown2      : padding[2];
+	command       : AT_SVC_String_Pointer(unicode);
 };
 
 type AT_SVC_Reply(unicode: bool, opnum: uint16) = record {
 	op: case opnum of {
-		0 -> add: AT_SVC_JobID(unicode);
+		0       -> add:     AT_SVC_JobID(unicode);
 		default -> unknown: bytestring &restofdata;
 	};
 };
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index b5c19a332a..4db7a4a209 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -10,8 +10,11 @@ refine connection SMB_Conn += {
 	function proc_smb1_transaction_request(header: SMB_Header, val: SMB1_transaction_request): bool
 		%{
 		if ( smb1_transaction_request )
-			BifEvent::generate_smb1_transaction_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
-														 smb_string2stringval(${val.name}), ${val.sub_cmd});
+			BifEvent::generate_smb1_transaction_request(bro_analyzer(), 
+			                                            bro_analyzer()->Conn(),
+			                                            BuildHeaderVal(header),
+			                                            smb_string2stringval(${val.name}), 
+			                                            ${val.sub_cmd});
 		return true;
 		%}
 
@@ -24,8 +27,11 @@ refine connection SMB_Conn += {
 	function proc_smb1_transaction_setup(header: SMB_Header, val: SMB1_transaction_setup): bool
 		%{
 		if ( smb1_transaction_setup )
-			BifEvent::generate_smb1_transaction_setup(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
-													  ${val.op_code}, ${val.file_id});
+			BifEvent::generate_smb1_transaction_setup(bro_analyzer(), 
+			                                          bro_analyzer()->Conn(),
+			                                          BuildHeaderVal(header),
+			                                          ${val.op_code},
+			                                          ${val.file_id});
 		return true;
 		%}
 
@@ -33,13 +39,13 @@ refine connection SMB_Conn += {
 
 
 type SMB1_transaction_data(header: SMB_Header, count: uint16, sub_cmd: uint16,
-                          trans_type: TransactionType ) = case trans_type of {
+                           trans_type: TransactionType) = case trans_type of {
 #	SMB_MAILSLOT_BROWSE -> mailslot : SMB_MailSlot_message(header.unicode, count);
 #	SMB_MAILSLOT_LANMAN -> lanman   : SMB_MailSlot_message(header.unicode, count);
 #	SMB_RAP             -> rap      : SMB_Pipe_message(header.unicode, count);
 	SMB_PIPE            -> pipe     : SMB_Pipe_message(header, count);
-	SMB_UNKNOWN         -> unknown  : bytestring &restofdata;
-#	default             -> data     : bytestring &restofdata;
+	SMB_UNKNOWN         -> unknown  : bytestring &restofdata &transient;
+	default             -> data     : bytestring &restofdata &transient;
 };
 
 type SMB1_transaction_setup(header: SMB_Header) = record {
@@ -79,7 +85,6 @@ type SMB1_transaction_request(header: SMB_Header) = record {
 	proc : bool = $context.connection.proc_smb1_transaction_request(header, this);
 };
 
-
 type SMB1_transaction_response(header: SMB_Header) = record {
 	word_count          : uint8;
 	total_param_count   : uint16;
@@ -99,10 +104,8 @@ type SMB1_transaction_response(header: SMB_Header) = record {
 	pad0                : padding to param_offset - SMB_Header_length;
 	parameters          : bytestring &length = param_count;
 	pad1                : padding to data_offset - SMB_Header_length;
-	handle_response	    : case $context.connection.get_tree_is_pipe(header.tid) of {
-		true -> pipe_data : SMB1_transaction_data(header, data_count, 0, SMB_PIPE);
-		false -> unk_data : SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
-	};
+	data                : SMB1_transaction_data(header, data_count, 0, is_tree_a_pipe ? SMB_PIPE : SMB_UNKNOWN)[data_count>0 ? 1 : 0];
 } &let {
 	proc : bool = $context.connection.proc_smb1_transaction_response(header, this);
+	is_tree_a_pipe: bool = $context.connection.get_tree_is_pipe(header.tid);
 };
diff --git a/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
index cb7f63d548..030c213902 100644
--- a/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
@@ -13,7 +13,7 @@ refine connection SMB_Conn += {
 
 	function proc_smb1_tree_connect_andx_response(header: SMB_Header, val: SMB1_tree_connect_andx_response): bool
 		%{
-		set_tree_is_pipe(${header.tid}, strcmp((const char*) smb_string2stringval(${val.service})->Bytes(), "IPC") == 0);
+		set_tree_is_pipe(${header.tid}, strncmp((const char*) smb_string2stringval(${val.service})->Bytes(), "IPC", 3) == 0);
 		if ( smb1_tree_connect_andx_response )
 			BifEvent::generate_smb1_tree_connect_andx_response(bro_analyzer(),
 			                                                   bro_analyzer()->Conn(),
diff --git a/src/analyzer/protocol/smb/smb1-com-write-andx.pac b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
index f508a62e68..cf56f6db9c 100644
--- a/src/analyzer/protocol/smb/smb1-com-write-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
@@ -52,7 +52,7 @@ type SMB1_write_andx_request(header: SMB_Header) = record {
 	
 	byte_count    : uint16;
 	pad           : padding to data_offset - SMB_Header_length;
-	is_pipe		  : case $context.connection.get_tree_is_pipe(header.tid) of {
+	is_pipe       : case $context.connection.get_tree_is_pipe(header.tid) of {
 		true  -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
 		default -> data : bytestring &length=data_len;
 	} &requires(data_len);
diff --git a/src/analyzer/protocol/smb/smb2-com-negotiate.pac b/src/analyzer/protocol/smb/smb2-com-negotiate.pac
index 956d7b0bdf..c95eec49dc 100644
--- a/src/analyzer/protocol/smb/smb2-com-negotiate.pac
+++ b/src/analyzer/protocol/smb/smb2-com-negotiate.pac
@@ -43,7 +43,7 @@ type SMB2_negotiate_request(header: SMB2_Header) = record {
 	security_mode     : uint16;          # there is a list of required modes
 	reserved          : padding[2];      # must be set to 0
 	capabilities      : uint32;          # must be set to 0
-	client_guid       : SMB2_guid;    # guid if client implements SMB 2.1 dialect, otherwise set to 0
+	client_guid       : SMB2_guid;       # guid if client implements SMB 2.1 dialect, otherwise set to 0
 	client_start_time : SMB_timestamp;   # must be set to 0
 	dialects          : uint16[dialect_count];
 } &byteorder=littleendian, &let {
diff --git a/src/analyzer/protocol/smb/smb2-com-read.pac b/src/analyzer/protocol/smb/smb2-com-read.pac
index 9fb4d9ce08..612fa01cf2 100644
--- a/src/analyzer/protocol/smb/smb2-com-read.pac
+++ b/src/analyzer/protocol/smb/smb2-com-read.pac
@@ -25,7 +25,7 @@ refine connection SMB_Conn += {
 
 	function proc_smb2_read_response(h: SMB2_Header, val: SMB2_read_response) : bool
 		%{
-		if ( ${val.data_len} > 0 )
+		if ( ! ${val.is_pipe} && ${val.data_len} > 0 )
 			{
 			uint64 offset = smb2_read_offsets[${h.message_id}];
 			smb2_read_offsets.erase(${h.message_id});
@@ -67,7 +67,13 @@ type SMB2_read_response(header: SMB2_Header) = record {
 	data_remaining    : uint32;
 	reserved          : uint32;
 	pad               : padding to data_offset - header.head_length;
-	data              : bytestring &length=data_len;
+	pipe_file_switch  : case is_pipe of {
+		# The SMB_Pipe_message type doesn't support smb2 pipes yet.
+		#true  -> pipe_data : SMB_Pipe_message(header, data_len) &length=data_len;
+		false -> data      : bytestring &length=data_len;
+	};
 } &let {
+	is_pipe: bool = $context.connection.get_tree_is_pipe(header.tree_id);
+
 	proc: bool = $context.connection.proc_smb2_read_response(header, this);
 };
diff --git a/src/analyzer/protocol/smb/smb2-com-tree-connect.pac b/src/analyzer/protocol/smb/smb2-com-tree-connect.pac
index 5c6ae8020d..f2860172b1 100644
--- a/src/analyzer/protocol/smb/smb2-com-tree-connect.pac
+++ b/src/analyzer/protocol/smb/smb2-com-tree-connect.pac
@@ -13,10 +13,11 @@ refine connection SMB_Conn += {
 
 	function proc_smb2_tree_connect_response(header: SMB2_Header, val: SMB2_tree_connect_response): bool
 		%{
+		set_tree_is_pipe(${header.tree_id}, ${val.share_type} == SMB2_SHARE_TYPE_PIPE);
+
 		if ( smb2_tree_connect_response )
 			{
 			RecordVal* resp = new RecordVal(BifType::Record::SMB2::TreeConnectResponse);
-
 			resp->Assign(0, new Val(${val.share_type}, TYPE_COUNT));
 
 			BifEvent::generate_smb2_tree_connect_response(bro_analyzer(),
diff --git a/src/analyzer/protocol/smb/smb2-com-write.pac b/src/analyzer/protocol/smb/smb2-com-write.pac
index 64a9d72254..64a5eaa106 100644
--- a/src/analyzer/protocol/smb/smb2-com-write.pac
+++ b/src/analyzer/protocol/smb/smb2-com-write.pac
@@ -12,7 +12,7 @@ refine connection SMB_Conn += {
 			                                      ${val.data_len});
 			}
 
-		if ( ${val.data}.length() > 0 )
+		if ( ! ${val.is_pipe} && ${val.data}.length() > 0 )
 			{
 			file_mgr->DataIn(${val.data}.begin(), ${val.data_len}, ${val.offset},
 			                 bro_analyzer()->GetAnalyzerTag(),
@@ -32,19 +32,25 @@ refine connection SMB_Conn += {
 
 
 type SMB2_write_request(header: SMB2_Header) = record {
-	structure_size    : uint16;
-	data_offset       : uint16;
-	data_len          : uint32;
-	offset            : uint64;
-	file_id           : SMB2_guid;
-	channel           : uint32; # ignore
-	data_remaining    : uint32;
+	structure_size      : uint16;
+	data_offset         : uint16;
+	data_len            : uint32;
+	offset              : uint64;
+	file_id             : SMB2_guid;
+	channel             : uint32; # ignore
+	data_remaining      : uint32;
 	channel_info_offset : uint16; # ignore
-	channel_info_len  : uint16; # ignore
-	flags             : uint32;
-	pad               : padding to data_offset - header.head_length;
-	data              : bytestring &length=data_len;
+	channel_info_len    : uint16; # ignore
+	flags               : uint32;
+	pad                 : padding to data_offset - header.head_length;
+	pipe_file_switch    : case is_pipe of {
+		# The SMB_Pipe_message type doesn't support smb2 pipes yet.
+		#true  -> pipe_data : SMB_Pipe_message(header, data_len) &length=data_len;
+		default -> data      : bytestring &length=data_len;
+	};
 } &let {
+	is_pipe: bool = $context.connection.get_tree_is_pipe(header.tree_id);
+
 	proc : bool = $context.connection.proc_smb2_write_request(header, this);
 };
 
diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac
index 7831a5ba0e..5acdabd8bd 100644
--- a/src/analyzer/protocol/smb/smb2-protocol.pac
+++ b/src/analyzer/protocol/smb/smb2-protocol.pac
@@ -23,6 +23,12 @@ enum smb2_commands {
 	SMB2_OPLOCK_BREAK       = 18,
 };
 
+enum smb2_share_types {
+	SMB2_SHARE_TYPE_DISK = 0x01,
+	SMB2_SHARE_TYPE_PIPE = 0x02,
+	SMB2_SHARE_TYPE_PRINT = 0x03,
+};
+
 type SMB2_PDU(is_orig: bool) = record {
 	header     : SMB2_Header(is_orig);
 	message    : case header.status of {

From e02c61274269a37121b05dcf4b859a6324c04fe5 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 3 Mar 2016 15:31:26 -0500
Subject: [PATCH 20/84] Fix some SMB1 "field missing" expression errors.

---
 scripts/base/protocols/smb/smb1-main.bro | 58 +++++++++++++++++++-----
 1 file changed, 47 insertions(+), 11 deletions(-)

diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index d0f9bb3c1e..a21f9c24f1 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -184,8 +184,8 @@ event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, o
 	if ( c$smb_state$current_tree?$path && !c$smb_state$current_file?$path )
 		c$smb_state$current_file$path = c$smb_state$current_tree$path;
 
-	# TODO - Why is this commented out?
-	#write_file_log(c$smb_state$current_file);
+	# We don't even try to log reads and writes to the files log.
+	#write_file_log(c$smb_state);
 	}
 	
 event smb1_read_andx_response(c: connection, hdr: SMB1::Header, data_len: count) &priority=5
@@ -200,7 +200,9 @@ event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count,
 	{
 	SMB::set_current_file(c$smb_state, file_id);
 	c$smb_state$current_file$action = SMB::FILE_WRITE;
-	if ( !c$smb_state$current_cmd?$argument )
+	if ( !c$smb_state$current_cmd?$argument && 
+	     # TODO: figure out why name isn't getting set sometimes.
+	     c$smb_state$current_file?$name )
 		c$smb_state$current_cmd$argument = c$smb_state$current_file$name;
 	}
 	
@@ -209,8 +211,8 @@ event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count,
 	if ( c$smb_state$current_tree?$path && !c$smb_state$current_file?$path )
 		c$smb_state$current_file$path = c$smb_state$current_tree$path;
 
-	# TODO - Why is this commented out?
-	#write_file_log(c$smb_state$current_file);
+	# We don't even try to log reads and writes to the files log.
+	#write_file_log(c$smb_state);
 	}
 
 #event smb1_write_andx_response(c: connection, hdr: SMB1::Header, written_bytes: count) &priority=5
@@ -233,7 +235,8 @@ event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &prio
 		if ( c$smb_state$current_tree?$path )
 			fl$path = c$smb_state$current_tree$path;
 
-		c$smb_state$current_cmd$argument = fl$name;
+		if ( fl?$name )
+			c$smb_state$current_cmd$argument = fl$name;
 		
 		delete c$smb_state$fid_map[file_id];
 
@@ -323,18 +326,35 @@ event smb1_transaction_request(c: connection, hdr: SMB1::Header, name: string, s
 
 event smb1_write_andx_request(c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count)
 	{
-	if ( c$smb_state$current_file?$uuid )
-		c$smb_state$pipe_map[file_id] = c$smb_state$current_file$uuid;
+	if ( ! c$smb_state?$current_file || ! c$smb_state$current_file?$uuid )
+		{
+		# TODO: figure out why the uuid isn't getting set sometimes.
+		return;
+		}
+	
+	c$smb_state$pipe_map[file_id] = c$smb_state$current_file$uuid;
 	}
 
 event smb_pipe_bind_ack_response(c: connection, hdr: SMB1::Header)
 	{
+	if ( ! c$smb_state?$current_file || ! c$smb_state$current_file?$uuid )
+		{
+		# TODO: figure out why the uuid isn't getting set sometimes.
+		return;
+		}
+	
 	c$smb_state$current_cmd$sub_command = "RPC_BIND_ACK";
-	c$smb_state$current_cmd$argument = SMB::rpc_uuids[c$smb_state$current_file$uuid];	
+	c$smb_state$current_cmd$argument = SMB::rpc_uuids[c$smb_state$current_file$uuid];
 	}
 	
 event smb_pipe_bind_request(c: connection, hdr: SMB1::Header, uuid: string, version: string)
 	{
+	if ( ! c$smb_state?$current_file || ! c$smb_state$current_file?$uuid )
+		{
+		# TODO: figure out why the current_file isn't getting set sometimes.
+		return;
+		}
+
 	c$smb_state$current_cmd$sub_command = "RPC_BIND";
 	c$smb_state$current_file$uuid = uuid;
 	c$smb_state$current_cmd$argument = fmt("%s v%s", SMB::rpc_uuids[uuid], version);
@@ -342,8 +362,24 @@ event smb_pipe_bind_request(c: connection, hdr: SMB1::Header, uuid: string, vers
 
 event smb_pipe_request(c: connection, hdr: SMB1::Header, op_num: count)
 	{
-	c$smb_state$current_cmd$argument = fmt("%s: %s", SMB::rpc_uuids[c$smb_state$current_file$uuid],
-									   				 SMB::rpc_sub_cmds[c$smb_state$current_file$uuid][op_num]);
+	if ( ! c$smb_state?$current_file )
+		{
+		# TODO: figure out why the current file isn't being set sometimes.
+		return;
+		}
+
+	local f = c$smb_state$current_file;
+	if ( ! f?$uuid )
+		{
+		# TODO: figure out why this is happening.
+		event conn_weird("smb_pipe_request_missing_uuid", c, "");
+		return;
+		}
+	local arg = fmt("%s: %s",
+	                SMB::rpc_uuids[f$uuid],
+	                SMB::rpc_sub_cmds[f$uuid][op_num]);
+
+	c$smb_state$current_cmd$argument = arg;
 	}
 	
 #event smb1_transaction_setup(c: connection, hdr: SMB1::Header, op_code: count, file_id: count)

From b9afc01d91a9948c222cca71551a75faa4f4d325 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 3 Mar 2016 15:52:34 -0500
Subject: [PATCH 21/84] Fixed a problem with file names and path names
 containing nulls.

This would come up when a string is UTF-16 containing characters
outside of straight ASCII.  The file analysis framework uses
CheckString to create file IDs which can't cope with the NULL bytes.
---
 scripts/base/protocols/smb/files.bro | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.bro
index e58e124307..ba11629daa 100644
--- a/scripts/base/protocols/smb/files.bro
+++ b/scripts/base/protocols/smb/files.bro
@@ -25,8 +25,11 @@ function get_file_handle(c: connection, is_orig: bool): string
 	local file_name = current_file?$name ? current_file$name : "";
 	# Include last_mod time if available because if a file has been modified it
 	# should be considered a new file.
-	local last_mod  = current_file?$times ? current_file$times$modified : double_to_time(0.0);
-	return cat(Analyzer::ANALYZER_SMB, c$id$orig_h, c$id$resp_h, path_name, file_name, last_mod);
+	local last_mod  = cat(current_file?$times ? current_file$times$modified : double_to_time(0.0));
+	# TODO: This is doing hexdump to avoid problems due to file analysis handling
+	#       using CheckString which is not immune to encapsulated null bytes.
+	#       This needs to be fixed lower in the file analysis code later.
+	return hexdump(cat(Analyzer::ANALYZER_SMB, c$id$orig_h, c$id$resp_h, path_name, file_name, last_mod));
 	}
 
 function describe_file(f: fa_file): string

From 462316acdf47e16c338ecafae0e1ce27e60c16be Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 3 Mar 2016 16:33:29 -0500
Subject: [PATCH 22/84] Prevent some extra smb logging of cmd messages.

---
 scripts/base/protocols/smb/smb1-main.bro | 16 +++++++++++-----
 scripts/base/protocols/smb/smb2-main.bro |  3 ++-
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index a21f9c24f1..b0d7ef58b5 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -107,7 +107,8 @@ event smb1_negotiate_response(c: connection, hdr: SMB1::Header, response: SMB1::
 	
 event smb1_negotiate_response(c: connection, hdr: SMB1::Header, response: SMB1::NegotiateResponse) &priority=-5
 	{
-	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+	if ( SMB::write_cmd_log &&
+	     c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
 		{
 		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
 		}
@@ -136,7 +137,8 @@ event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service:
 	{
 	Log::write(SMB::MAPPING_LOG, c$smb_state$current_tree);
 
-	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+	if ( SMB::write_cmd_log &&
+	     c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
 		{
 		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
 		}
@@ -146,6 +148,7 @@ event smb1_nt_create_andx_request(c: connection, hdr: SMB1::Header, name: string
 	{
 	local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
 	c$smb_state$current_cmd$referenced_file = tmp_file;
+
 	c$smb_state$current_cmd$referenced_file$name = name;
 	c$smb_state$current_cmd$referenced_file$action = SMB::FILE_OPEN;
 	c$smb_state$current_file = c$smb_state$current_cmd$referenced_file;
@@ -190,7 +193,8 @@ event smb1_read_andx_request(c: connection, hdr: SMB1::Header, file_id: count, o
 	
 event smb1_read_andx_response(c: connection, hdr: SMB1::Header, data_len: count) &priority=5
 	{
-	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+	if ( SMB::write_cmd_log && 
+	     c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
 		{
 		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
 		}
@@ -267,7 +271,8 @@ event smb1_trans2_find_first2_request(c: connection, hdr: SMB1::Header, args: SM
 	
 event smb1_session_setup_andx_response(c: connection, hdr: SMB1::Header, response: SMB1::SessionSetupAndXResponse) &priority=-5
 	{
-	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+	if ( SMB::write_cmd_log &&
+	     c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
 		{
 		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
 		}
@@ -284,7 +289,8 @@ event smb1_error(c: connection, hdr: SMB1::Header, is_orig: bool)
 		{
 		# This is for deferred commands only.
 		# The more specific messages won't fire for errors
-		if ( ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses ) &&
+		if ( SMB::write_cmd_log &&
+		     ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses ) &&
 		     ( c$smb_state$current_cmd$command in SMB::deferred_logging_cmds ) )
 			{
 			Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index 60c3edf425..615c7c44b0 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -87,7 +87,8 @@ event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::
 
 event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::NegotiateResponse) &priority=5
 	{
-	if ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
+	if ( SMB::write_cmd_log &&
+	     c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
 		{
 		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
 		}	

From 1b98e3bb24655c8c6c1bc7e523787d6c16d6ad77 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 3 Mar 2016 16:33:58 -0500
Subject: [PATCH 23/84] Fix SMB1 file handling.

File data wasn't being forwarded to the file analysis framework
correctly.
---
 src/analyzer/protocol/smb/smb1-com-read-andx.pac  | 10 ++++++----
 src/analyzer/protocol/smb/smb1-com-write-andx.pac |  9 +++++----
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb1-com-read-andx.pac b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
index 5f9e564ee0..324eb1bb85 100644
--- a/src/analyzer/protocol/smb/smb1-com-read-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
@@ -28,7 +28,7 @@ refine connection SMB_Conn += {
 			                                          BuildHeaderVal(h),
 			                                          ${val.data_len});
 
-		if ( !get_tree_is_pipe(${h.tid}) && ( ${val.data_len} > 0 ) )
+		if ( ! ${val.is_pipe} && ${val.data_len} > 0 )
 			{
 			uint64 offset = read_offsets[${h.mid}];
 			read_offsets.erase(${h.mid});
@@ -80,11 +80,13 @@ type SMB1_read_andx_response(header: SMB_Header) = record {
 	
 	byte_count        : uint16;
 	pad               : padding to data_offset - SMB_Header_length;
-	is_pipe		  : case $context.connection.get_tree_is_pipe(header.tid) of {
-		true  -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
-		default -> data : bytestring &length=data_len;
+	pipe_or_not       : case is_pipe of {
+		true    -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
+		default -> data      : bytestring &length=data_len;
 	} &requires(data_len);
 } &let {
+	is_pipe     : bool   = $context.connection.get_tree_is_pipe(header.tid);
+
 	padding_len : uint8  = (header.unicode == 1) ? 1 : 0;
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
 	proc        : bool   = $context.connection.proc_smb1_read_andx_response(header, this);
diff --git a/src/analyzer/protocol/smb/smb1-com-write-andx.pac b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
index cf56f6db9c..29905fa3f7 100644
--- a/src/analyzer/protocol/smb/smb1-com-write-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
@@ -10,7 +10,7 @@ refine connection SMB_Conn += {
 			                                           ${val.offset},
 			                                           ${val.data_len});
 
-		if ( ${val.data}.length() > 0 )
+		if ( ! ${val.is_pipe} && ${val.data}.length() > 0 )
 			{
 			file_mgr->DataIn(${val.data}.begin(), ${val.data}.length(), 
 			                 ${val.offset},
@@ -52,11 +52,12 @@ type SMB1_write_andx_request(header: SMB_Header) = record {
 	
 	byte_count    : uint16;
 	pad           : padding to data_offset - SMB_Header_length;
-	is_pipe       : case $context.connection.get_tree_is_pipe(header.tid) of {
-		true  -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
-		default -> data : bytestring &length=data_len;
+	pipe_or_not   : case is_pipe of {
+		true    -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
+		default -> data      : bytestring &length=data_len;
 	} &requires(data_len);
 } &let {
+	is_pipe     : bool   = $context.connection.get_tree_is_pipe(header.tid);
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
 	offset_high : uint32 = (word_count == 0x0E) ? offset_high_tmp : 0;
 	offset      : uint64 = (offset_high * 0x10000) + offset_low;

From 481335e5eaf0174dbac0a3b49231dfe790ac099c Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 10:07:02 -0500
Subject: [PATCH 24/84] Fixing problems in the RPC-DCE handling in SMB.

 - Renamed some fields to make everything clearer.
 - Fixed some more indentation problems.
 - Added the dce_rpc-protocol.pac files to the cmake list
   so that changes in it cause the smb analyzer to be rebuilt.
---
 src/analyzer/protocol/smb/CMakeLists.txt      |   1 +
 .../protocol/smb/dce_rpc-protocol.pac         | 137 +++++++++---------
 src/analyzer/protocol/smb/smb-pipe.pac        |   6 +-
 3 files changed, 75 insertions(+), 69 deletions(-)

diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index 305e1191f6..3a0b0e75f0 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -47,6 +47,7 @@ bro_plugin_pac(
 	smb-pipe.pac
 	smb-mailslot.pac
 	smb-ntlmssp.pac
+	dce_rpc-protocol.pac
 
 	smb1-protocol.pac
 	smb1-com-check-directory.pac
diff --git a/src/analyzer/protocol/smb/dce_rpc-protocol.pac b/src/analyzer/protocol/smb/dce_rpc-protocol.pac
index 20b7edc1ef..f13311a0fa 100644
--- a/src/analyzer/protocol/smb/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/smb/dce_rpc-protocol.pac
@@ -25,20 +25,20 @@ enum dce_rpc_ptype {
 type uuid = bytestring &length = 16;
 
 type context_handle = record {
-	cxt_attributes:		uint32;
-	cxt_uuid:		uuid;
+	attrs : uint32;
+	uuid  : bytestring &length = 16;
 };
 
-type rpc_if_id_t = record {
-	if_uuid		: uuid;
-	vers_major	: uint16;
-	vers_minor	: uint16;
-};
+#type rpc_if_id_t = record {
+#	if_uuid    : bytestring &length = 16;
+#	vers_major : uint16;
+#	vers_minor : uint16;
+#};
 
 type NDR_Format = record {
-	intchar		: uint8;
-	floatspec	: uint8;
-	reserved	: padding[2];
+	intchar    : uint8;
+	floatspec  : uint8;
+	reserved   : padding[2];
 } &let {
 	byteorder = (intchar >> 4) ? littleendian : bigendian;
 };
@@ -47,90 +47,95 @@ type NDR_Format = record {
 # causes problems despite the NDR_Format having a byteorder set.
 
 type DCE_RPC_Header = record {
-	rpc_vers	: uint8 &check(rpc_vers == 5);
-	rpc_vers_minor	: uint8;
-	PTYPE		: uint8;
-	pfc_flags	: uint8;
-	packed_drep	: NDR_Format;
-	frag_length	: uint16;
-	auth_length	: uint16;
-	call_id		: uint32;
+	rpc_vers       : uint8 &check(rpc_vers == 5);
+	rpc_vers_minor : uint8;
+	PTYPE          : uint8;
+	pfc_flags      : uint8;
+	packed_drep    : NDR_Format;
+	frag_length    : uint16;
+	auth_length    : uint16;
+	call_id        : uint32;
 } &let {
 	frag = pfc_flags & 4;
 	lastfrag = (! frag) || (pfc_flags & 2);
 } &byteorder = packed_drep.byteorder;
 
-type p_context_id_t = uint16;
-
-type p_syntax_id_t = record {
-	if_uuid		: uuid;
-	if_version	: uint32;
+type Syntax = record {
+	uuid    : bytestring &length = 16;
+	version : uint32;
 };
 
-type p_cont_elem_t = record {
-	p_cont_id	: p_context_id_t;
-	n_transfer_syn	: uint8;
-	reserved	: padding[1];
-	abstract_syntax	: p_syntax_id_t;
-	transfer_syntaxes : p_syntax_id_t[n_transfer_syn];
+type ContextRequest = record {
+	id                : uint16;
+	num_syntaxes      : uint8;
+	reserved          : padding[1];
+	abstract_syntax   : Syntax;
+	transfer_syntaxes : Syntax[num_syntaxes];
 };
 
-type p_cont_list_t = record {
-	n_context_elem	: uint8;
-	reserved	: padding[3];
-	p_cont_elem	: p_cont_elem_t[n_context_elem];
+type ContextReply = record {
+	ack_result        : uint16;
+	ack_reason        : uint16;
+	syntax            : Syntax;
+};
+
+type ContextList(is_request: bool) = record {
+	num_contexts   : uint8;
+	reserved       : padding[3];
+	req_reply      : case is_request of {
+		true  -> request_contexts : ContextRequest[num_contexts];
+		false -> reply_contexts   : ContextReply[num_contexts];
+	};
 };
 
 type DCE_RPC_Bind = record {
-	max_xmit_frag	: uint16;
-	max_recv_frag	: uint16;
-	assoc_group_id	: uint32;
-	p_context_elem	: p_cont_list_t;
+	max_xmit_frag  : uint16;
+	max_recv_frag  : uint16;
+	assoc_group_id : uint32;
+	context_list   : ContextList(1);
 };
 
 type DCE_RPC_Bind_Ack = record {
-	max_xmit_frag	: uint16;
-	max_recv_frag	: uint16;
-	assoc_group_id	: uint32;
+	max_xmit_frag   : uint16;
+	max_recv_frag   : uint16;
+	assoc_group_id  : uint32;
 	sec_addr_length : uint16;
-	sec_addr		: bytestring &length=sec_addr_length;
-	pad				: padding align 4;
-	p_context_elem	: p_cont_list_t;
+	sec_addr        : bytestring &length=sec_addr_length;
+	pad             : padding align 4;
+	contexts        : ContextList(0);
 };
 
 type DCE_RPC_AlterContext = record {
-	max_xmit_frag	: uint16;
-	max_recv_frag	: uint16;
-	assoc_group_id	: uint32;
-	p_context_elem	: p_cont_list_t;
+	max_xmit_frag  : uint16;
+	max_recv_frag  : uint16;
+	assoc_group_id : uint32;
+	contexts       : ContextList(0);
 };
 
 type DCE_RPC_Request = record {
-	alloc_hint	: uint32;
-	p_cont_id	: p_context_id_t;
-	opnum		: uint16;
-	# object	: uuid;
-	# stub_pad_0	: padding align 8;
-	stub		: bytestring &restofdata;
+	alloc_hint   : uint32;
+	context_id   : uint16;
+	opnum        : uint16;
+	# object     : uuid;
+	# stub_pad_0 : padding align 8;
+	stub         : bytestring &restofdata;
 };
 
 type DCE_RPC_Response = record {
-	alloc_hint	: uint32;
-	p_cont_id	: p_context_id_t;
-	cancel_count	: uint8;
-	reserved	: uint8;
-	# stub_pad_0	: padding align 8;
-	stub		: bytestring &restofdata;
+	alloc_hint   : uint32;
+	context_id   : uint16;
+	cancel_count : uint8;
+	reserved     : uint8;
+	# stub_pad_0 : padding align 8;
+	stub         : bytestring &restofdata;
 };
 
 type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
-	DCE_RPC_BIND	 -> bind	: DCE_RPC_Bind;
-	DCE_RPC_BIND_ACK -> bind_ack: DCE_RPC_Bind_Ack;
-	DCE_RPC_REQUEST	 -> request	: DCE_RPC_Request;
-	DCE_RPC_RESPONSE -> response	: DCE_RPC_Response;
-	default		 -> other	: bytestring &restofdata;
+	DCE_RPC_BIND     -> bind     : DCE_RPC_Bind;
+	DCE_RPC_BIND_ACK -> bind_ack : DCE_RPC_Bind_Ack;
+	DCE_RPC_REQUEST  -> request  : DCE_RPC_Request;
+	DCE_RPC_RESPONSE -> response : DCE_RPC_Response;
+	default          -> other    : bytestring &restofdata;
 };
 
 type DCE_RPC_Auth(header: DCE_RPC_Header) = uint8[header.auth_length];
-
-
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index 78de7d048b..cf6915a2d7 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -51,10 +51,10 @@ refine connection SMB_Conn += {
 			if ( smb_pipe_bind_request )
 				{
 				// TODO - the version number needs to be calculated properly
-				if ( ${val.rpc_body.bind.p_context_elem.n_context_elem} > 0 )
+				if ( ${val.rpc_body.bind.context_list.num_contexts} > 0 )
 					{
-					const char * uuid = analyzer::dce_rpc::uuid_to_string(${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid}.begin());
-					uint32_t version = ${val.rpc_body.bind.p_context_elem.p_cont_elem[0].abstract_syntax.if_version};
+					const char * uuid = analyzer::dce_rpc::uuid_to_string(${val.rpc_body.bind.context_list.request_contexts[0].abstract_syntax.uuid}.begin());
+					uint32_t version = ${val.rpc_body.bind.context_list.request_contexts[0].abstract_syntax.version};
 
 					BifEvent::generate_smb_pipe_bind_request(bro_analyzer(), 
 					                                         bro_analyzer()->Conn(), 

From ca58dc84d571e4290d8ab6b66309a51e75f8f934 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 11:17:51 -0500
Subject: [PATCH 25/84] Create an smb_auth.log.

 - Brings the SMB NTLM support all the way to a log.
 - Only support SMB1 right now.
 - A bit more clean up of logged file actions and code organization.
---
 scripts/base/protocols/smb/main.bro      | 14 ++++++-
 scripts/base/protocols/smb/smb1-main.bro | 49 +++++++++++++++---------
 2 files changed, 43 insertions(+), 20 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 246f578022..8e8ad032dd 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -5,6 +5,7 @@ module SMB;
 export {
 	redef enum Log::ID += { 
 		CMD_LOG,
+		AUTH_LOG,
 		MAPPING_LOG,
 		FILES_LOG
 	};
@@ -36,8 +37,7 @@ export {
 	## The file actions which are logged.
 	const logged_file_actions: set[Action] = {
 		FILE_OPEN,
-		FILE_READ,
-		FILE_WRITE,
+		FILE_CLOSE, 
 
 		PIPE_OPEN,
 		PIPE_CLOSE,
@@ -95,6 +95,13 @@ export {
 		share_type          : string &log &default="UNKNOWN";
 	};
 
+	type AuthInfo: record {
+		ts         : time   &log &optional;
+		username   : string &log &optional;
+		hostname   : string &log &optional;
+		domainname : string &log &optional;
+	};
+
 	## This record is for the smb_cmd.log
 	type CmdInfo: record {
 		## Timestamp of the command request
@@ -142,6 +149,8 @@ export {
 		current_file   : FileInfo    &optional;
 		## A reference to the current tree.
 		current_tree   : TreeInfo    &optional;
+		## A reference to the currently authenticated user.
+		current_auth   : AuthInfo    &optional;
 		
 		## Indexed on MID to map responses to requests.
 		pending_cmds : table[count] of CmdInfo   &optional;
@@ -202,6 +211,7 @@ redef likely_server_ports += { ports };
 event bro_init() &priority=5
 	{
 	Log::create_stream(CMD_LOG, [$columns=SMB::CmdInfo]);
+	Log::create_stream(AUTH_LOG, [$columns=SMB::AuthInfo]);
 	Log::create_stream(FILES_LOG, [$columns=SMB::FileInfo]);
 	Log::create_stream(MAPPING_LOG, [$columns=SMB::TreeInfo]);
 
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index b0d7ef58b5..fc45d02e5a 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -282,29 +282,22 @@ event smb_ntlm_negotiate(c: connection, hdr: SMB1::Header, request: SMB::NTLMNeg
 	{
 	c$smb_state$current_cmd$sub_command = "NTLMSSP_NEGOTIATE";
 	}
-
-event smb1_error(c: connection, hdr: SMB1::Header, is_orig: bool)
-	{
-	if ( ! is_orig )
-		{
-		# This is for deferred commands only.
-		# The more specific messages won't fire for errors
-		if ( SMB::write_cmd_log &&
-		     ( c$smb_state$current_cmd$status !in SMB::ignored_command_statuses ) &&
-		     ( c$smb_state$current_cmd$command in SMB::deferred_logging_cmds ) )
-			{
-			Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
-			}
-		}
-	}
 	
-event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate)
+event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate) &priority=5
 	{
 	c$smb_state$current_cmd$sub_command = "NTLMSSP_AUTHENTICATE";
 
+	c$smb_state$current_auth = SMB::AuthInfo($ts=network_time());
+	if ( request?$domain_name )
+		c$smb_state$current_auth$domainname = request$domain_name;
+	if ( request?$workstation )
+		c$smb_state$current_auth$hostname = request$workstation;
+	if ( request?$user_name )
+		c$smb_state$current_auth$username = request$user_name;
+
 	local user: string = "";
 	if ( ( request?$domain_name && request$domain_name != "" ) && ( request?$user_name && request$user_name != "" ) )
-		user = fmt("%s\\%s", request$domain_name, request$user_name);	
+		user = fmt("%s\\%s", request$domain_name, request$user_name);
 	else if ( ( request?$workstation && request$workstation != "" ) && ( request?$user_name && request$user_name != "" ) )
 		user = fmt("%s\\%s", request$workstation, request$user_name);
 	else if ( request?$user_name && request$user_name != "" )
@@ -325,6 +318,11 @@ event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLM
 		}
 	}
 
+event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate) &priority=5
+	{
+	Log::write(SMB::AUTH_LOG, c$smb_state$current_auth);
+	}
+
 event smb1_transaction_request(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count)
 	{
 	c$smb_state$current_cmd$sub_command = SMB1::trans_sub_commands[sub_cmd];
@@ -387,7 +385,22 @@ event smb_pipe_request(c: connection, hdr: SMB1::Header, op_num: count)
 
 	c$smb_state$current_cmd$argument = arg;
 	}
-	
+
+event smb1_error(c: connection, hdr: SMB1::Header, is_orig: bool)
+	{
+	if ( ! is_orig )
+		{
+		# This is for deferred commands only.
+		# The more specific messages won't fire for errors
+		if ( SMB::write_cmd_log &&
+		     c$smb_state$current_cmd$status !in SMB::ignored_command_statuses &&
+		     c$smb_state$current_cmd$command in SMB::deferred_logging_cmds )
+			{
+			Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
+			}
+		}
+	}
+
 #event smb1_transaction_setup(c: connection, hdr: SMB1::Header, op_code: count, file_id: count)
 #	{
 #	local uuid = SMB::rpc_uuids[c$smb_state$pipe_map[file_id]];

From 12a8b8e5db49542b2fc19b74311ae067395b1e12 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 11:18:22 -0500
Subject: [PATCH 26/84] Fix and clean up the DCE_RPC analyzer a bit and
 probably broke it in some way.

---
 src/analyzer/protocol/dce-rpc/DCE_RPC.cc      |  66 ++---
 src/analyzer/protocol/dce-rpc/DCE_RPC.h       |  22 +-
 .../protocol/dce-rpc/dce_rpc-analyzer.pac     | 249 +++++++++---------
 .../protocol/dce-rpc/dce_rpc-protocol.pac     | 134 +++++-----
 src/analyzer/protocol/dce-rpc/dce_rpc.pac     |  11 +-
 5 files changed, 251 insertions(+), 231 deletions(-)

diff --git a/src/analyzer/protocol/dce-rpc/DCE_RPC.cc b/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
index 1d3b6ef0ef..49a9647c0f 100644
--- a/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
+++ b/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
@@ -190,7 +190,7 @@ DCE_RPC_Header::DCE_RPC_Header(analyzer::Analyzer* a, const u_char* b)
 
 DCE_RPC_Session::DCE_RPC_Session(analyzer::Analyzer* a)
 : analyzer(a),
-  if_uuid("00000000-0000-0000-0000-000000000000"),
+  uuid("00000000-0000-0000-0000-000000000000"),
   if_id(BifEnum::DCE_RPC_unknown_if)
 	{
 	opnum = -1;
@@ -203,7 +203,7 @@ bool DCE_RPC_Session::LooksLikeRPC(int len, const u_char* msg)
 
 	try
 		{
-		binpac::DCE_RPC_Simple::DCE_RPC_Header h;
+		binpac::DCE_RPC::DCE_RPC_Header h;
 		h.Parse(msg, msg + len);
 		if ( h.rpc_vers() == 5 && h.rpc_vers_minor() == 0 )
 			{
@@ -241,20 +241,20 @@ void DCE_RPC_Session::DeliverPDU(int is_orig, int len, const u_char* data)
 	try
 		{
 		// TODO: handle incremental input
-		binpac::DCE_RPC_Simple::DCE_RPC_PDU pdu;
+		binpac::DCE_RPC::DCE_RPC_PDU pdu;
 		pdu.Parse(data, data + len);
 
 		switch ( pdu.header()->PTYPE() ) {
-		case binpac::DCE_RPC_Simple::DCE_RPC_BIND:
-		case binpac::DCE_RPC_Simple::DCE_RPC_ALTER_CONTEXT:
+		case binpac::DCE_RPC::DCE_RPC_BIND:
+		case binpac::DCE_RPC::DCE_RPC_ALTER_CONTEXT:
 			DeliverBind(&pdu);
 			break;
 
-		case binpac::DCE_RPC_Simple::DCE_RPC_REQUEST:
+		case binpac::DCE_RPC::DCE_RPC_REQUEST:
 			DeliverRequest(&pdu);
 			break;
 
-		case binpac::DCE_RPC_Simple::DCE_RPC_RESPONSE:
+		case binpac::DCE_RPC::DCE_RPC_RESPONSE:
 			DeliverResponse(&pdu);
 			break;
 		}
@@ -265,24 +265,24 @@ void DCE_RPC_Session::DeliverPDU(int is_orig, int len, const u_char* data)
 		}
 	}
 
-void DCE_RPC_Session::DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
+void DCE_RPC_Session::DeliverBind(const binpac::DCE_RPC::DCE_RPC_PDU* pdu)
 	{
-	binpac::DCE_RPC_Simple::DCE_RPC_Bind* bind = pdu->body()->bind();
+	binpac::DCE_RPC::DCE_RPC_Bind* bind = pdu->body()->bind();
 
-	for ( int i = 0; i < bind->p_context_elem()->n_context_elem(); ++i )
+	for ( int i = 0; i < bind->context_list()->num_contexts(); ++i )
 		{
-		binpac::DCE_RPC_Simple::p_cont_elem_t* elem =
-			(*bind->p_context_elem()->p_cont_elem())[i];
+		binpac::DCE_RPC::ContextRequest* elem =
+			(*bind->context_list()->request_contexts())[i];
 
-		if_uuid = UUID(elem->abstract_syntax()->if_uuid().begin());
+		uuid = UUID(elem->abstract_syntax()->uuid().begin());
 		uuid_map_t::const_iterator uuid_it =
-			well_known_uuid_map().find(if_uuid);
+			well_known_uuid_map().find(uuid);
 
 		if ( uuid_it == well_known_uuid_map().end() )
 			{
 #ifdef DEBUG
 			// conn->Weird(fmt("Unknown DCE_RPC interface %s",
-			// 		if_uuid.to_string()));
+			// 		uuid.to_string()));
 #endif
 			if_id = BifEnum::DCE_RPC_unknown_if;
 			}
@@ -293,7 +293,7 @@ void DCE_RPC_Session::DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu
 			{
 			val_list* vl = new val_list;
 			vl->append(analyzer->BuildConnVal());
-			vl->append(new StringVal(if_uuid.to_string()));
+			vl->append(new StringVal(uuid.to_string()));
 			// vl->append(new EnumVal(if_id, BifType::Enum::dce_rpc_if_id));
 
 			analyzer->ConnectionEvent(dce_rpc_bind, vl);
@@ -301,9 +301,9 @@ void DCE_RPC_Session::DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu
 		}
 	}
 
-void DCE_RPC_Session::DeliverRequest(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
+void DCE_RPC_Session::DeliverRequest(const binpac::DCE_RPC::DCE_RPC_PDU* pdu)
 	{
-	binpac::DCE_RPC_Simple::DCE_RPC_Request* req = pdu->body()->request();
+	binpac::DCE_RPC::DCE_RPC_Request* req = pdu->body()->request();
 
 	opnum = req->opnum();
 
@@ -328,9 +328,9 @@ void DCE_RPC_Session::DeliverRequest(const binpac::DCE_RPC_Simple::DCE_RPC_PDU*
 	}
 	}
 
-void DCE_RPC_Session::DeliverResponse(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
+void DCE_RPC_Session::DeliverResponse(const binpac::DCE_RPC::DCE_RPC_PDU* pdu)
 	{
-	binpac::DCE_RPC_Simple::DCE_RPC_Response* resp = pdu->body()->response();
+	binpac::DCE_RPC::DCE_RPC_Response* resp = pdu->body()->response();
 
 	if ( dce_rpc_response )
 		{
@@ -353,16 +353,16 @@ void DCE_RPC_Session::DeliverResponse(const binpac::DCE_RPC_Simple::DCE_RPC_PDU*
 	}
 
 void DCE_RPC_Session::DeliverEpmapperRequest(
-	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* /* pdu */,
-	const binpac::DCE_RPC_Simple::DCE_RPC_Request* /* req */)
+	const binpac::DCE_RPC::DCE_RPC_PDU* /* pdu */,
+	const binpac::DCE_RPC::DCE_RPC_Request* /* req */)
 	{
 	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
 	// ### TODO(rpang): generate an event on epmapper request
 	}
 
 void DCE_RPC_Session::DeliverEpmapperResponse(
-	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-	const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp)
+	const binpac::DCE_RPC::DCE_RPC_PDU* pdu,
+	const binpac::DCE_RPC::DCE_RPC_Response* resp)
 	{
 	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
 	switch ( opnum ) {
@@ -374,12 +374,12 @@ void DCE_RPC_Session::DeliverEpmapperResponse(
 
 
 void DCE_RPC_Session::DeliverEpmapperMapResponse(
-	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-	const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp)
+	const binpac::DCE_RPC::DCE_RPC_PDU* pdu,
+	const binpac::DCE_RPC::DCE_RPC_Response* resp)
 	{
 	try
 		{
-		binpac::DCE_RPC_Simple::epmapper_map_resp epm_resp;
+		binpac::DCE_RPC::epmapper_map_resp epm_resp;
 
 		epm_resp.Parse(resp->stub().begin(), resp->stub().end(),
 				pdu->byteorder());
@@ -387,7 +387,7 @@ void DCE_RPC_Session::DeliverEpmapperMapResponse(
 		for ( unsigned int twr_i = 0;
 		      twr_i < epm_resp.towers()->actual_count(); ++twr_i )
 			{
-			binpac::DCE_RPC_Simple::epm_tower* twr =
+			binpac::DCE_RPC::epm_tower* twr =
 				(*epm_resp.towers()->towers())[twr_i]->tower();
 
 			mapped.addr = dce_rpc_endpoint_addr();
@@ -396,28 +396,28 @@ void DCE_RPC_Session::DeliverEpmapperMapResponse(
 			for ( int floor_i = 0; floor_i < twr->num_floors();
 			      ++floor_i )
 				{
-				binpac::DCE_RPC_Simple::epm_floor* floor =
+				binpac::DCE_RPC::epm_floor* floor =
 						(*twr->floors())[floor_i];
 
 				switch ( floor->protocol() ) {
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_UUID:
+				case binpac::DCE_RPC::EPM_PROTOCOL_UUID:
 					if ( floor_i == 0 )
 						mapped.uuid = UUID(floor->lhs()->data()->uuid()->if_uuid());
 					break;
 
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_TCP:
+				case binpac::DCE_RPC::EPM_PROTOCOL_TCP:
 					mapped.addr.port =
 						floor->rhs()->data()->tcp();
 					mapped.addr.proto = TRANSPORT_TCP;
 					break;
 
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_UDP:
+				case binpac::DCE_RPC::EPM_PROTOCOL_UDP:
 					mapped.addr.port =
 						floor->rhs()->data()->udp();
 					mapped.addr.proto = TRANSPORT_UDP;
 					break;
 
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_IP:
+				case binpac::DCE_RPC::EPM_PROTOCOL_IP:
 					uint32 hostip = floor->rhs()->data()->ip();
 					mapped.addr.addr = IPAddr(IPv4, &hostip, IPAddr::Host);
 					break;
diff --git a/src/analyzer/protocol/dce-rpc/DCE_RPC.h b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
index cd3910bf42..c54638d03f 100644
--- a/src/analyzer/protocol/dce-rpc/DCE_RPC.h
+++ b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
@@ -11,7 +11,7 @@
 #include "analyzer/protocol/dce-rpc/events.bif.h"
 #include "IPAddr.h"
 
-#include "dce_rpc_simple_pac.h"
+#include "dce_rpc_pac.h"
 
 
 namespace analyzer { namespace dce_rpc {
@@ -125,22 +125,22 @@ public:
 		{ return dce_rpc_message || dce_rpc_bind || dce_rpc_request; }
 
 protected:
-	void DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
-	void DeliverRequest(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
-	void DeliverResponse(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
+	void DeliverBind(const binpac::DCE_RPC::DCE_RPC_PDU* pdu);
+	void DeliverRequest(const binpac::DCE_RPC::DCE_RPC_PDU* pdu);
+	void DeliverResponse(const binpac::DCE_RPC::DCE_RPC_PDU* pdu);
 
 	void DeliverEpmapperRequest(
-			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-			const binpac::DCE_RPC_Simple::DCE_RPC_Request* req);
+			const binpac::DCE_RPC::DCE_RPC_PDU* pdu,
+			const binpac::DCE_RPC::DCE_RPC_Request* req);
 	void DeliverEpmapperResponse(
-			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-			const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp);
+			const binpac::DCE_RPC::DCE_RPC_PDU* pdu,
+			const binpac::DCE_RPC::DCE_RPC_Response* resp);
 	void DeliverEpmapperMapResponse(
-			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-			const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp);
+			const binpac::DCE_RPC::DCE_RPC_PDU* pdu,
+			const binpac::DCE_RPC::DCE_RPC_Response* resp);
 
 	analyzer::Analyzer* analyzer;
-	UUID if_uuid;
+	UUID uuid;
 	BifEnum::dce_rpc_if_id if_id;
 	int opnum;
 	struct {
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
index ddc99abd8e..a25b4b783a 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
@@ -4,131 +4,132 @@ type DCE_RPC_PDU = record {
 	# Set header's byteorder to little-endian (or big-endian) to
 	# avoid cyclic dependency.
 	header	: DCE_RPC_Header;
-	frag	: bytestring &length = body_length;
+	# TODO: bring back reassembly.  It was having trouble.
+	#frag	: bytestring &length = body_length;
+	body    : DCE_RPC_Body(header);
 	auth	: DCE_RPC_Auth(header);
 } &let {
-	body_length: int =
-		 header.frag_length - sizeof(header) - header.auth_length;
-	frag_reassembled: bool =
-		$context.flow.reassemble_fragment(frag, header.lastfrag);
-	body:	DCE_RPC_Body(header)
-		withinput $context.flow.reassembled_body()
-		&if frag_reassembled;
+	#body_length      : int  = header.frag_length - sizeof(header) - header.auth_length;
+	#frag_reassembled : bool = $context.flow.reassemble_fragment(frag, header.lastfrag);
+	#body             : DCE_RPC_Body(header)
+	#	withinput $context.flow.reassembled_body()
+	#	&if frag_reassembled;
 } &byteorder = header.byteorder,
-  &length = header.frag_length;	# length of the PDU
+  &length = header.frag_length;
 
-
-connection DCE_RPC_Conn(bro_analyzer: BroAnalyzer) {
-	upflow = DCE_RPC_Flow(true);
-	downflow = DCE_RPC_Flow(false);
-
-	function get_cont_id_opnum_map(cont_id: uint16): uint16
-		%{
-		return cont_id_opnum_map[cont_id];
-		%}
-
-	function set_cont_id_opnum_map(cont_id: uint16, opnum: uint16): bool
-		%{
-		cont_id_opnum_map[cont_id] = opnum;
-		return true;
-		%}
-
-	%member{
-	map<uint16, uint16> cont_id_opnum_map;
-	%}
-};
-
-
-flow DCE_RPC_Flow(is_orig: bool) {
-	flowunit = DCE_RPC_PDU withcontext (connection, this);
-
-	%member{
-	FlowBuffer frag_reassembler_;
-	%}
-
-	# Fragment reassembly.
-	function reassemble_fragment(frag: bytestring, lastfrag: bool): bool
-		%{
-		int orig_data_length = frag_reassembler_.data_length();
-
-		frag_reassembler_.NewData(frag.begin(), frag.end());
-
-		int new_frame_length = orig_data_length + frag.length();
-		if ( orig_data_length == 0 )
-			frag_reassembler_.NewFrame(new_frame_length, false);
-		else
-			frag_reassembler_.GrowFrame(new_frame_length);
-
-		return lastfrag;
-		%}
-
-	function reassembled_body(): const_bytestring
-		%{
-		return const_bytestring(
-			frag_reassembler_.begin(),
-			frag_reassembler_.end());
-		%}
-
-	# Bind.
-	function process_dce_rpc_bind(bind: DCE_RPC_Bind): bool
-		%{
-		$const_def{bind_elems = bind.p_context_elem};
-
-		if ( ${bind_elems.n_context_elem} > 1 ) {
-			${connection.bro_analyzer}->Weird(
-				"DCE_RPC_bind_to_multiple_interfaces");
-		}
-
-		if ( dce_rpc_bind ) {
-			// Go over the elements, each having a UUID
-			for ( int i = 0; i < ${bind_elems.n_context_elem}; ++i ) {
-				$const_def{if_uuid =
-					bind_elems.p_cont_elem[i].abstract_syntax.if_uuid};
-
-				// Queue the event
-				BifEvent::generate_dce_rpc_bind(
-					${connection.bro_analyzer},
-					${connection.bro_analyzer}->Conn(),
-					bytestring_to_val(${if_uuid}));
-
-				// Set the connection's UUID
-				// ${connection}->set_uuid(${if_uuid});
-			}
-		}
-
-		return ${bind_elems.n_context_elem} > 0;
-		%}
-
-	# Request.
-	function process_dce_rpc_request(req: DCE_RPC_Request): bool
-		%{
-		if ( dce_rpc_request )
-			{
-			BifEvent::generate_dce_rpc_request(
-				${connection.bro_analyzer},
-				${connection.bro_analyzer}->Conn(),
-				${req.opnum},
-				bytestring_to_val(${req.stub}));
-			}
-
-		${connection}->set_cont_id_opnum_map(${req.p_cont_id},
-							${req.opnum});
-
-		return true;
-		%}
-
-	# Response.
-	function process_dce_rpc_response(resp: DCE_RPC_Response): bool
-		%{
-		if ( dce_rpc_response )
-			{
-			BifEvent::generate_dce_rpc_response(
-				${connection.bro_analyzer},
-				${connection.bro_analyzer}->Conn(),
-				${connection}->get_cont_id_opnum_map(${resp.p_cont_id}),
-				bytestring_to_val(${resp.stub}));
-			}
-
-		return true;
-		%}
-};
+#connection DCE_RPC_Conn(bro_analyzer: BroAnalyzer) {
+#	upflow = DCE_RPC_Flow(true);
+#	downflow = DCE_RPC_Flow(false);
+#
+#	%member{
+#		map<uint16, uint16> cont_id_opnum_map;
+#	%}
+#
+#	function get_cont_id_opnum_map(cont_id: uint16): uint16
+#		%{
+#		return cont_id_opnum_map[cont_id];
+#		%}
+#
+#	function set_cont_id_opnum_map(cont_id: uint16, opnum: uint16): bool
+#		%{
+#		cont_id_opnum_map[cont_id] = opnum;
+#		return true;
+#		%}
+#};
+#
+#
+#flow DCE_RPC_Flow(is_orig: bool) {
+#	flowunit = DCE_RPC_PDU withcontext (connection, this);
+#
+#	#%member{
+#	#FlowBuffer frag_reassembler_;
+#	#%}
+#
+#	# Fragment reassembly.
+#	#function reassemble_fragment(frag: bytestring, lastfrag: bool): bool
+#	#	%{
+#	#	int orig_data_length = frag_reassembler_.data_length();
+#	#
+#	#	frag_reassembler_.NewData(frag.begin(), frag.end());
+#	#
+#	#	int new_frame_length = orig_data_length + frag.length();
+#	#	if ( orig_data_length == 0 )
+#	#		frag_reassembler_.NewFrame(new_frame_length, false);
+#	#	else
+#	#		frag_reassembler_.GrowFrame(new_frame_length);
+#	#
+#	#	return lastfrag;
+#	#	%}
+#
+#	#function reassembled_body(): const_bytestring
+#	#	%{
+#	#	return const_bytestring(
+#	#		frag_reassembler_.begin(),
+#	#		frag_reassembler_.end());
+#	#	%}
+#
+#	# Bind.
+#	function process_dce_rpc_bind(bind: DCE_RPC_Bind): bool
+#		%{
+#		$const_def{bind_elems = bind.context_list};
+#
+#		if ( ${bind_elems.num_contexts} > 1 )
+#			{
+#			${connection.bro_analyzer}->Weird("DCE_RPC_bind_to_multiple_interfaces");
+#			}
+#
+#		if ( dce_rpc_bind )
+#			{
+#			// Go over the elements, each having a UUID
+#			for ( int i = 0; i < ${bind_elems.num_contexts}; ++i )
+#				{
+#				$const_def{uuid =
+#					bind_elems.request_contexts[i].abstract_syntax.uuid};
+#
+#				// Queue the event
+#				BifEvent::generate_dce_rpc_bind(
+#					${connection.bro_analyzer},
+#					${connection.bro_analyzer}->Conn(),
+#					bytestring_to_val(${uuid}));
+#
+#				// Set the connection's UUID
+#				// ${connection}->set_uuid(${uuid});
+#				}
+#			}
+#
+#		return ${bind_elems.num_contexts} > 0;
+#		%}
+#
+#	# Request.
+#	function process_dce_rpc_request(req: DCE_RPC_Request): bool
+#		%{
+#		if ( dce_rpc_request )
+#			{
+#			BifEvent::generate_dce_rpc_request(
+#				${connection.bro_analyzer},
+#				${connection.bro_analyzer}->Conn(),
+#				${req.opnum},
+#				bytestring_to_val(${req.stub}));
+#			}
+#
+#		${connection}->set_cont_id_opnum_map(${req.context_id},
+#		                                     ${req.opnum});
+#
+#		return true;
+#		%}
+#
+#	# Response.
+#	function process_dce_rpc_response(resp: DCE_RPC_Response): bool
+#		%{
+#		if ( dce_rpc_response )
+#			{
+#			BifEvent::generate_dce_rpc_response(
+#				${connection.bro_analyzer},
+#				${connection.bro_analyzer}->Conn(),
+#				${connection}->get_cont_id_opnum_map(${resp.context_id}),
+#				bytestring_to_val(${resp.stub}));
+#			}
+#
+#		return true;
+#		%}
+#};
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
index a7bfcb5368..f13311a0fa 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
@@ -25,20 +25,20 @@ enum dce_rpc_ptype {
 type uuid = bytestring &length = 16;
 
 type context_handle = record {
-	cxt_attributes:		uint32;
-	cxt_uuid:		uuid;
+	attrs : uint32;
+	uuid  : bytestring &length = 16;
 };
 
-type rpc_if_id_t = record {
-	if_uuid		: uuid;
-	vers_major	: uint16;
-	vers_minor	: uint16;
-};
+#type rpc_if_id_t = record {
+#	if_uuid    : bytestring &length = 16;
+#	vers_major : uint16;
+#	vers_minor : uint16;
+#};
 
 type NDR_Format = record {
-	intchar		: uint8;
-	floatspec	: uint8;
-	reserved	: padding[2];
+	intchar    : uint8;
+	floatspec  : uint8;
+	reserved   : padding[2];
 } &let {
 	byteorder = (intchar >> 4) ? littleendian : bigendian;
 };
@@ -47,79 +47,95 @@ type NDR_Format = record {
 # causes problems despite the NDR_Format having a byteorder set.
 
 type DCE_RPC_Header = record {
-	rpc_vers	: uint8 &check(rpc_vers == 5);
-	rpc_vers_minor	: uint8;
-	PTYPE		: uint8;
-	pfc_flags	: uint8;
-	packed_drep	: NDR_Format;
-	frag_length	: uint16;
-	auth_length	: uint16;
-	call_id		: uint32;
+	rpc_vers       : uint8 &check(rpc_vers == 5);
+	rpc_vers_minor : uint8;
+	PTYPE          : uint8;
+	pfc_flags      : uint8;
+	packed_drep    : NDR_Format;
+	frag_length    : uint16;
+	auth_length    : uint16;
+	call_id        : uint32;
 } &let {
 	frag = pfc_flags & 4;
 	lastfrag = (! frag) || (pfc_flags & 2);
 } &byteorder = packed_drep.byteorder;
 
-type p_context_id_t = uint16;
-
-type p_syntax_id_t = record {
-	if_uuid		: uuid;
-	if_version	: uint32;
+type Syntax = record {
+	uuid    : bytestring &length = 16;
+	version : uint32;
 };
 
-type p_cont_elem_t = record {
-	p_cont_id	: p_context_id_t;
-	n_transfer_syn	: uint8;
-	reserved	: padding[1];
-	abstract_syntax	: p_syntax_id_t;
-	transfer_syntaxes : p_syntax_id_t[n_transfer_syn];
+type ContextRequest = record {
+	id                : uint16;
+	num_syntaxes      : uint8;
+	reserved          : padding[1];
+	abstract_syntax   : Syntax;
+	transfer_syntaxes : Syntax[num_syntaxes];
 };
 
-type p_cont_list_t = record {
-	n_context_elem	: uint8;
-	reserved	: padding[3];
-	p_cont_elem	: p_cont_elem_t[n_context_elem];
+type ContextReply = record {
+	ack_result        : uint16;
+	ack_reason        : uint16;
+	syntax            : Syntax;
+};
+
+type ContextList(is_request: bool) = record {
+	num_contexts   : uint8;
+	reserved       : padding[3];
+	req_reply      : case is_request of {
+		true  -> request_contexts : ContextRequest[num_contexts];
+		false -> reply_contexts   : ContextReply[num_contexts];
+	};
 };
 
 type DCE_RPC_Bind = record {
-	max_xmit_frag	: uint16;
-	max_recv_frag	: uint16;
-	assoc_group_id	: uint32;
-	p_context_elem	: p_cont_list_t;
+	max_xmit_frag  : uint16;
+	max_recv_frag  : uint16;
+	assoc_group_id : uint32;
+	context_list   : ContextList(1);
+};
+
+type DCE_RPC_Bind_Ack = record {
+	max_xmit_frag   : uint16;
+	max_recv_frag   : uint16;
+	assoc_group_id  : uint32;
+	sec_addr_length : uint16;
+	sec_addr        : bytestring &length=sec_addr_length;
+	pad             : padding align 4;
+	contexts        : ContextList(0);
 };
 
 type DCE_RPC_AlterContext = record {
-	max_xmit_frag	: uint16;
-	max_recv_frag	: uint16;
-	assoc_group_id	: uint32;
-	p_context_elem	: p_cont_list_t;
+	max_xmit_frag  : uint16;
+	max_recv_frag  : uint16;
+	assoc_group_id : uint32;
+	contexts       : ContextList(0);
 };
 
 type DCE_RPC_Request = record {
-	alloc_hint	: uint32;
-	p_cont_id	: p_context_id_t;
-	opnum		: uint16;
-	# object	: uuid;
-	# stub_pad_0	: padding align 8;
-	stub		: bytestring &restofdata;
+	alloc_hint   : uint32;
+	context_id   : uint16;
+	opnum        : uint16;
+	# object     : uuid;
+	# stub_pad_0 : padding align 8;
+	stub         : bytestring &restofdata;
 };
 
 type DCE_RPC_Response = record {
-	alloc_hint	: uint32;
-	p_cont_id	: p_context_id_t;
-	cancel_count	: uint8;
-	reserved	: uint8;
-	# stub_pad_0	: padding align 8;
-	stub		: bytestring &restofdata;
+	alloc_hint   : uint32;
+	context_id   : uint16;
+	cancel_count : uint8;
+	reserved     : uint8;
+	# stub_pad_0 : padding align 8;
+	stub         : bytestring &restofdata;
 };
 
 type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
-	DCE_RPC_BIND	 -> bind	: DCE_RPC_Bind;
-	DCE_RPC_REQUEST	 -> request	: DCE_RPC_Request;
-	DCE_RPC_RESPONSE -> response	: DCE_RPC_Response;
-	default		 -> other	: bytestring &restofdata;
+	DCE_RPC_BIND     -> bind     : DCE_RPC_Bind;
+	DCE_RPC_BIND_ACK -> bind_ack : DCE_RPC_Bind_Ack;
+	DCE_RPC_REQUEST  -> request  : DCE_RPC_Request;
+	DCE_RPC_RESPONSE -> response : DCE_RPC_Response;
+	default          -> other    : bytestring &restofdata;
 };
 
 type DCE_RPC_Auth(header: DCE_RPC_Header) = uint8[header.auth_length];
-
-%include epmapper.pac
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc.pac b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
index 632d2304a1..737d4d7a64 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
@@ -5,10 +5,13 @@
 #include "events.bif.h"
 %}
 
-analyzer DCE_RPC withcontext {
-	connection: DCE_RPC_Conn;
-	flow: DCE_RPC_Flow;
-};
+analyzer DCE_RPC withcontext {};
+
+#analyzer DCE_RPC withcontext {
+#	connection : DCE_RPC_Conn;
+#	flow       : DCE_RPC_Flow;
+#};
 
 %include dce_rpc-protocol.pac
+%include epmapper.pac
 %include dce_rpc-analyzer.pac

From b58ee68c11cb4b4e6c130661f7e38c02a3badb4e Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 11:20:50 -0500
Subject: [PATCH 27/84] Removed a vestigial SMB file.

---
 src/analyzer/protocol/smb/smb-protocol.pac | 465 ---------------------
 1 file changed, 465 deletions(-)
 delete mode 100644 src/analyzer/protocol/smb/smb-protocol.pac

diff --git a/src/analyzer/protocol/smb/smb-protocol.pac b/src/analyzer/protocol/smb/smb-protocol.pac
deleted file mode 100644
index 5ee96bf31f..0000000000
--- a/src/analyzer/protocol/smb/smb-protocol.pac
+++ /dev/null
@@ -1,465 +0,0 @@
-# CIFS/SMB
-
-# TODO:
-# - Built support for unicode strings
-# - Unicode as an implicit attribute (as byteorder)
-# - &truncation_ok attribute for the last field of a record to deal with partial data
-
-enum TransactionType {
-	SMB_MAILSLOT_BROWSE, # \MAILSLOT\BROWSE - MS Browse Protocol
-	SMB_MAILSLOT_LANMAN, # \MAILSLOT\LANMAN - deprecated cmds
-	SMB_PIPE, # \PIPE\* named pipes?
-	SMB_RAP, # \PIPE\LANMAN - remote administration protocol
-	SMB_UNKNOWN, # there's probably lots of these
-};
-
-function extract_string(s: SMB_string) : const_bytestring
-	%{
-	int length = 0;
-
-	char* buf;
-	const char* sp;
-
-	if( s->val_case_index() == 0 )
-		{
-		length = s->a()->size();
-		buf = new char[ length ];
-
-		for( int i = 0; i < length; i++)
-			{
-			unsigned char t = (*(s->a()))[i];
-			buf[i] = t;
-			}
-		}
-	else
-		{
-		length = s->u()->s()->size();
-		buf = new char[ length ];
-
-		for( int i = 0; i < length; i++)
-			{
-			unsigned short temp = (*(s->u()->s()))[i];
-			buf[i] = temp & 0xff;
-			}
-		}
-
-	return bytestring((uint8*) buf, length);
-	%}
-
-function determine_transaction_type(setup_count: int, name: SMB_string): TransactionType
-	%{
-	// This logic needs to be verified! the relationship between
-	// setup_count and type is very unclear.
-	if ( name == NULL )
-		return SMB_UNKNOWN;
-
-	if ( bytestring_caseprefix( extract_string(name),
-			"\\PIPE\\LANMAN" ) )
-		{
-		return SMB_RAP;
-		}
-	else if ( bytestring_caseprefix( extract_string(name),
-			"\\MAILSLOT\\LANMAN" ) )
-		{
-		return SMB_MAILSLOT_LANMAN;
-		//return SMB_MAILSLOT_BROWSE;
-		}
-	else if ( bytestring_caseprefix( extract_string(name),
-			"\\MAILSLOT\\NET\\NETLOGON" ) )
-		{
-		/* Don't really know what to do here, its got a Mailslot
-		 * type but its a depricated packet format that handles
-		 * old windows logon
-		 */
-		return SMB_UNKNOWN;
-		}
-	else if(setup_count == 2 ||
-			bytestring_caseprefix( extract_string(name), "\\PIPE\\" ) )
-		{
-		return SMB_PIPE;
-		}
-	else if (setup_count == 3 ||
-			bytestring_caseprefix( extract_string(name), "\\MAILSLOT\\" ) )
-		{
-		return SMB_MAILSLOT_BROWSE;
-		}
-	else
-		return SMB_UNKNOWN;
-	%}
-
-function name_string(trans: SMB_transaction): SMB_string
-	%{
-	if( trans->trans_type() == 1 )
-		return trans->name();
-	else
-		return NULL;
-	%}
-
-
-type SMB_dos_error = record {
-	error_class	: uint8;
-	reserved	: uint8;
-	error		: uint16;
-};
-
-type SMB_error (err_status_type: int) = case err_status_type of {
-	0 -> dos_error: SMB_dos_error;
-	1 -> status: int32;
-};
-
-type SMB_header = record {
-	protocol	: bytestring &length = 4;
-	command		: uint8;
-	status		: SMB_error(err_status_type);
-	flags		: uint8;
-	flags2		: uint16;
-	pad		: padding[12];
-	tid		: uint16;
-	pid		: uint16;
-	uid		: uint16;
-	mid		: uint16;
-} &let {
-	err_status_type = (flags2 >> 14) & 1;
-	unicode = (flags2 >> 15) & 1;
-} &byteorder = littleendian;
-
-# TODO: compute this as
-# let smb_header_length = sizeof(SMB_header);
-let smb_header_length = 32;
-
-type SMB_body = record {
-	word_count	: uint8;
-	parameter_words : uint16[word_count];
-	byte_count	: uint16;
-	# buffer	: uint8[byte_count];
-} &let {
-	body_length = 1 + word_count * 2 + 2 + byte_count;
-} &byteorder = littleendian;
-
-type SMB_ascii_string		= uint8[] &until($element == 0);
-type SMB_unicode_string(offset: int) = record {
-	pad	: padding[offset & 1];
-	s	: uint16[] &until($element == 0);
-};
-
-type SMB_string(unicode: bool, offset: int) = case unicode of {
-	true	-> u: SMB_unicode_string(offset);
-	false	-> a: SMB_ascii_string;
-};
-
-type SMB_time = record {
-	two_seconds : uint16;
-	minutes	: uint16;
-	hours		: uint16;
-} &byteorder = littleendian;
-
-type SMB_date = record {
-	day		: uint16;
-	month		: uint16;
-	year		: uint16;
-} &byteorder = littleendian;
-
-type SMB_andx = record {
-	command		: uint8;
-	reserved	: uint8;
-	offset		: uint16;
-} &refcount;
-
-type SMB_generic_andx = record {
-	word_count	: uint8;
-	andx_u		: case word_count of {
-		0	-> null : empty;
-		default -> andx	: SMB_andx;
-	};
-	data		: bytestring &restofdata;
-} &byteorder = littleendian;
-
-type SMB_dialect = record {
-	bufferformat	: uint8;	# must be 0x2
-	dialectname	: SMB_ascii_string;
-};
-
-type SMB_negotiate = record {
-	word_count	: uint8;	# must be 0
-	byte_count	: uint16;
-	dialects	: SMB_dialect[] &length = byte_count;
-} &byteorder = littleendian;
-
-type SMB_negotiate_response = record {
-	word_count  : uint8; # should be 1
-	dialect_index : uint16;
-	byte_count  : uint16; # should be 0
-} &byteorder = littleendian;
-
-type SMB_negotiate_response_long(unicode: bool) = record {
-	word_count  : uint8; # should be 13
-	dialect_index : uint16;
-	security_mode : uint16; # bit 0: 0=share 1=user, bit 1: 1=chalenge/response
-	max_buffer_size : uint16;
-	max_mpx_count : uint16;
-	max_number_vcs : uint16;
-	raw_mode : uint16;
-	session_key : uint32;
-	server_time : SMB_time;
-	server_date : SMB_date;
-	server_tz	: uint16;
-	enc_key_len : uint16;
-	reserved	: uint16; # must be 0
-	byte_count : uint16;
-	encryption_key : uint8[enc_key_len];
-	primary_domain : SMB_string(unicode, offsetof(primary_domain));
-} &byteorder = littleendian;
-
-# pre NT LM 0.12
-type SMB_setup_andx_basic(unicode: bool) = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	max_buffer_size : uint16;
-	max_mpx_count	: uint16;
-	vc_number	: uint16;
-	session_key	: uint32;
-	passwd_length	: uint8;
-	reserved	: uint32;
-	byte_count	: uint8;
-	password	: uint8[passwd_length];
-	name		: SMB_string(unicode, offsetof(name));
-	domain		: SMB_string(unicode, offsetof(domain));
-	native_os	: SMB_string(unicode, offsetof(native_os));
-	native_lanman	: SMB_string(unicode, offsetof(native_lanman));
-} &byteorder = littleendian;
-
-type SMB_setup_andx_basic_response(unicode: bool) = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	action		: uint8;
-	byte_count	: uint8;
-	native_os	: SMB_string(unicode, offsetof(native_os));
-	native_lanman	: SMB_string(unicode, offsetof(native_lanman));
-	primary_domain	: SMB_string(unicode, offsetof(primary_domain));
-} &byteorder = littleendian;
-
-# NT LM 0.12 && CAP_EXTENDED_SECURITY
-type SMB_setup_andx_ext(unicode: bool) = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	max_buffer_size : uint16;
-	max_mpx_count	: uint16;
-	vc_number	: uint16;
-	session_key	: uint32;
-	security_length : uint8;
-	reserved	: uint32;
-	capabilities	: uint32;
-	byte_count	: uint8;
-	security_blob	: uint8[security_length];
-	native_os	: SMB_string(unicode, offsetof(native_os));
-	native_lanman	: SMB_string(unicode, offsetof(native_lanman));
-} &byteorder = littleendian;
-
-type SMB_setup_andx_ext_response(unicode: bool) = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	action		: uint8;
-	security_length : uint8;
-	byte_count	: uint8;
-	security_blob	: uint8[security_length];
-	native_os	: SMB_string(unicode, offsetof(native_os));
-	native_lanman	: SMB_string(unicode, offsetof(native_lanman));
-	primary_domain	: SMB_string(unicode, offsetof(primary_domain));
-} &byteorder = littleendian;
-
-type SMB_logoff_andx(unicode: bool) = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	byte_count	: uint16;
-} &byteorder = littleendian;
-
-type SMB_tree_connect_andx(unicode: bool) = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	flags		: uint16;
-	password_length	: uint16;
-	byte_count	: uint16;
-	password	: uint8[password_length];
-	path		: SMB_string(unicode, offsetof(path));
-	service		: SMB_ascii_string;
-} &byteorder = littleendian;
-
-type SMB_close(unicode: bool) = record {
-	word_count  : uint8;
-	fid		: uint16;
-	time		: SMB_time;
-	byte_count  : uint16;
-} &byteorder = littleendian;
-
-type SMB_tree_disconnect(unicode: bool) = record {
-	word_count	: uint8;
-	byte_count	: uint16;
-} &byteorder = littleendian;
-
-type SMB_nt_create_andx(unicode: bool) = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	reserved	: uint8;
-	name_length	: uint16;
-	flags		: uint32;
-	rest_words	: uint8[word_count * 2 - 11];
-	byte_count	: uint16;
-	name		: SMB_string(unicode, offsetof(name));
-} &byteorder = littleendian;
-
-type SMB_read_andx = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	fid		: uint16;
-	offset		: uint32;
-	max_count	: uint16;
-	min_count	: uint16;
-	max_count_high	: uint16;
-	remaining	: uint16;
-	offset_high_u	: case word_count of {
-		12-> offset_high : uint32;
-		10-> null : empty;
-	};
-	byte_count	: uint16;
-} &byteorder = littleendian;
-
-type SMB_read_andx_response = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	remaining	: uint16;
-	data_compact	: uint16;
-	reserved	: uint16;
-	data_len	: uint16;
-	data_offset	: uint16;
-	data_len_high	: uint16;
-	reserved2	: uint16[4];
-	byte_count	: uint16;
-	pad		: padding[padding_length];
-	data		: bytestring &length = data_length;
-	# The length here is causing problems - could we be having
-	# issues with the packet format or is the data_length just not
-	# right. The problem is that the padding isn't always filled right,
-	# espeically when its not the first command in the packet.
-	#data		: bytestring &restofdata;
-} &let {
-	data_length = data_len_high * 0x10000 + data_len;
-	padding_length = byte_count - data_length;
-} &byteorder = littleendian;
-
-type SMB_write_andx = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	fid		: uint16;
-	offset		: uint32;
-	reserved	: uint32;
-	write_mode	: uint16;
-	remaining	: uint16;
-	data_len_high	: uint16;
-	data_len	: uint16;
-	data_offset	: uint16;
-	rest_words	: uint8[word_count * 2 - offsetof(rest_words) + 1];
-	byte_count	: uint16;
-	pad		: padding to data_offset - smb_header_length;
-	data		: bytestring &length = data_length;
-} &let {
-	data_length = data_len_high * 0x10000 + data_len;
-} &byteorder = littleendian;
-
-type SMB_write_andx_response = record {
-	word_count	: uint8;
-	andx		: SMB_andx;
-	count		: uint16;	# written bytes
-	remaining	: uint16;
-	reserved	: uint32;
-	byte_count	: uint16;
-} &byteorder = littleendian;
-
-type SMB_transaction_data(unicode: bool, count: uint16, sub_cmd: uint16,
-				trans_type: TransactionType ) = case trans_type of {
-
-	SMB_MAILSLOT_BROWSE -> mailslot : SMB_MailSlot_message(unicode, count);
-	SMB_MAILSLOT_LANMAN -> lanman : SMB_MailSlot_message(unicode, count);
-	SMB_RAP -> rap	: SMB_Pipe_message(unicode, count);
-	SMB_PIPE -> pipe : SMB_Pipe_message(unicode, count);
-	SMB_UNKNOWN -> unknown : bytestring &restofdata;
-	default -> data : bytestring &restofdata;
-
-};
-
-type SMB_transaction(trans_type: int, unicode: bool) = record {
-	word_count		: uint8;
-	total_param_count	: uint16;
-	total_data_count	: uint16;
-	max_param_count		: uint16;
-	max_data_count		: uint16;
-	max_setup_count		: uint8;
-	reserved		: uint8;
-	flags			: uint16;
-	timeout			: uint32;
-	reserved2		: uint16;
-	param_count		: uint16;
-	param_offset	: uint16;
-	data_count		: uint16;
-	data_offset		: uint16;
-	setup_count		: uint8;
-	reserved3		: uint8;
-	setup			: uint16[setup_count];
-	byte_count		: uint16;
-	name_u			: case trans_type of {
-		1 -> name: SMB_string(unicode, offsetof(name_u));
-		2 -> null: empty;
-		};
-	pad0			: padding to param_offset - smb_header_length;
-	parameters		: bytestring &length = param_count;
-	pad1			: padding to data_offset - smb_header_length;
-	data			: SMB_transaction_data(unicode, data_count, sub_cmd,
-						determine_transaction_type( setup_count, name_string( this )));
-} &let {
-	# does this work?
-	sub_cmd : uint16 = setup_count ? setup.op_code : 0;
-
-} &byteorder = littleendian;
-
-type SMB_transaction_secondary(unicode: bool) = record {
-	word_count		: uint8;
-	total_param_count	: uint16;
-	total_data_count	: uint16;
-	param_count		: uint16;
-	param_offset		: uint16;
-	param_displacement	: uint16;
-	data_count		: uint16;
-	data_offset		: uint16;
-	data_displacement	: uint16;
-	fid			: uint16;
-	byte_count		: uint16;
-	pad0			: padding to param_offset - smb_header_length;
-	parameters		: bytestring &length = param_count;
-	pad1			: padding to data_offset - smb_header_length;
-	data			: SMB_transaction_data(unicode, data_count, 0, SMB_UNKNOWN);
-} &byteorder = littleendian;
-
-type SMB_transaction_response(unicode: bool) = record {
-	word_count		: uint8;
-	total_param_count	: uint16;
-	total_data_count	: uint16;
-	reserved		: uint16;
-	param_count		: uint16;
-	param_offset		: uint16;
-	param_displacement	: uint16;
-	data_count		: uint16;
-	data_offset		: uint16;
-	data_displacement	: uint16;
-	setup_count		: uint8;
-	reserved2		: uint8;
-	setup			: uint16[setup_count];
-	byte_count		: uint16;
-	pad0			: padding to param_offset - smb_header_length;
-	parameters		: bytestring &length = param_count;
-	pad1			: padding to data_offset - smb_header_length;
-	data			: SMB_transaction_data(unicode, data_count, 0, SMB_UNKNOWN);
-} &byteorder = littleendian;
-
-type SMB_get_dfs_referral(unicode: bool) = record {
-	max_referral_level	: uint16;
-	file_name		: SMB_string(unicode, offsetof(file_name));
-} &byteorder = littleendian;

From c8818da09a54f6ecda6c3cc0e083cc1238e5927f Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 13:50:12 -0500
Subject: [PATCH 28/84] Fix a bug that resulted in recursion in the type
 system.

 - There is a bit of other minor reorganization cleanup here too.
---
 scripts/base/protocols/smb/main.bro | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 8e8ad032dd..c0ac9d31ed 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -168,12 +168,17 @@ export {
 		## This only applies to files seen in a single connection.
 		recent_files : set[string] &default=string_set() &read_expire=3min;
 	};
-	
+
+	## Optionally write out the SMB commands log.  This is 
+	## primarily useful for debugging so is disabled by default.
+	const write_cmd_log = F &redef;
+
+	## Everything below here is used internally in the SMB scripts.
+
 	redef record connection += {
 		smb_state : State &optional;
 	};
 	
-
 	## Internal use only
 	## Some commands shouldn't be logged by the smb1_message event
 	const deferred_logging_cmds: set[string] = {
@@ -182,10 +187,6 @@ export {
 		"SESSION_SETUP_ANDX",
 		"TREE_CONNECT_ANDX",
 	};
-	
-	## Optionally write out the SMB commands log.  This is 
-	## primarily useful for debugging so is disabled by default.
-	const write_cmd_log = F &redef;
 
 	## This is an internally used function.
 	const set_current_file: function(smb_state: State, file_id: count) &redef;
@@ -198,9 +199,6 @@ redef record FileInfo += {
 	## ID referencing this file.
 	fid  : count   &optional;
 
-	## Maintain a reference to the file record.
-	f    : fa_file &optional;
-
 	## UUID referencing this file if DCE/RPC
 	uuid : string &optional;
 };

From 21d8cab0c01257ddd69450499e56f115a7ebcebf Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 13:50:25 -0500
Subject: [PATCH 29/84] First SMB test.

---
 .../smb_files.log                               |  11 +++++++++++
 testing/btest/Traces/smb/smb1.pcap              | Bin 0 -> 34681 bytes
 .../btest/scripts/base/protocols/smb/smb1.test  |   4 ++++
 3 files changed, 15 insertions(+)
 create mode 100644 testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
 create mode 100644 testing/btest/Traces/smb/smb1.pcap
 create mode 100644 testing/btest/scripts/base/protocols/smb/smb1.test

diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
new file mode 100644
index 0000000000..7892e90f09
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
@@ -0,0 +1,11 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	smb_files
+#open	2016-03-07-17-23-56
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
+#types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
+1403194573.484358	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	(empty)	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
+1403194573.484701	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	Test	0	1403193632.973276	1403193632.973276	1403193604.628965	1403193632.973276
+#close	2016-03-07-17-23-56
diff --git a/testing/btest/Traces/smb/smb1.pcap b/testing/btest/Traces/smb/smb1.pcap
new file mode 100644
index 0000000000000000000000000000000000000000..bbcf5a12be12918d10dcfa5d2c208aeab257e774
GIT binary patch
literal 34681
zcmeFZ1ymi&x-L4=V8ICzT!Op16Fj)Phv4oI+${u82ofwLSaA2?5G1&}y9aL1td+f!
zwHN!`^Y(dfyfN;rjOw1%UGuN1|NFnMs;eg%Z7a)!1VMv-rn@^32m&bdBV{WO89V^J
z1q$E{LZaRpJN>e-jrnRG4kQkOh_!nq1QLQ3hiJ}+kOwmR<P<~$3dgGXdIdYZ9}Y3d
z-y5(50f)dlbl?y29IFCK8n?=FB0@jxgFrCA1vtQPGLWqw00$u5-2xYZGc&jVbjof`
z+Ph#(RyCOmeK{y~-GUpq3<<vXm*fXR1^EHjz-GYT2PZcm`vDmT$iF7kUq&nECTtA8
z_iMjU0TW2TH47ly+|#cLuFnQv#mApL%I3acNg^Pp20@^k{L_hGlRwhkU(&Db!2a0|
zxT5Vn?GRns_v!SXQ|ioM(g#%~2mKt&U(DWt(dsdL05Sud1I~Zo^ao~Ov>-KTLWDqm
zu+rjSq`-(lG)zu`kwW2EYxBc_fFx1@x&xpE@|+U?ffxvq_}AV7Xo28?Tn*&=&{Fbt
z)%ogHdih`-B2gD5!bcOR3r53&-tz5u#2^G?g@4$$zc~X{eoFuXKaw19WCAh_h!_MO
zaWe3k7|7uC2Z}f#a0LBC5q!M~g7B|sf*u0bH-LN}nyLyG56Uhj@}+VD4VrLZy5K>Q
zpm#w1|Ek|V`w3M2E&Yf<;J~p3z6|ynI1>N0HXm?Z2c!;q4zdB6fNVjoAV;9A4AKO$
z8t55F7AS$QTZ0UL)X@R%8-pBx&vqau;PbEez=EKDj1%0}ebE%{<+_0-yvdM2v7m1s
z>|+gX|369KsIxSB01^R=fb(B90>p+)1lEZB;omi4t!=%6Q_&BVXm(ovkEr`YBc{Z`
z7CQio_p46QQ?Nxsxxcjts7`6e?-qg5y{cn(59^e<Ch83_)1O++LVWzrr?B_`wd&a4
z(=X(dhA8@g5w?en=_Eo>{)5yYNT{ER@GFjgRfpf><PUWN*LS$5oe!m*-1Zfu5>~RK
zA*x|QIX~O@t6eZ!WX2Cbb3m+v^Iug5Vu&X6hwAkGt~#8GC>$F^fa*Ye_xl5_f2s~d
z@~^%9Rdwz|%V5w(K*|_$Lj@8dm!UgR_&-%0MZhy))j<RO=c;1>*trkQ+WqnY#jE4H
z`K}YuMro3Gu<C$4efK>BID$ZJa^M*V^h4pmlisg>`IYVWq1f-Bw@AYx8F$_zoZDP&
zY4|_Eb}Inw``Nz70p{kHn%}v(L9|}MwF|I)Z9?yNZi3?n*5m;w7>FHk{;PgKxZyQ{
zEvD}Ntwn(Ceqz5{1WH1``U!}iA8QOhz_{Z*(JoHYQxpTkX1)T0x_zal_VqrtzXTK<
ztl?lY;Ld`R+aIUjj=#2#3{?HOmT<bK{Q=L+3#%{BLLQ(_9iA}2q>z9ppuh(I$~J=^
zkpKZw0ht2Y@AQ{=_$RBK?`emZCPhSv+YEKaF>3ELt!L%mu{s1m<q;5b;QUusL&DL7
z{b2R0-&xJIi^8#K46qucLk$f3x3vVs(63(k$?9Zal=q=xOs?I<XuH?gck^KNlYScQ
zf68iApe-<~vHoN=@bO3bwO;^QKjzSC;CvripZ04i`V*3D)-3unp~7Mtz^t|V!_<%C
zky39cc#RXTRFd*{=U=M+_y~?D@EYd7N~>_-n7a@Cf6o2)p-;hO7k8tBStBnBv&`bM
zlKVfQ2ID}K+^+^`FktS!-~OGuo5t%EJS~74ER9M15hcLf9{|>Wuo~!^J^<wc0|n=Q
zQG?{@G_b`dhkt7kP=l?J-z@?qgJ1FeRSjJ3VM!Xvi|Xj;f$(B&-g=r)q?i9aHTWlz
zf5+0FY7hzx&h?)5b5v5AH+E&>o+5hTDViAi-meB!KjMJ}h-xMfH;5j1W?}(iTLD-r
zx&v!OTaXp-j{#69D?lyW?o|u7d-}n7Q7AWM8~%-E$G+>%)|&O-sYMHb8V8^h;QTLY
zK}8e(LoFPBR|}pN6ppPfKOE34HQFDj{kaAR07?gcLG8yH8mt!gp+-wxptd2Ne*0d`
z;MqiP7UEB}_<zDipc!BV{)bxN0v-kHF!&lc{o1deYB2#^zYopQSI{oSCQ;B|>CiQV
z(ze>bY7zUx(w~Rom{?mtEe76pyaKBQ=+E*`^-wYWv)-Q)LktwbxPuc8fcHPK_W|%{
z0BHcv49dX0wLjJ3*Bbx((eY0;xi30yhq01!OL`&Cp^Ve~^Vlu^C)9+@?BA(L+X$HZ
z$N0Z<f2(V~g0BKllZD~q-?={ks0o$~BxnFo5^(+(HEDh}2exP${I?bXHStRNY4I2r
z9GgHX^jG|Us>v6?xcfaUDzhhTJLbEN(M5iKiArn0exI8B{r&|DsN@IEpnuHyI=^B5
z?+^vP_-DF*zXLq?fS;uQxkmB0XB=%r7UiNTp6ZWW^yJx{9uoum9glu|^UpSZp8mRK
z`PE;)?stUW(~i{17X24OluXwwy>`ZGd4l^?2aGPW0wib;Ko*?;syYx0G!Z{k2fP;j
zWxs>30)=Bo8Cau0dxQ76{#c`g@(uwAgCO#M?Ja=rKlVHBLsxGPCIMn($@-GLZz2!1
z`v$BU;86R?;`><rbHVVF-NfMU0Lc)@Oh6_8{qH|{+(8iisY?Gq^T!&-4zP0{nguNA
zy$dJ4ydV0XdBOReGl5m<2~Z!Lz^eAMUqAcF1L6UZgTz3>KpYAK_kZ;hEC~G{`wsV^
zYNt?(`!V&9<|CV_vs8H%>wl^iVD#ev^zUDLq-BA*{TRG2`ODtqj`DhifFYn3tGzRS
zpbsFA2XH$SY|#|~>ffkEJrdaBrTX7m1k^$q=*%CxoyU@3i$LjKwTQSU`lFaN6ZDYh
ztVAKP10T&DL;U|;Eh6t3N34Ae+=%37NA~r2rr<G$cmJtcq~FsH%i(aPM!r;!Yxboz
zso0R?zf%js5U78r7Lh;HqWX8W5HLjH*qsOOj;0a(fi8e-ED$r2K<Qq!xDQ=-@;*sY
ztDVXdnUlxNJ@T^usaog)Oa!Y1$^VdA+=r(10DSoSq={TjLiL{SqI{PBQ)+P^s;=#{
zj3(cOCWItlJhYk;tN$m|;w~KO->8KJ9hlql?Z0z-cYeJ>=pk4wzR3TB+ZNym0ILPq
zA~FP^mq7lPwFRib6m0RL@oy~xYLUVDyG6jpmtR%&=h_0e4tjG>^jm%iiO|B!dOsrd
zs90fS8RI^+cnN|8cAx*cZ}I=$+5+qy-UuiV@G9p={_ETfI-rRHvrQ)NceV*VMB&)`
z0Nxe!cKMBM7J#AZ-@OCz=dSww-cjej$%BpytY$BwXhXKE<^50DW(sry%r=VuCfmT?
zNCCWY|6H|&3XYY&`QKw@?*kBh-9Yr6bXNW&R-XTiKH^9y5b#3nNB(Q{feJ>9z!sNr
z{?;N8eewCfTLcW*|LR{j;5Lwdq__7(-*&+YpF`*pOMg3A0TDk_BlwNoKh_Pv=fC<3
zOq1Ud*f9)IP@pZKCOH2!OiX8JqQPOZ_Ln7`P&W$4J~22<@Na$#ljlIAIlm9%pJ8&}
zFhn9Z`KSWMAyXl2T~Bce8PR|T=wFASAOi)B34;BxMMDB&eD$oP4j9R6z&jWqI7n?#
zTN@`+8z+4gcRN!@T?RL6E8;9@NUC=L<^FH_KiUI*YO^n<nNWR+c6^yU2ui;qcjDMz
z4Y|Z<XA<nF#xazJHV*05t~AYS+O(;C&3O{M+tHeMa$WsukFRdZL!Dnl;;|?h!&X5)
z@rH$!2K!Q1+qZ6WMUn!8ga`<{QYcLI<MVwplsagQ!#%$!i?FZQ)QVLLSmVsX3n`|3
zdT32+uVtl+#}HOlovx&|aNr>2^4n04Cm+&{bt*d7tqwNC2R+QH-TUUO5~V=R{Q;{~
z;S#40F<wfC;Ug@@X(y{w6m<a01Z1qMb5A1fF+XZ4Gv*PoIc!LqWQNXIeK}m)_>-IF
zaec!LGd<VS&-=W2WZF<;Z+cGT+|L-Q<Zr{>8$#`Mi5}qMrJ`p|(LR3bOti=tp_sU6
zWJ2<$36f8tYt=Vvd0FtQu-Cd!;`${uH4`Pe-)BcZvbtU2XUtVJ0X3A3{U3&5Zo<4p
z9u&Yl6-r#ZNxsu9MA!h`md4y^UsO0;)vm@fACXKf6CM|HN)F$h$ZJ9RCK<OLJC;1y
zJs^G+<c%w+f?U&&X|!j88~k9g#@eZl@;MG!Rm)-^V=9@G_qZQ!&+OApt1H4aPz{|R
z*6}<Luy=P*px-%<q1R{%18{yGpfn=Dd3^^{D@R5K@bUk0{r_l+|6}k)@q_YhOh}#k
zlJ%kq*IPEkfkR()pXAJ<(x4cipT|sfD#i<+pFxvDzm}+j>YB(9yt|>Ep5;1Oit@6U
zq^TKjp#EaX@$utpFKQz7bEUx0af89c1U|*sx}_`2YgztIHq6v<m^d9Pg|e_=eh~ER
zkROThQx0dEGpNp!6Lzjqf^q0Hz9y)<Y0*a*&+M6`uL5e~viNE~yHBQlC>;B2?v4MY
zla<!5Q*u03lRIO=%W8x@OH5x`<!gzL^eSjWC$WSgopMS?{^Y!ZNkJ?CO}ISI{q3_3
z{Gls{cdMbf;TcYygmaUw#eK8*y}Q0;8^)o0bb-h3FD3lDtLOy&mNnu$=e~>pYu2Gb
zAUqHpgqs!PAH;FBb$DT9Yx@E`SN<ds1TbO#%lhCS-u*x1Lw$m<Ogj^5(7yj&=8DaT
zi!;`w6H0iAx^Bx0$vnBqC)6pL6?bzAInIU!NhL|G^|9xTvZ<3+O>#+I{$1mmEk|s|
z@EWUy;~f4C`}#J78vf+g6ujobB@nUJz1tu9X`SL*pNv|^NZFNAB|q6B;(q$RMN(E5
zg`;S6;IUNZ$;18kJYQhl;!I!c-FcK8wX;sD`d{i|9i593#owK~IM33!xolZ9e@%h=
z6fHU6mCTSVJr9CU%q{QHhJ2L=k#cy<_92-~e}G5<YDkt<>Py$_G4wufSsV)9(;U+m
z=E+i8{!~UHvRxS@Pd2N_I?!c(43j&2O$jhyD^3&|;!sd9*7wrC$h@hEKoAwhUTZ!H
zwkt|nvNi5hPG(@ri=iND8u31Ob*KV<s`yut=9&t`5d{RA7YH{Lpau|bzXn>QvfQ&}
zCe()F&vz{^NbD_-Cm~faM!&v`!kjA1`N&1`imRQplx+IF_=oTNyiyzJD#+<OxSn%q
z=R3IiL_LrVN(IRagq2rMBoZh|O>ZXKwl6AO!{WXM=H;NKdt5}(c<tWZFwY@g9+9^r
zLV`Z=rN7XPLK3CmrVrbS2zTJ>4x|eURuFhx7@v?slc$mtWSF)#L<PTGEsoQ@ZxBjn
z4F4v~L|y5VHmVe2R;Kssa%n@~^iqEtE%8v5vGjzY^UUUaV(ACeBW$M!Ad%8MqA(H(
z2X#5uBEJ#ZE~k>kJM5YSIKE7Jm2}n$Z*_hBLfr|bT6LoHZB&BF$ULKc!-JEL<@21I
z^fJzShST;0T(*u))Sd(Ed;z;iBvR=8de3Fw5-Vfi66AJD7+9&bKaOgdWzph;hCo=a
ziWr+EN5*z^YnVDf71MlY*KR=8_PJ$yoPiSMgE(epnv_#{^piuQv4YRMuU%%Ps#wwo
zTjjX4pOHcnpC5X7%u_q_ypMV>p^W$@kIgtew<0ei+m$^g#6Ri#dlMbOPFd`O!-Z~i
zr5PfalnKE*>Ep{{R#&IB=qTh4%0^pOjb^*8zHb-09H`JyPfn{|zGt2%K-%qe_85x$
zdW)m>`Bh(=FWt9von&>JL8Nry!G`)W&!kVr=QcAb1V{}2noI;Y{L$Slc<D&e-RRT_
zUz`Nd-VYCa>8{qyHPqZ~zcd!YC7`U{W1&>)iYI4eI;TyQ3-eETE=X_!ufIQ0VPAA~
z2ME)@#v5OIam{z&ExkE1_(9-Dyg6BzTAMQdI5LC9txsLscA5jzhp6OE=)k+eR9nfa
zo%-uUCqfaGg69M)y<$=@DNJ10E8qFH2=X2mo;s>=ZXx2h`I-ZrM$y?u-vS(u+$cI2
z{iTIj9I_saxI{kvr6$)jK^vy{@Ph=VmQC~~rLg(=@3+(Rn)&`}m@oN~5X;(wlunJ<
z;^FBqF6BoP+Vq~JhEus&A1O}7LT!AUuwWs4njM~iPbN>Ja2+QY!IHV5PzY%apN+oz
z1+no(e-ZA)lJr(kAiK78;BB4N6^;e`B@K~Az*~52qXS~B5CU&S9A;81E4sspn}dx#
z7qLh3p#_{K{54UR+}xD00`iglPv%`EvYq)N_Iba<Hjh%<5EN%Sk8ZMp;>qnCwj+vJ
zZ<y{%5D3PhCc9W`)ekN4kPhD7ZiWq>XWl+uc=%;2<IMtR+Jn#~kgd=oqPGj?<!(nz
z;2TTX7+!ph`u$4~bAAYFM_m{v7f;grrX^isWlIDHTi1^_*(?|N5ehRua9ERK=;&&B
zVqMatK7_LnmQd-A^Z58&0zLnnfLcua#PEwhx@{W+#gPR(KJLZ`>D$Vq2THqXN7B0u
zA|+!PBk8qxgjbG<!o^1Asw|bN#gVrZ{oL;jOlx0?H$2bxbCFZPKG-<oY+ilH%#x3`
zMMUgpEo>R8Xh65}wP1jvFep%uz1Q6NMfOg?6}i&%wlGdzJhXY}*0(NU{lYg-Ms8{{
zlgHKa-4_u&N2+$@7|Zi!YkLgd@qcD#<y)BfD9Z8-1ujBYBa;Ai*o0`{v-N^+3g|AE
zXDAV6`eb9Ha!`;$RWxQAmEb*7_2rz@iLjNXPAtv*oZRDgnKhR|LH5>JS>rR$`a||c
zvtdnUY@c=x8-`^+hkGt3+0c%QipHnLzM_7FPuA*?d>v+K_4-codOS*nmK1T?F}GZI
zmC1(ZD;JvVJ5HYl?BhemNSKuu$waB9Y>Gae^;iVF*9b@!+J`%z(C+L@5;32Jb4-)+
zzvK6`Y(&kEW`eb8p`w2eNmFSkBU4T5%r~4gfcBWH^MsK$SZjyJ&{^2(qnP#J_NNj%
z(bhM-Yab(Cp05ocIp|5wyqj3}09^_b$fiXje?+<KSMlF0o{?qA<a#>k(e@FW{QaZ3
zc)Rt}6zVZ~Dr`INj1D*)g4=z5JR;dj893Q98?Ne_;tRH^;%&@SZEmE?fu|Zbf=H<X
zS02fqh0hqEYms-aCXG*&*Lq5D8}e#`2Q&6lj<eM;E{MP0`Q`LJG5lWfg0d0hN_>%1
znvEiyQA;`dzSDo8$-C?(6Kis%nl{Ou+Xkm3qe5K(ib>z&mNI$57iOBax=(<aLQb{$
zfvPC+xwbMifidoIo$cSwPC;p?6UV@`q@nl6uaW<pog6JpO`RMWf1FsrlCh&R9X&09
z?u`=bOZ>T+bbu$`ZMdJ8Rahh(Tk7%S%2#~Q$IWqEge~#;uelm`zS%mvR!pd3)}Y7g
zN;Y4$WG@zcYJBtQlfdXne~kV(?Y45|G~;o<b+3)9wpwM%dc^8loAvg$^F@@l#0ti*
z{iM39X*-pt?9){~_19-<X@i%0%eU0M2#9=EXH_5bvL+h0oX(E(tlsQRUvf-?j*|Ds
zpF=e52{@fi>n1XoWS$l-JJo$3;L)|w>S_BhOD%BJ)wRlpcyxKpGmY8P&7l1r=CkkJ
z=b62Vs?!@x*KMcsL-*@8K7HGkjy8u1x<=_d`WO7Zue~N#>P`${zTX;oZt7eoHmS@M
zCmriH4iZIhRBz`8t6lSLMe;0c?ny+qrM-a(c=J8}Q)aZQ5f_19_({v4`sDzP0UZQR
zC66oT^oi&h1Fg@jNXkjgm-*&>!8Sjiz|s&+Pn}2mtE|c5hI7JquAC7RNUxLiUnKF*
zRr<K-_47R^rT5V`%Q&CFJDi*nT+PUybzs)EVOhmXJ!a50JtozLTTe{B3gNq>>cemw
z#cGIy&5C!@qZ2gssnnXS6cZo6%_!3=QmK%^9J6NAMwPA=LcyLizN)90TgzCsx?C*q
z3vZ|#3BX0gIJ7)u|8nMN02-Zh5%XQYM5u+h)82k>z#?mKCC=_zL-lq++0(%F=^n^y
zC!*L$em0TacMkjV%Js95U{62*;ljFkdqd^=39P90=Vfvtg#as<n^6JS^{a!S2RC9w
z$X<K}9u~Ppgg%L5ylro1w=-sf1g`utra~OoB$0=Jx(u+pbMLm_3dEuYnLJxC-)udr
z%{w;^BwWZlTlgH(@b(+gTUq$W<0(d1UP6rW=QHpXC^KyN&J4WPa`bik$TF6ZQ?G^5
zN`>f=YvuwzOYYmaT$&>;(X$ye$%&u1=uI9(XqY3*j>L(tof*6y6wk~Mr>-e$_CR?i
zIO{%}HbAL}l6o;EMklNIWC5k~M)(Vn*iDNHzuz6o=@j8d*I-kfF`7ET5)@d1jpNK^
zCXd(A)89Gh63BG1Ni<JqUZaUPePI-YUG1{JWTq38SnVpvzo=X#xak`Wc<UylMK$hb
zYUy!T8k99*jreHWF!Ewlg??wwFm}|0fO%8-)gjs|2zL0GWTXNqr*;!DxuwFeHje~+
zX6iiMGYg0I_Dn3fnB?kF6PNZJa^e*JQsLzCZ(nFi%LHaipIo=X6tUzh%bJ!#Wp~w)
z<2QL<U+ua!_3Jggy}eqiTQWR-^1ZfK{e$4`MelXq>YP8p@$D+n@~O*f-+mTa_`Q97
z|JObxcgwf$kISx?OljeZ<n%ORE|1NIJ?ux^F{6@m^gm`i+VptlNtplS$W%Zr2G_ea
z`+L{{by~fKvtxd+pS!djQaj|$tE;_6B;VAA$4wWFE*o=ZL~qqM2f~lnXXma69Nt*j
z``%U6#@*7t>0MEt<iu&z9uTz5#;(}Y6J^j7YR#o@D*kY8aKS;(lDxcpJXtmA_U!hC
zq@vD4c6$m>Sg*dyFW=HlngM;FaWKNkbaN4<tb^4gK6XrdKB}oteQ-(A2x~LR>h7zS
zO%aTp!0fL6sLL!aw{_k0HsS3dj4ew{SHk45Ay1~S;OJyMHht9su_-QpT~l#|@57qA
zy=hzI&WGReKZlUnI$fy4YNE#*JmcagKV9`OAzMSlzB`U()BW@@gRqPM|I;{1ZzRl<
zu_0*#r5Mc{<T2$(7TLFktkJ3uRGA#oIZ&QX+}(v_Zv{IVacv#jovfp51_hISE1j<N
zgp-(MAp17D@>chgVM<e9G_ta8K69(JwcBNJ5E(YISlcZLPLzbHpcI$Ca_8ov1#ugi
z_CTYZVldhBrP2<9{CK|ln6YIR_gC5Yg?WAAPM?o7RHNN{^R1nfucS-tN!7e+A3JgH
z!z0zdGqkq!ASz36GfSW^&x#-q;G}!-s;^N2>)Ale7;$;`Q4pfQwN)EJ3HjsMQjfk3
z%)&fTGkk)N{Av}neP$R51|y?0)5K0+C*LS|H7^uw)^*kLv-ap+ti-^sX2!`1NHXO;
zYh-G)j#^=%5e?HZZfxaKMmv~rgE4bYIyAQOr&|er(z*Q9#J|X(h-oOiy~lN;fJ+#&
zW|+NG^6a^Y{o4uIuwz2wfj%m)#T6Xn7hg!&Dn}+sKC<&m$AlBYDfuuV!?Z&Y?J*1Y
zYCQQK0&Sv<#{QDo|3K6saF}J7DZbqiw}7(GZ^W_Cel>&LI#+S=w)MGDU2ywT|4;?R
z!G*AraXv$tuSuVT63FZW<EVwmutG2VV&HqsXssa0Aj?w1(E{Ny_!fC|vkW_44f}~_
z!MCNH7X-gPmu4D1z#1~yNYu@vL-RlA4hxQLMxmqTH)2yHHiget65=~RBfv=LmzaQ-
zkTZxRE^9Y-mjjHTcdg<M1md~XPbx=!6T@I<FmSpYHZdWeN}#+663RB9)oa9eYmFBq
z67Io}$n|quz+ib|5kzUWiWHeD-3dqfERuo@{;dU$J0xSg#+3BK8NzAlJiOw?Fw1k*
z0~02?YYBH!J&1I|XQPNv73Ovn<JeyXN<z_tN`bMh8a1N_F$+&R1worYN5Xvp>{(`&
zXkk30&6*%1WO_2%%>3w$$&|`6yO`p#1A!Pb3xqT#32}xzCIu&%qQ=|JX#@(fMPtHu
zaSn=6RAw+%wW3N1FBLIx$nsqY6EDc|)Wqxwe7?R>2oQK?kc(GL623Lcj@q#q)uSpF
zMw-(w5|$MxL@vFFu8bL^l*PmWQ@NQXjfr8Z11F^j3-;2xXez9%e63a4)|8rfe_1DY
z6Q$Qw8}EXtg0B$;54d#6z9?tGP3}8oQN^K#wJM3st5H!P7%Tfp^uRoW?Suvlr8Vcn
zN1};ksU)yJTpk}OmV7bVynLau98Sd-KEOtIqtB&mHEqFf8a@Q~%sgBPGmhHI^r}*X
zS{dgJB%2aLAxTHkyVe9)CQ={GZX98g@V2Q03!D_l{g>_>A1ue2yKrP>l~9Y}sU<dL
zD8r3UqR_=Rg7PrL3nC;FScE$po@ORcMasRjuFXg95Ci<2Lj{%ngh@gn1Tzty5>Fxv
z$t@>M0m?1tX&Bp>o35l{Lv1i!hs#sbbvWhpauv<zAICV-sGkdDB~VAoL)a@0@4{<w
zXtFSq6Q}Kl`W2Z(60-y~c}THE%HrBTk<AxAoyoTENPyTrmTmi1a(NPo{WgKxe6uXN
zpm$1E?ilU8tf3P^C?c7Aya^6QLL3P>F`4KnG!R6}H1TP{Sjy=>s|%tJ>j|eDa`6Nk
zFD*_GLYKHYi<Gj`Df)SG*?OA@7s;f<S|>13v0wLxyo*FM#J~a5OA<3Fj&rz#6d~PH
zqaVW(l#0)qY#D%;s}sYuJtZ+ur96OcPM}P*`T&kdu?O=JHsq53I+U@0*(MzPmk0@H
zQ*mQxc2$kN1Pcwt4(IA)cy=7T>;iPHsBcWG9xIw%tXJ|W4vBoUchM4g)WNZN=vrdb
z%GG=_Ix5ED1$Ske$bUu)G5Y(#C7mq88L#>tb)<aZ7++JPLVIycN6ntNl;<}Hl|-Hv
zE71uwB7A(8J7jk{TS8b*3NAy@3lD60VB3R)4f>Q*p|z9}U_ONUMLq?Fg_S177Z%K%
zd!QyqwO3l0hxaLrN}YUgyr4W<0r{DE*jL;!_({WnT^aoy?`Ii`)I!;K)Ism8KD9kz
zvV=5-J{@Sw<sN2&P1w37v>f7Gft_*38`CU536i0<%b|VxCiqqPsOBN3O9=KCo!TR`
z_ltq0)Wi%ItppgKt;*7)OW-3@n{kB6rB~~$0Vb6`@Dfc|fO7p(`Kh4u1!Op01+Ah|
z4;cYPI4bh97%FMA_E0bb6sahrHH*`CK~V`2guH%{@ICKSW8cxyi9ws-N1%!2x<xhs
zL&`};cyDzYh^wMU@}fSN`dc=z<Rv@Kkwt4=+>{lLW>V~SRqzQ^IXR%r^p?m0MYd!2
z6&i~1o9Dm}r{`fP_8;R+`^_hs(aWNWlQcTmq$tcRhTKsf4mc*HXkN9tCcQo6f7S|p
zPIs!RMdYB$;VO{DW>!KCpO08s*%f6Wsi4LNc93&f4@ZbtTXkJ>h!7TQzVNCa-`K@r
zawb@n!$fX#{8(1$PRH2C)Em>TLzQxwcwpMaDSS{9>`AO3f6xdch@c1KA(>(!V_3n<
z-ZcI(w}*<O`MTnGOE_H$(h23G>fcoK2@>HhLY1;g#vY?$^D*ONd=|khcLC&u0_Z?v
zk5aZ+n`FWkB7voXcV_k>UY1VG1p=pO0+dXcL*m6&>e7d{N4YUSWJO5l;61mEn5cgu
zLHzU&;#lS~ojt)DmtEZ71H=-nE9|m0gojv-&PvF1rahWVA6{5y^EI6R$-D?lNoHEA
zG`bqp_$)xa0dVCKq$L$Aj99jl=Z9O!gK$nFFX#@bPX|*uMmE^VsT*n;F`89H%<-*q
zD&);|bCZB*&BDo)jeahqqarH(>SRiTjg%_w1CDS%rpuZ%Taie(GC!npKzK6Cn46qr
z4dLn7StM>Y$tvCD82hTa=y?+P!LNNW7$NvaPcU6@WY~(rjN0{)sHuu+pkf}36u2me
zVrHMb&+vq;5aX8dahAIrGbNdMnt&bzuK~!><v6@BF183{*$yQsF)c1xepu^(QCM&s
z)zdRVQ6ZR$JZa4K7okQ8jc!?^VU~NEM;|^5?C{h117L#HzFnL>EBT5cZ7&wn)BvnQ
zz~sY00S@($o1p$cylVUm%lcrdZ`q9;CgtV@#h;WkU+Zj@!R`GNp)vA~B0qZ)a&g>0
zWvJL;NB9sYjAhBUjbnJ#e!Bo2hF}!6!_IdTt%H@tIX>IXJgofd6{?~JG=Pbip%p@C
zM9;XWLT6B{pVv0YpJM<dUc;9EHGU9YGJFQlnZ*s4A{)(&K9Ay6XQea{6&$p-@&c$q
z^s+>X(wLpOe%1L_{LrQ&1RQ@%ePOLtgg{K<&lSP5bBSQ8=)VYc7&1dSFDOLJ8>^_A
zo^?>JpDTO;lW{bAq<;y^Kyb21x@nbXQx)v6l)LMjQ->l`?P>R#zx4%c^>UTz?kNB0
zkz<_g;ijlw^TV$fy%;mLZ(DXtW;x(^V%(AS#uzuS_V#_|w65K0K4lR4@lo0Cj&tgW
z62E*Rti2KxU-c1d<`G=wG}4w&h0aW+OSg#L%*R6b_r5Pmy}SZDZNu$qrbV@_HOMZF
zGKYBWWvWlVIW>I0eoX7DlHpUcnE=a4Fp^g9>Girn%C&>g=85kkY%9bNJD6$@txB=E
z+F5Rp-KERA9p%kz)8B3@3O8LCOafa7J-}VEe{N&{xl!=P3zQ#)A3KacUY``jwSeC}
z3GGYXh_3KT)j^3^Y%;(-SH~e*cyIG~m`BkH_1e?lC3A$FA)Rje==fE`tT%o6WezEG
zX~;N-L8#~!Sq$ME@}Mh<fmobpI>xII4EUYe>9k$M{(NW2+~f`wgoqF+c0nFW!z`GN
zTv;7nQ5r-`x!w(yU|0NZ>(sTm*YijlYO>|~{0ZJo5RP1{wU@Roc)>Uu)Il*p8pTC+
z;aw>-sJ)U~EmMx-1DO@7k7k@>&II`#!irS%q$&ut)FiO^UE`|Ga4w&I{U|Wx4Q#9a
z>xQeu6#@GHmS=u!r2L&{zWsMR6J_0u8Z!EnkiVYb?LJ|1DCs#D<r5T2^a<xG&S~sa
z#qC&G=7<8!M<}l>eVpW5#Sp{gQmS2oRUVC|CJvh-?Q_MyNc+t*^ZwlF4zo9$ybnc@
zP7+$XM2ghaxH^_)u|iGBPYrf!NY{s^Xb|^myVm}@o?**`k8cHHMdZJV8P<Qiatn-U
zv20^P72AJ#6ENXPP8p=+zp5ib{Eg!~NL8<w^i0~K>iy;QmPVRLOq=l>)9$9{+fnRC
z(P4Bu&QJ*5c>+o$2R?N>dP1dKTeAsp^n9_4qt=|ewDR(nVO`0Zs)(gQisVF5hJs5w
z8hMc_-LXA8Ii2XTF1LG-siGr%X-Cr#v#kZ68iE{l&)?a^=p@~_<{5?(4tDzvNFH?s
zc2mR~xQoVl#D181?Pnys&91#p`5g^j_FHPl@gDGNq<;;LaE92?JX8?KQtjUTwI72o
z(y?~Ldy0PRqk2xn)$^K*8>Y05IFOW<;<-Knh07&{x_W_^5PBIE)CWkbr{~+n=DBHa
zQwR|s?Kt?K9$20CIStAP)=iD*-@cX8&ghC*&3W5o@$`*N9sAq)(W+OMA=ta;`$rkk
z(;rtY*_sICwl6QlukGut?i|hrebapku!)k+mk$eJ9<B9a?_Q5>Ev_8cxjPEJjY@oT
zWylv|ySLS0_1T{Yn+Q1xCE{>HO`k1|uyb~Ac+rY2r79}uRR;&hR$X0pKi5ZFf&R|p
z*UV)&&z{m++#UHGm5{$EPqXgpmxzeTAoQs%Fh?<1@?d#WL|8HG^1{VY$vgR5#PBKR
z)pys?$Fs54-vgKg(`M+lOuehN{Axr;6eiaf7Y|VB-n`kecWba{F^KUc>TmASW>1Ir
zs=(9LA0P1;)@spc#kQ}jNbOT+oDy{AwYTNMM<P8nx8swY3Ng<^$wpbOS{}Q8P{MKb
zxlq4t5SwX~h=c}pu&#USO($_<xKHTYL3vwBrcj!rj~y3#;@5mU?vq4R;bu3?xW1ZN
zcQ*9<+l(DX4xa2OF;UN7Lw|GruBiAyd)3-{zLDpf6zF3e!F-f}oVx86<Eq=yBB2N7
zDUUr-r|QG~?p<RZy*VMB79~oxN}DZeHi+B#R5=wN5e*67ZHP;j8r|6skpyD1hAg1R
zy<^$oDqn48y|g}UP5Q>ZbcuwyP}BB%_BodP%|$iQX^aYQW!bRk;{&OWp}dO4FSJ8p
zpK(CxY??JwriO-SdkD75EWWBo;cciE<ccmLv^qffIC8uA>ZVPwYKxx^?n>!`{7%vM
zZb;J_TA*99O-Leka!Sl80pF24*oXK8iJQ$mXM~5~ql9^0#FY%<BYesH)iz0b{X_WA
z;^yS-CeDI2mu`w5Zjjc^h|D&lSnLYu>MhO}peDY7=HIAZ9&hdLuMgf;dz@~4J1@>i
z`W`TL%9h42yWMr@cDb(q;86HHgb4ZQ_(RoXOC9HaIgvcd{(!t-hIn2`hN1slv+q!|
zGp*t6^+$ZCcPUQ>zbV5{fB)ojVOdu&iQPk95`DTdL?CQZEuj?9?xD0jVCMe{QJ#eB
z{entp^6Hm8YFU}4JZ5q;19!=Bl4=EPVNkz+=CwbZmykl@(B`1Iy)S=dEhDvq$M&t+
z_J`5d?41>VWjJ|iE-X@S)5$QhoPzl}JAA0`QQtC^)!x-T-450#%}TNv;TGenPg(d!
zT^_mg0bzlwHxY(vq4?fqwmqSbr31uDrtGO=>J{+hi)G3g_kB5azu(M;j1BIdwVW3Z
z-d(Sajj3)Q-E19wAG@qmw{5)pR{p{KP`FO+_!Bn4L$|#Y9TcwUdi<V;lrLY4vfETN
z!<yL6)q9j1UTM$iM-ytVS7lFr-Bm-g5dQW)VH>vkL&%=6X=9*V%b+NZte^_-N@m$o
zXAdzvBMvpGM^>64R=SQILJKua9*g8VM@ypP#FI7m{K#r=R!K<OZ#*a%oHzxUVwQ$V
zX@1?16G#l%P*VtRUk|pM4F&W!-(c1G;g<Przuo4UA9kL1-JPU|{IvXXyUuFi`gFry
z@mXF8)RWfoq^Z};kKsxRCC`vcSe9TXh~@p3jjKLTJHS39qvLt({-$4KfM0&DnLFmV
znaJGtAuZ%5vf}yoi&n2EceKcps#?`LEs0x8-tG|@nzl!k2+zQwG{BMNJr9gAO!lSA
z{u0SCu)I<|ay%YNHx%5CauRK=kom|u6m~WmyPtF@_)ErU@CehA5ykOYZ;!@9F`YMS
z=O{ImOP%;6lpA45q117y65cp?hsy)@#q$-nZh5aG>$$b1cGe8#b8_W)5ZK|vcRnSB
z!f=;pqq&!7iYc|RDOfZ4J{LV^sTZls6jL}Io%`TvQpi$AF7!nX+Ezh{l%2pi^<wD7
zj>C>KH`&OU8|9o!8b(2>uc`u%=-lxQw#n2PktYVkBc=w6C({?}L3;E)(Z^)Iz8{9{
zs1}Ca*`nH+cBEaxIza8wOFj=IA6cy0_w{^>{EYY^^3fu^m@z>=2^^p93pLLXb~0Xr
z=$MeX_Q9}GE2r#Fg7rQ&SSAyPd&L`KJabD2t);3mGfkPR@?NhtHW%}U)Tw3)x#oO*
zjKi#7-^9J#SqdQja77#{laNkqh6Pt6p2w*!Q~Sw~?JyLyEJfR4H^fcoUnt{SzgsKv
zG_yseqna~$QN+emc$<_3%O@*{Ro71ky<JO6I+lS!E=2^j+`&It6}7!6p4dzk`gvSi
z9IgQ)x_9&y0R?DVKK`o0JBG2MTMkc;ZAQ6Wd2*CkV>E_x72SH|^&woD6JMYe$+I$t
zZW{6r2}R+=1#8r3cy;)1^7-{QKct=Vd8bq*8?(c`no-hXFuWVD-ONbZf*rUieQ%R<
zvr710iKPoS39X&`Ek=8hKe5?sXyy;3l09_qKK1N{tgnwKc8YW>-F$w|pO~YX3$2+-
zBut022Gk)A)ua&aD};-0)z6VXHNz^)n$fr#F{{rv#)4!uZ}`wT_bGMBIq?enVbjZ-
z5HnSWV(;q;$LJh6NCUUs63k|O%JT8cQ#S}sRP%4IO4FLf^Qq?!KdmHMlulPDELOdw
zhkgWuTTkGiGHst765BwA(e7z25nBPAfA&&@YE+Ja_N-fxg50A^HgLu`m-mL+LBv#L
zJ`vXRZD{xuZ>c%S`J5ER{A@$4UA?0%ngb(rtJ&@44z&quQ+~ma1J%NoLDO9pG*%8=
z^~-cW#7xv;L@cGpqzpW}j6ArLmCvqyq+&6s?RXxt`E}`R1li9VhUfZQO+Q49CyB4@
zbGPx6<Yru^Wy25W{`SaI&OuYBT|;MrKbpUkoZ_pCsLebw$ChEFZWpT@<JL)o5-}OJ
z3vZy8WX{?y6GGOv=#6ShOfd(;DpAQ$Ny~HyqyA%+RD_2iEPjYt4J;sA2d!1pNY%Jm
z<4iL2g3B)-SgyOiKE5=}+s8V@b+=1hr0?O5OXY0K57A?NS9@gcD$KCs0(Xik6@?+R
z5i)0(C(@P)y|86h4Bf1q=K_iIMe_`UkyY6uZi>N0<Ltfv#JR_tID5~&Ab+4krIb-!
zN>Az^VVca?yc|Le`>c!TwwOe-6t~_aGIFpuKOCG#(%9nSYs0T%pDE`-skI8z`r=&h
z(4`BrxD9_O-Y7j?$P$0$Af?M2-6x)FODxPeySY3ej-u<0`t6FCCC`kKTEZ*7QC(Yc
znr>eqHLs(0hJhV8>pXkzQjmkT{LJK79;~?UO!JaJVODTk$a1t_9TjNuYa0~`gM5!T
zW0mKL+u5apv9*eR@Qr)SZ0F4~KsfvSpta<7JN1K5=%*JaO2s1T16<p~cAu-=JYO1n
za_`|69hE%ZY<omjp`08@*OCKW>X(ex{=*0m!{niwSi(h3_0W>!Zx{oTDKq-Yi?3eR
z>z+z|x7c{%%_3DfM(M8V><^DilQdL<zTmVXwJH7B8AjTl?j<@2)jah<ipgrcs-zk<
zV8^4e#v8c@k|_-8O&Jka0*jFU5CbHIZm%ZL;8$aL)N%xX;^^%FL2F(VM)gt0i}%p9
zaHK=ML|b}_Sz$QA>)r`S!V61j)WP#eVzbp>ITlVqM>)EGYTP6(ZE;qVRk=init3PL
zZ`&mw2krm<qiLI?k$XHF2E!OS^dLgoG$YA;qYH@egricb1c~tpoyJsjM69u%vD32j
z*@qRW{Rtg_V2%VuN2E%1E7^1#pG_wu-1?>9m%O>jLN&RC`)J^d)TB_$X#zzWRtils
zyb{C_i!_g#x58e1fmeBcIP{3pR6bN>Hp1hP!#;uK(d;bZ`!A0AfisBqWhuT4>Vfj>
z?!|y4&*&8GVAweFJm8Mx=<g-BGr;~z9=AdbJkoQ5_1&d~G(n2gdOhQT4%MqUKWvkU
zv%PO@6acea&KjvFY1r@)s%Q}E>rQxgIC4MRwMLBv&l+Y*ix6C4Nf{|uN71C@i$t+Q
z*bcF>*j5Qs#fwcbtW>gCVs__EE5y3jJrs!&Q(A7e)mi~t;!ApZ-RD?;{bJCuD0~MQ
zk(otU=~$T4Xk{eeZJc}F!$x$eoHc7E>6H;{sxS4ku$dyH1@;S^g|QY~m~IR(=kWD4
z*SmdgPzA4cuW~=5l8h}f(23Zj9x4T5j_{9yO5g9#fe!Jrzxny|n8*0V5(5;PIwWNz
zmmKsA3Wg$4&%6AN?QY#cPmSszy4TH49VZ)7v6hS^uaqpn?X}h&%l5Qb6j#>*#e4~i
z4&XI%UIGsPIgF;u%ryd8Tuv)ak9l;iB97<91vyQm9wH4JVK~(bC{J0V(}>KsHleY)
z?x^i!A`+<IFv0MlIv~p13M4w|E?>aUDnt^V$x9>h!xab;wFXU}^(+K&Ah18)CP;!V
zor^<nN6?e_eg2V}tig`OI`d*vOq(J9ehTX;?c4D2!_Mw&LF*CKTez|W!9c6kUnU%W
zWBk=(Y?_+IeEisocd?>Tt0MZV9|tv@_epQ!xaF%OiRBN$wEfArmy?^S@8+e?w+-bi
zH+`T>)sldzQ1`E$m@Uq;%xs`#w(gLDR5q#UEvbsibtBl}x`_9y=d{Q@e-q^M47Z=B
zF=#J@+}TI*L09qjTn9G_ZVUD2FZ7DFTu<{ZcdwFit%t@E!WGi$8?slPP)iL>m($#E
zd}e%5Sa>jip4>~Pcy6K@6kE=0jMkxT^W=}%U)rq$D}zX;ULotrZGolyk_-HBTU(9e
zibGoxDWw9-DY`a#!e&{4)_}-f!^C=B-F(hhOp<dEbgQ)tl=QTdQiO*OT4(Q`tOisr
zeUgRaUJZza4kJeiO<QUx=*3N`9Fdds7n>RoM7fZViba~93nCBAp)Y^aU@Kh-=zr^X
zIm?K~B6?JZwq3z|$(-Hb>BQwo@`<ke5ShZrzUcr4a$!<-+kiOe3>#75wOtN4DM0k0
znx4mjmq7<Z@4hFUHkK{*J3?{4#EvJ{dl3HqE;wB7ct+Cy8H$I*8t?;qFR56`{%Hg9
zmY+;P|G|_5=wZOX%c+t}IX^(nUhJ>K)x12nDajSH6xc|k5H7Qhsdl4_ljLPH$R?Mp
z+=Yb$>`b%!VP8hY6XPKV@hPb8qdK^6*V+<ut~8QMl8+eD!=Ghid<hJ|7dZAgVwZ|#
z_#C1P4BnC_9c*u>`kX?TR7#5JbF4jE6fi^>zItC(3qH)@SPM{^UHQ7iRX&aerxR)!
zEsB4&))%;?R8q=NO&Ae*ekwwWoNc@=+iddCMA7W^Fl2q-%KVpr3GKO}KtM>PC8be&
z-Ef8bdf<)Jgi*_-0rf>Arx12~lRL2w{07ojm0KgP@TpbNIhFw30?fN&!jl*B+UKW6
zM@=4$cyf%3rYXxE7i#?aaO(M-FK;=typsEpK5kwhOMka{@F*h4{afzsxpV`8!rgYQ
zUW+!%VTh+2>o$&_`?uZZM~>>>490H!)E2*IWe{rhrp0-5tbv|TvO#!lpMPq!5FCvd
zGh)+x`Qa5jo0;P5)*1e%d34V+Utk00Z#Fj`mY7R5!2o}M0Q}An{0FXo^W&jEes8Fu
z>o~=Q>Af#|7x3-P<a6^Xj!q#z7#?i_badchZ&SeJh}a5^uav%+?x?iMr<nY)cA3;>
z+a4QA%Q!zzZSA>a;@-lDBPL!<axO$zNUkxvEL0caVZeot#hlKdfQuZNDb<;xq!AyR
zzMZ8HUV}HQ8|ewjtWh75LFh<kjVaycw9A&YeV|eVITvhi@DLoc+xv5uRE0>dVQPe3
zv+UtgGR*c|lZ_E$t}kX7Zf+v=x`D<|q^OY5pzcPjV{^E*R|rJ0Nv=v{1U$&4{fr0#
zAw1D?a?#wsUwX?@X@xNDo96}9r)$@%Y-BfQlT$o4gLp$v@NuBV{M^a_@1YnzLjgof
zCoN_RjyhjDax#uqjFe=43vr@>Mar2)>^o1dph-DM@1f{88Miwm2yed$(Qyulx<}Tr
z;>cC3x5LdS#43DEupMccmo=06&fFrPMwkm~dj7|oiF|LqHtRz(C-(7;ybvMea@sp?
z0mX>!940@8^C3LM30WMvY3(?w!hs<?mp_QE5nVkr6M4);Kx8|_V4~kWf{VOYg_Ju~
zmTC>h8RIeUo3bz(;M6vu_UhP!96E2Y2@OW4GM4^?&L;yh!+Nos#~zRW9GXk%tQBJ;
zHMmL!H|(|t6*tDj!VKvkjrn8?XPnEl-0%9F=5Zv&&CB`7kDKGe4ND5N*<6##T%X3Q
ztF+(j4ZrfYg5zAMvRi(@?SUJj+_&0AV1G1u5Hj<6JVw6jrAZH)>x_-?XnDF?cH3Cl
zAe;KzgwUZ2Xl6D%g(H*ZM^L!(810-zW*K#DW8;BT-z5931HSUlZL;oDlp$|mY7srP
zu{97pvS<0i6=LUpB!JOiSjgFT60F>?C~KR%{czo*EoiP}=y9S)Tj8jIX!2R9e>!bx
zyvOTaH8D}TvD^+UO$@<OmGTnN94wl-kzGQ)754@Arp!s^DDQ>GS~DNuo{GyB0)Kgs
ztcLa}9AGXzmc5qvXVrF1tYJm8W11x~@pN@GT`YS=aSLf(6}0F_qoxnVBDM-)l>$}c
z(DYMRDb#6S^DTPy^GAPf=@cr(_RC&1YrPCHQ+F9PWBIt6)~&`L6u%*c%1-ZkRhk^D
z@zvZE<P~1~aP`^o3q1)}%Z-6vP?u!|7Dpb-O;9`UO=t<O?kwGWxieQ(d~Cfz`rKS&
z-5hKIg#K{dylpX#(L}YxVCS`r>}3~5G$PU7Rh7)n1Hvr!$~qJ%&$fX1k{KIOdx?=v
z5gt;qxlz(ay2sk7_OInKsdMcnzPqRIQHAs0ob^Lr^V*NPU9Wu)3?#|g3;`w<<n!;4
zc~308I?j2U3AZxjDwHqsBp-34FH`ikh?Y~DW`F9mx1n9xwnTIxB|#QcdwEbHXPk;L
zS`@B1nJaawGNm`{fP3IgpEO*d#Q+sOT-JUEtu=rjw`hy)flBLBpy6Cl%(6Y0wf3sj
zQ@r1<o?EXU-%GN;W*3WH<_ih?I<&K;PlpSQb#Z<T(nVux?}iq85=2+N=8|wfAIpW{
zT*kcjwWB@jck$Whk5UjHI2CEo@(dK&A<xwLy7_)@Iy3W54bQohJKkW0d2sxgSpCge
z9N~JU$XEJ@EZrm`pFh3d9}3r$>nXAtakc0$tHIk%F&b~gJuX9oE{gWht8_RmT#G2v
zZ0e-L%)Y(Uqfv{(E<_Mdo(@u6lN%>nQKici?rS8^GBdV<e|Sq`Cjj4NC*6X1ePanx
zMWuJ3LFz%&UVygrkgD9UCG%Ae!b>+Z@@}nffi1HFo|7Ue@NHN~$SevtB+weGGMxyf
z3A#o(giAp$k-H9-r1U)fj1a2ZpUKX&Wa5gPB9_1hmtI4-Jza0KQ$S|LxCth*;#lxP
zI)zB}FTRPD@Y2_MTCZVz6P~paBNJe?GGb|f?e|jG41?kwsy=Ct5*6yM+a?(;QulZ(
zhJANgrcpx6qI4}|f7C4??f<%?y-~Py{Q&qQQ+oD4{zo!E^c|httxO$%{7h7P*EUT8
z=T6}H9aPrzXK6>!<D2-YPpLU`G^V;^W?yrhQ%j<(@fP^Fs^s&&?_bXn*m88Didv|i
z%0R9!yZhFKge;DH+?L#@7c2?mjIUr-O{BAxSgWkU?{1ox)$-Ov$lvUj3vnBlY%GVo
z+`O2!4TflNEaIf?%|aJ)YmwAbtQAmCFsLlkVdWxw(c8v|xK#I~<71PGe}!$zu^;~m
zkF>UGUHFTsw{*nmb>%EVIwMW9McS-OpX4l`S$E~S;wRG8lpkZu#9XY6LKJArahju9
z`MiSIpJL5`HW3~K$&*9`@t2pWASb+plw8iNvZrKtn1eg%=0sk#Od)l1WF!zz!q{>|
zkrEI}bUTT9wZeP2Km06)u)w_V>U^2fx3O}~x8eKY!k{ftuXG?CjOO+hg+ck#*Rex~
zcEa_6dU645$qECu{6{TmCG+nb?OH0MLRy|~Hf$P*n+ln=lQfED%9gyOEa-Pr8=Sf_
zc;^}=T=(J3`D31Cy2eOFds|X2@2T}GdIs5VE_>|`Y4mm@aOX7~m>rL>UV6nqBRj`H
zTb+d;9IS^Q%Hp!4)e%T^A~Q4|5m%RajfK;$6@(+$_F>t}SPXf&iUnAII^-`1mKde^
zoTVi>R7Rdqwd_H~l@pBDe-T>C8`s4_u_Id4DJ&{Fv~hAG|BM|eI}dSL5`QN%u>ZOA
zP&!_kTPOnRkX2V$cGJMplSiGRD<qbebI_bhZr+Yn5~C-vEaIWd*9b0*-pBGU9<LI?
zg&GgyV)gbq6-gjqm*S<GJM5pqqI!H&cv#WjHpn((>*@I71&KLHX*1PpOd>kEq)hG*
zXz~^+-4oaVVg2p1>+dh;hMnGAuXs}}1PWa!FAXZ@iFIQS5PXaZiLQ9J&|H;7dzKN;
zek%|E{>#?#;tWSpJ1c<>4P?*WD=IsM-bj;L5&E(u_&^h!8&t1DGkF-wEH_4~C^-5#
zI-J7JXH#4}Owm47v%4;ymc_;=urmnKM_Nev>G<J`2?>hK?~0G=LRkB{VO38Wc`*^W
zO$C}^XT@E-X_^zRWMX6J3#bmB+o^Y?I;WeNsK4He+{%pnD$J#%qe_atIQzg;wdk@)
zJxGVcLj0)B*G;z1b7bSg67RdlLgE-HrlJQ5dVO?V?rmFsf{*N@42f^7u?xt!T8Vh`
z${Ypi#DXyO!plTvB7wCLBmcJ}s_h~L&rakq))}p(<~rS#0CtBK={1ktnTDBa<=%{g
zTm(x0;<B%-HJ*<$pC#&D25PbPr18~L4H$pWhPu@?dEMT^Ll}}1>8SJEepGURI0PR@
z^tl6r8$nuLs?t}bubniqoTe2X>*VFHD<eWG^dT}bgyc&E4%uk0Xx*^;*4}Xo`=XtT
z#9_GASVXBdk2ACeKWz2hZVraJv!7d#IW_Ec?9-7#m?;=)zlsjC6TDcv>YQ@OBy*=u
z!3oPX37e?P>zuWyi73^vKu-H4&fMfupJzu~)||J@!p8VELOyGWY2+Z@$%7u%*_2c)
zi9h=wxM1O<k8pcj4w=8&%EZ{m@0c*@HqI0!!dr?9^AGjvEFZZln(=p>DSgh7CT<^X
zKPmehn5aj4rl*MW;QeXPVSOOnE1q=J7pv?jyx|M5CF@ePxI6CkZC7{;{3yI8UqNSN
zA^0x|R_q@?<HKVY)*JpZS53%6)~x7~DK0+CZ?N7C&-FMK15rAJtJi`$PPsOhMtw1d
zRG+X>BfffKM27X^i0zzsg0=ReRIPhuLfl?}T^jaoYRg+!9Y5JXB9f8u=bG+i67*w!
z^J|9Y=E<-_>jkwWCp9x&J<+X_-oXP7LY2%_%H`%gRo@*naTXZl6z#QVxnvaJh)~BN
zlxkSnWJo@vcQfsOLF;AWaZrJe!b3#J{3=bxM;A|Hk~6W!A1n&b`OS7)T8K9>wZ$cQ
z^9zT}aI<!>1$r*tEU)!mbv9M0eOTNLBJ3#>6jg^nM8syN%YjygGdz1jLAjjY`8Kvu
z9DA=q_Ug;9hat?VkO2zLL`<b2B>|cUNa@=G21_Fk8NM1A1erG1o6NdWI;dID!a%u(
z2$2(LTNpIT=`maIe{LyJcs>_{7521K;VgvhY)v4`Fw$-m1s|V?h?|Qt%Z{*+MF}N=
zQ378diLC1c!BYmM@7Bsa5oKS5>9T&pyZ}Kod$h{74NdKqG|DR9*mLu>f$2c^1Lm`y
zDyw#9wuhb3ru8TciFsxQ%y5y*WXE2iO~aC^EzmYBvQ?}P>Nx*bduJUM<<kD~RY2(m
z0f{A~5m*obrMm>A5s-$ZTe<|K8zdwp6eL7?3E?0mNOy;VN_X>nz;h0|_@3)M*YDqV
zxgK`eWj;I4Jon5qbI;8EEl4b#RBNgb@a5Tww<DGo*q(h@!;j?Tu<#f!IMJMo0ka_c
z(GG41gFC-^{3Ipoa0twtBYkK(WEDfTZh2xdGAImFAl1lzT9UQ?ZPe{@&}77j<bKaW
z*GJ>~{A{VNK3b_!u1&W1s73X|4s}E-CNW>9ygWUh$LWzz(6JvT-dFZ47mzA_O#KiK
zCx{q1n5&(iaR!0Pb|RFUtAg-LbH?5E2x^|HlYykMn`$BjBvx)l^>nd+5Vf^!-$~XK
z6AB{=#C9VCf1Iu_U0;qmTHOqpoc^|-HSsO~#&P`Q+t9)Hm6c}12cJI-3>c=D4}3gT
z2riMg`Lu2;;V-YXm&<MX&g{TtdRl}?V4jQSM6QG@TIsH@J9&eUQ<Bq8P%DRs(xaI0
zyt1vr5$kOj*~>fZr8_EW_0CqZq4>+q&{FffOz7-AD)AcI2bRz2`n5N#d-J<-ts>Ym
zM3WSJ_wMDcp9Lel++&!ZCZLD_mQGZof<X8`hKcs3dUi&JN)C2VE0gn%L#XPM^{hCy
zXGH9&-h8g|H!|qJcNLuVHl*lTLBaQTg7f%gml$+DOn!D6l4^ZCr9n?x0n^$v_2QU1
zN*!6reV!9Q*DFr%l6bUra{o%SKcl~v4sF^EwN+1<_v*2?2BmwAN@!!;rRC+To7Hu-
zp|@k&M+d}m4T6J7I9CUPX{b->C(=L5*DfW*(K5@4875b6Ztm|FrCjruO;;!=wb=dR
z8KNdbU1|T=$^IU@6ihrzI~g-crC?B$ZRyE9u4Sk3RThU3jQ!ISg@VE%n`a+En$u_<
zETe;a(rU`l%_Jq&s$KMGzVDa{NGjcSKVsFrF#y|WnJD!lNqx+@`kHJm^4$pH?3#Cg
zv;wY^o!iGNeOd&*+Q~{iW_m-X<}R|?^a|Ix5N7>LIzIYD`rOmY5B|0RW5>vbmVNy6
zRVuB$ym*{5m(IjPW$2aMdx5tE(1e~6qdiN;N6$}`d}?tJOrAc^w9<a$>xg-ZEG+EO
zWD{=QDsABlv9I-G)B}_C_&*-@c==(}Y$3*+^}+Mr2;~DrFMXfebj3IuJyrDNbFF^Y
zyHQu7Urmyy*iP+d4QUc1C~3KQCwHQ~YxFgVf7TW0nMpG-n3TKER+eg9%`hfZ<$e@z
z(WHBzCVz)1*4$>~a7=B~m|t>#x8y4u`Mi36RMZ-J^V}51Sc5{H)GFYIh-n_WH4~J3
zNO_=%@OVDCfrpV0Yu)CRcE%GAH#Qktd$%iCp2>-|<yYhdYH=_Ov1%AxGWY}2pI)E)
zYHBAy^nPu}406*XWM+OaH^F%KU7IOltwsOg{dU5bMAj&#*qTk2$0gW#G@)XOdUCdG
zEy8@FU|)XzAP`ZAgfFRGwoGhYnNGHU(03zE#>rx(H#d9hbP9)MFyFuO-UxVJWoRE4
z>dj%KAniM)*uwMD8;$6T*mme>-9aI9X^3kwB=3(k#Tx}aV%b}auZ&gu&??AQkIi!m
z-M`g17M9DLo;r5oY}|GW@3)?`^JBB#6W%wwyZ9hf_Y=7p|26(eiMHHodCkogjH|>b
zPucK_irR<lTM!^ndfo9-)FEMV^K9ohyUCz0>L{y&rYxZ<O&@gplVF76{eB*AyUj4}
z;(rV|Y?CK*>cg_+KyK<n@$4U%PYZK+Y2TsvAXj(b?JU=}%jTduf13wBui@u!{p(qs
zECq}bXuC(n$m26L?6Grmde!%ic4SX~+vQ(dYIhe0DlQP24n+5(0^0yJ*TKk6$;iRs
ztO~Qj{mpS(A8Mtaj?GrWRy=Vfso_o6`}fFxMU@*o54|}BL=f@tBExm{uSN5tzec|$
zn9!~un&AOn4pra~<iv|Tr9e(^v;i86-?Sx?>EyUTWF8PY+TU%7gPuMx`d~eOI(Ik4
z0&U4CFTQ6{|7pX9hn^->*ryz<`)xEMq|{N(|1}mt()hfex}AmLy^3_`>0$UB=Tn>&
zxyOQUyVjq0x~F-FQ*b4MPkp(x+Sr$0Jd5=XRqps~CR@*vvurLMY6LMBmLlq7Av(~r
zbA^;FX@G>Rq0O9SPJHNB@v<Y??F$FNwseZT2806JjBMr@%v=oKouW240nde+E3^Ds
zkY$1liBql8KIB@k^b=wSG>yMO8k-!lfJ!!R8CW}eNd>9Iqim+@e0lBKK*Q#b|5k9W
zcY-#N2gI2_XeAU_HG$d$dxC>1svl2wTV9;G!mQmNNzMtI?q!xbOogh8CMed12s6Hg
zy)~k$OpG0>U>)?8tF*?{V#Ly7#N1-U+Tv^b81rs^bG&3tfC(naBd5vktS{Q%`YRar
zI#Yw5htP!zHP81_F~J<H4IZNv34`Ck3=qXU2_Vcti&=gd&I~*QH4Rw%bH^vDRfLZ=
zT2-?T^Zg<*wjr;BuJU}5e^iW-_{i9vZb36@z?nLFH}z^>0*W2ApQ|3^YHyNRTvUtG
z>cq`YB2EXJS~P-MvISm(5?~f%jnu6q+JH%J1)5FIbdDO{cL<0Z9q3J>Qg)Hu6w|~0
z&C{<UAWQ_d%)O+UTK2Hxw4+FH7^Q+b`7Bz~ef<OQJAp=tHctLAsUC_to85{K5_Fe&
zE;*s5(;o0v{`JIAD%wmf-3WuCKn9)FJ-$S*!`@L3&D7Kr&8%^3cW}Ik{Pr7l%(QUh
zTCKX9NG<Qh8^UR^kVapV!xA~GoZg(&q5Ki)QU8=Xg1PRG&riNTKxrr)VTJ5u@gI{=
zR)w?;?d8j@W4L(}#EaCUU_l2-i>k%k<z?<aG%}X_-bagDb(1yFkxYPEE4uQwBEA~m
z+B!eQs;$cRz8J=YzL>nmkDm|c>fFlieVIzYf-SM#;tPfv(&BCBA>VyO5EAa|5`cxo
z&OI($#Wkn|OSn5eYT{HpFHV`iPhtZRDd%BYRW1my;`9kSwy;>2U;9GTM{!*Iq>tF|
zc&BvgYnfY{QEy#cUA5U0*NPhx$tUS!%Tq^Lo{KlFcx#_Fu+BxPir?BHU2PD&g%UAs
zvvm^@LEuPE+_|+|K3aAdNt`oh0H*dv>7iA}CbNNS$YF1ofkJqYB!z%+rj?EOBlhL0
zxT`~ko#iC2%gpUpAXwO~r-VprEQv=z$b-vWfr>r68xsGjC4u~=C24x!x)#ioMvWx7
z$sx+-vxg(wA=vwjGA;uVS&2B9z7#7f1;^}Kpt0}9DZ&+Hq6feCUONczxSp*}qz67G
z2jYMjINCc{TdG_B6%GXIU}Sl*m=y@9^S@XiKxz4PH3VN}N53`=o4yx2p7O~VJL;>m
z24PK5<#d??gyRELDT)4Ihfto0d5Ilm|0HWdpz+O0!iW-QxAGnO&~R4@2?T+K)d52M
zkg(bmhD;wi$P(;xCf|%jHuL&CUVf%17h6zP%HR?$dOVXf(MQ8{(l@b?2wsgRWz^ps
zwXGdaECqM<@<gn`6bIM(_Y<WzPPs6iKG_pnA!KW(z!{xTr`Kw9?})8z<%*!cR-@}&
zk(4)%R&BoB;xz%>GA>)B$n4Qwp?_tO?0;Ki@%lJ$Z*#AYN(}Oenjui*mq3jq)H~Wu
z!;$3hev2i-D1w5W1Ho4`r6_TV{3@$(Q_#Wz_^RLJ!XjTs?yU3d1lS@Fz3qyjwSj`2
zwT(UN52HMDt^Lmc&x#HNdJ!pi7K|nU2u4FWpDL$WU?n~J!SYE%^0RL$!bvNHNm$V%
z->6QWC=Euyp8L#@rMeh5eVLFo9i$BZq{{t>J+xG%kYYKbv1=mr4SO)yl9kTH(Z7p#
zR?frYR;uqN@B3HO(#SWN+!5DqWh;`EMcKybCr39RQB#)92u`qtN>@Bc2`v}2Z(e!D
zD`pe0_n5S9t)2KJWGO{+X;$XRj#LHV)EWl~dZ>rLz-T6P%$I;>YCXV^c?{R{k5!aM
z9P!qh#$6OnX+--*+%2urF%P_!OV?u%kB4c$pnsm9qVlUYA7+`mZ}56ew!2=mJFT-U
zJ*4-u-u4aP)Gu3a_sUZIG+;B#KyVrCpY2A^#^!%Ub8au^zg{RQS|_t%d#071POtao
zUK=&;!zX5p&tk+yp%={ImrLdGRVj{I7H{)BMrX#*7|B{*cHiBHt@5X>A7>PHlV|Ds
z!Uj8=-eTJ@+BH8ZjLXIvN@L05oZ)$mczuZ1w`8Such!bj4B;V%LaTz!XU*)v&W>^d
zmJC`m{q}KXR7&&APQ?`qMf}i4;qK=omF3oC3o#hiG44M*s&=_m>e@V_bIJ<6ZJIA{
z*=JyY=r(Mf6s(xp89N!Q$Pi1<sYy<+JWNjbR`EH=BTANn@A}vu)DP%i>skfY`YNLq
zdpwwy02e^n^&Yx77n!)FYf5GfV;PL~3r_|4s)m~{2O0XAQ|J3{Kf7H>lAXP)(rTh|
z)zse-VKGLVy9v{PYkP&)8|4IbscJAQfYcIss-eELlFYitY{}$KEvvR<Vxgdzm~0j~
z`{%jt*aw={Qbl%E!GA15t3(?PC`aEMaRv^i_&yG((ZoBHPo_uj8OK`CSj_D)#wUDp
zqk&7^&@-?jjHa`W=4B-y-lRsM-&T1tD9`D+S`aQURn4}1H(9tjO=U1kUx@Ps*D@q1
zCR(z!(=PSf0-`6U3~heAp-#E=i!?TCwB`EYowO-f;)56WTHYLipDl0R-Szx!FJt^Y
zSkDdkBo`P%0Bi5h=A{kvEDS_U^`KT~wZcO6qZJSUvF66208!0d2m^!1dpk@j!sOvr
zhGS5JssTc|g}QjpiAT`Jt>t-KaEwRC5~i94-!V@bVg2Ela}9b}FP2Q%;<E`OFVe}I
z+nZr^?n)u+lNg694#WrI$IBAir6)(wvhNRIJKbc@{PWpD!+6J6hbY9@S1^yOZc^MH
z^0e{VcdSZ*!49`~bV7$7O)a;GOigv=HZnht_%K4C@O{9_*1W&mp)(>3VrFZntQ=)S
zwia5Ma2iF-aOE}V^%WPyc_y&c)y$zMLCR4svo9%SMB;sz5u`Eb@1*y8Km74R89`qV
zDX<$X{1h33iu1<{7O@(@+?Z~nl*X;jdw!Dr5T`b4voN8Reg`KaKMO)d1zBT?QDg|!
z9;9KVxju^A!Ss;0s(F%&k_wUleF&l4Y#n5!zFw|kL7rTCs|k^Ao;mMGmqQ<qiln`u
z%nsTGnbi=txF1=uf$CipMa_ll9HjllZHm^p+zB%vHs39(pL>}*Jfd+k<~1q#H$y{;
z`GbR)1Wi|O(2VBoP;*wMp&1)#i2juf8!cLPg+y#AR=Nk?0=kPujaiUAx)(vD!Y9MB
zAY?ra|G6<)EpST!8qy)d=cTGxbZ*j}j<$Ha-tyQii)x}M0wGpk9lu%{vgj0gt-+26
zJcw63v$-va3{9Kv^#_CD?1cKr79ZHC0&v(v1DT*^Xd>^pITyvcKMv|Pk9tLJ3^OMr
zfdkA=gW5F^<A_U$O3FP6Xg%(hdluk<-TffKUlTgI68$lv+;O<Fn{V0enSjwoW)nkH
zlgC;!r7|dxX^WHO(EVP_>$H?fp6VC=K2{T7vO5@%asUkg2OglFanS|+yYmUoqyf>V
zgMoke=Z8f&46~69UCax~F_(N;LDFA2fidSq5V?@#b@<ES`v<#O_pi~EGg0i1o0H(`
zxP=ER9`fiJbVhM(OG52}OI*A0jnu;OplD!EQM-pqYl;5X3;6I_7a_EmiZkUt5pp3I
z0khHVNnDcao#jSe*$)T&?VVh7^3dHgc(i;+YmvW2Pp&y~(AAutYJ2;nwe6t%?sgSs
zDPsVLVSwa;TNcr!^F8nJocFl@+mkko{ByUE|H;#yiFo~7Ta<Va+_6Y=XoebPk%3S4
zonGG3*b_G+S7|p*<7X*%EgbiXmFy5G(0SXq5_M6y!)k5S+9q{iTZy-PV!sdgVba*Q
zVs6ig3_SBFl0*{5x^XqR$v<ebS8`{7V0mYJrG4wG17lx-si-TnSkxD7V6S-3{PLHh
z&geiVc3Md;+)lSoPstndB4^NVCn31z(@T4O=0+D6dFuLhI&eXFsZxh(vTiJBz&vg0
z`wgPTTCIGR$)lI*FZr&K()XFV5XC(smP4;6(0ci@HKU7oPm`KWN9_p9aNvpjD=(nf
zF5mz2J^WM@fWq_zT05Md@BaqYc1Hi}09;fVzv#y@f3V?ym_n)-X>&_9p2+hnM~LI&
z!Cp$(BaDU>4Ab5Uays0}@lu5`>?ORg_u^TIHgtI-y^2=K5G#v=B0TRiFO6@PmMK@a
zu^MH<9OD}&Egbwnw;KYhm2#G=>RroJ!5Agfy)O|Ru)!;K-P}C*?acL82`Dc_cx`hX
zKD@d2jjxdSRM+kOJGM|;q<9o#Vk;j{KHMH}e0R~owCW|0uK|6=RVW7Sl?DMFv}%YK
zrb9chresGM_CREu;nA87>4bz*XmbwKm-d@}<q=|iLE2+jo+ss)wymHB758V71Qp&f
z!iTS#oo^!WHsEDw>$in!!#q||v9WTQR;?#&VI+K{eha=mb<G+h;t}%us7CK1JC1E;
zV%X@|F>W}J*H&~r?x+wt3^7AqXJy}!dU205Xz|EO_&!2O`QTc13F2dl+g@@zfMDrm
zGsHIVkAVSRxs%^}<<2)gHmPc#1)cL??LHN>VYM}pcxXXqt6L?B2jlqi!GGBa%SV9?
zmjEwY^l26$n%L>#ZLt=LvQh?h@7m$+fq~k2o(0dXsUp1algx+gQ3u2K9N9CW^i=Wu
z2YZ|P{nbs9&}ebLkk|w6T-17s8jrrAc^@Uj$GPn-G6iaC;V&C+$p!KfFeNo6tGD`@
zI>$zY16v%Z%CeN{#(C@~?CB_(KLm>LTN%VgBW8ZTeiAhQ&?a25sXsX8Xl2nq>urR9
zLm@307Bvg!j2Ug}7nya$yWX3ulsIv^)!Hovfu40H)fq3k96wPGrSPP*iE#38VI9!)
z={Hs8;4YhxZp}41Q#;3J(c_QLvq3fRd$vS!9DQh<+WBTW?(lV)xn1?VW8h@w=49?h
z;{JW&IJ2DYRiSZ*j-`Cj3mOxNt@nAO5A(gpm<JT_$@!fXB?(PSqseHQZre%s?3GK)
zr2A!Raz(QTU$^o)7+)N}Hrz^x{3_a5(mBC46KW_DF4(?ypC}^W-H3zJh7ly?<Yd3E
zt?<Rls+R_HqObyi(5B~Vhfp_Sk;&6)tRxe;ik_yqN3p13`rhEiusWr<lGP>c<-OFg
z_S7B;?hMiTAX&z(+{h_YWyc2G8o>&}B32q264yA4Enj3%ZWx=%OvMc^43dh+@)>Go
z@!f#CXZaLg?;0XG8|HInlNv;9dhDAkFY%=*7n81MfOa<&o_Z3*6j7x***owhV%=P2
zEK{TP1Mihd=RI>jeL5FD2sTv?xR=F>JgM?|f|n#dT~a3>oUW}gNoXiX;M)*v1&#F=
z??WZCLFSwFn(4MrlX`R2B%kMFOQ9R7L!v)%=VIb&?W0umA<C|fV4qT<j3D)3Dxw3?
zyk;hSOOlhEFI&;=Mdm|}Z9~gKnC}BTbugWzmKy|zn`&PkyxIaoU9!AbYe}3d^4z7j
z@e$)rln~m+?mpr?L0CDY7PK@Ld}|oir*82X^Si#@(Nl3|nfr?hsH){SG16lUsuqgP
zT$B>D@1~(`s`&A8f>X{T5#_2w%vufwbka9Y>0>%treIbJqu;A0248)5)J)mCZ>6oH
zqg7h-sZ-;ydd$26HY89yVNf)vvtasMP92#{wdsHpKZtrZ!GFs+d6|a~)`fY1J>P!2
z#qT@Pi`JIp6vBQ?ux{zwu6Hz)kll5*J2JEr%($q0^To3G1$r8?A9M9J39o?*K&8&=
zQR7Q##Q}_4P23V#_{-JzI;?{1qEbk7Nx7dLv#h-h#W(?Uk$zP6D_2>7sk`6Dn!jjd
zf4url<aq^|Uje@cuKpRY1+*eRg|UWD_-pLmpA#|y+i!t>{(p$%3(tWM%6dUc1UfE%
zu4DZx7BGBb_z0U9iBSMSO&~FRyiIrje9*lMz+GUt^5?f-3c&|Yf!~pTLD2=nQ+~TY
zA07z5k^KVbO8F1Ki*4=jK=}RN7r<Dme*m6uh(6yZ4-bUjO??4;P7Mz{FTZmXJOzH)
z@&(0#^S6}qJ}Eo}ejVHe1<HF)xmXnkpA>#V{32<x@Q<YM)8p_2_!+qif)+4Q2Url?
zd>s7W=ks&$Q24pE3+TcR=%tx9cmlk8|ALSs{oiEk+}RHg{nbx@fdqjdGN7M^Oh0V=
z?}5{A4G7-bdqLxt`)@LM?)!z$;IGcx3nU0s2S9)0%7q8~>c#sRup|Ey;7^|(d}?@a
z$3=Q{rSo(8#rFZ9`qv@oMOqN3Oy%d&{kvS@0l$vveg<R%F%Nzn(O!)3;3>ZjWPYaX
zsQpv~e+_Hklf!pFF905z=VkD->7F-O3NlE*-3<gH27da1S7tx}R6vdqP<~kk=9htL
zcz#?Gu;CP*JQJ{S!2MOgW)-|pCQA%R;>f^~eig7eBd+`-QD*y$Xm)s+s0Q`MCXX)$
zCI<eLZ~I$h=bwo}yXSe_zf9Dx^2R2c$ua!5#M!|!Vn6X^q7@22WKM4Tw?szLGh%4}
zWul9QH#X^$sN4URIH+|-oIaC&{z+Kx?8^AP_Qt;17!Y%rxcZM*h70qI=skOx7_ko!
zG2Hh4Ezw}<jHrZonV2l)jZLC%3n-_-U+aI)<3i;bvFq+-VvemhHgUG`;=d)fS)LJ>
zeSc2`gLK0#6MMoDK&e2TIXf=ZnaKAJXT%+f-x2}QC!6eFi2y_WXSF1tdS3ZU^eGMK
z=bb%HPk=Xp=QD995HS1k=7l{ZN!@rd{mZsBIe87nUxIr^z{hOB@s~K(S$$LoR--in
z@0}g++D@QS#`JRuux=o?Kgo0E*aF&4?q}Lg<iM@$>>B+kxCaFw?!V^tLfh#-<(4hb
z>iMc@jeGG^vKf5)z-Rv-A-S_N$_CEpKet&zV`t^>NB~#<?h9o(>p+{e_qg)!@;5s>
GtN#OE4#M*Q

literal 0
HcmV?d00001

diff --git a/testing/btest/scripts/base/protocols/smb/smb1.test b/testing/btest/scripts/base/protocols/smb/smb1.test
new file mode 100644
index 0000000000..61727754dc
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/smb/smb1.test
@@ -0,0 +1,4 @@
+# @TEST-EXEC: bro -b -r $TRACES/smb/smb1.pcap %INPUT
+# @TEST-EXEC: btest-diff smb_files.log
+
+@load base/protocols/smb

From 6e842cf4daf5699d9f25a463a971989bb674d920 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 15:36:25 -0500
Subject: [PATCH 30/84] Fix a problem I introduced with SMB2 file handling.

 - Added an SMB2 test that encompasses the problem.
---
 src/analyzer/protocol/smb/smb2-com-read.pac   |   3 ++-
 src/analyzer/protocol/smb/smb2-com-write.pac  |   5 +++--
 .../scripts.base.protocols.smb.smb2/files.log |  10 ++++++++++
 .../smb_files.log                             |  14 ++++++++++++++
 .../smb_mapping.log                           |  11 +++++++++++
 testing/btest/Traces/smb/smb2.pcap            | Bin 0 -> 1604687 bytes
 .../scripts/base/protocols/smb/smb2.test      |   8 ++++++++
 7 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 testing/btest/Baseline/scripts.base.protocols.smb.smb2/files.log
 create mode 100644 testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
 create mode 100644 testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_mapping.log
 create mode 100644 testing/btest/Traces/smb/smb2.pcap
 create mode 100644 testing/btest/scripts/base/protocols/smb/smb2.test

diff --git a/src/analyzer/protocol/smb/smb2-com-read.pac b/src/analyzer/protocol/smb/smb2-com-read.pac
index 612fa01cf2..587fac69cb 100644
--- a/src/analyzer/protocol/smb/smb2-com-read.pac
+++ b/src/analyzer/protocol/smb/smb2-com-read.pac
@@ -67,9 +67,10 @@ type SMB2_read_response(header: SMB2_Header) = record {
 	data_remaining    : uint32;
 	reserved          : uint32;
 	pad               : padding to data_offset - header.head_length;
-	pipe_file_switch  : case is_pipe of {
+	pipe_or_not       : case is_pipe of {
 		# The SMB_Pipe_message type doesn't support smb2 pipes yet.
 		#true  -> pipe_data : SMB_Pipe_message(header, data_len) &length=data_len;
+		true  -> pipe_data : bytestring &length=data_len;
 		false -> data      : bytestring &length=data_len;
 	};
 } &let {
diff --git a/src/analyzer/protocol/smb/smb2-com-write.pac b/src/analyzer/protocol/smb/smb2-com-write.pac
index 64a5eaa106..3e09cb0145 100644
--- a/src/analyzer/protocol/smb/smb2-com-write.pac
+++ b/src/analyzer/protocol/smb/smb2-com-write.pac
@@ -43,10 +43,11 @@ type SMB2_write_request(header: SMB2_Header) = record {
 	channel_info_len    : uint16; # ignore
 	flags               : uint32;
 	pad                 : padding to data_offset - header.head_length;
-	pipe_file_switch    : case is_pipe of {
+	pipe_or_not         : case is_pipe of {
 		# The SMB_Pipe_message type doesn't support smb2 pipes yet.
 		#true  -> pipe_data : SMB_Pipe_message(header, data_len) &length=data_len;
-		default -> data      : bytestring &length=data_len;
+		true  -> pipe_data : bytestring &length=data_len;
+		false -> data      : bytestring &length=data_len;
 	};
 } &let {
 	is_pipe: bool = $context.connection.get_tree_is_pipe(header.tree_id);
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb2/files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/files.log
new file mode 100644
index 0000000000..13ff398cb6
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/files.log
@@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	files
+#open	2016-03-07-20-31-34
+#fields	ts	fuid	tx_hosts	rx_hosts	conn_uids	source	depth	analyzers	mime_type	filename	duration	local_orig	is_orig	seen_bytes	total_bytes	missing_bytes	overflow_bytes	timedout	parent_fuid	md5	sha1	sha256	extracted
+#types	time	string	set[addr]	set[addr]	set[string]	string	count	set[string]	string	string	interval	bool	bool	count	count	count	count	bool	string	string	string	string	string
+1323202695.515890	FUU9mc3Ub5uZdcqg1d	10.0.0.11	10.0.0.12	CXWv6p3arKYeMETxOg	SMB	0	(empty)	application/pdf	WP_SMBPlugin.pdf	0.073970	-	T	1508939	-	0	0	T	-	-	-	-	-
+#close	2016-03-07-20-31-34
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
new file mode 100644
index 0000000000..023d23cfe8
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
@@ -0,0 +1,14 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	smb_files
+#open	2016-03-07-20-31-34
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
+#types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
+1323202695.377459	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	(empty)	8192	1323202604.512058	1323202604.512058	1322343963.945297	1323202604.512058
+1323202695.432192	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	WP_SMBPlugin.pdf	0	1323202695.427034	1323202695.427034	1323202695.427034	1323202695.427034
+1323202695.432192	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	FUU9mc3Ub5uZdcqg1d	SMB::FILE_CLOSE	\\\\10.0.0.12\\smb2	WP_SMBPlugin.pdf	0	1323202695.427034	1323202695.427034	1323202695.427034	1323202695.427034
+1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	(empty)	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
+1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_CLOSE	\\\\10.0.0.12\\smb2	(empty)	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
+#close	2016-03-07-20-31-34
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_mapping.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_mapping.log
new file mode 100644
index 0000000000..27ab60abe0
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_mapping.log
@@ -0,0 +1,11 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	smb_mapping
+#open	2016-03-07-20-31-34
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	path	service	native_file_system	share_type
+#types	time	string	addr	port	addr	port	string	string	string	string
+1323202695.377084	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	\\\\10.0.0.12\\smb2	-	-	DISK
+1323202695.378188	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	\\\\10.0.0.12\\IPC$	-	-	PIPE
+#close	2016-03-07-20-31-34
diff --git a/testing/btest/Traces/smb/smb2.pcap b/testing/btest/Traces/smb/smb2.pcap
new file mode 100644
index 0000000000000000000000000000000000000000..49c7116017abe19fdea2705dcfd72ab5af3525f7
GIT binary patch
literal 1604687
zcmeFZc|28H{5QUjsfdy?C3T7h6vs^F%$cVsbDTuxnM@s-N@dJURHl%5rcP!;GAD%0
zO6FvG);@A?=}yn{e1EUk^T%(wYY%I$;q!TaKI^?cd+pQhsLD;mg9xCVw6z662yo-)
zJfPT}LI_<1*KmeNnH00%g5%Ao1A8G!2;#!C5rw>nJ_(XQ&_0k!U-2O-VmuDv!<D`8
zkWeEAg763k^AY&?dl3i%Jh;a*slW6H`r7VyyGMi$+~cSU+#B30qT&@_{glf*=#{{W
z0txwr{odn|G(t!aj0or7WIT&!i<41$my86U*9B#A1T<~}H-i%_9c?-x)CjKO{99k;
zcy@4KBe{Rs7Yzbh%!ZpmL0f7H7j5Ay8nt@(w3D{Bwl;Cs77(7YI8sqkT~kR_4ymlF
zB&{l@fMjPyL3r|FiV9+ixJyk_OJgf1JLGjMTcoCy?M)L~D+g;kBquAoA*iRo&dQ;M
zLUHUg;b3Kl@D$aN@(M^4D?2C#LLfO<;To`J?9U0I)4;57-nQYNxFcu~x;T`~fo4DB
zz5sBKR0f*8x`LB?W)pNOio1jl2%Mk%ar+-G#6Sx?JP4wV{yuh~1}j^1b9Ak(c8&rT
zYTN7JD+Hu9c#BOv{|zEck~monoV_4(2-eKNjEIPZ2ti1Q_t*fX_ZWp@B_d|_mBFk~
zAn@>Tm%iJVB%pNr5}$|!v>-rWc=7N^o-m`%K0ZyyXlZ4yZ;ZZfYKb=1H?`DPl@jM-
z=j9W%Hb)!Uq4iBoEUj$OFlz5I384=_A~^r%4=s51IDbgk<qwhdQ?4V*G|<-EBe)rq
z^fPJ*XfLi1K5T0ZK|j3WkMi9Yw4mxvT`lO+ACC=W{y;+*CHQzhiu7k)lb8w4DyqvX
zsHrLAMvB1f9sZ-~j|(Emh8kQRfOY+nMF`yn!@&7B53xh&;XH)=R}XO=iSalr4C^|?
z4tI%=-qDo`f?mP8?#R7!-qDp1uKp+Kz<0Pr4309;7L<5<9d&#4F+K?bk@%}xw?_zW
zf80?F_!6`q{PBS^B_?2aq4T*b*>lZmTwmZ24gRFSc}G!kNC{Ge)WJ~=WIWLF*AfIo
z0iH-gs?cTJ5e1<j4j?BLWCU43mXJL-+JVf9ySISwA?ClRzy0+0+Jt}G&mI8Pj?=@k
z!v^upCWPF9f^gpLe0WxP4zNLnHhy)!!@~7bZmhr{oAVFhe(=P13<BT%JYnHZ;q-3?
z`PKQRckBoyVi4mf3}OUlq9hEWmH>lzy<--537`RgLEub+AVH*pGi)X;a6SV5u7fi<
z`1AU4&IR34V*H19%ruknk&c+Y+fVCLLXXciFNt4`BnBBn7LX}0hbb_IJ!A_R;tXTE
z%M>`51S9;O4%}h(xc)u*rsEfp1~ayl<(=uZV}i)g4a@X5HTH1J|2Lh42skBd!o9#j
zQ9mmPZc;A2nAy@u8cX7c>Cy^xG5(xk=R7=pEdX2SlC@lX0JlExG*MmF7^!3pxu2*-
z)ZKaZh0+rW0<bDV5IR!8I)(UFC|nPA#+*t*C;?o<c{e*i!3ZPR89#mgl^xtzV?3yQ
zfHQ6+o`IV|=-ti;&vrQdoikor2yP#DQEe#9S);o+=^wJq4)jnW9f}rqJZMK;nP`W&
zF*zaFuW;h7zaoT^z%`tA&mAZX&jl8Dq~q7QL*)bJP6Rx65*y)W(2bwP#s7oKATaB<
z)4$D~ZE=y14)|jSW@7y#vjbMq0nTdyT?1Dzzyer8=q~6M&c6ZdhA@UD9z_6&e_Ej3
zA^^a1Fu>HfW{~o3iFc;!&l1CBe@DOMu$Dhos4c{CoMd*d2_ble#;wx3f<O?}x#F-i
z0+Rg{1X9fbET>_~*7m^)K|Mc9M)(t!J8J-p<v&Tr4?5X#6I_o!4qkvp;Is#1xIGeN
zXOO)>hUo?ZByk=5ods9q5Ih<Uu7!k*r3(CXccK9WJN4ja3eI9iJ9U08SCKL`hRb2w
z5mpgG%wTXh@3tM{C;|;5^vPhC?WSWqsG9*o>kZooecg=^+!>tyD?)IL2Df32OKZB5
z@dhF5rMe0SPrJ_$5>$c{5_kN89|VW=xCHkBLe;HEaE1{?g1n<S>>58K0{aM@cAg`_
z^$s!$xJQ!EM|{W!?hmf_bApkRuldJ$dJ9Hw<lV2nMcrIK<vs`_cTfn|-`~ztoR@<t
z|F`p07E%Ur0wd1W4}iq*WP|f=TSIP$>o{9){c3CX!59x3epupxZ5RIAdHS=&@HOs!
z#{u9Ge<X4+7j|fWXP$c05<->WIh=pvylgx-9F_&YVoAeaKjpy*OZHeC*Y%y<UWh9N
z2cjPrFqZ!$+27661Ox@H2bhUq4-*A{&JgL3ULnARwvZz@I)caw_KcHtgwQ+i6wbfl
zT#Ycn;avDD&K{fqXDrZW?W{kp<H+6Gz$3%yziP8Hr?y-D!*QF0{;1#uu3&9sf0V$8
z{X7R?4H@eRp<_TGIPbO>f*j8sXD{_#_QC>twZa+(hvT~b^s|P<IAphng!vFo|7I_C
z$QlGsf2O~ac&7#-v=1Lv7H$IzUQAw$(|y~q5m3DnhnzK4JA%Ubs`N|CA%EE31iJor
zr;j!qOqkdUv5?Ccz;)qR^snlkJ6dE;5h*GOw}TTr28>n!K<h5JhVyU!;D)$?^9MK@
z{%L*mXpQlpO@m)xvmV3EeqA47wBX+1^k30B2<rZf7A%=b10nPrl*4(q9iccp51buq
zfn-0ekF;s^Q=Sa49nstDZ}YPq|9oxwV=?{@c2xdzsQ`lfn;mhWh6B;ZKxH`p25Jw&
z6bI_#UqSU`i19db3<h;SZf-&uyG7pt^+z1>uc99W^r{0(@FNjIq&OFY%XVC>#1?|c
zART2{Wl0@7TSq%bqd&uezj819KZ3NKUboM%!Q2}O!CMLZW&+A~1vJn)o+r*=*MBwG
zkz>GM?XcEd+PI$H{;c)BKO6~y;Ghpq|2FYpqNILx@Hay_gK~J;g%f;@OJE7uK^0I5
z4js4-TqcUE0M9`@2*`{}@cH+E^T%=mp22jq6MVuA;C^6axSI%}tKbICyZr$nk1)ge
z1IsRdXb1i<4_tXm6X!+<<Zfi(&fxT4k%8aa{t6juP!4Nd|Kki!xb*)OB7_j$Um(3>
z33$(RoAmaAGmI#l{t8*Rd<O&g8b%uVh7bw?*Kq#L2k+o{;e4=vmk-X@PkF7tNH-zj
zW{}p;NE7`u25f&g{hJTcY*+iu2Vn_4fP{tMIh=R<0+foliSvb)Uwy%ACB}nJ5lFbX
z;EwCsZMTFwIQ&-$1##W{pB-Q=YTEws<>fXGXB{BTPvlIeSU+{!3C8&}5;yYSzPxO6
z_cqS3W;ieSi*W7lf}-0XaP|W2;KdI1r4tZx*UQUxP;?eN+X=DZnf^cd@*?(*5b_3n
z!udBlJ0Q$qghpXz`DtOj?G)p2lo@B|I=C4myJKf=2zmv--tE}=zaq554Y<i+ZAAnf
z0zJTa_vAnj;$d(`yZWoqjxqzIRl_1VyTB4by*nboH@Np&aE2*lC+37F2Ry*v8I1|T
zL%?*iJ4ya1fZP5Y)9oH_#}CMU)c+6T5i0K<4BY=V9_-iO0Yu-yLpc9twHbs3Zg%?b
zvRZYF2mKxZ(MHU+Szi4r@-`d>aEEZOApM)j#9*(M0@NEO9k5qVX+(Sub;2$BFf?%b
zwf{d^^1ng?_kS4lvjv?2c{><_w{NAuP9L0LB*blq{%Nbn8|N&Izd8&3p86?_Ka2zi
z9O3WU>e+D?_`!bo0Mfr90h|RNX44zE+J7E)8xNK^8%P`ts=)a-+XW&lakd-()pi(v
zU^_b?@w$E*u6Ki9vHf$#{a1-$Y+;GFHjHo`=4fueP2&s*$Ox8HG?ECq1dIvi-zK6U
z-W?paCw5_L2e6%iu~j<{cZ?waS<;`keh%Qq{da5udlGN2v_BgBI3*ycAmop0__+kg
z&Y&a`cZMKM5LfC0Pf-BhFO|U;BnQX@w`<G_Xu$Y?V@n7L`rBb&7#%TlHB)ec<cQ#p
zC-8>SpU>g@pEpQ$+QH>J8zV5XW6{4L`^$GwgdoBS=L0;ud|)QV<Cq^nc5MPTL4QXU
zHWQrwE3#K0VjQxeMBcdXZGU%$$hS4!?j8CAb%h@VFnhyPxPv?r-0x@(Bla^Q@OH)S
z=YO@H?X-vM?jUEE3~s<m`A=I)AF=<)2R=BTt^d_$kNMS4-GSiQMSl$*;n%I-pZNe@
zec|+f$_Kj<gMC5r^*{1~HO?1CfAxhs5b%Ws*cY1ea02};AN*H|ck_Yh<=^>$zv>^c
z^~GUZw+q_^fUPl%ZLcd%(qFdg4*n4-KoI<L4X1y@_5_4D411LUTp6U@nC{F=7+c<I
zBFGKYf%9)%Yl*OdB_74wg{^Un$8ml5U5~~VZU$ZanZaO*cjnoDl^74lri2}PpeYb-
zz<D>D5`Mt*gJl`;_!Yh5`T)IjWpZe3%owynK-NFY^7Dodybi<Z-_V0Me70A5T=n13
z+b;d{cuHA9>O4CuH_55tk=Aw+b|eaEb<K=KP>_U8-NhP>WD_^EH#E00Az@QCG(p=T
zIY0$f5;l25OB3W-wB>mXH6{`^HG5kJBYSmQG+Ncl${xwXyIo1a(DtUR<#j70+#7s@
zHb#P)XcA#z_&+rG0R$Kd?(x?laU+qiiCZ~X+9TOHNZ8~|jqQ-yNKUw0Bs(mlDv|>y
z36g^!cgMM1$jP;RhZ6wFg~Hu&ZMWmvF67>Bz_Z<eME562;CjDH0&8xI29o?xT@`I-
z<zQ<Buz=N)vI0+V7wkxGcsNkRf!qcF=*Xs}bj=KHv|UBk0zk-*#0dZo%cg8=Wu%6-
z2dc3FGa%X2(a!crHe9ufKhEMm&az0Hq-+XkV^hP6R?eUetQ`+K7>u6-JY<uGe?Wp0
zW!rGLdte*Tt*xP@oi(h4kqdwolt`c*O^wj1(id@Js2g6hL$ayu*l}B3J0uD=fu%iA
z9R`0JSq=`IlH0=kFd+P72R12Fb9=Ncl1<9o&>k&;HnK8C17|^7n%Lh!@^f*+!`a!}
zq75xboMSUDTUhn+kZ)SP+Pa-Ul;*{B%!RQg>1<F@ArtwV&*g+#Zx38d;*&Zg;P8QL
zO?E9pAVih9H)%TQo;Rm^X~cL->zvNfOx}BaQ?6Bd70eHKVy3=lRT^s6m@j=xi`-by
zqHZ^<)Vdr~W48L8TR>RIP`{SJs5rPj!&Zlm2>Ngmzlku{LFkxnr9so&gmT$Pud{kN
zf@oqXuWxQ|<YQ_SOUc(Ssm14dXAA`?%)iw1%}p>Ht)AhzC2}k-c+2mr5-s+TPA|_B
zt`Iq)J2S{KE{;=2rI*C($qBhfN~rNl=<po<uN;XuZ58A<^4(+h+0bGk8-+j_pP?j1
zy6$=N^`)Ss5T%#l*=|w;t@HO4uG*f8viIFLemlnS-DmDwS=#$4GYe+jtG`-3xMP&W
z!89MxBATCIvMO=Clgz!m;Y?(vZOr)%!<OE*4WWhF=^DX3!TqBb`o2jky;;k+$(As+
zr0<{?VmB+W%D+w_$C~Kp8FcUNH_Jp>#Cw}3eivN)uiz0ss&{x9+TK`Xp_dnT*Yo5<
zBCM{+f%TVj&5r9sOz)F|Z1KAcRkhfcIBjigJsKrU_Pg00DU7@4tNw@<?>qy9^+`^7
zdOmo7RJ(Og*m1wQ{FtLezS$)r*&RnepP;P2jU>BHP$%agL(Wb9^qkA&n*XCGmKdF}
zL)pD$$X3}4B6k>DWgdAj%ZfA?G(5n#9yvTWREN|jQlOUOea49K`kWFNeC<ZGVe}ZK
zthg<oZxX$qHv1QWua*@8{iJc(-K*7Tjcgajw2Q|g+{vPE6z?5J2Q37Nlx|YR>%Db9
znLAQZfaqt)A3A(ru6MYU>=?Uawbq_ywLP<g^fCU^SqqCCorI=B_^!QF7DA;Fr+uGa
zsPRxFkbIlJ?-u(?E=jwb)R9kSH=1S$+A4^{1*lou)Ze0q_g>Aj;(weVA$yK|@z9gF
zRttC)BKc?L_s226`>)J@>d+4J8{UE-i=)a()OTl`N@+63IWDzYqI2~pGXnAhmYHiP
z?ep{wQmPg{@Sg6gl<!UYWXWQASDA!tPk)insg9nGMd{QrL3OGn30ifJv$9I!0U!NB
z%%0`>&a^%b;CV^#!r9|^l8Q*!vb|>EoW+w<#TVt&BZW)-NAIkktC9QG_C6O~iZ8H^
z!e_iGYnWJ(x0V^@a5ZS1d41G$jXgx)NB!tyD;DwnbjAlc0<60-rNoR5ExnCh2{U`S
zv6=8Tnb<RxQk-R-nVai~sD)E*o<>{P!KZ`f(Y0(@RLxn$Xq!#t=9_hjnls{|vm&XR
zx3po_|G@x1=mRDcKp$ja&A}}>I7($xbGT*?)*rxK4rrLq*c1&d&}>rdY!|_AxM0#{
z6T2ubAt}isZfI_L&DNAn(h`u3sig@U_+g!xrJd;?_i$wiw4ITyskJ@$tsM^-PL)l{
z)Yi^k{Dz?|l9K~0W<RdkdH6wdWBVImokQU&3Ja6{Sf|KH;DX--{j+DB+&C$BNd~yk
z1pKg%gH0B!q^3q<mL}$CB#KSU&In#rc)3x4j<>JRbATIhLu(ndsmYD)M`Dg9IEj$l
z9PD5Xb>6;V=jGzWji<R?lM97n)B4d0?nBKUZE+bi!PU74mJ4m<d2SRZ5*`4os9<3P
z!|DQ>2G{_~MsomtackDk`oaaj>HBwv;rKhloZHs=Kih}zpX>uL_`^Q9ia*N>7yKsg
zzuRX=z`r!pd3N^yJ45mFasBTaiWjW0KMck5SBApH4?imo7yP35kD%iZTj3&#ZRC*b
zT%0JjAFjg5#|@Tvb1PdlYeOUSpHTtZMN@k_Wwfohm4&sHCG4eqY_cE{u(h^=*LCD|
zLvuSco0@{5-AyDrF318C3SRhsUiWvFeNJvJ4nA1i?P*U2R{oiOlSul`xbeAky0x*l
zMeUzspWvN66ZY)Up;|BWD+2Gm6p@Um+`UwI1bc%?k7YOW-L^TRMVDRI<HfGXH-4wt
z+0k*OH>$UvT_BHBK)_?&xwYi{KAW|4hfa5;)T!C=)t8vdP8x9}<Ll{DVIzMAyZ@tC
zF!S&KXXX#UF~8fd%+Fl6!~Ch={znD+|2zAC7XcKOthlY1PHqpys%R;D&`mO)<vX{i
z{BA|a>tcN^=c?ut7;T3W%G&OXlqPEu;q-9UM;?|L^Y&>`o|ZA*q#J%w#=P3)K52LC
zjn15eV|QMO5L?&aa+B}c<{EqWw=*R|gA`kWw?;!j4VidXIk%>k`tt63A_p^O?GN$K
zNh`c4Oej`FU0lt7oxH;OiX*F$QxAE=b?N#c-pAQYHEiG;xyO+2G-io@=nG*^0rk@&
z_p?Q7tLyY^lwUTijxc+!$@S{CCKm}E)~-0;QGkrJa;j2k@2eWQsFJcp(3sF!;#GXW
z`My@|q;BGrf0I+BUPUis@8hqZqRhA|z}A3))CX&>9zpWBt?$*^mTz>Hoh@e%>|0qM
ze_gTFY23fyv`Y6fp>i>&T6<Y)yh8C@JY5!NMVz3Fd45i}%I3MY1LN$ZAFTt*Im=}`
z4|cyb0g{Kx-+LWuQV5g)pC#-GI24A4xC3}~BT8oG)+-aJzO1r!J<<})3A(1jP<0c3
z^7QGqsZ_+i5APA+pB2Xp(J_LZy^pPU4d3f~e5<?qa=YCNtUr#v7V;cVOc(i@t2Ohf
ztB=914nH7v(!x}Tg7i2wF_E$_K^3nI3W7vYN55!C3$7;5d>P;8v|ec4J?L8Y<(q}$
z%D#rowJPs3e2M;(_iwW7Y8F|87vN^TR5IC=P(Qf5@LKof!j;jLEsk4D?Ey>F%?TnR
z<OZ0z?vvQBHo*oES_b9jO@I%1U193!NDwqt+Wc-swSPU?dVKI(@%vei)o@KcmoFvb
zEy8Ov>da`@Ds69qsyaywBJ2eAD;WjYM!ZhROa4Xs(S_;F^-K|#53BR$smr&v#*|KZ
zeycjJ=Q{a}Ucix&g1Eie0I^%rQ+U|=`qDSce*4xub@{&b^{RbdDPK>iTAzF9x&D2{
z^IiFjgwrFXU@^?l$Vn{J7-aB`h#0tTB{iv!-{ln6Z(19h`kjMwF};^9oVJ#gUMv;8
zSg(uS;~7!;NiCQ^Cf2&ceu3uVuGYd-dwt)JCl|S=Zg%N+%x*2sWE7U^r3V=Zex0x0
zQn1>RNHqyKL>gtu{273w!$>1aOF=q_!~ze9(BTcTQi{z#Q?%l@RJ3KrquCetGAqbn
zy~av^Bg$Pw&a(fw`NTo(X8Sx-iCx21j!1<%G_}@Otg(QmA!cO@n&A|IgJBz5U%p#)
zWbzN*N6Qz*vog{Mvr>@4%un&p%zqch{I`B(e$=fU=Kr(`L61p^eXW8FfDfL@qMM40
zsQk#VRJ4JKPA$X_1w(Ju#jaGS5BaTZoO7Q`dF|eGy+-cT_V|Ccq_)&$E*u*E5O38z
zxNJA2TtNSA^dLoGqew#ET7S><3&+r<<UTd_U8eo&V_?JQFd)8EwEom%P${kIxy4rN
znNu`dRxR!?qo?%y=SSWwKlCf3zHr-X(pLkx{4YKw*g_`x<lbO(|I*Pp$!3Z`)zPfA
ztLFVamRy#lKAp&4T^C~8_mqwz<wMBenh>qNa(MdZ<phmOD32?hA}=TRq}d(Y%VQs9
zX+pT$n0XiD7C0l^E_k*dn6_GFcX(=6wvhr%qOZP1m#ZmEdrS~(v$2$^v0JqyQIzXC
z9cNj5!{EBO*_2tuMqTKkz?_xMnMe=WWnXHeY1aA9)S%reojH2nqBp8+sAgS3<ne>6
znME6^7cn-oN)J~xKW|vhFABuT#7&O9IJkSb!@Ti|@gAC+wX<U@9tr8mSFJXNo)U}<
z)_qxR$oJ@5;Se}R_UWp^EMbA@E{_{Hc+NhV%~h+GTD`NgbasuBBCyO;@Uwno@9L^@
z_gs7e)$X}0cv9<Vi{7dP7)-fNJ#(#6lL`B+P2R)gOSB1t5#3Q<1J{(u-P8ChMtKGE
zfxGq7ikshsF0%@>DrQb;OW3jd;q`Af^SUd^b?tKx?TsGbPQJGblXK&x!NCqCx~-oE
z7fy2DH>+3`05S@Aq80{Y`!_m!h{sD$Sna2j-8BoZXVKC2N0yB>t<qIWD!jOA_1)2j
zVC2=x&G{xfFr0Q?GqIHX?Af{pyM~(?l^T06p5=PMvx+y(RC8K^P4N<HbGGO9Z0FR<
zxT7a`;qt{<ADUe=z~D^x{XmOGy``EDOM{QEtJYKuM#mZi4$Spm-3;&756B!C%V9S<
zJ4Ko?XH90I-V;FIJ4~9v{qjM3R*R$}(%AI?zB!;E+*+V@<78#e>gtCj{gmrkpred1
z1Gkh~&l}x#4$oWdFvpJYlyX#mwWO>&?09WYH(yTRsza=Y%jW>3DEAHp@z{R3N7l=d
z(5SnH$GyP(W!2S(z-X)J=2lUb3s2#9!2_Og)!Na1l#bWdy6cO~A;6g19AFS-J(xQ~
zsWh6k!K@Jq8eV-yFd})%)3TehttRC{)=k$l(O`~1>JNXcKiRUWH^sictFtRhNHNo>
zSt(aOfi2$9PTw3Zt2`RFMby65c1{$7c<jnZQz?c)KwjLK`$AFl504z5U(2vRLsOQ}
zs<Tm}+<LA3R_GvDYEqBwNa81&E9~+`yu?XFy0h>uub>F<vZA)W%EZNo*IBpBvjc=P
zFM*{qU3v$$SNCf}wSkF*<T}gmc6&Y(#D3G?;&Gks*4XM_^f|tdabNPvxh=3nD1$|G
zo2rXN&kB1;eu-vNV@`MO&jWttuHXJOB~*LXdO9T8i7nxm+9=-Ak56aHDkYfGAKheO
zq+uv3e?0O+f63mwT_Db&eo=T#`e%V?C;^+63<u1V#U~%uXeww`zl5qxH$^xKQ%055
z*nF!r%lt)QMPz@Z@K#mt^OrJd&mZ;cgC*m`dU+wC%&aq)`ca;W7pwb;iM*zQ!TJU>
zzdK-l9uT3y`L}NlXA!nA^N+&+BJrnRRNP6A@!(;D|3zYn&-S<1_nrUvwIC3;ez^R)
ze(<pEtRL4;fRCnNtxdjjaxT=eUT<l2MnnH`helIbLVTFP`gFZQ>!gnFCt9bnfQ(7{
z7X6<+2ldo)F0Gd({>_(lyl44W9qCVC-<Hs53TqTCUp!r%dJ2RMoeV$12l>4P_tB1S
z%w-D;VN+(kOEs5>YxAP18QdpFhAKysR|Jlq_{prI0=$nD<2;m>8&l4bb=o%TYs#RO
zg`arJs?Iv2f-JczR#pjjkc6d=F0nKpz0%tx98ob$d`Y~Ze0l+R0^LjFYlgzqgVyY`
zAsry1*hU_%@9J|^nxpS{v)(5EC8YwL4RsgHoXD1gacjhzbFHU5DZl7mb3MLD__G3B
zwod{+r4?Og+dB6w^J<nyE}*~sv{BhOhnIA6F$0Gx9unY-F8v6zp!-R636U=2Mo~@2
zQt~wxG!kL}m<hov>jhZJbZwht5S%+nJ!JS<<p|Nj$P2UhQF6zh*k4{~X}v6iviyd@
zN?x+qa?Z}_Ufi6p`Pnxo4(_exnL!E1CitKYF(;U9h6@zEn1oEc2#ly~=y{QfiSt3k
zQpP?>xwju&O?-D?Pu2YKyMwR1m52iFvt3or_qh?qP^h`s`k6B9vxYV!O~J_nwaN|(
zw9MS-%!dLLq>`r<^ODdHT_3nFDU)?>D*GJUbKnzGpKDSgzS(|b^-n}wZkV_v-Tn0L
zV!dK`>LgTtYSh9ZC7(FM#>^^*=SYZa9h7MGv#k%Pxwb&Wz6VO?@1DzgA6$H>wINZ$
z=w&;{aQ^Xe`}6j$ntT<{V-p=(K3*^}F2C#eVVKl1NJPXM(_Zv?Qtzav(zFhL&zr&v
z4VXi+^_P>4lKpQq%E*rqEyd*?6nGGEzNhFaPh-!)Xe;MX^B0?)^JfI88$C59Y(mIv
zJ;~_{X?YG2*K(EQK0g<&dX!^HSJ6hDN1@f$#Grt)eAA!K*f@zvlfR+~-F~mV;9F6E
zYj4<aQFC^a0!HN!Hb@Xr%Q5eE*70K(e=b_`R=}a;8)az+9(nss9dSu@Ja7Ac?1BQm
zVwNtC4d3aQ$k22ji8B8#S#G|i{@ju>Dgk#Ew1A?GP#j-SO?c6*wDug)&F2@3LM?5R
z8s70oeKo7C<~i&hf1|M>?1G?$ow2@Te$%VNbswo*zEFxFJ>=J|`vhGU0}g4PbI+E;
z?@&G);yh9YBAMuS`puexmzl86@4jJ9DV61QL{#O2nAvM$l!(DrIn>gTq(ZUJEyW~?
zGrzLbD~XD`xMlJnecs6a+9M98y%8TD)aDaj%r%Lb4PuCnr{tC+m8y%o&25W3=NRIw
zSlGr@3rMg|LMNtrNO^EHztzrFv&+0aV6fd2V}5Ba#;DhnNR5%EouT&9kZP*dMDUru
z0m^55IbC$t#&&4|)b%PF>9RyMf|h1MG_7~-Y_oKeSKJE(f}}5vf6A)iFj0)S8pZX*
zb@=HS*T@D;JJ(sGDl9j*!1wBd=S#V2RHFQ>ClaY%3*F<O778i(rWUqoR=NIynUSVj
z*whUxAz8~4IlwCfLX0vAP3gt7Pah|~y%RzbR!mHW(=e^PaJ*}zSg62yVud4}u~c?0
z<7oEcxzLrF4xV<2Xq#C1SP43fL5tJaR4LRs-Y~wh<xW<w=p?2Z<)V#Zk%wOC4>)8{
z4+3tqJ1ZWGzgEtlz3i_f%EWBrI;;C7Kk!1DR8)fKLviZfFOpLSjN2ON;vPsU8YKjt
z3gCE9AMWQ>Y+KOG_KfQ8!|LGsiYpwnA^vKvsB5nML$a1<qn#Jx-_#^L4OCwkO-Ktf
z5HtkZoN6s?&6JBA5U&UzsItQo>#bl~tRFw-*ERh`=D1yixp%pAFUPrrdt+0cjKRfj
ztQYM=eR*R{pR`EA>&L)9Gyi=Y^E>~_`~o98%pc4KLG!{^+z0Z44diPara}})yhvH4
z6u3q|649a=_i6NVF=A7F`ECZ-Y1+sqS2Jjn=9~Il)?-kcmTwbL@hwiJ98XQx>9ePj
zjU}xS{*d$bO(w$T!DpSb$J0q|+5`i8lvM94uB~4cwp4MyAC`N~#x)|!lTyqkQM;41
zpCj2r`^lq=Li;%TjyKGFBS1fmW?QodG0w_(AX{X{=Z8{bFR_cqrW6=yj;TgG5-*P*
zolo}KY;q#Y+I${6c4GB4ADfdBd7l{RgX$nVgSb^93I<Dd@QF{0QMi*M)Bq5aaraf>
z26OBa<)quySCT5*i4|PFpTb5))1+{bHRe6?jhSsvJ8yfmn@1^Lyxc>I%$L$KwX3AA
z5S7&auIJ2n1`W5nlR>_HoB51WQr_l%-LuTI?-#RBgJ+Y7x|@pdLhnnvC??zGq!W^x
zFgnYi!kkC4z{`$Wa{6kn5*%@&jaNK5Dh&>WU)b<!GH^K}gPNh<+b~`wK+RuujFk0s
zcQw6dj#S?I=aAC;@~EVBi(sP{SO<<9caIJ&vl7=D&&9@uT<pu|?7TcFd4hdCIP{(R
zMT|-mi&|HgiVN5^sb;=(^dbGea(Af$Ml5;6d!4fKR?BjQCNqOf!82=P!7)ZB>7FSl
z>RFUiHeQPTS{Bhb@<nF#1ToPiOy-lx1(A@-iGz*m+`8Wb<_ShT*PFhU9p|ky*fah5
zp_Ej2%z%=RKS9-Xtbc4vj#Kz~CARKtsk%|~15v}~ZhgGbVR2@+#?Gf{c~6htJ0Dsn
z!ARqG4;@!HViB0QAEse0j*=KaqEf<#!XwBoe8Ofp4+k>ylu_G}ju89a_^xg=xhi#!
ztpNY#sNLQ?lgqNaT8*riuWY1e@O`;J)$qoSgMyTAe)Uahb3_W8Yb1x3LWJ;Dz<6)I
zVd&GV(~9O>KC&}lvqLAIbvQL?r}F5Rndm)<8Pz3aH;X(~O`LA?nCn)+<avFK`%P*5
zjo+^`(j0ot&d-Y(W$#F&7|G4@v5jx73N|>(8XwArppEiRenck3nvhR@emc{*#~gFQ
zm8pimu##o*eF%T2Ep6;~y<Fr=qHA`K?VZW2!l+;5ehnhPPhv|rpUn2n`ul4?ChyM0
z77)>7)djNkJa^ditJ-K%n9bA^#~9MJExb8A+V_H|d^RnmI#rC6=;2~UnU%kx<d)g2
zr0TVxcp-CUK?+ivJ7WSFk)@v^V{GF>Gdvw6Wl*Q@7%9d`6J=|3$xONg7CVI)dK3H7
zFdc}Dq_UOzT&B{}G1NU9eoxV;PiL0?VNz9B$pp8PiY)3QpF>lNjQ&@ZMssf6c^UB1
z6x~XrpIybW>DwQl@a_^P1?h8%P{nSFHNDhsRqva|ChsCHs;u_&zWAURt#i%q+~P5v
zh%50162tRG(ed{Z_ji6B)64_WP@DFR2?yVbdHD|ZM>MLG<LXPdPmBaI(j+a#5DB`a
zJT^)^ATk@y<a&KG>TYM*aOdPD85H?l##R@kJ68H^UZ;ISRX9bU5*;jyLyI?d4AEYe
zkrHH}^_r|vQ%A^YFtPB|g-`|YO_CG3{O#SZt}gUB`f}$!JAAD;j}L1-D%Y#GPO9vp
zX6cxlY3p;{1#_^ep2;_m7p%u0l+E^)DW!iu6ez0f5!~fG{U-anQjn9-y5Y(36-z$1
z)bE#%k+RF6u2+2hn7&weK&AG%X<glEuvH=Gwv-acrgf$B{H?M{_bxRVlsS0-zwW&^
z`Yz|w3S9<@t(?_w2gQmGl&ySgG;_|AH@a?uIT4*}k+pg{Rf8<kX}GsH#=yVrrcr|D
z{x@dn4)L8YCQZTq=)o-=>pfkKM!kJH{QDGMJ{+!Y@tF@1!>~7%SPtLsPA=Lwg)WbF
zbjt^kr0mGP%a;Q(i^}FMwc|ZGNkKYNUC?JYJCvRk|15sXHkO9%TXHB+LNTZaX8z%S
zX8s2_=6Cv)`Nbl3m|qq|z_TXWn1ix>?ksPt*56-l<=~I;D;>15z#LTI?{Ac%;)y73
zWSlzhP9qL<^?lSY*UT$@UfVHqM$$P<+qJOSN-4q8hNS=53R&m62L&nH-cNTYodkn~
zXHPUbb6ae|K9{Zpd~W{2%EnN<Wb%s6EE0>7(JAAUY;|i9wOh(Ow`Gs<>v$G75I$Cv
zcz5bb*4MEDAK>1LOKThk=M<JxzpQ9S8Wca%EG2U9jqVJm`R0E++$Vvl?U6yTSc-f6
zs&A@GfStN-qt2Q_#Etz*N|GFsWSMLVA2P=xLJge7jE5Q~7leUC-eGfQ?>C3Q?0iy7
zZEjoBrTgiH=A_0+EJ|`FX-Rk9E~%ESpzHE13BOI!c)g!lxgd2EHkSn(N%Qr)eYA8Z
zS{oqn+2@!^wMmid!wRX|xZzZX7n75+s81bn-j#7@%S=k@O0{nXwR24Q1+Xnr6Z>vp
z604btp0;j4XmM`c#Y7Mcw>$)1-w^(xR3vDAQku*RY+CGX3#aHe)gN$8wQyj|{l4_M
zLG`}vl;B8T^AofRW+=i%Kp|X%SPFTr?oxHlo|_*gbqu<nT~WdWTh8_Ok-W%UcHyA<
zddHxC^6RF2dh%U@Dp%|nwj*j*u3}^(jI7gnNMBJA<?ASX%?-=k(R;x6Rz&oGrx1of
zT!dEN-i|l>y;;m`l-`x}h9dpz9cqslY34g;91{*Wsz(SBOQAq`F0G@ZCnOh_$_@Nk
z26fVAb#(tojIQbZz@``YeOm;%H!P34?X5KkHqc@#{r0JY|A6Wv^%24Y;b&;JzO{;L
z3Y&w0FPncR<f)u7JwZXbF;7qW;6b8PA>aLtV-w-0=$yY_OGe9Lf-O!N#F}0SF}RbY
zSckWuUDYzB`=z6I?!4kCvG4TZx;IwVWZd};vRyHjElh-`<12fvd1$*7$)L_rlb#uH
zbDxUcb5<^W4s+nx2`uWRc_@oVqk`q@yim?*2~6UZbQQ%p<8_jW%p>oWqa_Eg<;-Nn
zpUA$97RO)@UJcDXf!!<l$%O2_6-mr<t7nG_kk!g@28{E06Zf;@DZ85OZ2jrNR6_Jq
zPPScUq;cHGvvgYNC5yxI8a(3qiV|4nSKd+{=dLsepMJ9@{&_)uwnk4BlNdU|GC$NY
zsWD4(>r6Fy^ZOL@uDL53wTDRA-_aUVbzKdcBVZsuS(%z%?ZtcTdwb`lLxF`Zigh+)
zMR_e|6WkvjQ_{!EhNrMy2m8{F_W~{C;~YfLO5B#WvcYEJsx(+-f|*Od9d5ssLmgyr
zgTb{!cQMsOxmkSP(4g<mNyQb41-iQ9Xddj|x>(_tFPUCszBx@}`HHE9{pG=O)&6^A
zg9Vz=28%BoeNB29v#O>uo%54PL-%!NxXYq4sQR)Q9LC(kggTuE@WE?z6Ku!_>N)2H
zXoZi{6Z`Vq-*DqImjWh9lZ&ye=?=kv);s4~5YG{5K!8!)gE0EsXpU*)deyMplWtMj
zkX99TnkFyr^!2T5X~8Bz6>jh)<6cRQ{P6i(Y9^HtxhY3l*Y1JY>4#Iw<~{vw`Or!C
zUa;NdTFvo>Ov`(UuO*Atb-K*?bm1d3GdAcU?|~?Ncad-`0Yl#<H}*IRKQAUm8txZu
zHfN$ax*ns!XC$leRg2-6lh|ynR0}SLTHUmwLGfO-`{M&(3(6Ti@eUsAFy)sk=C1mM
zV7rRw_T%=Fo^_4ZJ*QmJ%kug0sb|8|ZK5urIL^CS<kf;f{YUwjP2QSiUcY*uKwPq*
zwP=`5FKMf)NbM$gb*8%4;we5Ac<b!*^f`L4z&QyUyJ3@4C*HNo&o*^2VBaG9YK5@T
z8g&<0T+#E%?=Ar!H$gLE{j1}|goRb7Ie_a=eR{g5w!6RV)L=&w%?&;ZQcCX9EAbx!
zpU)2WrE!B#1-D9aVCEnDXXby1V}8e9nO|CNhxyaqL(r0ds>uh1D;oD_i(i11M{Hyt
zk7Nyx{+O@DhR5wwGAQ+ZlIBsztnGCM;*NemzFh0AkQjJu8pohdlaO@RXny0yTvY{2
z>}`j6mQaS|6bU-oh!>wCM@toLI=)KLFc%ngtEO0F#eS?PACi(IE0W)Q^OdMo(BQEM
zmRzAXr~ZbTrHwCdqm5HHMT%AqQ(f%x$fZ3Wul7znNj~t3S<Vx4aIe;4L%`6xC`VDQ
z>1(U!0~?x|H}8F$9p1Y8{OLE@Ti5w!bS(`oD}fz~Q;wW@)itg?6N}XIGCJdnSs|^r
z^8@8CkosNn8@ia{8NSZG+Mvs(!y=0^AMH9dVpY!L@;)w1qtkl10!>^yyEzw*y(eM-
z+v=OPrQ-;H`>p(b06-`&@{R6fwX?~MilYs8<K>fU0?;X23aY$FkuIc%H%*NHU{^^t
z*9D%oIUZqYK%nxcQ5>u<Yx{VldC<DK=}cnPtrEkExndsrN~CvcM2cLldTbC&RaU);
zzPlm47<KQ7VrfGFW4dcbJ=uk}JE3M_c6d(b!b~({VpKgbDuWizsz+>`@2VxyoDDd2
zkp7`^c(<^o-l;?UF3-rfE+0*-6;FSp(%)L*!iweNV*SFW_~2em!1Ih~zt}F9J>Js%
ztUUR#*G`bN9Hrb#yQbXzRVw9Hn%YG8@%sIe=~u7L8RZ1J1z+O2(K`RG{7GRlEh9}K
zNtaW#QYF93dqiWp8Q)qwn2u}r*?KxC&AGn22(JYjoIREGapUyqYzm>(%1&E1##(`)
z$n?3&;^Df5dA*lo{IxZsx8C#1D|B7m66a=!iEANLEbS$}+)XP$kt2RLC!7ZF-mz$*
zBKHH~V+0Hoyw;x9H$smtG17gS9^yPf<R0M4uRNt~=<!CNgzF4VPX5u1sH?re#keBP
z(j7Cn2<PakWwqA}5q8fx%df<n+0RR1*uRiwhN@kqEFCQ_ZmhhoRiL$OAjoYzY)a6q
z;8KhU=;Ot|`H3)#mAl<iiE+sI?z~Fp?Sf>da#=}?;dASi*Pr^nJT`ysoA-rP3AH&C
zj-@|vL_a%?g`>Q7@t6fK1?jVDO67%T7RI4&9Q^GZ?TKI515S_1Tr!Ce7|gQz+{iV(
zaieCU*zLoq_!o1TT)bxmhK9c$&riFR%!#$u<yY(|ab%zy)jwPn^?u;v{yVY8VwDH4
zch-?OoTjl&Hx}1_P1#q@muy^k+ge_DpJBSfnx<)mqjtOjsYOUD#i#e9sg9>dhD!s>
zU%qgW_+aDq`TeApzXf-OlgEi1!+k;pgH}~GXSz>2LAUg38L`<K#skwKR((pnm&r`}
zH2}xG`i4=^b&wk{t10*FI*C=5o^jT_a6Iv71a)uJU|$?h+kNUd7okIFe{Sw1*36|g
zpWB_bjH!$425qfj{Jtf0m3|Q|1mcw>Pv_cv;zt$J#VpkB#^v#Kf7KrMyJUh1o(;3I
zzM+R5YPKaglG99C**4aw-H>S~@1~2^89Vb{uPcuS8!3}&Jf&5}z<bm#TH2U7$%L}H
z<;j9$tyq?usfsq|{YU$yR*Ta(lC)2?m?n)FR;{#yd8*;`x}+hqNTpDtDryf1&tD$@
zFeeNs%AtlwZ}^DY#}6KiG*c3x-@kWWBZ$5k>SWYxtGl{4-?tUvPj=Iw+jjK%QP(5t
zfynpc&p(IIvxZn-^=&@jQE-Z8SO)x@!1S4voVS=l#0kv@Y1-q_Zc83X`KM@ti*L_9
zTs+4zs&bX++wcp<ski}jX}8UdCr>Pnu<tt*IJ7h$c9wOR*`G&&%2+hhNVj%0?{Rd4
z(*5ZpllNMbk|o=*XIYO9TLn}N&Kw5Q>9TE=!`xg`s8vOHZsw5z4{5Niv9<w%&#Ai!
z&T-Etj(j=*l;9#WD~%1<U#`K~b(bMa+TBxNFzr^wJB8?zOl=|uja-^r-xWW@TJ^bw
zu0+DjKlRVdAB1CmhhLdrert#Mm%u-S0IDwOMqjqO;r&5{TPgWWv}!DQDHW|V$B?q=
zC6tbffcCg+fKi@H{VRpf$`YHp%?X$(oz%&5#+n#*)-$)&*X$K!xlWzQY0H+%T<FM>
zp|#nZ)XhrEalIUN^%7f7*_eQQ%R@1Y;WO~vXYRXhgW3vgM%p#-p@q8N1jG=Ri@;AS
zl2>lt3pPmQe2lKFs|-*7a;RB?F|pk0v}^Z;0I}4bjw46xjh}>0qn5wKXf@kEX}6kK
zd+ACMsH`3z&6Uye(RDTJZrbdae~w93bI+Y1@I>qK^o+mvv~i&6*B<byt@zBsU7EK^
zpyfzUsDb}!D)08kSt+#B`ENv7YTsWFSGSp&HqFSYIejZ~NNcj-${{9pV&8DQ)#Ym0
zTk;QG(nv;o35@hpEjkuGEWqb(Nr_g8DxVA!4O2^YmH@2JyCRBD(-lVsqYnzXkhxRl
zsP^(y4c?{199&(l*bHb|WTYXhxX^{R_I7J~RV?#nQtM-&sb`jyIOYTq`oj1%dad)V
zrnNP8R|lgfbx({Cc4o++3i;yhecE%6yXkOvf@w`SOMGYk1&*n13NNSg9ILXq-YnX#
z7LLkt$2^=tq|MZEAy#nodgE&|zKvz@Ug0wfVo&MJ`nP87YXvnjsKafjOGmVBeq3!Z
zO0u7&sNiUGc`M$EPXjhbK8uXZ)eyAt%JDY6*psd|T_q=uIhfwg4jmoHuo@R+&ROYl
zn%H#C@+Dvh?smdgCv9AOXz@_uoNPiNxsi@=!;|Pa0`a5SK6;#?2KP8E*5(>Dv)?{3
zb;!-UkTe@VIyQ1oyqa5bJpY*yBh4d{l@~IxZimo@l!|2*witG6Y(*{gOe&?&ri3;T
zAr+vcr?=AH%SBEwPPkM$otBtpsSs-8N;L&<aii_0{fQ`_8}<2xF3OwQrgAaT5H7VP
z^=K?Ay|Y!%3FLe{r<XWIP(?ODv!W2zW64|@ap92drmF4>*QGR1(kifh!>StKTEN0r
zP#VUW;XKvPbAC`gTxE-S^mFIS_odQGHFv397oSywnR@q4e~5F_{V*R5=e|m?4L0j3
zV!hc9OR7;c^SQQ?%~S-0ViKP6OBViJ{K=ZR7n;RMcro!->7`linI4A+c?RFLt0Ngj
z)KkXqQ*;tbolV*#9zU<x<o~`PvQSxF*fleezODnTX@SXeuRmUx9==CxOF}4Qcg>us
z;(c-mmf*?F0JrwW;^CtO&zUY59Z7y2G<%i#!FRtdx(6}I$icI1^BpIFgC^ZmREW*@
z%grXywu%DZlG<MtmVqEvg{5%pB0Za}>tSMFk~E?MhRWLoj~vs_+<Qjp(PMMN`+>^K
z3AVIjEMysl-(?Q!4%T|mE6qGtL~#iYeJFbOj?oN5XMa`N!Oc(76f*>3xU6{%8kYNq
zDO`M5IK&$;$x2i9Y$|JMmYl>=llM9=oKcIuD0pVjSf%)km9of4(X>75<v!!#nas})
zk&|h10u@sU7f)cbgXwf#E)PFlQKq_VINb~)VgV3LsIXK{+IGkDj+u*N5;0S<sQd~c
zl|xf{;xxVItZLGeT?<9qSPn7V>?={s>ZetW{d86Vg(sFGw^62h*}c2?BrmckZ;Dac
z6mu}3iQg)m^<~C+#V1*<Yl<=PR*nzNgG~c2d_P2*BbBu9WR<f{&04o$cDljz$zjiM
zC5OEX>9?ZZGiIKC%|1$fgo1RRPf`wdAB9!rZ2+iMMH+ai8bFNfb6j+7x9s*!A@~g5
z95L^x^ZmN|zO8mJagm+vJE9%-aHA&qnCg0JVUM<X%;vC6u7#P1UK$rR=#U8Wv1OjV
z@0&8TIWM`-dfe1D#hh3^^z1XAitfEkkJ#%Nt&5#@tP1LDZayhY&BV16*H@LJEZUz?
zx^`q0Or=m?t?gia$#<(S;egWK&W1d{QZ~_GgPywkr>9`%|NPI)AB<yu`(K$~HE)Oc
zb&fz#mxWTSvk*KP`?Z;{#Z})h8funrz9{j~07WmpY@}VdKm~qgXB1|p{tfS9yVrXk
zD|NxkN8Ww4wo(`sI4oS8g#z1e9qgB4Y_0FFlVoc8x24ilr}Z6~q9A3z-u=}O$u9Nv
zQju6?TFPd?VVh*tm8m2UKj;Kbm8oae%lq%U{Z3hB^23#+6yC?qB>s<7e46y_Y+FvD
zUxWr3^hlF(8qu-JmQP-2e9atdYXmlrK7i#iBbvlGT4A=o@FX^s-)2;m_eHVWi0DSq
zXET<gYCYI5%KSC1$fs@@9fD7-S2bilQ99;zo}x(?xyR7>diJ6G`Sv91o2hcB5W)gr
z2PzMm37KkJ<~Y=<a#~ryi}P6W@hrCp2PJ*^Z(B2QE;<T*TU$z17MDX3-=4i+C%CUo
z@GR{`6;tFhuGR&?h%vDRWEvL}iBFh6IR(jykP{r}_4VbkmC0Mj-M>_n&N#GOiCc0j
z-&}BZF4w-5VAtjPrJ$Rx?1AW7lm9tFEx{Ma9`BH+hrb38=y(ZG63~*q_YS`IP`CMk
zS|7d-5vNV)>>v&4RQGZ_O5u)$r7U|87J2ls-zPa1aXa7fEiCj^l5~y|+Bc5pcJg`t
zNiyz&<EMg-1kSZ1^rY8?b%?S1-ZOZ07|6%qFRO;UEV_B;X33q6mTTPJ$Eb2fAL~6&
z48#U)<g8&%FV!4KzAcz=8Ba@qqFk5yBd6e8k%s|3EvYNU=7WSI_btWqPKU4Vizr+(
z?th7*Q9V7>BVwacR-WJ+aQy3KJ7+N>Z|mY!gk@erNl5Y;15ZDiY~F%Xlu&#v(f11c
zVnyQ(L?97<nfM(lOhs5ZMwEFENg$DTFzt-&Ip>Z!&1a8|FsP4)tCkQH7b}nOKJmo&
z1;*4(pX_-3y|d5unhDp|k}az-WfHXSbFD&piz%UOm0qtH+$c$Wd$HEEY+=G#zUL#i
z&65>l-Qz0W!TsvD;wyCwXgSe&txpvO+~_K5U#xu68^=n1&fVgW$0N@=d={UB=1$ca
zJZqVh*2Lw66*(_~_lINn5Uy7n-;g*evGF|d1t>nj8Vo@K*hgC4F9nF`QAbEEJ-oQL
z{J)W$jgaf1-@CXrB@M+15PUF54NaD5Qyvd~i7#S7^I`5`BV(71Xk+}|;?-z~@eJcb
z2u3p4iMj47^<idTyUb}m3*LdHV~2QM=B$>Zvc}JpH|uvGt$hvOX2cCKkk(dh-qu(q
z9+tvh^A$VUhflDykz%nFmo(j6)D|jT7bn*gKIPeB9VuxbupV>`0KzBQ*Qb#5`TB%s
zojR>D{>dkSBH;f%;Q=vaH!xC(@u3d~5*cC0Uro#S+Od%lD|(;UTU@|S>()eM{WSpZ
z_|Z8^Q9<a2H@gKDfdyJ-ko$1)3RTXmg(6fTn7xL$aa_w>REs}=Ed~$9{v(liJFO4%
zkk0h$ycUahQcAa*2QIpLT<gPU48%NDxLAKZ(azDQmGfaxADzH!13}m2OI1P^n_ucn
z#t!B=`Zh)TUiz~4ATR0R-Z2sPd#zy#dWY;k)R~qjZzxs0K6jV2cF>EIXh?p~GBeAv
z+Jo~K3<z|@HO%FUPvfPzFn=7d9yyKAM91}(med?`o^+m)VrD<Vr?;Z`aoAU^rzSLI
z9&a{(_og4*Phjs>Z}2Eol+1U6V|~kyP}YE6$hbr11LR@fQ+s<u{qA{&%Il3_C?PDL
z2eY5=Arhaev`H?#K8Ja!hm+dnl0~bsG=vS2ci!|;R=zrEI~SiidTS*!J0QI1o|>J)
zF+<d`m(CUZNbLb(k7pLKu?jP)&m$!tsVuyyGKuoJM7O6EwU@kWh4SsvaJvm%QCC!{
zC&PR1xgywFA0Nr}Tnz|)_}+7Xjs0Lxm6+RQqQ~vzJR@<4+<n9zsYgg#3AU&wNQvGK
zh-yhZdgaQL$Vt;vbi5ejDFHM8+&?pa2#)#fer0|wlO5&{1pn(dFL}4#Fz?%3lwaF~
zv_$hy5}Kisn@?97SigZv5)jpg$lnTla6TazHnykU;O(J7GGBa>n%8MV^-o3xUA)&8
z&+Bm(uF1~sjkcgFHE^m{eV$6mvv#?!j*0(NYAK^>@v{sErOu_MqlT#Odi$fLj=r6j
zX}4F>a8kJJsHkc!6I66RJnz93b6S2Y&BzSd>^p{D{*|-px=O<Inyd<E_LE7cuRp6d
zSU+EHK>lEYV*N8dIhN|0*M3!evcgz|Q_TGYDL1SrU8BK}-$IQZ#T_D}55`{I2b&~R
zhHoa50@s*P!(UXr^gM(QGS5q4)Y=g3J7b9LLf`Qwtwmj2fc6v4EeG6Y%!drH9A?VL
z*cb7QQ4_>q8VfvDKCKh|;E=<I<Vn}N77L*~B(XQCO6yOmwp_S=UpF>a4dZ(=w@`YD
zXx3hLFfbEw<@;^^(?f&|q*7bYd3lJR^<iw6@bZejnOH0~yq$ahVl+N!EcWRH`OC)Z
zgSkQ~`(WoFkfR~kYqc~qIDvgKDjzQL=!&y&!K~#~LRwM+!jD6BMaS_=n@=|*D?bKY
zgG8vcpo-Ot2qY&BDI?+v(2|aX2jw@S0>SQKq4H^Vt@A{`A}1*W=fJ|@iL<iLDLfAo
zanMvj?ze)i`$<agzo@@<)#~`d0UU2Wp#G?wCyk(2<X)S*8TXC1bf4AIBh=RfizDSX
zoT^EtZxEL8agQ^eUkM`{SS$L5p4xMr&i7N4@A&N9b06s4-|{5d-@!U>e$SMa3YU}*
zcIgnytH-Z3TqVMmxFW8UR?=RGH;v9}Xna6CU%2+@OF-;P7Wpo|8?`(yCrjhqrge%t
z=+Ca7;oR5yWVv7AInw*~V<^@QQmToSU(BVB;XqhaGClKW<3bX$dSmM)C?fEknQ}T$
zmPb&4`!^(RPKfe8(@oOl6L=RcY3&_M!vK4Rn&2HJnGrcdwH`tLDJA5<*h5ARnneOj
zl)8nAm#<p0CFW6k$9>Cdt^*uWhy^EK)}p&Q7Ie?YVjq8w&utLUWkWWdWvn}wWZ-0<
zs9_##aWO|+HBIeOl%`bYUhg^Euevf~nRaF+Mz&G9*BS=C4GXQ^ee-00<ef2#1C0a2
z5jg`a3hmso4JSNC2PRIHF^okL$sPF?U_KXJKHv~rDs*bg%ow#vWsD*}>}4b<>MiDc
zX0LfBBVxWJ<fEIL74-BK8kH?aY>&C`?)iG34iWxys#I){DrQNd>tOc6NBZbjWQS>A
z74jORe4_|*In%t(VLLJX8L32b`*|sVqJ#`9hxemz?x&<XEIOo~7nk~(vA99^T1=~X
z=&PDB!{-@KG>(qs>xA;Sq)e`v9P#@UEls8MS>Ohp{!Ex#kA-K6lT^6=Wd{RGg`V4`
z2Z@Y6Hm}{OA`^3w-pIS@#_`bksb=ZZM*@tG-dEG-`m=KFYvm<v85oYK9N^Tb;y1kC
zUpe|Hc%P$hJ<aMpizN!J+1HtdN;x92E=Sr1`;3TSwV?!cd`_D7>sa;kv~N_L590${
z3K4#EV0<20t8k*&;1XU07W%Fxxe0z9majM0isA^a7X2dd`lS3K_FBCGDW@3uM`dzz
z6phTq1;k|mwPVBdmW*J+?vu(QHh<pCufCk*wKpQYnbAV}gf4G`g|M9he#DhKnK=Pn
z)_3)1qjEdh+@)n&vi$L;d%TwePGzN`2WZ1L`8!Xn)}15)|J++~hDA6^$KyKi?2Rwt
zU2S7MA>Sj#&oCS~c0fRxF3hQeZQ8$XlO!dqs&LNloYDSB-%*PLZ{98Sz8HP<bcVd_
z-38mWEb{sNTeR9jggnL8&-+xztW2UwKPs%|AUJ6DlDvAo|LZE#5E1_3(3G;sluwg^
zd@!Cf{i$%7bI=7jRnlToUz+-3WX6zoN$TDkeGJcJzOr%vgCkt0xO0fSqkI@ENel{L
z=3n|}<`2a&zwNKguSd7T{Fcuk2(y43$dI{6<Xvg-G4>Vn%X_-LM|{3or_aQtjv}8<
zpDyS(i8uXd+hi?SMxzjMM?o*G51+I7wO!^llFx_k>Z&!laXiP&o4r2JQF}N+p6^4D
zs?Bvz4WsK0YI^;v2Z=_S*Ahe2B67{5In!fQS?EF=mFmK~r0E5ZUABHBlJcIj;x&Is
z$LXvaPR6%wZaj$hEPWuIn{E`lK9E{7mYC=Gt@Z6fZ0UeYY&03+rdx6Y>ZSai!#FQ0
zBSUh~w2wpU$}-HNZp9afnZ2>EyoxRmIx(4Kc&!~gAwh&sXJUHFtMl5R;@4wYYcB(1
z2pp-SGMEE=yz4Q+SQ?^}-dGSw*07SB*sD>%luzVn*%dC(6TbYIoKBIFrLw^BVvNqy
zLYG!fvY<RtwcLAMwhBEnp=O7}(8vB4UuPK=SJs4U+%*Ju3-0b35*&iN26uM?jZ1LX
zkN^p;!KHC`cMb0D_b~I#y=(4|`PXM<rPrz2Z#`AJYHvEtp3r@aI)93xg@U&3U0ww@
z&Z?s$e@hYDgN3u$@?Bm+DK#oC13`HdE8dB)kD%AH*WTW5i7Q-WMcuw)+x`+unPR~N
zhkD`0T@MSea@!&OO$~c!(1y^hSrn1)%Vl(SKY@Z{u`NYPDtv<b?eN?_dG2Okz7?t$
z44$Xq$^r7<UI0u0xCnb!qv3+M^n_-}ju&N^(lWX8MvG}XpwF-(27Yl_6UwQa7wYgq
z-HEGxouYW12R(oc#D)U+XBQU%M?sjPIA8EJt)tlJ+6>lJGHB&t;GyLUVR72R@bJsp
zU1XZSspw#rn-@0A(&<oN<=l*A9Q+CO5F|nJF!)$q+=2Xc{Wx#KMe1t)aUnVHer96Q
zHp#qvD$}~W#i6CO)ES7Qm$S+FYXR3%;@%Mhk%=Y!6_5O_sr-)39p|syC*@XhjMiby
zMaccdXZ<BE(sZ@qOiS3=<`}8p4wCZLiGb6z%xq@(cM-OZ8F@$T`Nps=7<diulpc-?
z)MCM+j~sIm+2OG091P(}2RR)h(K*U5DeHgWJ#r~3flY=<{#!^t+JgA-lH_wyQ`QRa
zH%qQmoiAY+6d*P~f_AqdO-UTUTUSO9^<MXw#sZ?`fB6PPx+UOMWi>WR5(my@csBg3
z*PNy|4i(%UrBRz*u*s`3YEo92lleZZO7D`t4n}B|Ga<G_XdL!yc(*?OHn?GW9RA=9
zI*%z4UxvZ#rzMBV<};_OhU><euPU}#(HizSO*7LAp7udty!*?$fh>3?o@4G>_pAn|
zhpqe!z)R&;joM!KpVq^X`Fhh;7!-Q3b5KNpkZBrVx~kCAjq{YuHZtsaS8gibJ2yRp
z8R-r;K;RL%->9H%-TTWF(GCMobMBX~^CUg6vRo*)2_JA2e6;xO*u&lVrA0%icvGmF
z5l+PToUuv5r*Ag}1+7nUUtY*R$=sqJtimqYN|k`u@X#w%8L@)G{&t+G2*p;qq-kv;
zJOv2SrBo7bEG}(dE)GJ#So|Wq1P4FL$dC;WC5p-@R;ahK0p3kR6qOy%1s02AumklF
z35QnlbLKgTACvdluw8YuPf8j*!-Aw$Q<wdfG#BDXRRptx4E=TgPlVy}a3<kwbw~ai
z3+M50<ZW|iQX%)Ft?rCy4ZEDC72nE>=Oh92vel!b!#zSHR$<@giKm}!n=6~wWgl$o
zNOX7WXI)AUrnYrlaqZSfHmCBTYnkxXqQmpAl!ILZ_&zL6qAm8~9)0cOLixD575C$~
zUU7xqCQj?iCAZ>w^hmRnHzX?5fs6^9nYz{LQVkMd0~GhF;r4wQUC`-v`{g{<cz1nP
z?5B431rw1l(F_GBQ~=4iTgs=JyyUCsaB<*N3dB?XjbR?6<I4|$1BMW`o?m>g#Fkb5
zu&if8UDKl21W1zsX$(3NY-mhAtczHo`Ym|u1`a^*h+$TBvTrmW68XB)oRG9h`L2}t
zylu9u8(di>n!&-_rfz|5UfxOmSMsaR{O7Fz=U4J?O9ABn|851CjK1Cqh}{1BR)E^v
zf8Gj6`YV4p{5yY`jQ*29#0r5wQoqV~7ON=r-osB`_bmK!VDheaBx%Z^#H!IL?@DSj
zNoPmkSig1I`APre2;SG-`+@XQ=){+swZqWo`TS~ca2EZ+V8#Eu`9S$)IGg5ZIfmJ7
zMZmqZ_*-f9^<!-WM@poEZr?9U8D{G+K26+2=Pr(;3g0EMi&I_bmnXs{EVZLN4eg+j
z#dU^;Y2O8YZ#!yPjLr7nk}+K<4TG@o?06>FX6ioLBQz0hr7XXRc(B<AZV_$Pn0ac&
zOTZ8dEl?RA7~W7MudqabI=+N|NFkJjGkMpS4F5@nN<Gzk;E|d!lgcvIzS9WQ^Kr>j
z`0u5=1!Ym?qf|`&>f-jxhXY~^f9O;3{OqAPIaPC!caX~=bzLJ9=XKI5R?#{}%RGnU
z2gCd9pMr&56su9^6_4q+@mTmDMu>h|(+Nzv)og2bZjU4rF5A|5+bta&d0o~No^)^S
zlxMeiah(2HUTZ=JngFx*t1EuDxBEvAxFGunI5<)v!up%7yHa@Hqh)j*`xSvjzXwz6
z4{DQ18}~Cy-{pU87aB)cft-p2Kgk|$pdBI&F8s-8T;Woff9G^p*3K8Q!r_utXmPyV
zo&^owZ0ENpUZUxNhQ*I!gNCN`TOrOtC}Zr>@Lg4hJjW+G3i=3wYy}G)K7fI=yWs@E
zvW>#`hy~A8frs)Arx}D^|A|^d;-%)s-^jG9&9)tt;F`L9;Js$;|CGK1sY!!l^A1|z
zFIQ0@&uN@U-aR?cAExIuX!s;d5<!<^{|PAi9Y?6UiSjtX*x^jHiFSX;f;?LOm4z=(
z%k|G%cya`Xt?N!XkA4F{ft9PKm}9|1@3EV_lkI~P(8)?G>HY2AMGA{SoA1MQP8-xi
z=x9z`GwJ>1{c@;z`O2j*;I7;G;fENO)nm(snQ4bTGx>|@_>h@Lli^?6sBG}opelyt
zgh*QxBsmbrWphGJ<~7|RqMpq@&G(acRV&#V-SMa24C9oEKo?kfqHxew4%T3abXuu5
z+Lyk1h({S@ZCFsKaFkfmD5jKe4n;zj3&c%Xzht*kpuEh-0Dk)INJST$^2rp_D1YK@
zM<fJVdI|kXbrNkXP>SGyz@6w73XDsqZF9jWa9Lm~vTkPki1S6ZO_f><eS4bXliyua
zisSq)S(C!PCqJ^t)7&ayNq$k2^Qk$8?oTi%;?86hTi6KrJ>Sn4*Ri;+oYc>H*VVn8
zRR^S$ueLt0UgG28`tLD4Ykx-Zy%)T_eyR=thbkH@dCtwQT%A5f9|L)*zN_8cI8&av
zIEGnpKS%jEUbBXV-TlLwpI!`%Yg1oR6X*}V=kS#48%^us1~Zz<?_fa_#M%>U0yun>
zT|>imQkio(YWW=K>v1YZ@-ah0EX!PU=3tz)MZw%x3;STM%Lt(}GL6{qbbTPa*<zw)
z?@|!@zC0nED$tau0u^pRx8Z5{mzJivdPIgKZD5OP&U&u!S?6=$dB(b~$-7)jA?Jim
zL5b0%KLPu0n2pD0J&=|&$_;kXp-|NWCTJwG#TK+bZJ9-UD~~&_3a%Gz>yF*81^4#6
zS43EOZ;v|*M-86sCc6~{foM7j6>cT+S$wd`eNcX>Jr2d?KhCyl(wg+iuYVR-a5ed~
z7k>I^wfYoFY>b{7YG!vMKkm3vXiD5THI-6w@~*_Bx41b&FS~EtFr8lh=pj8s3=SFx
z5APHgqeA-on0N(x$~WWypawOfqyCcLu_BWM69X14RrN<=gaet=hohVa*N5i?CCR9K
z(KmT>Yxy3|1Wyy#!(WTC7yV!x6UD$s;RnT8LoKrV{#NUuZNt*v*6TR1F}>7HPQ9nq
z3f<-HwYib6LKt+45?Rae<E3chzdP-3{%$TysBJx3o73V|d^FRdBNPJw*Z+EdcoAK~
zpv~_I)}3wWHGgRTH~EwQBES8=$!`hzhx`aB5D<0tFL#%Fg9mjdIfDMKbvJu}4|nWc
zxODe<ovxk6!!Od*3Qf?bL$*}CsBjl0chcaFRyQ!qElDe_+}nL5V$vGX9tpg8)iW@7
z38I>VNa(nGMBzZ!M#f<8Fu9ya9#ly8$~9ELgBe_qOs?m09WwbiKol_xSEM*Sa{m1k
z6`luikf==Kc!8x(FAv#Bj98hm3NaIo(&I0Y3&zNVu27JM-9?Y0AP0%LvsO4%FfX+K
zc7h*Z2~}A!jYto^g?ng#J1!o2;<D-FY3fabE0~wu_M#$1>i-obqMD-ST5!8{w_m_u
zzQ7L<_NaMv5p)m<zL6jWJegFA`!cx0vP#_(sj(cB{o7rL*ZpWD9C?;uM3<g-CR1CT
zR846!$8nCYb&NuAu$@M$mrtsn-t<>^-J!ZU`B95tga9HT2A>2R_r^#Dfj6M`YF5@Y
znk_{f_y_$?JcIx&OEmq8d<BemC8}1CkzhO#)WdwLQw)gLhc)<lYz-;wm#G-(iZ)pS
z(+fKAT~HFxE@f51LxGceyu@>GjVNy?U1~=Ix&m;Nl!HsPHVjcpetd#R1(UPd()Mn;
z&7HE2il_X&w9q*}mW|Rz9N`})(LWIXlx8RvQCigX{PXFln-JH|Wwric_c_6Q6b^3H
z_x6_MYYQH1j_~H2O@J)|=nrK}t$@Bt7m}|h?q@Rhd%89@zcr}o)2-GS!4%lK#Y|S9
z8q^NjAG`6KUHwi_bFVI666>?5U|woxh0|r`jRoh5`MF?&|LDbAOm@?X=YrSZeEIPo
z6}<sWV0A<2f3Sh+X|KY?0kOH_wDW&nvv+uOuW$<RrBSfKH_8X9c$Bxm>>!QPgs+|d
zeaf5p;*?i#_&<_Y#><ajY|nPIcEl=L7Vb8-R9|Io5BW@8hwL{VbDSy86DDn@slJWZ
zi&N4~ao&=%d<t$%zAh-PTR0Ki^}DP&=`OB22@PBDWfM1UCh~bW1&(n%wBQOHXE#nc
z{-`XiDC28s7QPpa_P;kOtcQvmi#l2fKOmyOW`e@S_x!lWFE?4SrTtm1?@L7=#zL*n
zVE_u8Jh(lq90PU-l;!!g62pR3RHS}qi}LUFO%=pib4~p8uCmjAjEE6V!h*b=zcRxU
zMeyiJHdX6md;~<Of-%?MCIkQM0}I%TBeq(c9t3o)I|SvE<wqa@a~mc;irU@`q5eij
zSyIn<u$~V+@b1ZgKXIQ+IjL)-Dq8D%u1W~59af9BEo64pJ=|?|eL4GH$fDokd9yue
zpXGbz?gJ!HK;#eb`m5ec{w;+5DO(=059=YweADJ{BCRE=2ZiDzuBFTfA872IqLpjW
z^vyPetcw#Weq)~yV2Q&8X~8^ayNd#2AUDI!9`vSIWjK%bJ*EhpcnPAy^)xZz7t_Gv
zLIF)$Wf@5SPGmP=>p&q3F+*1>r<uhG4=oL4T1_9$6{Pk*J)7agzx~MfjyEQi{}(bK
zXZV$`roV(2&yQ%^FzoJ#0|{^@G7gjRJZZJy%G{$k&!uaSMjd2%F*3Dq3|ttS_Ejx?
zWtSU@hmYzOn!JvMj{UE#9CkNpFzz?t0VaB1Tz77ov)JDVwz^y#Tlx_8<aaC-)Kp<9
z-+l0zj372XcZ1E}Yv{FF2q|0G6R^)1M9FGNNOFI}P9`@O4|Dd~N=0U617<#XzPN38
zP^dkoj$d2{isChUG1cj7zjPZK4&peZywSn?8u0xbFnps}RDWPPXj&Q+1`?Ez{uEwu
z#PD~W6bom`its33NCA{dq$r0=jL1A|#L`O7w#f&InkI}@Gx5#c`XgN`!}K3#sTZb1
z=DFz?85(FQ>e%ytl&x8qZ0|*)md>`>x9=Vu`QP0ic^k*H-5Ln{Jw858uRZlXy^>%5
zzsaBS7y0e}O@4cxf5>lJ1OYMINWy8*qUL>U)gPW*G7wS^;u6CT)!RT~l$b<q-k9YJ
zVn}^pVs}VdGUQNm#qB+}Z4)4qy~N|~QF-`UU<*V%|K__mvl6PfX$bwWN@6H;0hP~?
z!0L12tkj2g8-{)Hxq{HSHnwJ-0}28Np#e?ZuNC~37?q!a2mrhlg8AyLU~u~%S5b4u
z$4^~T(t5y`O5mkwnHN_xO-kI=t!tKvNROL_TxU0UeLXkRPv-{TA3qF%J`vw+-xmT`
z>WQRTM3hx$U1}PR4wEu8PL|phA1>$H*WhCbS^ZA04(h<}C*BVRZYw9YN4sVAE&7g)
zTy1|`oE&X6-5Sh|*H^;iOjf((72@cVA!Xg``}Y@+EK_528lHIIgIu$5ptZ$bIQk5g
zFs00Vq#*5tKGFd75QOg)1b$Rb2vAC&|MW3s^&`kbfrEzD1c|LVCUPPufynbE=S~EG
zZoQ}p>lbWkDY#8@AcjJWvMYmZ_tX>p3BPXNKgtwv%xW>s{i!i4toyCk=QgT27|WS5
z*W7*?f7`KtIB-9au=BM}*V3|Wdi-h4X!Sw^bRtT$cGrgD`#AM-u6EN&qhYr!Fgc^V
z?D6YV(?omktgl%nClTbPtYzjWouQXERRXmgwQO$t8*6-NxO!j>FzLM&w(yJCBQ#(V
z^4GJ~I{h!1aAVS8OCZRqgMcl93DVOxFNjDm2CSz?;B8T*gDB@)IB1ctZ?=rk#F4{(
zC2)hE`5h!^zKhR+|Jp$Xzm8HhsgnCS!ha<+0s)l5DxVE*G({e0L)~!_g8Zz~e>H<#
z$48g`usat@;MJ`aeC)2+hu$xksp-Ob)AuVvW#>Srymn=`(Y5WS|03l?7)4psz|iOJ
ze0%$V=O*XU;KXap<?2u6pWhO_8SDcJU0WJ=`8a%%<|jxWSM~`?jfm?fx=coJyvJ*s
zJhxH(oJCU$F)v+(fHDq5e~Oe>iW?M63$zqP-=w2gjHI0h*)|qXRNzIWk)bPM7>H?R
zsRHx)b4?zg2MI;QZ^|kP5e!~igVm(M5ymv$|G^AIFf~eMGvkG;Ca%5IoyNNUHxa#Q
zIkV0cYPb>lCSM-@5W)wlxgc{7YT~dyIz_r)LJl=&eQA+}EX(yvp5+fl1}}rN5~Lz3
zJ%&C{A#ESef4+1Nd&i6zH2F4f@2@B9R52WEA{T=uBC~F`wPEt@oMXnT5cO^U@F|Xp
z=?)ri5PV-H!U%Cp`02|s2{ibW@ZjG0;E;bubAuAq0Mv*8@-YPpB}IuJV2B1VA|Onl
ziq{54)9mbc{y^U&5wPz*C@$PHnc%=!FVP=6JLx{q%B+g;hMB`fx%za{6^Z9cz9Mqy
zRGK+zsPrR4seq>U?>~q6)hPlC_N#5Pk?zV*kK4$fQQ&%-&?OYJ(U<o3Y+J_F{MWTT
zC1mZ?BsRe5u~Bbk>jekbRH0*1U4MhE-MpB`++)Xnr{+~`x=U@w@DZSxtd%;C0Sb{$
z)jZ`k67|2|V+D)>`n7$1hEcDegz7VljRW7R00^K09vO!6F0^oMCGRxw+r$+$hohRu
zy&AqnHs+t0?Kp6(!aVfJttNKtHb-1mZHDfTkXScP`CR?ED$CBMd985#?(UO};Wj(R
zdJ9<$mOW3mK7DYPIH(;^*|~_xl%X#|9A<Qk9IQr?=DLg;uS8X!+iOr-)pyE*ZOa=!
ziGsV3<9h>5S!-{a4v&u#5g^|k(E3BP4$xFQV1g8!$y?wf4p8Stq4eYgqQFrDkNQTL
ztXZzlUNgajN>Vu|aGfqQQVe{Q=BTo(Oe5<8Pj84QI37PCnVi$J4}8U)%__CE6L7D+
zkea<Q5nOG~A7aZExxL*}d1*f=3sqdObIWP;XxYCE4%}Dif6rx<MtywdIrHt6{Ko%H
z{?xz7Z~JfZyBz#OenlGyh+k6KYzMX=>^4FaI$LDO_noWws0DN;8;oSHD}-O+Sx+{B
zYxqCA0266}k4(T&9UnhR1ej;a0FNyl?E_$Todj2~SK@f6d$+ogT7nkgbss*zrRFVg
zTWoPVWexAj0OVMI+y=M#2OV^Fj~Yx6_m~6rxNCecTHPLL0&10Fe&G5f7-5w0ENrwI
zO`7dIOy8dHhsB@DkE8lB-gRFB*UMvibZy}j^sQFAS%EizZ7(qYXz&H79$s|~Nc=kj
zJ6;V0JDw>pjstq>w1_~b52gB+eFm1F_B(p{5{{ADCa@ODogF((;4t?vxf@wNj0BD6
z7gVW9bkO)k#R<L|iqtHKCPkp>#hR5MKC-BjJwj;18F+xg9$v!To0qoCK&HieJXd-o
zZ;0sXk~`ADgNp@2pi)v=(x*wPLq9|Uk^29XK|Ww;XsweAC*gv~<~s4N0~r!6tA;&1
zDKeG+bz1S)TZ=sH0$Z5_R{6JPS>@gQ285pz@!NDYG`lTkypZ{z;jfnUGl(VJ?tAzp
z4{v0d!$z27SxTA8Y)fnbm2dyK5)eYqzErtoivJdqlilhueYGaNI9#SudX$99bf<RJ
z4`1BLj@Hm?rUOfZ-}s@d4pE8IS+Cx;d}|@=vAFK(T!~dN;oJ2SGGd=01gy?m#kZ9G
z?PV-e(x2$5=<?&h>Ns=MB=TR%#Qu&&AT06Thq2>PjYT_dBNQjVVd}s+>{2BmJcvsG
z+ugrH_>mEaSwR%W!;<Q0%^k~cQS5@UJV<o-v93cY_SGtj+uy87P5-ov3JVVNu!+zY
zy7>2x=b047aR27kYjr%je#-8B0(w5*wxqLx9sP9+Uj6c<_gPO?2(kvl{^+(^ww$06
zcDnx7Zx(As!@L0NE`DnfSgaJ-j8bY&xxzmCr|xg5-}`y(C~8j(J_21GT3sw@_98?7
z1Ah*7`ddj=AM9twPZs2M&@iT_chJ8Z!GY5;!)m-e33EN`F^f_mSZ%G}5e3ktaprh2
zKC`kGjKJ|u#UoMSxczUxdguoSOr!=9@YYv1;iJK^@R~b#Ja~hUXvFMzWM4WAD;yvg
z-weJ*{9n%C8RAG*(nA(~drVDOz+jUyy;7^Xs_t6&@UBS|Yt&+K?CnX=Qdmj+lmu5W
zS7DK&fkm^+(|&1_JL#1WsmIgah55j4r2T4Zi|@<&Sv79f4T)a8+kxp|QWcgw-*zt+
z5<O@Vtx?ik6Nbvh9dY*exn4`BWoy~AoNIzK!|%rh-bZrk(JxPA6jH#EsI_)8chQ}d
zHXMBH$Fzb|@i#fN%(R*fr}GFL$a6hHbGBs2Hk3#Ka1vio9Jcb4KAPmVaR56LQ_OZ*
zy2^A;I6q^cu;<tU3j2Ifps+`{#zJw~4LkSvU-{-Y2F4B#Hi-CNRgby}BbLlZ!00@i
z7xhjTc~)Mpl%-|HW*o<w8fzAn`&sHZZU!t(QmJLM7aEUF(qGQ6H9zLG-!c9BtAM+g
z*F!eC&+Ta(JKW|$oqhRgv+vl=p_ImGLov@mI&;z#ml<){a*75{tnS*|hSen=^-((2
z$qwtJZ<|Y~$;R|jSjo2cwT^%Fas+TmfH3Xlj77hEIXcPO{WS4b`VEgrYnYiacs2Dk
z$^0ekSB(P=2?u1z^P5hhkBLw0Kk(*Knqm58Z>Yi&L;xc}e~~W-ARn!vsac$wQQG%#
z_VkL;*$snQHSuMSfMXI^lO0!eVYssOWXLl+Hhi#UFd{s?GlN26mIeR3(_Kfc4$q13
z?vcOn?X}Qnl%B%ToE-G#)`y?vPctpmwzEJO;1CPdw$;C*Z<^v^8x>}p9uhE%^o?z7
z2wmcCn&<yR@k)NP|0aLhU*xy>H~GDC{vkirH1L}(aDtJuF9W=NMXU}{h1b!@=l}r%
z6Jn^oqg`t}7lO@FCwF2!ZqJI_`y_|Qfjy60HsYz1;SKa6@BacJ_Zh>V9KjDC7AO;;
zJo%%ekXoT_<vNBU+IAuBcFoGD{_X&F7#h|k*RTUyU(Z22pc-imwIoRU{F{HkqJvw*
zIX<(jK4QHYwP_obXhz#(Um!U3p@;wd4_K<5lR=?OEw7T>xwM69+zb|X-6r3Y=S?7q
zx7<D6A;Y4)79qZ)1}l4ewg>gjfNY9Fk^?DeRM1EeM|rofQ*5y^O%E{}`ezKfhg|n&
zTB@|o0<A9_a4eoW$R5dCQ4alX*?^NYWbMbIj<EtcFMOZqZ(+VzPu%o&)tq@?0{sa~
zxH(w~)eA9ts7P=sl9NDmB9tEj%3-@PYXv%QJ%7HMv<(c`R4$ih@A?iCh>*YX^WPmC
z2Rsy<M*$4otiTJPRDP|7Z&)iXDu&c0@Z~jke#&bWQRda#UN>ejT-r{#H`rDpvtC40
zq03)~kA@G>D+s9SY3dpHHg3CEKO}uE6A)@q1T;cQ09DG;>T`E*b$Zm<YEHZ?gu5UR
z!(%`%;K*Ir%=|4^koV||j>~=a7hZ{!u`Bfzq@J&l+&VIr1d4jKX})DWZKN=2Qo>?Z
ztJO+C;{u^a5x(B=CG=xik50~7VexoK{cG167@^J~cX5SReEJ2;2n>|n2y9^HJQ0BA
zEns!~anz?y`#m;9c$W4UdK_@W|7}pcGixTrst4K^F~RV0eTHPMIXnI0>SFlv9ynHr
z1NL#_ocfKPF;(G{Qr0=dc1AM+XC!R+-z<Z}VYfZ8dj}OVg&fO{I;Jy-^=?Ro_ek+z
znou_v>+DHGgs<E1cKyb@^Q#XI^R2neM{uV(O%tcOOjBT}w)uh!(;vEa1>h`?u48#B
zGTOkpy4{B7=ctU;&sRC4jC6{HvVRPKMB8CxN+GTE2%#tq`=*>MU$G8P2nck$SZjX9
zxpd6eZpB}XDg5cmio@X7mNi6)in=eO5B<v<JHHAFy)X6ISN~(&J3eDF_p}HmV&vg$
zU|4OKlXRw{)i*%<9dSq36|y1vO%WV2&#}IVMcqh;bCXJJuzi%Xq?PEWmDbFOsQ7e=
z4}?}DnIhh23rQJzdgxvc`prH!M!SHmUr>5>SPX!IRnTX`zq+aLO55Cba696@AaG!_
zKNuTx55C2i<0ueIeu<KM@%C3nL*Jgx=nOZu^4O-{k1J$<VXQW)+7tCTpcZxTfTe4M
zl#qfI$xFC<sdOhXRKT_-6`|>Wmtk|lG;gX?m4Rww?rpD?yy9&SMZqYqTg16XM)nCC
z1LFrJSzuTg87&#TZd0Ddp?<ehx&BkO{huIj$pP+>Oy_r={-ZBvVz6$1hSK;rUeY`b
zJbST!bc4Te-du@Cg2Y_NzieSMYAWXk;=p&pb5ZxFiU*7bVymfRxcWKRM`M=!Tr)gX
zS~sjf>Pb|n$aK8pT>)eZf@GaLR_Wd@!WtC48dz2*Nu1|ytkL<D5#YIeV$bJcJUh+-
zH$6hiVctFUneb2f;%}?P*1~JjW$(i&WB{QpF5Bl1IX+HDgC~CV&x<FL6GhK={x3I^
zENy;w!|tR$_jlCC5IyS&<~g3nU04F>Op7(vGeyJb%(@)LJrlxMe`-kC8cGc0BNaMJ
zm>%|#`90q)66*QNVjh&>YWG8;g;eCSc%$@BCiy22pMY}T*FApg29NFbai?JgX%=>a
zPf@5A6QAP%L+LFXS;JbLxW(Wxv;vZgVVb^Voke2&V>TH|Kg^&doomQ1N?tsOQ1-qb
z3XHH^lERiusKHq!YQF3O=nN+slSW%x!dPZ8sg*7h9n;n7w%WffcS7`*UdeCu-{epK
zi~QFACjS?ef5_hn{2m`$REoaP-F<$f#)|(<!l>}e{vv7F%i{wn)GD>(66xKa2U6j?
z$HBo9f1m4#Bop(I6Ct<#Ur!%MSAW}s?+Xis8o!wx50EF|x)5@FpN@q`_Fl=Euv60Y
zjET*3JN{kOqpthQeZmt#xgCswGfGB8@O6oD`*W#rM}~63L>vyhL_Qc7rmr^rZ_hd0
zP%J`%HencwRL3?9Ed=|eenbttDfw9yXd!OIne7dOpswn`>H&DQql9X;Ove1<H4GZu
zTKlk`?TCtwtmu`@Y%>LCQ&vOs2dgHrV4)AS1niX$srVpk+^HcgHrx4-JL|gAg+}*_
z70RX@k-NuV&gRU`zI$2d!p--0xT`)lo1<-y8oXGYMg~4NomYx&xBH}|`a&-=0xVfA
z9;aPt#G(32z)8LDgzh8ywU!fs)0F0nM*@xty>Tk^_c6oAP6pNceg%2Vt(HuLdS|y3
zAM+O80;VU2Q3Z}({5jE3LXrPg2E6~6B>z`a6s($p+@I6O2ux^j<6Lpkzdw%?15y$N
zuGpOgG)QikPExh6r$!(Ob6UfG$6+Q$=fxAO;l-1LMkQBvtgo?a2SeDk(+8R?y@?RJ
zk}+XAQ!MAkajR0h8FnM;#8Vz5?$i`?1aER^*yx^jeXU(YxADH7YsFO{7IA)_mQ7jp
zI{A(+(sJF+vuf~ihbxxnb$;D#Zs7BD+?%7{{J8RKcGc&2YhLez{zA=8Lz2$*kU{n5
z{fR3sXLXdatX1EkOLd8NI9JUgrB7teo-wCOZjEN2qf5EmAtcI-P_|Kc@u2dY%o(X@
zq91!1SY=wp1Wo`;L&SqsVB)Qt=5(#T4lki<6QRJ2Pbw*=iQ}lf0UU!-2@4ZRU=V;6
z!;ep(_%2`zjD4AcY|#@40!zFi<x=z<`}k|TDu9X8pS5<5e0FE=bG^35n*|x0N*hYN
zwHE_mg{0KcNmj1{EI}mcJYF+Z3*FW`!mXZn1$u;TBny7Kw_sewHjnF#2A-F*YgDYw
zrdP=?p0usX8jgxQ-(I8`yj(1|`869E=z6{+UDy)~T`jD9XR)7udEB>sz_p(fcJ5BV
z`cqCIZ0nfgSj~@8&UB)au<U73y)RtQG4gE5G>sTtQbnCJ?IrsZIDrT_BCvH&y@O4#
zRE^h;M(-L{A_f#dVq=N~{!^W(v`R_q#A<wj$o*LtQi1Lx*IPck5Y@o<??FZGKV$Qg
zpjXK2^|wg0<+5Y*Vc|icK+qh>R%CJ)))&B|!JXoku=6f3wPL82b0WTnv{dWq`1-qO
zMJp>L@yauIxk9?7cLb07Gq}Eip@2!J&hTia_xGWn)6F+?G*S_ljUiccmh2{%?NWD<
z$F=>P+17g?;{6`4R$rbsV?+oJOmbIW0MESKPL3M*K0HlZ8?;`GPXn|N@Lex8DR2IL
zGB>D$PNY|7^738rIJLz}<tT6ZJBdE~8kkS-gM29oXKTenSj}%}#_i>fs>OX9>gdvP
zcJX?n`DqAv3DL{pe!t1M%YIc7kAiNnA%ek4?YyH8T+z2aaF`tBT;d<&eS0gFEyJKx
z>Fa^yIUF~3rRXqWHY17qFMsLb+e~~kKDL<u5Um62mkh(@8oP0(CC0l~L6mTE7Q5<N
zrX+Gdoi{COaOD<E_AU5fnMG%|T68ogp|h-3SS<fm)48!(@b%bnW+CBsyzeT;9cgvE
zi}v?9J^qlR|MWOm-um<$dLZ(0fAaEJXC&N{<Ntj3>W|C8^3|t<UTeT9<L0wvKBxV`
zb*rA+j~O2nvliVCw+nNG8lTh5Q|x`rRyH$eShQ3)9>&RQFT7^t>;-I$El-rwh~cOg
zya|vO9`aR-HVL)n>jl-J={}|-@#2YpQ(CvxazdY!x<C_tj~3DvXG1yBx+oh5=-)x&
z<dyt(|4sgkzsPU(Z}Nu#zhwFM?}O!sLO^gF@zl~evHDQ<y;F4!6cF<Vb#qbN)Z2&`
z=KfD*`DQ~@CQ|Rsl^e92Io1pz{6AnCI&ka+>?bY6pQPwwrY&-R%hQo+dhQmIsv+R~
zz4)^qM3Tv2)w3auOp;N%5#D`JC)DaX+9MR|P9p4gddtu|nknMDeuSK|+VuF`ORE30
z1K{Rrx^DI5pcioR`GNoQ#iIYqEg(J2mtN2_>{H#U-@_9i#?h-Bzq{)P($?Girs5p`
zvz6YQ*1Hk-9cDexyQS_O1L3BV-F{p6uVwy!+9TuzcFI=-ZTA)&om0?r*xN?u@QFhe
ziw=4C>n>uq_Jtk0vm`i*m$8rtbyR|}h`19l99V<I4?rg>3Eru^-dSS%GThh^L@1*W
z@zHbfh}_6p+Gl_wMW2E#RPOhJ8B1@KwhZeZV&#7l7<ANI1~XRF{B$+#^vDA*aeVB9
z0{tybC3fX5^<8eeHmQ7^lA3r3AXeQqle8`6Tsd|E_mgI{G2)f6^~PE~)nX36f(E=|
zYy?bwV&DtVvN_E!hp5q+bc5xiTy;oStGqYMKmuqai~fgO7c4oxfWgl8x_+Aj-WtNU
zx1iz|Aa|wAwmx4U*tfkL8;Cp~++UIU-{0Mjw((weUgfmDtltAJKHcV7^}X(%CG~d$
zPGX7pJ}jfNG(U~(UD&sJ{JGlE=WluF3om{6TC&*cf7e5N!TVtRxU@}Kz`QH+ygoun
zV#Q}DXH@qvv3My@dt%jRxw%|YKRz8bV!F)vsV#{U8ZAWWb{|n#nh+NzeuWbUpqRzE
zA}7=j@}ySQcRUhtpl=tHi`1PZ;>qeh0Px<@S0SpEx)JeqSe_!iBaA~t{nOz$4+gKj
zW<W`dR_+4@PZt3otQVC$;G4S5Hh*U4-f!75AXzJ8YfO>nH)_}wiedX6+l#n}myfH2
z8e^H9NxbUL=PA!shh(wYxswC__mM~yU{xnew(#?Sb$PSj-ctS`E=$|PwKr+Y!}v71
z@ZI6&XqjHi^|m>{z8zcxfy=#G7LmIhTvEULJ8x2dukELpRi7Qug?-z_esG;acFXDG
zpm~n(`qYR7i_MC&#nGg9ib#Vm5ak6-dK^Z_-zf{3@K}w^>f+FA2{cufHd}Fy?rGFr
zxVCFiKhmjW5bB8qlRlkA<iir7d_z#Adf>u!dr!s=xa-!z2D4v5`J+4k8$f&$h-%-f
zXt}ZRi-=GpU2x`Sek{i{rm=RAQgVhNA_J8G@IQWF72T_N?@mGT;<X=DAgO6WakGhD
zNfW1Rrl?x=*<l+j@Rh2aJdS{ld_TD2@qgnnHx^_y8UJy|K<ekR+`*+-I#+K3bkul`
zgljg}Dt$i~@cV3BB9}M2oiBBB;I4QbO(aF8thQXn+^l-tbPk^Qy4*bxdI8FLbqP;d
zv-@+Y`ztY%E>aYly`Fam&Cy9jY7ZK4>xey`!_Co3ysT#9uXJ{VueYYCi+e{sUAm_3
zpnFFT-TZAc0=V*pLe1+)$C|6W<%}L;U7BX%XXh5^C=-6R(bDj(86rT-x&=n7%#J@6
z0XZO->lYo!P=!L7xGt0e9-8YjQGdol@|#AG=ft)l#*->}H_k=^i2_8?dmEB@^Uoh~
z>W5yp7h8rN7_E-d-mHp%mIT07f@;cpc5GU?UismJh;nosW_4A`ZVL9xO}T>@-Z{#|
zAzx3py!O}N&12GA9X6J>CvnUDwkl~-%2pe#E=EunZ-i=hPQRMR91A&Z%x@NEi`?y>
zY3O_JO#`9X<Z*u`3sjVMfKv2ZZgK8+(k|??y^f+2c9^qyFYd=vMoIk6E(1(x+=+#s
zFP|w1-G!Rm7PGMx?F?%E{F)!+k<+iYIxNZWq!F3$Uy8D$B()N%C@6vd%@Thkw1M<W
ze#ieNf97B0xBNHxBb)vq|4-mnz+$NRoY2MvfnM!TIrSZetBj8#fUg5(<lRc&GVfC8
zy+$YAxi$66#{gu;cYw^oKE`YD+Nwc)fX2XYBtpp~N!%JnxKuxQgk`R#%GJh@e-rT5
z@XbH&UL#D|hLI)I5xpUy26U;XbW5l@&LoN&HxrMQ_{nU@@-x#>;!2T**p66I%ZJ~j
z?7w?|E(C0vN2RjcFO^Uy;Fe_G?Ka-U*z5i_S}YnC0FFl1S<Y53UX#vy?gqDf&=+(#
z%$Mj@6ms9Vj7u32^nbIbc8Pph9;)xNJ&&t!?ETzz+}Z0c=<PDN(y4eXSYdW>j7?a_
zqW>_pl%yzU(D(=ZAvq?y(qc}+`F=+3fZfOV0P?%6_fpDatABipx32O-7>=8wwI3FJ
zK0-v^1Al`YP^w^XW=G{Gt|drXqZWM|1d}yZNlZ)<A%U3TDQQD&RPxRe^mm<DRSBxV
zf^p&-ua1cw`5r;#A!7k-SOAAA6?bpN`%ZFl(vZT#L)R0^B#GOry*K|t0QlQZNhXc1
zP)*#jutr_zLIAa7m#cX=mu*=}aL)d)=7A)g!>gww+&NiZuf}S|>Cl8xukG`84{>qb
z;X;M)NkJC;??b*C+n2Z_`0UlQ!*O#URd}Axalpsq8Ho6<_09N>+OGJX_M2aqdwY#;
zDjw-RcX5w2&9R#7r7zqu^bBjWI}K2R-VGgcdCBw|Z5BU7)9-O}7VEW9dDqQ#xM4CK
zuJ9a2_NaZZw2<;mHBN&-3nANmL?|1Jv+$2{0XRP+=~8M+_nr4GoE{q7p7Y3fg9SZ>
zL)v@5JJ6W&w@#9B!rjD^kn|#Z3{)1k6v{SEuyF98lnOLB@f^wP&sf}+<$XXwzeKEl
z@I69K`F%cUU&AG2B%V0&lkt#Un$i+^>F1jzv?tjn^wMLVqRp|h7O82pbXF6Oqf9mq
z9EHp#oBfVnGiDtD_iZfXSsU#}zrhHa96y_juhTkiWy`<40m#kRuO5so*m|qmFW2t>
zGFP`-INQZq#3}c-dfp^7XE6{l0p|RGJ4W@{tri}?C74|mr!Dwy{cr<WAGUmW>q?wC
zUEqEZ!R!cY+rdHK{Kl!0a(u24Z&Gs<;@7IMIV2H^*eMFdE#9W=E*f6n*dIgMX*pd;
zFx>ldl(+Rmd15J`0G?y%?4KX}8<H2k+)eS}eLFMtrY88_92m^<JJkc0ZHB%|u|Jl=
zr}8xm4uTO_<9+Al@ZaWWz`#TQ#0vHg8b~Z+&krD=$l_yQ{YA?@X-8+1p*v4qY<sf7
z3_5HHts~@ZTs#f;l~N=TH0lXk-~&$nq_TQTA2n}J;*_R0*bHZGAN&!z?h2eH#4TH?
z@fiNoZJpy}F`h1utYM$ow%^~tFgxnyauh`!qo`GX4sICi8P?^r+HW>WFhj-TDc$)Q
z%8yFC*!c3Zilp;g;BxTi@pwsziJX4%>7|pRtlOm3Hw2&>$W1_hB?@W3YLW8%TmLTN
zv28<E#@1c2GO_SPEygjJ3|$qZW5ZmQ_bzDj1#g=H?{FqTAi{%OymSe1zsIkDagqcB
zPqTULfFG7zYyZm|?S+cc+FdjB+B>mG)L;hgHA7x_q<o5@JobVw1XL<T-Zmj^Oa?j1
zBpI^<>N9NL8@>HP{XQ?lY1|Oc`<<qib<$jt=m|J1)c~ffh<rXy-9zpf)qY%C%CEgh
zQPiq1UdZb$VA1E=^iOZKn4St|pkdKG8>5U-$ZRn^912F4%izg#8;K1^zbQ{!xOkS%
z3XQhrSPK}??~D*YAF`Vim|p4DUSg(iqNmF5>dc(4p{MOEaqyS?2yFj@+Gzu0#$zL9
zr&J}<K;Shc*DZpnp8U#OwzGhY<iowUZ|p?z*6T~g=T*7$n|Mr^-`#3{<i#rq45z`j
zL!kSndizR#*Z(Ge)?ehe_&53E?EfMEDDXER$k6iwI@yxqe1$FE|C&HBa01u_P-|>Z
zlrx0yO}g$l!hLd_04gk6NOilFplXO2y$SozfC<UMdu?ZN6&bnt>!3Vtx}>aX?JL^D
zx$@?R*!@<@1yrBh!3syA4+@8aTKEz)!h(5j*G~yMf~;3@Y?C{)Lz-VWuh)aW8boDt
z+fOAnP|}Px*iQ_Bu?hfBPIyoKIHr8(LiA~};N|IBzf-0WZOD37;QQw~vwY&AyHX0B
zM0hS1hZt#l<8{gmiD%3JNC3uxn+U>EK32FyQB9FSp!H*k>+68%j@=R@>hFs09^?Su
z=~LNzkZT=zP{uQ>TJ=aC231Q?0j-ApL&?bKx5nRGo3Y753h5&I@Uj2)fs&#aaPYfa
z*M`LRX`Ca>CK<<pH4|Zm0io1ZEv`QoZeTcd!*T@0N<UYTA$qt}fzc{Od!D+<bu<v|
zNu~*{Xy4V~z>jhfooLx}xBeIqTjLA36@BWOl;gAL@RZnQ0XZs(2=SBi+T1T_tAa~H
zy~UjX=~th*t==j~SS_I9sV$p(e7^bCodv&DdoY>z`Q}H}*E87C?^TCJblt*d^HwTW
zDv`^&0W|MxP(QQ71Gs^J|8DownN<=YEHpXxZ9p<pfO1#)T!I6u11(Ai;iM6FdKpOt
z(#Bn&Z5Oba5#6BXNm=8Jn+oXBbjCaj#S%4>AR<B`86ZLlIin#$>QwI@t91;QLZ3*0
z2W&@7R=a&)gd&|Q)h|Rp%_Gdf`KvEg*>0rtH+G$D>29LdvQWA0N#56|fkw2d8@z?0
z(Npdxso$imMVq<fS#U9Xf;9z$W0h#GB%dZ7PgBvLNiBE`RS#MzwXYk?^B!X3N1%}w
zZ-y<GIhI$re$_~biyfpgHVM~KjU^XGD!515cv&WiDZA{1B+~#af#St;-6RaCD?$_^
z6=$RF$VkWv%7x!JmiVznb&6)Tf%pKy&5j1AU6H}wha>PUs(`CJC;M>PH536zPiTg8
z<odT59C003LDUbZPPF3+`$F(QD}^6ur3`mrDLBhfcrcQ`wTmK;_E3a@@9bBiO(Mrh
z`o{ND*@=U5w)@8&jcF(~HUY<garMzm$IP(oVxgMbh|N4xo&0FWwQq#LHN%l$Zu3Fz
zz%huy8>R9FZ(r&24LSBQT#75c=EN_5qtMp7BQNv1{qejaYZ=d8vu;}^&*||r?E9&W
zH8W3rM|`V8y(J0d&NrGorBf_v98f@x#mEwpisP$iAUIwzwJ*nVVr`b_H|u-PPK8O=
zuvYIKUfE(ziG!WsqKcKVxetlD``G1>X9Fy?WNMPfIumtN4@mV+I(G&$=8KUtRR|fD
zBr&ku`$Q;2RqUaMk>;hjl>Df|D>$Qb2#SO@08hzFv?FI4=vz>yG#l{K_wrPpHaH~G
zw+~bz^RyFtx970Vi!-q6<e9B=)W<8|tECJj>s1#wZP)B)Pd4_V*6wGkEn`2GUk)hz
z+9r;dS)j(L{W@xm5B#}UITl1&W)!)hvk3V~yo^<A#7-<NVxf#A7oeF=hT+P(fkda!
z3NjJ-lkk)dn5opy6qIrlp7d63ND24r$h!w34@@Uk&TJTtcK)E5=5x}6v7$_uIU)Tm
zA{2M~jhVdYq6{%!Sj2T`6P^WC#UiBFx_`%zOnj(oRjB2$+P(5tJQ_hF0hI`4CurJ>
zfwE*EOi~H!#{`X4)NqUO<Rey<c=~n-4X$KCisa|yZZnN^=cBVbCM=|)(%{lJFEp3d
zm!wRdYL0x@sU=7%QoqPcc^T<MXxVya<G)4AsPEZ|za1(%Ef9R)l=(`hM@nhGio=>e
ztIC#mSa;nl4MRWRI{4IVt3*hPl`z`^9jgIVBIV<~iyDeC%4G|>JUYyHKLS>wP2FYO
z*#5wP83XZ24QQ8(2D)E*yprGZzsaBd7x~TqP5u<hf5>lD2LYiKf#4VNnn=gNr>8V_
zm^ut+uGoB=#4?ZMr%>>~<!)^KfPqt(kzNQcWqRMdrpks7E>-1xlw;}GHiL+^*@W4N
zq;a2e73nyC;P3_c5oc$TCMV)fFycOOzud}|&#9Ku^$#0jm9VZOmb7KxlR-Gaz1BmM
z2~UQe$`%{HI4O>n6P#InI>K2{$HWntM7I!&4KJmQYsgr{(cma(Lp;{UOFnH%7d_sD
ziT9_nzqgffLWApAC6mH7cE-;?yx7Wn6X9I;jxoTLsU3Vv%E^z1gni8TV^vh8(I@7;
z=WV2mz$iI@E$rmaz8#51XJleOB0ee|U@cQ-?8!-!D1YqF9@pH({kSV)6+O%aml5Gi
z2=lTRA&S+#v-1n$^<5Fj9>5fwXJnxn>dnRQfV7eXfJChSoa!SOkV0s&7L766S`p_0
z=<t@EYw!HS=Yes1+&i*p2}xp<{PbH?me3BY?Iw$kiY{n0fkX?MCTKJ?IP_@1x-cIy
zEo<x*`gn4Fk*Wq2dt6>T1(agbr>g;0<S;9`z&yG+$Zy0BtT18+5^lbUN-`=GB!I3f
zS?qB5;GqMOS-Xmrf@zYgv}uhV#1oUonJ9J)a|zx@R7Idiy;BP=2$%_xI<Gvl$5jT(
zZDY*uI2PN-=43i?-sG$@KW3ujsGCxNF$sD;8r;`e`Dcv4d`Y*s@298)n2H9xFlZsp
z-&N@zQ3sSb!qj0uGz@HLXagk+3=vYc!&edi?^8)O2#l>*<RjO#EO}^f**UR_LgDYI
zgpFXV$7$c%85@wS1KJhMrD2pxyp@pxTGKeu9rA;C?}1Jqh9$g2<{=?>nY|ZWT&e8j
zDH0}~4O#1+)Ggv`|MnLsfVCj<j5`lfo;)K<eu|~5js@UQJ%mhc$Ldd%aOm;Ec8gDz
zy#YF}8!!iPwvHQ7rf#QZYX^>9au~^Q-^>ZAIj|vimrD2YE@N<%6kL-meeFlAae;`R
zpl=hbm9WNB6x_HkjQ!&tVeSbBZgFm`n(9$CMQB<Brnu8sNgrzBW~Ksf5k+5X09SxJ
zrD|QPQpH(_+=FX<6p>7h#k<wSq3vJ?SXF|2{~zpBIFbp#YRPshZ~-|fm^}E_T-MGV
z)ei1zzE73yy8f>fST8nz)2}!bn^)zyg^K8SW0uzsZ(97S5=n=WkJ#aIaW3CuyBT!H
z-xRJW{~$)`iKD7h{jr}KiJv8MM!<zJRsSRA@l2*>vy<cpB#@-^;U&Jk-MgmMZhMd>
zSSOu+>nqd62kBZz15poUcRbgH@D+0W8yOZuoweNvD$qQ}6n&PdnjX28`lvU$Xoy{}
znm7E@9@i2cdbsSp4vJKPbOK+>wp$|OR%h}I(*%$+FCs4T^2!KS<kIK3eu~_Gh^VV+
z%aC+n?Gg+z+B{y9&EXE~mL}{bvWdn=k$vU@c5c8sL1W@Yck+jyYWJk9e<ee-P$*W!
z*{qQ!24LdqFi8)MGLUN#yM%24^B`^m$O$P1f=%!aW>0v@{Y$sTbM)RD|6yqXyeJdn
zcQYZfrUVMLWbf#?NZ=(AZj{SE3gCsYVv1KgiDyBzq*3H_IZSR`r3Ynznt`{%utHb<
zeyllAAwZ?($9X7^pXPyyUZ%tFJ^~U75cxD(h)ic{ch#(t`6VLu6&2jz#xVw^apHLs
zA`wbT$FSadp$1GkFhoknvk=VpQ`SWXdcRP<O`DQwvNX9`HDdP%R6pxN7A1!R{CL9G
z48xLJ#>rJeJ_dXl)7ir8doLRcPM>`j0s40Kh7RgSGzZ&dKSg(!=%CJtlCm?zG?OEc
zewCtr+S}(5vp{!?&<3~u*zi`tl&0{tc*XAm*pTQ+x#R{*UgYtTq9xA)553axK(uCI
z8i1EBYLfOkVHpBv;1(?>lI1J;egB*MIe(Gg?BC?ioc)LV(dj_V?^5{o3y7S|qLyOh
z26@<|(>DHnlj}`SXx(Oh6Sq?&;8MI^HWW+-?1Y%fT#W8z<WS}~dYpM;>Oc^<BG0sM
z`*SZG=03aR_#JzJT*FWq@ta|=Qc>D2k)w5QE#226x`7Eqrm<#;)Ox76k)4Z<GzP@B
zIzb=>j{!Tpf|@XoU{q8u@-x$z#!8uY?OjKT{hd2?0igAG+GWig*7u@RAN9|Xd(90X
zrC%pPV@nc4LhR0%b&%vUab}kwL1@SJPkfn8^;#RecoxQHI6QJN>G?3dnBn<faC~>|
zah$W~MZ?z(9hA-Aqb&xKaHT^h>=x}#hTB8*_cu9w<b(&UpGQQzz-%y_dc|H&0rsIc
zys5FrCZUjo2FjrYViYNty43-`2yId*uJy8LJe`j|iq~$y3#QX1BAsBo{{l&cdlw{)
z)qv&zG(Ntp$>we_J7F=L)h*H_mc)F!ZvP-*;<R0_R29B$NcKoU^;6G=1ouudcUgam
zw9=iN13e;z7f1qgjMrbe)1g0@vt@TsZ%=tRt_165e3FBQj`q7Zn^2wn6rm%w!{CvG
zS8mvRnLNP!wcjX_BE$h8Krf)&%tXn==4qZm?S8%pae3YbkfJh^DW=Nq>w8vJFdkt4
zJe>voz)es4&Voxu4!}vaUOsRXUz?~KXKgy?OPuK#mE=wgi{HRZ{Tg*TD8P)%0+U|)
zp=XOjcwJtEAu`#+LM({#=iuH*-x09B7#wXw!!jkNa`U%Cq6thNF41m-*y8r8!kV>1
zyIffDju|8Rj?Y%plNMpGIS?>FxBxf99-4v{TP+gD?hwc6QGxVNLIXtWt~2Fu@nBZe
z#FB&*M6Vxex>EnqQui=`i6kQ}^_}mhkr2|fGaO1)sVfk`e7hs>qI*^8SF5$U02(j8
zS$DBs^w$Fe)cGd!Gd1hWjOCUz2ul4OsU3#{O08qzCFV0Clw+m3AgqjAb|Rh8&?dLg
z&Xno#dfkkoTHbM{d&;wXmzn|#ppp=H`+ztxHTAW;GHCIXJ4Z&vfQrA&-b&B`C#p}?
z$5ZUw%qmRMjTJ-KXu>{~za(mn*XQ<8YH((;p7B{G51aIN<i!tf8v7#g3auaSHeXkT
zj|c_mfvQk>hgR<7L`EZ&vbdvGj|hiF6e+D&aQ|G)ON&w4XZt}81rP0T^XWE()~8c+
zBT~SX&XpbZ3-ARHJ)C<Y4rp2or^GNO{AhZ31pe^B)T|+@K8ASZ4xgJhmFfUjW00He
z6-SxU8Ot%9(%)X2P1A5F&sQO9OkjlX8M0D@tdz>C-ExMpL9;O1*~>^EWk*cTC2k1d
zAt;;FaOZv=?ygVRPdFBQ%$psZ6Q82`fQm_9ajPQ>gePw(2<%W8zJ+0hI2<^JVO6g}
zDyayK+WZG<&$hD%i3sJ(dR2)RES-<I*harV(6q<L<<s^TAVwWr{G8g{)=l5cgOz?t
zj{2^#zkagpLfhNpkM9D1Y4wa@Px+Xz0el5Xp(Cq<-lYqXWv&7+K}1WWpP57ty@3fQ
z8-)m4q+@9ZlZlxYU9R%Z#`U4WbuMG)IqK*>179cV0pCfK5k>_Z2(W-;&XF8-L1c;)
zgvz(%0#bEmKe(OTZQEgFcn_#++B@krOY1rql-7w+C<@4Cmf>mC;Y?w9frH5&?QAG#
zRIQ)@1lE533EccQt6<Tf9$5p&odi`t6C4;Jt5V3(W{^_-=_tU<nge}r=7*$PPw7m3
z;BD*H{)~9RROpM5t#4zt6Uzs+<DLV^5QpiNeo1r2l-@9;O}zDL+H!SgfBmc`r&@6N
z`gs??0A+s6zI5DJHB#kAJ_%?*E&W6&J?pd`aqq=o(cl~eEZ%)TGZTUq6_+_crBm4k
z<~c!1KONr6_qY8Y_TDS5sU~XpMG=uMAc9n-L!|dEU8G705PFFqozT00NbiIWDoPJ6
zbm`JVlioX_2vP;4pRK;n?>*1CcrMP>ckzV_vS((mS+n+<|C&8}XU4VkvC?ny2mUwt
zKl~v-^xx#qiTsEBPY5x9LG8Q99Mc5)`XW+g5&(mxv>h+v4adWoN`eC)u5KCyX=xH@
z%jI;0F9VUuSrQx5O(6i2I+8>aXuHQ<s}B}#*CSk)S<gfR#Q6{`I@FKZmQ3R?WxOL8
z3aRnmc9AObrd;BL6>dHa3S{^U<Gv4(>RNe06=LnC{&Ow7gYa$&BabklO4NC-<GU;O
z*MC4pgI~(`PR|gu5?7zPGzVz-f$#zQ#C+uOKDL0-uCde4pxb~;ym%8{Q9q(<KmwSO
zo6}uRkU8Z5hhekt_u<o3s%4qvPi(;lqokJ?Odh}$i+e1{V|u5#0iO+-njaY4wweUE
zQr3&{29>uiwq%m-<~Gvb_kc<F0_^0Muk}3Wz#G^$nR9;iZXoKW54W7S!*VoMj;q%e
zwR*`6p6^4xR1x02&GEgYiYdu4=o_M!FYaL9LlZlAmK8q=7XAxo-Mniaucda)|1B_k
z@{W(^n=%^Le&)_2%}2T7u=d~eBY=7B+*c~4#Lhi&Q5*gWPTUwuW@Lzr<ni-2l&rfm
z_ZX=^0#hu{gV$fhza9zDWYSiVRFnD+m<)1uE-wl!BV8SV6V)c*W{w@~9Bt$?M(W4l
z1T|`FGp!ROh=LvNPFw3NyERd(nFwP5t`$y$|288z9F=^IW_ilLEIlp<%%%6-3W?D1
zDTg>}7>#(YXcS-=0fT_s>;k0nI|j@yKvbARZVEV=V`H|9dYxnX9TM2i)YIU<6XMAf
z@|V&38oi{=xnjzl*}X|R*wN5$U-l(r!T#sGZqMs{AR5tbxC3@?u~CWn+4Lq3_;rY6
zJR$Hh(%S9FF1;O#I-fuXGRViCwWsvo^nkG+HoS|BPq1sv;v&e*u(i$9LC#R!wQHO4
z<#a&wzS^ECcg*9sR~!61^jbG4(PdG>cbHjpq#NeW9*!y12{>U1M!s&pJN-i2vw}Hb
z*s*mHw6qdiD}sTI8AoP4rCazYny_SAI@9%6V9yWRd;HW++;W&EEY4}q!OvgnPt`gv
zkr3Vu^$4r%?BFI}P6COSE}3%A)h;Y<+UXLRAMT%~caH-XQmjLbvoZS;%4XIWl<N>I
zc8l<CEJ&E*UM?;+X>z0DJyu(?lO{)Ff<VBwr2Gp-Rl@7ReYhM-`=!*L<VnEO?^J*W
zfno<nn4ub21ib+bmOn%RKiKZmi}>t_CH=r8NLF$oDpHt&uu(RPrIVd9S|>n?eJhCY
z?oo?@jM}>DIF}e{R=AbJ;T^!h<j&j_r7Ss)wJvvPULee6N@~GznfjClkL81J4Tflj
zsLK{smojNXsrPO-;^hM!=|EcRfpX!`MMIegE~_AO2ZD`lO~8+%6Ni6xgZRj~cNc2G
z1G&HqsQ2v(uaVkL33g`emc-hnbimw0j~j908jU($$}la^B<n0i0{2_N-EP$Q*nuyj
zstwO2VO+?WG}Atl+9S`EL!~QV$cXV#qktlWDmzE4N!!Lyzcmer3nW#|gI+`r{E)*V
zOYVjPZKlEjVq-53z>bD(i=46hb?HF7k+!2xU?q$Ue3vd3(_Xq``Z&pkx&OPJN3#Pl
z#GrHSnhc^*1Kb*}+5mWFc(Y{wzKTS|XFtZ^i*v|le`~wu&FDMA0*Kq{`UgKqqDOlP
zbbq)96FULWh{NRvf7p@>s_cJ1TqM|kq6@UbNgAM@Ih$wb{mia7E$tH{qRfU5!GX)L
zfsT~ti~P|fkXD7fIk)@n&e-j@AQEXv)|&k9_q~l?hUU=AQUj0JIRW6z;olM<b$i!R
zor%LeKi&MyBmm|dtjf{h@VJ%9R0Jg3tN+O6ORg&g`HMR4m42X;F+E)+drRv6{Q5~V
ziw@6leI30U{)5sjQ(=wm)cy4_J)MHIul50vW-vU?@1{=H;?CU0kd>(q({9hRJg|S0
zpJMtySO0PSO@6dIK>q*F>OTcizgPcJbo;ydkM!(+uKttrCw^G`JAM>M{S!YRz`LQq
zeeWCE_y9&ygRo%v=L<Gp`TdwA1zeTyP>Emyox@g?0>2h7>bu&oSybKaF24QJ@t5^H
z$>y3;GpSF^+c7xrSwTObTUJf)s;(H~`L5iK!XpP9wfAM=0b7TsD1$`@*@{G%=)*=r
z!)btQKPbu`XJ*Q;8#E=;cMWL_Ig9B6ka0+let6A;jExF>czfaF@n;-N?A2G=yDFyq
z<kYeYSyc`nn;)gUBTD`Te?ka!n-n*0>JNo7&&3lT?`>(A15X2*Wi3Bu0P}EsJlL{a
z7a~MU;=*(IST*NRkfF>&L%b9qpr?H}=<r#5kd+e!G7YkznrY_T1uj-mU5T-N7m-{^
zaGs?HzOOUhpH!QD8{O<jRvOzM;yX$Pr>ilYxE-*gwQs$gs~4Ubw9xB&B#XOYq~W<t
z{<{-<aC1NXblkSpza~Nx(Pwq}v$l)9h2|#@(?<ITFENbg7#ArYpO6OHE~5ayq0@WF
zBKd6l;Lal!r>Yre(^d?vRmej?4E!!v{5QU&UN3y@s7*VEmS!_NIsk~kE&wT7lEp^0
zOcp5Xj%zVt3J=-bF0@c}+_6SK9!KF<QfF6d$|gK)V668hcp0OqUo>E+xNpO=DEE%y
zhC`T0)VDK|{tA)@vcI-4p9M=F5e(nK5CT9p_bf|$HC$KWmA?EN#L9ZFpzlE?&PQO7
zP=^(Q%VICRt%~D^Uz`<=vTO{Zn*6Y2I(Hl5d-ir2Btz2G{me0*hd})o6`Y5ZI_irw
zkygoSX>!luh=#9-@#69=ebp<;2SCqSGQA{tc-nR!uPv2?;JYo8aNd1(rS?gU&5P{k
zPk+JRXRq;LV_<x^wa4A~l!=jleUj?QtvagBVXu&-;I@ZKr;oqYiqYc)#O&p=4ZkN)
zXFN_nQ@D5ftusW&v=&!&NG@hQT_aF7&?{8Xp>6xwYG8ib+w>7oYOB^mte=e43%{7i
zMUGWum?RydlPgrG0w&MzQ(w9@f0eQ<)F|2~B~&%-mmhgw8_s1BwH0N;xPa%LF2OeD
z*V7cytj%$%(f#C<)wkf7Ovh%YP9cw2e9B3&lWdtAD$J+La6y@#90!71VWj2b|K8O5
zcHnw}_1PZr8*;_9+p_aH9WOGC@01`8?!M1B>Q98?8Q%a46{wxNE7{RXZhScS@T;}H
z|7C%bBSAHc>a+vgu*nqO+cp`W`T7wkKw~w>pOPY&;296s7RyZ9lp%9}gpnfrt|-@1
z&Icj7rW=3nt~iw5^M!pRcnMR@xUH^FD0)dRsMGd&2m5bj;&3*PN={lE95-ieI7wiI
zk=I32w=>yzr=pDTLa0;{a&JkvS24?PCzan}W;aOH(e!;pnifOU-ryr$8G*f9BHBnw
z{;J&}SSKv6DvA4Cn>s{+fHvuK`BQfqx9d6%`t;Rcp&+W*b#vc|+XOvR)lQ-7cY*gZ
zD{4O+wbO9(61-2k|6z3c!0b7{p-+eti`w46BZc;$a?Gy-HeZ*O{%XiBa2<3(wSVwR
z7B}YgeS<LBA*PwVqPLpj(+Vx4sqcu~?sP6Crj?h&xePTP?A;ev$E#ccM-Fzb>&SFw
z&60B@4jXc^<C$FIM08rcqjGa2e~kUzyx`Nvack2DyWU;+%<pVbqTaTKw|0xHnW-tF
z7X!Z}p57V>n$g{k7P24y5HTy172dm^8QtKj)7+kpcaULf)Am-VeL42q8^p2w`5+fY
z9rFtzahk(Xi%}xK>m0~Zk5O_$!%zrnpQpYDU)=97wj%&MrAD5mifRtyB1UHZZrJ~P
z>Ylz3Am<B>3MPg#xgGzL3jBA%ooh<FV@|BtZm+3J^#97pZw0+IrP#no92>{{-{e-d
zdpwCqt~l}F&!x2goBTU|DEv41Km8%U`M=3ua`X@RIjk@+zJ)`&H+^v;kgYXO3Hz0M
zn#*ULCH4Qe7L4>aPtum+F&T*h3T>w-#vqxPA>Tf6lS{7)|8F5{dSG%BcsBwl5O%kX
z`}1XhkH^dy7#4Etm!bV*%M+b96-<oZWb9&B)24#Mt@^WXZi2sdvgxviv$Q&mL$dP+
z74Ky3s(Tk-xcYbfZn<aBRc$9TMPEaqm~Yhjht^y@$6SZsmSUbzYni%Z5oEl`s{6?W
zvZVPGk+*yQZ${bFoln#1^UJ{;i1l_sJV@wjr1+CtKwkE%E4K=qu3{oUTDeSnW^jwb
zt9y5W4Ds>r{y@gT<QR>lO8vw6%G;A>K@OupPAi3X#iRDGrD}8IOM>g<T0&<SeFNs?
zW~K38WP$8dOFR%y-P03_u3vOgtU5Wz6|H2#;sZB#fV_RnYH#W*V_;Lfa|)gXhR4b7
zE1!FUS;e{w#enQLIJ)fe8+$<GuC@!fa(9oqQE=-U$QtgPoP~s2B5*$U8KLBZ4AZ&s
zT@y{AGX{OTs)!#~`;{KrKvR|;+0l>z+eUF71yWfQG*dSfoBJ%fhy1QKyM09MT2Ep4
zN!PYXmqR+V9<qNG?<i!QtaXY5WNVp~5;sMz#G1`@frXG2kGAxSI@&H)Tr%D>fbt#4
zfD(B!$(?3xip1A$kC)lOCt4mpW!f=KwVk1YLKVoAFFHVxRC<H?my8r1;|<Sma+?h!
zuRM639-fUkj*CRT;Bc-4N^q-E+MeACCk~+iR#1*WB;}2sby^2dzRaik!7p(euxk|x
zxtSTW>2uY4r4kkVKIaSf46Sm-3A^_O!}o*D(}Ka+D(T-fVNv}UW};Xu3V4)}^-^3T
z0a{V#cC+*RKuEE9(#RGl(OOyD-|2k7m2l~CJZO=h(h_>ObNXV}-^@*N!lZk7x*+4b
ze|Q8Y1yEEYYW=Zv&_NUA{b67ZUh&J)b;pp7)kUKL<Yh3tUT-F5UCE#8757(J@<m(E
z#BOHblxNbr%@?Oy)a}1wzh^04SnM=~547t|59CJ;aw$|_w-h&1a|v4fcr4X(aOmeM
znSXOL+Y+;4^E(XmBY%AQiPI{ldn2l@4IICbfrFfX8k|#`!iv2Tyzzj`Xex-<$$dn}
zgZ0O7$Janot6dM$^GxfU-*m;s=~49YSOyRjF)BZUJyO<&tEZKk?14jWpNF-d0^pJl
zQ<G)_==9l+vwxq7k23#6!*bVL{KL%q97EM6liwwak(&IWTStLBWxM)g4>cWsU*Y~5
zO{SB@&+0f`HD653OXIzNyW1PbCtVFc_1h>W;(q}b2%}4>&^LgjT_q}@ST;owNHD#$
z%$?fm)CfC>74Ln0#le15So_=Ieg%#PZ)W8a-cOiV5<FRut55c3`7KXM+azXUD{6st
z%VdqK{}p=72S~*be^#Hc$oj}IH}-*oerSG0dAj!&p!^%f-jz;;D#=`;hYA`^kyBfW
zodd)`@l+Kw#Lj(X)Al^>W5E}?nfmes?~lLBOO;H7tv`;*clc_x!4Ez;OtJi(x)lfI
zIi(-sIZxS243#pd9TthK)-8<&1hu-NkOdPKl{8sHUW9Ryk)D<W4o6}PeGRnASip&C
z8bxa^lBbL7L$S<5OthNwToq#d8%A|}zfHl%5(yJX&Nw)nPgUy`ZVp@LemJok9QpJZ
z2GogB2+d73L1A0$Hihp_Qp_>F;BYYaylLz?aUM%Kx&fGrv7~4d?K{_@#zp8Kv*7i!
z%)&FP8*eB>7k}?4qRq{<8R&ph!ckq`mb>9VX$*DEw8$<<_G`PEBd-T#l53UEVq4ZN
z_|H>#>QGu?Ql$&>*X<s3TiJhhgMabg<p2B(xN}%A`#1S3^Zy|~B@lqOQ+)4qgIR7u
zj^V7jnzg^(O{MyU0Flr-<x7)uDV-9Z%Ll*J`akN^)h%^v;Rz`V0WQ?R(!~`9HM9To
z)zRFB0GEgRG56y?-^9haw7s05Tzcx}Hc$&!E-g26*WbrV_GVU4F5TCbuGWuv`1!cG
zo<m<-S-U>w6Bgi-b+mJYX*ro$K)K|g?yoJNiZC-TE>$yESEvCX7x*&*o?yRrb<u#r
zWF76D937wzu8)PelpI{4FegVlGgs*2S7vrDP%eenc0dxB!tW$GsD+~?luHHbVD-CB
zL0)biNl60Se^mF(+{yAVCF`6CJ<Uv%dGi(nNA)xLEj;-zVN>^|<q&UJA8KD}qjWm%
zdX{YJ)aQ^tEnsE89Yj`-YkrF@;xTTHE8E9VN|_#!4P};uoklHpE35jJ4U^Pq4=eTT
ztgOQr=x<N`zn}l#7N8}0s{0Xk42d3OQwWBPv+J_b{S@T|;P;-MId>sVH`?C|6=X88
z7oFXjecbXi^Khg9G=$I<QE=35d+@1{;@d3sI}(Gm=@(E5yr<b$z%~PT_!tpyzx)Ut
zFm&6Ldz7-aRK|y0Tc)L8VyUA`InW(`p8nMo!Ue4v`H_t^5q<URi_b#}jHf96CYznp
z*Jd+4A#ZE_Pxls7Nq@@eCQ5N~{o>G9=c7>DXzvGm_f)o)LZzCUv$5{J;Sk{Ta=)g1
zMDru<#;*1|rR1U+R0;!xxrARRVPcfX<oFpOP<E{5ET*70P1K6Q5Pml2#Z}BI@*d$v
z+VDlp;x_2wmfj-_sOG!N9-i9n_IQ&}ArI$aYQzq<DHP+uYe9#|)*V`T%bP|jBZCNx
zzop4!$W<(E2$bTQ)(2s`a(I7Jz0AG)#nwN-Bf>7-vp|^r<w&|W@LO?AHM54;p`2<<
zp$nWloPqEw3<UlgY99OMe)n(BnbHD`5u-fqD1Qv_-DmHfH60LgG?Z^_Hbm1b=>Lyy
zI0?JgebQ9ZNLx91#rAi91#kzREDCSZKa6K07Zr)R^;d(J>`{_SA0qA%N}7z<_xv@)
z<L7<##Mr8GB>Gb#YucNCmAaqPPxG44J1kOyp-=3A_}|9L6&#$r#1`o2t(cC^3a161
zV3zY@+;%lAb^DnURxLrT&w%~68VB>c)^ts*j25n$m_q+!5@V9=Ay*CQptn|{aTWLe
zo|~zCK9w;XDU&>|)r|Gm{QJY6g~8YH=128K!F_*qS;`q_#y)1~U9f$i%lX$3zsLNl
z|4shfKjb(4H~H%g{vp4DAQ1IJIW?_x#Z<dKP~<ke`C~Q=)ukdoLX=`)R45#|{I{|<
zj80ikG-DL_=yZm8|5}3ew$NuWD_R}i_Zr{+C+Xg8zf)0bTBx>n-}pp9{2(ERZ7}4x
zGJ)FH?ivex_l@d@_r#=r-6H1&KLuMf+ysox6l)6MkmEvW7P?HwK=>_Fl1<yxB$uj7
z^=df9q4*G?ou6v#ifBFHBBmn}Mk;BdJ(Mdi^GU!Hw-ERkk$B>LiXAJPB@0z|5eQ7c
zL+@HS+(+gL#u%<BxwN80fz!(K&$)tX#=5c}8dqWeEo4B_LgJdMFp<3?9sECq7*2Gg
zwQQgc@>d+ULEC_rwZ3aL<x#a^7GDS-RqA*HcLREhscZ^EQ1+P0dPz(sn&tK%VQ)qX
zo7BD~%qVStXiznU(g2+&=|!4)qXbbzsJxDV5bobnnvdc+3Z4`7&=z}HKl-Emv)8VI
z?CO~`p=IA@*~^iHKtFo%1kEBX<=ydp29kmGw~$hhdMMWMCULxORgBqRU0Id#U3o;j
zyNCPSYViI_Ct(~Scl{K4nVnN%_CGo-8NZJ*Sv#oeG6Wpxw{W%3!(eG1Z&Vxj9CG)M
z@K&4-wFf_Qy8C0sC;0u#VcgBWnlD~NYsF|W2r!9MsPxR1oA<HgKfJ5M!Bj84`f;lo
zW@p|x_BFW(Mc9uC>V}u4YF2M5ft3rBD9R*;Fyud|XuddJRZZ2N_=Guk8%GIVOm?*n
zVqwZu={9v2Wh{^{8?LpUwgiQe*p6*GUG<RX`&L-W&zvC4%|bl#uIlY}$AswW4|3k+
zCrw_nkUlT+*)_6|f*`%EmRt1{X6Te9{SKN-kBgJei@rh8rk!7mLK}Z>soT1ff&IAc
z$5&#rspfKx(VCc}uhFI<=_L-Ho8#)_H)%C3o4BE)6I@wWC#$vDx(&$Y(tDAnuq@@!
zCP^zV$jiaZtJk3BjI$XjZ^1%M1q*6tos44|k=F}{10hmb`=tYY8>;@7=g9(nw)pK5
zB$8G)C;b+=H5-lva9K72@7Q0a%Qa8kJ?rgExR2tmIf`tyg;@leR!iu9Jk6*-`E((s
z!?jFK118kA^B+nw;kDy*_C)_|v)5E^Y;o1ES1EA`RX6^U=v){KlJZ|czEfIo&*;l`
zKg#I)k*#wwBVtizU9if<m$%-j?pHBfn(NN#S+D*{Znc?9Zp$s{YL+if%(Xf?92{dS
zYS~q0F2=)mlghp1O5hjPAsEXc{=9?4SgbN&w1rF5V-eN6A=%PD*drfUk_nS<Z)s_&
z(i5p~w=l6^PIpi@xzvn>82jaR3p82n`m=xat5mFU_K=k>m^h}h%YkgS5~;hrIId3Z
z3m7^I=8jZ_^9#f{gVn747U%3WL9b3Yy_%JwLb7=L6bG0adQ%JfO%YPkDJ9f)C%<@`
zvlT77$M8ra;jW7)_>d1&q?>%mS#YqfH0B)Ir)mjv3BTQYCAqqDkNUdGqsaS>VA9_8
zf<iN+%`}M47JNx27Uk8xY80uL0P>B4Z_0f=wXvbDL{M8_FMY+t9Z0VJo;Kk?px))0
z{YC$A(x*N;gvnT%^Ee9nC18+}QaC;;#N)l@gVb5DgXk-=@n9|`&(Sr`A{Q+9REp=(
z+Z*HUc#}I%<C|<;8FWR9#`g@;*}iFr<r#YWK0_<72Mjnd7-FqVFH@r4hyTnH2~+|D
zuM*qF!rF6(zQdOkoCa7l8OWKY&JE{-zH&lDJO@K_tVG^UMwNm!W^_QIkd`k-+*LA!
z0dvKfBh?`Y!{rGnti(%&8gYZkb<`o_LKTF6azB30o9sm95{kx)!C5FIwj>%E6<ya8
zfquia%GO@L^p8>R<@b|iUtRi5{+Itv{=7frH~BaDTZsN4f5ip{Mh)?q#eAv0$T#;d
z`+fAGJzvBQZ&Hn_U@9A17mP9>Mwgc+WL$W9BJ0Qy8QG_2a)S8knqg&(P{(uCS4*5O
z?%S7#%}Cg$MYw^$8+hr@UoT7};H06Y&JGvo;XP3?QK&Zh!04yEGSj7O#vJY(67~aU
zD<P2PBFD@D3#fMLKx-Ubpf6>@AXV1oh}L3>h^<(QZz?Zw^<=td-1w|U9k~(TIGIw0
z@J%ODguC>9&(HPhFNYbv*BO+|lO-)0)<rXV{-DF<ifR&qIOvP)o($mTZ+|v2t+zsd
zNo3SH6+$*kDZ2kko<s#kPM~U+17E6fz{}1AFUY?#UL4I$E1Kw^EgpJob1d5EKe2oZ
z&lq&O9Dg+J8ZX<X<D<TEQA44)OZ3G8efLJ^;*0Ru5C^C`I_|1QIG&+QskCUh3iwGD
zeWfi^nD6>?=89+UTeNe+6p|-SQs8|>QTAS_HW$~b*jr#uKEsdiP1R3E)$E?)7&Xfa
z#36{EkRzyF5>e)Gao%(6xpLTtW8Cqch>FUxF^jcISpB1-<q|t~()q>0^U}km`9slW
z<l#Wk={615mNng8iQz_zgTT_7C3=aZoAo&NP{g(V2(0F9AW^zm>dvWGKldCv9U+`(
zsYbDmgnc(W-V`jRRi@jidm$0A$r3J!ggJf0^w=S$%A}&K?zRPCiz3|0u*k<=MwNEi
zDX!?vFTMr|>8(FEJ#w_VX{du^4m7)8GM-f%bzmQPA~M%{PLLcni&YguB8LKWw1S~$
zdkXqzt~d5Iob(qE0)n*)xU8R%#Hza&L+&Qzaz%q$s-ht_2TW*KzK~Y;RW4tC3iZ)A
zBQt!*afgnQi}GG5oHS4P=vpt}owZZvbI-YtT#@$MsW)~>@b}K^$xX|$1V?@g5Rq45
zeU1aU1P^kyA0t!Lv7|xRK6~FDq!z&Y<`kI|;^?>05kc|az=RT8V-JqLYGDP7sjYab
zb~~q9qCLr_V&|=tB~A@`v_Rc+8~gVymDW*2n8)|0yAf|w;j*=?Lq`Yn*66jAdGFqL
zQpEgp_UPhFy@r&b2h&%Ky`wadfvt=n59h101=X)t^NvrrN~rnz>!t9;==b^@jP|z1
zzH?GO0fpZEGD^omzys1vTQ~1^l$QOd_Z&2NF<L)`RP5n6Efj7);PDhwK_0q%ahRcb
zRrj8MN*08Dw;oBqdk3k|D_|~U^y$t^9w2Em5t#}v_S-44cql}Q^9~8K4oYm>ZFt65
zBZE?(^hhs|26G-|)HJw<5FBEH8$GSj%Ezt>qeCe;rA_uD&cJf@uxA$J#{H;5lRE1D
z!_hlA9}&LUm7ktTz1U$^O8wwGTOkdWR8+L;m;c&i=t#eZm{XZdy%{2r?NimY#pNWr
z1$tk6Y-oB5#Nxl=%`b)f`85OLa#zJlHd36mQ9%3zC+qbnKJxI2(s7o|*tIEKyb^|0
z+W?lA%O<96e|`qmb@JLbs6W|*V6N7}=Hv)uKQA6SwlE_a2e%T%J#h988pf}b;N}#T
zP?J|+&Ov&sM6Bc>T`*zPh)`ZlS-q)~a}1&Ah?7D6jum8;r2LQ+Lc4)Ix1Edw61(wT
ze4wH|X1v-cKgI}})KD{95(rJNn^!Q_udnVBDc<C7i;DBGRqGwFMSr7ca>VloolYLb
zL`N+Xgq0(Ys711bs>E%qvk!T@Q4+psd)JP0o9<LzmS`A6$^zNRd^tFI*3}a-iVECz
zwaP_T!xZgJR)w4tKF_0uPvyFL$42RK%wyp1$9y+9_utKKOnF<NTcgjrxL{{0pDPW2
z=$2H-*OwTY>?t}X&7uTuzC9dne(3vTtM+jC+&3OgLQ!;j>KF&dB(!{cm@e-?x401v
z*Lurbf+X6V`uXFcOzLIFTaOKn>BjBHHygea)0Y*U*P&A7KUEhS|E%?_^WWsp|3iM`
zf0MtX{U7qnOJZPH8b9X>*l*99NBSiHLQuEAXJ@k=`XWMlgy{pFN#O8-*3KR1i<sp-
z&x&ssoA4Ld+G<<^wqUm!P^$>hR8FWjA8|x)jv5A{hi!yBN*>MX_IvV_RdlJGn~$Gh
zCWs1kp>$|oEUz&6*fz{P&(;%hBJ#kbo(Fy$Hd$3-e3<y8*}cJEJ)k-MNd27PI*DFF
zWInyxeZ*}bVo0)cvS}@_&=$&kdWH}WtE}nQxv9@FJ4kHq6Ku8{v)YE<eN=~_rsxWI
z`fQ@BP*!xD^_pKc-<?w2p5expfj7n$qS}UfWT4wmeX2n_)L3cRerqA+#(lT22RHMo
zvnP8`Au|QiSgkoo%k8jCh{H!^ffoD{iaoz1o<h}23Sx17l_XJfE+t{h=a)Y6npd|b
z;!4NUqWJ4%w3P5RN;Bm(e2*XYvHYeEVHjH$Q0+Lwl$$LBDeSA1!t+S0N6bZBJl-DI
zGtP#1e>zR=&%$B<B&4p904B`$6ZzSg-WdQRn<dPOAJqNzBD)oKk8rt&6Y2glEjLC-
zXy;<#;qYq{3xw|{(<KF1OJDR_IJ|82%W+g$DSDb`eCJWN)MjAjN38c~9FC)-!4sNK
zZwH5PXn(a^pi_xFZAABtsV<cAJ0eZUsngagU|tI$8)C+0(AlCRUPrrPPya+s@Pd$|
zY5R!iEsk!7CAMo~MZ<djm6`1N<pnJ}+k0b8ud}C|(s;nM3=e8Ps=!1t^2xz5XYW?K
z+Fcr)vkz&kxtAa7&x;REK@MGACx3FZ#}pjk$r$W=BIY9VKV4{foK(H~fbNi>4?NI2
z<7_^Nly%JNyk^55@(kWv6%>zIb(Hyv5;J-2cv?g-=9SGLbakuQe)3}>bsM!`Bt^s1
z**$~!BgW_oWX*tu1M+iYL-bk*Jj40v{)~5GtGJaR5sdhmJ4b1HQ03;guY2Pkw_o!o
z2grnWqr#Q9Y+|B5ohFB-x3I<C3Tj6kPft(ag+2YQK!n|GR2R10F5bjIlUxq>h=%SG
z+%sx?hoGMejRA!oi9FnKXcA0DupFezUt;#>>D33FV5vEjC;B|oCgeg~-tn8=7RBYj
z!RI%U8~0?<m6zBeSLiCx?6y~D9J@5yMITawX=QYiCBx=}xgOW7+U-Jzs^Gyl>%_0S
z_<ZMk*e&Y1)>>GVCm5~K`yL!&gq}-3p_Uwb`*RjMB%+yg22NL(iF;G6KEXiMffM4K
z4#dQ>yo^!g;5@!rPDl1HY8m1^yLj0U^OVGoG<DItool3vi9#V<_UP|Fy>n<%jvOpl
z1NipFDDBaLTh!xrEeW*)<`;IW1$&zUmh$G{1%E{>(VF!&yS9hfIuuu%PR%O=WRD7t
zaW|+Y9)M~`)34eEJXzeC4q8zhy$j=9(Ve#T>QNNbYrh&Q&*NGSf-&#ZIOR4Do(jnt
zoZUhWxErEw=<&wR;`U}!s$kSZ)N3;}w?DcqJtEeZp`~ClNADxL3~!xC$Y{HMrZG~Y
zZW=#t8TZQRWvLNclnw_PNv>Pfb@ZX3WGxU*_u0X#PoJdvZWt*cvSHM%Bi;!8$pd$w
zxyvw3VLTP@HJb8s5up+DPd8$rFxywrRWPd;+9H>nCovMy4B<AvUKKsO1)`%I6!9Px
zi!S<Z{Dnl+qDSTy+lEH4)!{b^&`mIl-jUb%yu>7}UYh8hgx0RzUb<X<pvAV1l+C{2
z<!5WnZ_FKRBVKV}TIq489ksUiN*@FyeB=#8Vi>a8XGG28^$CRU`X}qqvoF^k=5fxc
zdOWOtgO)``cp{4%)pl4Bne2NT6lC0;D6V~p2cu_(+>2?C&r32@+{%no4Do+)xmPbH
zkab)?lY8j(-Zp2?QQI?;w(|ob^TiLl@aK#xrJ@<x`JWKJf=$)1j9+Z4R>Po_cFZtQ
z&l2i0g~#ybW6GDa-Z0ZM8=K!_e*OO@f59K}8~vO7D35>0|1AjvLu9s;^Y+0S>86_c
z$24;^Tjo%wQ!=b{1}@hE=VE$VEq^&A{62Yy$)uq-*L_1PMjtdvdGM*H%ol~aVyn1$
zdc?qX!Cqe)Tn@9Q*OC6YUr!S6maDtsuN)=n1QEHU9deZ=rU}3Lxuv~6e;*FwF|e7{
zizFMPnz#?b-Z+pTAD!NDSn;_6Grxl~sP}@YEz4s1tW}eUH28GW8ecQss98U*#tbZn
ziP%i4u8U{}c1p<oAYwomzNgM4j7>V<_lnr*qH9Ps!h8>}%w8QdidV$1z~I~F&AI(z
zdw4Hofkb}n{GBzAEF!a`VrPNKQj@{jX0w);2Z~hQWL<4J5UyNt3dr#!wPD!7Z(C)?
z#lfHID@`pwtRJge)~l~WOfAa|*nzNVpR7bEw2;sp_U7(*SPtw}lFvHppKV$XzYbb{
zd%0^tP87vLKf`tEUyY!2nW_wXr<cap7j;(WiK;?}z=7?f>G~Xb_S&xZ{i0YU6MjX`
zf_(W6h=ZprumIsER^4Rtj7_7g>+g5cr@?BBr>}q5vOUsMMv`X_(h{v#9L7KS>YSza
z)6K++TnetoO6#R0oFk(-H44;IzpfP5%||rIznEZM3nM$(@IApeE3&P)Ny<kmvk>>K
z(BCA)BKUkd((TcZu?X$qWAe_rWFx*=6gjE0{HL$VU|bvt*$H4()mx!(zTJm=7#;Vw
zWt+{&TcT4RKi7Ib*GF3+*nx_!=M_K4I1te%t}>`6xcKB1yJKiV_~fLy9KADQ6s}Zn
z<eGqEkc1F_L!<jsxBg>~xHf{?H}u}qb8M5t_z~d{!;e>_F0%sm=>CtqWl^<L@KR`L
zYQ$B#kti>OK1asa44v1Zm+iQTw&8nSdpN!md$y<zTjMYVH^C(;kJt~Wv$gN3bfON%
z>L+U1@8p@IamP&bJmY*>B=-a4(8D`m#NlUnB`q8R^A_?+wWT`R%M}?mZ%`hR90=t?
z_;&Ti9Z8aV)Ee5>^2Q(dB)pj4ksxSDo5m_4Ud+>PtjBpF+le|Joes1wD7v2-0WY&m
z8QAJ5ex8SVQFP9tH<*v0_6OS?%RkvbZg8Gtwz2z4@wo7)v46e|Xzrd)^x7l3!O))h
z2bh_pD_Wz_hr04RW<T-yZU^Nw8+%}(-Wj30;V_GiU_g=HnIAp3jr8q|R*j-_6a6eB
z6sk=5RZj_ucEg-=h*NgQW<XMvGtU>0d(vTXKoD&7TdaSESCd`+`~+6H?gLBX4tB9X
zPyCdkJ9(z)I`wI1sGu&6N*l^~45Q2Y>?PXpyTg<3M3syRdS}?v$9cC-ob{$t_)ytO
zRa3sXYq;e|H8oyPB~zkTGhl{Yos;pX9Js%kPzQ4^M=~zB^u?O-F9kMkERcs8d9*@z
zG1Li16Z2}=hawjT)WSydup;&?+#>1xd%clpfuSihE7KBuEg0E(YyAOX=kd<VVyZ{-
z2Ba5k*Cn4Rus|kVF(6TGCQdTYO~$<)4eZ>Wr^O7_NBhbOW|Ii<M5BZI7YWiio5a<a
zoPR~RCl*g%WYC&EXo~g3?H?v0@d9BRn|H(8GL7k9mh&Ds6C26VQG8`~=5Y>@jS7TL
zB2=PWd0<|ekyq=_9cVZ(z!Nx#epT|5q6Wns<*xgELp5v&oEmL}q5C7T@{rrzRLMb&
zaNGNR4Gh%v?{H{enLMF{W-e}|!xbw**ZF?EoE;An%tm<7w?Nx>!0UN5J~W-ACrrh}
z)9><&jxE+o41@J34;wWNaly?IPW=n(Hu30h>7u9bgM-y{c=#G5s?%OBVW)gW->JDA
zW*hHPue$zFH)HEF5=M2xXT``SobjugwV4uKqLNuaYBq4@^4JkdpW)_8y!X=YB<U)?
zuB-b5YE*gnV<+NA3H5oH5iDy)H&zM})#PWGsSPe||4n|Q|0aLoAMzXioBZEE|B#>R
z6nG_s&Royy{=t3A%AE&~9nm~Hb?z@Ro%E=^Kw6;@e3B}4ANyMd{D-P+!Ohu56;1F$
z*VkH5mv;{^K--`5iw9ga_3QHx@ZiL$fpQ~zZ^H!?kDLwqJz1rrvVlmraHC*lF~ro%
zm7&=*W}=qECL5kXig{3k?Rx$dwMOsS@~vz9RS?`oiE;2<da>u@s4Dm>&RJ9O!<0t&
zEC~ol2-Mtt_#ws|-vnwfCJr*`=A_Vp6gr-DpjcFy)jO3iZU;c>4PU&d9*wY`E_}0q
zTtx|lzdbEurF{*uM>Fr#rAA(P#?>4~cf1@hVZEEI7$>UU>#q~-1q2$4n1UZ~e}=<B
zC8o7Ojv7h_GOKhT>|*}!W2<=;dqa>K7&<+g>Sjh??tJ-n*mXt|pplZ+UA8VxduUED
z*;XD!Y8AZjvYUYnvu}fEg?-dcnbHbfH#Ci<%d8xl6w8G$Oiqv4$Jy#F6-*>TP)}A}
z*jp@Id)v?Kw%csm?39Sdv9h@^T04I(xnvY8ZL(s&%WMxdmzGZEt9+6|y3tfx#ql~5
z4k|Mzzf?JX>SLleo!;kw)lv?2Zo?0p2ABGum3xrq(+Gc8(V8(x+dP9#4Y40Qv4^h2
zwYv#Cz)Y;+y%5jYTu_JzM7vP(Agd-%^q#FE3^Rl^b+7FTZeN-~SH>_}%0EOEmsld;
ztFv<wXSMBeCQA4QpitJc!q41;@-wKusXz|6GKnv>K1lafzFMS%=B%66^V=0lXBwmp
z30?a2WDV4yz`JzU<-7vSXj1JI9+FgR^s~$9(;-O}6&58^TQuxw8jGw}0Hl|;Y3f%*
zkx~U$XStnGLaBGF!*y|3c?Xx$3i>_jjqwOE*%A?GQGq{LU1LsD*(?)op>?6M@Lf%7
z22#I5w-ZEH-24bylKFft{?Mun0q0_TxX6wTZjIdOld}_Q28`df1N$Dze9?{~&!!HI
zpWAW(r9siDHnqO%3%$lQ;L_wlPGRZeX3G*4j;IC`0d9TJDO0oM*kL5?25rtQyOgd+
zR#0=ZxwbEVRjGX}iS!ME;3|<MA~Hvg{LDw+QUX$BA5fQgTOq-DynU6t3NBA<(E;Us
zG!``6k8fAsTh(a@%F`ElMt$#E*KI2dcRv(v8)ubr5oqByXU}ATpdPheqvH&ipMumg
zywo`Jk)J?aO*_jc#gw3cuX5fo3{lh>GOofM&EN3<Nb(nKm@7jng2|SNK;2r8@_pMN
z=={#E`=IVxKa2cr``5PU1vzQ7MHjS0#Z`&u{U^#)1e^ugM`Kq2SU9@y)9wy#`YZII
z9PZ7Y-Q=%>6(W$qUd3!1o$uD}S7AQDFTEgN-qlo9A4bcy;b}W+09r&GyLM{3AA*?)
zai%uL-i<vl$6BELtxf&cvK?5Zj!^usPE`B!k0l~wr}}t&V4f1~qwVctRbI_|to*vv
zI}!<|9f|>|dX>FHz&FbKe!T3b(v-92yO1#m62wxignbuu7rAI!ZT!`NN)i2n)y8lR
zOb9F(h<HU6Yx#DTS06I$z!c%6a=nl<0(aAl?Si|^wrKbcj7ocz-CW>8MoiNVmG%nF
z-oe?aG;)h<g%l*j-0XkZ%HzS;^~e;x+alaz)N$7UM9Px9>+r!l5ea7Iok5f!e%mG-
zYeA~GOQ+*>2k%GKtlR5!xcU=+^i2X`!TtAo^-p<{R<S3FcaL-Tr%*~<#9j-T9TTXI
zXMrAIX69XqN*KO#|8i`RGnurWSMB`XC_iY@lKf(^0(mSrOd`4Day&XT<!Ors9xcs%
zx3EHEROFZ{+mBx)RUeAGo3?<|=aeBLXfAh=u0ZdgeoGVU7NZgIQD7Wv)F0TN?_Y7K
zRK78j#$S!!SOwdE*hJ;GgP>OaoO}5x{d*P)l19;NR7#nG_)UJZ|0aLYAMzXgoBZR8
z|B&C98v_Hbg##MWCPc(}Oq0(9B&&*yBIdG<o_g21J_`Y^uT?{>mo6#sct<lMEu?;@
zFFoJFzT}dpArr6!?2uD88V~$XVFX1p1<XPrGM{C#+e%Uyy|+6WM6qePvakojl`%k(
zw?V}+QRL}E`3^)NA1k!B`BW>GDVn4emD7qUGF&|+>pT6jAO}p)q3|U*^r-df@0251
z%aQDEVY#z;E_K!0s%!CZkoRM#UOnTV9A1<A_GZG7^AeR@<c^3;Zt2;Hc=J{iQ(P4+
zH+l!=0>=ccX`O_OWX#C-aAJdedY*Az|H`t6y5In2O@iAi$qbm0ToSQAwj+<oeXj3=
zIRih#F$0i&W{!*Dt*GuoxElYvVd||Fe>^X9bR;2)zq>7~W$0?Bx+1u&VK;~H$B=ch
zV!Kx4=sQ1(njOxBAE*tvx~j;vSlpt(M=h(~w=QIwD|o9T*KoGp;2y-n3pt8keagnk
z=)wc(l1j!dEuqvyjix>ulhMzc4XC{0m~u9{tq<a|NKw{`E)F~H2-)fSrBcc3Zb-h$
zEJb7{{^?_2WBFl*OiB4ogO#_?^JNJAJy0aQEp%mPOTryTP(J(#ua`p&=pN{X<`W{b
zD%6@FczRJy7SqcVjfXV>a>#bo89>hUdP7UZBWUC%9u?I-wMExX1={P-LgK4=c}QAJ
zycnC`u!~KRL!i3f_(8f%a{T(DA7p$jp|-ahcvN1QHNHC;c0|`f8wtuC4|B<6>2>-b
zUU!I}yNvrJS093Q>KgmJZ$umBp5&8!6I8V_=@DX)%gw9kyBe}=8u}#Az=O{W3yt|L
z<5p(yi;Q==<X42ii3D=2^A8;LXHcJ}oPRj};T9b<rB7U4p!~LI1r_IcwvqHGLM7|I
zfZ`dWu$2BZ<f{XL%XAL9NBjqvQ~mS$01MLXL&vwz2zVKDPQ3#9oeR()XIGtfutRoz
z5Rq9*-|i=Xflc8|NnA5z`~#@)j_E->l(M4sn=*vTac~sci(}x^JgRp8sgC5Yr1@Sc
z6(BU^>Qg@rXgKSE)YB2`sgJi>mdu6rJav0-V~T~(Ot~cehsxPg-)dfb$2Orh(HDuI
zdS}VLHBikT>j3J$QCal<)$OvTwwhE8lcj%*o)<@gn^W(pc*QACpp3#8ERD4Y5O17!
z`rbNLfvnTv!F!c`KQyjokKk}jqKb@mZOO4w@h>HFa7kiz+ngOydm!+#xL32%xv|-z
z`NHxjOMXKv<8vjRe?HJSm+6$=s(CADI=rL;VCMGU#@UUZpjYam)Vv{zweZC!dzbr|
zBcyalaH*V~ZJO$i@ss#!n0!vjf<~0`463&yA!q=q!_ddzjCsL}ZBPD@!V2v(jn1LT
zWngbL0TW8fR)xm<u8fKL-W~v#sxeaaot@!F#+MpRpwJJI7LeqpG@6n~a1CJvW(JGU
zhzl@QFled3+jV*M+HiD!r*EgmFObR#y*-7_nf$F^3&L)ER*63>(9-?em~eWDuRwM1
z+SKTwW^xUzU&UQxR>wek2KDyRUrY5ZFrJ|&-L3!ugRFe=1DA@ST3}o-ThUiYq;S@c
z^51#7{hfWghSzP!a}5)&ZlVv;3idY}&wgJ850`K?&{kx~Ex8nKF#XBa+4`&0yoF&<
z7&Q50opa&k)y_d0yySd#iol#!f55Fe+8D$_94e@IQ<SUOR0ZFo|M~^O#ID?i8md^;
zy#Aa}0}C+c`c?}Jrijmz{o*&BW^;hi4{rRWtF*{g+~Gk6Jea7GszZD&fInxm8U{S0
z=?lST*8%3^@WM6@QZ@B}`vmyComZW$pG)Q<rd(6<etL6!7<_mlkNhEI1Por@mQ7>T
z>c$hY(Y5GL7geOs)8|zvifrQxd6)Q-R-Bop&1_YS{3d_Wf0MuX5BVYgCjV^WKjeRR
zgn<DrRYy!_eB_?WimZZ*Ay<)$vt8j;aMDwx@++fK3VqHLXa!e-SCRe8RRpzXuo3r&
zq3CB{Un}S~IDqM=uZCMxI9(IiKdtV--)3CdpdPn^;4(JCCQ!*BEl&BTSf_x`2sm$K
z7}UZAdvX#dH#vQiMFE^Fx$?>(5oq6ye*IiPI5STKSp?yI>0)?rhnG|X>Dc#_8W?qa
zkMM{J2ls1GH*u)HolfR%A}~v{LSvNm`Jp~xubjgB&5IN0Kqarhi<6j@J1sW|yJ}UI
znU2TEFSd3RC15osg#>2y2`+o+2v3ATMs5jp=3orSHymPm2yRa3v4ZLOQE9W-&}~Zm
zmIA{x7n<FRI1Bf+MlX$agyl&$<_XrZzXOBb*JSw#jL+E}f_G)b6Sr(I`$oVuw2Zg4
z`puXe(chDJ-|Iv^4b2Y+$vw&^PPIa><#x=o`p2GqLxI2Z=BP%QHIY_M&RJK(E*SbF
z<+Zt(9nr6VZboCH$ci#J^93dW=*Catdkm%_YI1qvgu3xxz7i^!9U-VwRpth-fV<9R
zMUcV#=Ruu`p_iSHxTLEfXPPISBickJ@wG7Aif~Tv3QeF%r7}D9l4FLyZ_>4VDtUca
z<&%$WpMXu}^0{#{0E^SExUU!a#h#6z+Q@w?2pJCZ4nN+Jv93PEIO+7)p!os_3!`X>
zZqBQEnz#7!6&fGJa-U695BfT&<10ooeCWyT$mX(FY4_85iljbO1%h{bu8HL;cP7uA
z<9cWx^NgXuOeUExkdQ@9w0IT7i{iqZ?=9gL2+IqUNR#%1odK&loFf{)@@^RR1EZvZ
z`+9ih8F%|o2Mu98?u9fmvu|IRB<cjeoOuS)WtbS13su5~ABlOTX7P4tgA9K7#f==9
zIu1nVi~|vZJfkT6Qnn3M5*8n{S$${*_lZrld3Eg3K<o@<`}{^FOICXj$?KM5!+)NH
zI>HxM(zzih=5qJ|57r8&f|PzUHo~cYWDB)r9a@&lPPpRgRJ8>5raRNlo9OaqqS3LY
zfV0Lz(Ufw$eVd+JTv1aS1tCf*AQPDfF%DpT6{AFPS!>qfx<GKvE~5kMoUv%pm$9Kq
zLs0k2$`9Fmwa8sTkwSzo=0$ZM5@t$&V2w0DDU2shW%k#=#4FmEz8JXogFNwgz9|7u
z;lV|}NDqnlg(Hdp&+;WLnM>%oO`63{rG3aUb}?=UGGH^@0Qq#+tj}b0FoFW|g=Z&&
zdI)-uyk6<NE?w_CAN`Dt5wTFDW}%6eWZP<vS(^>AM`Og_@Kes)_-Nl#!sKNWy?8@G
zT4LzV<E$JyloZM4fM1``W(qQ}kD`T0jwqU3N6G+Cn?<YP&TfVLA5}n;InAlDJy*SB
zpC7)I!vP89*4RE@UvpHUj)dclqQH1CIj6=QAHj81UcuR5?IZ4Cl;s!eUQBw~n{L|r
zzD`RJ_BpT>Mdnp%srG5-HyiZq6geI!tJ&CIa=cXqgdH|2z$n&7R&XoKFcpa03zLbw
zTu0hAjJ)JE@IH-45fu4ZB$?{hSq|n_&HN*%4H6%C4t9pJ+=IG^B0-xPxT;z;by}%Q
zzS|S#65W^+?ShPC-dPk_>ct(!FA<7lQsGhTFG@uG->_#pr+b>B!$&_InHi*c_pO(!
zI7pk3REIsK^vk|t=N&<zQ(k%;hjiH8)c<^*v<$96sqhOt=`x3h<c|QIl|1K1cb~2i
zAl(d2NmXzNdP_!n!%U--goKS=X`j`9?c-+OXL`wqF!UnTZx65phutYGoXpg<#B(Q8
zfTU4=jZ~=Yh~?Sr5MZ~hftN(=WQAu}sM(%J(pN$1nU+(GkgqFmTfG#^b1^fR_J*_5
z`Ri-&WNI=as81j1xA_HGP{3auU@7RO8Ea7w(6UN4l00^&Li0vHe`=rioBXN&O@725
z^6USb{L6~}kbig=81rW&&d-$O7&wZ)1hE|P%%Q+P=;|C~`DP(Lqm&Tf4HB*#vfZR&
zAy=OH*O3We$&{JrBm?(nUnKMk_!2XDsG7(Qmebj=JeVr16qcgE0T~c%t*-LDb&0;~
zJ)EeUHfEiW1}5}ZTbNFf@hZeLI{R$b2rp3(zhWQQsc-$%1-J%Mo3~w6bGy2aK%#ZL
z=Phvk@ls%t)^bP=@L7^ac~m*<c(Io<S%>@{g1FmST`~zS%Qft_Bd-3q%J7SmZ^F>W
zL0SR8C+XN%HTf@`1GjR&Rr|L1(&<gxG)EkPt13=;uWVNihkazm9^}x_uQI(7qg3DM
z7n9eUrhN9JEmEOHDntzNQ0h>gESC>In(>%6tyf~5M*MyD3(#96(oGbO&k)LCezw=3
zL8mQZnQ-*=9i*PRB)eV6g{zZYC?SiomSWvt`n%lj`dDA!Em}l)pJEw2RFlKm^3CQp
z+qFVW%Ze{6NH<S+UqMn0jR#tX?3P=Dgr2D3^*p%{7);zIz3UuSb$<l)1jeF7XwYyd
zHMRu**`)BPvgcC=el^lfYCd>sKBKbU#{ZcI1MWc}yoA$mHSUYBQ=|=&-|Hu&9`DRy
zvHc>kpJnRA<=TW93eA>E>*+5Ncg~emB-A7iM#ADOJ}gby8rpi=G|3aq(1una$KPyl
zz3!%Iya-;oiJgIG_DOpqX0$=N(<+M#gA3wWRT`5f!s$i#rSzu1cT`j;k^9`;R8!K%
zZvtYB(8ca77Ua|Po$TuLkT|f~vWCi9i|a!86dpMa(-E@^<NM~|(zPkeb3fvMkf|ja
zdvq(NxQDkT^&(4Gq3>Rl$L2>}tr9zl4xZ^af4(arja9bnQ(fZba^!e=fYSif-FVwb
zUB4ENxi|8|+48nkQN^=9^3k^s-zS1=-W`qA=I}L$(OC;-c@XAd0Ff+3#0F=`QB8Z)
zpRn5J;*K@Qpit^S`+@OT$nH(&$#wL$SDy2ZpU?yf9&X9uWhpL;=wS7kq^yt?2d2D=
zahw;BobHC})2T2{?-IL%9nV<1#&Er;bmh4atx+tYJHueLg;uShYeoI`^ukZVqBQ}b
zlIow8DAgrqcg>?8jQPdP#lYyP!8P6oY5t3z->FuAviS;xC_3ZAfB>^?obA(pon5Ud
z=-E5D28kiv4~LgP#&|h6>~@#NzefVkd+I5jf5}TKk{b<3vVgvAwn2mDn^|Mwy%Ni3
za{fQ;PyJlJ7tpL^D2k|gc_$Uyy4tm2x$pfNeZOHi4WXt5bsv_Z77lz3E*8BDx(ynG
zUn+YhXQbMq-%8c*9xe$tpd~*Vo49Z_v3}(O*CZ4sQt<DGt~jrvtZR_RxF!wM23Jm6
z4eTg)Z<}7TG`}NiFkw872kwf&aBWg=HLt`18FfQXXgjJmlfgl8<CHzOCDZeVRj4H-
zsv8B)B4`|k4$|qJ2mOQugPqi8Xg6C)lj^}WoU08(J=ZBOW;Z6CI`%G)X1fof;U$Np
z;)CJDY3*vhxwq!Q4&8oZo+n+-epFo{LGo9{&$#nc`Whtle4n4_84`jFI6S2Y7`FC)
z78*S;QnPb&^t4K`v=nE_F;>be;CkG61qT(q!)@pf)Yy6Lp|Z$wCc6Q2SAu{^js%f_
zF(#c@sj+9=t|+Mbm2Z+%^ZqA8o=0|QitlR+^f4TMbw>3XW(HWY=pm}B#LaK=x2`LY
zWMZ0@X>qHTEm{-X55GA;w@E)Tqx7!NiY*Sk%(_<WZMu_=^hEaGK9A05PLCs><x32R
zqo89A+Rprbip7p!mT|1<U#x17UV5M6J-p;5Oi8M7`TwEqEr8<K`oGV?g1ZHGx8N4s
zA-KD{yF+jS!QF$qyE`Oku)*Ek-F9-H=Wf;g@B7}}+S=`!s-8K0=69_7bF{ywTxxPp
z?EYk@T5P^#Vl&mb=6h3}s)WfFiSc3LOOux+FsFlQZ@Mh5%kVY0Y6o}UB@9BOL&rz)
zs~cSo89(6(#%EBOwE!`=;8T*yVQpj_;pFK4kU#U^$zS;w`8EDY{=MhF$=|gO08lxa
z+_{I3-#!SlERFzWpXxiFe~l#1IepW5m&r!N_TrsPiE*RTCOWcQQ`)Gjo8#B@HqZeT
zY|4v=>Q@kNA*v`ykzyTD%|*qvTM>rA6~iu5k}7EvKI05>-Dwh3pMOSvRpXbnxNT3k
z(B$UQFyjz|<)>4g9D(wvw9y@N#1DlqSslcSol<L(o69C1H&<)g`fyos?3UVz>|Dg)
zfcL7_Bz|nU6@Q_*NXx5vPyVSmDPhktI&yskc*^s{v1r^f{4&;5=NdP{7L4FmUuW9*
zBz;XSZu09f+m3)H6k1JAr>ZzfrpMB>e26n0V!NSERsMd0%8w3OqD`O+%`>SpqLV9B
zo105va##%Yt-dblB^Fp;eIHZ0cT0f13Bv4MpZ8d107xzzy({ExMYPMjnqa%JZZ2Sg
zg-I0n`L6p~dojX$)|EjXO%lewC8=_OiXi)Px#w;C3DoTW(b#pSXmSZfXhz0^$^=@9
zbTW=W*PK)tnf2PE<3-SJK480R;BVfpQEzYd4tk-Y(xbWYv+53v%S@#Wg`B%f=E*`&
zb?W;WsNJtNjS|*Q;#Lq-c5vH?H4IOu4O`th(^S6riVR9k_4e9HUvC#YFRzIy-5!x#
z^tv7QvDTeG3h0i056>_jMJ1uhus1D-o2S|C=*a2ekD1L;YXX-oK1}t_nVU{T-Szog
z3rc(~o^5*`fj0b$T9a@yZ*#@dLU^n(s8A$$=gG!9_%{lYDqC{T5R*gKQI5w_K?ak9
zpu?+5jI$EeCLR@CpBG!rXtM;Ww`AWd;q5DI3jI!fwyXFni;UGKrs_OCe8l6ItjVme
z3)*gut0fs#q|?srB0a1U<GKsnNT&c**E~u5)bR<OS(OQMBgsiFVddJdZpfTg7o^BB
z6*j8QH_r?ym{APSl{QfJ$_wjSnM6)q9Rv+^n9uTIU5EU%#@sf$@Al^t`T4ZxpQ5|n
z>ri2&B*CSrKLi6d6U8iHF~Y;4Q7VM<lfosTj&m256u7=BY`~zF{!~h?X@HIhl}6RN
zD^x9@r!bBC=>!gos>O~nf@C<#a%e&ZOMXAGVtUrO`TUr(?zt|rm*&3q%qaX6H*qdC
zx`MlXSpJc>pe}sYlIZZ1M2SJpbYA|rH08Tig_mvBp#-XGe}xLx=CP~q?}^no;dvFT
zX@Krta=lS-S1G-ZU*YJ<$mW)SM3%B<c*!Kf!;6W){w0Toc0nD?YdfJl9aE_XPO}f~
zy2`4d3`|zCZO?kr^$WiIS?E3CjFRSTM*j9_ZeY^jd7z7|DM{ObL%XqC*p_r#Q60)9
zVNUt`j~NPgj>GJcya|j>sucM9rkf6&J4sX23+Pk$ovZz%j<R^rcH6?PVGN`vSzof|
z(Xg`9uq@rGtqk;N;fGNO`U+=3ieSw_2bm+JR@FeJgRy9e5EnVqsms(MH%tNxH6_V+
z6|B5>Dcvyk)^i#?3thyFf;xxqYObX26rM9O_rRa)KP{eB+z_|d7RqlmRpY%kQVh-R
zOT;NbQOrU<yn1vkx~J1!$aANSjP+cigl939K0e4A*_y(TO&Fb+t$SA|Q_>WD(d%{%
zfs)8kn)}dRP#2pmHGf0WlA+R6BJ-vdyj{j?L(-+YZ+3X4RCv)X<3+vx)0$9OSu>bn
zZ0;@Go{=#Jf0{2TMBXPfbaJfg%9zSk-gNV0TxFLo)bYr>Hlma%$?a3IoIUxZES%~*
z<Z?kBitKyAX8HS5Nu9!7od4ug+7Xg=#H`0}9!&Kb)y=U*j@dG0Y|}AW)6D~am1QzU
z+RqOwotPU>#dRp-DW$JlE%i5R^5n0eLTx&pt6FX6=PT(5XD&T?YUI8uKzio1FKAHr
zUaE{z(tJQx<I|ZqQPv~Zd87ELHb>BeE0K|7tLX1galO*Sxva6F<LyZavK#eRo4@Yg
z$zSys`PKhP{*&sz$*&7~wcV1Z?)+FW7qjuZr0M3oe{)&Dy8l|qLzIaqZDfx+Qu*U2
z-kA3SqqH=|QhLz@M=j^ay->X)f72zJB;Ed9WX2LtVRv=)6|mnLev0Q#p!gE69|Z5P
zVKOB-&tM@$G+m8}anC4gN;1o+=BOodms;*Bg@Q6Px0`Fz@n!XmylDE<WUPvtZ+_Ih
zPtwoEof2ux?=q$&?62dBh^;=pvP=xTRVPU!eN&c6`!os671Q3oKR)W@RJQeF&HZ?t
zOeywqC|N1=9Sv)2T=R=NO3N9knmR!DS8+De?|o~|P<aioR-kSFK$@@2hs(5I*rh?C
zgdh#FpW`%;zti5ioknX61);oHxVbSoM=*5oMLyc~+^;Krfj%h&CS3b)(SzGuZ?{@~
zO3cr<4-%9-#!|o8nS3+*5tRpvy_}Vo&6480vetyPx{BD5svL4=WqD5zGV`Z+ev<nX
zW{{DRb@%pV-Yj^xw}-AGoTL#(L)i9Jz2UU(S_y?Ye_I<`c+>@>%>80Zea%%~;bTkY
zCK=OtkH^cyGyQQ7JFm#H`h4Hr<~$_jb;ihR<j80|{@nyy%k`D}>6;1nu=iT0tBbQK
z!=<hb*^8ONy0v>?sy-aiL+SHqO1<(Ed&wT3LXgSg1j5{GACIko!}0h|W#uJu=HhRw
z0Gs|NYb%XTs)TO0V#C(*r_T;nFUULZ&%7Yl(%3cUy3Zd$dnB{uwIWfi0zs<{kIUeP
zN3i97Pg|5u{XjgU|K*x3XXW`m5465|FGxvtTl^a1-x+%mO2D%^a~2mK>jehnft!f-
z5y{besJzPASq(bBM`GU%wxXeS8zKooy;e`q_I?M@N=Qz64(}u|o%f_t*GJ#FK@Q8U
zY)!NW1vWr2u{W*uh=UY>!>SdzlpmIk_JfG<<G;keOE6R3Ks5$oELaU3DYH+Y?`COa
z%u)@E#Z>OBpA@z}TS=zUWehhWe>&W9q9OJ=*m`BB_ZioGKDJ2cpWvisbQB96Q(tn=
zC>rEsK0efpkauVvKxF@NfJvzPBJ9x!->x?MVi7ra>&B!|E~(T{Xg~2ZT9trppVA&%
z>nw5=oU#lho%}E>9o+<hwr|gsnxqZv(k^x{{vvI$Y3_Dh@YRheTC;(j;dm`!bfwnl
zq{j@Y9#2jD>iD6LH<IIxcYCSx!y4D^Zj<Rbr3+${G+w1pyl{JWcH)(om)v7e+s)kG
zBAIva>_g(+Naz)}JqIBGC5|Fv#Cyz+2=G~l=O>epj+NUpU}KX-@Xhp`x*o&<<P`En
z1;!(5kaJI<*3gJ@_v@I%+t@QWon8<mz)YJ$;0Hs5vTkeZOH~hjx$YJMK<!83$PwoT
zVq%WkTOyww;NnLTTxrGILfqq3h{W*%ETDv)Uqy0Pv@t{kc@+Ds%$y1Eqv;__n08WC
zyCvhr@Z0{WQ`IMchiaZMt-Xr2N0HB}t63IE6(N~Jha{<96=<8tsIPuI1_PM2nxxHS
z&6-!#U4?wCd#rRlg#yfC)xt?E@y;Py9iPWBJr`y%N`M2-EgAihT@|MYRgWXKF+(?4
zxydmBW#}Ftd-iThitKEvT^5G&ozGx^#sRYs6-KSS#~L8Bc<vr5a1c!Jc1>A&_qdjD
z-sh@JcpT@80YLC}%eo`JZe>5aE6ut_Ki8-#T@w}HLEWI%($!W%?O$fj%OCh&rsC-R
zLnsRjuzanEy8xQ-?&nK$fRR=#Q~xwuvj+HjN~43LbTVRnHth6p1YYPg%zZ%!u)=Ux
z=1#7TzH_hFdhV1PwAw~IMFuQn=%+i;V((UauViTj*k`F$x$ZINw?hKlIMh5{j-3vh
zd!<8sas&!$3abam?OosiHphyCsvip($E>#1jZuFIuv~^~o3dnh)Y=0KM6OqH>D#&P
zJC_+gUjzg(`vei<)KLFv^EdrF`K$jTzuG^^e`WkP`CsAy0EWp<TqygDDKS7z+|Nk6
zBBxsTcP-}2x$JfS3Kf-oKQi<8)719bv$~v_Er4LaR+aVZ4!^aVIatq?u$(ttVpgOo
z0Z3F1IYk}Q-R~e6ksPq`p__dTcK4WX{EP;$AY9L?CuN#U3-MLE0L<>B9cW|wb@3Gv
zka0n9KGF2qR*7uvi~_JAo@J6R!rd9N=nDzJgMC|AP?)eVbwdX0Q44&xF`>>OO$6&<
zz2)byv0L<PC|vA>04$fXK1Va>>a<*Yo82P<Y<@Ct1)}C=Hh*3@$p-t%=gRZroqlMr
zcEu7AKpQgAk!w%Mi|o$YE)Os;j$V7dLD(I2=8A;@u)*fMRO+SawB*A}xPyNcS2_;a
zcZJ<;$Q3fXhXPnZ<fKBSG>AKGUN+;VuOb6V7<}@E2xjW=$^7T(P~#V~0AIC4%hvbF
z<j*uK2hwT_taa;`kpYd-WH-C2=6n-7@1Pa^DegW10~neg+p)Xr7+kCHJAJ(EW-m2J
ztk?hpYKi0C`lg)mPCC{p9f$p)U$^L9%=Tb_H8dPfkC#B%VJAktHn;q~-AL|3eIGV%
z5{`kBJFuR9nhwVdDq6NE10<aP*P;af<BwPu{>a}FWd7HZ7|j1u5<}sS0)~R2(;x8)
z7SKf{CM8p6dsio8Q)iHBhPb_*%byc7G5cTF#94`%|ND)Nn3?mB8$bWwvKk<de+g<Z
zgFLbR_mYB>y|J>Xi#C&js5p~~sfWvdya@m2B=Vn=lrAyIima)LrJ=CB$A8o{*tyvm
zSy_m=*q9l)SwKn~BA}Rn;^<7w{GV7#IN7^8fI|FB*W<4rOv+3uPKI{Q4u2A3?8zje
z{9oY?B?)1Wc@;w=XOI_V7bjO^m;WT#nV92`_y$Ni<Ue{Le=Ps47xKRs?O^3(Vg09O
zN2Ru{{dNoL8zJ$#5YeefUii6DEljMh_5E+L`?J8au+HZnvOA(twuSMTHfKb)`fg^D
zzw&IC#PRUA8V7NlxH41BL)#+Di^|OgWm7slogL>~2giLqGkn@xs)*iOTKqienYu9C
z=jsm1ygWVAI(*+5AMX#p0ZaE-m_rLMVm35KG)YxPt_x`7<-6Vz>E-343%$L4y__!N
zD83Y>eW@}prlS9~A&~qr+w7;EXIaAW;GtCV%I2^>$iHmY+v$voT$KR%#Us>PRhQ4h
zEz_@?n4PEnnFQod`%Kj&;L4OqJfwZ))j<1&5*1q}_aql(=F(&Jb>pEKonf^ss+t3v
zGAdVAK5TTAd&C#an2V{(BCBbY(RRoo|K}GsFUD^MYO<4$CVFz39F__DW$igU6V=rW
zypx_~qF?UHXqLS(@+=7TyiI$rRTdUT@QOCoFk0oDr>cLF%h+~}+D7L^$`rLoQk*X$
z%ZTS|6>^B!nv}XN)sX&DI!w-d-6=4tDDKInH(n+mxg-B_m3SR%G%2N(V3qXIfvfjk
zIt!%d&Da_aS=H=1KNqQS(znZ*$$(w@Gc&!<6iAupL0bR`>zb~KLBP>WH*s2w*EHe&
z*a6Nu;?4ZVDkcDKzrA>)BdY;??-K8(wcFfhc+%oyPoVH?l}RY)_Bi5h+a}O@;qx#H
z6R{2aEc-3TcJXu441Oxv#D&1=*HL_3s)b&==lRd<75c$6@YZKa`-(28h9->4jep2L
z`tRhg`HTFj|0Mqd_TS`h1!*bePB1|oomH(w&%aMfM+C&!R1D~QLUlIwH5s`tG}PQo
z%4J}2%Y+aH!o!%|s5ux07LH99d?F7Hq~RuHsq5`Q9P_!fR9s2=LVkX{gMFU#YY_Wp
zc=DXTQ=aAASu=eXA0l*Qv)_!zvZq>BJc9+CkV5HKVn*=dtcg=NrZ#I`9Jam>hBsQt
zCmMI5G(!|a{(wOL8dwt=3d-&P`;RwN9#?d}ZBy<yo}D;$Lq-<_y}{q`k=+_DlDF!2
zKFe$dC#lk;3L{N1<Kgw%@mX%)6c86sg1;R%q7xjj%RuPWgDO-Cif4wV1Ho<-P6s6k
z#2d8Vf+~UkaafF4U`xohy+2?a#Rwocg)qW_OsLdxiLxl_YZ=kt_w1@}n;tYDn%$`#
z7N_W;m=PEZ*EMpnvrj+btx2gQq7nDGo+I#4lOex};r+f11?jXZ;K_Ix8480;C&Z<X
zOu}eA0zRO~C~#w~5Z$5+-zun<_v05={;vAPJ;7j!-5!(OQX|-TI18?D<!SzxOBI#t
zt>=~Uz+)Sha=e$Kie)h=0Vl08zk$I$C{zn1DFo5OjqTPV{JV`}YKI>H%d1~GT+Z_E
zNwK<M5s(JvRHY(C1H#3udgb%9d@R0qH{VeAjtr!{9jd>^d>AIIj<(eNb&C`d2pOeS
zv8M`c)O`cV?hBSjq^rCk<$5F7!uQlKG=haRH`7FsrW_<eOL?8bI>}<K5cahd+nOW2
zNZ(dDCvKd^Oevf-f86l<2tb8uo^zcNIV_P>)e2u*904yx$Wt7cBs&5}m*RZ|=LMNj
zYLW8gBDdzpevC=KylT|sZ%M6%y_XR2EIT{HGFJPhpruRbDm|uOPro+WfzEUFYxyl2
z$FTl4A=2`&67@IM6C*{vLK-o@g7$jB_`Q!G_z$}1Q<TMA<pYR<yV4=me!q3R_8@ZW
zexvi2cb`~LGTjXlJiH^GcLmyggAA501pg*kT=2W9tF%{tk6Dk}>^q{z40Y*X4L{{-
z-@$e&U5pR}EwuLz8P|_%E?kA-JTOzRt$l5a4Wb`n$5TC%H;)0?H!uJJf!+k4D|xRo
zasTCJsZMwt0FRk5jvn^MgD=Hq>P;(z7t(GJwGAEPSOgdFy+njdj%58pqf<imm5o8n
z{4DflE0Pu*5bG0Dx(7Y@kw}RXHA}0(&^gD+dGZ5}8beBz!(;1tU1N3lGVfoL^YF#S
zhG~w2s3^mKVxTOieRkqrNL@j(rDK)w;D*M-BC*FSRMj{lqCm&~+(=nanarv1FrnUz
zB1to&{kwnK*ZA0_ud)F0kZ=Hl+`uf{Qv#N(2YB+qHb>Y(2uz4@i*D%gCr12!DckU&
z6kKhi&KEYC+zMlo(`(<w8xI7RskLE`N~!VCC=5i`bGxY_Bys^L8FM49jI<d}!?CJ9
zDXRg!R@YRVi83*R9r;}jvq+Rrr$Z}>?TtT_v8JOHG3gN<Dru(lRzOXxk>Y`-+dc3Y
z-g$1v8ZJ&=Lz>u1=WEaGYG#;E2(383s80iPfdmYq(RiaBa9c_(y23`Z=8zTBA`(5D
zH*+5&xIeCl_X`)*=n-6=MhYt^g%lu-3><)AT}8EC?le-CM+_2LX%SMz2E-D@-$~XA
z7$XizShvB+K&VjBpBl0DC>|rC#1RwQs+SA0f2C9&|6K?M;E`-1{7U11yb3OlZ>Te$
z-Ktmue(7_b)oUsB0Xp(4dTr2K5KiwyR0TY271$Z0v~cXjXr48@SY)2-_(;Dva>F-L
zs)N=e8F;%MXm6C&M{dyGhkM)=LRDXtlNe~f!0cIL#@SLsG}YtF63#Mwa@DB7U#K7B
z1}*F!K(J&@1=48dVQ;e!^vNOz*+iXON_c#@DG2Nw-&dXy&>%BZ!JM;H(UuIC4qi46
zAR;X=%AK8(%)~*+2RrTZ`B5`Zq|ohQsr`ri6aP;B+P}!J@=x-=j{Z%4nL7ZWuDj`|
zjH*nu1FK^T8QQFrBqx&DPGh1>TZJggSal!|75(56>{)YmQEcQYmgA^-nivb#Vt-Bq
z=ib>0Df(AfAR<fnwGK~{XJ<!$(b&}l0sm(SvS>j#GSo82YqwitVRk?ov724VwL{n;
zIuW<MK*m{V`xOFSXK#hSHbc){=wYTo_t~#I@euSx+fJ)Y=b;t=O62w|(>4C+%U3sm
zj1@I2GBiCbX2hBKgZFpf?+_(H?JW|_YmdC#HQ$~())OPa*aZK|1Hb%!cxf(Md}=I4
zPiu9J$q{ol>=&)KAIw%TNwy7TN$D>>^u23!95MRzQj|bOK9|BTT{w=XzgsP=I{JQv
z!1r(y#S0;bi^y8`xpIimgeV&8KGV%Zn_*Z4a%4IN+efYDJcO7QbTWf_+{}64)36rX
zs7WloEs83-X9UiB8;eoaK0GgjL!ZVq<~3W-pKGA$bpTKJJ|>7qsrEE>`8?}AftP`3
z7q4GY%J7ah`lK>t!=xk|RGD+S2PQb0J(>dW6?s9c;_({h>O^3FuYV$0Z^H<e5s@1Z
z|J~V-`A|^l=)LAVK_Z#pF-mf;-ouZAPHrLHN9cOZ!nZ(y1vqi>x9XNJnF}FV|H7}_
zc1PVY)Qr$(VWOb16XvXYTIw-A)JAT1+rZhv44<|T>T_;PJ1j{dycDPAmoo&8ppMH8
zKGX>|Gz9TI7R}z$R~{F+ft1rUjgVcOl{=N(C_GNqNb3p}d<1O1<JJ<c_@V0#^XZh4
z-OPl3+-S#&OQTgYxP9^~Gy`>i&}7jK-Dm9CUb8gV-DM;#338HN3M^lK$#F;L1yp~^
zlZJfQ$a&xXGNmebS7BAKbSP=;IPIV7OScsiC$+1_r-7x3APvRF6p2=qXl{WGVWFc5
zDY0QOy{oJ6_HW6fXsF9WqULt_D$u<;sug4umvWpYQQ}4->il4*zUw#sCyq+q2M0ag
zS6xo<+fx7$d|YRD6;_rF?jzBtr*+Ad{H1nPdKyQ`!!)>gay%Kw53FtD5cMPwK7z}3
ztJJU}`6$nBl<KipmhAfRS%N~jI%PMU{N8gt&LQzpPnb+DvNaWEtYu1k=}`fP2)#;N
zuutp*t!3W5-a)CuLl~yYcKxtZl_E!xF;4TNyy<N&#%r87_3Ajv>M3wtb;z2@-(;fn
z>t$fyQ|~W|87D6l?G6=(Hsgw_&%aR4YNwKt@%t3S3T;=sey8{6{6t*+CONP*eu44r
zYqpt5%ib>c6={wiG~G^0M*H&IdD26mOiTN#P=@Jc$@ryfG{3C>)i*2%5)Ni{7d|sE
z+6n4g9_Ql&!#x9%Xd~3&g6b_Zmo!u6Sxn^YcrAh*4bhpqYcjPZyn!Am4eG6yb$W@@
zJ-(#asf8v4vqd|ycB{8B_!GNEp@Ds)#VF^<T?wvu1?%;qK(Ky};PW#<*1&*pO5{i8
z%(+SC57bv|$T(Xbfp#|FORijT4hDuRJ@DII*h13!<Ig^j6n*Z<lQm!pShnm93?oD_
z9-LpO%kox9=YKPo`c@2Z8^H=1+UzV_QMZv@eKN;IUvJ6mp!>9|=8xrZtZi8Bjw1{E
z03N@yNiTAB_LAlQrI)^u#2i`Y7fgB+p6RXR?-_*FASqx{pv(_hF@`PZd+U#<&f+^5
z<0h;21<$73vowrE?Vp=3<cN27e$?n~k6Be9f;->3_ixZ@&^?c?)!Cy}F~wmwBsskW
zlS;jl_JR+WGe&62hA#4JxcNUAUtSD1h-+Un?QLGFF$$bo!!5)z5TbnCUx<P$`GsXC
zNH=F20_`dxCPyS2a-DJoo3z_;Fcn7lOZ;twJb9NLO>qp(4GkVG(6ppP5azxL0?<}$
z)Rh-lqq9A3SQu~=#@bpXEO7)?^rPknrDV`I!e{rrAGJTH@GON!Iou_kag-_Q3r3jV
zJylLg|B&Br<zH3)UH_1OR}@74f2#cZL-_wu`9ER%kIMh`+P|v&*Z)<2DE*`U09p9E
z{(#Q_08~jz(Xsj!os|to_cQkk1Q&prxZ^&@StRR48<ZZ~U^&WU?G}U%{Ock8!y?_@
z>&w!q(G4(#&b-CEyq)`c-<6d)HY#dO0$g12LVhZgSrM=_0<cOQW0>gM>ER6Qy)G)r
zh7RBP9TM0~+tZCjqZ(BJnp5AR((<DFL}`VU+Q1c&g2FdLYW8aF^2a5zcNe4(i@5vG
zv~%3ZDcqRvdNm@m_PO=opq&TH2#^YSddBnJMk)*4(}o*1p4NpvuIRJJWEaHNz`=8O
zy6Ft)o<RtqFf=ae0Mq>Gf9G{-Vy<IBExm(Fv^<&oug60Ej8XjE-T%Lp2W918`&%89
zo9q874hkA$_<tq_sw`{hYz-0{{WCuDFUp|oTx|bikl{27)<s1%eR#dRQ%Q!lv?3|i
zw^W5zh*(eq5+N3<ptlez5lmaqm~6@J2kA5^QlxNm5a~|@#*$B7Iv*_Xv7j4mQxr1{
zwYZLIP4R7qv!^U$Y~5q{O0HK`B*S+6?mM+_*UEc*y034!Ia+Ve+V5ANyVqASLx^Dl
z|3CR~ohtHyNho%f`{kJrgk&q$r?F2u<*?6ba!+GLP?uQ=Cvpt#NycO`U!YrXvP!cP
z#Gyf8%pE!oQayM3n_C<PWFihb`#qtWX_g~FV}rJL&#|8*G|{->#+3Gv#-#`L?i?fZ
zoGEP)WI`rKu`w$(=j4<JO|UR48EqI&R$k=XZ(k6EIRpKP&E4PIPKJv2CUef++Le7_
zr(-b;ar<NpxGiA}Nt+zLy>H!avJdwiugOe&u;+hUbzj$ge#kh>ol!3PUO+-4j4Q11
zeSDK||EeO%K4czWcJPC}7c$$<kZ(?pzqy-T^L{ebBmaLrhBL4Vcsz=1^2QX{1#uD@
z<6f-{e|yhxUA8_ex=!$<0)<V2NK(<Kh(D=Q$K<`65vsAx_YQ~a)W3%8{hn{XG(Jss
z{a;&w^>y4Xqq!%T)i|b6cu1^>i_RUB-Oy&Mg*-ZF_Tsqlqy;3wk6d)(!FD{cuE&#z
z4WaGtIBYvly65-r3HCr9vF`6JEQx~I!Mm#0GWNTRPLp8DUo_5)_(1>r#T8+c#`!tL
z^_s-E((sh-i%7O_%Jcm9!{+q45oo6w1=9~KAa7|4;H|x4ydpApcy^cFe%~yAvJTe(
zvZtKCNTFFu5=n}{T-Pl6vd)K8ty_l<suLLDUd=9Bq#nEReqhJVp`MQAj}1jB+9c#4
zyUF+e^lPj6+#L662URF_!&F<Pcz8o4F7zgVE%+03h5-J75B>E~@t3+M%*lXIo%;bp
z$4}edY=_e*b3?SzOcf?rw7FY$LGO3_HU6BI)i|GlcuFkrZFzJ`flv{g_4YcU*5Tv1
zCMH>5C`Hq&Jpz3tn#X>lgkvi~PYD%#D}nHgpfZ@c!5IMmbuw{elsp#;>sEY;%Dqy7
z5kg8elUm;51L5qkzU(BnmzTAt`Ff@MMZ~SE6t&K|9nmT+K%;_0Ar|f^v8>jHF%{3g
z?`S!x%u(8qFClT(oij+<B!${^{6*6ERNAv1jq!BN%O){Y&=)p^1~Xq%s|A)GuN2g@
zRQm+M4(SrKd$A~;iOm$*7S*Y0hndlr09A+Tw=nEP>lLDqri6%FHrse*9ELqwZiXo!
z_LuG(%KE>Ozu_<PEB=%Gu&jTRKU^9B*oC)BO22&3IHIHp3Z>>_hq@|ww+;#z(S+h6
z=?z&9%vv6=f6~r2!@YVqPA6G4ejEAOpjkjdYfV-*{LKZTzU;CBRh~zW`mT|ojWjS2
zI*G>>F@Tb*Sf@0jgl_skltRPed+0;mqRi2xhJuO*zjdRla{qIntL>^k6jgDaroLJ;
zttY#bmnc#S+Ba5;S#-tSk9TUn1s&egO;`Lp8CGQXp|SZb%I27S11*0VS6hYN=zDb^
zUEwBkz_Se;nj-q59ZfAqe2{T>$RynJ{wbcQpP>{gm=vtGRwC(Y1@rKEFeqV6<0AZr
z81V1}mJO0eHuXFJ$D~yEY5|A3s_|){bvQ2}QIhXnKG`zd>RPvf(qj>#Nb5B!2J~FL
z)n)fglqrT5PS_v@s1egXPBGIFFitrMjp}*JvD6O4GJefQxD35%BjO>O%P0Avr5Y~7
z6xS@<CKuNS3JSgsJiew570p-Gfo4$GVDY3;TI9rYH^4JvtZBhDrl#{9xx0j_rg#^w
zKi<47l<Tv!tP&;;t3~xKAUme^^5_?e`&V|)A@Q<O5@KRSUq1Fz$mr>0)UMD5%5AS(
z4Y|T9dt6#^36FS=a<+lh1=LjMm_@91GrXBtXyilKlZ@7(ntEv2x!8EhAOW76z*VhR
z_X|}enrRD6bTgQTot3Agyl?D~ZJ*fDzkjcCNgetgieve`v5uLVd1J#dtVo#+WOjM_
zFsF0Prd+!NlWj+08R-bYew3Dl(sR!;oQeL)r!gV1k1HcSXbY^aXRO*JIB_go2}Svc
zGGE~P0Q=V95LRj<9fimu48u(gu{g)0#!oZ<8@Amo1RAS>V@Y1T3K*<U5>TX2%>pU|
zO1Z`JWWZP<5wY$NQB2WA`fu%2wWxQLTO+AtpIgL>Lj_|XcxXK5D(=BPyel$Gf3yst
zR+?ixst{5PFriF_6l7toOFU63G)ZL~uN4<jnd9_L^WVd*ue6(@EF$r5mpAt?A9OHA
zv&atZaUbZ?6{;Kp&@|Kph5j%V|3nK81&dc(ZEFbi9sV;4oL*%O73ohD5Bhr;pvQax
z+5sl^Pp}eR#m!HFf+B*6HTpug0ahWqpImN69NtlQC<D3mWf22Pga}*dNOIGSefci%
zpmx-9r-UNER&ocpQ(OI3K$Bq;bv1op(m3pPNLo~zZ;iA33EX!Hb!TtFOAt<AgM|BZ
z_jqOH!Y8D<xMp~U?z4DM9WlA}PR^s~%^loNapVKb0-2#$iBsLVsrA`1#1h5?3CI?N
z{DTj(iiHX#vf<;p5(yAR!P0>r>MPlR|Gpbrz94DMl$M1l+puwN35@s<{S=D!r*-!=
zIC%Ot2Z)(i25(UCoVpfY;AE#!D#(=i^o;B%@X~;jV&a=RdM+z#Ips{!Nw)<BERau>
z8oHqZhY>TO(nLih;8db3Ob1!h)2J3vZlsaWkhtK1)t#s!s%3Ft_$LsC`<q``4)D=}
zoBMFdWY`7>8E<{<)1cIvHyAmJ+B{SA^*!!OWWGz~O5vh0ZVRaG4@iR_^f?nL1+yhC
zXi{(J9!R)FX+m25u1(n?Z6B(@xJ>y`caTF1HH>hLnfu%WH4|G_yR@ALTXPZ!-Vddn
z@-gB-mNFK|Zg$rZ@x4@LjP<>t@Nr#V&-pNmpxFitQL}#Az^8X9KGGgpwp;T>WHL3N
zlH@nhKEImPU}^ujzvLo}-vezyhtw%j>@-SA%>s4AERPipBG^44-gTVr??^<bAS}mC
zE0}9-7kj8d9~rytKz7nb^j$Z>0(B9mQP!nu)?ZF$D{LNbM@<y>x*bQk8O?RCEWFwN
z*U;8PeD;sPDRo=wEY}SGk=q4(zVZ5~KZyt5#edm+qih6XfIF*0tA5{v3=MNeSEABf
zD`0~>{wbIu3rB<4%fqrYWyWa3mU>^}0qrjn`PXjn82?WG#=pp~@K5q1?f*@FXwb$V
zmF<KzDKWFo;3CCIcr6Onc2&rhb12$wweD9&{S3xeTY)&7pv4Y$6J@rXww`AF>qIM;
zFL*ylsykkfpR+v;cl!m}o%*+xlWi)poHM#lt<KO_`prHj^aXU>6CL?|pWg`FUm<d^
zYlStmCNu$MYsIMAEHQRzVkibs3KEO#B0umk^P<!m<{{Vzaq|~A&@{oddAgh=0N-Aw
zcoQqzX*_je?pj@-!RvXA09xOF^P+wD?G*iYtUUko)@?q~$=hI@>?D5M<{DKI!)wM!
zq}@oWhv_>N7oG`!=2y0}S93ZFQfWQRa>v5{q>-sF_&*W@g?ROr^Ja-hIa+W7Z?j$G
zAa02ZNfsC}FBS@8r(;=6=-Jvu8K)r^FnkE@B?pWUdy7<v+Y2PiLrWN|-Cw|s$K5CT
zLb*rxDi%7P;`k=JZh*@~J}-mk?-$)vU0{fhcgyzgH@7+OuQQYSpI;^*Cc7NQ<q54@
ztz_+n^WKmh)!0FgdL%ofSIaj{iC?zWC>AhH8?-9)_n}I-fecx22bmvuz9ohlDB~?0
zVKXlXvi&snub4&2fJie<=oTXGe0Ecv<FjfqKlu#7&|F#XdU;fMf3{GI{KQD~IyvwE
zcBUdI#s7HX4z2e-_cZLsVLn*2FoxG@uD`TTa@SYF4BH?svOrpergonIM3hDB1vZZo
zHj@^T%>5)qTnwVQv4%NbC%MX4!Ex6dd?|K>uBx0xQU4%dvMPGWR^)x&&C0*X`h*5i
zX*D!gZ{KSEn%}PPaZK$&yne~$xRqfH%8P@wlq%i#-wThULEC$`p5d}hh5a>xBH*4D
zGnPL>4H8(^Vpo=>En%7{iL~_ta`i=Q-28rOc*loz_s(zf$F{r8N+VtpZ_lx#7tEyE
zAv$7kwn^xjBzk6;BV~J@_9bOB@%wK4Y#&C~{m7W(_cnNzvZm2xDY1;K9!fRFx69qn
z^y#EQP?;SPcf2n(?ug_!%E=Fs#jbi#rXJH3RADNcunnB;gavmQI!QeJC<hyM1lKMl
z>9X;Yv{};>Y-1n58gu5%vQPAs&{<$RULsoaeD806JIvZ95@`luXWjR4?oAzOz1DQU
zHBx;~Hg)EiB-(0i$IL0UgoKut>!$-)FB>G@R|-T_=Os&+`{PKd=FpyENA`x+urI6w
zpwU(2){C-<Bs?M?v-hccftNiz6%qdTt<ilwzwJBO7`av_&xwV!P9md823C4kP$g?n
zt`Z}rz3`&zmna(_N@~N8s$=cXNM||b^q7>W9Z_=@fATvxG1Q?ryEij_KV;<AG!{ZD
z>U314sGTXOQg<^VBelUA2BTbZY;M6YycLf(PnjvhduAyrhW~jf&e;EDW?lyj?0x59
zIEVi+hKaG&`#9Kh-W)0CEhUVtL5kBE{L3^-ioDB~=_)w~=BQP(!!5Q;NXrbT4q~b3
z2OHK4L@yl>t$5i4uVWMVe@2xW1$_#QE=?}-{xTP|1Iv|JhX6oST;*5yjV$+zC&9w;
z?roUJ@b9?H)t!9b>R*3JUe0=aRrmL~)sJ3#f2fB~US&6V0+$!Do}45Q>%jDtGL8=w
z#Z>?c@XEc82GAhVh;U4PfZtiukrs(x&>R!9v%^k9h*uqj^kfI!vhL?vr6db-VP1~}
z#}I-d0B^-kR-RszYxXa=j&FUV_PXxpcg0AZccbescinQCTvN*sk5}aa_@4W(S>8yD
z+V4HB@F}9=lLxogj%7A@R6_`ehSsxjO-fc^#h`mgTVNpU=te?XL^|vmB8*%<JboI*
zrrTD-$xu5G%|sW`eK{)$H_+Gj(_%TrhtSZHDg^U63-jBLBJ?ayR?92p)t%eL8ARS*
z@00ohPixTcmpM7F_t^S<@6rA@zskE`<|bC3&leutvGwaaYPZqkZ%(p_magIulcbD8
zLk;r(j2V6Wck(y=MSl5zk{=`EZ}QKAHqkO{WN`9z1Jx{dYLcfps^sjD8LqUkI-O*N
zBv1=l_ashnw7T5ivr-8@0<2e=Ipy8PCwqRQ^k6YMszkF5=%|ikn)_E9ug$5iHrcK2
zg%NpLO;$lLoq1o*b%yEr8BGQ}6M8x=wmmcIbyOU#aQ7~>bidSK2sF}Ig8E%H_LT1W
zNuYA<MI&v0m6aChS>O0jmH63XJ(kaXO6|~4^~-5)x50EaFQ}-+eMWtLy~0C?i(t%|
zF+~W8aSZ5S_DhR5MYV50*JCm0cKD3fHR9R7|JqwVTXX3zyS=v8V0Jyr3zfo#%**$B
zH3>hGv0|?O$O@`YjYfHvm2kn2B6Pus+1a;Kexanq5OD!Xn#T}kNL|ha;*}QpF*qKh
z3FItlLrqdHAk<|TQG1)%HLFP!O0x7oBNoOA`6PSzvmYZk=D(*+e|Ehqh}?76aS~fT
z86D2zbiWw5hJ%iAPsy6&tzpo1S`U*0rT0X|<ODS9qpx9PhfOWvR((Je91syxsoKv1
z$*ZaRZYgsHX!9Z93xZjsR%dYj5Vvunc~Za?$vzO0xewTzS<ULD%$_bF`Fe!7M5YKa
zj#_%1%weL2JX%GNtva(qCormse~dnqtZW8U9W}Fnar4tfwa3F27sv7nW-21#-hH`H
zP`+s)-ROk3yB=UE0HBU7nCN0J38!lLkO7KF7V@IG>eibCh}jpIYcwRpYjs4vMlioz
zT%3DZL7F5QL<yy{K`O8c-@VWtBYft`S8KW-MgX-*P87IYt8m8|F>Ox<*#<U+{h<&W
zJg9$Fx@zMmlh{xoOxJ%U40!1GWS!b=G(uFofGFQSUE;$<LFrvh2X7wtLhNm0HGp!(
zbqs)J0Zh0KD|DtcWh&9p(;4M`rQWlEX)s#&4cX9|$8bdJO?0VC4i2*M4XtLR)@K-y
zUhlxogHuT*Qe#bz*1gqqcp-aT)_5+6icd%GAht!2*G@u=Uem~SS%sGmNyZJdhVdcj
z?LE0@ZCwkW>93Q^Y(4~{gfM&_{R(FX>dQ>3lqgWT8hU-QjKXmPSM3`S|0EAFK<>z^
zDjuG7g<3lA-CHOql1dk-j}D;+m#8Yq0($Lfa>Ut>fd`N$Ao4>Eu7k29Da4hEN%5+F
zAr}mD-85f91mMUXKn-VP^Za#xXI0}jV+sQ1<DFxrqx~_vXfJdox*A{hZ5C^r9ZyiA
z8CIRhm8)JviXEcif-Z-DG()O=;BM*J*C8bbkxx=08yQCP9EEmUy6OrMW8o^9Bn!FW
zH0eXSX-Gf`)=zClhAz_SY@(=Z?#U5|kcf&J^GdFds`^cFA25IS5HK5!Ejx$l&XO7~
z>^f@ka@IPd-hSk$C`%&=JZ51><b4sn4p%vFH;`F3Ma&eDEe6RFfLm!M1!@_syL`2f
z1kVt0eO8etc0FF=Htl+z3i8AShf?w(sR(VXH-vjV7Lkj>>l_xf*?2dWXtXwiX}6*+
zy#am^ocB89Hp7AYa^#*ULL@O+qus_v9{1()M>DZyY6{m6HgYf@sIUxws=%h!#eslX
zh7X|zcQ~SB6tUg4opvl4D{)%Jz?>E7n<d^VF)9|YxX%1Cd9Q1V8SUk1Uw!WTYMvM?
z^-~)cRJ>u}&m&+JgV+<C9xl7+A?``vME+2Pi|Bmk(9eSISuu4rP|r?pdCveTwMgg_
zjLlt7DFA*#I9OcGUqo|#Xb%hB8HdIye45=;D`4GhnX2=fW`+t|0aa(x&$3W{wdvWc
zX$*Gq0IHHigel(4g{-+K8-f%+P&*YNi5qz#4!#pHJ?3TUEIlNPm*8iDhch??t(+a^
zFhYt2_2)QomoW8;BzBy|LSJ)XXIidv%Hu$@U=7sWs)4V#>Ps#o%qPE#@Zw3jJ}sa1
zGMp+L_Vk|l@&jP7IhD>Rn2dV%p`j}}aI$D4n*NZV<=@HQ{1^G<{z-mZ`M=3u!w#A!
zCKpjV?pUqkT%^cMnf30s$JX$i@g{M?{(+E7+GLr|ONLyfYxqiY{jdPF%flo}`2qL$
zML@O*7E2IPq`(+|GkX?SiN1m}$+YOKLhu(|?-_#9ltU>q`2wNH6}j+`asB-ws`5&b
zxS^h3Y=Qc{azh6xf)&svi(^niD3)Lt{5nINuRLR3108c*ijTaMFo9g12G9z|#d^p5
zp)kBDjiOg*s)59E0xB-y8t=@a3kKmQj7}g2iJFiWp8K!uJ}>q6Lg^;wsAMo(E|9vf
z%T;`qyAHYS8Lh=YbV$d&fJ*%c_e%R;)ti$F<s1~Oq&%r&ccN+_3+gIS<!ia>N>gLW
zgqT2PIxB;6uv+KMwyfCALpcl~6s&mE_~m-yrUOx2Sd#E}cNjU=gu1pSa{DV%P*4)r
z1|qWMS>&HZVu-_83FHNzGrx>Uhf1$UOP~zkd=p4vVBW2II<T(=@iA=$Igt3tz`2GY
zxK;J!MchHIY^c89BTd#|Ui|BPoO=IW2*ZN16bhu!|MpXS<=^}?<@3LutoSow@c-3h
z#s3dGnX$4m|Ihh~Oiv%oIn3exPI?rMMH(5HNV9++U}WHR82!m8baf#kXpn<wLV|G9
zq<I>)fL(|@Vrt?(=mIFm+zV6-RLEL`*F;q~M3oXl*hF^0<a<3>=ZUcuR_F5-&z1(C
zv-6w|?|t{lvFE)`-hIYvHd(2EKMwtsRFzmhAQQc5<RI1Z2bAkzO07OYJrXO4)s7=K
zrD_Xo$K<8zk1cEC3TM4}*cfL!3oFPCPBr@|vO{>4j2mgAWjYQr<Xj9Z^sQWz<Zaw-
z?&5c%mnP)Lp9i=qAm5tTGQdu>TqVmt^p_uwC`o8}2E8KL4f6Pi$#sqFHu6oKsaN!?
z1x<?eRDHIy{-F_8&OxOcJ03&MfN}h3?lpq0K4!FD7UTG0HfUWnLu+`COqNws7HXML
zX?^B!=t#C1{g~q{=P2V`NRok%9Eu!&RlLG@^~q{hMG<3AOE_+sTro_V7ru`gh?Y(q
z$%Db8^^Hip)=j-a$Gnm*g-9aV^>LuVZ*g%^b2VKZWs$b2YxBtWTsG#bYf_WuqKMb3
z^K}!0kuG=ReC&x3pElPdrv~O~oxPh|j@uk$a+@VYJ#^vv?rTx^Pl%)6jiD=CEET?|
z=BISbfk}SX;`1;P`h%!Bn8(>$w)tlpbyYlORAaO{%bz>Ib6k(CpCKG7EcO#AZyY9e
zGSWS^3k9x&gjYYV2sCDIH?F36LmFlIcDL)x%;Cw)p?27+^pi4Gh*Ud6wAM#|bm_r5
zSI~d%upJ0LuSl+s;jND*)Hi6{z2B}mYoYj=S?3}4*_x|jUVo}#hd^z6&hjo-s1gdH
zT9-k*m+rY|scK!yxT{oV<<LSM=s0n|Vd~P>x@JBbe?0IsQ5{Z~3eWTrsG9OYL}fnP
z_(Si9<1qMdj@GJ9wm8M#wqHJbko59wX-fcnOs`2>Yvm^PMRkY<AL65z@wr|t5Les2
zTG!V_3+#AIAOd3$>f{<@4mfIA(aB_NkUp0}9=qWKbbK)=kG<XjU;u|VWm#dt|1Q>s
z1v&hEp#S&F`y1ddSI|b3fIsBt_;>QR{6&7*f0CaV;&1X_7lX|F*_iWx9LxX*kjtOY
z{}Th*|6T_T4gual$A5qRpQpW0pTVQZ?dOWzg!letO^xB}P$Yc~7Fq*c$!=;>FQAvL
z2m}&REaWlvV`Y|W0B7fBpBI6ENnGJO{rOF(qS--N7!*f>>n)kijD#5$NrY={k*95C
zHSBk^3QqWR-f~rqika_s#rwz|0wnyk<4pUR{bkKxi0)c*d(y!ewzSR08`mhue@E7q
zd3fgRJj@EgSMWvrdV<J5+Zh|%yJR5Jwc5fxA8Rw2nMEZl^0RZf>gKRv7I$~C6Q3Ul
zzT>v8)?R9@znke=)9vp!>coov;5=T@cJ%CVDh|vDc7NPH{ZXVdfwMg;esK3-%J0HC
ztCH!_TZ2>KZ7h4}a>9aZ+tVg&OflEjc2lX*$%yz|QvH22E3gRJT2S_6c~3Z*_Zass
zqanl0Nf=gBePD7%2Dnthr?3obttKSaMFCr7>mne2z@Xq*5N&B~QNaC^2TdTHLbHg$
zh<|CVpElvveUE$qP@oS_Tc#hJE}(UmlJ&hklJ^)ZTQN+{5oA*U2Kss-lMK4-5^471
z*>x|Wn)(1f8V@Ev2}P-zcI$4iD^bS|?3acp1?}(KEJ3$x8j+{eDsEwLnbiVni@23<
zdX_+e`-${sN5P+7Z1^vH+N*G7DS|lXv&R~E1fv~LO@kFt(WW)+3;mRKvb7n$gtW1@
zUFm9g*(MEoH@Vit-b#<PUqao1yxh6L73Mv?^i5CZ3Z1Yc>w>Lx)?^iAo0RBZ3~hs5
zT~D5&V<R;K-yx_W2DhHR!*@H!#x(^S@js8>^t2Vb1NHyPqL>-6q3|RFpmDR__aGFg
zomUiKW$zs_O9xd&Ej+gb)_DVx1F?cSQ--liIU(45hSw#hLZ*D+ulgas*`T*RSj>q`
zE4CGu`@=yA5=a6jRG@M19Y-xHu)0=EIWBeaW_om@qCLPeK<@=I;zova61N+Nupu2?
z+Doo+u7?JG{@rzbv)^-A9uf!0N;1GU9bBUa*Q7Wgu3;azCAmyd5kmIcP^NY$nC#m?
zyt(c$@9|=$f|7F?gZ_ftzB_$|<AKn=4$SeX!Lg7{Fgqn0@&Y4-eXq=I9>TG7ED6*B
zWXtDcnBE3(3GPgVvx-rH)|i9|h~q4U6LDNLpr?Th2}iQ)jwv-qjqXncF7Rd(9AH$g
zilDJ)sxs!8o0E#R9Jx9WN1~NEfW3&MQc5Pd5qbE|abTz}IzYVeE^8poAecE9!Fo(C
z=C=l+hWvd*TWoXtVu&k9-5&*0W821x#d5UnZu?^cR&8xXxzJ&m?;<>F;H#HnsH->i
zDM@Ze&DmDcEu|hgv-LZRqJn`hc*MAraUbq5Df_q6Fq0_Ht#wO!<cj?9Gy?9ajBXO<
zW13_XDuG|VUIx`;XS!`SEfY0Ea+D!#l)f--1FqkqZb&`}VAfQ>3P29&{s{$-n&3xm
zM@2yA8RG5jQiq^0@N$TDb@7m9&&zIBHI!XW%$2wj);jZDo|wbQz5{YlBkG8mt4@(=
zq{a@Z5S=X<8#oSWjfkW*gh*~;OAo9rF|4GlaAfI3wv@d>$vm@^w;|u}cL{mhAIm(~
z?WFE+L(=JUZNoSXX*A{66)qfaaTKjEzF@sW@-7X&MRVX2Nk<1B_i}_Uz*uKadXKnq
z6ZOUI-++os5+Cb#^eFoA-XNg{)7CI*?HSClT--}!%@B7OMFF=VAD+$3x2PIF%n1J<
z>gXYnT*!x}rH*8NX%=Va-x`@&k`=(3o3ZMLxa&C&+s!nM!#`h%QB>6TiktVsSnDLU
z3f`-4iaOC$uu0bXAxAJJ7_4cib5W0{%XMf_81W%SPmzb#RDF<<?oF<!gvNVfq)v{N
z)e!kZez|`qf9qf5|ME}rQ#Aige#!{|Km$1Ui4$LVBI1yW(O#<74=n=v*FJ#Cd`H9j
z{^!|&Hhl!C(JLH2p2!g|^he+l_J((u<6xGN$g_iM=Hkf@ifvL%xf9>-9t$)}qGR7E
zg+efnDY-CYjCJ~JwBj3q`i$6%G(N;?15cV<;&rKa`y%wm=09{2jU4Bg-HHq?bZoj!
ze1A9A)|SI)8sieA8}V7rs+Dv`Ki?K;ShwePEI;LpvN>sL0+&9fQLF{IfST0<xa||x
zK=XSa?je3M6J2;~r1WJ`^sy|Nk357a)$ZxKmz`7ycy-Y|&ze2ck)m5EYngA!#(dz*
zon~I4>Frnrn%3K^0*lXC&9=B`wN*h5UF=Rq{!b}pHYT>w6<whrHwTU>Uouc}IeCMd
zgyGaSJxBR*j2(#~1cU={9^@^JY{FY@zB}${q;MvWnfI3nxD`Uhe70s-wrxLZ!evAa
zHpVel7r&T^J4HiZLh#*AWpC+iyVI<o%}j|)T-Y@=bIw6+D`kfDb5xrjD7aBivt`^9
z9)rt28_Nt!K-WUlHSUtV=4Tkz!ZTqT&sgBtJge9p<Df>aXoQvvhJ>4N^>vc_*;e`B
zZCnGa6YWgH@oMNXHS~oR7}PS|LyxcUwHBkg?b9l+&3xyGxp%Q=%Jxp*{>a%=6_8{Z
z8g%;AR=&pmTac~5OC$ZKp<V8Wk%nJ&8+5<4+KszKh%2rKp2TnXkZSD?j$G2#0jTxS
zPU&zk-%YQNSst+$Y|OQm@AW0Bn-<^ZVD&Vxo$<KN2X%~POHDMb5l`^G3;5vbd6-m+
z-K-kE+vH?vu6Gvhb*X(?1x95a6PTJ;K2pX>1qG@U@57N=bZo;$Pht*?HNAU?ZhGt~
zVp{^W#^t37qLPMs>FUHJ#K-kkOjjqf-u3L;+5@TP*=yuZBq}Tnb$RR{8;!8`nm9H;
zGtFGut1Y*+b?loe0qYtfu{ezouPWHz(SeAogRN6bDjr!h-@d69K8ML_x40a}Yi_d~
zL}W|K`j<z(Bj34dCL+%=+WC~(u=EKi+FwIDHfaLdajITvUWfQ90-Y`N_ub`>n&`?$
z-SmNw+Du+s3sTFU9J^~shLaVdW;0|BtTO}~T$<WeHg01>veUJbQ?}H`o*zv7NFVWB
z59hn>wUnRo5jh@@+>e&K?|m7&FA5&F2~U>a<J8X9JDsHXp4Pb>(f9W!I%wMH)h0do
zF!qjJgyd*^2EXHYD;qEDaH4&He9X%sQNAiFbD%@2i-fY>G#>Z;F8QnddluS>5t!Tj
z3Wa^)r(h8Uvnm$CH;6*LIv5Jh&25DMJu_X~OsSQJ1YMvl4Zc8dgkE4~{tF<J1=$U=
zS@nwYeSYZU-cz(#y&1!b(_)E6bzSVax@{{S65K;Ke=bJ0-(VU{=k#T9SKYEgKR!`B
zzw!E)YL{c_CVO?{Do0H`6*%RtGwU>>u9lAY=3D(kZ-w24U!%=LJpTuAZvj+Cw`~jK
zPJrMLJh;2NyF0<%-Q8V+y9Njl+}#Oo!QBIa;BNnhoSgIJ-gCZs_q|*7Q$X$AvU>LF
z*<-FAJ?9$EhuJNvvXbZzvne0{^)vPS`3Y9_ok94&e`<ZH75w9=^`)TjpYq#E_D)8x
ziFY!3Rsfl7Mp^+q2cy?5_yq)ogoP;u^(@Ww?ainJY%C3Fg{=Y7*=E)z0KIN&erpG_
ze|~@2L&(U%z~0Q((Z(Jis{N1LI(r94K~p_@d`1RZDZPJuW@Gs!_w9hs@G1`uC|~?b
z0pQD?|IOTgHT_x+`D*LGvk#!}ZQ}59FmXqK*#`X9CYDC{bhP{q1~0Xhtju(Pa>QSs
zsTlxY1odqHp*H@qir?8p^#%DA{vP?8Uy)z(Pvobx_>KJY0Ji5<%$%8#1t3-K`VVDu
zR%Z5B(^Y?|o3ql<(W?F9*e{kSIvQE2;4?G6ZX@tofl19w&yN3MCZODsiSEUCKndnc
zKLg4ljTiuZ_fkjtXWzXPgZ{U^``4ug$gR`;r|bK#ODk>&=qocvH)^qebe5qW;Fy5p
z0_r~5UN5VXjk2}bi-tPDh}TNcKQ7?QHm^o#;sZ_qVB!b-zg*szCBIGl53cr4g9XKf
zUXJ_Xo(#W=Okcjz0v0RTh>8nI>)F!&HkMXM6`!6C(5Zlxif#^o-W0bsw!vq35s3%n
zcmj6&mkR-`eqE{x`0$zo`d9N`_xNp~ti7R;J;2?`ejkP$A5fZWVg`_kcO&BmRIC~S
z7AQK|+FBY}y*L=%A1(d2I^RFdc(v-^c=C%#{r{U2|8hSD`oFp#(=XThhx;-8d-r2_
zwduF}(J}t5`~9Q5_+QtS;jgv3ubA?GUD(Ww&+vL>Xhr`2Dsg6bJw4k0of2o(Km6ja
zInV#O#F>enf#GF0fUg<pS;51&X1tU*FaIuac7d%JQEht%2O7OqOP<!U+$Rj9b<bZ_
zSATFhl(@}yEB=_AiTP2(UNvEb#U-?jGLErlV}y~mAZENdS6vm5I%99|$pSYsW960k
z;O)7<^RRVub}#7lP}OW!KQmFgG(EjNx^%v+Q=wy|o(7$`%`Ur<j6#LV6~}=pJT+6H
z<Mkw1?e%!@X=_!h-P`FQnpEqP6mjy8xeC|rb)T$lLL;^|6tg6))ei5zkJt~V19KJL
zI-XC{_n$PhwBMhc6FqR=yPht|4xZr+?qut9Gy|n|JV7BfjwvPz3*BriFZ(-W9tb*{
z3|1yY)IV-m7!p!fW6Vi|NX-pfPC5@KYUMOntm|9?@dgik(smrZBJsP<=4n+gM}b#k
z9ZpoUJRmlS;Bhk#Uiy@Jdn-Cj0~2SC8Q->l@Prmr+}wgUsvb_5XcT##Wrh)5{dG!!
zBU<YP`BnZN`CDF*U*b>Xr^ow^{11mfK&ODIeV2EIw>CeT5hxNbU+fX*H>Ao)1~2NG
z8Q01W1%4W;)Ozj`>ubXHtH9U_5p>)Swk1{|=tg4XRNpl#jDPn|CS3h<d<4SYpdDD_
zYHiQN>Odvz!ZEuhf#P6fng9zY@+4uRgkPZgkOT@28f%cl`Bwj@2=eSXT|f!g)|%u6
z(Fsde5@p-^h*yVDM@jj{59T|KmJxK#2itfO6YP_3sLfmO8V}U2yS^27V0(_tPlrE#
zTC`E=+V^5U6`?{Y=llSpOsRjCDqwe!YNYYoOW@F9q9Kf=P%63pc3UN|vhpp&_3_zu
z3Q(FA6aUclt{U`BNO)$Ynfg?PczP1JtPu;K$~nmda=n{a)=gY!BQXI>3})Fd1A?~P
z_w4lk{-AJ|!EK48L!&|}nm3Qvo6YB$Mb9pK7}eLxc;_Cx%*`Sn#&R+|IfC?ox)%h#
zt=)fqN^4Gce6AlJOb3p-8B~W$UdlW;ZF4w0Lim0@wTW8FV{y|2qDM2OnZ27Jqxe{9
zGlDcoLKriAPH15F^X$gF$GZRXfki?SNR{u8YqExF{FG~Qsd88MW(D5_t_+@>CDnjQ
zLa!<;aHU2Z<Ituk;N`g>;wvSufx$)7bjpu~QS$2w1)ebijA~I0p;9r$Q5LQWH0>#E
z(Q*{SwG#xyq#!av9HYBf;{9S!6H)U-@|d7qtw!gr$mvk4@+Y>N6dY(EdCQuov!Ov5
zv$Y3fP*17$aWIEWV!}^BNY;G{C!QY;Q1J77iw6rkbK$0ATJg_8DGjZ!-9q90zVN4P
zdHmoAU-%TY`7~b)k8Y&#lN^hAx$b*PqvlMqI;orlF5(G%GSw%%ylKgxSv)Blyn`bL
z=P{s`qm%YNx-gNM54q#QqaOocB6KOrYn%PqUB2(j6Evx$K!HmE-Uml{T2vy~E>tMj
zd~Ualm9o^FC>-X>dCTlGO7DFyC|=a~m4}~XE!f@S6nyIXllYR&sb+Q=-YIG~y|K(p
zA!d6K{iS4Tc%u{~z2AU=Krry2`WYz&zJIZttp&O!-vH5`QIHmwaNV2K4@gsA3=9|{
zPTAjKuSkDQY~)3GOg78X(td0QLWmim!068Bjhc+CFm{T~;3oVz?SAilWNBYRfJk$=
zJHrC8*-g+kY&xFdy_+lTk1By%P7h(FfNn<8Q#G12PlvF@2erk0ZE$EDYp#NQ{}w#&
zv4sB0F(oYB3*6DOUyzY*V|jr_!;<$R4ik~a5NRy*HkR7yF?Z6+7*plxNe*W0S`EhL
z9#}O1!aX2WOy+)qN4+o9{`AsL5cU}8nJJ<BrZxuyjMgr`Dx-emtI{mV2RcwKU@K$!
z#nsfv5cA_Bw%Bz$nzt15;>Eb2PK(=N%b)l8;fz18FfW;WeAB@B)`zq8!;(>QWv3nn
z{i$j28<G^cd<aKVb%&8EOrq-)NOwr!_8fK=*4<$YF$uBapUL)+^V^)pauLoScAZZ$
zXozX2xDakz0t;;FoksYKAW%K`#{=?G<Y%CPCPWu<tIut*M)A+xmet5|gkw~Eb<&wN
zVs0(vcAVd7SV_kl`_x48?6PJma@)lBG?&sF$40nVj8wGTe;6`ns5`y^4zI|_!qAli
z)?~V+LF;4qYE?UqHj~7E>n9<W-$k2TEBVBfMvt8;#Ko{L5ZQjdpn^5z{t%$pGL*@?
zkvvt{x`H#iZGQSKC&VBKH!c-8c+eLa_<mP!zgQ=VZ$l6Q>^t%Mc{^->1;ssJy>2_|
z$jNmX#Gm-B-y@|Kn)FsKLDM4OrodVh=;$1&z!{MQwl~K-8LuuupeE%ol93mnLF8qC
zKjEZRd^?^8&ac*Xw+Vr_lFF^Tmk5!{8`>krk|L9HVpYx4^#?Z+p!?M9Olc#vin4|r
zN@c{B3Sv5=h^8@)58``^tGOs64`cDxcq?xbsN~kt=QB0Z*B9is_<Q7UeMNrpKarnh
z`Zw}-Cj$Yswq~Mu8!2eG66^RzS*sFc?r~1eiWGaC-9g+dgw_W;x8Rfn>%UhShE7$h
z9%-vB+{eeXVhLm{bV8MfjW?6OYegahWA{P_H#&hk)VPg@t2~ru^Cm4??BJ5E@g*H_
zCXT74^eT=+Gw16U&?QBsK>wPZ8~MXmV61p4KUE?z@Z<|!7X<9g!n_c7PO))k1mp6l
zeCJwKNb&8aY#=bYgZ%+?i4nxDBHv|dpE0r!TLP?`*cMS}Jna(*ZUXg_1jhLQd&w<|
za-~%}>7seG7`?C%J=GZq;W2-f{wZVEoowL88cLd?uf}f!CWmMGAAc^Ka&kLa#>?*?
zPjl%h=wx(XWzqGI%kt~q#3r8z^+0C!#Dnk@vtA|g)C4dZ@zOz8*!#fkok(;;x*79E
zCN#}UXKTVD%rfjq6OLD&Ug>-{q0ojct16Hs?vf?Z>D>Cv?ti8pBndUewMLXJI1h1F
zeCtxs&W?MaE-ZF(VIMQVe|F|yILTD++lN>W6?Q_q;R8v2%K9c|1Uo{sWln>vteAwP
ze~ryJlBl=sa1<(HIiOF_I0SjiM#Oli6`J2UgZ0+AWMlLa>X1UTZZB12$6_C}We8?@
z5vLN}PHRtHmyS`ipJGl<{@uIuHsZ1l{O@;Q**lvVotLab5^KoI-UZnhfYPVD%T09m
zv-7eRDZ<Kr#rHZ%&t29<N+vE6sNk(xi#=hiGAp~%Bf7tA!6cTa^<ezjeC7NYyRgxF
zlOCt8w+hC>B$MvWZdNC(Yhd2rf5PPw$pmy4DG1~j+Ibrk_U@e^WFWqK_c&vJ#K+SI
z>IWW^R<4?SCQf?U1<wAOsmS0^$at3k6fc95Fp(dMPX5R;Tem!v*Fui5mh1-&ViVj*
zVlr&Th+}*zn{jQNANUitZQvwFM@G1MDpqYnSt_AIeMxIuafp&iryo)5?;!lTT{nj<
zt*MlhSo|R>TS(A<Y=nik88v+eL@1c&9LV6AweMgfsMg##OSZ*=d5M8b3j9U!!Pi1-
z=+n>3Nf>T&dcJgpCfm*8GsXeZzC|~2Qo*duAkhXs5TWT;#<licKY+uJrENy#b#&yB
zm8<13O1kej&tubgRwi;lSa*?d-?+oqT|N1wIl6ZAhX?HYdzLTC%emSfE$Zq#sq5%H
zzE$QJc#>z^KZZSSmU_P4fs-wF(g?088Y)H|XQ&W{)uFh*cc@LFKCPt6Ib70nw%sDt
z2nBB4=a%@~#4Pl-wSky;oLJcvRo&beTWy}(eucay6j$A!tbAV@VLxE)F^fXd#19Uk
z=UeDoA{8W_jHp$bsPlLoSe7u0qCRmbEB|anGKv7hlbEj<hL{^-P_TG5Om+fbz&8%@
zp}d29P~g6`@kd+@e2Q6Y{6_)ZqdbfkG_8Kbj32S#9CTdXdYs2@gm$rAXLtkz;Y3=9
z`~+KOqJIxjGWclnrrnNtkBvG*UzN2aEyaC4JU&uLU+apz;c`eaXV!`<K`)hYBzzHO
z)T`!m^Y&*Aw21HY=s-N$6wrm^$)t+HImiMOWeQqWW?TYC93ckzi=EW<>kO>HC-CbX
zrN>CmgS-UFOTwU^oO4RPxe^vQhvrB})PJFFp>|q?Tc}EH>9+nkKe6?ev#GZ@pQMdF
zix9DGfXIq#ZcxXuEZ_q=Ghrbo+xn*y1TRc+HFz*BVe#Z-DbQN$_O~NZIUvaLK|f3_
zVz!k1eJxtyQv{jOqluv<-sHvs0Fm?96oR;|tCRD>8VN_@V88gM{)!cszJbS~2o$8k
zH$2v(M%*l{Hxx?Kvvsx~8g9RukKleP%R1@~SI|42W@%{SgxQrc#JiRcuU^)pUC<JD
z){Cx5r%drO#Jv-kFq5*?9-QD%<vj1DpM~zc9he?lIh;M|*X__k{RtHioNh3Ewb2r{
z$Qz6G!9W{ct~!(+;p_$ZZT=ql+g_1h>`&z93i*xv&L}`YZ`P`pjWO9B#QWr#_$c9y
zfj^UYlLA$OnV;)A`YiESSBi7Y@u0&oc;L#^&YAIPP4`)OG~dp7vTK2H9Jx|S(n>l=
zi}GQx44@P++?yxo0-LpJG*XzsLQ2lPdxpR?zbFirfkhg^(ablF-8mv3FqH5ObJSq(
zNOv_DBd~n@(%i78l)m^*yxhKulW3UxJMg1xdbS`0ynHTexW8TE?d1mYlS)K{jjCf8
zY&(DWH(p1lpr@s^*)i%EIO!=`x%|gAmZ8zUMho`z`PyZYnppC_F*cOdwgt^E9d(UE
z#LX+POeD;k1>B3UU-%4-`vg$7K9b9G=Y{MRRJ51i-Y@dZV@9RG@rzCM;yZ4yPT_*a
zA?`jDHJ7>&BBpq{=&%G5Gp~@%V}UHb+unrq(CE6Y8Q#TI(dB2bs+KdN&vY~OXR8U&
z+5O-U^Wj#`RqKe}ZSt0Qpo1B4gDGu;Mgk(wwYsi{8b%g<Oik~^jVp??nt`?WOs%mO
z)LK5+JZvoyAdmppU$5z)8Dv!c-9GP@!!hMZRH5)u3`PTi0X{UZuB&g45l(w*f3YhO
zq?M%^*2I)&x6(>U1~VbQeL+F)a?DnG6dDsDG1Il<TZi-h9*semMyj9nplH6>&nMqZ
z%bXN$58bl&EAUWg*i9}Whumvv9Ul7$DJEUS4dRyJD~Du?xQLziuEWa&Q@Z7#>n7np
zV;$s%{e-|{;U-OlOe}aqyAxOr(Jah+%_~1nK27~(R%Kyb!5Sj*pKwCIZlDsQeT$EH
zzUx$QzTyN$i*_>7J?ElX?R>eYOQbR-Xrbgs>l}VMd{OmbBlPizHoFyT@j6XP^8~!J
zLaKjzXuGTZx(p503e=u^m4?OS>BjaQV0J$cNrzlR1it5(juzJq<~c8T&|bqQ98R-n
z0qq+d6dlG$C*0FGLsy?9to?j4ta0!r1=q@vskcMcNDs=x<&j@cX2V6ZQXS?%mD~Bq
zyWmmlT`*!d@Mfiyn%+sk?9=qfEJGI#_g4Db(iCXiuyVR086D6<`X3GEVy$9(M98qi
z^)qh_$PTP~49KoG%YHwR)s@>v<}&B7=PUW{?kag+^2X{ex`d;dV7`xrUSEpZr1yQ_
z6XZhLMf|@dvR@gY-^|=Az4XckDmv*q0tmuae(*oCoBxHq{!Qoo8;X<R*VKA{r8r-g
z{K4S-lTz2jXLx10|4MPbF8OWef1o&j+4I}<{{^1&h57yOJm)XE_J!wsUH`{9{FN*I
zf8#m-N%;Pr3h@7o=ls<N|4U@&|CDQgL4Jq7NB;I#<QM%D`2{$CBflg!K-uem$k@O7
z${$zZuXOnT4Q2ZO7d^`Oi&+2Pp-0*N+9j_o|Gs_xGd;@4%EbJ#+h6EW4RxEXuSnjk
z>(6|L$aR(b?dfn35L~LxA1xWunduN1?>no=Q#n5tqndd<#-GtDDz9*9C=81*&{2I}
z5LH&4J5^?;EwBH;O>5J<JyRM{T25*6vt()eyw9oT_Gt6YO!0#!75ZiK;eoLiU;;?*
zdy?C&i{6wGs6@44#+#4+M*gG<CWNx}Gy8)@c=4C}gOUSn?L6E~uH(q%422(m-0nlm
zVmzGohDUB(2pEzyX=i3t8v5b+aC6^gc;D^!NPU_+etYu(^{k4w_IOV_c-XLgXH!Ia
ztUIdH4hgHZB$WyUyOycZp;yY-Ci|0O-<ZKF?YLc(q<Xoxm<Ac2BRjQrVQkDOe6!u}
z*&Y;c<x#3=$-PZ1=Xow$XM7A5K4q@PA&#aL)5I*DYj$O2Wc1;p%?-WjYi;DIwoU2P
zn^dxfwRTn`@-rzk`XSDe4YHwS!=^)W`@R}NUPBgIEc87o*i`aKS)VM%17;3N42b}v
ze)0TR=-~t+_UB2vJ~v*F7L2WXLB~mi4GBYmK%(djLp{cPWLOB&KKb%^7v2tW8p7xw
zPSZ}K6uT|457AXS4Dlmj<nI|vLeWx{VAz;2DPx`HmkD@XJeMn-?7r?Y7t62KoMvM#
zBB`b8);MI^&o)#{mJex~uI7DVW=t<X9Uzn}PtyIoXBrLr?S`{*<W0*W*q$ZjgJtQF
zAoH-EeJ{pS5e`&h{yrEdTiLUSVbZlwBaQDafnB?)Rv>0#snl`kxj|U9rqcb>-E(dM
z`~258#Fv@mDcmsk{@gj!)j1Ub9Mle3;*4zQx+7`ad)>t2uKW=K$q86VD6U`G;5n>y
zcOno<?d9!KTdh9ov?`OJ<4xlFc%N@rb#Jnmpt5Oh-S(Jn>JMLegW46`Go;&cWsbUK
zE$kbfP>%p{&aq}sQ-zIwbd>30O0$cS|18ilB&|`g*BL0Gim^0daI^O$n&oUNFC9TL
zGv0-$=8sL0JWT4TRJk&tw&Fe<1nwyZc3!IS92&}fE3!0W*j>H8KZhyL-kPf&x}NX!
zGe~U}i2c2Goz<h0dM10bme}~sBS^>CcTCyiK}NatU>3Gu>76YO%it`(YoLN$-?bj8
z(07sTP^qTlT!TiBRw}V6u^99dtlp+A)X@6y5wweVT=WY5s2nsO2h+Hg8-w~0N}mqv
ziKCBfzdL~F+n!|AWkJRhK3?VtD@~6~>JifH+ur*)cXr6|Bb=1p)d;DaP$erXH3cTA
zmxC&J<eHnKa9N{3P*<~t%d=v-a4plGIErCoO5$OkU9Np?K`(?fMIyl*sDXhJV(snh
zH)Oj~gf9w{gV9TP?`3SSIzxb>TmbZy{=f#5fmccpD|%vI_(3e52o0vceg_m|w)3l!
zX5~s*@?~>)Sy9=DW1|)tjydBC@`wLD@^`!<zsR4+FM9kN`3C^V|HMG!^$ogT-@O{Q
zi4eX_ldZ_)+pOsu?XfSXuB!3o*6!-6OU3D+wcx1|bW50-AP$fg6|MBr1tFs!VrJg#
z9{c#JHbdr<hsAxC-IwO5L^%cp`wTR7<cZxG3apeDY^M0d+1XW#3h|>m@{c;aZ`IP?
zqU}p>;F|*t^94vtrbH1Pr7iVK)oHQLoarfp$xK1tW|O&)=}jIrfU?WZ^w)}DrH9#m
z$;ah?cM27oGUz!+1ZC{P?XOEhoouyrMr(@pe!m(#|Kg~bNEKMyLA}CU>OJ|;D4VPv
z<z68k>*S*CVifQAQN2db;g|!1i)a-`dY`NueY`r3waG-z%2DquP@qPjq|l&W7$Z`2
zo1Hu{18}8uu6Cm<@cdAqLDvQscYYhznG)xYQJ%zie9J}8$F^p_^8+CL?Kg~U1c_wk
zGo&-~vHg%B(v#I1@C&z!yY?5MX#s-qEbBqFCH;&l%hV7G3<*qRXj6DHQlIzz2pZbb
zho=XyFi+Tmvsg3lj|kuy5NwwfJZ|6hPx@v>5Cq4I>a)Ai-I*D<Mg;I*2#3xh;IQ^!
zZn89h$(-H5LlUT7c1y-3VG{QOvNyl^%-u87gm_KnT}Z{d*2B|mIyVtk$PUjqY!9(!
zh-IETAow4QDdA)JCS?o}v72Dp3W+)2W?-PcZ}JTH!W*9DjL6{Z+SQ*AANA@znF=IW
z9a&)uJ)E&LwQ?V*G}G97a^P|IIo4Q5>Kw(c;OE1Kf}GH10^>SIN<=bo;bg?xG}w3F
zSF#7IE`^WG7wi=eg-_oDrJfb<q-Nh~#(^_C3cxY*m5bLUO^DEd$4%;qEZ)fM8DVpT
z1;&+m)cgjr@c={vkr48@31T%9km|mBXwJ`_C(6FsL-ZxQSDp9U_n3RV>s}NRa?=4*
z+@&Jvkn|QOiBQE5g%!J7x>Qu|Wc>Kscce3{d`DEdCs+Z5Ii;~X5a;=o;KI4u9J9K)
z4BNw9C1812i)MQctPygQ_7Ka)!5xu#zL`K+Z~Cufs2M<|;47W!@~`RaDk3@PGv!He
z<*eu-u`|U`9QpbyoIGVciUs@SL#inhr)ceGqzU6()^I}IP2m<{1L|k0DWFXR3=cRr
zLpoi>N_i#1g&|{))tN-sVJwjEBc$_{Ez7Ibs^NC?;HeMji@n6JK|icF=dNt!*q+ZT
zHq$POxiC6t9}gd<0Gm@GrpA(^jL17EYedNeopi}etg0Y<&l1v5G(Gc>cYa&$2@Z_c
z5{fgYQK`w*Nj^zlB`aSn?GzBJo~`MgbUII-&*p#tp#@tu3nmg7(s09xClB#Zh!|W=
zdcC(-hNMb;e0qBH9hxZ51Z&f>b5(Jsty7cYGox|QCgA1UB1Tf#3CD)qpqg3LR60DG
zl)iVx1m;>U;yGCBSNcTg{(c89K4eaV5T>4LP)w|!0aV{W5;XjET5zsac@i$GADS=B
z2)Qu%1HeD?>Ov+#XQkD}l+y)QLPB)`M>C4vP!4&3;6=k`S(K4P7XHvbn@Yt2`|R+8
z+Ro3gW!7aP$=Woc7;)yy^c}AHG1kq-)_Et|;Oy`cV+=O`elP=?b7B^z=lt^Qd2>S@
z1DXJ8l3uv2O^Y$-7Z0)@lBQ6B>lhsGB86FKvf{JBj;cK&BgrIu_n*ep3%eZFRD3$m
zY8R-(BH;#!b7zb28`>rKQ3Js#6j>b_{0&>Cwi>tN%G_HZ6KPgU1skk1Ohh1B+x4f~
zTa+p=Xfd`Pa2^>+XyGqRO%EC(HMg20DEm`&ms>lw4^h2aob7fNnXZm@nmmIXY?VK+
zZJE;@K7R7rfm)}6C0et^B0utAW$0L5>FM%d4;}LqT@?+e4Tm&?-luC2Bm}~y3;e;`
z=PB03Xw>aSgB)rmnu|~RhQu?=(B%}Q4RIsG`d$b%5U5k65R`+3b9yk^T%Z=mo3r2r
z`J?|H`8!{cU-(btm(Kr<{F$3TKqG?Z7c&JPm0*w7%LfKCYMmHa2G_)7%nu|qzB>f2
zjH>DP;Ut>j+Oq||>lhvQc<5{2tv}*0L}sYu>SK%`zBpH5tBww)O7sQ8em!-xr!MW*
z0hcdT>QdWyzhFwi4|2NP>R9nZ)xx4l4o--&0}>6EASl;>DK?x_)+gdPr1yxkQVMjX
zF0o1%#TdY+x<{xmi8NZa*aLoCXrE7&3eWM<+kv9b1Jsb&HRN-!5zs%k8j8+e0ySxS
zY2NnKJI^1V8uU08yS$IrtSwm)I#Qf01)B~VO{*Tg+zh2+_hrG9X}O+nZOCWCqUXq1
zKv#{-)8BgMg9QYBebY05Afa{|C=VNz^36JDa(2ZljHur?l*Q6he4z**!h$!GllsVC
z<%gJ;py@o9dpz@o6EYLtY4`*C0%N*e(;iya=1!KWmT(DTe2H6^J9YcHG)PS=el6w7
z7b4o5oB5eD*bwfa)Y32TP86<B*D#Z##swmL!F%n-b^U5yyJ5L2Y{0Hc&bx!s=7w}|
z7T-}-LbH*Azgm&(2qB5*thTE7!VTFZ()KC>-i+xpR{?ESeOUx!S>Et6I&)RM>eOp(
z#a57w9}{07m(97dh0=)wC?UO}W%w)@9n-ISWI#8Ja-*E2E@uKEUN2Q2F^xR@-5ht#
zcOt18!WNScB+u@-e|R;V1a}6UYW*ls+q+Bh{fP4uwCJZPosD>H;7O`Bf7!UF0L0RJ
zM_H|7NQGOU+a^(G6NHoQsNRSIXj+eBL^=wda3RnH;K*1?KQ$9iul35xNT+TF_Ov%o
zmki<87a-2u+MNasXfTulkR<&c?)nm2scmH@Y$n|7dtUnY$Xnc?Rm+!w8jK^H^B&)w
zA|66Dpy~7ct_@j7DGmVY2bjoXVZk<Ch?5Woq=Q`ez<XnObaBN=qYxHq390cBeznKB
zi}eW#>@kpTc?t6<Acw7?DlJS&O(4~ibmeTbF8)=ccV!h#n%v}^c2Gm-_jQtE`cFNF
zasA;2O=T^l9Ywh;U0(tc*Hc4!j~a=B0zJV5+AZxkjWrS)qMeH8?`haolmhDVAdA^S
zu3~?>`U(>N;9LChrao^9%WweOe&lgdKhd@~N?o8qTuFn>i<Q4hFj<<u%R*okxX5I(
zid`EB!XO_CUU#*;_U<iT%ETryjxmC$Z0w$X<JD1xBA9M;b;nP8+xlEQ%hnY1LN*22
z26p%D{l&>1NWL#ZbhTP6J@+g^<ZGiezE|54khd^49Yjf=U`Gs!3U-wjbYet*V4>*{
zX3B(T5t^7b(Js_&q7AQ2=gPVQJ04FUTE+e}-6vhx3y9~y-9Kz~9iyWsfuV1ru>THi
z)cpQI!Tp9T+@z9o4(m830GyOu6;6av!FRvF)Ncm$(!UBhK3K{{zp0lquW}}GxXaT(
zJJ~>*NzGM%+xiH24W70g-0AaBSSSVm$s=);Mx{t8oGDJZ4fhYlro4vS6|7ZeWFa9h
zoolG+LA+(E4`U@;bvEA^q2juR<Pm<DH+0RPvPD)n<2BJRab>g~l$!l8RY$J{=M$uh
zu;*%a&r;QFHaPsas>jPWB#q?ixFLTY)Cjpjt9CbRIU+<@Q!sLd6MV&Y?E{QcKTPv)
z`8CG>maq0dOyBxn=OXy6t!*3~H1Qc<bFl!~kN=1A6adYN7dGr)<irc|cmF-|cfBJ2
z%Z#6}fIqlSHsH2&A4S#Q$gfxe1Oy-%Uz_~D5xHRhgW~vWqTGL`IOyq^UlYgvLUE{A
z*({17K1KKX%*Qwr&))xZ3X1iOZOK3hs~5YKQ%*#PtO8*($;i7GzoxY@jzZQxWHLwU
z);=B^V`StUAA#t}8%a8CegEi9M>Xu)E`hdfK{uS;4qoGv{ZSXIXn}>M#*-5xc5*c3
zVfqL|FiP${9D7hQN+gU-L1Fht!hL64o>;4fbM2<dvL$G1_Kk1`VdG)z5M&5m83BGw
z>liR*!}@(^4Dr)b(T4LGkDK!`)m2M@b@rfVTaMd@xSO@FhZWW)ARN3OdcevBOQa&8
zRYgm2-Z0N3+X^b&O%0!y-hTzFD};BF26EiTrlozzx}aNjxEYW=A<OnULS0}Xu6)|@
z-o8#iRx|dNb^X!1H?kDxrBeQ2zSmP{g{~q;y<|BaZrC6|w7Ge@_*FrTBA;cu=36o1
zC+2TMSaFmxL`y>HE`xQNg+T=p-<Eu=Q#F~>MBwtfia+NeiFX&5;3wlzl(JP2+lJA5
zljr4Y1XA(`u_d~0z0Z%uk`}<vK(Wz~Cb>3vTZ>XIubp&T_{Evv0dt|O;G?o0N06H|
z5_Pc>3>8y?uqg-IoYLNEl84;~COd6GtcAtMXU}b<N@==|BJQz+W6U!O?an=rrlkAa
zhCY6YL0fpKBLW=7ksDOHn%+-1UEIR{;~x|r#5`fsHNT!n;zAk4aggFN?R6kAZ8Jm7
zA?dONoqw>W?k6iP=7HT~>Yx8KXw>$E^M2Hi$VBXJ2x=E(gP{_hoto&{e8kL*J#qI_
zqpx0W6B&(`{SZ+RN>ahM9EEj)Ef%$ufZcU#<Ra+gZ4%P#H)Zd;P;Om$+gk_#GfU<A
z>s!3J(!*Zs_EAL}clb^urYg1g)qQx`h{;>1{KqzShY6P@_rhXbrs`a@ULcT9o?=P}
zi#p~M9ao~07pS{Pska5~#hxZzJmVGtXASX`RVoU!yGkBte?Zl#w;?#q&JsN0x6y<a
z7K~3N;T~{X?#K1!wHSFF8=PHaIHHHQh*LqO*rP)~@_i*Lv>zbw1S)zL<7$t#;5Ln9
zuQLZ&8kME5;Wi%FRu@dP*66GUBF~|>kQ`CC4Q&ZN?~bI<lR!fB-q_~cC4NhRci*LB
zX^0FdCg`>y1;PG=%WhPOiBjzsxF6?S3N;WSqjt?t_bwxSbv{EtIEcsTE{_<8l-EYq
z8=2l*IN&3)x^$C!5tRuV3Sio%$on%C8=XUB_$%P`)GYIMu^*Era}la3Q?97OxZZ&-
zh=<oH-#nVfmx+;Ryq5(bZsV@S97bjd;n8AMZkJb}1GvMF(Dq$Y9PVu0K?5#b%7EFF
zNly*@t5b%$;uI?iXN*BfiR0dtU~6j;1~kOqE!x@fRCoD+2cc1{ggx6V^F_~mW{qCr
z>#OBu7XVJo+ILomyy5i;9w_|xu>RL{)8B6#q|B@>0GZ4Nj({9(fVvMWGd>F|6AcS9
zJ`*!54KouyD;*OJBLHv(6ak#R>PucTtq497E&p$ZpWndI%*Gl3gvtuyFMnjFj*hk*
zw6rcRE;KG?_C^kXoPP@%8+#L4LmLAJS{DaH6CG1WD@z>%QzvT+BSTv97qub9zvut~
zvbX<$$d~lr-z@O|oEQf*t|qH*Ze;L+{QZBA{N1m}FZd_&tHb_Ae(DP#pcnn6KV_AE
zePv|92mAtJ4d8hH`zlL}zg|WCD~$cW1R(l9diS3%umC6aHvx#5`M+}PYF4sKfB=L`
z{;bElh`Mli?=GuMOjbJ}o?$xpnPbx1whLNCaD=_EmUsVYXSD37SEjXd1z3N}Rolfl
zYeBs*#3*rmx-`7io143=<l=y&g(P`e-R|0m<K8V<dVE^AU81yAt<6m^I(qG6M?aB4
zF;ckNFgf5^uXtU^oZ_v5@z!LKsv$Ejck;0*3$FB<T{o&x_{i=S5-FTFdzC)}ii<xM
zLkms}hWh%MH&=5c&!an5sj0JoE_X;r&v|@IN9+x3>LUwortcU6?FPtP5(TpDM&Fk@
z?E16=FNctVa3duYS^%kTsxP3D3>G<NfQ)Ly6^9gj5A!s|saA5YCTi5KftaI{fzyY)
zgSqR*g*3?!!5%TYO;BOIsc|+fc~A3}zYgv;D|z7#B2#SGhSo|wJWv9?x>XUYPB;}K
z?dvR|YDTjm6wCM~tj9|js@;_J*!?V`I6#LLnZ|)7^HxOJ%KoY3D*QYNR6O$33++e)
ztsD$BZ~Rn@B=eI9GOTa>rhLWV;DROtJX3joUP<_p+_Atpr>^At#4>=Y<w(6yZH@x@
z$%NeQ1b|JK%l62ysd1tYbb~iasI`8;A&LgF^6x{&v77bICMch>xN(nCqtwU#a-zpS
zxbZfYgP)D2a?=JV74_pRn9&g2oRf<8_$F8&sP2s{Cn5#^_X}q_t!ELrVND_}&PsNa
zF_Tm94EeA;chZbK@_y^Mqw62f2I3B#U!#f7yU|9nf*w2He5-YQGN>#x>i*1>z6%nq
zUNfiFxShaRfg+}0E=Nu`2v8BGoZ#YalSao(-fqOl!&3UV&%Swjc(hNi2fqvS%;Gl#
z(oCQ~@kO$exfW_UA@L-f>`QTFAg6ii;zc-j6j!7^B{ga$izntIaNltrtZ!iC8$HxX
zkB+QE=a1#!^tyh6^*PVZREK>DanSj(Tt`enRHPF(YOEbS1a$Rp{DQ5;-#^r2BfMSA
zaT7qUrB;UB89(K&!p~)XPxXF7J#ZFO7RtSn6zzR&uqWo%6&TaL;Ln1>q@2(fp__h~
z!)&6+lLhBYSr|w-JqI~FBqE|6Jwuf%SkrQAx0mBrQHk&fN{Oc{n5#OjS&VA&-%XFb
z07^x3YhSvxtJtHDO80P-DmJ2KBYZPDle+KipPR*qare?N%ar<-u$($An{t*_D~pq5
zo^Xpu0g>#3+1ApKFT@r~T@=I{#_N1_l@|3k(o+zNiBf5<BepQ3Cv3HJ6A+u@Il59h
zG_-TB-b!StLa13~bZ4`o)wc4=>yslyT#2x6r_$NVw%b>gk0iO(@?BM~l#O{y82Zdw
zs@gEC;y&{lf_8-NYAf1lIutRl!2oo5xh#WkZ0a^L*?C}Z%5zBW+YN~6#f?>yC;3eW
zhKOBVoj#=`f5kQ_)va9IHfyKeec%Aav!kWEdc4?(o9vMekBb{|5+GuanN?2x)PTQk
zWhXY`wVy5IIM>$6bci8wqh|cXd48d<{OJ}(puW(zm28_bD?;Yl>oO>*LeOs`jijCy
z363!Ota|)MW(dS~z@+6m<t|21$8JkSpYpk}TAlHPw2ObFxi?QDDzu#S3-S;BJ@WUw
zBEP_&$gkb;8~Nozfq+aRG%vs(8wWym-XiCJEWQbkFYG{<Nhl#eE}`jyQ*N$c+4lF1
zlWgRv5DmR*giu6i3ZcO2MMs;4GxBSqfqj2l#PtR12|`F20<%=l+n0bzP6HE2fLQ~P
zBPy^W>VD@kxPGiUAgal2!{nq$AL>Z1u14sJsE;nsKypH9uXdkNy)wH~{Y~Wo`63_w
zH-C&bblh<$=PH`r3KjNnpE~Gf<WHK~R&Q#@W_d)K5Ozw=S6yOTMkB0R>9xpEyZukU
z@86;HgGAESkKeO{T*mq?F0mNiXp!nSQEk?fO{@qX`rj=@U_6x;&FCZ#<XOjLZ>{HU
z=!Wl0;s&}l^@0`-w74`KWjVR)zMo;}BIoa9Gg@{?NIBW2TJH_0y1<mMRD*7K@<EZ!
zMYm4m7-=z~TX-5k8pD1DJ&*8x8jQj-D8QexeVC7?hcU5iZRq^+%{&F?^Oc|f-q9Cu
z8oo@;VO}E)QJ{Z6aQSbQfWJceziJm>L-Ma$LVPwrMbkg(=~!OMz-%mS>=kYG42%Fp
zY|dr|M*qj+0Dlt>>F8LP|H}+JhnbLCD5CcRqoi(%I`MPwXVqd!)PPXIKWQND;|PJ1
zhx?L2iJ@0blwQyXyB{kElTQ^u!xUHbzpqz26NyTD$To0V8$McbYgsni^w~XsJT$Ss
zO5ICM&1|_{Ikd+B*Q#-GW`BqA77+~-1rzx#4jxwWJ2Y7$GLk`BhE-Cgp%vO*?`Nbo
ztEDKAasossFc3e!6D*?;<Y6ZSI}kOQN;KNV^ZnK!O(NLMgBF7y9=@^7JouIM;|+!5
zMJ01JtplG5rgL*vNLqwh$_}>J3DZ`IUK_zjY&AG4he4#+4eJ0j<j=jM!DT)^K&Zf|
z#mLXOUzh<_JGJ<2daSs>$&zihiKR}FW<OGCguH4!P1yU>^wlSy5!&+YZ}(TX4qW0^
zqaPc}w=!jA^5m?cRh#)np%*k-F|1yU#b<+jKU5f7ngM#1U~yW^ol{ZRY&dp7lXk31
zj4?&_cCwYM#7SJM$keo_l{;?w5~uLsFj&zcMrrJH<W@;YW2`U{HAFFFpq%^W@pf3p
z$77b!(V<Dcu+|L~+heRt#ghO$`O_WwJFI|D-|89e9<aUa--0)EG59>3?u}pL;)U_n
z=}Y>JL<fhtY&`W8=@wchB7gKoW9Tx=q-c@AcR22fH-Z=tivq2i%-4<K!v}P+3$T|y
zhGUpRXO=xRZXM)ON19i0WMM^jny|qbmH7AFhL}6&s0}Hcmd{w69Um1?;YtE(YCI))
zG;1|Riv7tUkxlP$rH_c-4*h(K-8K!o1U?HMUQAq7O&T;2e6sMd1?X$*Bt|@B3cc4;
z6c7DY1vtyupj(a08x}PYsY$Hpj;HH=E=-rJ%$;8LiB%WSky<K&rEzWdrw3upxzO1w
zGBWlRb_UTQq;=1CUxN!R|7G+#Z#TQHY!h0{;(1u;h1B?RlPCqaKekYw2EW#59T(S!
z1tF?NW8tg$chiq2Z-vk^z~Le8Bs>+t70aJ*LY)=G7p(8{q#X+0?S64a(n2pb(P47m
zd5S=%6{UGDtD&^WRk_Qqn66pN7B#64D<=NVJ`4Au`TpT{c=FiBV##<%1))d1^wDUR
zXC`*A{2hvXlm~IV%HdSisAs<5;SMVZ_TI3^mYa(4`t(n^1smC{Er`a`;bb4Jj?0Kq
zKLz<wrGa&pLKfJhlJ3*xTgeFvf=`H`$?+Fne!J|!wTw!EDpgp5_;tmQFUY_4_sHM-
ziv0Y4BEO--Z{*(^0Py@7SEAfLr-US*P~In<`?->ZNmFOFPaxWyXFG};nA}awk6-X}
z6LKDNyZUFMdQ&r)dHGy%dadnq-jEWU($2Ja9_>X|I}jd(MO>cE*J1*E9TDm$$eqx*
zODMp1%)W@mJQ@0`MF@CcXwhFr?o)c6hp&-)r%j;^ZsVrr{g`S>Ha6FQcH5&0`+)*y
zW>`_dcix%DrR=(uf!d-Mrc)5#rpD@WF~m)_Y$>|r*JOJN=?#u&c{IB!GW>A2MvC7<
zqjiUQ*38+x&c@^}$hX>7^L)SLg16FsU%7QC?9HAg)8o|lbtilEdu&uYVVd8#q^gZz
z|2)e()?k5HVhh%33GbWzCr|c@;kjdm`E`!%tIT`KS@khQMkEy;4*MM*FP$8><cc+e
z;;-5|O+n02u=T?TxICMh<~Q4e)48x~f?=5!U!_j1;O@*@1iv5daE|M=_90%(J@Z%`
zHF2q$Uu&6(YUzAFIO@HpX&lSW4Y+ty<tgYe5LRdnER09+Nv@#c1<_7ffW7iOinAST
zz53+dRELa8D%^#4AwURbtuhu??A|I*UnraQu!ciKJV>abYxP~sz%j$RLN~)+pswkq
zwSS~5Hyo<NGo2E!&jimdYiX2+RtXI&PbD<B^?cgwlcGnqJbD_pB&TAORyw|Igiq3L
z_k<=kCkd%amRM{t4o`(Czw{uM0b})#XXWtxa-jr{ilA$}233MMYMVWt_4p=rUqHfD
zTuy3m<v!;5W-Er*OjhlY-k|EV#$+7RvNG}>I8DgR`Y4lFk0uZ6ezOALuSk?<!yY|f
z*NwY}kRoasPxP2<J)JztD{IlP)Yq1y+O$gb7&WJo2<{Tt6{gV+cuB#yJ)%hlvv|DF
zGL`6TE_w9V0=6hIImC_;uM6`!VEtjfAZX-ej~_G>z4Ta@6JNIJ{e|tDd1MRvL#;3}
zjV^hC9zk~pHZN-PBRyLl13#`C)!Lz6?&)Kl(N#<)!6j$6yNU2adPG&*-m3~U;kv1@
zsjCXZ_bjRmJA8)RWnb%}aNc5b8#e41DaX)Ej$=P&)vpv-9KZ~0#2pufo9e+{&prI8
z8fg%q2-u^2W^Zp{2$HqCBLpR2-^-m$pYv&SIJ*1t)CGI~sSK@HWUG0zd%lj9;}GXv
zK;*1SvUH1?%dGpIXgjJ3Y1#(Q0L@ybmp-v<))dNI|0qvIlrmt6VPzM?H2C(<)q8LT
z5tXOzA-x_0-l=P&^4gw0N?rz~ZPk<D4UK|$f>wHvGuuEep2&~susW>;`^2!C6{(wr
zS^RD(=4r$wTsC#cf)^Eg6+7`x*tjiyh)QBzqy0qiFnG^*OI(=f`fFi01umgG@l!A~
z+U@mxdbE)py}K|fb2zVea5?CmkcAKA-bBLNT(khNx2g^S`QHi=ecRD?t{!Bypoh<>
zry&}KJSgqP0kO<&BC7)=?6U6Tpy!@YSb}$~8b%G=^;jJ|xEHud)qQ|ugA%<_oO4Ny
z&CiqXGi%u$H%EgtKm8~Lu>EVl=+kJmo<8(NoD(G{I=Tety4K}%s6fTaf3rLK*>Q7!
zu8KgulaTcU@VE=AN2bV3{P+*cRE=ZktSa=Y&mti(i{&O`(L7#vhx^lOOD!R)<i{Cx
z-!e>tP3k#=pRXH=eA;E?KBlOHw%zE2#llQN4Eq+azm@QSC~LE@U8N8;s=>HxA4yzn
zo2CxSCG6M)#whP=PK8y97Ql^;9SD){Zakc-<DBSfib&WktJSnfgQ}zP@_EGOH$pV%
z?GJ!t{;>teUp3NpkKoLSm)d6;8v5F=MW@3Vc#rLsC4#n@*(v<Er9Yxy!|EL1F5g%f
z0z{}X@FB?P=^(>h>Y2a?5I0!1awa&C?-ueF2m!93duM3m7e}{-T@r`an7gjKQrchY
zIy*q_kp=juKEELU*54z4-z)O-{fYeMq`#4W=>P}_y>~__Dsz6c3lo<;ry|Mfi*a~w
z;amAjHE*|=rYVmb!;HP*CTJTd2(UTav>N+4DLZ5~0d2lhpra;y4zSr9sB%t_I{b0k
zWAfTnoAxrw?2+~+1!o|`KvppR4N8MP&<ysAOiC+WlOSq3*+p&BOj;C%l#LV0Lv*>5
zENU}mgR05MzF;{9omuddx^I^Ko6<mv>2ve^vcPQM)JXDC1;?<hT9xz}xr8XySb}i!
zb>H1e-{tH~oD#dM3rGOV;kX0u5K@R@Vj-+{1{0705dn^L=`u`}W7wX-DM+mkxsL-9
z>({&v+z+o6hP_*3!}u}~L(~Gh2y514d~-_g#5YDIKUfaM2;@;%w@yZ7Q7^EDS3z7q
z39UUfmnP;>2wUENzMj<1jpxmM4m$|1BlfxHl+w+sD~F@2(m1Y|C9YV7Z(VM18x@=1
z1vtAx3EV(@8cT(0Nr9v=nWhAbpmkMMZO|poIHQrjzVYca$ULrF;t6oiV(<my(zn6U
zX%^$c*9FerQOzR)QGE+lFUy3RV9*HbwAgZteuw4XgP}*v3&hnaNoGjbqn_ts8D^ap
zDp5SK7%%}u2G|%3upbm{)!RJyH?uNGiF6u1@HPAQ-L-j*{AlU)VDI4^(9L=U?sHv+
zr78L@7|}~a`Dt_B9WXHAO1yMf@I<p9A-13y{DinsvG5^&ThFtwn-^-5HHG1t@#~<q
z5$ZcKV7|h4g?HvvXWE$4Y9m00Yig2W{f_00X$7lD!5RrmjMBEKY+wzIKJMdq=Mg?_
z+&9=iPCmEf88;e_U6+E~1RQ|*V*`C1KOIS}BDFp!7o!8+LNzA+HHOD`h5U|;T7(QY
zf~5G#q-rW_Ml-)sQFpuqEroiH9ZD3gxO$c&{RMNNzO2GzbrHNH7@x?J6)GrdHk3L4
z3U2BG?G?U<`?<g*NftVxN1g5-FjgMQd-DomVE!%>Pm*V=5)esdZqqg94uN^f5Y8}w
zGl*EtdTDe0%?6ZP@YTZ)PQAt5L`jk{rnxOfE_*(?QQJ|lbz+q_#=5QUqTH`u0|j;r
z<W=3(p74+Hu;^GJw9+)-L4hqhRO~qhobuG34%Fba*AStys?C?|V#&f)Ff)LXeho!y
zj9q@YA5`xe4CXl%A_ZU-a#>%*m8Gq@@XL4`a2VS-NrRq$JeNTIJR_AL%ME<{>)*0i
zJc)Go<qYSX>pwPlc2q!)A@mA*MHP@P;n;S8U(Kx3i0S;}8Oav?*VqEkAC0i87pOn|
zL{AoZH$V85A8KMWbe!XN)YU&`LIV5owI;_-sm6bwB5sbMD))4zXER}AKIIb-@W(kS
zs^T(SCvMOfOK<=+adN8Vd44#z>3Hn-=osk5$-+BWvb1D!JKH8#EOd2iJ}q8Iz{F-}
z_2ByO4rjA<c1itGAs!hG3fAXhQuO@xrduH3tIA$MoYpa5^5nv>K#%k(f3F(1Nfvhm
z%T|Jyvsq;@yhQzMuMm4@S%5g%zj$zx3##@s!Ed9Pp2>wXZ&j$tN<rzAWwyU>-9Wd-
zVi%&qNi|1CQQN?LedTyKZ{3yXw?o*(o~ogNrIB{v)->>JZFN8H^Mw3vo7J<tp{iX(
zQ7|fg;#f%04tLY0wBoCX&>ak*11hA1bdVYn85k8zMpB+;RCPo|g=4LtPeJJz2rnXN
z+b3ow^`V3gU>Ri0?Apsl%&BN=+?CbEfzy*@Gw-O$Fv-9I0vk<Z#it8ph-YvrZFtlN
z<Wdqa?nha5KnKO`3<pf^F7~D2NmHViNV7ftZQ{Blajd8@STVRa)sSd04W*>(Jpp}$
z-0HczTga}yzc4UuOAnpZU`Zcbzi?b-Fuj;n&hmo%dw-Ao{jbQ+`zP|-EWIK>2GD&v
z8X&9l_IyBOtZR4@Ho(*KoMB2aG})EVDt&xluX>!Gm(`-O13PATJ-c1648m&s=Lf|?
zDLoEoyY#cE?jTrU-iH&x!n&{iGlW-}qm^`0K!xc3fa&V2LRAAbYQp4G`ZL$b=x0<d
zMIzaFUIuBfjUGO7e7<-*3w+HZPd_=UsR?M@Dyh0589J3v<-Q-bx;c0>F9CZF>dx2;
zgWoP^NPW8eQRZTej;b!FmCzs}@25nirdNd;-Yz-;R3?ftOJxfcfitbhtZdZy5TK?8
zrA8QL(C7F*AmD*+9J$G}y1JsaG$RA<Cp$d>+C_h|j*Rg%K#FkRJb>8n!3!abT0K$|
z_hKQ&hE=-2>e5L$Ju0g6e0wlHx2CKRu}Tl_cAV!PrNkgPF)`{Zh#swM!?~c>4SBFe
zLFe+@`>|b|0Y?xzEvQW{!%96TVKL@(j3BdR=;*0}4ic80ZgWq-o$QZp>+*cib9&L`
zO1SiP)BU=_=kZ6kEiaYw@{}sz;`#x%13!s=zgA1BU$#zW_Kbt{gT%XW*d0+(Ra~($
z5u}*?_Ia&7%bHN6%N-1}I?ANk2mH(3b;mRO(<yKW7uqIZC`1yCn$*F@A;kN!(K6rj
zRwCkje~!)52GIizHm0w(&X$UNOs7QzIE~w4c4R&!fBthm5<vtSH5aR`^QIzfQFFE9
zPy%_cp56>yu&0`7Y-1zF_alIRsjy6lwT?<z#DO?S9&)C;yqkvZv?T~VkL?QHN6nqE
z3?`G>lCe!t`v9&&B=Qaq09xzd%QLDcbx7@3)r-aiI}cMgPs$SZTzqf<U&gCzV2+26
zOOJ;x?Z*-Zf50SAp^k}&dU!Y=&&<3MSX~$d9@#X=7wcQB?wjY+amlHGRYH4wLUn{}
z=M)UK-1_3ICa^VLo0;eHbPzAg15B@&k}b_EG@rAfGrm7yezrZh^C<}0Zc-|dVrSUI
zzzP)yGkS+0fO|;<uB*0A&3In{S`wDg6sUfv=o5(_pOtk<rt1<Awe)3hv$>iAQFlPc
z-GSt0B_g(nPm*_N4)Dj}WWOr|BTyJWz31>;H1d;2%HZ}Iw*e$lAiLVI^OGpmKmmY@
z&-Z@fl90MYO-CY%MgYL}3CPa_$_Z+~t@NGsfIXyf5Fxu3-#&C)2be^Y)#q-%$S{B6
zssE_u7-*9kH#n&w!#r>X`QAe?mg(dJhJ;ujh|#CQ5|F427AveLEiZk~k-07CmRkXs
zLLXk!)<MKt;Dl*}xM-H6W3<x&$?pT^fLl_x!zqGZ(M$OD4Eki;rmUjtEY@!(YX3ra
zQG;sh*ahPZ;A8W{08ft8V~{d54+;SfPzi~E5`FM{cc(|d68S{sWkEo#Q(xOslb8tq
zohc5y8_)9uxD?>!8Ho2|#%iI+fM<3#gf&-TGA4kFduf^H_bTaBVbX8jyhIsVz7E>E
zEPj6PRtFJUxaKAfSZL_z3_RDpsN15RMCcP-oj9LOY%o8*2jmSc9qBuZO>0IHq_=Y(
zcW45YVa#2&8JwP^!vkQP_ZuO25@Mm*W}KHXjc7g&jZ>UMs@v2tbU_jK-a1}@$Kq??
zqyG}lK%af;?_cgSQT%^~zYl*2e{g`Q`U!tURD2RZn0W$&|4SrAmOb{whW|A}*lgRD
zO^_3SCjRxWF^(j6ZwcvFfNd0|xVz_n3Cpc6fnd1qHm-XCVL3oksxPZupMli7e~2b$
z^FBWw3Az2TrZYkI$G*s_-w#S{(LdMl-NBq%^S?wJe8gisK$Kpk&iGC_W`o>u{`0|S
zx6=>wxD_7I{3)wnu_wtHBFf%fIJ*4mtu7(i$qVwEum7!@uk#D?@4UR>{V!_1c+)Rx
zzT@k^=6b&P`&L|DTX}g~@LyVSig{_p{r#_2@;Coh8S?9E6yp9f3OU96e*T~bOhhdL
zcs9Jfxj}1}$@7sWbc7zkc#oz&DQq+D_Q6~}g@i_=3wQw(bwB1XUoKwU=0b`Z<_h*1
zWwD3oEmnqO{PUO88+!E|v~ON}N6+bWOk9qw_19u5*M1j_0~F1WA>;DSmoDi9P%xnf
zU=ea46bf%B+AfO=?7)!7iq@m{xeVoaVmrJa?}(Z&{y)CXDk_d(Yt(3P31LEjV8Pwp
zA-L<{0|a+>cbDMq?gV!W?(QzZ-R(~Duk&#3!>I-J05lENRp0jA4~|c_j!);uH!Ch~
zOqtm)+rPu5f1@dYE-4VnUp<Lwi*SG0Gw1#w_7i%690Y6QyJrq=S-H~avNv;JuV7{`
z?Az<T@kC}fi_as(CulNg>EvKE0zQ|E%_NXlv-dk+dI4y=y{*l{(h}T@K($=0TS6+E
z?lsz0@WX0{0<(O`6&z8!$K%z}Tv?H9hCU$50`qGOqj_LqQc}|M@K|Yi`D%@eq_i}0
z8AVV~5C8x;p0AJ+7bnCmV4zPB9{Ns&D2;}Cjzdn?kMrg5BjxA>emjGBDYwO>ROZWu
zF&f3oAnvSR%c|K2Icz*^efx&`yw=7}Z$Bc%GPh}SI5_%u7MsI?rs>S$w$DeE9GOJk
zpP)WbyBxjSm~3;O6RSTczn)^WP(T34F&vx?W-^Q8y3Rs^*0yfH%z7|o1b^RyE}NUX
zbU0mRl^0~UT5WQ@-bdqqu>t>)1YqxT(dEtc1ph{d=ks_5xAXaWyYo3djb$~4V357%
z?{JFrn<Nz8wNuIxgc@7M=D^=FMH){ZK0JMRB7&yRL6`OI?jxUm#tfvk$*p3r{cSb@
zrzFV0_~m9U3XglxidqlsAY*>kz|8f@b`uw;rKO!5TV2&ETptwezPP?#DWaI2opo?n
zbH2U3g|z!sT3XtsDmyYf{Is2i7IJ53Xb8TroQi7HkDca~4jb29QGvr7%RioqO2XQ-
zEEi6aAylM6seDrU<;$|tg4!4arV!yB2GWsT8ManYbH&V^%^lSYg<gd&WMtRxr<~e-
z1*Z<q$AqywtT*z;mWeybG<?hBKbg8s{)a`u9q%<A?&XC)PEHmpJg3MhT5}7lMjOx3
z<FpWxQ#B`(($v&+_tF|Icb*7AU-8y)llebNbRndqq!c>6SA(eiz*`+p+85!7dLiG*
z@|;S*6;#u6rqxAU6Ik?gG?gco?dq{V3T_Easz%JQ093>5yxir_gaVHNrAZe=d^w^W
zN(Y|6z`&a59tm&tDZ3U%iavr}F}Zhv+rzh>{<qa9K?tU~BDnE8v>r-^<jwsF@Um-y
zmwnM%)3+AtBdX%d;Y`sDQe$W+0<7mPk~Y-XwI~{9F2fv9L_~y+j&4&%K_T`}j77ZE
zPVIn%PIgYtRy8vJV5x4(5;(mgSoKmxRkcN2HW*DWR~TOAZeQ2J!a_liE2JzU8P7%p
zu{Lkh#IUe;--)P%BL4;eU)pEj?Urp&bo;sRS>ubIo?!mdGuy4oK#J1(dgim%S9?1q
zwIyZM&*!#_d;9yVivkL{UAflo6q?HHE|-OB2)}0c60yrHYWJKBM>LEj)eFU~A~EJr
z??UPDxY!vu7U_*Yqm;?H8>7{$aah@+_$PUnnh{hSHo5G-$h2lN4Ob2xm4Ve`te|H>
zLA;AgCMGr?<c@X(>?b>ho$Yb*LFG^PEb8GdI>%*?)BP8ExklSeY(lS<)b8VG_Lgc4
zPjFA_v6}0n`!oWa6k6~H4{U&YL;){3-`%JkAE{MJonvYX;n1d{@0~f{JBtE_@QcMI
zLAJbL-WW>CIdlJstUdaKatht-2;F=ObM#?TS>2H~87v80vvO@d%H9CTD%DOw-O9ei
z(zpz1AssC@z|h~JO}Xf>3qVg#&w*%y0e47(P*qh`Dyrd`LYcIt4k*Yx3I>!umFzZ%
zHpAK(MewW1Y}HgD*1wB9y2fl!Us@U%koe1)Krc~<z+zvJ!P*8&(7b#(D(REdj|~%2
z1qBAUGRiCel|uFZoBTun$j|fN<aZbT5BcjhARvB@hfQ7(%ZJY*yQba42@6Aiire{R
zAKlu-Nlx<p6N+Tm_37Or{=_&(V&eAhiNG*t)NOaU$cK+3jmC8K;&7g%?bjS0;TxN3
z#rulohpM>;Dutb$%Kc2Pu{t4st~dR>DI<}@TrJ~@;ek62b#52K6MPbp!Ev}PqE?pt
ziULajN>5lfQ<Dn|1>25*c+3VlQo3d)o^M}=eHWX)geFX@aT?fN*LEdSV<63zq-ytQ
z9MAH`l5h09B_!^>)z&g$S7;M{Y~H&wFfUTF@hx|)%NEV9cB=Lf?K-klIMWMk_w;N#
zmQph#MFtA!bJC~#8wV$=N`old=7H{c6gq^cw{trK(Sp}JUM8}LC)iZuw}8*ED-GYy
zw5F^z^|*msJE5MKvQH!N@v{MKx!{*<xY7!}Fl!*UjrjOPsJ5XacOgfVXv^rw16h#w
zS&^?;5a+Rk&zY=5w!WqRDPup=@@?{C%@73HQpAL8Wn-r=km7<jMpNz4@oCRB_%vEt
zT7D14%*DjQf*TpFtf&~{ON9A&9bMG>B{4CP&;5=@TnF=ely4Uh`C0rzcGtrgfyUl`
zIysE`#AQ+^vxHqy0em|AgEM?G*o-Xh${D&ow7QF%xiNTlXj4DVl*zR`5nut=xX~T7
zYY!Bnx@#yud3U^S5}iNvEj9%tkCxwfRz_eTeFEB0(GhVGGmp)UrNrAu3_s0_xaH`R
z4GAshT+cznvI_5)!Cjcc&~1FBG)^epQ3roCOf?UVRvE3tN;(c$OysND_Fjx<A{>^5
z=LvIrUbl{K*hH7#M3kCgH#N-hLL-*A?sx?0ZkLwjsmMr?^Dyzy@H|Y$`rk#}C1>}9
zghlerEG;{f5;2k4wTGD<q$Gw)m7o1;w=<eLwp6nGmg*#y<%RSNys*vDJJeQCAgVOr
zWLe}E3_ch~vDonTm}^+92p+x{Wp5>|KbJDGk1}Vx=dZB>J_)sNMtsX$MU<d7LuZC(
zT?RoZ(NX249>1ARfJ8Ff3aU;(ht#bXqF{QYv0JC|M-jo^nQ&2higa3vtTy*FR{U|U
zTol{N@BFSI%ign)*x_rxXeFofs_WI8o#Xt7)<^&uGi05gFi9f6Ca|$7Z{dL)$Zam2
zH_5|}`k5tz+JtAIl|t(r$$9HLNN+oA?hPP~%h7|`bJsLmuWBtHr$N_A@{KDZo@{C*
zr=Uh1d!xrMqTWBHGPE|fpry95Ey_1Hs>81(F`}iRytaj9k0QCF=LOX2#7alTGx@Ho
z7ILmfz)n$8T54u#S#YbbuOQI%H6|0)jMfAoqrZ2sFEDv^W#>W-OD!RQ>0V=9ZQQ=O
zau$|=#LUD5gEfBs=MN$7?}gvhWo6WZPux#Ci;G{x%c+5tK8?xA$pFQ0O0k^6s&$t#
z)Yc53TDqtz2$Gd`ufBecfmHCe)8i3?N&0r~Hj7@X-EHsk$HT0fvVyuQP*Z|U-dt)%
zHVv<2;Ah?sVnM-Ed&eG9RS5-ru#DL;t+7?G3Gk2sBxqX9!~F`V6M|uZ0;(HQZ~{&d
z%KUmd-rk0T*zBvM71m;Iol;i(k62bEXSKrbzgk{NSYk0Fo*(7Z8aO*N%(AIwnH1|o
zfAPVlY)qesc?f6%Fxia&hnifP3Jmj8HB)=$K)(cCvs$T5O8a&nXjh~$=cyA^F^!A}
zxDzw=%{nYoZp?;Mn6|`vDQ~cL95ff~c5DovrNcKrpiD@n<&Et;^9z3OyAhUf9iJG1
zri4AG3HssY*3uG))po2h%2QTWCIXO#dn)FqcW!6|&hsoUw!*W_sdj1rk`&cjU*;N`
zYn@z|pUW)1rLq&0YLydcs5yq&!57BQH-sF0u)d;Wy)0XDE7lM7GLh8bbr$xC^1JJ7
z;Wq(=9F}DewRv{nu^<oPn_my)cfD;#$9MQq+^nef{U!hW|0e(NKk{?`H~D?;|3iM`
zJP3#kYL68}#Xc8(g21>pjG^(dL29ZJtDIB9Nb^klK$(LG)cB2-Yj_{&si7R9>`*da
zFzIp-m%5E{V0o}IzS3FY2N6f-ZsKj}gPM@YpAaisQ^&U0{SK+kos~{2%vr|f@gmW-
zJn-N~VzdY}38bE0%i48RKSw>SoH#}_loh8{F0gFq9vIcFxrT2!84fEDcIQSI@~mYz
zoh=p?6aKI?Jlop}0qEzDW560rz!7-JtExKL%pu1pc3k-}FcDUow5knY;Nsx4C63Wh
zP%IL0!P4x_OZg$ksm2UWOl;`=kT82UYmGzr>iN|%6r-%M5sTzASwS{Rd|u2PkT3Wv
zq%>%)(>n=}+%ZfqJ;y#v%KgJsPFNeq{ow-3!+Q8)F&<a$8H`W8r=yb{o}D_=hb8y>
zGh~#Ek+HG-i!+WTWh4x0N>WB9u5C4quwUWC;xy>M2B-N8CPc&;B_fbwx?DFWp{WO^
z>L<?$yXal!((yn?T5t6bbGe4HMKYR|uk~x4i1T=Ao>BSEUHZ%RiNmxxe%q_;VLHjV
zx}w9h!OR90yXkf59;)M)cTtH)%ZTrUAZDab$<X>gsg<HhRTdJ@?=Ni}?0k}vJFbv!
zZm;fa?j6>SPpXAft#)4^0_lLPb+q$HDvqO!msLvF`4u~9QL`FBENUO#6JkF6>f(aD
zg-{$90gU0`;tGCeWoKvpnwFZHf13{0NNT$K@JJG4P7*WEm@$|6*|_rc<8=2mw=!p~
z@RoG}E<HU}cJ2c8DWJ$g_e06!a!1+UM!qQ3wKS}#1UTEv!s?Ml+@FsE&6@YExwP^&
z<+IN;^qV>za;(IimL#kKn^-EV%6nux=7CjrRWwj$uBBDFv_D)h!~Q8^0jHFD{P|tY
z9or&c;VVVL#g^M#-(DR{Chiy2*sTo7_Ne^ga?c2X9T8K`Oeh;BhsxGiFAS*lpP)j7
z){0QP&>($tIbd8*nw~k3lGO`~a>G393GMJJL%Rx{vlQfj)xcW--s#LAJy9Ls6!hx*
zC(>yT>oI5NiZx}7c_D$fYRKZ`<YIPAvQM^nC*Zhm;i#fvHLrQXyee!;V_3n))A4co
zcVB=wulCsCOo!vrL3})VK~)**-eMJtGy|fCCgZ0JsMMp)Vb{r|>1o9;?W_4;)H)G=
zMfZwTp5|IBDk_qBb8?cCi_HiCqA<$73!+|LU)$rurnacYIeogwj)NR5m8g36LWcn~
zgabUf&?OyE>M6yD3aVrqRo$LBTwGUvJe8J|_yRsn0WU)t!RDOn!-b$^S-9!^XpY$2
z2EQr)y}8K74wN(qux|UuTWj?>8+{y~SI_=<AZ?)%BqJGCaQC5`MAbuI>tQNpH~zbr
zF`T(3_2BpKK|NDWSdO-^A-F*mODR8f)_}7N5K_jPSa~*7#a#8`><-Q@8Hr+)<$T?o
zYe)`$gM4;M%JI19yJ;RYkU_6^8Chz!2WJxu{N2bANJ#cg+``qy3sNKDQo~3Be0V%|
z5DP%t%c<<DHq@rxuI(p8b{m^I5E1c$bA$iMqTd(vITQu^;T4C6fKoBohA8M5V~G4D
zS9xA_&xC}8darOzOUqL#PveIxA#WJlK!OD;C)gZPn$|t(71LVnkn!Tg<<I9|oi%1S
zjhFVt4=ZAEEivXTq5<si3pT@yS0yl^1>34t058RLD$bWL&Q@EF4)-Crfz;ez;cQ`h
z3;qbKs4Lpj&O6a!&Y{qi5UnA7Js;dAeIm+UWzg-S^}_*e5O~yk8`|aL4BO%gOffwn
z!+C=v(j8Ds!gp_kcb`<iCewGl#RmPwW<>W4mlkgT<~BbIPXrQ%R^-cfI5Js*l>GR6
z<g6kUB6q_LulU@!-c7_f%Vh5zf52V^u^}xMLxKn=A~o3UZtV7sI=mz|!hS>@vy^@g
zdJOza{^kEo{*iy==lXB*2bKMY{Fl-Y5UyNHha;u*NRg<E{g(vl!Xo!wYfVjN*m4(4
zw6u5*;?mL)6&aC*v0)|kX5d0rjf8~wyvcKrt82>x-cnXFx+b_-c*CAR6@EitizAkT
z&=f}GA$zQHq{z2#I4b&s?@<wn7uX^E67hpU5>oMn&=IEd1!!eexmXK3sYJ{Acyr@0
zl411w_wRJEDVF8QwYAgzebH7t)2a`_?e6z}aMEsgYmJ!CQ$ew@ABPpdHgtA;s$7!0
z+v(*+?T*cRX*EY=c}EKe7v@(Sh#&Azh&MjYfvMU{+p!?r6#}xIC#tPPqXU2GV+_6f
zZ4@l}NH6a_3=blB1f=|z@g5RYX)OmE6I~B|3n6_i6E$=L0kn9`Jq0Huuvr>1ZgqtH
zC1@h@t-HHssx!TU-%(VV+@#ez!C7);>xP-IGV1dkqB(3Vm=G<?!{zD7U*NKYpSQRj
z<*c!&-Jad7*4q$_fR#FYnHk+%cq)odrNty!f*^?zO0^}81=jhmch?G2%D|~fgGr!M
ztEC|5_AX}SJ#@TWy&Nm|Oe@<v8xg2#!Ejkr>peF)S)EE)93lowj1{AXv@4w|_tPEc
z`#6t=nb;FX9(<ms=?(wz)cR7M33lFDdSiEu&Di?4JYjO=HtPA)><1LT%s1aR74T!6
zHx&&wV^Ao4(0D9v#w_F73;hEFWLJFoRX!C<gcrOED6A3XQ%OV1TD02@=+60sJOQ$F
zpkrDD6`rdgmTzQ`=He;4|ID-bdPI%Ra8cs2@xn+cprz-HH<8oPlZ#H!)Z<)9$f#Xj
z)2Hpp%ERNqP(s90q&-n~(|;P=XtI5<kaac%F?QXXA;xaSKY2%SDZ}r`aZ6&jcb%9=
zl5}q{hl0tPwc${W5ng+!E8;aHuOZ_tt+4Ptw;C!DpH{{(h#HpkBui@#tU+@F%gLZU
z$mDR|e``p)KL@*Vo-@YBe1eq8&CBc6+u?uM^p~LV%F5~JSf8I)-4J(fZ}Hpz92i%R
zeRZ6q818pWoqQLAfOOgTtKM$KxN)pc9wY}XDKO%T=r;<Jr>v|j5H0ZCl_o<$Tl=(A
zvbwx{)N}9aL-nmTEpo1TuQSN!>vH45(PGVy!p~`7C)R_=K{}_ssD?)BHHD+2W5eCN
zu&^*bKK|nPTmm&vOIy1ecek~rg-PE@;4#*J9ISaPcXG`sZk?GP?AL_%zEUGjfKcw7
zNlAW#lV*0e^5EF5wA#I1!&Jth-jy^KG95CW>%ZQp%#Ph=pfU3t?>QSFMMq^2K#B%?
zKkn&RXzgx7+-9*tgw}f&87hw|#1O3W=`hwPa9cLW$!lrnuCe0c{J6Y3IpJ&_<?!f8
z?JSnPfI20FhzCHBroStAcv~AkOl=-aWHmZBpnK2y0d$eeB)%KKD<8}wgCoaqPgI=@
z!GfR^&D1IW4g91pz1daemgOYCk)O+*U{Ub9=%{ErxoAu0!<F#I-W-#$bs>?iEdU}5
zqKWIXP@caECODz%7LS^mI?43J*ZD><lJ}w#beELJ>!nq30Du0<NsT;F7w6K3l1kFS
zIloAHyG^lEQkW<^H1<BQ?%E|{Tk*<&p0-MIU)Y%D_Q^doGz>)qQv_By|9-s{-Y=VC
zI(|KAeT1&H`ed4$#&Aj7O`FRMqg8=1w?Cf!{T<qVEons2D5<dH;PHj;IwgbGK9kwl
zX#5d8kE27BIcX~GjssFYFoGK-Z}@f1F09c0`1osu!xs+t$vsg(Om+%&`R6<}tm-`C
zYDP%t$mvg(Pz-jd$u{{g-kQDp+TIA5D1#Hq;{>Ry;UnArh^#6IcOyJRz~|4O`K$tL
z{Z}B<);{us#!g^IH#P`_FhalE+uQT<@`A1Yhoz}0#!e5wM}Wr2en5=b+732bH)-wo
z(tzxYKvLxf+)zf&NJe3=T<eA1`RsCtwCZ2-ul;ZGkNzV+=YNww0`wp9XEQ@U@D>R+
zkvl87VTTjUc(_A)T*+2k6VJ)<BoZR7@cXlh(KD|R^5V5Rg<TE8%^Q0PenA7tJgQyn
zkEJbCf#8~2+-|A5=A!xELM{`|U2&5V&aFR#kfguS(nd1x@pPn$TYZ^rZf!k2JRYGQ
zI_0OKqic;kHKFL(lG<v!ctAW}>^|9qL|Eqv|E<sPrJ4zg-iM_&mC1qYwW9OYSyVLW
zv@p6v`RMYTe|UJfcJYG9g7aZd6MUSqysu3?Jzra@_#vZfL0;%sSjHAsF^NIWJox(s
z1qHv?*YSUz?(V{9BBP)jA04r<vg+~fo)8I?MDsuE(&@l>^0^Ez^-K+Y^?pyt_V{hU
zgcx=uDn<~+)8zfyKer_X?dh+bT0&6dl+pI6Dfj5P@dR!yk0J^FlB1nw6K_Vl=NfPO
znzL7jOo3soT2C~7&J;zWs*&DSw-x@ucxx643R+G5uN1rK559F0w8`Gtw?_4wwK%BC
zPD--uv#ZO)pcPqi#6S*?#rNm)PL;WMNJHM=dg#bd!j?=dJn*d(3jnB!wu)A#qI^=-
z1yxMU15wdWvYgy%YALwbxE4#4i3t+93PV326+aciS4)*AQG+}F5BQYJ;1G#@{dK=A
z?*h0-{>hy|{QVu!HRr6D$bxgaBK(<|hMl0sS9HGd`6etJv9R}$vcR4T#m9KqSH%(!
z?-&5Z%8TfnZ2Xl|N%x~7G|W0@@KQ0M9!}9u=Raa4O#pnylvEFa>8PdW^63sBioRXI
z*Sd}QsSa&!i)h!{TFuLN9n?ibyxP2SCFDV>@@@iJuZ~nb3e0m-J_`!Wc}v*)p7R|t
z^uGrHxj~?SbDnr>$A6Ab-oe?)X`CKpC_i1y**tq?6y0|ePFdga-3THDg~IN!e{e62
z_==7*XSQD#5w5zAJR?PEE-@pGe09*?i@rMr1>M!fNlDFVrpGnq{zr=X<m5`7DRDZn
z+P3M<)>c_<ZOzqZWNP1<Xj0x3-NmB#(y}sOx%$4#`1t6k#m*V4FARZ#f<pRG<{*&#
z#G>4S#>Jzcu%tA%u+6OZ%DS;?nuRMqCZ<|bQJI6Dr=w>*rQLR?|9fo<o0W>n5B9;Y
z?eR%T){8Bu4EqW1Zm_9B!y_A{aYOyb>%k^To!9I>S!jH&Xo%}zuOc}qDP`%<!QLJ%
z=pK+Zrt`}vGFxZ!M11J$@YvWIeKXp2{9+?JBjd+6*t0;=y4r(n5&4c<XNDSXQ>bGb
z-%&0RXt~I*ZIMsg+im@Y9|-HDl0FdddO6%4q49cZpETGN^fj7Qk-k5eOG#FZExIY`
zxr^D$f$k>@d>f+n%ND#!D=VmI0av{gbrxZP3F`7TKCMOO^5O!z)tw6>XlgYz^{K@A
zf*EIG7RW;u{SJ(gzl4*}g{jiM7-eUz%&oCbZp@6G<|J0Lm%!{q6Z}MUKFG+jR#8pj
zb7Og00C|sbb>P_npf);~@3?FTqn1FIAfhm;(ze427eCr4*`n-xs0>?9;%_bHiV!jB
zxj)fo#F{?Zbts|mx%m0P)kLM|B20PL%gldBRbcL&E9{;3(K{x+85xn>w=2=5Dm9?x
z-u6Fqua^fbc!<AjF+Uo0M*ze;UA<Li5qZ+rhpB&rvkAUgbd-vPhKbdrn@{DFJG)y@
zFh#Kp7U#)2*v`a{;dG;n2|2+pu(Mbzqb&bODcsZuaoyq#jOUQ$)Rj`N`Vu2lhDjlt
z?g0yA)s4=cfXkV>Jjn9iKA;{&@}2-x*&{PQ9D`$!YOuSTo0IG7;2`Dg<6c<}CyM^J
zR=4MNC3DZ|<hT5%O=;BZ!Gttopj9MA<{0T@8l)5y<%s}OS*x|cL&~Rzwg4k`q1{+c
z+U&q<rt<-&vQ(U8_xrG3i~~bXYS7S;q}-*}1^?+B@csGPFsmG(-T|~)If?{XumAd&
zXLS9)$v^gw{2c#H{-2-zLw<R92nfQ}XTa+DDkP}+H;0}AUSiT`z(!Ps^-8njPU3k7
z*3!ig7Qryp*|NRGN@Z^v`>76jIu<?%QeE5I=!>ehrx7^T`9s^={sQVD->@V#C8b$#
zcLnSsyythB7#TTExa>ZtdOc<3=kILXa7RKsKv|h5At$E?-P3nf(|0@?YiXtDlw=B=
zqg}Q24GdIi{rbkn=JYshI5jm@6%pOcB#-6KV1MIxO?P*Fud1jZub|YEUtVfpW|jIA
zV`a>+u_0mM7t-<3wb_wfshJ4?+02x)peZ0eDN9Q=R$_w4?AWYfJJW=nI^5;)>LL<%
zp{4266M8im%^Mrf6PzHQB!x>!HFTcu$Vo-suG07I4(&#({cdNET3Ckms}r%kiA#3c
zN{R?6f-SqDaoiY<^d^M%+W6Dsb8;#!ZVJxRgSNvp$2q|!G>UIC;k=}Jr@R@`EM*r2
z-ysU(-C+?FS#+Yc*=aQ@4ORK+FwJ><t>khpWtW&XFVBQ<*`Miz?z?fLY%(4+I3hK7
z<C%=Il4{};J`fOI+~Ry)Nw#Q|Rt5mryFXib2Dj~Z&@j?Lt?!7M8nJ|{IWF5Gw^(g5
z9O;YU?sGy)YKKG!+@OM!Tr>#LjH@|vZ)APU=DnR9dXJeMIuX88CVHyM?yj|bQP|8U
zWpQF?T6S6F;^+4s!(S^Mw#%XaDS;?QyPgZE+*8j#R3O=72qK*xcQxvsD-=W)ejm2v
z3V`V*SG<TCf~L}R9d)ixCoqX@>)d|amhgbZhFz(FAcUu{ltVvLQI%ImG0xE6#2;}`
zPx4r&aO2>9j*eTP{?H!-^M(T@+wpX}06LGveV6iRo1l|BYVO%Y#H|mHtGaOMHsbAZ
ztKs721}nzdI2zfHBERgfsh70*4oAC?oy1lB?JXj=o3#q;n~gsmLwNQ4N`p`?#ci%@
z^J^Y`;T)3UXy>G=VlB+(CF`^lY}XxNiq_dzaCsQ!U6<%potoTF4r|D7JHl5Nsp+-j
zHjD}#9z27vT&$6lky9M|lkFFqpEIVQA}qnnT#_-p0T+NE%6DcPz6E<6RN-cnu%pV@
z4R+3~d%jn2y6OE|!Vq(g9^0a+Ns%VA-e~p}C$U-rH(2HM9BFX$5!inIUi<5pGakAx
z!}iZ_oSdA;Y*op2W=ceDBqStlkNd|Ej%ke*8F^Ug&NYRJqMBkV?2S<)6~`x)rsoEA
z^*~mZ#M$|&vQo(6K?vo*--nNZCC!gRb?E`+Cmf2R-}OE+Qj#hPOSR`!AQ-#B$Lcws
zzah6_0`S&XmnT<;4-b!9Y_GX|R1w%^>CSF@#{Y0TTWPoO%r4KX4S>mSjQ&lSyG5f)
z`<;@BN^7$9$JfdTdKdTRbo(GupU;t^B}QO1M7!zFq1*cJm3zN}`jp9#`t4-UmwJ_1
zKZ8x}Z8@{mQW<$$@${PpW!j=!AMHe-ng1xlbS?3^SjEoefcO0EO&oc2vnQTkslTuf
zp5Faqi_q1zeH0~iy<^??@4*=kJbI><bRFIV36fh*^>?=p$S5{~)lmF;dF9jjG0%F=
zTXq~j)u3*hl0}}Z${72Wjnfb?At_h`qY(OmyAcspjU~dr0=+5i`rME!4ay<vRKt&F
z=SS;5@-A+yZLA=q%&aX<&w;CQe||IilIPYTFq<B5nQ*cs<k>mQTNq020h6W!tpr@~
z=JEgF^phLNVY(miO5V@6#&Kxs2&%f+fXMwkSE+=&Xqn>m;Ls6(=U61tk8h4~VI!a0
zr8Fnwj3+C>*Tv)K<&D01RMq*05mMEKbbc%Frl-9)z+L$3agX{Wjfpg2P6b6vHyYgx
z+IJmh_Y-jOqvj%h$_h@(jMmJmrm70>J^e!4*MGb8$RmAcDO?oivlwb|h<Vy@$cWVf
zQzAyvnvouLk>R%jYsbDm+3_BQsqOgO)4w|Z{r@Ka_&@Tq|2O%Q2L40-_Ff1G&i36|
z_+Pf+5fLwM&*w5SGM7B+JNLEEe;NWW?9{Hi$~|o{6u;SDGOhp0@6lzrlRPJk6@Nyx
zl#`K3-~bmVG1cnJU*L1lAfB%FB5s2-3<i|Z8tUsMq@<vs)Ya5{h$$&cnwpvp`jEz3
z)ii;5&Gml2hpNho7MKnrmMywU!%9cPBqh~hn<1*H=tDEp#0v(D6@CoGQ|OC+*SE9L
z5yT;4>ROzwZvAu~uxqox<N0K+DaKqB>w0)a7_Ou_QK?s3${1g2s5&>RqPn2MU^Y@_
zHcV9}MU7nmi1^vP<vSpU5BC9q4WcQxe6VkHaP7Kn##GE%j{S!cu^AacDQA~YSlD(=
zC(k&vv#VQknr7<9&>^8!&k;jUgt~^fk8=aE2VWi&U5nTU7e9gtmX2CTW~_p#T8mhQ
z!=h!XZ)AELFAN-lt5kp|$w$0MJ{(mqni4~6eO`{6!RUb}5-5tD3P^4mY<l<;(6^W$
z{}5l-$D+?fNgOFnWMpJ0|BI5vO;tgH?*xjw=j_@sFj-v_HV9_H-pn`k1kd6Y#Sx7l
zj+Ko)?IxD*!BpS0n_zl&S}5e?)fw>@RSy1!)lVqa2P<<X0U>KStWFq_z>Z8=aZ7sV
zE4xQonXc0F{EAI{t$NLH75<_Wez>O=x0V&35{)!Y85C*MvWAYR?&4DP8KgDi1h?4~
zzH#7V3m-ty30rZ0%Cr5N0qL{BM{D@c*86gom*r{hyPp7Jl%OiirWqRTp2U_BaIpmG
zATbkg@K;216}S}aX|o%;S1Jz*!QCw?tBQf1IpPqiw}a?sR+hDi2?aShIWaLbzq`Bp
zK}J<jmglFGM9?HRgO)P5h4kv@xD6cOq%6%j&5!#VRMdlAEFlQcdpMVyhVcX^k~5+X
z8T~aWkB1}OFdymfl_Aw3_AZ3P^^U0Owm<e5iBw$AXr-Ze%&Xr0N>bh56$ezi$DYfF
zn;<L8C`SNTSfAiw2(r|zq%)J^RIhZ_e=xSXXZq~HTDz-JnV+Xkhl3LZSWp5kY9|L2
zK_Kt#03x5r4qrqX$J=<llDs0Aku{7o$l&j!>_Ao3GcJz#U->0vvN`g7eSM1-cUFv3
zzP^xzEiEnT`zh*Q={e5zKPlxECfeziN{Sk(i-<~K*EEq-R8z2aGLVwfGcr@Bevc9-
z|EM@49H%6V5$CtP{fh8Wr`ffnXd?aQf@5RF|DMtxlzk6or*Q^(+y*|c*De8t8eCw}
zf-A7`7i!d9r4=1m-ya&Xr6KcI*Hi&2Avk`G6lG*$<Zxbx{WCJQ)0Pm~jPAUFsJ<cY
z)=Hc+%^hh^mRNGC4pVOUNz3+xL}HrCw(PTBf>sw!pbyH?R@&{h2y$Gf3L@s8m5!JO
zI5aVcL`li;6TGMeM)Pn<B-3VfrP8MIn4xle8=k3!4d~XcC|M4^C;w~2r6x-;IfBN<
zEKLoauXvwa_fJfvaFG@{l43YmS-ME~R4bI=7t50<%w(a&A@m_{?N(~!#3wGFxx19r
z4siR04i67;^J$8ekEj@F*~(Da5MNJ;(C01Zrsm-zFF!cpY5CUA0p?T;mpC7B<Dv6U
zDStYtA7M!*jPF@0qv+e??7Ps!D2G7SiuZF`E50Wb|5lqH8xbpGq*qh=P0e(mxtDF(
zUjkN%xE~DlmnZ_TUOZrRnQgz$_T9q}fBW`rfc7XwL`-a;uMfT($m|a3pS4IG;OpxP
zer@DHrWg%6NH7RGot&iq`)|?dYb4xM%@4sr0@Xj2<Y92Ps`^C>OPUoFOxHyS<e2S0
z5z#Ft4UKpppn*7p@tvI)mcG?WYTBPSRFp+Vpmr-t{W#x`q`rylcS{__1EjCj@5+$e
zo+eCyIEd-#t12r|lM?;>gj7{OcRiMWf@+i2SzTRKj@&CNEmbXlfO1lAzLMg~Kphz!
z9o_p&{-^&<{)vC&XZvsRXSn}|{L}al5F>oSx6r{NkiPM(r~*VDn~Rx8M`mE#7v5A~
z|7UFM7T9BAQs;EKe9#R>_u}+&`fp0QGQtA@$v%K&Z<ln^Zo7DiF=dtlgY+9ID+ePd
z1ra47-8wzlJUP>m5JxvN!ygM-ozlpPz}8lCWA60>e+fziEKhoY6@y&(*qme+esC@k
zS*1^#XZtsJzxFa*oX>wYO`Mm1FHNfPvytVN=Vuc}CkjvG&M?^@s*412_T3mj6Z0N0
z7p2Q)+1Y+9%&B_`IZqiZjimC$Rfd|&kiZX>4$np;-cW=-$3VFka%_YGEWG5&-n^36
zHl*cO01?B)0T!qdV&u=y#Lm`h9kIaV3`yxA{rCOTV|FX;G{uVr>rP%72`MU?p+Ie2
zu|>~2X1}zmFRTd_r!vYKg^kfz*(Iq#!ww#S%)6sKRJK0FXXC0(UE(*jj$v=OjysST
zskq02v@+%MMzZea!ay<RyJST|j&24BCm2~DaWH#{gf`2poy;QEqFd|KZdom9QP62g
zAo4i2hF#a=l*Gw7{8*sPeSb2CvlYWor;pEdsI>^PQgqg-{&6!<)DiqFkujWhvuB8I
zfkjtUcmp-S<U}Y#BXvIuHhd!|NGJ9pHg~DtPzw%4HD%nechA;ZA082-u^1LzuJ>h5
zauC9QADx})z;|p<(d>Gt7)rRgDSjbZ<e!9tp)N5EEhvCpL?Xj#=am_asB>iTm3FwP
z3*cy`4^DE$#P6_!uT!r7$y&o#Sm|xEQG@rvi0SAF?rzXxijAW<m%hZvX%HMM_Sv0v
zb&UH|YxcyH^>*BQ&+j_0x0(X>2H+jYXC;jyb&cX<PqnqR@jf@^7Zl*dEThK!5;Smh
za=JTv{l<bLBP#;cKv8l&F)@L)(Md~4xLM)+uA{F0xNKgv_0^+;L&s+QH#wecx|6Mm
zN%>&DsABCmra>5eQ8gS!7E+W!DnhP#?r%p>MAOvin;&uZ@i9+u(En_o?nvhqfvvy?
z7k5F!;A=bB9^X=@=v^;0t7W<tZHxOePYet=)UQ7i`P@#5^JXMmMVe>mWa08rGq_GE
zT>qdCP7UeNyd+jA#6m?N!wK$v`SR!3qdzt|Q&~q<Ek>?LVaPxc3^2|(A(%-jy3w)m
zZ|-iH_ZK#X3rIYV(3qGb(QekNNQL{KRg~jhf(pZr10^-dP148MuISj1C>HK$6m5nQ
z>Iy>s^p(e=*`R!5wM)jcjQl0r(i7M2Py465%wFH@<j)`B6O?Xji}JklDHDCOh!Iy~
ziw&?&{jh=9$C4Do3_q+_egJo5TU@&ZwNq^tI@{wI1_^<{8c~~iWM^avNUsO;RQcGZ
zGDjAUtH=9Hpc*Oux|$mT`up6{x|XJPY-VPMe$nS}^<I4@UGAn2H+}}XYpmDP@%=$%
zzHPa7&VNKL=fmK$dhe55{aamJS!1j2-pD~Rqtw3W;TuTl9|v<=QipLwn~lF9Br0Wo
zOxLlwQu*;?2OPBXu_xoLNW-o?+vtpL2S&wJ*|<UaM>bk-;JX-+l9FDJ0KdfO#zf!x
z31LH}Xo1)huOo)1Yo~=wIE5ZR9NXL;9hnQ8&#v|$SAUlhgMNp7oOVe8jST~{UlF(a
zD{;=&KYVDgQ!R?uZohFTk5c2HXlXJv)x>MCRps&)1g?noPb+x6HUP3buP+C(+V9uJ
ztigWZZ33~^pRP+3Es$rJGI*vCX~c-`o9nCIYIW7s@+vz5va(U-(~F6oVosO<z^nP*
z0az}acf2P?M^Av0q%S&`8vpG^n?Oyq<nIG8MTNoSMFC`_!6YQG<Rl+{lf(S(gZ(c0
zEb{#kT(=hRsjU|QOSqRlAixba*yRY@1pCWTK_SUz7B9xdhaKveK1d0P68~U>{DP>#
zuZg_hsOinmP2g&|P2IQiD=J=XHM!Gv$SwYo-+kwQ=JQYfBR}hZlRuCCKjhaUgMhG*
zUDW0IjDtb=XAP1SYIP8-3~~q*$5Ri7Z@%Fvnd+&CAguOSsG_XyKlmEwW}m4MA7rJf
z%WJEsD#pWgi4qk(!wh_7L(w4TXWMr3SKJ)_(LrtCxm(`*BW`FDkBYE3`2r2-f8okG
zi^PYYFjpY$gi_?oSw{E;Cg>klJ1Wt|U*c1x2C-r4A9wANRiK081jjatG1Sy`kVzQ`
zKc}k}?`^#ZMWWsE&Az#O3%0{QZid3DCQcU%$uG-;{bpfpx$4ptqXI$#B5i)gd|Rz#
zJ3;jA8y)Gbf0ve+;M)-gJohz!@5ur(U(EHjVZ>Lt%!t8L@m%g~Q6qZ=uz8)N{H*#s
z7;bZq*H2<on;j9D3w;KKEK;3|e0E8Lh!BRSCiDm`BW}WMc32FZ2zIpZ4EzKO_ZLJo
zkZ+$s16%wvY>);_P%?Y`;|G|uN4PXQNzYeknHPU)-QV<GgDV4@Ss>5B6%lzd*P*s@
zEOlNM76TKHh#`X~*W{k*u0MY^H?w`WVq03c_?>5#mo>Dt4}E;zD{f3#maq3=544f@
z?CE%s-UEO<BBB9M1)KE6Tm7+0swtJ>KR)2a0<(>N!VGI>RzKsEDx5TbU@6ms^@8#o
zE8vE@lNqP-FXXD*hODVRh<4B*i$~jyVEM*KOGXqZ{!OqM5*C&a5|d26)feQO&c-@>
zjQwY|!}ECSk3R^1Jp1FMKd9f~dLLyG)+v2}+Tb!!4|-m2dVU(>5xIGxt8#>z%Ks;J
z2>iSr5<2XifMhl*HopGr^A=$v-i}U4LqRBtl-hvo=kt$SP$*DaPR@7tV}KQxkib0v
z;TR+w7vX2|RWkc;AcR;TPxl#l+zRa6%hg<)xnze1JiSYl^DvU51{o#Zaa=G|uqf#d
z<^s&my8^;!%hgAzrHj>Ju7p`wW8h~%4zgTr&*c4pPuB6)f1*eL@+KzmCUy#KjIPRQ
ztb#1>nm+bBGX{D0t%$&rfnSW%*Wdrtk_NT==a2w$b83bkxp?Q;NKr{CuZ$c;Q+G(0
zf$!l#d!5ej4n*sRRqp;(PCP=OA4D|3a`%lB9@hlYO_Ypw5j3gRkJAIidX!_Ut(+Vu
zC@mooB_|Ok7ZM#685I(R7##s0P8c8>5bOi5*ZqS!V6u3S;enlzh>Vu?;~7WS7vC$V
zsQ^Pf16XTh=6Kxq=koj%6mPIP9EjV39QZSM!IeVuLYN+WKy0oc-lz>q0(evWkax$d
zFHX2#*hwY~;km4h5JF(S1uPQUsp<cy)a7P-@*H9o%x+7~p*E#+t<Qc1D(M8%GlI6-
z&W&6OKae8dRl*P=(g?CfFqO;U537NdCsq^yg{kd2EPZ6sBS5wT$BWH%c9e~=4eY8#
zKLoFo?gmV{D<`9eM;n9^E^RFq*in^_B?bPSMD6H36F~8QgFXx$L_}Kwp8k$@4<V1h
zx;pR_03J722$z8AX~ata26#-5koN(_rKrKv-$9?{<KZLyStESMaESSn1iZ{P^+V|2
ztNsoavC9X<iE`M%7$V^yWNapb!HdP8&Uydt@n6$e>3i_M@BjTl3%(P;%^Tt0n}Nsl
z3uUOaS5QGeuP;g@fv}K}n{VB$$o{ptd@{Ww222AM^;mI>mbA<eP%4vZYdRWy+nbl;
z-&8-aWYqND^bN<u6O5F#>GXn#JA}YP!=zo!@Fe%}w|)W^<KHWLkj4J}n{|_JHN%S{
zGvU9f==D<-9Ge5MqaF|u5D-jrZuJvt!V9s&Rdo7T@{a5fn7{s8ifN($yN$g;Le5*|
zi%q+Dud`77yK17zy->cZgq_P!+@-hJuPYTv#TRgd;q7vOz?(a*Lalxu>?j52^H$XV
zCI2Cq{A>^q|2`p*Da}*Rz_V=iBs_!&1Ox@7%U|;E{p}(2|J8#P@BFO?6P^6Odaxh6
z|5JWU|C1lg|1Cd?cm5+k(03sq5=7k1d-V&whdLSmE}@+{K4{ZTp>#(?b$V4TaGyNu
zm{j%i54(&lY}1D`0qYg}%zZ^v1=?+U|E7A*dWG<m-tZkH(=TwK3iV%PL`2<ZyCtzx
zAOil^S8(w7!29i>s;KkzawM;)Q4Al{$?bMK-Ydl}`sCdr_5-zCqkSK&*UHMu3PN^-
zr+8U}{@n~ndS7tHfUbcLX6wwsN~y^n+i52dtj@RIcS^Lcb?XF2=WdxZs|yQ-7?0}n
z+0>SUYkqYK>`t)1SiNl(Tj7`d`m(l^uI5@CkIl@?ZX!kpA0tNCMSW_$o?j<g(K2sd
zF6<o#qMOURZxF3qWRIKkTiTEA26lJFL`A{XQjH`YtRNI=1MuG6S-SXzUAAA=)<cj`
z(p-}o6c&`28d!h$6Zkn?DH$ngBA;24JLE|@>D&&F-vEXngp>F-y@-=yVzvE-;=qe)
z@9452)&f-MXP&sdo$q98_rdfF0cfqoF<hF={OAj&D*IZ?{hy(k4R6<*y7!{i`V9WP
zS+sskhjh7;jXX1RL-Ps!8hjp?&7-5R2So77&<CT?<AF*_snI|<R8<tXn(9Zx`nHJn
zL|4tNB{cI_;Uli|c#Q5EI|gkxz#44M3H#I~%im!E(P?LjKfPv=aF!PwvOIn^Fc<Xv
z0525>r#}nW+XH?AKy`IfbMscmf$@g7EKyPK_V){kiG(b3F7Mp=yXP2O5*9oXG(1#9
z#9YM^aFLyZy}htUAToAsQg2XFY86!(6*%;pol9bz`W!XB_<H)W6@DH!gor%znnjb;
zQtqsdw(}D@6OBasnZThlV+e?wWl%ePmQG`z5FEvQzCQ=GIFu9>73Jp}j5Od?tV%hH
z;@`j6H0It)YU#Dsy_rG_=iS}i5qLdpfvffM^70-Y&CU*RE&*V$e4Y*Z2%-%O*e_$i
z{TOua6t#g9*1Lc;>V$mbw7KCN<rsr*I&J`yR^+|#M#z2_7WN+FGU8ckG@8UZcH=tK
zn}P;+Irj~T9AwM!l_^C!M;^=y7RQ@mbDSryHZfyVD$N$KTO(FHKi!s^me%v;Pi$-J
zGf77(hoXZ^53A3=$1>53(#he$T9U7AGFFA<t8SQGP<7V+_B4Te&2KL8ShswD1U#KX
zVV#M>INxh9H!bbF9_I!Z{&qM2DmvIhhmm1!Y?NR;$-6Sw<7A)E`hs5a#7R@Fx)xX3
zPheNw`CMj;iv#Woi*z|>5B8g}GBHgrEvf71=qM;aO3~BP8>*maNK{No$WfZ6`1$#P
z^$@Z+br5J{cJ}7sa)<KKO!C|wj<yd7-qD)!xS6q4G@~+w9((8wazGs!EI?<#W*KRf
zQb1yMiZDV^zAMOris*JOb#=3}4)Fdfs>QWBm{Hq>S!w6>nPjm%wIT6?(x*JvAx6O&
z58uL_G5PI?{6K9k%zJ;c+sH2>Jz}ft{ghEr>2&no(mJwiaYB7r_<g{Mgo}$ge>k+K
zr>8{=w%}e<3yXk)(9qB_xy7e*Hb~og@Mvswc5s03zrDNTbG<T9?MMw!iCfk>G?mEm
zygPJ1Z^spc--Df*ne#fWUwFs^3n}mhgstDgel#=jK}y&pY4W30a^fD<!b?lWDK#yY
z#<YO!DAiZSN&5n&f5~!}ltSc<92X`AE<{hJfGY38n6H5dL%gzXzg2ZHLH9l!2Hh>=
zH@<E9qq$7UJ`HJxMu$KB$wL!FxSVS1tgC0;aM_9c)W8O%B06I@Zg9I0=U>+zahe{l
zEmzhelI8Sc2KhNzpXP`gdbQ-^@r)e5p>m>Z(vO#cs8^(5oAtRs{wgC`dvjpDM2~ZA
zxAj0m`W8xgsp*hP=u4d=Nt(;pthtTSh<GB3q0|Rr-QigroTFHY66`)qVqwor=QsO-
z&Vqu_di}?%?zey4M_vCn`Dgx-pXtBJUzzkD@@s+Xi61y87wRpR*y9w#uN?@-v|S#K
zz@@W#HEKgUi9dh-OieA#&9%GJ|I>n!w!O0x`u$tz_u;`o!nmR4=4QDpzT1ln^qa@c
zzPJv%J;bKjYrA5Q=OgL)286eDlX9UH|28$4p|mk56L%ifRYgA*WEFHi!W~x|23<L|
z6tmRN(QD&pQut7-F&!U+t@)$mdY<kHO7}Xlgu2)EjAxQNQL(_@zt5;kh_Kl2Q4080
zdw=fj{psyDmHAs%o85Dobw_{h-rW8LP|HHu%j&N6yn|TYkVTm9nq^Q1PnW)xIh%b{
zfs%X#c9H7K8Qav7m6NDUYmwu!uXI(%6O}h<4>!!)j{#-H`1=VtzLZL`RHm`jb<vDu
zz^)b6_?knjg~D+>UWGQRfO`KWu6X-6fFJGw<vf4Gf$T1wNe&~0u6}!4e{ndIx7Bt1
zaRTrCvl<mOrNDk~*o4SL<c2ppWj%)+-1KT-Tow2Qj72%%(#)-`ktBLhv)ylSEPROB
zWULVv>_M;6X?Htat_OQ5H`-jU!4jzR{jC*DLxERd98?>Z)jO+In|Dz_ncn}MU|rmP
z#<$Y;dcB##NO{C=yPzuI=r9mMxl8tojEqJ}NkxBR_7P6Mg9odrl!n<ii_zQ|7f7F1
zx8_rDREz81Hva(k*!!^p)Ckt`f4|2apx*W51_E^I)X?zX5b?-CC{E;PcB-##{AM>T
z_cPq&=P2Uuv!v>=%^L&DJ>Ppws;k^v@QlwoxB2gO*b>1#Y1m+rbN;TLQ(rsL?XqQ_
z`fq367BQrqWg0*)pWTEqcWiz8PEz_JL4rS>RNd-?YWP!mM}^IB{{HkYvRo$l4Tpm$
zZzLM~Kk7f9NjIzLJ05tbm@E{{Y%@{wo6S`_G{6<(y}@Xj8XCpQW=>9Qk)nAshs(>$
z+re{uPbbuff#9eFh`|b6XRD&30<L}z2A6PWd)$KEOf~APi(GZYKJDZ>{mfe6m>yWq
zY{+Jdu=a3Qg0?@`u~i$_SeM00C`p;>3-%!-{sGMv{M%Hw7x7L_URy~;SPI3!)UuzT
zH$S(w^_StnI3DHDWp3^YxN}N1L?{AdwgfN!OhS9_&O~y9<r>CkoWXZ{{dYhgHUSna
z^$g&OgE}we+O?S6Jf{8X@HM1UG!Gxd?q(<KzWa0bRqs->-Ce^R<!}l#R$Y}+!YB_H
ztirwbK>hZ^dnb||!lL#UlMzQE<%~t#H%XJZQy1}~wT7bg+Pw%8;6{k;aGdVCZ0?5L
z75-<v_3+zDMZ`hYOuCZ9&qg1&h!(lZ)znkvoX-lm)4qKJ_gX>T%qHV267{Gb?CAx9
zB`CODb#Btgum4kB!O>A$dplYru0>zJAu9_D3piWD!QticAPb953q8Kd!Le@L<67p#
zm@Kdf42w3pGl^EYFtAbZf5JEE>{U?4@^(M5Fmc`pf{JI0oR?sBetIy+xLZ=lqb{{{
z_~O?`?)QfQaPO4Gty4b3C8P$&aB=$|ukrjfy0(n51W~wmYG%ViUi$-|U6_oE8!de5
zPZqK~y$BH8TqLfC95cj#04pb})|JjZx93!MAPu(Z`9usSb0`0x_em;_nU7j^c(%vf
zq)s7L>vW?=^Rb@b6rS_8%uY|%8V)`Q)<!eBhaqT~wLQ%I<8XkS`?E%o)X^|tq>M_k
z+EEQsI`wQ-#+l8ttzCC*;{Kbr*?}D-F#-vX$L*h~Jn(UCj9TfNI?>kFURzt!qH6>n
zOy||0;NbVCV|uR+jXyVF^CAd&32N!$=aq_>u{(RCl(v$i4&vxRvs(tIeb7_shs832
zHICbhppgu|rC|PI{*J;Y`}g%S+Ku)7%J$L6n**Y?u>6z<Gsc<Kjg2!w6;=stkT-b>
zC&njl8Pbzr|2LqM8wkVHTY#C|>#ybD`M=3O`;YvL|4sfnssE7Q1?)4Ds|wG2ZcaP1
zK)rFyaB>2d^a0rZSSgw%y?lS)_=w-(_VQpWC56NmmBAj5mxfBs%*;$p9nNL7w6p|H
z<*$Ao^<b@WWd$9AEhw-IexF!R5>T-<G%q8Z<h%7l4Eq!k(r>c-{Zp`^{@27%d$BsA
z5Oi|!2uYId8=Vu7<xJtJDkF4*Xx<0ci4U09Ejs~+s__)4A)+W8dPpIRII&+2F1$PI
zTizs9GL(vrbT)MsH<phpx2w<j+|TXDE6-=!8%uxMbZ9&R2IrQnC)8RyO)@~+Z6jA@
z_QnnVTCX;br)7@{z^MCng^RSTu-*|w5G~Ja$sd>C+?|SX<Hz_+>}L0N&|Y)VaQ>jr
z+ig~8mFFVO-ss6r;|$;9!bRXg*3+{y68moZr^b>hR=5Y+T6ZfetF@Nbr(^$T2WG8P
zXl?ht7?9)1;w3m=7TlW2|Hcj6d7-wpcBRo844=P^I<s~DukXV8D>=9)MYkOPD~t1)
zR*M(7>zLVxac;=YC(DN~O7|%aB6_3;T5k)+_bXwtC=@)5N4uGY3lndJFOrL=BfS$|
z0GG3@3Mp9_9Uk3Qm&yC98mxP-^&tt5#J!79?J0Avw=8X8*?2<_SI^5S+>#suR&Eb{
zIaZ@4jh4y`{lO|BvCanl-(kDEyYb}mI?X@nbqZc_Io@{T<O-!TZ#L4{RSVwxs^DRS
zNVh!dugdZUqSAR1f}tNP;aOE&7OFZV_+HUgmdcB)wcQTp3oiG7IwP{?9^2Ml2ltH>
z<F_M2579lnmg8@~t~=^Jx;Arer1RXJrnHsj<OM;8DR6r}EpE?-6g!?a0O%q%?s~!^
zN-i#LN_LDphIrkdzP~NSsj$`dRh6nCKhAAc{VMDLm`k#GG&F?0lK)*QDujcwXwdIY
zTr6zB$B)?f&-3xiqg4Vzc4(gItuyTJn@H?*-!pg_F62dZ-+;bJwP_%p2ZGkO=|97l
zQNa!MEBBq(QTty<d7b_!uQSRg{Xf>;I;_fW>mEizN=a!DK@jOuLK;Dk5ESVK38j%v
zML-0kBve2!Xr#L~DM*JjN=tWcYJU@bJm>iS-tYXrKfZl&Jr_Rg4fnn7wZ<BA%rWO;
zOV;8@;?<gPyL5LQGkR^m=VrVMho?=<+V+ljVIiVkd#7a*LoWQmM><ph!L_U>q$G$;
z6W$rkJ6sAr>MNZQ5fR_yBlpP`Lyt{@4g1+9x3Wy-YQ*#GnoqdLk38bn1{XRIKd8M<
zB=<g$im9wFl>4^f%er^1>5OuCj#G3t<WAHIvV<p!I?Oa~G}vGCUsT;aS$>9U7hfl=
znxf>iZ1#PRq1-5clo@#Y<)o&1bs94fPBEl}pX0@4=Bw+qYkxhnClup)VH<ab$!c%Y
zI|HL;WXxyp#yIyY>NPE!L%xi=KT|DI+N3(Ske9sBde9xv2cvS#o+?NY;UtJ|DRUit
z>cY0l`*sfQ#un}-0w>t2e~68ABgB)$^o;CNdHS5&dMS$%($1gpqns+Tzxb0P7(ueh
zuy*)Nt!p-=qt`^{o!V!1{Yt_<8Hgme%|d>CesGE{XP!TiD~orsG51s-V$;>j`l9is
zj9k+}Hfh00`z3B1GUlew6*V(y(m;Rz#(>7zN7m}(kK+`>tdL4+ZJE(K)IPJdNnh_%
zWs1E7t%}L--uIm-)vUWKTZrADU_*70N{|<Ry)w=)Ze=Z|_CrUY(>8q9vHN|fUY_bs
zf4v%2Gml>>{1%f)NGwR-upTcwlbzaJpTu}$sJ@3C^UufcV9s)O*1m0|*U6mH+!e#@
z=elpVhUu4>jJvF*Do%%=)|#d!eDjjM{Yl&&X6$}U3$|ayQD%jBV)mCGx8;{FyoJs~
z7UaL*C2ex`^!79FTB56oCu%3KCEb}lhx_6^5e#C+t@pS}NGEfLOs^X;{7g)N^>doA
zSV|uCD^#)3yfBQ65K{ObAG6=@FSWSCrMuhg?|+K?Pyaje_y0nEp1+a59Q6nJZJ(l{
z`8PJk%x$7jx<UWj-^<%quPaRxKd@A<N95anPvdK1^pTaGy88RVGk$mtAZOL2IfS-s
zy%H)bJ?T6~aBe%}gc#cFTkF?z=bN>WFBtkA;l0e#IMEi*VL~~3YJPwA;U3*3hI~1#
zHjCpl-vvq%Ked~cwY9UpC#J=R3vBhQa!)!2+`gp~mp2n==UJBrmN{+Q{i)XazO<uc
zW)D9r)m6%;>1$qixXM6Hb^p6tQ6sDgUD$25-|v6#I>R~FvCf`wsq>w<Lrp6(W?8a0
zEzaMcI~#X-Wu<yKd@V`b*=y|`-DSCRSuPU#vioTh2{*NGKCijqVx68`Jn}U|3mNUF
zpmMzS<t2@}GRg9s=5_N+@_KjK*7lxRChYFUZ_Po6;MX%&gI>Kw4@q0ntX|PhAub`J
z!X0?H7{|a4Ta9{4apOQxNd7e$_wmw}@{(?mWf<M69DPpqt^-2`bN$=e6?6;>mPXW$
zuRxNhgN*GrF8bNVSi%oq!XLZ3Hg8Z+JxmmlfNm;RP^Di~92?ZuYkZd<4rH^k)9|Mv
zR;H&f8*UF&pFKf6YAG9pl9Fk2CAAT`Hov`}kAI|#c<HF!Vb<{}zV02;o*Vs2nJkeF
zcVwve)hqsLENsmfl^P5trWnqc*4$0U$9^NlA}%vl?kCuoMNOj5G0&bAYV^fFdemVk
zjvQZE&>HNOf^L_ee2eYq{XHtZbssHhe9rXNlYjIg@5=hS@4n$~V#{xG^r^2uDuSU^
zd^s}vu`M?_$#<72OvL#dG8dKL`7>T`*!pGCOkkSPgR@piF)s~|Tk(h4_jjWg_2;f%
z$J~~5rm|=rFFiyaIG$d8MQVavQ4*nF7?;7e$gr<_fy0%wRbRM#JE;fu#mMX`H9}ZD
z_t_BjOKapubN;w@H<{$jL_7~L2cq?+mM`ERE$W>JW?~ErCa;p-KP-#*M#6j4x*F%(
zw!X0u8CKjT_qO`=*H$X7#5Ja4HFrc=xdL2WYL4N<!u+Ey-=m$}B==0U=8wYIUHIRK
zGRzK&N~r~`gCxvED(t?|iN~;7kgn{ot82u(Qg(GLILQ(b7ABWDs~O+bDzXz1K^Yut
z_(GIKC&AF$^9r|6S+yf+{%T+Ukjz9a!-?*MW;TYkdH!Bx8y4<uG8`-PaB5-E$9r)?
zblH0O?dDb-*B`~He7yBCPZy=wD>s5XcSfb#0FgQTD#0);j8>e-WWPIaJZ$m-hVSnD
ziQZJJ#N^QT?_!4&66!DdFS>bn*pA1(-5tD8F1z<~WU`O$dK$@1A7*;1k7`$>4h^A1
zW=8ITJrbKh;@5@3W<?x$3E`KmgS0@pbu5O*i=JtHtDwANfE#!s5@BeAOq!{!MXU3<
zEl<msjay}cEO2@HbjWI2{lq201qrP=1@5dyP8$r0sZD<x&oGq-71OGVX%6L+=P-Q>
zf$V4@Z6+)%V4!pLUDf8{JrWk@t8Z(|3j2AenfYw6!8hb?keis2ZIAcmv;*N4`=Bj$
z8>dz#OH@{3LZAh<=YGt9(CJ>Xdk}*ovmcYlsAWIzBFMzWdF?4{QYXiq7?m`~K>tQn
zwzWe|^~*(5@_IV|11kSlgq1!D_Wwj3aD`{K?@d$2=E8m0z$x)I*h!)u{eOaOp$Nkl
zV?tScpFBKS81mKr`jfbFv@JlJes4j}@5YQ;pAP=(-=~D?*H38ir!;?k_w8H@{hjiJ
zjYU~AOxdI0(|ybT?Nc@(ioOK{qMWAO#;;rN#5`|>QckX{=tI1_yE599D6$7~K<_E?
zzy9yYKky6rx&KCfMByLg-(NvPLulk0(9zO{x>V)pR}ORwDJEeR?rKjgQIL}#AdxS$
z`ifu0#Oxd_<qBF2obz#+?>7EX<t}lu|1pR-R&(lP{^uNA5-%@r-X-J~^qAaunRg^8
zvYK6{prG*K!-t9R_;?xvhfs2SpAn4j_X}w!Fl}4K?N5%}8%HzM*<UY?l|P1eVu>)2
zFUR+m62-9|7IP+%FWYl0k^3vgae;5^5S%<e(%yMI+WOhiT3S|FS!y+C+nFE?G`e^h
zt(jT9ay8RJoe=+-$@%O@8IR_e-e7#DzE^Ej=XWRZhP#{FkabDqWjS+ma{_wtqvO5t
zIA{A%TyEXhd}esfsmUxA$H7&1X{RhK&h7PQX~u9;>Rr1rK;LiT%IU)_^(hw|kJ*NZ
zlg-&S(6>3**n(fajJcu$2?SMD)jM}Oj}Q0Y|I<=ZmN_qJggM;wCTkxN^v@CZ13`Ka
zKBP>hJDcQvxT}2U&Mos#M~zKQ#^rCE8~h})k3wk#ZI_4g)7yDsl9D8x=DU^S1ss-t
zjULBy=rTb^Palr8Ki_k?3T~E^ll-WNo{bO=<v|y;LcyqAB><TeqAtRVqAhK0_=JSH
zMl6ll-h~IT(<DWPqni(h!;*;~@LjrO)baNExG(A$EE)tCMfXAdV7(sc55}`I7-y9d
zgnE3i_fPUP#IiiJE?!VGQdhL8EavU4v4W!vU$Llsxi3RO85bHFD)sEFewADP!@gA1
z!5|{}iF=r7XrlFdxMm3cIO6@n7Iv)|7|E3q6AisKnm|ZX7%qS(6ldV^_34Qvg{ShY
zCYzDxW|rYG9yScxc!^E?*t>V{!eTmkZPRo8v=0Nj`&H!SBk=spd{WSNe}asyV5Wv2
zJR3ehz%Fr~MxYTrdNfzRGLX7uA#x3IuED{gDZur3yH8~^NyxT4`RTEb&Xd-gQrI)K
z9V5*(;;gK<v%V+<X&<^QhBPx<A_jgIM(y{5?(NLIn0ZZ6Q4vPp8i8?SfSFaQC)Q4&
zFqor%S~?7kZ(ch_sdE;ugiUF}1%iKN;1QQznf>;Bj}RKRL6K!-ue6TN2!EF-hQTK*
zwQgPwL~`!dT$kOCDq)ha@5<WRZ@z{3tGwoUfA{09nwlDRjclIfrf<W-SFYT;&cDI3
zt4ub=UfpsNxG+=_RXQ!8GdAzZRSsF<A{1`lhGY&70q8F9+gM9K770A;^*0?;HH0O3
z{(b*=zA3f<Mepr8AD^B54O44_)H{j6iIvc1COMB5Cfsv0-mFsVVaBOnW2U9n>XPu&
zS|DCtui~VQht^d?FETRns;g$ML4bGFlo0eHyC}hVGe+|Fn8^tU*pBVPcz*n}e|XsS
zn)l{`UT6$a;qJ;eig3klpU)i@%o|zcoI2^^0X_Zx1blX<qjxSVKhxtiT{Jirq2u(E
zb5%#1ZB~Oh$IwUgoY(_(#qTb6`e!9YuEMQigpVM65m933d#m5^2?*W^KfYq%kX^uI
zJ(OqG7P~NVAwe|Tr*8Hv;YGds_c3<^Fcp}vpRgqB%Gd8K4MI(IjC=Qo`k7((+18j-
zZIK{iuEb_^3T-;<)*V$#DyW*ieH*t#6M;Hjt8`uK{57N)2z0ESt*y4Mu4dk!Yy)?i
zNCk8^{N*dl%N;^#7PE{7Y8dVxz#2+7I^131w^G(rdq<Oa!?`}1JYUVgpa$meMKKQ!
z?SjVB^(rGLCnqD5Jn%jxIT<ah_xpE!rmJD7)GzvEgP(Ov-}#=n4~vJTD92uxSb55p
z!borxL(q!;;Zx-*3f;l_`ue=QJi#AsAN>+fhqOnKEH3$2C%#KzO0(r6-`5_Qi;j;U
zOUZu{6(Uc~EG_ZSqPZZ0>Eds%iVHCtM_y)%F`2qLi+GV8_C~yf?<w*p{CDIZ{Du5n
ze<OdB#UJD^$wNc)iR0226%&IL`VY@FG302;I_-g5zfPIc0!eE1_L&dYeVP_2wtpTW
zx1tDKuFcDW&Qp+bL^azKLcy7&?354B86d>#aHVuY6Gq@m6sFntYEMCyt3}bVu?pah
z2~077c`bnO0G$I=_z<sF&0SizV};v#vfJ97OC!b$AGtX7$|6i(V#Qwh$zskYKz!7i
zj9zjPP^EZ+kX=H{6}si!j6Ac2jY2IKcI8nJZO9Dz;!o!UTYXEvyRos6?x|Ji_A(^o
zW{8-NP9R%~7k1Ip_+q=l;hMu$5o8yvarr?iEnHr!@wYVrWtc02onAV5mo5DtA1k1D
zN`cp_(7fZGexE%~yN0RyPM*M3p*O35t@Zx6LHY*;RQTDCShZwl7aOrH9uN<HeZ|6Z
zCn5cy$j{7pp*Q8;+3XE=4a6lj=L_k&r8%Dh%Nbrhe$c-;EJJZAm@*l<ZW3L_;yZ#p
zaZ+X0qB21=@523Vu3hT(+}eozGqBKuHV?^Oe?3)(P-7L&?5M-Lfd_1_i|ue$h^&n3
z!tl%y1LzuS)6=GP^mSf7M;pz=#Kco4SC2~tRx``MUKzcE0vb?(<XuX`THnfWk`%Nr
z+=Ypp#X-!&ym6+^|MiZc%(#x;z){9|WRbaCxBP<#pIY{E*>DFke`6kOiqPmIH`fk`
z#Xz>U=|1vOmJXiA-SQh$yY-rqdQf*w>s^j@7{aAr0jN&lvdONFICJJq#dzE1-X1px
zM|4=sV6GOD*VE-ouP3}g(C$Y<LP98mnzuA(XRa0ie<c@!#NFPQZtkZhSRRC1RzApv
z_?#du%sgQawYOh~t(oWXI`xGM5B3kGYHIMzS7`ilxowqGgzYD4LqpF+_%2iMyc!3k
zxm_@&Kmi4v;F~Uf&dxsPKquitYX@5f&$6u5^BDSsZ+DW!Uy9)iAOOOxhYQT4q|P)G
zwD}fJcLrz4g<o8&+9KG^8=8!bj-Duk{;+{Q8fWi6Eu=NV;-VoI?Xn%pGls9c7maWd
zk1z*^(g7YGJA?U3eE(dt*_mR|B&bYJzV0|#A0S{eB9EZ2@<sW8Kf%&6{bL3H5}{Rp
zVJ5b(YSBC-Y<g1^Q&hT__cTViw4Bd(_&o;`?Bus_x5<_5g}xX>{Pb3Ec6N4ct)$ga
zaQ_;VmNqmr<kJ#qy10}awdpa@;?F?T`C8PpIqdp!)ABIYXbM;sV#Uu87`RPh`KX$I
z9N=={MD)&@SEPSAG;~;ek&}w~&^Hp=6V`ZpE|dsV?4{kKvREhtcoVDBDJg_?`u^tg
z5o-ZBCwKV@w4V&r{_GLbi(~ExDW<&mt?g|Yb?tnUfbBZLaeDnO=dEYwW##2@66$bm
zkM=h<)3!K7I8Ys7BJ5oEF%}4fcNY5_*gNZ?3MkO$26+WWv*Q!eGFx=*UG{fg#23`@
z^)Iat4GlrdxjWJvLxL$?;cXYLCIz~*OYf~DYrziG5icm$(t2n(+!q<dQX#dF<Ds!L
zL8xH1-)={dT@h#wsQYrO=7Jpvr!2~EnS4LXYZ~_RLFRYGi{I&4ANL2erbnYCoL^?k
z=iVu*sKjljj1vl24-tK(Kpq<fd@bZJ5s?4r6#8s_-cp!$K!KO0_))$Uvj6F^Csx4f
z_#GhFn0{Ne4DIDQp;m{Peg<r0e^|K?*(0=!OQ-T8u=KhNRSbEo4ffwe9<$kRpX_&+
zYClt{-#i`OlmE}Vr8^|mPa1PuCq76KBYrizes7+9HYr4(>l($BrswW56|aeZX=$kw
ze}4JnIR%vuf>~7_JBt$&Mn%)=dnZY3Y8>9=?IRXXa}Bk$=I7>EOq2)jXlTSbv54&t
z!^49vzF$?2W@wC0kw5vrBmdAZ<mdbw`P*pzApb5WbpK&q4Y&2N9j~DyCB?vxlBftD
zBH9>VE-RceL7EEK?Me#vb2KY`CI~wYX6Xue5gh!eKa)(!d38*fnHlRPn0YN_5FmWJ
zHSy|X4-00krGI9h?bFetZL7eVgxL>S%#)Lod1-gwySS^XtB}Nuhjts^D_uKwt#CBR
z?iJH$@E_I{Wa|cKsW;U#WprO=kl*pc!oT6XI5Rm3C6~9tXrb4xu-E?j-ng&fKwZ8U
zy|dOSVINNw5<lKntD?(oy*0oTN#?Tl<9ohoGxUAdvA-#3&~~yU9YIz`gjnoL>pIw3
z;x?=~TAyryIAmx@%UwK(JuNl$EEd-6%*+_V7X?3o9U!o)d2;C&6>!=iz7H!RmfO%a
zbBGPK49M*0$j5himW7LppsgdDhWyBQ)?%#80aj+yhi4f_M@R5zY)6V-m_DCH3_Dl|
zw{JFE|5$$BdNbBERRg>E1fF#*CJ8BNNJt31s9Qu_9L2?pVY@%7J)4`GKUPV2Y~$p@
zz{rGP9mej^sT)6X7w2qdo<GM&MMQK-jD8N@h)sAg`l36B6(cSr*D=nXdoASfVb;gF
zE>n7BmrY1_!KE=%Iy=+ECd%?74ZnFi9Gt*QW=uZ~r5(JM-IrA3V6`g{?$vqK@_xBf
z(hdJwUbYTXb};fY)_ywE!WsDL0q|ZUIW|Y;)j->-*yBOzgwyf6SNHAm3$xji<3qdA
z5@lNz6_q&&-{F6FXjW20#3fG2wj%|sWn<{19o@?2eKM+jV!4vH*_UU0b5_mil&HUL
z_!m)Uo+r#Q#Fn0YpKLmnb<>RgaQ@RLrq9&btn}U?(`V09YvtK#Bck@zKX;^I781G$
zUK95@a*Lc3iHnT|Qaa>_s4!Azu&ErTg-Vs3XN2Nqj<dnqaoLH=Grw;gAncp>yG=L`
z1AzV|Mt8hy2stY!z^>R<JO2a=geQ_5l$JcqRjrx|$X7Cqnta23Y?OXv+?I>LZlLLB
zSfhz1bVR;Vtk^aC@LPIhZf<VNWA{ewr%Rhz(b3UhLVT?bPNN$4t<<rw-jPqYNmEkU
zi2jN8G<=)G=!W#<S+EX~r=4W;-QV1BW-FmoFymCKFUr=;y@=kpJW^m55+tD`l6_=k
z%RcJxws6>*(P80$yTN`;+kxt!VQuiKDzhrj-CyG~JXGc|4OS5d_`Q97QB?fq^6I>N
zd?a%jS(>?w_El3_9(VG!VbZX_Fzg@kQs7aSl?^Sm>_MNTd?bzirgSWqJe%#)XlI6b
zMN4~o0xX<6HQb1!&5>fOCVJn8yVf5v*#@q>a8ZRdf_<?VwlZd246u7q(9()N{;34N
z-|TcVY>VYI9ljuQ>(&?Oh3|lN*3UE}lK-~L>e#~c^hd><#_vW=_yod`#rp7pF^~J4
zrL}eTx3F_hY>kC-3=tQpsWTH;bnd@4#^P$tt<5<;I@;XY>R>Zfz8&5Y`r<`~o3!Qk
zv9ajZOv!UQ>O5BCL~O_4n^5Y6X!%WXY8Go373}=QGRx3wW9@roDLh%lSdRQtS_t?8
zR4AR(lJ)A<+C_U;R|?$VX+(yDW>eE%v-A&+n=$tyW!~t}u^r0eTTfLFRX{tQz<_}2
zjW0Bo2<N2%Xo1d+9cJpjXVF??b_^7}SRje)$~4Kfuw{l<w8}FKf`Sw>vaQc<)@Div
z_TMgEL_V1_va+WUNNE!f<Z%}0(IB&WB|~!sXA)))L~v6J3sfW|o4}&Kj#JCZbT?-W
zpvx1aJ_imx+b?Kb@2{SvF?orX_wI?zYyR644@zyn1KYYx`Ibv-17a8rpC=+N_k!;H
z;@9o-Tn1H^NRHHiwv8-U{Z)snl|xaW+MObQ$A3ru;a|wl@i+2!cl|+r;Vv{ZEmfC^
z9d_pTWIcn$T?Gxja{4-D_6*I`_#DdZr0rKD-0OlF&geb?pwL+dQq_)vfd9R{aeR2k
ziA9ok;Q3V8vQKm=UDfphPqf<NvC{9gy0(8??Ease`_@ZpGSDwb$%AnXrl+R5P3ry`
zY5pYgDUxfQ<<}U_SbV6ht<^3x&&c5%!q6Zi$-c9hIfrrdXs$Ey(z&3!2Q?84?eFOB
zt2d1>O|}ya3A=AHxrHtE;l&1|D8?y>>F9dnVAGx*4G#7#y#6BA{>oSAw*?&Vd$x8V
zJ_Xl2+iOQjGHy40I;_Qk&+Hk-cUrv&KU$xTtknj4go^z>tm>->K4S$cc3WW0n@PH*
zwzIwxt^c50Z|+BIe3$z?hu1@)dm}wPJ^l&K&n-CXB`he2XishdQ4I5qc|JVR(2)3y
zM3Tbkei?fVMI&rTG^N{KwQX&R?$T9{=faAiYyUtllTV7YO-ovF8RkpylLmXCTJr(Z
z>J}SycKG=C`Atnsyu7^+ca}=cJE+@|2=O!+$}_d%nF2Ec=?Do4!)nIRFaChr1`kaA
z$U2>ny=076(S01HsM)qS(@FUUN}6>SX528)(VY-+vukVIk+s2w1_+Z5dIyaO>7zxM
z@z{2HMV38X5-4kJVQ4=kB(&cWdHJ=l+j%@ZzN6zyhQBn1x<QK4)LvR4d!t*o&dLk9
ziI{%_JJpNc_xCjx;B=O(p-O1L$dCgdH@yN`zQF2J%zyTZx`cB`#K^GFake#<Q<wb0
z1^eGRR(6@z$@-QCl`2-JV<_T=P?ctXjd4RDeAQh+uku1VYH7XRjtPe#y9%6-Loy%d
zWBy_1<jcB!b4Bs8oLy-dY>#kk(!g|L3C^bNzC7@S&dtpD2L=|5<uFmEO6R@(`Y+bq
zy1e194y+<T;x?wpXSaIn-rnBYEo1t-N=f3!DRBl<^X$5ijYr48h~Z55nu=afVN{2X
zRH5wxvzD|`l#ye-#mpGbHT}FP5W5`Q+=OBoHj@$)IZ=+}FPiGB9H!46QHi)@8*@)(
z*9Pp9g(wBHD;|b@`t%7jP{mT;o@$AhR=!^fD%MS-1+BurxOd(GEGA=@j2|Da`B8z^
z$i4gy!tc8_a0bQu?|PQUJv(}W5?{Z5g<PinS(dVm>E^bisKWmo$)8&D1hj3ucP1)u
z9}Htl@~et<%R&TeVrtsf*47im$Nc?68o0*XusB)S*zUa{DYDZ@GHpJk-wtmAR_!O2
zsi>%i;e;puY)`9?t!J~i%k}f#4lg`gHCoVM&`_ULA-OY{84E=1*^J^YEC;cNy`Nz6
zht*`7K{H23eECaZlU4F0c?Dq?#n@0Urs3QNh33FlpYrm$2L}bYxx?vCA<ZOODu1NJ
zCgezBZ|pIcWTR@f59<QY(=dKzM9^mwnPYMNA>8)KZMAd(5Gi-JwXq8dmhy!@R?U!l
zc<30-`j0$Lbgl=a1;A|eQi_;AnmG|p*uRN++P}a3UpP8w=?cdg`sycPxg*BDumAbO
z=~U@{j~zILzYntcz=UT0Zv7eB`q15QdM#-8?kGZmb9Z@|-=q=8&dzRu!07Q@XUs)i
z!fb=;8$v>qD{lSOsI=A#|EErF%JzoLqm&tvV1IFI6&0e5r0c7+DDCMcde;p%&YOb$
z*)k4Ss#p)nRNf_#kdgKOTM5UbR#Z^v4)TGWaXr|yNUP9JVf+;Nd;UA}kNiS@_P>#T
z;MpJKX9AsHS}%2Zumt3fhWzZxWC-Xl(9x}|t%bYAl!ir5tgik5`Cs_)&#`LH!2%50
zxce&=S+CW_IL-xM&&zzCnfU4ff!3oWp99vD08O*YR(THsV4Aps(FNjHM*Z|B3<h~d
zQgC33sHmv5z$icqc!OkrTqVGNr7cLvG3|0NEq#<}H(mqt8zM*0%p0xr^u~aKYqxqI
zY-@u60Z7I?3p{<nd_N;2LrO{tx~c4~jZ1j#+Z!1rPi{Hv|5iuzy)j|&<igwI*-Ba^
zl$l@624eYYAwdEhgRYGEL&j{-?q<IGeY}9p)Q~Z<i`q5Tl*4y_+L8ek`+m_c=Bmbo
z`AU+AD}fU1$@yhv`*qK--QC^6g=q;y!_~`6^o}54QvFi<8~z^HxU{|79B@Z+ZIDIQ
za@{z;$@#&|A95b>H#t8hSU)!YY@)G~CweutHuK_$i<N1k2gMbhR6+T$F%u!JN|zOM
zk$aKs4$WUesrVtR<v8OX$i>IU2R!%z1LMut3ef_D1iV>?w;*z4GZI;ton=nvkl-!!
zMV*Y6*t{C;>+3^y847&UtjqSkIlsul#3YYZ$A`El6{EBg_5|e;`-^2>vmR1K77d@q
z{%0LMW)8V;UUZE`{d*Xsfoc-I(-{6oDnD!0D%UYp1}Z=K@@R$~3Zs}cX<!+Lno7c_
zs%0zj|EiaZ6|E4=Xa*7EVyo3>c`?UIXpxkoW0NjR<3sH5eU9~6O=pq>0>W5%As0b7
z>*ZeMcEVdA3CM#3Jn^(I(Gp~#qG)ijO_m;RZcpr61yy4@-raD<Q=&QKE<7n?M1b{-
zcQ-~Y?G6?`nHQ{)R&Z?EPpqtXL(y|NT}tuoS6392)i3>{pnX08Xc~c@aETX|lb%+5
z{WhzqMF7IZ%_r$Px+T`c8*-<TQ8ufY$eqUm@ybkGCl4Z;6K5sb=sSgU+7M>x6+}wW
zv}M|dExn+{z_ecgrVNRwQ&~Jy8bpkA6v*hZ^&7#a3&Kt2E2A0Q7yl*ba_SUG3I)FH
zmioEk`eZ!B__~HVVd1kV2x!e(FGM^AFEtg5Wn{BZLFRK?k+em}WRU{EWejYB#xs;x
z!cuN^8m)|#_cb@m#p&f&bbl~J_<WQL|8c6F7o)?Wanz!2_IK|R4^fa%($KIMcR_N<
z3IBGP&#?!HQGA3tTI*?kk<Wp0iXAQ&_HMn!$Hxa9<<m8M6zC8cUKOQf5?sx>Gxn07
zdGQ$Spoh!W*4C>QmY<p1SG%A_ESN=Rq@zRG%n+IO{+Aplonok`7b=@?H!fZ{;B=jn
zsj#Zb3yuyF^VrrZc<|zM>AeUG16CyY`KBU>ZW<|-m6h_Uw5XWr&dsD*!mRI(C!9C?
z1LQwAVNeu>^B9w^dGD_?C@5=b4bj+DJ^i)Oz#*27^$r|sH<X7<<;L&p`R!WSh(mP4
z;Mu|?N9x|v(SgMfxjCWrI`hZKqOpxC5%Caly_8w4*5hm1{SA4U>6zs86_-Vf>oN0i
zXqm2DX-#T(JevgxM94?$Leo7r3Y{nRFa_yT|E+j0c-q>Gmc-D13Zpwu9_KVxV5az{
z2loA*&cb*ur!Arj7o0X{ZtE9L7)?~$-|MbvrH`A|BvTQflNWd6_T|$QMP{SEyN=8H
zI669hBF8pB^fKp==NK;hrE90U@x{~*e1x6<R6W360=eMfRlcF0riG|sizMUeD^o9W
zP$Lc&NIS@J&mQRpX5#yNIENuvbSh$>B0tmYf34&i{e}E&e<S~x;2-2y<wHaJ4=MZ)
zEkA?D_lK5W_r^a(w?t%-5un>#R1hXl!XIA#PzclfG{FPei1jQuFlwst<xt8RcRt{n
zpSo<0j+f<l7*CzC<QhnSb9l`pD>LT?{vzQ)PIcIuxab(-m-SgNbF)55!sB4R-hTeg
z8bcProMyIYExl8kRS8V-iRVY$7>|z}WPO<H)@g{1T85rL&6f=F7_WV1Wwf--7i^X>
zsN<{u#M}yqu!|f+ck7l1brcj8y}i6R_AkHgg32->Mn>r|`V>^fe@wn-c7|`RM%JER
z*;^TfE<Q#IQy7q5Y$ct7TgvvP|LRv$T$YVgquG4e5tba;(jp(ZW~fe*t!`KTPipJ+
zYf3{y!-Rmre>8FrP_fD%QSE+s1S<8DRv{fW%(GU=&DqzrB)F5V4Cpg`4GkFB{}RgM
zT2z|2a}B9}%5~FgT!bLJxxyy^iKYT1$@6DBm04x71W=;01hlUsBcC4QT;-DX+3FDF
z&C+f?mCOaWVbLFe?>c4$_Qkrox?Yyg{~K$cVNnw?Ht^n2U+#h4sYHXoA2)XW{V^L1
zid?jib+^xtGFvm|CFztqLb{C;9}iE+MeC&S%P-WcbIA33nEQKgEFg}}%G`yF>pA!m
zh#Ug1^Yeg!+lEpLJs+Dz)~cQ<iv`<2t}P7U<l*V==%Yuj+P3v@$QDoM@*kT1s_0)d
z{YIupAtac2vpm+ZWkY~v0Qb0$?4b3m>Mz09(7##eHVE3^jD&+I{6f5^b@emYa<ZX*
z@3NlkrKY49`#u%Dtk{>P;=7O%*InbbF}1#K&w<?-bIQv3C~%w6%m1+Q*+LrpY*ASJ
zpb8!X6G+EcC*6`V+s(?Yfe0{uKhan((h$T*E8qqK@g3j4(_y;7YNW)u^F&AfFys%5
zFFs}QnOgbV+B{Z<JeaXz*F}yVEN*@PVr?uqx3KUcv%sVYZzc8CQh3f>1@iWtI|R76
zPx*!FUeZe#oH)HRdp;{+H6{#0tN37y-Fak*fR_Dk0<K{lCC&gQMn|nSuKqQv0S*Cy
zlBz1&msdr4IiH>8ZZ*53Kt_pSl{!q_MmoGfpY7`o)1I%Pvsh_qX#qF!<p<w&+0@T!
zfnW~o;y(p*-UeVR|EA;5)ImaCT8fX0W0@+)gIwsBpVF<5f2-;Db#!z#W**;A%?91U
zMDLyFYB_XbzioJMY}62VKGLghobc`2c1Xk;RO=iN<Kd)vS#hM)sfZ(GW@w(V`RWB3
z{yvToj7<N(>gRsfyUW7^GLQ1#KmMb$`?pHk{5+e}l8c9r58Bbb*y?bhMPm^0j~_pJ
z6K8*RCbExvIm4C?3&OHFYxP({Jyq*~<8^Ttx}hNxF0F{Rwsvpg_JqZA0y-Ey7BTm}
zZk#rD2VbYH#}Mtqiq?ua>hXT`EC`jo3sp_&=~stbA3ttj59|3r6L*A(r!Ud*v*Y4?
z>f4yBo&JJmh^eoSjU$pYKI_!o2Z2KE-aWP<+#;j#Xvixn4WE)jBRL94UFiRxG?;lB
zPX5f!4xGM$@WMPdwX?UE#AEE|ly&<#nt7Vin-7m1q8*-(7LA7`D7m`sfyCMIhW`}#
zS^qookNrY^*1wT|a_JB9*D|7^VK>};c_P$WLrbBdU}QA$EkjMXlqi>P=+)^?1{{3(
zw@C#lw!6@00V#SYLJIVO?m!^qIgy^gaec|j$&k;3rA#mGMfuEf-;4HlicVV7kO#*2
zFJsGjdhxNpH1cXlBrDC%%@NYwh(^gP$HGAWmcFMi?EcHvqEnb#wW(lY!q}`*=w3*l
z8C^iq^mhFpevWqgDi@c}`h*m~wVRt;fIa$oNXV7a0@WIcRcUj%Px)K(CZ^lm0%woK
zg9qoRugUX;1U#N;A*MA&K6%@Eq~I|Pas}x62bJT;1d3lTVn;vOfE?Zf3k!B#TC=f9
z0lNC!PZ;g#|8m6SQy)7-dux-v%7jFJ!W&f4c&60nDNWEjdZ{|@hi{UK!hj%bMg_{j
zcA1DeGW+BDsR>|Ozn(9+x4C(bEo&QTXMy}!+|a55D=S8&r`l!ZZN_HSrr~H<kEVDz
zS@U`7YpSfM6+2(g#f-F1*ctd?BBvsGjAWh63yC~kGZa*Xt0*Y+X1-ujZLCQ=FsGNX
zJ@v8lbq232EMy!88NBvJ9q*-N-M(bxyWc>6|45-8!WZMZi`e%Q0Xa{#@7}4HN(|RT
z311&DPet0~%|jQo1q2u{o;`m_eSLFhN59-LWmy-Zp9c>fd}Ij<4vykh9_*3q&vAYT
zpMZ#1GBlmZXw6H6Lqd3i4aLF9X){)qf0PSb$Wt4W8<Vv<dK}(H0IK?xE>QS~gM*`0
zYMc1JW<YnNY-UcXaPzX5iX64v?3R-j3wLbd&F2K~s~QL@mVQ)={3MZ(n6l^eDK>2;
zXs6A%_;!((nb{1AQH9q3QQ8UAl;2*v`zW)W`nOl3=wKkKwztuRBz`+XEzM*u=l;N*
zyGm`4NMn$^AIhm)610Ch;DkR*3h2^=<2$a9!~wT*;qZ-+v`$D_;SWn`UT&2%Tm6<n
zYBG8Fa45Ioy+X3lhZ$VE0r6Yz(_dcpek?mWK86Fw8N9j7UrS2;+dKq={yo<a0Y^Ko
zjUx=dk}wzIKn@2glQDCJcCz-#rZ~B{-d(qf-A*@rF3BfuJ;d|ot~}?z*?RgV9CcV#
z+v5OYh}{t@$|dk7_y+`ht*PD_&=p!S$p;QZ*8|1}<x%`BS2CU&BocYa(f6P)>0Id$
zhXit?RkEJ<<*e^ZO5P87c|?UetAo~h9LN8n`2{^qpKiZ`Y+R^fW)38kyk=uG*@lo$
z{l=g#UpfQAWVo(gNm;q6zR?ZBua~sKy>C%Ekm;$<wC?%P1hVBPi6&1>I&jN0SU2-h
z`fUfb{|W~D2Ot>8$mX;9ZPHR*(7ofAld9Av#mOTpyKIzoYV!I&Ofp8wzf3YA-+q~7
z^ijntrMAb0yEzzD!6r8BobtTyF&VIUn99@bv7XA+KcgUvxw393O?XMH{=Bs1J<Oc@
zvH?#dRXun$m7ZL>C*4CMEtmO(=n~UwX>?YiOWQ}eZ&00x)z$XSW#Mva{x$wC_uY2n
zZoF&F!?oq%#{y{(3tppdu25zy$=69~w3DN8C_Jw(FN>bCvR-g<S9!m&oG9V7bpAm^
z+FPBos@;goyZ3fTwhgVP7bZdz6BETiv4=TT4$8pcp~~B9FZ7Bp+1{Of@&t{;{hFLB
z-Kn&@cg|H#GPukO$@g}lHHQ6Knt8|Dq6_J)UJ79V3Zx_?Exer{-q+s0m3zGott}`2
zg2n>J%<Sw!ju-Wcwy1XU#qNwSdWn<8tlVBX!s*M?{269TO$B=!8^Wi^&+*@p|NAfG
zzxp@w&n5jq{wqi{H0Q<W$nfg2Hv{+|!}YKmcs+=RL-VGlCnw)?4&F1&KS~ya^PPyZ
zC<U;-uvk)%dIuP6gJr9?l#yB5Je>M^>*(kqXfsUBF9vhx^%yL>KG-ZiH?zBp<E7}t
zvaJ;4?qn{di56%d!=`S%Zrp_Zir+<yGVL^~K>#<hK9YT%x4*P0;<7B{I3u4f#qrUN
zPTWh#F`c(0pVA7p&%&99+Btpi@mVEQzYuUQjraFozkK;wjqHP#f!Fks4yfH_n{SHU
zz8j%w=Os9vNDPcYCi2w^u0y5wp$lzeV`De14((Y2b3&Q^x}^vm)j4|aZDQQZU+YXh
zlQ{!hVd8x@k7d)E^e(64xl<3T&4&C%A^V9KO#@cLnyQ5{+aimNnQw7u{vbF&6l>{0
z))W27x>{>jD0#g0##E9Tw};p6vNm+G2Cu?gNb%*?;%}N95@{+)fs!`e$x`Kxvt!@C
z7ms(!ZwP+CS;%5(ugw~13K=3ZxnQ-H`{d#flmvKJ8aJFhY0_2nq<e6zTR)`!$?uX@
z&aw?B=myM)!dJ7GDZ2vjDL`mcOCSu9=-}2Z$=(e)XB|?st7R+~N@@HoZMqag+mBww
zCRs_ODjNkP#%c#mk65ghFxlpWad&soEL_DQC{0Ylt6SGB)HZ4Va}6VpLB9j$H{osj
zYLA_o<6Ye-wJZ(JzW7E6db#y0WWtIEb1!`+B_;jJ>!PCiz2e?Q37>Y>L~vwV0h5~X
zW5S`FvrnWaS0NX&u{el49g<V(varKm<C{)hmn68@(){I%w24$i;gs6PTjy=cb?9V$
zSK?!1Z*6f-pNk}?qS7vYq)x})=RzSx+^czGT~QB$@A&vppdQYVQrnQ@_$t`qwzIL3
z4>^Z%18i+n?8NBkC^Z_OcW78xXKSn9iCmZ0-gj51mw11DU>I^`)Sma+Dboib&u@S5
zn%9&=k@o<mT*$~9ev9sEURv<hf#?X8=)yi)N7~4jG=hPC;H0dxgg&=T8*SVOB|YPh
z{<sVxBD(%861D+n^qaJwnmD^H%Gf8u_Gboy+yp6^l7a#R2{h&0L8OwbsDj-ik6}sP
z@HDfUOL=F&0O98(Q=Ow%&IiEmC=ruVBP|LtT$*zH?o<f(4e44fOesA*J=g|s6DTae
z-c}!W_tYSCfZq*Q?Xo;Xe2pi<b9-J&rP=-#hMBp!^jX){F?ZPOM(!mumRJv)EE9fV
z)6BSsMGeA=Cy||{ZQ|1&!jLq1Z&~rE&lGJw;JJnk`-aE%)i3zebmojFh8_zk5D9s_
zzny6S247u-j~Kf+<@KU5h_1T(?lRta+E|}_+L!~$Az@d8{5kMh7mgmuH#EpMk%jjo
zH;9{))D7PlXfjw`9jO4P^o*U25-LeSP&<EFJ7R}h3oG`em<0H`K_Y=;Z34bM&m_df
z?K$ZS%9ojc3Hd>jwuPywd!XBb$$=V?Ca}qCW=ow^Y&Cdrc=+rbc^TZt(rO3Kf$@gL
ztf{~yl&<;*8K@snPjO|HyuqbY)S^Y9_U@=mm?HIjGv0-?hB<y}zy7*Q{K=emG11Au
zkp7S*iAGWzbq^lJZK<Zd-f$rp$TQ#N&-%s14L&)8(Sp)`)7woRd{9wYiGB9$jpGyc
z;HMbaQMB!MweIEXnOrdKXi`u<xB8<RKOT>a?a5cL2S~k`F+~LhrmLdS&gVFD=$4$L
z;kD`3iX5wQFHB0JXME;83~dZQf3(<cm}1p3Yzu#|)Rb>n<;IK54=gR+18<A$(b{M!
zp##x^^(_p4#!Hu;kkM}*N?iyh{&aji0d^2cl8xr>z<jd=hMYX*FTH0qhoo*wZcbkg
z`;e7;;n#~+3XYGQ`1}sf*Z$~?Y*4Qz-s!6ePwEu;W&b<!|M-RcEPo^airOFKFIh!H
zlad0W3T6?=BFzZa<H^$bN)mtAj)4Xse$x5%QOt_4SX$$_$Kgo<wI7cU^CMlyzQCYh
z2+8zcFCmKm+xJ7ybPl!b*CixRFjWr}K&gk<dmhz<;?p&+LRriEqx`W21X+;8XhGc!
zqY(@{F+PDj0Th=<hHLhrP~XZ;h6^t(jTh9UCSAF5MI%c?xiLN?sjN(Bb1!gWVQx+k
z{2!Zc8j36&8dF|M(~p6Rf=J(hF<A)tx*Af&lUw4c?b^qUT85jVm$cu7)kgD#prth^
zBD=WVxFFZ(4S+Yf2%1Sa$dcxd9<lM=wf!2!407$v&=xe^%ht~ePOJ8K!^q8T2bnF%
zFLA1+hGu11L9_?~m@J;nP#(keh7D50vG3h)r68L@baWXdw|Jp;C0Xj3lW?cws#DUP
z<*z9UF&?|a7T~Y<uEXxWKtgYUOxuy3%hs>l?S6j~e{DP-C302gKw+#565XJr0HFsr
ztQ07Q_VzqT{v!~Z=;@Q7iNQDo>hK9mnYOv<^%duc9Xnh#&-<C68$SNo9=TXCQVM$!
zG>PJ5yg9`W#;DS9AKlo%^Wxe2m{?fO3%#>YY+&zva)gAyKF6T??ez1mqz1XThDDYe
zMUVO)0e%R$-5{VdCO=abtaX5}pG1#FV~dZ9azvdRgU=r%6FMXaR+r_%{Li|9JZk`s
z>qyfEgw3I}&i7zlQJX=<=ioLaq!l76ewGAHDZmYl07Jzmp>yl-p$W<cT9U9ucE>5u
zsv+r`s`SQ>!TO_~T5UP38`!;z{~59#%^5VYMeyN6*9i~!+rDz*otrA0JsAMt@82L*
z4v(j&yE1c~lDj6op`Q!bf8@8|;Gr(xlY*3Lf`SuH<3|$a?Ualx)=TVkdCy_n$R5zL
z=#ofmYMy^imIMpkGU-G7yLVjIj~DkJPc`HQEo{9-fQe%6ooAS+&=0A10?C&-<Ry>l
z`fi|L^T#116ntA3zw6#8#HE>&a2{2%g8$H&y<~$a@A!!$1qDT)-0X)k*lMD(ZW9?n
zvbA@C-LI-j)GhCB4(o&{8{1;8?=d^ory?QCL0r-+q7ZbYU%r3MeZtYFZp)!I4@#`T
z0%vS&9IXqEIS519$djQ-%68N~>Dl?sm(eu`i|i5-65ojVFMbmlCk$aps~IT;j^GWg
zK^Ekayf$&aU8x`?SndxoOEO$X7=ss{TP;=TvraK&+RY!@JzzKBKIpdB@PgWopjnK7
z`fMmWn8)}=C@=`IL6aPK#*!)agdA$i!IB3Cf*i0T?P7VMrdHI8w#gpd2T&Fi6m%Ma
zCGaANhM2e~Rhfo%Vk|qG<863GF(mXW?iJZ_{+^H@k7080c(r_(D66T5DD2dk2vOK|
z0XAlhbz!eiAFT~3`hlOOZyq~4lV!w3N=S$w1@-tyKc%V!^>+RCkCC4bX>Qc}VTO_s
zZ-;9b6h9(!Z`6W)?bLt1c})D1Ienn0=$hm4ndTYcrh*fjQHrP<Hh2_7xp4%LRhj>m
z(Fes)MQo85o-f|dyw7_5I$5sPf%5_0jxv-^h<RLdzgVOunE(YsVQhF&{LYKtN`H8;
z3ky@-Bl2St5_;`*1GbRU3IWR{C|H1Nx@!x4=;|C_WK4rBn657`A9TvpZzOwnB}ou6
z>@B1v>DcCLiz0VYBx`$KF35ort)iqPlbbr*IuK$e;d^ofdF`mQA0Kh#DLhX&mt@U%
zy1TnUB$_Rpes+e8it5Fg0HNllCg=I?rw3=~BN)28zf4SR`FpFX5_xc37z9HwL(2Zi
zDe}wzcjO=ch5T3kM*c1AKgci0i-y)TnuW8#j+fpIDgfj{-5|fnxEqlO+2xyd&Ab=T
z-FbN3ub}%|0uUB|sR-5@Spo<qx#6j#4EfY>sB79We{{Q)GlFQ|k<rJgE^Zb&)_~sI
zS7@OU$~psQwtU=*V^df7bnnJVte4Qa;$wgGQQgm*Ma_N0^Ee?yJfDM-eXn7AP3hq%
zD!te8KG<CeIf5<bit^j;C(}cYaW;$NCEg4RStc}HUSB;HA`%l{a*7HZa&d7D?f(k1
z&R=SJ-wGfEu1tut5*xwPu+ZgN13^~i<JnfSw`zsv$~t)8E{HQXLuC$Zb2F3{Jw(Qf
z$%Ai=p3L@Z;bl3IZ*FcnY2v)x<#@-TN;rSNIh@{ir(g4S8YBHf`U`h1>2k+bLvL4*
z4??|`n>vaND7|M6NWywTTFm{)=(j(-AZ0Nrd47$t4R7ZrassWRV-6bK3tswkA@PjX
z2@LSnMRxS<4{Yk0>o%7P<z7<HuB<5M?h9`mkR`HXt|%WD9_20bMvEV<-wYEZ*NUAN
zn14t#Ip6M=vw8j3fD&G@SiaJY%I|14_iYL$^CQ&n-zc3iZS5XX!O5#`8WMJ0rR~V?
z=o4`AM`CJ`5$~-nF20S7lp1G5e_%BRWD@-H(lyf0C!F`!CtLC-e~;)Cl?u&{$(f`4
zpSx@0N!B;z9l*QVETyD$uA|4`ZSC^Y-W7d8ek|t`C`O3niK69**15X}ogPT|gABS;
zj}{h2yyPhod&$?{K!apAP!50~*xe|lflyU=hZ$`W76(YoZw+LxF|)!5iV@5U=7sIg
zeG9pmB<4BL)ny0!Gje%9LEM|Vz5sH_P@)4h%xUA9wYNrVq5;&hp8guW`9*e|JDab#
z$dh^U*&DA8{4jjFb6VoDy#mW<pW+YBnD)^aH-r-ulp1$Wv~3cH&H;0S+yHCm^Gz75
zPZlFER-0jzynbpq94a&u&1#BI)QBBWut5$ko+)GWNCx}=h@D?vZjq}*l#QoF2M^o3
z-Nh#CYV|K#W2B*nxy#@8%<vXzEAm0pANM)r{F<Sj6}zBp0<#KgVi=o8mNX*<puBE|
zvQi-3R-ZMTUgBr;oypnRVvn6ij#4C;p=uGGa9j8Z;zs{7Od|fzFiH0dwh1dAUjg{1
zzY)$p+f5nF&=Tbw#7Xqs*kzMG$OP0KB7fg!LPQ6yBGA;fJ=HIRHE{apPXXt}`}$o{
z(f{ueQ;>m^lM}R(-xl>4f$Eyk53=~5^E(ZA_ER6J#y12Lk{5#vluVPBk^&8opbioi
z@Z+O(WZ^#LW36K*gb_x-nb(PlpF3u@IL^)E6yn&kMcI){#-bpBS7J3tAWl3484<w9
z$U{GBLECc~Z=$077PtU%o54z2a2{fGVPwJ8pBpoSinK#l!PFsj<AZ@_jvkeOHD!5H
z>pjEwW82%?Kwzr(r$WMrc*v#T&_2yd7n`VO_bOc1!tzW@h7rCJ$0;+As{yG1hx)ao
z$FCUan%~*h_ICfx<+1WDNb?t^7&-p{`z){Rf5b>yV?ARxFg`-88hH@x#RRkR7`kLZ
z4Z73z{M}HBYd6|uju6|uis0(lu8+K5{r0+538ct1yr5}O2Uv=J{`_g;TMfH2{NSEM
z9yXPuuRa`Lk;I}1>PSebCNNp8x8NWN)(;N}Q3Un}szuhZ!hP(%CCUe%WpoEK)Se$5
zhb*Af7Ot?zis2WWU}e=7<j=8OxsnPYQ%+9Kke=kr=l=edsE3VOAB@&t()G7=UlRw(
z0TKY%R2=qDk2&!D6#0$*JMvHbLVo7Ik$=DP5Aw^4qM^kbZ#T@@wKiWPNbo_wU2fUK
zn0QlMWv>1gD`rH71{yi@w4Advy72T^2Y6>H#RHQY%)UYzrxBTStfk#n#3r{@*T!Wm
zGL<%u7hrFv>wftF&BNXOJSESQu{sllo4Q<!ORK9Fp(pzGVeVB(RmwZ^$QiRX76c8S
z%@WmkWMaR!sy}o;UG<C-IhP)e0u%kA+%=g1^a)AVmnKk*Gi2}JcbgN+gO=y!p0^mG
z_CefUnx{I>bHf`L+`K&O;jm1>ZJ^|n4Q0-dH@HWPg81Pktx{z=v->|`RuH{)RzA~v
zz2!27qx2-uQBUU@5>gN;6v5h}FF(FmGpwo(j;Of@mAR^__KdxKefWpu3IQm-6QM^k
z3+!0%3NQ(Plm@f|0kJ<Kf@o9MJV4_7Uq5D6jD<`?G*k}2lL7}4LXZy2Vk-ROt>}M#
zG5l(-|NK57J$K~%o75-;wv11||I@4a&$o>#T33Bt31k^FBzrz>$NYK6Of;Mitt_i(
zcs`-ZXs_<oV4<D3+x}J7osnfT8m(B;xzA!wY$pSWqFSlu54;P#4bvv+Bg4sMtZ#R;
zaI|zKAa+GO@Qyq0&jp)xDHNP&zpxv(n>t#KFO{i!b3nDV(CSMs?0tDpz%BKYg-@Zk
z-GuK{gKNDBb7%84@x+@FKgeA#T*OIQ&n?|Z%-etLrcjLE7S5p}7sbj;e&){exD}(+
zkJ)==<t;Mh0Qz6p!y-+)5Yg2yJu=)jSImxIry>x7>?UpR4104V+}76z5-YL6#zs^U
zD}-=ke))Ft^#vJxS#SQwj;^Z`#M>vdayUT|aPrzkUu@lOz7E~3r9#v?n<pc4$=*;G
zYJ^&DYj908Z?2jDh!mISUXDT63D>UtUQg1=>gQ?sgpi0DY9V)qpXuB+!#_Orw3;KR
zP_Iv9mm~W)rVHbI-c%lp){xG*?l*^uPdAjT3I`99Ao&rY3YD?fr#_m|J?}Vo>_$cH
za6mC`@AvRwu42K-%5^TboyXFfQ7v@$UVVm^L?N2u+WEwh3>(AS#|$L&p596cgzVxH
zv<IxK^TQ|fUId!Y(l|sn`vST&ZaqHA+b_gvDfu;G&9B06L(sAs+72vU79?>W7dQ+`
zSw7iCy$&0ESxLy)9O$d<Il6OiV`fyO?8cgyi_75;({#G2XR`J>`xVm?EJUSP7&fe7
zyknP?Gin%FYQ&s8a`)zZcJw&{^Dbk`v|NaJ5bkTd#O~yF4m(I}n3R=QetwyzRNCBY
zILAmX;mzY$xpDI^f*O)p@rhrN&T*kuKdUKi_anj+42bgkf0RFMkf?A)ogujM4k2o@
zf#S~QuL=5AoXqt)cDI6QY20A?*2+*<9I2m=<>GeIzN)EIb={olc0;hrkMEu%?<uai
zgnipqL>9WWp5E>=Q5z;YQYrMO2pd%gRQBDoc0*=;r9w5HYc=Ol1S27XicPQV)+QFc
zP<0KR@9E<!^r?=;G;YyOJDY9WCf0n|3BW#`2v1$~OKrGg-DGIkDir6fqa-$`XDLry
zH&?}ADoNj4Z0Ej=L}s)5JiRP_a?;H@ba_SGEy@QAO)()p;bf_QvoZSIywcoemtbv?
zaxrq~=toQS`FFgBVOAm+*^O^iC%RG`5>&YqWKz(s4!P2H-ffIZA73tz&@Eq>iYdyu
zY>{UEKw5AUzkfrnoDlB@E<3?h*SQnYtAZ?hyK#}cu?`U{gxNwNX^fw8iO8>M+<SDE
zT9BW`wQuiv6N2@1wRJ;eABBVc(j9}+yGh+%N}mPozE57uPpRhmdQhr#>+oxmoL*an
z6ggJ&4q3^op-;XPo|w91pY!uW7*Bvh+`@XVF0NBy;2+*Y$bO3a5B@vyPyRxFroWN@
z#O@FBD^j4LiO-LYcyT-~T^)mfD@-CJ&AKx0Xz1rdk%b^!l4LrA0ST*UW4foot2-xp
zr*V~*s`b8Ww?UNw+dD5$?45p<jTeVuDAC<Q^@=8H+q;Qlqwdws#|PA~Zl`y$eoWU7
ztckAo1u&gHJMBW`cyp)0BER^#MJyA$rFS2h=+E<RwOzf|h&mT9{If4+o8&xu5?MZH
zzJ$q}FAsW6+bu5TA)hyV+kAdgf&pDsFH7+F3G-<Ak+zr60iLK7$$f_>o#s^cEZ>vP
z`BVp<os@DW&NAq!B#ac=<_LNg_9fhc3m_1tKx=`j4NF~ijl*8uM++{;DKrdfRCTjY
zXKAly!SPcvi;esK+x?(C^te1rJMthd9&bc?`iK^8)#65yGRPI${iuH-^d<O3Nkd&p
znV~7Z6n<%fk<Q3cRJQL1mmEoIYBo*zns151Kzs&s%q-%Qz8nSF#xu@Q|GeuPFEX+O
zyzQO=BvcY498IpPP^z_1T{B~#KA8L{#~5R>F}P9mo$H3guG@_$r$!kZOAzaQ2d*{{
zTodOFI7{2?w8t_#PVAZS3qI+-Y3j@Q6xfdbXp9a$B)oVf&EmwW?V<+;lfm6tfDk|C
z@SpQJ7<z3ry!M;ur-S~rrTu-1r0_@Lue=H<4_#VwPI)Xo&h;&A;)ZX7sApYYc?t5A
z)D%5jsba0$SfyhnLI~vyAG#ZK)jXu?O*~ZLFes(NHuNg=ZmyX=@_0X`gStUIxm0r5
zVj${jo3!!Sq#2J(5dPe7n2vb!xUWc0gZ9B827BjJ285E!?4FMXRMRzz&{5H04EzGi
zqV}9iXRD(Y8kaOv2hZ8)A^3J03M8Dx9aet&j#_%eGFOm#Txk@&QRt>?gfF?s-1eM|
zzMW<0*tmwR3|q)_HPbGCgTlCePR0F(n||a0#5pd##M7iaE^gWYDJ~N;NWa5?dc0MN
zgPp)q3==_fAz8wq^tfP_@gGv&vZVVc(-8_SzXhxZRd)_V(Xr{<QJIOi42eC@X@y?-
zl?q~fkf&uO`+d3@)ok4Itx2^!&ZpdC@5gb%*y#4+HJF>cK^D>SVegYNei(gT>zwLx
zZ0pgCW+C9%xj2F|f-(Bk1*-z9S;jf<XlW|>dV@Inq7^bw|KVT(2O{p<yZzPYldKDG
z=(!Hwl45I=bG$1!mMTGp!cb-LQ{>7ouwPYQ#^Vhx-qVyMRO<J_7d;NK+uxgnKpQ4n
z+k<7cTSMy~6$?s>js73T-U2Mjwfi0h6hT0`l$I_LMM)_|QbJORAw*I_kcL4TQBb5r
z8j(&xkZuqIlu}X}3F#UJ=D!Dz?|aVmy}xsPT;~7|%<#<f+|R!EUVE*z>7IK_cAsEr
z@;HYYe9J<L;rJZdmb&g*Vw}T5;5nq^V}2X&_3xYa=P$a2J3D?H4AAh&ntWgB9#@}%
zeqVT@KmidSRW0ekl1%tw^CM&Lexh}AhSbJ~9ENw53hPgF1F5;szA}DD`cOr*BIZ;D
zE3(Shd*1PW8q55Zi*;kE`TY#HQ#K_S_@C^#W;v)Rl4hH{5ErdDthoE_+S8Y7+su;t
z{qCjc`wtGsG4?bZw6B=>VOpWhy8^Lqi)8J;Bjjwskn3(Xao}r#pgYTkPFcw=9nIPN
z8IGgx4Ixrgcd~lro_@hDefv=|uL)b8AX28Ya*z`mKH-i+ziwE0P8v0ruRa*P?i*m5
zVdXHoF$J;cwng#*-1O!eL!7Rc7q-Sea*B;^s`_YO;-O>_u)X>^B-7hM%xCQe$%!S_
zPlLkOWdsi4Dl9jzx6Iw5S5|zi;NL%S3-`_*Y{<K<ee<KCUQxvSRmi*NBD;;%-%cO~
zQV>Ek8s6JUK21TVKEP(f#-vs3&h>Gh)>)tmTeGmG$XU!4>}`hzA&Mlj<izi2sz9zm
zD0zJ?M?<d%;m<7TZPOJH)=0r(fw=76UwQh4INC?A^*o@$=`Wt8vAk_Pw6?W5ZF}pG
zLk_$^c7^U?YCSklWy{`9yNGd`=Ps-dV8KRy>wk~@lSh%C{U4Fv|2X@f$WMxggVRhE
zB>GFbb1v}RIr9(9DB6xY+ZO%Aq`An}hqDA27cKQ)_sSY%>m0_auQq(9T6%6JbZ}uR
zLP?MDysb5QD)JBs*Rpe)Kre~c5a@tVi;fnL<9C?G21x`rk5td`;5FOuvR6l<w-_?;
zDGaqQmUWH~B^;7PpK}oK){DkAh?+=w=jQ_V5KMbNn+qk~Db#XMpJW&Z9KJr`lutz`
zJ$)=VcR)ZUl>G{M`m_Z)WvH_w=ADfXBwNDb2ZM2Kc$ND<ct`6_V=p3O%FUyT_;cir
z3S7kAiCd?d79bBL>1E$*DFqN`iiTe{b<GSNGV5yU?Cn>lBX#ea3p$LOq_G8a+JCUj
zv2{sO{ntm~taL%@t+vD($Su_wB?T_fzd7m!^&RzsmP!-MB}3Aa-FKMZs(+JR!v@hq
z;!^|`9E?47?Ck^2=aA9O1NNV*pXFy!qt?n^^^u6l#fLc8-z66uFCkt(A?402X0~^Q
zNu5R7ju)h>h$0gJK@KCy6s(al9@Co&wOQNznGNv=bgX@obE*v`ld@e3Sq|v!oxs0N
z_Op_T4nqM>v=XhLZ`PlhA)I@dui82bbN5oq;JuDt-UdwwZ|CU$lo6X&H&hVfSBz0J
zwh4_g!~FkwB68r>X8%eoR3plqu{uYe?mOJisPEE0DuLh=kEY(<-?}+uf4*N$9}ttv
zk=5ey1v3-u#}8^AVOcHMM5#^yuo`X&!nMz!X#%H|SZF9hdl1+$(0sqVXAOc6aJA{|
zScF#6<HH9<2HOIisLF!kpV<JI0M<ygc6R{;(?y`y1OOUe1G?zIL>;ewpxSyeB36v0
zcNdy%F5n2VD!VISP~yK5)Rx-vyv-<Y)Y4M|PupAoFNsuWhNa45&HNvIoZYQk_ksTk
zRSA@6t-q_1g1Q10UQC-{%H;*iN8pG74jou87PS`_p#BE((zgmbI^J@SoAr@&1mSQ7
zq6TubGJ$9V_<Ds_5%r4<Ja04;3x$sWs9_X-=x$$A5jcN-6$Hj<dyq{08mi#OT*Gty
z4Dc6l*hDT~)PB1uLk%V7*K~MmfO%Q?4uRMZlqfLf9THeps24#Y^oD4iot+&x$zV8z
zCCXz-PZXl|-_ovV=~Mj02k2vtwH+$|nI!J=ipy|$7@GSanWlvz<g~QU?yzHnplZtr
z7Cj%VZNKZ!`+Mt_RT9WUAJBimp?_LynRHb4w`BeHt4xY1G?M;z5%RmIb6pR#5n!;S
zks|fI&f9&O;P~;!jN+7MeoVB4dYn3SN+A;4;z+*KLcQTJR1{AN6lmZ^u-X#HK$j&d
zGSUw$rj?xO#S|kMn}kEiI2il&r(5A#W@TmFcyR&$>bL9fZr*uBw6rF)bcv4XSPQPX
z2Ann$O4JLh6mjRt<B>ovTb!79I24`~CI*lb*%^^}sP*Hy4+-Qc`t`?scSc>huY~H6
zmt&Q<+8S4a0|!mK@4@mCK?2HBP1~p2`t^txaK3`&;@!t-N#p`_-rveBKiEEbu#N7$
zb<}3a)l3g?o6pM5R=v>>)9_|fmu;;amq}O-uN<ne6<}$3cvO8M83QkutK*YZM(^%l
zMi0Lg;_%hApHgNu5n_U7y~9|o&FvA8_>^9lq)#*h)J?)y0VMhaWS6^Q&mLQr04;&Q
z8uW5Dfl;7z2<=DVB=B-FfX)`Q0|D-W@S#r%J$3J`1>I5{5HY1Aa2qM-p#2RPVl^O(
zJug1bV1jT(5Z=|7SzeCk>E>f2zt6u%{;8wLfA*h||K#AG$bV)Y2Pa?-y5HnJ(y8cx
z(_7G@P*+lF<gaUfpGW8A2pzQvMg<>eN!~t_uUBXbDsC8YR$MIP%HE*Kgp7#@`O*5Y
z*W~q9EL34gS{C+48TA1Ld4`q0ptaMg5grx>D$7%(0FQu7(pviU0FayP1Rv0pmJiAe
zG;luN&Z(-b6um{wIH><k-Tb1Y>%6ADZh3oq`lDaiR+0|+kOffu&;EaUL6I_{+%lxW
zSYW&L_{knpp+%N2Eit>z#6qTdxmua+FvdaguKq_=%`Y}KHq)qMk-~D{R~=zc>85V!
z6Yhr|b*|Q5G88~x285YR-SAgpI@vd~R3ILB0MjLJ4W$dK9(=hm+m#L9dGsHB1is0*
z*J9!H^qm|!rF!t$h>i*gd;Iv?RnWJIo;w$5l3_N}oA<Me3H-L=^wmhg1>x93K!j{h
zQ&R^Kn&Ly~k%+rHw{EpIG0(qxTv@XXSArpx3`ejJR3ePBrkcjBd4pjT>`IKF+|s0A
zdIJ0kfCRIF4Hp+|D|zxyAIN#K(N;*$*K#;wCUyMWZE6Ky8d}=dG{@rnmkRU>hxRt+
zoFB*1-3twb^)*LF_yvM0tn)vo+jTo3F%KGcpz~S$)EDi5Ow<1|a}8}uTmt@ZAWQ-|
z(ovWg^PEeD#+bPp8@IGHb8>@D?#<toNnc9yeO(VJriYOUgt+%Y<F}%0o4G%?o#O)G
z8|XU$JX4T%O9Pf=I&O!s)nNPDpHpsCf2Yp1^YiC+TIQF&&;_+egNEpuqkk)Z9wRw9
zIX%6Si|e2vgj}pzJ=2Ky!X>+bSJ*nGY??kx1E^(hXybG)eB9eR-mYZ6Py;O-aqKd^
zuO|3&)Y2ePFq`n!p@1}_uY%`fV{h;CZi0Cja{y|3=kwrv2JPaF#o$MFQ)!uN(8Fh+
z0}XPi0QKEf<szX8`noXt>vx8q=_0;woA1q4M$js#BY;wqApr<2m2f@C<RHj{h1yRV
z8E%t?442@vx?E%&OWXnI08l`3yI)({Saz*aP9u;|(Tdg;U$z>EH*MHxdp^}v^x<LD
zJ?YE)aHlu6BZ5w*%FNij*DPVWw^4qINmv@!0?r|{WFFn%@r{@Wc}GeBz&)e*eU51n
zS3;9eGL}e2hQHdDDQo3gLbQz-Sc$(&7OdS00T62T&iE=U37ZP@X;s(3h_X8+nzjm~
z&o!i#KZ1DuRO~SD3!v@#uBN6pf26<%&w_(3MeD41h~MkQ3#xNs5i%bH6%kq~VkLdv
z*6adh-$<wF=BXH|9yF~NM+6R#>=Sk-05-b6yKCSllzU}u>H8Z$KR>Xz_#E%3__u{9
z?i>8x3F!1^<1`cg2XXB{D{fl?_Vu9BpHE6A6bZf$pHJI<A0=wJN7(KHCP-Jjx2fk^
zCN(^7hAn<;{$X<r?O}T|0b9rYvkN06^j8;VUmoaS)S(_j`E)FsdZ!06ia&JRv|Fhc
z;=NE|+kc_1I2<p+9!SWLLHsFSI2wL<5$aUuX4yYKxgI(US)iRu$**4TEZ`TEqaLjX
znPd#!Gx%2HUi`a&0k^6lG3!qy;jE%l;8nAiia~QX7$svsQ>rAOB>CO#PXC~r_fNFp
zdOA=th!Saq-+%u6w)}4lwJYRWz=^(cf11$E$s;)D?cX?R5#GJGfT(prLPCO{pV*7}
z$}&j5?tRG!2KE6YH+D<Pjw4kMy<j<zWWV$acg#CcAzrX+swL?%OHwWT8XNij|2^_g
zA4Pt)e@1??h(D2E0)c}QTvBqL<lFA9M<fd^QZ*&uL*<o}VA%I)arHv8)sOST#FZ|f
zuQYMvy#zO?LPOE}2u;{oON*6(59b=6nD}T4)Q8_gkk|_77GwbHi=3qPvfz)y3Uv_p
zW`X4A@rZ_HZn36=mlvwsrq{%0O#ur-$nio`S@E0jBT(dOAbIy@Uphi-=n@!Z?3dB-
z>-81fdY)Qb7)G1m){_R-J(_tvWYAd`t|(usE<>M8qlHtKajyg1AWvq?nx|hRz{j`Q
zqCxv}<ODcjyDnt2A0c-GJds(_O(5IEi4Y?~DuMwgHsDU&K|b`-1!|njrEDXMw7>c|
z*o&$Ew$9*iZ#jeMF<|LtTVQYSEG+9VS_L=kJk}0VJDYTGpRN~^{q=^PfH&=(17f|0
zmKNR6zgL4i3I;cn&OAKxFPyd&jr0FEr)_TaPMdb#=$=$E@$Zy1wcDCduZ``9zP4=#
zqLc)ab>i2G>!B8$Dlv`xca-nnFZ&#u29R(h3vZ6c?EzIr=y~}&a2x~eyIrF{?ldW_
z_L-skT8M&o(Et8jyzCngl?s?sU-dT4;@UP4DP?M*)=HPhw{HUdeOI@Y0`tC@h*2=!
z4}X*1^KT<v_Nai-RshuH+bY0g@|p;y`*Ga(O#9Gv=+e4DPqyg|2(YVb=AShF1Or!g
zC}0}UGeSvTO=dvj<I^i3#Lqf7FomYqYTOXWO0~BU{+ba$d;ZVK7GDk!lu_@9mK(#C
zFGqz#8f)a_TM10$)&Y8>8wyEp7!k3q_q*GIA1uTFXm|lFIZz2rVfbODW9(mDl-)NO
zRfV6CNhrQQuaow}=s(rS|M7ie=<TWF>39n1zv*m{9BZew;wV6?4iW)Kz;c0j@fXXh
z<S`H|zk?qdkXzO<PvIuWBqKEd15-$a*4J!Nm{bY<qebzi@rcnuj_sX<M?|nA9SKt)
zV1i_XTZ6j7^{=)GG_Dw>JkCpzOB2%y{E#$Tt8Cf;LfgD5bc~(0;GKgrWLT?WZT(xb
z+xU8EVoWAoNNIM~o0(B7h_12gb+6ELl^#Q@7XMd~;yebvNwy(V+<yC*j2uUx#DLyd
zF*RpV%;0yj-S?irpxTx9QDgp6c#HvPc?ej1WH%r$AFZ&{KMX%k&kKA$W(n7vZA39r
zNQ`n05Ntd=JTTG<zcv3S^(X!CKUrv0`~N>#Xo>a}j<A!|yDi_o7Sd`341_XFfn5|p
zqd)*Ou6BI~+q@BoP3oZm3JU$%U9+|L8PADkd;uRQmQ<CM-@)b#_c_*|b4|z)(UHy{
zK*OU4TWU8^Sl|5AZhS?hv5*|LpnH2T-vh)_;B#iUg>?hz31-v4psiDrw8zk3E+E!^
zK2#(N^(YDaaWl)y%fWlpG)!DxHb_nD;g!SSD|=}z7GknX?^Be*<>Y06lLf|&okAY3
z(?dfEFwf#QueGvCOZx$p8=ZY{=&lJ}6R1S84lIz2@!%n|YJ@_M|Gg?f&j}g+X3M<Z
zwrGD$@r-J6#@x~5t^F<NxThc`BCvqIG!36l4{06f>2iO@ugA}PhY}JPy4c9CI{U9P
z9X+v;e?}G}|37Cs`qRi@XF3kK{GRDp1Fy1xk8||@@0pOl=R;yAL*kF%%^vL^EdSg;
zXk`BEA0Y-fIL;UWnP38AihzfdNYl#CGW@J>6;t1A;yhdm>=Znp8}^X+_Q2T4NR7pr
zxDv<%98sIWcN0L>qK=>d@j_D|wksuDqn>acS5+$G6pimx`>ALo&>7VvVGj@hS{m4v
z!)CIJ?ce|f6`PtH_=AITkLpNC>)!}yuCHD8WXy0r4FW;G<8BGCBYudRHsTyl?dEPU
zZTAN18z?ANRf<Q-7J|oy8<0pbMT()hDV+aN(V&v-^cd$|Jb{o8`Jdfsg71fokKTwu
zkuI;%UL8_L_8oU3L5f%RI5<Y#8!B&l`0}M8kS0EL^kIdtg;_;s|4MYe_`$9K;=(&x
zPDTi}gm15)<fs1KyvZ<(<I%#S3A%n8v`vI8nUE^>R95U6%o-URD=cJ934NeyPr${x
zGk&DMWZUPlQn%xZICgr<Lg?^qI=}pRO>9+ah2Oe8?^0AxSsb5+F=x;qsBr*!5Ln)o
zTXi#!wk-Xi?azh09k{9{z!J2r^^1*;z5wEcbwZ15e}%gXeYx0)bYMu=N6dkMCjNWH
ztKiI)!3O+h20A)Lp)V!tHvO(Mq^B<&{~!XRB?pTh%7Tky1ql(6{PDD^*BYsj|7^Xa
zc~95zrUl=AYaf1$kSs64VC#&q`SI|p;QYgvk@*EYC*j~We~k|R?!7RaIWq)4CF+c(
zvQsSd^wzn>clHBwMR}>&eDP0>fFoKShqKxiH_OvZNZ}-rhf<NH>(K;<KuZ*BknM>R
zxOLO6AV2Ikhco?6N1qO?4#>=IIlhh)NdPE7;djdgT*yEfC1uf0!r)`D26c_Q*Y;Al
zaBvc2JtSYD<_p(()P{J<t)h5qo&mhCmDJRhp!OQC_Z2_9*D-$CRUz!S%J78c!5cht
z?@e(ngmOO!NlKq&2O5h?N_vB{D<~aYoSoM|g(+e~S%*tmoO54R7AH<BF|&sB$IQ%3
z>zw49PHaLGhd1;1I!6bO?__H@ecMwa%m<ifq^MOe{(%yY@WicV(k`w?(&PtBO@RR!
zQgRQuBhpSP$;y&jQW*U>S*C!0EpGL!we0crAP)a^1H6o~=d7#|goGSTPsx?=*kn5o
z8(tp{EDrYe_g;BnKRxEsos{U9hxJ%WEHb=u<>C+~SN}Uc<HZndIUSuC9;{u-hw=j6
zm2)l8%bPlPMg4T8xKJwX;qm~Qe44@qFG5-Y1OH|yp};iEeoV;K=p}(MJ@{Y+SpwZ(
zok8K!F7@Cst#$#*mlV3pAUL-AR>Vi<HW!#KYRDsp$^%DK*d$x<LNBs0!?toNVvh|>
zDZpsi4djb6v1+0w4bgK%5nHDY^3gd9?hAc3up+s}bTs>0U7J4!C3M_*J5SU|n+Dj(
zxz@}svd_@=neYk5)>5$Xx3rI|aLlerKIsLka_@6CK!a{J9Bys+u;+fdn(HIgjM&67
zN}sbe*gZ8JIk-^MBNTC{Y9(#Fnu#|FHi<lOrk=Q`qrkaCj!jC+==L2KkE;{L;RUlB
z60c%Su`M6t7Z)tARlu%&b>=Nljvx<)sv=tdovs^h$74CEOa-kFzc{a}74<dzezAsB
zzMNCnnsUcl=;gdkC7-^`?$D&oyE=o2C%AWMi9M|z#9aNbqO(&~ZONpZC$GWo1^C_5
z{Lg`T#=1%WJ!wE68v2l}`F7U*nryDQewcgd_90P06i~_veX3!X+}O`d8W?OULS{Q9
z@kKf{MUlEW+BKb<{Z+H##>O16hjrxQFRnGe!mNu{pIYik4|LmW(fRU|KN%Unv2x+#
zfgP14cK_)4_sBnY6#1F|8Trp_{E7UejW{@eo!?(I-R5Y$g_;4O!Aagzd#<0N#HR}{
z<S8JmI&Qw~-k&cx-V64YE&GWaB|N}gg1eyi(P*jN(@FWD=~-hLXeJfdi1yP?g$^er
zF&5&Z<i^IxSy+nu87`>Lb9yG<z?uRrsymk?Y~}+1HY8=8Z$`!D(7p(EoS`g!)?-DV
zF<{KXTFSbt<0-31GORn(RI&FX!D<nf-~x~nnJ(TX+4fTMFfwB7in_9$khlJbh97`4
z(CdmA-+fvK7Y4k~a3r;*<aHzu4%0k+nU+xQL>s7qx}UaSOy~)B12_!zU=m(n`Q<=l
zs)&8CmFoRVd`TH3+dajA#ZEZ2kgc8SPaDYS0*)L4c|g<4;D~itojB!<+O(mP$=h9S
z-vgiFD_}}uP3&iGZVt&9w?m+CcT`>jKCUrU-nCq=T32)DWL?fy^r+Qn!zgO@;684a
zRI2(i?ZYQGp`v-kj>3}hMaO-#M>J-15NxSHR|OXXM?lB?@Jc92ZvPx_kog+<rU`U1
zGorFE%Je&kKeJxHHXkns`Xby$FNQ0azTjo!lUU!pNqOhuW(&YgBz6)vDn@tl(|!Rl
zJ|{U960J72r?d$lrKP2B`{K(GQl_8%0W8tPjzE`LFaw>@jv4oyV|wn_#D@MLrL+&p
zmtB7z=QiEEKIE8A=Pua{3TuIDh6fn2@sW89cA~Ks8O%jpfunn@a9vIp_C6DoLlGV0
z@QcoY!}4ei7ruO1Pxt!|z7{5Tz*X^u@K2n8tD}Q1crvk~{d4_wUU7gihPEaxZz?f$
zb#)c0L{JyYEnMvfS)t0lDtn}$JRRh!q=xDm8r`AHUh{9drCrcTL&D50ou@Xi7INS*
z&q^=g1kClG(U%kRiZl(x&gQzo(}65%d63FZ8PAHy<Q-Pig&fOPiFqH?txFPQ8*rKn
zdnrCN6vCw_!=LTVWm)_NrrNHV9)Tj(J*FVFn*7Yza=!dYMuUM1pl8eN`^7p<KkA}5
zX+Cg%zHH!9dNTrLpjK+!%$uPS%lA#0Ny?*Vq^OI2+nK(K&r?>;gu$7SX{TKXY+-b=
z)tT-oK|%p6`~WI78=d;A8(dJB>cQ4RF^AQMxPOtv3x(y=z0TVOTDDZ>hUuN%w6yYZ
zmL+H^q;#QxjPHiTC#<s`udm}H%P@8&T47z@A<*?Kkz_f}xItpN_$1q)S*`lHVa6tn
z9QkoM^0%5QdUMT7v%rM~a0(<EW*fGB`tXC}&NUe^1)qbze}d}(Vi57d>%I!uXH@d5
zyk9UPsZsv@&*Kv&ng|N)6XdGsem_%={1^V#(aR?U+9fHR*P{IE@hW`kW0agq2vBu{
z62=VDA^=wa*&!n&JfB+&s}4IG8dN*z$QeLxxsm5F;4tVoP;h$5Lj--Gk<72_OS6R1
zZ>sfkbrrd3*7h<z6<#VlRh0U@4`|lgWFAR8$avJ{B^9z)dZ~(QEq_uZ90OQ9m>|Kl
z4QZn*tBuE?hK5Ti8F{XygiSX?jjL7=^X^d)OwecwbNdj>AF3E*=KKk6y<aL~8$WM1
zkURskSkLuokVWX_Xg0x+8Q8`^ms4krRkp_UYt~O8kqGJo=noa8rlz8^f1t0@s3||R
zTcg|Lod=oVH7bvC?=+GEfN(MBIhib9FuxY6+l=0Oh?kHAPIlc;cbr1@zdN3O{3kz%
zcIt6(ahwjdZ^+By{Qfuz5B&L{{_7jeA<ogGkhbIC9RKsv|9%z5ae{wfp9d{n__%TO
z83*Sie8ooo-hYq$^GA`N>7S9GHTzHGUjrpD20s3J(f@q$-M_A&0GKH_YytG|05Py4
zZyl^H>s^0-1!oMM$R|%guUoY%jD|^Yz~6^N^L2JM)VQYP$%itLe?{FE)VvOeC&7xt
zZt+gO?+~a#fIEEl;#nD}eBSPVs4i;D?20OEx)hF}@$Wj^Uum$IfZ+v)AbSPSJQ5`6
zklFJe@CBW8{PvVjEAOP^U;`f;NGw=H9T-JqAxme508Si1d}v&>QWO-w?o&M?#Dv=X
zxdAgw(%n~|CnSLD70N2b^SVf==q}WXn(f1kl<Euo&Zcf|ZazNf7+&pFTDNp#!=@PO
zDq5smYQTBnRX6`{Z{RwUP{Iy91g5yE4r9nO1Nr*h=whjvhn+1yd$R#Ou|0HbXk&>)
zbxl50Qea!m2g<*-A~(#jM@i}&%B(=SSm7`#VM9htd=Z1O%-(uXvN+C5vIuiOnvB#9
zHrXFuu?K!XcK7*2rr$O-uNa$(CMmk?SChX1YmJefKIgt&^jyYQeOfBZ1G1V2hq@;p
ziY|}ara@4(q(j#jHTZAp=6=fdAC+;7U)|gkLFXHZ%z?A#;a9rEiOeWz&>=kpv5bck
z_U%DY2AI356pD~0IXe365*So;*kof}yZLlHrk^RwU%mQiIgdXSa1v<V>TaBO`XReV
zfnz)Q4T3H3U8P|1NzaR4PcWneN;TU~g-kD7A)cN63>K-ZdqDA?P1aheUMzy9@PwAh
zgw7W68+Yj7Iz@7oW1@};fXg=AV)ej{2Ypl;!zYIRHX+R1&@Zt(l%0F6&Y|v_ShFVL
zeKsGFoNgzIXjDyIJx;@!Yjb_Q%){Qv$qAY-S~+@!i32Cq3qgu9IMDZ?)#mrk-hl$Z
z0lfLs4XD?Pi%XJQ@48KQKKqtu%`aK6E1V2=qY<R??1d(ELn=~{emZ;3o=y)Sn&^Bt
zYdxI?O<E7D{zAi@!pgB|ZmJC_y4d=%1Rn9DT=V!GXU-=mDx42+E!Sk)+z$SG%D4P}
zVs*Qa!GIB)_KuaCHR<R(kdT3q?J5`$DReCAgU=B?SmW&yTU5%@d<38r+O(7m48&V_
z??u6|(5yoiNXDkDu=~MYcg{2Xx@Ej^Z-pdyN(vN<DHzrJoW^|&`{BUm+M3*nk^pGr
z98-PcJ*D4fkx@*}9YBo<wBL>2k&q<@Ap0~vAxUn8&cPXIhjzArhO39dn7;eUju9v)
z2uSFElxr<>G~M!rSwcw6{`igcv@=4w$mPiRu7<rTYpsCIer)5Ti@%t4Su+YW?AQIU
z>W&%NPIX7e6)@CGe@vr?o>(a{Yq`G>WDVN(^4JGV&bJW+HHXRa`YhS6p$vrAZYdIN
zNxZ+`3;i!OaeluN{BQNX`>+lrz%ZI_QfsE80(+y=Wp_mme4(Aa4x=SNo&dNa*48i!
zp^#Nvz@Z}f`^-!BVD=j@&rd3TzcYAua(o7b|EgH!p0vxoZPic!p-qXSKGkPub6*DX
z?dro?T*|2V`@jZ=O<Pc~dQlL3Q=FzSlKBBxqi%cruG7ghmgUkmUpZ=PN?+MxFvga2
zP9HhcDZs}j!v`$u1v<)J*Vd4zzUkF|F}ka}mN3tMnwtn9CDAB?)r}3q5>s3vnBM~i
z?IoTKJ<j)-UCjiHs>tJ@qa}8ay8nl^5kmg-8zuYeOOcs*4Q?H(Gvhu+<&dxvX_E#}
z@iwcI?>B*T!_3jzPYJBDp?N<FV4i1N_mjcm>37ZMzE?4PGI=PNE0YM}He8fO=aTTf
z^S!Li!Y>4?@mNP;l*xp=R35tOe3jm0ymQ`?i3v9H&;EPl|9KSo8UGpixeWhAe$TTw
zI40j*l)WK$92?R@>FS`mq_iTb#)^=-@=#HWJB)~Rs?U>40g`-%_D{U|`7xXL;3n=G
z%M~wb)skBO#~q-rOe1GzPRakGpCLU~;<1zdV6f=rccK%-S$ci3yxP}wB>m80It~CD
z^8p_p+y*=^86I7L){D2PE$6M?oy&KPteMn*cj=4%1$FAAg)5IKM2@{Z_RbS^+%o-~
z&fx>k9z7u1UAPM!cxXgAqu#yRZlvN?7jYc(fztEcc869!qGl><-BJ47?HE?ytQMFc
zQnDtJixV7f%r@3Gw9jAS;0Hr!)_(#|<I_si{ohNs*?FF6B7lWyX)FY{0trc24S7_X
zj|7tulg`=)G2LxaCJF0!88w<xwD_`q`VEhbkn->gNvm!L`II+7BflI<_f5arO(y!o
z)@ZELY;T3%i>qUNnYT9|xCvAgfqsZT0UEFjV}l$I6)tmdyn@O^Zz<9^keco+hv*8n
zZ)J9)=IUKxzp78~-+#GX^6SGe14vvepk_Z=$5A|-11(&K(Ofdx=YA0KG+sjGX@9o$
zlLx@qd#f#EpN9MQu;ZS9d6zuutg|&Zv-Wk*{Y+F)c>TI(R>QgXCDiHl&7LcuR#(sv
zb^-oKsPGkERQcZvrcsh>aS+Abel+4P{a7W`THf3boc+B~eOxr$d7b|q5LUPkxVgEn
zc3ZrzJ47u)`>IcGpdb0`-CPMbXe#9z;4}rboRVo3)d{>E!6!2txQI>2`P5^v?NqPB
zy}2*6XfWj1Tpa9Py-eSqr$yLv>6J>1ZL=yj?SlwDwkT=TJeW4X1TFtwfEIt3b+Du7
zJDOKU+)UBf@ViBDStUI^{b}U<Ahg4=lU|%<VzqsP-2ejw)M^ZXDD-htPWp0ey6}o=
z1qH&HE=Lt<aJPh2rvfGq^-!5uLOpY#(oQl1UtN;E2gVEV=+1{yuwSPiaFuwl+%AMu
zfgMP=ECw_O+E7_@vkTB6wT2cHt5VP-e@HXzn8`jr0U>mphL#_IPHHIp&{d%g)@5#u
zlmZZkeM6)n0NQJOH}uN5<Jy(O-6@dty8V4=Cd}t+H!v-a?D6szX@+DGZuJ9o0!%D$
z!y{dO0Ab^!OnpNOA>1QPs?gtoT8~BsW4^nuQ~f+Pub#;5z;G!bFVfDhxuvD%!Q$-9
zOt6pqlYc9jYGs;!mrNGYRj~6NrO+(-d>kxjQ|}9~1=YU%xNqssXdGg8HSgLBwOyk&
z*&GS;1o9;2HnPZAaOsYE%2`@kDxpt%FkA@f)x}ixeM=_D27?`_9UCEPW9=6~`$He{
z)_9Z7&H;!_qaK)8KKj~@Qfl*Ct=~@!9pkUaiBg~%7EU6{)5#4e8~_pnq!}MA8bTiC
zM-xy_Upm$C#n};!2kimS;(iIC27NJLh+<7K*DaURx)U$uL$fN(1#o!iN-;fbLBe35
zJ?a_QYP(+{oL~-$KDdeS@IYY%dFG?+vigRGhEW8rywFgkqoX^c?m>m52_I&5DkFGr
zF0dn#(S8)=XiXZ$Lzmx8a58|EFyOqRjbU<x1~PdJN%Ial_*}!S(Zaa~^9X*#O6U^v
zw*TGkX65wQxH`683KCZtUNG`Oss4|8DFj92^`4h$D^^?gdNhY}G{-HKoL>D9#E(ls
zdI*|QH4f|x2JqZ{iXw`BPa9#xc=Su~dw>7$R%g=2dy(Id-MoOQ)cW*(e;}P^)rt}O
z?2K2(^7pWjfAQZV|H4t^XZUC27a;o+`L*S6aDF8Zt8y1+cN(L*Y%c9xyrtmR^yKJB
z26^;0&JKzz<P;0M4nsXUdMx4<Bt;o`U-cVOB@VaNEh9f^A)dic?!4#RioMJbXu{-#
znig)MrU|N-@SN;ypcPCyZ`Rz;uUtKwQ>+B<rffPIrSkIBtH~AP6mh@JG>b<gMa4Z`
zz&zlZmb1&QKMUvJeKe%y_b#`}fZ<{<O19O(82d}K0tuoMLYhZ^ZhH9|_BW<ePe||G
zAuxVKG>Pg5H1qeLSl?#H9!s$2!GhY@r)BVU&HDYa!;ky)hwQ0m5A>tc)7kp;vG2%J
z@);b@6Zyl#G>!%t>=8y+QsrXbaf6Tw_Fu0QZX#}}J*(NIsTI%a(buy*x+GxB)U_4c
z27^-(qem6@wOqMpi%A(7ThucMMANa~S2EY~88Sij=n2>dXbEO#)5%kQ|2vM7=%i~0
z6HMXOK6>E&*Q?I_Hf&Oyzn==9RnJABL&c5`i6ep`>t-UXhs79#lu_c2<n5!<oIJ>X
zoA|<H{I|j%q@T#F1P>NNzaK4S*0766U&ZVB#RWdBU<-p?u*b~^7x=O3j+JmH0M%uD
zzT1B)f2iAP+3N$+SDt|DDg4NZJ!v7o^Pnchr|cMWL~K3uR#J)Hi1RxM9y1z<I4O3t
z@EOdCiX)lCzg2IImu&u^n3>Eh?nxr1<Og>Hz`?K;b7*J>80<CJ_Vew8=nyK>@Sk1<
zW)5~F==;_wI)u-Jn+*QF!Diu7n9TubK^xx$9N#tNhvD@STf<*IC#OcUSfrDvu6@ym
zw5pu5l(h&nrL}k7N5kF$F=zSvo4GbRgsY=cu#?W(tzR&cE)mfA)2Cmgq%c!ZI77Az
zmKp<3{D_8%0?(BK!vMT?UP`(<tSO7ZdC&q1d9jbl&*FVf0)t0U^#N67oTVp7=z*zZ
zy89LI!$eWXUq65D^=WI!g}mn~sm%z72ccEMAt?CC%NHoBP-Upp6z&)3Y@I?Hw7l}u
z(;H|Fr-CMmaqi75NOWJndPTSoyd<!KwmE()T|QWm*^@&=q_32wMe~8|IIvE+Q(?qN
zlOPcwabV{`*AA>xFt_fK2=Ub3<F%GNVGRXS=dq9_80*r%<pq5Rq1sh>2WQH1?1?%l
zf3mK@Sj0-zygyePI9y|^oYwx3n*&;C2h%^z*Jy6Y#zEB}E-XxeFHrS%A&N<IK-g4Q
zk*HZ3x>~?DY;A8h0k8(FO>b^snI9Y+*ePORNO%X}a?!I_Di#BM8C7iM^<@#@|4baV
zK`@Mi>O}s1n*V?$Q%h|wn!4N<#(vUsNns_J(1j|m1K$uA$imj5&CIc@u$fn-ydDob
zcJe}BK<`y3BvNBzEls!u1q-1yQ+Cqx34SnurNeoMVv{Q^{<=)gHFe-eVf8tQVg{^e
z!B1ZcW_32fAI6#@(b2^xC*Pa@L<D6VKPk&)djp5DnKD2C!{dQ_JeM2_JXQwg{7)~t
zG~|ZUFV1)XSyi2D6%eqelbul>Do1xgl|N-+@yPuHBJ&^N+$mKsM}kSl{kazje&@x(
z1-oN<4_>h@5z6kHnL~#l=m3mI0#BT>g~|!|5CDZ@1>ILe)zhobarA&SE&N%##r$<W
zox$R?vS|;1NV+_r{5k&R+@kgoc6KgpdV#-Y2LYG%%owsCus*<<Z;zz7E)QKQG<g&m
zNjsC1lLINsP+oD(SXLLA&eQGB=d!oVy5GMqz1iSA)jrfc%ZRH*K}i|FnAj(b>)HuU
zF8rxQ#@NXJ>)#{);!)&3^UugH-0~;#=Tze0)adz5SHc<8^X&1vsvRpDn;P(T5c12&
zc(9kA@^y#-rz-LwWBLVte&k8xX;jy*9Re7BF$@*U+CdZOwZUu_5a|{Z=;W@{?~~Go
zWdN>XJNO;ee&+p~H?f9K(+4`Viy&t+p(`=d0W9zo35hHE$4%V^z*C@i=Ne-WxdnA*
zqz5490Q77_3lW&eW=J5ViryQFNlf$tlpZQ3$fuO%Iwm#cUqVb+f)PWjQHsvpG*}_<
z=Jxh=FZQ!%$?wU_2jmoY9jyT2v`(@U#8(HhHCSrsNRF1{aR6wXFb-j78~iMHc$5Ud
zrC9(4eC+rJWCh%SkQTQD#O?rn@XJCL81U%Ang(zeRzUPPfk>{5)n~@OLErHnv`Qz?
zCx0mJM|&Oss|BvOL2hbt@~LqAJs3!aOG8IX%e6$V57{xCp=%8i?!SDX>uqdaNX8js
z25V`8C2HM0EA2M0n~jgsM^@vH8?V>3d)!EJz*g!6adY?De&A4$!N(KWokdA(A%9e|
z(r|kDV1L=j;3&L1o#NC%(BL^VFdsp*T4HJSHz&3iDUNoc;A4M_^S_gq=DM`{vqwpX
zlTc3a(KoCk#Q*cx_$m^_UGBnFCT_ks0`z3MAS>*q!9$T&&zB4cnin((!IH+9{PP6u
zXJD~uk$=V>QpRrP<~;u%nJ?Ta`A4AXI86R5WQ@hU&dkWb8cmBVOiZw0c6#bc80N6H
zSv4M((JZ=Xu7iLL-~&wOt0q1rK|G0!gvnWP#lWUtoQX$-6kR<JKr#|g;B>Z)(>U1o
zR~2$ItN0oiv`GRfqbr6NnENGuF(3R1ZAPlrfDsE5)Sz!t0WC_{X@paynao5#Lrexg
zwy!;b=b&HnX&-+MpxT>$-dhb1ZJxb&@g44EC~ms+DFn|vdGe%9)q@eDAhA&Gk2oCc
zxoSSAl3q`#1m5>>J=0+ggH6C!16cEb+8BLmqZ-wXff0>h1~LFI1d&aX7d~c}N$JnC
zva&XQNl8pxSX?x`L<V?u44t8?b5}MG45WE${RPtZsU`vz7?>R6)*|-F8K?lTvIa`n
zUJyNlQ^Qw-lO$^Mwe^d`6?t7#JSr|V@^$5zWr);p!pi%}kIn{hmL|f|$_i2CWCjp4
z*3K~H#EBDN(W_WXO-cC`f_qCQ2RN_|02Bn17GaY*1!oM{IJ3(Gzju!>(f~AdzJa|J
zET?uB`mxheLj-NNVxyuopazTi29qb4J*O!)#6ICVgXy^0yj=Xz(aCywNhCUz*C-(F
zjn%$`J4h*cB0o%qi|a0+Zq@17EH_O4YVKG4+t5_`0f2qURjyH>^iL-C%N(vn0nd6=
zOF{-pF-ihFF))!Ft{nwmDl1D%@u74LV1``V15O__`!CsR<rhz%(gJtC07L9itQ|Y~
zYQr?)=pg)65btn|2h$FoR>K`fU(Yw?_`QrXDBlq8DAlRq(M73Hm%VvoVPOHC)@8Ut
zL?6H=0xIy>q$DG-B^<3BW8B9#PVZ;4?1~X~)PIni4XEnP)H`?Ys?^=dC|1LJ^AZW1
z;|F`r%P5-i(}^WC(L~inP@-U)+Ijje8<U|Xa7wKqT#Qg2EzxfZynXt3z)fGrQ@wWW
z8Zb9#g-oOXMeWE0FR$`AxPoBL^~tLS;MI^F-u@zENePMDG3f-X`qxg&tJ+Et(l4S^
z=(5GtemT-T-P39-E+Z~5D8;*B5Y>T={3quAmD{s)6!}m8GxCeN|B3vcC7`*G$FDP6
znPlAHH)>4R^Pfc?K&q^ylpyWv1qR?V`8-!wvEGW+nWiwtFjKGkM<c}bj@DKn-Y&t6
zHGtS=mtnoWg)2Yl?FO@ZVAKVa+aU)a;aCBI2%t$zfKXtkS>}wty=N$b8;<Wh10!m+
z5aR7Nq%GrC<oL$eVsr^li8#^8e$aTQQnG&NKR5%d1i9j~b#Ph#yVz9_Cu0C+0`4C9
zvGvP*aD%169S4lNJ|>#qy|zL=V4{a?TLaz){H=0LXjb;VW>Wxb6t;(uf(RkG`8YYj
zwZ<g(sOT&W3k!o+OTP<O>BmS${r$(ij6IG@%|OpDnC>|5M|IQ&9VoEb-2g#PY;T0l
zyF{s=&`|fqflokBXc7VMB)DOEif9>*BJ55E#6g$i1Oz)kHp|K6(E(dnI?ecrI84-4
zh+Z*wH4!tjzD&j7n}L9+s6`-;O{!a$aTfANYP%C)H+i*RhldThtb~KI|D(A4Pctr<
zVXJ?G{q=Kf6{8&eyP8ps{>8aPbM(L~Z)IOyv1`%94GIs<8Q8FojTH%`qw<Wq*%VT$
zDdiUUvCk9miPQ8Ao?TKYpc_Z=cuakknWVaS@lDZqZ3U(?H+(~n*7I<q*mn9s-qKRi
ztNh&I?Ze59Uq%1|8YA{@+;*B7dhl~#b&)2-%|(W5y9r~odr;4=B!5?LdvEu{oA@G^
zGa6pkXM=-Y-H=4Km*$BD`!**P`$;%Sac-SRntFQ4&~1nLpp;=T5Vwh8>KtdfG&5ZR
zI%;@1kA%*(=IxSiyI+~-pxon_PQxFfFLkG)z1UA}<F5F=^~F&1b)Y-gyGk0RZ4SG_
zGP8@v)jn*b*53V)V&b`{Uy;9_nONy|&}(At7A?Rf@D7!?U~KZ1W8l|S?zc<Qn?utI
zSH=>)Bhg7eALf%`+=@CkR;s?eTbc-dcF|}2z`h^phW47RB|h9>36E1+cbqeCApD-!
zfAL&7U|N=;vMNf|k9q}8?65eZqEhSZS0<jTPs!a-3m1~FG*MSSeK^seHYulPC1fbN
zdf@34+~J4}Yg}JwM;)rlPYH2H?TO{gy*#v#Ia!_HVc9-;$)P--(xeCK6b!wy{a_On
z{f+5+-(nO9A`cFK>Mt_&K3E;R7%^xsH&OWpS+MUXQ?9uqdiRI(==MQLqu=BbORDd|
zXqqzdwL{TmDW3IWTm2cuOD5QNF9z>k8s7avcB&uLITtRxDY@iUKIK~NwegFecd+;3
z1!waWNw+wklMxU4f`dMO6c8BM(6cAMKDwv3Pd$@Xa?c>wG0Q5A^+^cbDV;&#&q-03
zxd7b^^rRt+agAT^T=Kg}Glmnaq;eX%#Q}94KI>Oozr3{h$$I%`9cIWilWSU0W#QDf
z%H;!mKgP@oY1wqcorUQjJ5<+~sIGcnjFx9%OR&fJ0U&|(+ek&%T}M7XIn|C*R9Cox
zK{pV$er#iFNP2uf(>QiDzyTb1m-Qs5%gQa*?RJO*KwG^7tBm|I4}1R5yGIwsd?SA@
zALt+IF6W^Q7!lcrHbRV&%CszTM!vx%_mm4PvNLxW50{fQ;um9D9-We5l5nP#)XXUs
ztRXXF;af^A9>dGMI6Ece9hvx3)JASMrKQ=SsJJ97^L|66)k`5;u5JGxH)_a|$t{<@
zlpsY{AWiP~-<b`*H|)N&Lr;Zaa7UAz4(D8&IhlHvjlu76%q6o>3ZZoWgPJ0mMU?G&
zvuT)Gsmkpy`s9@${u^|BJ(0Ax7H>A|r?WjBqciR<<08(S>OOatWW(c53c-!rtEo%`
ztvyxw(kbRcotfCkPxSARfB7i#)BiK_U*Z1~`Oj40;E)Txs$f{o<JH10wyR@y%RTyo
zj$>a>klfl*^f}wEBh_{nck=XAp`!7O$HswEj0rU5+l^}%xv-}+X<Pk2E9wi12!a(~
zSNEyprOl`D?Vn8QJl!{gRZqXTReDkxGghT-RQ)c-b*th%ZU(9PtbUO(-OTQX_l|0a
zrTGpcgk1LNw+_Y#x!J5SC91)K?SuQ2bN4p<ex3_3u8%%jV=>Pnac#^lNd9ZT&aDmP
z@}LpJ8EYw#wO`pE9^i_Z6!*3bcz@&u^BXZHrb_fMiyAs->DKq}qvHu?{LJ?*6%4JK
zQbrZg8BC@tj2f^!BIcJQdg*?UyZR-5X^ByENLM=}ZMeb?<2U|{g*{5{S@Q+guCw;I
zu2W?mH>%uv*S=QW%FYz(l*%lqJ1#iiz;S$K(M+56MS1@El<U~-O%3mfZ^~u6CD#`D
zYgj0VCX)##${%!_ImfksH-s52@Ap=`1f~6Zz8E2L&r}o@H?Cd@jW0T2uDQ6>Iep`e
z`jsjBV-G6bhNVlR^!7S#DJ_r}=E&Z#QIxC9xi$Ai`wPD)dYaz9Z4qZa;9F=OytBMT
zecGwL4OBnk>(F^-<>}KXmk+<L8lXlEQU{BJm}*i^$y_%Vx%j5cV)C5tTePIJv6f!T
z`EbdZ<2y{^vF_u2wYB@N4{N(m(eBxHYh7H6tV&9{FgwM%ahQir=r&wDw3*xDFDoyF
zYIU$Rmcv!`?wGI2NoD<0D<2>{wXLFPf<pVG40<+-i%sZrMI#S5crLTqOyoTYNp(%|
z_FF5AYV~EkaC>wv-JlT7B}i^ruy4@$ily+%+M|fUVx4{82o#ZoqL0wW)~NJ@P{OJG
zVu5z{m4=&bnVGfY?Z#W_$FlK@;<ism42DG|j9Tj7NPt^?MhqXbwem^kI`eZ4wz>hw
zs2;tZQPF<Y=W~Nx1WA$g{>vfTA?I{!_++>?2I7!I5qA!s-k~VNR@{?BD~cFSwqmti
z>iu4Q?#~!ftL57L7(JhzsmNm;aAWxw&JVwd53fl}#cWuF2{v@J*3DoPqD1dz9KKGL
z!C)RIM|H4?9mpFU&^rsHqKIs*x-yWGDg`b`qgGXI%+`}$Kbs=N!QLL1c}ppVX?$Z1
zx9Md$OHw*JIi&$b<7lY5{m9yz%|IzaNxq<a!`XIi8L~Hnvn9}Th;E;f^HnR~Zgt9(
z9ejB20@3icMp`);5UB3of3$mO+AVs};lo(I|FmiAtg#fZ$_`B%qn|qM9mwfQ@u-m*
zJrTSZeexh&gjtel`S)&ejx&7!V3i&ze#=jzOVCZ1i?|x-GqpmBYQ(KCNmq*7?3$k!
znJ^^oykpo!^~u^3n4A$cWWfBK7vm|yUHSB(2D5rGM&o*0v$WNB)S_swp8c-!&g{*j
z4b<cJ7P7GsYb>ce8_KDV_+EE^s~bN*EeA4$*w|#>Jrxy*lauZlP7=XfaKm4^$j@MV
zXLgd@Q%QEUJ)ugq#9}QOGq^+0;YWF#J*kz8BfU)9cgADp+6Pbm%ck$0e0W!1eyToI
z@#w3Iy87q-J_d4{q5b0aZj+FUQ3Eo1ZUSaDm0#tkrz<3Nb}!fuS1gJ;zRqG7-$Ng!
zS*Ys_K66SzFB=I+ynOb8<^db-O~nzt^mPmK&{h=NB#$fa^^UcjVv;GjOfgl*Ay3UQ
z@7IqAHs%@;8{BL^7eZLr+jNQD`@3H{zMMSA88NPn8Xw<tjxxSP1Lx3i`}>E1iR9o{
za<}e{BXuNSu-%|L@P6(fTe?Hha4}>rN>R<mne5es57p4e5@SO@qg4&>^zW$vVMh?C
z=G0d&BO846dWH@Xhn0>nTmd=Az81D;WyUsT+$6kytvg0YQ653R#;jYq!W`G9=X2*%
z98q+h97ic#we0T<jYAn5`APph^8Y%D{B-|}{PN>}BL9^}9Gso#zcBo-b+3-_aOG%M
zq0yXTl7<pBYz}%{Yv_OHn?)0D%f%lKs*R~`cJdtB2pm#S9+#sg0DhPQF1IW%E<qyH
z$V4hp_3}Z$nC!n*z^H3V!CPwD6aaLu!IqXx7_k6Goy`gV2j|MT8z7y>QBi}pCnqOO
zKO#Q{$K^nk{Q#Osw<~NrH2^aihgSl$C@fwYcyds?HAQy7a9eq1b8FEx3&P6j214f!
z1P`KK>h2)88%8j{o9)o^t?|5^i=6%V0x+q8Vg!rOUp%p92fGn~EQkoQR1lZ!zd2$5
zOhjxZ(FLAk1xD}I9g+LP;F}3p)ap0DeZda>#5SlBYGDpX1Ln{hs0!xhlK@+$dd{A%
z`JC!88P4LjD`yAtp?%P0zQB|a3t~x<yI}tfb9$eKLeUL8L<{kdD;ylh?~B0e!pw)W
zXD4Bt(ybb|!f@jmMSScVU?U*hSb#AK8Zrl)KbitJraI0p&EC>wc@bKc_?rjSYM6<{
z972yf8SoY-&Ad%rEO(Un^YGWRL|Cx{6ye#~b3ittp`qbK^vhWd?!gi7?<{?1@8U5<
z3U<MiBj}X_Htq&a)Zn-Zj?U)H+#KX@SJ!_66At`t!|<A+d6uZWQb5uK9FJ*yVO*&;
z%DZ2Mo>l&r`(scNbO2zPK^pwg+d$%hBi3O~_#4Vm>vtgWSZM|LqZJNo)YqxOXEdsU
zIhJ21XSI_(DorrEt_Sb%nE~~AH>fk8Z-Y*;>QX5%#nZYP-tV5}eq+@gl2;7=`9#e*
ziQIYUV+fzMwyR`Ug3wTGiSh7s+SG*fcw(n}8M}{ic7<#p`inMQfOP_ZY^ubAu3BTJ
zBsg;z0FX!lZ7g`&?aU1b7HbTjZ*a$4D$=CL^}^kGTmdQo6cR65MgHO_ScuQ`1#538
z%4lYUE!x2oLLmkW`vEkeTWT$p0Ck5>*l8*cPfz1IFJ0-n`!g!Q7}xag0&IK`jIP=2
zNv29K90%sNH#j0_HfD_HXt7g+p6X<#a)asG+8T((T2w?qr=Z08T~S~W%r8LpFK@cu
z2u)|geZU~iST5O8Kkobp09LsJV44D7b>ZlMPzS4?6$95~;Y(&H)G`!|j3Xf8qJEkM
zYIPe$9H0Y;{_WHOqZ(`(uH)P{$(;?Cx;FR=hNUt4?M?vn1XX)uKOi4TZ|w+^=YY#(
zeOv2t5+=_rm}PpRw1XKE@LJEzNT)<AU0<H}a7dN5{X`NhF0;UgqD*C&bve3e2(xY=
z%)EasFAEOfcO>+F{p$MCZV|NrwXS?A%pI4lGj$hQI-er$ay<q*@;%j_Nr2sc`usUg
z<4su^^tj_+a+h<dCjo<u%*)FQFtAB5&>)Wwu?MO?Bk?>e845E%TubuIUxMX>9&nNG
z1BXhhof7&Po?7i^xQibo0j|$%0Ib?VrvCdI(!s4~Bjo{TP8-l{WPi-V`WT|k^0(4s
zl<LFI{Dk0PA>GDF{h|^;iW%GW*Jb}*W<4?zGI^e7$-eYEetmV4)cJA8uiEGom_!S+
zu128z2NmMa1?#znJmcM4Ffie)V&<%%M6*hY?v}7^PbCk#-~1Id4hp1SJN9<`p*gfk
zv%1#70(YDCZCHpqtyCH#phyW}=`k48Zv@z@5@tMz0r?<HME<F@%pFibJ@!n3)Q-}C
zw`BDcvs4wdwq}bMam`L1ym6Y42cK^N4Q%AU@b8g-<tXyg{xk9`J^vH=g)ReQ6c^V6
z)xm;H*i?;uis=}8;jeJ7(02s?QPoJsS<QSwg_0rL#loRw+tKP=UB^N_e93e7oHKRH
z`?lVUKgh4~=lM18#P&P2`$5lJ1Dc%MeR(`II<((+k{_-JdM3X7%<<w5;T_Y%hB?f%
z_{QfKpdMHL?8*K7j`iCNrGyJNJmuZESorz*y<sL_Ckzgj^!D~n+yzrt_3K`X5J#w$
zv39|tj_NBQNmS|z>9Lyo_~PmtseSJ(=Q-ic1Nv*(2MQ>C>$!<hjUZ|H!|#al2TNt!
z{BOA)Jk89U(nt8VC52H9VS)!#X|O^_&spe6v<-GDI7luIW>1|J6ns+n^u>$!NywHx
zejI-r^N>B7Q==l1Fi=T24j3yvYE4G<(ed%%jiIBb_sC<a49<SyTWb@8a%&1ZtUHE6
z(aW#UqmUk1EC$v6CnIFmRWq{*Dh(;NQ9<HQDk7<1ied_88q+Tho`uPI`SrtI01d3y
zAFm)4eo_sp?=fh@)FW3}*+$@dU9s*-TWP?gm@E{8-Q8$xl;st@*xuH*^=s4{ntmcS
zW$l2nv54Of@;yyS*^KVvyhFFnPVp9d3g**(U{Aq1(2Lhn6r*bpC-K?KF~o)Oe46Ih
zuk3%k*gXQyIbC@(Z!bFfN}Q|Oqp53Ks=mG{iG$OJdp7|ABy@^Rnv~M=d&6<}3qcqU
zQQ*n-%r|T?f{ZeLMlx-aqhkP)J{kGiN=HT2at2}))&m_hLYgM-a2u|@%qC1+GV$A+
zfvBWeFGpnr{w*)|du-|nVRi`b>x_&^*y<o!<L}hVgbyMpL|iU8jO;pJ((wRW?Y2r)
zo`&_!%~#9d*Zb;)1E6LFz5t<uM$&8<_IQgWux)mBa~p#;BgE8PS)tSW;3)0_f+`R!
zfqoZ)+r@_D@Dj&yX$FRuVC*yRN;GqKI_{lGSe&}L`jYRRS~oTsdBTbYB@EFP;fmkc
zO$wl114L=^?tbt#!EK>SLKgA=J!^$dVEF<UCQQaYUByq5xE}*jn-I`KgFCG)a>#b5
zgJ+0u?|>8rBn5iT>bF{@`nDSY1#V$-(%j5Uj(rsvED!RuF8uiMqw$l;nFFTeiYlF!
z3hRp7iA22jO3KTzW3>VT15briL*FD3`C^V5I)NA3K`hyWUI$0*Xsp{0G>Lh=Z|TG)
zp&#Al?E0Q?frd*hfwkUPeot3R>kBkLAqP^R64^Oy8W}Ot*B=CO`ok+7(J3ho_wFS>
zfBrl<`3An%`)|DO76yx<ze>~3B4SN`V}5c?bTZKAt08CyfJ|tf^0L);jH1}Ml}t!}
zS?FuS*((_hsbNd{ppr5xTKx5`bPA+4^qC_EDm?Vh4pQCgMu?!xJ<t%QimWRey7j6a
zj9jwRsPhU7mw_kE!)+yfHh&x!C(Yq}DjGr$4tysI&YRe81UiecUvXma_h_(R{mWPz
zj`-@DwA1?72XMLqem_U{*5(F(ILoUbqQ8Dqx^|Cd|E7|feDGhtz%s4hZsss-I4)e>
z(DMbJ`WOd(^{i>f2^<{L<Fn5ZT0yDE!*`JiUD>vRXDtS*U_4x2<KbzeSoCs+J7%vN
zStgWgkMgx5H#8iMiJ>my6c>N-_|lG%)e{#mhk;Gu`?qiBG4TK(OKlfFueAR@xwNF_
zcKbd?F>3JKWGLN%%>G6Cyv;=Tb8i!L{rZ9F8$l;@U+|{1?n}A%ChRwo!MOlzn8YgU
z3*av%CnaTMX67=|&?sn^{M<>FgDlG%Xr)D*Qc`HxNb}y!N!TTU(8mQ@?I1|x5fTE6
zfuswTL|d1>A3Js|w;?ARM%02M6gKi-{`bhgdKCF-{u%kz75_y3C#pC&OiWC`j<~iY
z??*k}c%oz&2S;|<Om9zDQ?o}^sP5VZsht@SxVSqxJC~M~ojGqR3-iqP&#mlur3<Y<
zns@*y6f8)rSoO7$mKLP+co4kp>=wZ^X>NA*%wz5OLYSz8L{G7R)k8L?_f7dbH9_cN
zgVF%;nJpMu><d)O6T=VDSbhE1uVt{qiKM?N@>q<IiFvvK*(3H=A0B@B;M`YI9V_T8
z#&BMC97`gS_@eT?0z|qn%Cm~rOF35|)(Ls?o<7_UAXDP?gKG(Gp;DHQ-Q6rQem?oO
zB4=*EEa}rW8!IF4S{|qhy;ll`UKWfWdCDiV)=CBbBd;Eu9w9n6oqFaGQQuo25Efj4
z2@fNWz6GNRA7a;<?Xfpq#n$5BP~>*P%Hp->#mkrDC<Ec}7SwLa4`(^TSf5g08EdCN
zsREa;B_>|r);fd>E-o&h-)T)Ysi96xP0v974%tfv9=@_=;4tU33@2w694Uy*%6-tg
zr5=(!H89sh=f&Lx$cnV`8mlJ@v4b0tyAxQlJrGr}u`oHJ{8&Huq8rG|%j@aI`R%KI
zui$z1QrO}I4Ue+-><g=$^S&t83-=G^E03+XX^m^4;-T>ZwG~WH+YUSmq|l4Gv$ML&
z%D%M=6viqCNF}?LPH0@&(lIq<&1&kChK*oEJMtz>V5A490vdaJ`<z<_lK4F^&x4}o
zDGQtRG2Wl|AS)7om9z|lW+>T34z4oe;OMlDtmng~At_k{_BDEIH^|%C+9VL$S#$c(
z@3FeO-PNU%I0Iebrf=`*>F7FQco)+uRKuUgLrw;v?`Bg+hZUsRUn^C|Wh@CDYuDNp
zS$ta!Q-?`6&&`;sy|{@F^T&NtM^M-z2>2Y3hPO%3*%0Ji^^8~gctYG4CBk_Z)>3*L
zjK4W%=^Mibo@m#t^4}5OqnlA!dM7qSz8y$PN@^sjo1b?`6CJI_r^%)K{S1w@@^wB<
ztiTlwj3%DoUfYVY%iKIXVMC#B1G-}N&a=3?yBFt4pMqg*+Sn5iI6XI~Jq@Dc+x0&0
zVo<M<oyTzeA0-(2DL{#MADnOsW}v<UM<g(H!CxU${<^_G2^6OWtaZ`S*DPYYSK%-B
z*)2dM%h{fL?8a*meJ&0TorBmL!oB%DZsGef4;H9tcm#7V^pVP+I;)d<*E4bP#RVFJ
z8YRg-pSkqb==D@E61zzx0eVtM1ikiP1nM(gc$cDw>+AQ~B%epc#>UoxWBnb+!J_24
zx+_~suob^oavZJoe0~;YFDpVV^3yncE_nV8j08#-cy>_twQ55j<;Ni(?f}~LtiC^2
zlw^ZH(F-^zw6wJC1`@9GCGIOGv-i_#Yo!isD$B}lwlc(n2FDLJaFJpds}gnz%cY$j
z2orly1$k0t!&Ta6%hA6OwM;?l<mpEjjs=Nsig`Czd~HbXS#tLO<Lf=ZvF_inaYb24
zW+*Gk3RxvY2t{Py_FZ;Hi0n~j_TGE%y|c>RA~QvH*_+$^Up&9(d4JFQ9{=BQbU5N(
z-~0Rde9mi~*Lgu-Mc5kjVV*fiK;=k{oX)-Wy#PF9u4g7glYL0JgXVIDlh!b3z@of%
zZGCs#>`Vm?`hPMb`B+kPL1Rz0v&YZE!U9T*RIpj;rShP4;RGb-ULif*-R}t{<BWM6
zJ)H&JK;WK5$bZ|$w?jjdCE)5Vgwh@sOde_#nH*+fU}9xW*L|GY|JwwsCkNz#MqU)#
zR_+0xhORQ~DHOkpTA@M?MsOFbdf2H(t*zXVJ{xVHJIoIQ@s6=bMPNJ^id9H`a@nxH
z)+y?~sGvwE?)Ow$x~H=f=xH~NVV?%S-|1t-5hfRdg{MY{dVp`L)TzAG07Q^9UWhE1
z9+E?tXAD8=BG8;w4uRfCb_o7STztF@q~k3YWSGB7ogu%}|3?0ebL1!fH}WeS{*C;|
zn`mgQC%yb@al96{fUlO6^b&SQw;5y<#w+_;TlGQrgpdCQ_)hov_+q~MpL<WoZs*=p
zEo2NpIW0vX`beYBKD^|~_it4_x0Z<6!1!L?>MqR5F^ku^3ybv*Y(`O068Rz|EBJ;C
z2dvD^zoP2=e0$Y2a;DVE)L7F=x$9tpbp2*03v}mQo*DF721?cm;N6&!qBD@e;bv;{
z7m+6abvwZ%$X<ccuE|KjPv9#6qffhtlDMOgv26)v<SAqT367|WYWq;iu*S#72l~tg
zfgCJJQ@w{Te|dUw@p}mcbJ4;y==kU7=Uak)PHE|x2gy&5fK3OnXUaiX85~_P0p|&4
zhQ#fNh6We-no$d?7Ktt`#@9ERaOYkFJBv?DCRx4)+894Ll#`hq`cj{HE;-#y4Hw_N
zFfz)itE>Ai2Y*3(hquX+#0y{!cCW9m55V^2>Kk-;pc`iv@z|omY;ppE0LYm*9&NNi
zvB${k?7=~v|9{_T;>c%{-c95$C+f4WvvbSg(M_!&<awLm@6<%3=Ke#Cl)ry(Iy_7w
z?w&nT68*_W+imIq&wBqIZKU$-Q_vWFQL~6;JsmjGz=iw)EDB#=-=V9Lm!Gc>4-dl#
z9Uu$(2L>Yeq3;6?ZCythMWVpS!U9=_??9|NBeB1ETJmz5or$R$`WpcoAPTTu=%p-o
zJNM)8A(Y?{a6a0nKHbMW9EPp|MxECawGT;DU@B)KL;%3_?C$DXLY^K(mY0`<h|bn9
z<lsO?5oj_%wEX<2p?T>PD)47`t^k*F21syoxA!Z-wTF3K%z(Z?8LL;~q43X0O8Q*I
zD^~G<kueK8$|52nfad7y<1=74vRwlv2`x+K$tKH#5lGVL(nz^=6awvxk@nRj#oq>W
z7`_tZ091Mtg{TP#ggv0m7(6&o=HfJyOCY*&LtS3J1iJ4FsI^YPR|Zy(b|+Bo!K(`<
z5t{P?Hj-i#w8}z)gNu_Bb{F8zpQ))=R&gTZOY`#)adFS1$3brrx@5Aq3jWwUf-913
z`#6gzt}Fx`doNv(^*rKo5HdV65-1<}09=rP)18!j{+#%fctl<qPaWa}P<_+TFfldl
zIsRCG3Nm>hQNgv4cXGVu0)m`R{Stq|RC8PyNyS^VkhD74a0<*+a>~rFyYg&cVd-_0
z&mC}rW*6#O0?RpY*;2?OA`}bO8t^%}O}`KJ_isS=1v4|V_9P)HEJ!TV{LjD{OBIqY
zBBx&WX-^>n`2&e8I3(YJrJ<r?c+YuNs?%<Hc{%HGtb&}}7qYRmt}5P^N`#~O*@pS7
zy?&6J)kR=dH{=z8w|u~oI!V~6{+H>P05Qm%MN0+w&0HV{LKp{JETz=`cK^h>lg^0=
zL0Z}m91{&LlYj`n|N9*)Mk;R{N61bLfWJ~yRP<MD+8LQPi)cO@%85<rB&&TiD+GH5
z2&T)&Zm@&XpRfR=($VQaAPHU%7oW_=3W@#e15JFm#zBtuLiY)yZJTYDCE|Z#wyD`!
zE8yaJqr#!7x4fL^P%7Q_$Q?{+Y3UY(HKWD_Z!IlB>`Pr))B_CQ%rtjZod~;h!_wLD
z;%jx>WchZRhUO)(r;H@d&n5j-Paz|clkxbd^QH1RUGJLioq>)*if5j&$n3Z~=jSDg
z%*0uYDfDi3!p(EC$62oZzy2w<snr-^pZ(<w`Ct5R<lj6;exiRPziQz*@{^$*mbAf4
z$7{_w^O17-`SnY(IJSOgh#*^-oPE^TH>J<=CqGTmS+9uVFzW8mi>mXh&~=Z>*4Vi%
z@$*Phn}xRFoO<%qCkUCHfc)uOS8dbx=6L9@KPTBU&m#C<cQ<1v{;0Ebs|+`yYxrcz
zqQ8~lucf8+a4ecHSJe5^*_-Ytwij9rkQw>!O*kFS@30)?r`bA-83U`b9KoZ(zsYh&
zZ^;=EaZXP}5<If6y-8^&oEc8sSLo<eS9fv|MRImKc*tlQrh5uMR!%IYev>S>IO%L_
zyYZig?$I{LZyYIU?6j-^YyoPXeJb9w_Cm$l6CVg~X#V;LqkHfXtH*A6=BG4&zoq;!
z3L)~}7rH3eaLep+%Pd0P=zM*2T}7Pfi^IY8P@FCDX93wq9ddF5>e=%s61(^3%pBJ$
z`Qtr}voCS}ubo&?Nt&|O{rp!>A`T{5z!9TE`txNDLVc_bE4!-of7X5nkt5`b{?{u9
zoAo7)5v;*%yRA){Lw)_{I|l8_j~lvC48>B(1PfnOYfkL%@!u2mlu^eK4hk3)WHa_z
z#50_huW@<&h-S6WLAMGO9!8B3jEueueMa~1-+wnumxFJ0hlM-fVeXrN`tPDUm$@yn
ze+ng0y+6vC0_QLgkaTElQIY!hb7jMumdf#z@5|l)dC$iiM@AsS(hFJJh={Tu^-laX
zx3p?b0>i<-BHg3AuDUV!fx7y{?wO3tupu`zPoHT~(1&+4)*I{TDZx%?+K~+O;-7!6
z_B%EnA*;9i>+b3gtWzGpOwSX%0)(MM-LUhX&UVj_qsC1fQ+cC#{7g1SZp(BZ=cmpW
z+Csl^cHpx*?NM`$a*FJPZ_<@{WswBdYt9B`U%wY?zSyX=@yI>@uAbM(<m5C}MiF~<
zH|QI5nV|=q9x>9V*4CyZWzD{QzI<`*_?Gp3Kb-ts3vugTe~?)jc~AXh^KH<wPRY6p
zQ`jVGca*8sBs&T(qNAUM?I|gL1>S#$%zU+b6Ar-7A6UAP=DESRDpBA<J7GKH4|<sj
zGLV`PmU{8xMM=?`q)=p5yLB;o?>c#x+2o5KRJIv8mr>#EHE)kc1QI9?9#m;1<21BA
z(kSIu<eH3C7Ve^3xJ6eusnp-+V=Bz_N3~RW_2xzkPM;G0YaI289ZUkD^RHd!v2=$@
ztEO4!tM03q2ai~6dSiap;%TLi>>rT29lE@$SxMq7*Ltf)Iy2Qcq#icnRAEcBQmNCR
zRx^0|wS0U}Y<byU!uIZ|HmYKBwK)+r7X#lv$VU@>5qBCj<R8TXgSiNMM#|Dkz8o2W
zq~KXlyalN&u+%=I)u1<+2VBu^@9RuE>9V1=Most@&>9Hhu8_$+FmZIOt#YBw%g+Z(
zJQ}G8^2m1K6R5`<Ps6^mS%1dnvkZ=|SDh&$@46aa8x*fDtENn4F*j`3H+0$SZm`YH
zv9E7s{o0An#<T40;|DxkZ4Q(DF;|KXPX4HK;Vp}`q*tRn#@((gyd!*|JKG&T_@4Q|
z+uI-cX|BP$Z8QG^w}<yWK~7;9b@dIc@s0KGcvMbzu70a!skqe2kRdOaI{8aUauzX3
zDcBZwD|ODstBD+6Z;m8Y0P$z!ddX7Wi0SG<<20daFc~dL&E>)CPd0N$$44;nC_c*!
zE8g+7b=K3-2@MZ#;p=N}2Z3Y%kMSM@InXr`Ctw$1_qwS5iC;iw#L+d-4}v*}tV~Q$
z#$$~wYu^!-0ox7k2l&3M*?Ikjqc-V@4f47*QT_TGt!M{1Qb^|Nrl0kxLRxh@Ui$S9
z{C&8c6ZTO)Uub>LkiY!*|I~f6KSTaGAwd5BOZN?_bEf+i^x`iKh=+gvCpUEa+<p-J
z+kPN*{*D~>-=m?06nDa4?G)`8*qB)QlhZrww<ZqMug3d0M2SpB{&84M^Qg}>UZ;;7
zIh|U6DoNMzd$D{q(zp_@m8qo8PcW+9WLjiWM@UR!vMMu$+Ww(_FGU4~=}Rr);E&YF
z2a>3%%XiaDjrjlG+p!N8TkGP#80_4rmGnL`I{JZ!@@PryKD2yhM=&$h`V)iCv0kfE
zV!=R=wx-v<gTbjSn8cevzS#J&lkn|^x0aN-mV)kgr%_6wcccwlGhJ(H_*tPBDF%9s
zwGB3Qcd0<M`EcN+lQ$XV3s%&W{JE!P`eS!~b{6!?Vppy+Lnf<aO|q|$c#Mt0NHBUK
zK0H>)<|kGB6dNnoLTQWh^RbnsoiV#hglz?Z`uS?V>ek+fY$nhxJUPOBmgOvIKkS#T
zZY)@agX-(<NUSxaQ^;`r!s}6iFhFw&3*qQBj`wk9oJqOjkHbKB(jDa0qmnVC?Bl4B
zRWI*c6?;d|^1tpy<gPB?TZX&q<Z8Gm5>_U?PseSkxCpb-h(LqFhgO>+BJyggc4FE_
z^LuSB`UN+D*t|q3IMX+YS=e?bu5LT_pCjI>HTmWTDyX~rIpk{iZB~mSJnc^w|H)Z+
z^uDltd+bNXp$%D3(0dI-eSHg+a@|*x`G;Ew?xYo=gVd9I>T>aE#fr+EH=KF4>Y}&M
zMNT|!6XG9ANl4$GP1IM4Q6Ed5cnOYhmyf<_%ugB3DoM*AA7}HEPAnn9K;cl2@!A^E
zCia%*tNHOqi!S#s%f1R;yWoUx#od2Bg{wj1+rzaS9Z0sJuLDA_k4aV4Q$}6voJT<7
zM+j7PmjrI#c1K}9Z}0szHN{~(eD{sw^iH~thCum3Cgjb5eyrEa0}^b--a#5dkUN~w
za#2!IX-~k(4GBdum1v5H;*BYAS=tsx1~FDvFKyxaiXC-P9JI^m6y91WbU!kfpOseo
z-8C5e?nKhS;oWv{@=}J;IR0Fy)DeF1uAaKfwFa4I=Zi#1t0#KCNMASPk-zS*VFk`%
zKYM*T=2(<Ny2;{3CElx{s-;D%9a*C#mZm-O{=l^arS$S;Qfa9r$Qr1slCy$=89nT`
zU1<grdh_N@2u`czyayva2sQ?D62aw#Zm{r(h}O0?V{VH31R+bApxhr8e21R?b@_KF
z^fEU9`(U}IWR*G(W$k?>_OP+{l-S8~S_DavxR5u->bynqXJm5bch@pNtm0`G$+%06
zrO@wgF{Y-H=2wnO_?fGZp5EzeGPs*q^m(DVuYs9ofYamadRJK;7!0XT<~tE*J2nzW
z>KNZYy415iQz1dzVxlTGDJ79)+%@DIXY|srVRT4>-nt<F1f1dE8iqk@fm&<twj?X}
zH)`4RH8NZF`NskE35r9{oW)R!KBgZEw3ZAT(r37r9S8j#@SiMCFX=syP_1#NLZ1(q
z?rYfG+glsV4oy#|XRYp&CM-FlDx8%Z@SkVZYs|JP<U0T3whNPYK~knVHTtd))Mjr!
zcoUbOZ+dpz|G>P{sHpaOmL=6fo=LXgS6gm>x)@s|ySkYQzqUSlu3FFY^_PI{p|kdD
zRXaF1j`E8YpTBkMvEp2v0at_icBY)bAJu9>o*Ea~$x|<+v%~JR8JHitOJee?)WqK>
z#Og6q%zm&iGG~7^g1r=w5U9<ThUj|nt|tDeOjnL`y+TCU!jp{=L}%ca_@aQB{z@sK
z%k(L4oO#L)NE?_%QQ?B}S8r0{u2jmotW^FPtIl+(p1*HX_wna1HCvX!ue~+JXyy<@
zq#e<h$vR)^#&c63#E4G*w~zN&sKMwq`79y{XXYNp#<P`~l8mg0_jlOJ4>1SPx3_X}
zg}lz}hy4FW{+)B=zxHqB*Sr2V@*fePp-B;MvdDT^kh$)s?OLcRD4IPciu`_zzIdU%
z@G+j8Q<57EQP}r3J!!eR3(^`!d-z$H+`o<_chIl7(v*_47JIU$A6(~t8H5C1oQcg(
z2Txschu!cq%~?nxuR+#EQ4zL?{Q6!_py4|V=qxQQ{m<G@mxHJPY<xf}Nc;?hbm|i9
z(NWGbuH*71#6_qcYs7Rn2o-ux_U6hZ<jRO^bo8<$9X!j9KEZr}L#bWc*Q3AFQHwVf
zsnZ^)to}@jIn-kr*J)Qmt3h2>v0FfB!AqgRFYg4&O0dz&K8q{}^O1PNADfhTK*(?u
z6+=zuc{kYN3MUWKP(#v%R1;?s7+X0zOH4wdq^3qePX6cj?{-1_xRI0A8)n@Jk7D2E
z`1s(c0e2xpEUo^or?L<`2mK@C;m&xvdX=eaqlFnilU=(mNTtOG))IivGb?t(t50S1
zq$lI|jlE$f8<mFd;gd5JC+3pPeJes#9w(D}opzo*D&k#m9Cc|A^M$BPM{nG>NM=Wk
zbngjnY>{k8#N)R7p9_!q>%x<$(>)F8c3)&&O;bE|z3f+l8Uoz_knT}kfY`eGbQpUK
z5@FS+sS<NgWA`15yhM4Cqj*EA^2p}1Mm<jus^K1OO^}b2WHo-h^`ZUong#y5#iO;1
zHR_Bs-%}^^*QyWq0wuCF<kd2eJ-<$yv0K>tg;*q;{&MIZQ>S6PEn6^}FcNR0tBjZK
zdEw+u<ox_=;ExSS-J5RDWzSchF%}8sHC;Wu;$BFeKr=U;Hq>isBO?)#l0M405Hmo6
z=c$wGm2i~H-YqYAISZyr!8ybwG5Q}kVaksrJ5*{p9v=k>T(^7lySrt>@`2+$Cvw*8
zo6Zl#8@?~b)Am1@d2)nxc44_r5-zp&OZYvGYiD~zv&w#Yfu(lHFW_vc|G8r`n0j@v
z)WUx+^_gsAXIR#+)m51;$SK0+^BINIA=H0+1g|A@f++2+9X(;M$9j77TbM>?*83)`
z)S2}j_1Jca)b5q|8CCT)(#RQB7g_ML;HyzJ39KyNLF*$oui3Uz#H937ZMw9Q6Q)#>
z@r$KfI6oT3Zcj@vIy0SA14f}tim4Sc(t?L`k(qZk+D#1<wiJ-l?$kuv3T|?$Hvinl
zEQb>#C^-NvN=8yL<%&<lncA-J*?m)5by$+%LQp-T4iAq-Y9%`b#Z|m|p<?~!!rn~S
zhv%rtp3C?hQXIuYBNBE9B=wxrtj2BCQ5y&g@E<xbK}-SrcG}r}`ubjBq0i#&i1d<8
zGdH`Qne6Ke<bGso(yTK39Ku3x+gQ#{$p5)*4KAm25&=cMP+E*y%5Y!)$M_nWnzG6x
zNv*In0;N@^T|Pd#6=8b(p;}9%olP#bLC8*U@$zAad|}g6u)JWFrPJWk-gnZ8th+U_
zLBvj60S?KLL2xY_eYu0(aj=ZGlk&Hzs#i>moEN3y)^%K+XYpHIXUKG2<#Sww(Zz)t
zLiU9xPHnCN$IIF}ARvH^g(WpTG?d8Ul%}u_3@A|3Bqb#WjLM<@rs%v<KJsL-OWSbA
z=~2h)Xz*>xri$YtApTlD7KGy}cb~`9`xIihw!WW5J6_+SAKE3J?l_DMp6(mW&ASLV
z_=kyZz7gTn(@yN(I(d1JxVI;Vl5xB>HnJ-C9Qk37@_57TPsml%<b97L+}FraRAP#m
zjK*&%=lQ&`o{8I8iUM!P#|DoEBYCIVFpk?P3!k)di1V>8#cMvzAkBQ@(BnYLZEL&5
zvYQ?h<?geGLi|;@FDWZaqu;Ams@*-C7jff3@9=O16w}JA-o2BC9OB-2omlyQBmeF>
z^5g#-`Hi~%M*d+fs1u)~ZE##fi$L3-wZ7b`$}OXw)vwKi-8lIXoVn{=BV)!9Pa96C
zD*qf35lVz$<2pL~)knu7Ra8}<NlA`#Z`FBRRoaO2f8b1eDw4wOC!bf=eRGp&@17oN
z_;GM@(?{Fcic;)@Y<7#rz-$zUb~_<?n`g{(tyg9L{rw>U^c?dKCNG9?P)Q^2a8ddh
zv|Tw*<+ONM<h_#0KDmTPHj98<j}PvQN>haVF)qcu_Cm<J5MTe70ZL05q+)nZImDm!
z;n~UwhCasGn=Hzo`D{s9QIAB1&L2JO!diLwR_3Uqm09w?p5-E7FW}N7xSRfc#yvaL
z-lby*4%z(tb!WDNK()V~=?*b8P$r>p!^+C~y2I%WN#P@Q_P(D#fA;nUEJIEkWZ|cG
z^uFAb{wt-Cn<y2E+FKY}ANRlz65l6SB&M4VUj0z^)xc$Tr{<DaOZV1CXWpHz_Gp%l
zlfSH4$reu8cS$w*=)0}{18>JOwf0h7ou5J=3vS%VnyQwrKZ6MOfN1-9g8rifsrZ_j
z(d(Z!Uedd>;q52-#>PPJY%IUczz{0;r2u2z^Dmz?G*m%RQ4x9*b#>EHQ|S(mthH)l
zW5*%CJu@@Y)zt-kl3rKHOP~lCd{9EBcC0ZMww<TSViT~h?Xi#(AIMcQw!pge9lk{?
zDm&yMKbc116R*k>+p<??qs<=m+=0gP4vG6HoGrtHaTkG{6PH%Jq0_!9TJ9rGRX?(n
zxr!G~YZB>4>((jlw0CU;2t=mGb|BHx*VdMKbvoFC;4u7?Pt{xFo>keQrfVUx{2(#9
z2L%ibDO=lpb+fv3MWKsaPsaW`WASp{1>IvADo5Sz?JrmU689&_X2<0V)7GAee1ls1
zT<>U1v*q$i#G3X?poMdeZtvC0BP=7dseva4)Z+1{25E1fy^bchDmJZA%EHaWQ<_)n
zy7*kHte;mXV>l3J6`xNct3KHG$Ho&ZCe#@N1hfDpk=u(jRH|gfE;%fcnL@|Z4d1nV
z`w5K<ppd+Z&xlb6oDLuPW329LdRr{OR?5q}JN$4?2ILnAih)?^W1M-k*ujuUoXzf=
z%z3(|H5=qkJ#!?>uDd`ABsBR;F_wr`EK=%&D+QIES%36*dV_w)S}5}Vzm~8S%j=fK
z05e#Y?KO7gWh_DC^}f_4DIw-LuSz1ZtFNkOysvTdjg5~(C$YQW(`u;Zds#8dstrN4
z6BLYm@R=lA=y1W2cqcZgEpB_aaHX7#HQ5^K9tmfR1E~D$1FuZ>6(}j{D&|msAWwm0
zHeHl*Zhp=Q+v9)CCd2cnUyF+ezrLWCz|bTcXaI)d)4BB|>{;dxm7mgWCQ-W@Tl_pX
zpSTzo+u3icX)#qbm(+F*z`u5(y*g$;J4EPb-Y98QJmQy@Q~An&%;(-U=D=MI)8=ce
z=}v-2o9gpvs_4*wx97#&feQbz(M*Fvp`ai8uTuTP5t(nlf#Z6`S!2UC?Pc>xcEL$^
zVZBPSJ(&oh(E>>70w-i0suE$ycfY^V0>?vs1B@x-P~hh)a(hQg!onZCyu94p+|twM
zeA(-(Ky~XNh6ya1=u+R_f#;%xL=0+zXIp{Z;8QYtKdk|Ky1`tpT6Ji#hL3lC{Yhud
z!2!z}r1$)5t|1tEALiQptldkhD)Xx$y8qreZ*8H_3KYmq#w%D4Ik~vL0aDyicB5`a
zu`uOiHsHf7w;=r#DErGm?Gs3EfFRqOkgS#5p}Qv<)>C+}x8^e2PB3f-LhY86u0dx$
zzuNys{=IYLzxr?FH+T6P`I9Wr&@{audt3eKlVl<LRZ7Vb9ioVRYVE*02!CHXmk^Yk
zFI6htU-7f?bf)B{)z+AHLk;#baJ~%R8u;^#ApMV)KHaS*^x=BMZv*%fZK(~ZHgdm;
z`t8(`L(%Zrqa07zgiz3%pI~^3+yMGM{hV7laUiewa^hl6g4U##l2e@|h_b`t6hVay
zWIFq$()kFY7<?v$enZ0+C8egavbYpP3A-m0TKswn5Gy)>P%wCrm6bN2_6HPxma|pL
zUDJ`2>540V+Xf+e+4E<8+G}3Z<>%jFYiZ5mw3OrhCSHk4wf3Qz%_?SmwV^xp>L{Zg
zmS)YNxv<;@q~@IO9h>deV0U;m(FsK_fXIc=8g<%c{QeU<Ps3#1EgYYdQq-@H?8*QS
z97k{cz8L;rM-7;rC%_$sGE(*laI+z)2(u7cYJmjAiizp9yllcG>Lb6=E|QtNtv)`u
z{5G*qw#}jhuggguQxv`h@G6h0D41(O+5Lyj&JsFJKnaRuYHe*2TJ@!*q}1LfqBj|5
z7Ggsoy#k8w-HXt20Niq-LU!DF!%bY?a|@0M7JO@}^6YD`i*7Bi9D1kg&4Jy3Z0q>N
z7hI8ZWCZwT3qFCPe2xMRJ?@tTg~TVjd)T2kn>L5ax&d4K@&jr6xG)X+bbV#R@-Vr)
z9|R`%dJhHyaSq6t85#)5F?Id%!%k~~5drmNWo2bxW=<BpLbt3|RC>2qZnves5y(On
zc-M+T($MSy<sld~%T3&$^g_t8fEnEz%0kEiL+&z%dwR^zqwak;WZPt+x!$tH@=bWU
zA5S>QN8Tas-aExL8oKSDQ<jm^I|QjldkpvJz&YxSyaH4~3}K$gzbrE*&%NxQiJ$$x
z_7!fQa*1G_c?LtWMu9{b0gIG_pVO>eE^>(oHGEpPta@@*!pide&wD3bzEgfk6h(l?
z`yXoJB?zzUuaT1K>*%;W!i!>fSFtd24gE1e5c0!;2=J4wPJU6LCGnDVUy#LU*~$fL
z!^_XFuBJ8+a(I)Bw&vQ~CEPbJHR8lm?LafBV+h0}Ku+j!D-;pIAb?f{=clTw-$$mO
z@@!{YJ8lFL3`z@t#`mD4eCs&h$F|PSoZ8wSNtk*wQ(~uD`15wZM0URiC>YiOPYb9d
zrRC*%yIY`lcb%AcP*?z@Ehz7sMEU#UZ3$$76gdouqnMJ&wsrq5e7jf8zpa^L{HXKe
z@dY#jK#l*mx-qtJ1MGK@I`Si=(E6XR%*=#_g@Mr_B_iUoUREiAF`oWZkN5-y6Xuto
zc?DEmq1%519Jp2{;y{hXJ5)w-Kv{DFTE*qI@lW0o2StU70)%!TUcspU2QE8Q(+mdU
zLC;5GRMb<=XI;@;2F~kWFyCE+Hmmw-C@KJ-_})@Ha2}=A#rNfysel0DQ(7^@VbOiR
zA*4nK?QGNkJD4@c9`lA4hOZAKq56;`ijA)Wh7<Q-U~z4&&<yk*^k59dAtw({xcEx~
zA#sz)JX<Jt!-#{Ipdn;xD(#JY^QPcqDBnjfP<r-__Pi2MSxy<)+d;nZlGslI2L%0=
zzL)2oc=OOYn6@#MXdQ4)z@$#TfXti&vmdY9?l-<*ZJ`^yY7+PEW}tA|8p`BM_XVs7
ztUq+H_!A0k9KeW2u%>T@a>9Wj3yg^?1&l&ME}+PfpVM#1effpYrbttLuZz()DNY~9
zS&+FHEGipdNU%+T#Vqp|&qMHC-or#|mb>4;Iej|!hZl56{!>}tXJp!O*$yiPg|su(
zt2B%G>@(!I`rpXEe~$ck|3-dmuD_9=50s`e6Am`J*rT`VtlZxoD>&}}A=zi2L%T+|
zr4*#LY$lx|>p393>I6)k?Yd`<HIM<F2Kpt)G3b`ay3LqUHq+5xX_?``O6P!aKFJj!
zhJ`D<9>cjqMt{^%+kd`+8z~>TaSsCn;|i6)D3*{<8{Nd&JtPght2>7P>I{TsVYD!W
z%1@qP;{bxSl)`t!)@o|s&!n>p3?W_c{21or<g9^i497h-7@l<6H(~c)%)->-Cdo3f
z`m*NT+t#5`%@q8*S#pDnj6NR+Fif5jT)U)59Ck}@OngoH@m-oMGC5)<SJwX9tx@}0
ze&YSz{L9N%OTSrLk6lWP-a2kLUWH2bLU(*Lf5XGQRTF5a5@dirElzUf4}viDhw1>M
z3Q0^#%BEKK)MKUOfyV;6K^#Y{Jt_wXoWH3ZK=_0_*j*1O+ATqWl@N2j!pAk~Eagza
zWpnxUplVIPcKszN;$&oG1VM|+0aygl7q~o=)s~o@hQ`KRgWsZ#wP#+yLq(@r7^8>3
zQv;*+q`sX1xuyyzR-haF*q3S9jAsR3>cQY@pvczVUS_Srw>jhQFFIGW`|%&MSJB>2
z7kUX$VlLRkp_ELubI|nTs;y9LE47|9Q~d#uLB4V)VOcJCKCQZRgTKmVEuj%lc;P)e
zer~DN6*KUi*3I#-tGYj2Cg>=`Yu8mthc*X*1rKNJuLOsf&+y1&w?1(7M&;YhAfOu{
zM!@bZ$X#PyFn{+5A4F}Mh{!AUm&dq(GVz3P-@}0IH$5c01wrr<$RD8k&NY}?u%OK6
zl7!wI=u&Rj?`qe;z0wD)H{kXbAKmdq_M@5x@X8OHOny;qe|G1%>ggzb*ioceMgGOf
z95@~C3#I4#ASnz@2>q32NE63Jr;o_s@ej)ep{Ud_rWS-`J{C9D^N$%*{o-SrI4J*t
zq%jG9ic33IOT&1dki6WGrf`4msnprkHTA(5)XG3F+^bw$M@MOt?M9nQ0)CuDtI6UV
zOBH)2%u)!4!Mw?$&Q_>(fyRZc{y*ZUz`!Y9iYcfqxetoLN5>QgkKjk?Sr467T}(2S
z-ky}I3%F(YHHEe=F`d+#YyD9*8q$Yu6o-etpN?MLe{7|$uD*+k*;SabCh296OBDh>
z)EV8T)^2N^h%!81LbQ!w@@km#{bHfJ(w2^}KMDaIlV0E7VEIhzXlE;{_lN8Y%#o!f
z^#xh9hd>Yh{o7DQxBAv&O-DyZ;E*egv$-+76EtrnFU>yQa|7B^wfzpWz{SsJlLd+<
zM`Y)1{tVEwvaW!1D^S&tm2W7mHNS-;hHV8VKrj*b(&#UqK~f#4ar7paHa}#*;7Ppe
zfBJ+@m)F+tf8vI{%90p6mLI0Z#}5Q1r|{K5pep69OR&W3dc8Dp78=DkVca<sF5ho@
z30;Tg>L?I~SD8QGpN*z0AhfbK>EgBPe)tQ5Wl)0qj&Xv80Vc@}YCLCC08AD~%7m;|
z9xr5O9Lx3m?sWlS`9?93fcSXIZ6Oe$LeEkG0&e5x*Z1b8+H(+UM|XWwRa7J{QwLog
zTU*}SFN3QSfK{TWr*{ne+sEy|ga*T;U|M4}7u|=cx3u8L#fdD|kn^2Cjdyc(y^K%g
zS1*KdN=4Rr1lS@fDr#zK`a2l3$JPzlH6L|S{36n*F2c4Q1#07aV<Juuktqn6Xo=bv
zp{=xOUXUY7{xCgH2s}0PX4ln=i{ua9XuylN4n*(WuahL&PgPvVU~~Cx0*xg=qti_+
zd@aOO85<g^V`7q5Sctze2B|Y>ZT<4782c#M&n0C!bJ;n&h5D2A%XNj+6Gr3i;Mvx#
zA>gj}baz9FXX-=b(V_5L)Y*uE^^f1>w9k;=_J1Qk>KyscYs7&5S3dJzsEd8?u<$qX
zlUt#o1<^E5j9IorI0PaHdq*fsL(8Yv?z99iU8uTv?+uLfHMt&z`d)6FV;Wf?u!Z`(
zL1NHJL63apYbEl*$H9f)0FDj$`HwN)`e{F|Uf!9r9}0yQjxB%v9Ujckn%VdH`=OcV
zb*-Nf#>$1ay0_hK1{D7Fg0oje`F|+PVKM8C;-GY6c`6!UkMc?7{LdTCEH`n@Z+ubL
z8xaqrx<rhT7^Hl-Pt%6@`{T#F3~&~Z;TmiZY!f<`#JP~%yeXjDehnxb`^^oQo}7sv
z3V$!kbpm}3l4TIJ<Lr=8P@K)cI?T1vTS6E$oJ<~fbakm$nJ0hvaN$7kZ0^L=se!8H
z$vu-w)$d-t?d%=GTjT+S8OOkN(5!r;2`m4K1llu-Rl0w{o~1Rb1SZ<kt$2jh2@Us3
z#%mYFd+*{;!!jBz<a{9}?QCh$1GX4c{f0+IkTAdpoS~SPHE|Zh+!+(773d6wb^&H4
zrn6BrFb)C8k?-p!qc{@_nlf1m^FZPH86&Zv{dQJC!Bs(16BBT0l0=R>S4U23gpkfC
zy(dqaK|ZqI5$J*Qh|b(D>Q5{85r<#Nf7(fnB*g5NW@KE(ni?(Ef!ND=YhGGabqqS1
z$&LoggfL>c46g2ba!=ZcE#Pa`@DvN-NNX+##WOi*4C=xDgGq>9sc7TJE0vSLXwdJC
z8^ai%^DE8Z*x4Kc+YWt4#hpY%ME$2zDP3OWFrMLJ-{GfEpP)OM9a;Yb_iMOW+80q(
z;B_ixA;*pnT=u+P;+$5>h@QM0cY5(1lPltf$Vh_G-nZuF+l-7)^@N62@h6})THKH9
z!UNe&M9*8TspDkh%8czyj&UV~ohy?7+hPguFd26ma$zpz&r*XIKxzI`2TEv3E*f1X
z=GglO&}%bZ37q_(muy!U#O34&Vm#f0g9#iaVYi*3yxu92YS^`F7G^dCp<{znUiSX`
zY2XP2FY8tn&}<5+FOo%s_1UJNjZ(Rr@W4z<;XrisO=%_mmtVCWGWB5dWodtOf&IX~
z6g94};_S)=y754FFAfNh0kndGOaBI?hqF;TbvK%hCq8uoG-shqza=6tTz-Gg?>Kt(
zdXeu`HKuVUg)J61;AaDWWM$t!Qso+lo<HyekAdc&R009Hs)`Du#wE57z`Pf<T}PvM
zLaPe_#LGPzuqOxv;=UFfz<9Y$lJyXgV3Z_nxCP`3z%0e_9!ov>#j>d(%h$A}#HDlV
zpOZS~pihRpz{!-Z?<ERP`_J=DE>pu8_U3GI4{K$^q=cn%UJE0(<JiI{oPzKEOd|Wf
z7KsK@<=0pbfh|w37mO|(#TR~icJz6QY11b6&Fe_vzjbFX*sQ++lm2LLP5Z{gSiF0O
zzPPyE)%C8nPTgwt`I|(2{M7SLO#f}aqi^F!l<5+FQjWOwYMRt=db%Y;=(vnpIDqEk
z4c9!epkk~6a^bSvoU(%*hrV&IWkR>mE6DK4+KQL;7BiJ6TG_$==y(@<QfOcBTFBR2
z8^g~nW|PsZ8}_og=n{n2IFY#5vxP4oQ$={}Si7@rwGm!x=0zA>+jOB1p_B1^494t;
zV4$dknF(fbT%X+f$mDuOB4`(DAf-e;SApTvt~VAg`F*Rbii+LO7tjN4?#e}mO7g^f
z+V9kxOgLU;qj*=&6f4GhehH1W-gPxL+AJA&+Cc1!62n{Hgi+>HjkfCgh+&7m)3x45
z+@5Ahg==$vdh7Lf5<agM^#1xR@$=KGpY#3$ET#IrU;F!Me+V*G`pz#cEwO6Vt{;?l
zb=qgWt~WZG7#mkjea%0<a<@*YYn5yJ<r(q^{BPtxI7fcmfBXC&V*f_|Z3;BBxUi5r
z1y7c%UhXjZ;>_lX*VXvR)Hm+uOnxL#z;H#!l6R%)yEe;?Vdq057Q#6E1fyRfC;}^G
zZZ17NS87ZUlm+VrG2cuw_w;pXm6_Lnr_}#uzc`)Cp(DO9uWQ)Yr2m?<9ES0>1Llw|
zHrUTix4#f<RgM!tvDh}F35%#EK17=tw0-sHhV@#;^3W6)hag3Q$Jj{T1d;9Wr}Fek
zBq_G-r%&?K!+9Lhf~L&oSg}U^-635bt*w@bJe3R+me(<b6b&|@DwmzZh>l0WTf~I&
zNyeN>3*)w+2ST%JP^t){_*|~|)QL9Nc(K!(k?yvVX+DFiMnupME{2^ejR)4WD@`Kp
zN2*SQo}Stxd)bOUSm?N$D>K?p9++vga9%pX`t>}i`7@deHv=pEmv+M^Aal?@>ir_`
z@Qr^(#r+8H#Cw+!WAQoaL8_W|mY?6B9A%k1rm||5Q~@ic?HHeEQGmq0L@Kg3sYpTC
z%7X)%$O=-9_+lz1-kj<6)|!DCG#am15nTA$Rj+yxTLRO;gM^Uz^|Zd6)C}4~(b9Wy
zin-FtRD8cZhOi^C1+KquAHl8PT$A#_N|>?nDapt3@9-u{AMHMPd_9y<XTyL=7pB-<
z_8lJ3jGe#~s8BV{rjJi?CyM&<LDv2T5i1#|?!B1R;e3`KhV6P}`#4rp8d~5vVnxs9
ze|vXvpOOI?{xvbE@JSX%&Vl|PZU5Duoo12L50@=R*Mg$Q_$1AW#YFa=+Pqh>@BQj#
zAupMu>AjCGSta_q<Hi(L2>t`qFL^DV#qX*|eV5^ekCra1f8yi9z>aj!@4S`<i+)WP
z&z0=fQ+|xs7aVuy{UZ{n^bTj|^cyLy2isr#de}0ufEM%6cAaK)Y;bm8u+Aa%VUri$
zyNMdy)JQcu=g)+)=o%wolNX2FJ>%TnD@UA1ZzlKudi*}gk|uAc!9{4B<u}W39G%83
zB~Uc}LSB|DJmQ+4nR!RV#rF<hm;MQtG9%&{(F0#K3a{wG5>EM~+xwnF*nQV|hUSX8
zAdjQF>%RQ(WbjrcNixSnixlE6ElnxT=f8?4NfHy|qYprJ(lBQ8yE~V8DC)9Ru%pj(
zW#hb+nB0f!b~u{uQu_UkDD&#-8a^T)xdPuizZTtOyn~*t*8k?a&=?R}D7pEjk&8#|
z##WOI-5#3|yTkG*2PAZucwIbu$JONb+8y7I+Wz-#wew1m3c`P&8iw#!+YLiQjMf{Y
zGuGO1Q3xyFYG=dPcyf&aLp6XVk>=wCS3`6Sj!lv~RYTSx(%+2ei%AKa-o6R%kPa1J
z`oKj#DQlQ3U!nC@{>R9-Oy!CCei&L5$`C-1<LdYu8yYdCRd6eOojulEu{<~+--C05
z+FgP{<tB$CnZUPX;}5y+?u|Iu;oKIbS?Lx@!mWPf(l#LDI(Oacs{PawMz{V)<P-~o
zLx50uyQ!GrbD22C7JX&bYNGM_o)VDJ2<me*6%j&O*I}?c<`vr*DtV|m#d#eZ>lHM%
z=&&^2Dz+<Eu0++f7|6F4w*S1Y$?$m8VpHkagf#eWW%u>Z5U}S#LZ$f!4!6qkwAEk~
zTJc8Q`9W8#A>6<W+q^0kNkjdngqxt@RuhTyiIQ)^qjFGz6b-7!;v^JqrE71)8o(5`
zqBkG9ILC6Z@ukI=G_Iq^m2_Qb5trCU|KhVo(QCt!G*tuG_-^JDnd!IPF)qn_8WopS
zR9IW|+i~Lsa@}|kB{Ii2^$XX_>yjIzD0dJ(+7;|ijZwP~*LJtfn@GQ$V$ZZuZtdv^
z=3V*c0DsoG#EskZ$LB$NH1{7VtKEyYiS0$!Z#F2*R@~yg!ypr;{V+G8NEwDv{OWi>
zE92)RR)2qrMXNbGnyW$lh14dKkI)BWlK6svtGktE;o_cN6lcgE`oEF?@ErMZ{*C-z
zFaAdUo6xe<uEoWx*O{gp_IMU4(EgYPQK*4&Q5CiF_U$u~J+Tq&Ae%UIr4XC5=@W*g
zSHe;v>gd=*>gcTkyD>ldFI;&<#*m)&J^W)|a;<1TJ);?USU6EZjQA=YdBM6P7>Du3
zu3UQ8-!xCvJMb@$OAfGdRB6XeI&Xhuk1PA^zwYht(AtVsOwMC?Rf8Cg_obrdw|SN7
zUs_76{js^8I#yc017ERR7kw${G5Q^MarIBS7LeEPD8&_VdtntpMzNi7*AM&D`SKuY
zW2UvS_$AzObq2+O=AM*@)-Mf-ACeUs>s?PuYno}2zY@7F?8pCeo)1;aZKLxJNDFF)
z?y!&-NON0!?sEERV{DWyBX@-TeB{H+ix*#y6qthlb}@ib*z(tx94LO;+ke_OCO=&l
z8NGCm5v1pDnGEp$Y-#-Z_kALY!pqT4Xc^qEOVzmTAhk+Ge)ZaoK63keGLp~ASqKtE
z&knNe1ZR6V7m~+{WnhJdUSp^;(BBC3J(X0m=`ZAv+UAM0>^pnjAu|6{5P#LvQ#6OU
zGp6Oko`Uq)-Ni@SKQ7FrVILb$8nx5x*7RwH#|@_AA4=-JXW6Vb-dXaxMJgABa;`;|
zK~xTDfqF%&<gpvOb%e>PWwZHXKXuj~GRPS9d;QGKz4On@_a${bSvs8x1GVk!hF+B0
zZ)Io&y%$rRT|_sg2B**|XyC`;_?bhfMZFlFb*;cCdp}2+^SV^71U~DdI(uP}$bEDl
z{8T4!AGeczdh*oZMX%MUq1=4A!07e9Wb#+<jq})SEk8M)#97(Y(xI8$;8gtZ0n)oC
z!1W)ulRAO3Pj{jq=ir_a>ri@$Z*-(i;DXv==9m`)<~k7_Pws8+_J@Snx2H>k9y^n$
z(dP;`5_^Z(8D8uOK9rOZ5V0EyXAV8mwxG)k&h;IjD7Uw|T*#5@%Vj(5*KVIKAxVVi
zT4>uJ(&wp-=PMwOYWK_;pr`*vr*vI&jy(9*Hdnkzm{KtANApCVa8IP)HG?Nl44$;=
zinS)pw<JV3x4ti-BW8*dBNwsLL%hyQ(ZlX2NOov*iw|FYrys`a-}b`qqYtK-c*|DG
zw7HK22^0I>&?6GPXX!03eu=&EiFDq?ZXuj)j`ZdXRrbE(0|PA*pJX!XW8b59+YfnR
zm%hH_A%#ny^CFEowang|;`V2HjK*zyZ?dp2;v)OR23Rf8^4^>`2Ff~(WUV4T)_!yn
zH|TO==?qc7o`@`5w)YMXefnmj?CCAq977GY<TQ_t*vGi{_CITs=8gLMl*Bmf2|oWB
z`7A=vvDL(^H*Ds0P0Yn&MsM6U1P&7}QodO6HVYNylc~-pUpJLz(l68#9#3wO;A4te
zIg&8pEBZOoyCr%W-C&oWTSiIx9Y&Bh8KNY$%-f&*A)sM;qj&MmhAgpgu{-6PY`G~i
zO0gNTXG|Rzl<wnO<5)|Fk<vbIA!d^F(4244T~GbC{}p>(w$sNqEc33uiad+<RJ6}y
z)!W;R=;5vVK4FvGj`XUEM92-ER>Z}Y=VDC=jOJT2q*TR=C}wqW1>NS5_3)?4&o4+4
z6y;oa_arK7Uy{Hg`!izs+S00<19cu%=WVITAN4RWh>AF<tZ+<J<>F1@>~=(lbQ7ZF
z<~t4&bYyy#TOkGJ)3xhJIkDoanAF5iwtU%;0yb02C|AqtIDKwDzP^tQDLAKC7|~j;
zVmc5pek9>%>JFYGGL-brzvuIbkWe+*eCV;N{E+3xuqw{S!TqYA5y7_8Ar_Gtt}+<K
z>Df2QN%f`N6n7kib#pv(#Umo*l<gnsi4ibLg_9}Hq^MvICW(E{yyK1JAwnj5>rb(W
zeWZ_gQlL1+!ldoZ812)JaAzdNxqU_Mu2EHrMBZgx!r<onwk-*Tu5lG-$RGK?k^kr%
z`LX|v{Ql^FBY#OU8rmJlO^bryU=d*sM!$S5P4%rWiv`cC${aR1W8FCdHbN(<>r+JU
z9wB0`yyCfn#km#!qw*%QKPqP5=R&b973R-t7}<Gwj@!Tc*$Ew7xwtXwT`$UB!TBZ@
zP4PuYfKwy;QtrCBSRRo_mer3;MS<X(8XfyM4N+|LY{g+!w^F$1v}coYX$R7YZNz3$
zlx8g+-O}i&Vq4{Qt`RUtPiNv-G*IKE31uV+R3Z?$soalkeV>mG=do1O#r+R>6r7la
ziZ?M7A4TkZ*dn3sLtIosNsivTo26gh_#q<1Tny)xH;G4)Y%}4jk1g$p%`h?Qij)8v
z?^(gI=E$%qmZS`IA_gtBn%$6WrW``9QhCcQPF&ydh=`%_iXk=i$<lJCm!`){KdNQP
za+6bX)I|9Z5i*%K!XI!~{=BTz<t~M($7e?5fAJE-eo)m%i8iS=k-&qSkF55i5)&KP
zStvt4#?kdp>D0@{E?qFta^$7g#)eO&rI8h}-JS55ILsTocgfeMu!vS<y_sP@tlVbw
zqQivljg5uf*SK}KcUHS8UXz?whkqSq>+WUQH-F05lgFBIL0BZZm8R3H31R5!u7c_K
z2w7)O5+4&2o#-++IoZ_I6so(rx(f6PSOqS>X`U<W%+y^2H#J^ic-(oq|Adu;QiF*&
zpr$!GWUA$WKwPBVm+a8zk+d$C$!_EkVqi$_qff_^8yXZ^qOT=yamqfU$CfXiX5o(T
zkc;5O`%F{v%7_$4ky*Sf>^6(F%8*LEw#Z$-!W6@OAMA8P6f=1r!to;V0_8JKl)FlV
zq+@#ae)!Y5eG=(1pF8eiKH9H-i-@XfXUK_ogn8g<$w_=7n^E)GU)=sk&|*9?aot<?
z`0dG2sE?0OqTq2KG+ZlcozSqaRi>p)hK43)rXA^;;d`VnC6GoSlybx(%`~60V&k$E
z?e!pyBlViaYh+xmdb|p+Vrknd%nVs_cl<)Xmbca-Tg|L>wp@u%CynXJE^T@j>vtd$
zoDVH6EteJ-uVJ7h>>L=1p}TmvV;SZNtgEW4FI72UiV{n4AfL5j+7;7QI!2t7>)5XN
zMbum84z(a=uMKakE8MyIg^qG26P3W@&pIBVWw(6DF#Y|ySE0Z}u%>B(mGM+|m)rd<
zyoL>R<0;FK>zz2oy!9aud{B$c`$}mGw0n@!SrM{b|FX4!$j!NLGWzn9a~;eZxEvQ9
z6Z3s^^f3qHk0@{XW-^M{$3!yFD{tba$eVGiH(wr2@d~5ZXV%wOZN)knB$e-Igaoa>
zu(xfxTexjr%uS2U*Z)jDT=tfu+GQC$!VH3_oD-t^Jt5hQj4V8aH@J!Kpck~amCWil
z7;`$OU(v{pEo}FdQ*=z{wQafMOdoF=-kmvHuoqUy>7JLOqMAb!q0)(H{B3gc34!||
z4joH+s>&?6YB%aG3a2vak>h>~2@7-J&FrgJ9M!b0-d=|?7Ikh86#^l8k<^8e^_b)C
z^4`af4EOKLlBpL5H}tdA20JXeZcX?VR?_1c*ZwFW6){ysw2ZJ6h|XbJB6N@s)1LE2
zmBzSie2yMa)N>K~h`iEi1<g0On*rsz9f*^*K%?KsWS~}<;Pvy*HDBo?$=g@kt>S!d
zuh_31>8)_*OIVf#sB|wdh-H0L*=)e{lfEjpCHiEF^i6Ud>x=|-9Twx9^)4Ip#L6Vm
z>M@DSTH$BohN}4dhj9oiX4>X4gUpUQp{On8s!w)e&F)N(?{;o{Ay#V?o=k1@W3+k?
zI(E7*Uw#GcKgfcTDBFOr!MAS;ReW4X*f(5<?023c8NQHoB7~0CMP(HS`;(GLSP(Kt
zM_cTmY$xz~fZJO-o{vNjrp0zas!^1qe1qg_G}fRM_x9K3XNm8Ak0yh%Ae|ujyyMGE
zBgb@3jb}ItI^m(QPLn52P)QsrwZT6_{+$1f{Kx0WkM(cl52^ec`Fj-6&~hnBdFxYd
zz6e`j!CrWYoidP?DDvzTaa?z0EURYu(~DBUjb%^CrFr}&z0*Q77EzeF7rJggEqOgx
z<Wn|!t(P$UqRta$3T~4@c1)!i7XOyQrwzAE(3sQPFmEv8&gI_r*$|ejCuD9yJeI}I
zoEg}Z|7Q7Zs}~f(&F`#f$jF@h`B7SJz&1M<#~=TekDiB}=RQ{q4-%Uk<+H>1iqztS
zM5><9KnfFwqf?%&L7vl{URy&^Y11*B$3&&qAW_rC>S*VCIgEK*I2;_b+}#~wW5a(W
zU?d>0y09QR|5GY5;U?d<RTn9vpOU<slLQYv5@$T}(@UxDYj_>(<BkRc+@H+qI1w!x
z0?Kc5qdGeHIj2b7N`Xs8WYRo?-}*+6U$8w;!~!&!)}XFU{^t)A@vl@qttFYdLW+xn
z1M)kN`u=J-3RO9q<>K^M-*j_l2bHKkg|$B)Z4YajAGs`3AbFH>^&^I7s?}(h7`)m%
zxjEfQ;)&lra*n+x`0+Y5$N2QD#IU!x1pAw3xuf9-w?DRjh%8nTQvgMzoWDn_uLQjv
zx*t@z_3LEDYySFXO*|e|*jvYR8m73X%3+T5LfY+L)0nr0V6Z(*j)0OM@bR*~F9I_i
zGzz+Nxz<U3ZG+|z$)-|S3W6=kG5y=8@`Qrbpf7GK)~nmwTU<ZOUPm=U)$0coo<QC~
z*!43)w^`d)X`o#RBRU3Lo~0YV^CyZpRcr+~X`A2lRj_ID^H+_g>?mxKpwAPeYmeq!
zDC1kS{-JH$D~0ul@a=k6Hc`Kl;XV$-mE3_@6tn+RRYt+&4;ekfH?FfLzKFW!kr>Q2
zmF4+*(F)zwwqE;!oJkvAzj;KJ^HqVsh!Vm<N#%W26~caLi;>ZNnrAt^4Jp4^t`vu0
zZ51j`<@z0Mr*vJ%#buveNbKq9;*SrtJo!;QJuQ`<o(?rW5E*I!?M>k?Eu{uqee;Pd
zjCb#XPzy1GXRj(xJ)yz|Nlhhp(E>}D^=(mijOLI#7@MU<7>Y#2gLpEEgnGDGw`MbM
zP-JZXQ7|&Vv{_-Xuo$^-R!~vle3KeUPdrgs>9Rb#ZK*}&`0f$SuLlYWjDABJs+JN=
z;Ytx=@%%3-AL*Bxe?6p`%=1U3zb?Bv0v@QBe$7~m<5fOlgBI(OPkx2>)m3;uRi!P=
zU&gp>UsdB^Z+jC+0N0G&_-hgqC!zFxrhX|&sOT=$`lb?(3)xRgdKxs;<P;k8bn6pi
zmreh!3$H(VeNIC5JA;Vf7h7fSEE3d0b0cKUomVaGr}=5S3|0o|->f_r;Zyl|T`a;x
zvX+$Wx?EHd7u%PS`^D?+JChg99tqj*bWFHX_sE;YwoDcYcJR*`$bX?e75Mi1-A2*K
zCG;HIM21$oHhN4Pg<C2fMe=t3b1bbxAg6G+v(#2*PoaRu%*bf?>+^>zm&o>wKriB~
z+m5IqMB?r(y$hT_8(bR1d`V&G$#2j<-3PHIqs>{1nYO)16`)FO@9ex{fkN~LZQlBv
zLQHh3yTv9ugqn2$qtjaKnZ26)fPi1DD@l~!_BKZ6m#NE%r?<KYTIW}LXSaMGHdX73
z;>W9hyEFF9>@hNLcDAs=XuKeQM@Gsok47Q0y!TU&@mI0#3sx3^-4|jtl^N;ermp$0
zm8p1S8>~^?$zaiN+VyO^q!TSWb$6!l3+5=dnsZ=gs#Pj~K9-8ujfRk3znnk?;b_*1
zSii__u{zi1UQQME2lh0W*ZH~cU((a>yzevp?ZF-2eoBe!7P+G-JUYmg4fEw6Vv7lz
zIv(!kq;Z;#V>kC(pXB~V=wd1LJLd8s`)@^v?@M~BY&wcTKB_J&`9eCzY?M-O^f#bW
z_<Q^N2Y7#2*gKOi(Wut2t}8oIRz>Bj&&@qxVSa;9Qc_g@0SbX?a{Vno;?9si|9>O@
z$vN_4{u}wDjQ>V{ju6Q6!)T%(KWZb{kyPtj+7F*FDmNn*<2^ijY$LA{47-F7NClLn
z<)w23r1(jDr(dIQmI8I^*NUv_QGB-M;-@EjgoG!~8@FB$=WQzGGLPhCJM1j(z@)7D
z<K5tD6g!kN>l{_z9c(M;=rH=Nh$yX4?n>4Z&y(@LBXW@~?RsEIcUrr*@$LS&n9fTA
z!a>2w@MjUb&$-74_UPLgocRIwvGy5}V`F3SOl;0xGz}-md(|N!?~`b%H2GL`AoDX0
zQ(!#tZX^h~1Z;*k?vu=2dzH}l$>k{Hgs7r`%}P^q)YGQX)P*;oAV#?lkww)r^hsdy
zbKCecy?VZdlI8156X6w2)-g^7Ml;$g*6oOEbi7mRqQ9C4K95aS?Z^81KJsxHi?C~Z
zqG6PvTrQYCAh?iVdbHOS@A%-2N)*|>`qhOG@A^n<51g&jf9EdqwvDEtSvwB>-X}R;
z1T(><-@U%KXP_4Ed_rOZbg$v=+;1D<vWyr7ZVNK{ryM1>#ENZg>vOWR{{VR%sI6Xj
zH}rLNxs3+1KwjAK76&j7+Sf*l>1IWX?du!G{M#LeGNg^A_$_I0tcq<Wwce{}oxJ%e
zxabq^ez9@TT(bV6H6ID(s9a@g8^Or2^WiTR=S?QyF65=9`m$p2O87Z=H6;@zT#m<+
zjYR9Nc#m$r6zNAe%>RqYl17?TH}vID3?9pPrP+ga^Q6$&<LszVWM6dW6$DKK%^LYu
zMiX<<G^x6!iR0H-iFhU{PF}me)#?tnF+4Z;rg3hB`y!`M%+k*0*RIF9a%z5h_mIk&
z%!5sKFM;|3`v?2&#ehqx*1Y4kRQZ#PF$xVc74xoP=2mjfBoFHshcZW~@EQ8(c1#=Z
zzod8Z_MVlPdd0z~$%!dg4kqD+f0OI!3&%?j9qSpR8J>F2GPo^T&Y*ArA{(YdQ8}*`
z`MHn;m$d3YuO=&tmu7udYtJp#bT_|bw6xu7?_#Ob)`L$s%(mmqR?9#CFy6S+*D}A_
z#rk8!bkeM5A*rvQ=+zVffKt7~+C+9#&|Xj>#bcHmqIbsvaY~~*bGaq6RQhqI5yWQG
zjT7%<xD91jlZ0Jh$<_wa9qCe+{y)CXDk{poi^H@uBHbY&41!2EqJ(q^Lk}S>-7vIt
zE8X2Nba#n#H`3kR@V%b3zKe5nxMIOtEEwkf{bTR_Ja~+M(zx~y_h%eo5TfC<N0+(E
z^mrCm&-LD_d7z4IEUJHyTj*?VF<Y>+rEwfqqxHQjS*MmgJ*_D%&B-4a<PK&NR)U_F
z$ehvk5fPGSojjDuR#v-@+x`0fJ0k<hIu1(z3QegMprTe+SMocZeYLVZJ+@wcBKlB?
zfzI;wEdcH_@0rhd0JK#rW}ARf%|^s%1tffg1$Jo-anL>+cJFU$-*ki@*pn|S!gxH=
ziRqydkXXA#ztD@Awp@35k@8k`1@yu0({R77^R(0L?nz8~q{rj=Da?zH{hIOF4Cm^i
zetX>cI8NLGar}_O;^5qqQ=w3oQq?@wWBGJ261zcUHgAgMOqwgDwZ-r_F}ZbD$3E|H
ze;K8<wN!`Zj+U__?WRciEZn>2;i~s!3P2%wTPK2v@+VL-;6{K>AAsrlyPTf_;sNx<
zimvyBJVeGtsaD6pXishEJ5N<rRSD|Z9d<?mdYc!3m;-vgk^$H{(JL|mCzcJMb;$_0
zcTmJ!2MLm9hWTu%^QmK!a2Gtcw`Q)vsefboTk=qYN6AR8`BQ6|T%LgU2I8{<DzMo>
z{a8Y`qV{E+iGsq?L3)a(n6S=b8T)L1KYl~~u$=h)mo@J<aD<!WrU^l+k(`9wWUtqJ
z;mZ_t5f*9T2>5xz%)hX&DS8K%=}LaHB3PjnmhxXN_!<{;0m8T2s9;7|lJ5Epnkx&v
zPNV5U3H*hUneC}a#>US1o(8y%jU$F+zVTO@n5Ia6fkQEAt+%YVYP-msPgnfOfPNL)
z+Z5QOPMc!@{X(-TxxyxDn{?2l@q_O~@Ne>0{CDy{|C9VE|4#lis{bdy6cHR;jUpkU
zT#EvfAhw-I+@#s%^i}f9dqC>eO3fw6@4M>kkH7B6aucE-C*VT+64lG&Y(Mzj7^#*Q
zN8PO4i}Bh!V~txQEec`F%@_UAP-CrIW39Wd*1`!^ts?s8X&DnHtPg;29QeCBZ=}Q4
zLF{H<6<N})qC%iO<{2-O*C?0Zz#;jD`mY0+Mez|OakJI)3vZZ{yTKZr-{BF5u_*2&
z<%S-C{*p*iRc=pck4bta)bX@x#PjZMpOM4liRfnUXlb5=BjcUgRO-B@e@Ls#B!g9_
zd)7s<uZqdFUZ^e!L;S!<=I(-XfAH|%Rpn3OJ1kXo18SMpkO;zTaC&j^KA`-xJUHxO
zVp0Ga)ZhAU#K)9q*7SexSDTmxaDNzrSHO-L0007>M*f2uLpP#0L5O&d{~y~#Ws}0^
zX=nK*+;#rvo;L<9p^G=rUyMkt2usPOssj13k&l{2xS{FzteWpDJ1c*6c|1}b>|W|E
zd%tM9TXf#DwGOn(t!dq_<Cs2`=FXqA`rKxn=($XLC``wqd~79O#vTddCIF~6v<53I
zGpkjr!+fXWN}+Am<}H0k9s(9dF5gfSVV}m46egfG05KStci3_a-MvMRm<M{lfe<Uo
z&;RxJSpq7rU3<VygO`%ux8A1sNJ(HoRc{Jt5C+!!R$!NpMaG?woD7Se1$YlMUH~|+
zx3?F#ELtBc@CbBz5z%mHQ`^h&s=fE!>#jrjIMavzv7R_qP4Qup``sPKWHs1AGq9xH
zoqlL9Jx!0q3K9&9b+D_lx2q|Rgnaf@;xBb<j%Yl*b}WN^3Qz!U<`E<Q{tVmnw;L;~
zA+BWt;d>f8#b$UoFWeF9zS&prj8-5nEnfcdaO3A)K>gA6F6M{4M*Nv79py&fx|OMr
zQ&U~|{kJe`K5{GxzQ$R;gDQU{&&ozAHJYT~3fO)W%UkvSRs;@sEq535tKSA-utX%V
z%PQ>`*<%r!p}-Oxlhy6^pTDs1zEHe`9^Wv(=j*+<Yj(6Psd>Y^H6lW`f?m`1>`4KV
zW_hUv`CKj^dKq)kvH|8)9I`fvfQ(62WP~lRzWx>QA}235Hb%Q&B$-W?-#sCIoiL?|
z@!i62k%1$rts}#^VIRJ<OxIsGt`&tQq39T8+N=@5;TWibuI&o~EZkrG!Fs^mbBLHa
zK3iwMdBR%6i?^N2JBqL4dJWXNZ(<z~h?!|2Jr{@WV|_dN(*4V9x+%%;;8*sBi69wJ
z$J<agxH8XVk+vgPThaJ<+DJN%KiSRRA03pXvKEhnLGJvR!sFnpTrvo(H6*V}T0H7%
z@Q(Y^++|clvd;&}mgs1J?(=pG-LZTM+Wb$`!6&0k0M9sklR?dQOX2$vOua25qk}`P
zUg@w45L34*x$8IO0L5*GFY?LaDbTXXyam$E+levx6Oeg4Sgo5_TVVfuP`aE_C%M&f
z3Ay05;d|A3q_9APvu(b_Gu<enATL5}A*7Mv=&&!QE5_^I`l=g=FbS(<_M44!AnUs+
zp+Ku^iblVq!yRq?IU3Jz#r3KX`Z+d?S(Ednib>T@^wIu;GwavZZ?RfyFE*ycpW?SD
zSQ0jWJl^)M)5d3dG1Nh0CvRa3#Ry_88)E8qP<rRr8C^L3P-WQ>uuC(%a+X%A4-CN7
z{guT69HxNME{~Aa1p}v35Sp}j@NYx^AB9^-f64%SVGA&h;_Axx@(ZwSb9B7?82kZ&
zkOuGXCHCN>H;6Jku2dJ{JBRxd=7T8B>?m#kP1fB_Z1PANWlLjrVhq&3hNjWwO?!5>
z)eF1{f{sqZ)zc2L(rGI6i|zn~+;iY}sBo(Mbc;@mNuI!G&CkCoof2R#s!r8r*TW~u
zL7@Y$vTC%c2X8t9_>^yAhD*)civnh2_B)nlCCGZW_Pib$K|lW{|F8c{enhx`k{|is
z$)7#(|KvXqfrFcV#}M@N?&Wi+2n$_}{(j>ehOt=ZpE*qh2+_vMH<@<kl6ST1AAHw;
zsD2w&1-5H1Z~8Y^DEY46tcJj8ZrBi((w6TlrLcO~#!&}9#Rs5;spr~2qs-&nf1avF
z%$|<%HKl{d%hHxS`30Wms-B}9cgIT~swu9e>%IUh1W`?5H~1ld?+_E}--3W~4f*as
zQ_@m)-zo1eapp2M#$H%x#@E1yjJz#Vrp?@BdpJEr1{{F;t##To)ZA(|&U!k1n>k!}
zNl0vMPoX~4@827&6NU!eyhG3qj$H$(>T>ow#Wlsia+FvwD^6BRP?EAfu{dI4D-VYg
z>EDjus3JnpP7M7o_m=Ma`=SYIYrWx(R#)M`*9>xZ^lUJGf%~f%rV-;2&*&&P2mv2|
zt8Ozfx*>@B;WO1|dR3z9blueyuII<G;B$cx=HZOp>}?k0o<C7HRPNjGQ=g`<PN_30
zG0H-M44g~7k(;~?h{!^8W<rcCgQSmJz-Hq}uZk{cTfV<?d+`A^N>N;?oF=H?*6O`}
z!Uf#X{n2&maoTetaQ;jEI_vlY@-)IR63%>zgg}veQGDSgK2ZL~qs;-7y5k{As5Dc*
zT^tl-69k*&;w)KOZ1(eeZiN2r4=tvn=lM2Uj?Kwbco~D@1hC2x{LMs70MKvpODs}c
ze0(HHKqJ~-M?(bN#K3ZE*tuR#zf(cGd_>>7r=P?zicSY4d-I2nyDmW+PC3U%Yn`qI
z{YC|KAq7Y41v9@)Crg9&1cF2EWI7SoJ1HQy4E0N;s%bMBEMki35{d)?D<N5lm)Cj7
zGN<6fEeqieNM7x3QEQj&NF|=IDq}NqL}M&V{T7Yq3y(e&=XP56^bdPhQzr6zcBR8@
zSlvNbjz=zgnPCwZ`VY6VR0DcL;Kgd&GLb$8;Xb+bK5&YB{`eQvw+7LYYlW(!SS8hm
z<lkDL&Du+;OG1l)X9QqU6}`c7=u>ELtM~h;hmc^bS2%QnL^WZaWe9mBp`M<<EM}BT
z<CJqrN@_(PQmU7DV~HCumaN2?cz7TKdMAt-6m~>|@+d)xNFH&4WddSXGt40Q`n*V`
zO@z<d*IxaAV2L~yjqiZ1fU4}loVOLrwzPzgFXJ9>OL&``L4Nb{%?sflhhlt-0^s!(
z5DPk&F@SZYxh+Dl-x`QNe|*F#Dr(2s2F&W*5<uJguWsJDnnDk<#pJ`rU#~~~J_jpJ
zL;ZaoLGn<7bX@Rd<$G!bk1Ol&7L&oD5-LfF@40l0n_o?c;_=%G3eAwf6VuaEmqppx
zEe(YYwY9a?)tor-KjY#^DGBo|O&iRfKjymQ{8H<D6ln*)wuvSFgaPJcB?P?&nU*MZ
zj)iozp`&KqfhTnaOEiouX4GJi<>;7;^KAt|(xpn1kz$=DP3NNnfOc;0!b|*3THe!f
zrM=GZSNqolSdu2HtZD#T`EdQWB&WOOyuDt#MhuWku;Y*`(&Yddy6IEYw7$|E_bJbX
z0S;WlCo;Pc@YtBrOGsf+(T{Tp#W(Ei6@WYjK)@RS3VHO9ko=MK7yR~54-FVZwFAFP
zbzA-#r1d}mTNW^nZw7HY?tM8y2U>qu%4l8%^ODQ!9OLpp2{KtE8wH{r?A3X0q|DEy
z2;bBFN^QwE`O220tY@5PzX@1j(2f=4Z|r=w*Gce|(?_zTh?KS#RjIJB9a*^-mTbJZ
zKNu2zplF|xMS=vs;@p}nDA|+e8A2Nsvc24jYdehK-GnLOq<j1}YH_>aME?0%V3H1Y
zf50WRl$-d*1C+z9+`1sMq4ijn$@-^01F@CHid?yzceBp^+W{5a#_SUol%R71SM0k#
z!SOcP(JJ1am0lqp0Ul7am>V4(l`zXdbn3|P@yAYp%L`9TswdDHWA3J@H-AF`sbKp}
zIhc~2!2jjoAMV@0e<wfuKgo~u@8mBG{D1P(B*VdR*nH6D{MHpyA`z|{2JJCp@TiVP
z)UG%yOprinKxCdzJPEy5K4dX>B79Z-VA{-Ll>$P7un#{(p2Ujy!{npx>RP<+tJ|I}
z)YUajP0@2QGB&)u=`b0_mY*A7)=*V~istUNCVj8GpDB-cO-iQ(me7|UyTGX3Au^F9
z#KbqJ>n293vB||%5xYOJOgwnf%lRDU4&sth6I1i!AyS_v&o?Fq2M0@XV!}*tZ55yh
zSc6Nf%T=?E%GN{r>vG#rwe*Nf>_~lO2M12*CfTaTO?M^<Z6|Qu&0#zY=h4=eFO^hz
zUd`veIrwAK>+IwtD%^rK>-(DkV5Y!F!s%|G8-|xc+cz@OrVULjT7Av!)9KaQnbk|h
zcNV)mm^c-aQrx@Lr1kR$947SsY*WYe_C6#elMT|&>Rqgfj0^`}CLrhl-utL;ktAZ*
zL&<IHEGuCTWE-)t!vJ^G<6bqFb=^GPtv|j_*#j+Sdn&8hXsX0XZMlx>Z@&|TbD^9{
zQVWIKZKuHu46>r3$n!uiHn7>)9!YOA*z7k64(_?UbY;`sn3*P=ngOiHn$<QmqHLln
zGQdO?a6khTO<TY)q5YOD;OW_MXa@sr<U>P4+Gnu}<&w!oyq_((cX7pvvgjT~7O-Up
z)SH@F*&EV7?NJcFsjL~%VOVq*^LF@Yz4L01Of1LZ%`-@OF@`eS#auD3xmm;FLltSN
zEB$;HUw#)<JpRyaWZ&HgCr#ID%%M(qQvY7CFfjAy_5M>U#Q6-nCV0HxJ~E+CIB4<A
zdFO#bB6iHZjp6b3acRo>t(f?SHR3R)0c#(~7UYrVmicDpl)%29G>@o>F%ApsawXje
z=u8JD!5DLWuxF9|R$eBw)4#SY3F-l;s-SKIH5Po~e&53S)0zYkx;`$ATP4c^-Z-Ql
z>1^8K_SJk;K7R0PRy-cn()wVy_eMqPbOP+5nD5gigwU<t?C5t<_jd(+9i<J0k1L>P
z^8!JlRrkEYF05n}@)=WX2uMjodJKR8>$|(wR<GyWrh65W?fbYm=iFO`CXBBW2X%8z
z3wFQ2@6_~7B}{M8<sGa|OCm!<F))EQ#8qkWJziVB?io*W<lYAJ-q+NLk!FinvooZ9
z(v)?wxOJ-NLxLZc`#%ehqMYX5Y}Omk;|{SPA1;2})7WRryAc;LG0?SD?MZzl5%#Mj
zMjO6$><bp<t>nG$+viVDvBhdAG-s7tgX#8b54L2^Aaet_8E8*$XJerq#pt~JZK`}L
zc7lr+2GO}(W%7zT4W8{UnQZ5>0w}>?JGd_>v##6*P`)dwm&?gx!*Zv{sg@@eF(-+s
zAX$aCTPq(>%e>paB0+F>zgwHx41sOimmcC#wK3~+a+0WTifBQL9a3hmvA<1Nyp95s
zshfXzCaO`M6q9Aa=91+_`AX@W_*QWYOcEX%n%nzgYKo>FA%~8RjuSAI0Xa@D6OYiZ
z$;8S^!-Q7-ZSH;h7eJEjTW$_81HDUtX)b=(v#$W|HRu^0Qd3>Ma_W)?C1`I4M_e`1
zWvkL5e*Pg$hxTJG2{ylPUK^xGfL${^<wf;WvU7i1#mvlLpWO{Y#{DrbJAU{(M+@Q0
z5`k$m>)J+7!yC2c_3(ZR`=EJyG|~yQBHAt+u3}Z^5Ba$_S~!U~G-uQN@!U*&hg?!W
zc!pwlx{gNW5*T128fr#sy$g7`Wh1j?jkgjjjTnE{(6I?{&tG6LKJCmrt2Ja0ybW_|
z8%Tup?m`}qBXKHyL3Tkl#1+~P<b$Pya0S4;Zbe-kk>(<aLpv)mQs4^R`4}xBLhb`!
z9GsD_!s!=vQdOa=)1DU%TOd}&z4#M?eO~Hp%bwnWtZ=l-bykKj{C3XuR03`G%NkQ>
zzs!352b;wxGg85Y92U%~-^3A6fAMe)2dL`B7oWd-{?-3ZeuRILAMxMG4-@!*@~@8r
znCsT3w_~ZVA)6*{KSSaf7i>nrrt^1MuY=WnFrl$OQneKoUy=|Q9h*L{iDQxCy~HPX
zIJ1^PmOEg2Tm;4W^XsbWR>;{ll+NYqxDx2>`lqh$mR@CEGDpgcByTY7ZIDk5^W_BS
zc+n)HLD;LxeMx>)W<)PUTKT|oUNho!aU$R8ZA8pl_BLi?LVMmzqn;BW8bq)5PfsMp
zM>;PVGkw|(5aq5A3wX22R>mdmVQj<OkUG}pCMZ+wGL&RYLIMYd0cyKHRrw~%t$?+g
z=j`lJG6ECmM(!f8y?1&?(gA+!&>533x2<~*X3APT6u0L}3sNXSa~N)VfhA0N)DC=e
zh8sNbEMAIVQ|*$oOUg+3!Y-Vhm;fT=MTxT%3^Y}&EMrm^1BG}1Rg2&Rc*g$DJ;F=F
z=iU7rk5irpgnQK6=D=*F9s_lS*+kys)BQ1^n|cYsMg4wv=f-;5|7(SL_tfe~4Y~Nj
zXV!aR)1$$qdO-!PZJlHH#%)OJ16>OX>u+9YhTB4xwcEZ_BgW^w^UtIhQb}JEcb0*j
z?bw#rCRM7$WTMPuqMTythfPrU+~!PoIipEnI>cxC&-T~S#z)<D%2dEN!W6~*2aWJg
z?(eoO=Jam=V9@aJtc#?}A=YUZ_azOjpSYL^3fBt^H7ET~LKLv7P=f~%NW~>A3W~ge
zyYrx^rJ;K6<6qMdn#}QX$6MzeDt0){NXUKv-ZygQ*&lbgUwg)e4Xm}WtR>~t7Ljfw
zhQNcb%GA#ZifJ)RX#EDmSs?PFJ+air7!i_zQ4=eH>j9`EA*%jPq@xDj70<+wO?OI$
zRd8EJ)4R>$c}?iYk23D=Y|%HYY+ONK$~PJ|xtl6Z2m)BgD1L)Q38pqj@LsK@i|}y1
zAMDwbkoYA2>yu84wUZ)O>>!xXU-M|w$&;;9WnscztCD${o}l$Iv}3`4a><#6&pOQS
z*1W6!*8DJlYX$VXZ}?>%(`zlnca=`-n%GePzD}`m{1>fR)YC_ZP3=mS99WG(G;a-%
z-?e6FWrXI$&{0t>AMjNHDctFeL~$8>GGA+w+-{BFtAaG5&4<;y<hR8A+bV_AEGr{w
zrDOdC0^Ym9M^KKvxYE1B`r`SwzY=L#Rq|}`6Sj(+$UL#5hYvp&pqCE;GZ<f78qPzv
zqy;PBwTP&+4fek`VNoG8_1vV)Z}qPQkgGk#YK*&1<fw=~Dd}df0X_8Fqp1Zj*vP;D
zh=m2S4_%Ldx&W9WE7fjL78CosLAD530MPp#W%czp02Bb;^sRRNUn`k+C0r~T`i}vw
zf&PAO9-f)0Dfrg$QLxbnI6-O|8fs4mQ=zL{r>irhyVwLXzo>HRU#Xb;NH;zLOGg3v
zDt8MWN3~DOS__Jq>z)m*MS>?6=i^GPquS*5syaM>w6OekK>Ym;@3&R)0HFB3W$s=v
z__28W*3AG3OF!$51rB_9{mGzK-t#@ir30&Z_V>Z8QX)ERGnwU2143a-@E1YNI<O7K
z>L-Tf@d;>X#QCsLC#cbDVoS)``p*siph&{Vvxna43}$rPD3|;+Pr?a-pFbDnr(2Oh
zFn+xOveYC3HvZFULdmdx=j_T}y3d;{o1U>gv6T0O+k5dH1c(}At{UG~LyS^ESMaS6
z+Bi0GdB4bC)N28)4khBprZlU}DJZ?bIoa3u_V`ba$Me(euSlP?v>abwWWDl=(~cR~
zp@`R$w{XGSiE6|>jq+4~87ZSgD?o#*si^q1E&!(uA8U*hWfN*R<S7IZ&zFdejWagc
z&R~C%=#?NLAqoEdnTd&shf<T$B?0MXuSm7S;~W}jBgR_`YB^C=vjy9YX*o#ex9a$W
zOc39Os6uV#FU){9D#r$ztXu|;L>`91$2>jc@L(9+6da*u_1DZKALdsT8G-s#dqsbf
zfAhbSAMu~$NBDR0S0DdB`JF!i9<R*bzY%`Y&qx!`kx_pLEu>-a`qsvA$3EKZZx6tj
z^wvzjZ-8tj$A=bq`X!C?IcHmnZQZjkP&WE*Ew*<oi*X~+zjlEQ3EyiK<`s?$-v<y}
zt+i>SxsuKjRj?&7M}s5W6VFN}amnRM(Xtg7vo|301pbNi>ByB{Wt~i`A!)E5KYwNj
zjCFT^5)~DdmBpl<0B)Nz8|Rc`0$=a|oGX$sZmUI96nG2x3*Wf!h=M2unB^qY)c`(%
zlbd^ba?+*?Jgi&$_{8&hhb(7BE5}sl!O{PqDqnz<Y`LbTBm(NI#7DVzq#Tu^p7!!C
zX;hu;nsZ>y4*X#-d3ZVkCmr4IW4ZfAqvJ@_!*Dbu6?FsX>psO5ri0-K_=D#5dal>&
zy+H<ZWsU_5`RCQTD8?OyFB{U6J=u&o^8DW#SLi*2q^{Hw4i0Ukl4B9J4oA0A^WW(Y
zcc5`xpN%Yf$)0|(j9P40dFp6J`)KXj%5cU*M^#nR*cAaYcuI#+mxxsj*qKO6z7Aa}
z*ME2Byq3`Azc{P*EJWkMY)l%i-=niPNz9p)K>eyLfmB2L*Jb_s8?TW1igHtd4cc7O
zyLuYH&Z3hyt^QaXNp;>KSrO7tNs@?_p`sCtfh7(<O-g<M%;?b2Kl?74-kRrFAx_`I
z7224YGzd{ZfL<5@KEAq|7BlN(OUpxesA@_GgArTEdrB>6R2odLA7P>S)tPxU&@wa4
zJ>ARDyGydWf&fe@@la||xFonpQ(ebfO;Z%x1)>_bXu8X5faNtzl$Ch+8@d*o#5Qf`
zV4I+JkrfdlhH0w2Ja1l3Vj8xN_5j!`z8t;Z2Qd}bl|9|J`w13uslu^=fszxS5Vt^2
z!5h5T87y#8@TX4<*a5Uzw9U|F;Akc*!_yAUHO@hgj!YVRUEZX>??wj^%Hq}h5Oec-
zHWdI}W$Q;`kR~?iv7X;hb3BK%8gwO0E{b^*C?DuW+eXL_^Ig*p2!`kyPw~w7@e$l~
zF3x{_XAqy;&3h|S_-pPOdUoj(<;N8s+t(IUqE^}bK8!_q1kv>uZ&(~mSw#hShb}Hc
z0m~#@89*RlU}8e+L${d(J_U5RfTX9@upXe0_y8-VC`J~GsDVrz3w#hgGc!8s-+7Qx
zd)*ao!+tPo|Cz_P(ht&{)bu1?5@a#tKiNj7_cBXL{c2RN_^J17WIHc>`c<@&O`R7W
z4i3&tsjPdD)m!{>&1}=}?gZT3q$_4G@ItyJiKL?Eb27*tb>msSUCy1yK0m5N|3C=G
z`4psSFxutk3U~sfvc|bHY{m=TW1;!o_q($;4d_CPY`P9RUfY8)JS@l-UVAmM&gXRq
z7+!xj6JS8?m%XvvR|Pl=T+)c9PcT<OKUG0L<YJjuPnG3r*_$9QW9a6{kql#8(yPHw
zwokGW2}}vLbe`Iz0krBD-1rD7vkH1lghArY^assM#(aC6`8MUHvy5fWCPARMLZKe=
zVubY-FXn89Vh9#k))G{U22SZY5%5pF><+7(H8Qc~u0$}6MDaN`t%nlkk_uu73|I?7
zFVDAmzVdei#0h$OB^bmIkOe8JCoBV(d5a}IE0FLL)ueULS5ErwnQwo<0KS)_!-Y-#
zkFv7J)YM~|Zf0qTpYMsjlk`PQwPm?_zT7p4RgD1*IsmAhgoG?HAqn{B;S&-7U(snc
zv^@a~oW;dz{^r;{S35*Xh21H8JoWuEX8sf%XyMbIs?v8FeGkQBX9TpLh*2+p^?|cB
zSS6=cXm~9eZr&%rGI*vqRRgg=a(H%DRX2OF)fHmq=4zwwAg+O~VxKk$w&0!eAK3j_
zg;5U;)*cfhPR`FK62T>FejnO`U`atpQf$e4vJ(muOl5;aX`+npsK{%En+IK{y~O{x
zHg2q8hQ&)WP3rx08e)F@oBX@~o%~4uBtQJWlfN<h|H)4@4e<Fb`{h_EiF3A#FD^KD
z<g2Tzfszgb5*To4BYv#`=n?=N3_*7u=yvv5tp%LJ<xK#_4o(w@6J$&jDNL~v02u`o
zf5dflTY-<PEQFKTJRef`R=1<FkIa`I=jsCBQz-ynzFbGMV}RZ)XK>WlEja6JQ#=R>
zA##8{m%_G5z8WSM)xKSRQfA`bT)M{r9;8E;^StIP+RLj_1Ah<14u%|A`v}lheE~Ca
zNs8w4^_Q%GcS?TbR3&#7(h;0R4n#$2l;X{dVKZ8B87;?&TNNyiOIQrbhur)8hy(^7
ztK+1|S8!t_9&1T@+N`po79W#&+8hMQgC5o`_($}Pjz1pGyz+?9<R`T~fxQ_4MfZ+9
zf$zZ`DKA0aub4XZr-6wE5zRZ&Ie#$RS4(vz@1N1IwSfJ%-AeZdnfvLHXyembdYjs|
zTOfuEVc{UsI?Ep5R7gIPEtGoXEQgsp%Qmw^&~A{zZ6%eSfqV~6U_YG-#NoAx1k3_r
z%VQaG38IuD?oL-gk8npO4wakLqTX-tZ>M{yV0%sbl8lj%%*<m`hm7#>kJ8e4g@s1$
z_gcgiA+J0>o1Kd}0H;Uu4@%fjf>%UeR35W{ekNvq(slyT62L(M0L=ku7CIO!(lqB7
z9HOGw@rV8Qd05A<ZO4r-Ex%#A!$mF>#F0D~MJ=Y<PSQet9FXWav@W?=6m#gi7$fLA
z(?#ee(Ivj!PrcS823b!PhY~hfl_&PrNxo_>DZj$P<H<T~>5L>9A2j0r=Q}j1RxwTG
zzG!M=d%gNQ$;V;|1bAgJS8v-8T4gg;+|kU&yvFMOpmJK15$)1;F|v1fVWNRWCq}Fq
z%npoCft$(JDUf)yXPOJzR|Xge-`<xYxb|w<LgL`nBqaD9I5gGO0S6yk>))<sK+Oy+
zT<{;@BM?LZ_+lnddj{(80PO}T2zgXSP0a}?WWe<Tmk-pfuU@@EIES=CH8eFtx>je;
zV@<sG7Z%%Rwn!VK!Th9TztO-VUf5VzkJQoThH2eJ2mMv831*(`%b)o^e`H@ekq)>j
zG??fzI^vP3;%HpHY<9aW0&wG{RaKR(G)og4TBoSHi685WS?@KE<edW2iixIEh-gh^
zEjhG5eMz4xp&hp|ex-yv<reb7OC#gqth#Z5gEYp3`%S2~{1%@+N5igUZP|li2vUdw
zdQa2UHPiTeGKI#SBZ|GHo6Fk^n61Hbk<-JCfkA%5^6!O+*AV#dP*|_lv$?hl_tOnE
zS-0;ah=2=A#X<n|!i3C(M*xg-&nS#d`E{<|Rg2f1c&^D*Yqk)O=hQ<}<MJL7I|=Z%
z(anx}s>JhLJ~5`nbv)TtNZ0tvu$TLS+LYYX7GDxc28O5<5tvjOh|6XBf(WCy`Po7#
zARPvzJl)jF<-Ji}vA{u$p1uUQ-e_I!pq{+FJ(pBaI0tYf-@mJ$P1zR<<@6=W?Z&P6
z0Up1CHm{fA*iuqbw<np)J)56xY`T+q(y6<drB3MSN3cdoL69E3gfmq;H3NDheSd&-
zlc1GAMoI#}00H|@Z7rt^)r{(B{~!C;;!3c!KkJRZ5{hmRm?8S`kRC4LTQ1#-qPVu$
zJB(X%Ec&*k(P?ivPl0am2g6O!vJ};O0l74!^VmrSCUnT{*f~MM$MjSAn(~agEA(@3
zyWHl)TQE&q1Z)Rd>W=+KQf_^O&)5z>0fnK9u~X*qc4Lo>fvFv#Y1Bp9H9=#KZ-YiE
zx+iV)`+V>GuUYpnyxweYXmNo78}+E`k5YIfs>*?S6ekZmtSp)4Gu<3}b;0P$vkdpV
zIEt%AkKVTq)z`qleCW{kBM87h0w^v3NDB1kO$xy707h3DfdU4ARRRoWj({=R$Y}FE
z28Cbm8bCm*DJwU+oUQ>qjPhxMX!7vtf0O^^-hY`{5Rv~$ez<=pKX3!M_q|B*CEPtG
z6b=qK2*aC%Hy41xJbe2-Gz6Rmu_G8_XGVmC?3KabYsMZ-Dsu7%^!d8urJJ*dg!ZhQ
z6RC;)Q*2VS;XC~Ro|fY`8^2Iga|35$Vw?B&_5hTWg@uKsC4Fu6BrfWTcnVJ`Y_iFE
z+qfqHmUbhsaJ;Bo{(K$aE@s(_p~<=ZQdK<o+N4^0)uN?cvi@H3taaHBd@5<37*no7
zZF3*v;l+x7XUS^bNsABT1uE;pOt)|EDJhmUjsz@DxRym94mu{oMedHEG}?gaJj*0w
zzby^+)N~6rZF~SpJe!{(oMH^GDvV1nPDuM4D1*F9RG0^UGKanDcU+g|$_l0YzP*e+
z9P22Rz-x^>UTaYBwTJ(`6rOypZJBR$9w8Aam2E{KSBM^P(97zLo+DA~t3E$PMk4ua
zHdsrbLTKQp8YY=IY{I`iBltxM<mGmk)s2<8jfI$vi>A5yT9&Km4y^xX5*uF{m214b
zi-Hp0oEzOp6!L8T9cD1({EYgl40Q7F^!N){Slc`)I`t5K{!kY2AT>2NpBNisV}tp>
zET;Yw7(=}UW949dW)4V$ok`mOZn^KqzJ-ZQE1+_ESS;{_%mxuH7h|=X)hSnIdG-i}
z($<a6<F+z;QKU^7?`Yc2?e#n*n}swsu-q_5?cZfhPNiE5HKRQ>Q3%@xl?iuQPH8#V
z^rXP*MN97I`&UY)_SHI|jtc9n#AEL%Ts;*hzNGR8-s1UB)~WHR`ISo!NfGq7q3i20
z_TuJI5>*;A;T4C(!Qi-3Yh*+W37w}{Z{zIeJ+4`}(zPjMeUzkv#XmJz%3iL2*SwB#
z8*ym1P{T;TOrIV79{BYK^i{*Fq0j)*cL_=)1I9I^fni#soaK&v^+V=Ka`UlK2$Cnt
z^?RJ<;_HKRY)yW}^8PUMX7gU6w!XTNR<sMcu^9SKN;4G(lvIPie=|g<ZU8lyR%k{w
zuub%%QWO#r0=hNa0jI9B^ECi{({1xynwpxLn?ozeYiXfSl#`Lc@DYU*QB6upA|)jS
z@N=2|t8m)DE9}FjVh0^nOeKK8C+-L}yFElDrt*nqXJ%T%l>o?+b|WZIeuO>m-;Y54
zc<sHO$v<|Pnz}D+*~e<Fs3_gH)G{H0V`kRC4PGH_NA|{ciFP-4rX*jm{#x`K_(v}O
z5|iQkI<^sVu98goFlIn4rkMQUOY&zIx=)H}^I7jx3)*I7<-esT?D&chqRMNDs5-E<
zwM$U8*1(l9oRsQtS<9SuA)DcBL#0=4zkkFcB!BqhymR0FL`P*NgkkxNO2v@=`#Jx{
zyg9!r9OnmkFtOg?oMi~EUH(_PfltKUHpLYi?+T=T1ZEm<J;r_PJ7hIiZ26Op#lW~I
zn~_x)FDwXc92ft<l$}T?j+99K5+?zCVCdD=_emuoHP-%ez`mIGD;f|K9!T!K^(CXj
zznjssNc1l{)Y}PWqCZSO#d^VMjFOv+c)z+fL3)d>lF5|bt{0kD42UxKLL*L8V}3{Q
z*zRlg_g#w9bW4B!3|wU$?cbxn1n_PgZ+7Mu>eAs22)f;Vt{LAKyx#;F?+e)DQXw%H
zGZz<>Af-P8S1R5x?IrCFumpIfc&C06E1x`acNKeCj^B>!DGh#_tD2j^FG_Vj7Ce!f
zG(#9CU+$)PI`cUBab`Ul_~m3fXU`UBkb5)ZL)rZHLbI|TGw!lLba5|w4R=;Tupmmm
z0)3>-f5xQ6MnEQ2+Dst?srSBOzCRfh-aB*q-J++|NK4yol_cgx^!l8d;xVo#R()zG
zmjQFk=h{n%Vz`AO{@T!ax3T?Vn=MI1zZ1#O{Ue=6MJCe*s&-0<8!B^|xV8S+%Nde;
zOgQj|M8}cJ{nz$nD*c*Cjl#{(f}{7Y8D*u6O|_uw&15LlS!trlyP5DEiSQ{sCC=yV
z+rP<=|KG`v@;CXHp8uWvy%_&bev_|oaGvUE8uOzWs{P0=qi>YP=szO!VewTpwxY{s
z2%vAo8zNwL93v=TgKP{_Fp>U5Tb=O|_}V)UHXO#}%5uYKcgjOR&&-1FF&D#@Tcb}=
zssXtGu=fXs6X5$1pvWueQGdyUa4H{)|A>nE|5}GvgpWZG1)6gK&z%x*g$}4&0cgCU
zVpMW6hEs)lNgS>~>lwy1yp}sy%Ufcl6kfxp4#nmYXyU!zxLTE)DURz!fjagK{Aea}
zovpmMY3w|>y27T@@BzU)yx?CEA3O+$|8N`NR;kcocTruVB`l(%R{pd%NhqYB75DCg
zBgzNWs0{wp6H`(pm7IRXaSgMsEb#^8Pxw8AOL(cy_F3&tl&y~L@u9zTHAk~(=8b4B
zSWz#9wO8CDSFbyIj)SY-)_kRC`DQll`~*Im;#GLwzCp*vMreIChMHjcvZ0SwKUk+1
zJ)Z@QXt9V<9CSEAwCGGIbSwHviG)1K`U;w6)we;Q6&3w~-^mxRnzw7}9i$?dK-r$I
zcSn)k{|%&Z29w;C2x9tZ#O$u<q#uzrtd9*o*z*@-9LK6$VJA&TXa8k=BQCM6tu$g#
zQ%>C_^j<KXY&&FMkoD+IgyGkhD|lJ!3V$SC!`ac{Q5I$RYnPDpPo8y^U%`62!1@7p
zRQ9<+^pkg4<)Kr{BB(UefjEysLLP7xXIU*$N?B<*p6n3SFENPq(z5d0>|F36K(V8h
zjemXtb1?mz3c6rXth+MX_N?E*{qUvy>f2}y7za9ppw%TlX2D0^l;f<VEd%VJ#<QIu
zU*@Ye49|72C1d6!{ItGWys{0i(A9#&Oo>m3yS2HFyzucC&Yi>!H5z(P7BD8PBa<3F
zPKK0^dUkduPn1?`8DG*8|5k^F#UX6@)IKDuO1vW(0d9e=X>7VHWUMx89W)~vuewhM
z4?mp5v7ecSzNBPz6GB;5P~VflFV5l8&;1yt(QNU}UsB8wsqAzBoD|3+e1(<sr8d9K
zCER0<LUHu()@~YT@|F^?;wdq?9oD03L&t~|9OCvh@y+i0tw9hxdUL)ey1^SIKF)W;
zB4MOTN5b%CH1&*ECvk|$FiIw_NM%@Ogbu@4RNPvXJ+>^E8!l({{`7uy^kuiEw^JY5
z27VnncPLyha4|`{x(9Tx=pkLf%q=X6i;FvWXFUq8+Q$YWupl2U#otm4!I8q3`StAq
z+`X2T7Pv#<t4ou>Y$_0oSIL`I59QA5ocft)WYa18?l`s1lUUJXj54H)j!^Zcgr8uW
ztuF`zY>Qgg^L!>s9cPa!%#r9diEpjOh+Y?<E78gRDU!1sOPu(|j9c3LS>ZJ3%;%?s
zB+jR$D02>7%*i5wd^u<3c%kKZ(!@-K5Wl77&$<SYlVx}QuI$g8TM@9Rx+~%v=C^Mx
zf%zH5U@-T0yumexn^I(C<T->_=QkO^x=9Vx<`*XTM5It}!S-?nzoDB^HRGjvu_nI_
z2;xZu6h_pV8SOTXMYw_D#!vK!5E5|=DXG_ZOYqc7ZY~~AS*}1&#!qAhKdPb*S-kl~
zVQ0P{T0M)3qy!KehOU=AIo<^877^tt<OrH?N{}b;1z+p|x@Fm9Vb$F$`iP#{#501|
z8gjRW=m}eE`!=U{e4{`e1>%lRPlMC}UUb#&s_sgG?Qm4`o)N^`^t6z13ya@JmaAbd
z@t=K>#Q3a&?~H-fpmmZlaYOn8=8Lr<<u5~Krvu<~QFeirqjZs<6-9MKdcepDOr+KA
zvbD67@oir?KI>W;%Ol1uGo5ffAZRQvfA@yBZ*p*QwD0ACFOCUq=I)Moiy^57k!(LK
zAr>;(-@5%}8~+b!;v++L0SNXWXE(Os9Rp@C?ZonHCYz3pmmOdujZdF^yJ*LyGBIwI
z0u?_j*BK>A+!UU_p=P-g%MJ=TD(Uq7oBYK8o%}EUN&csQC;vd(|C2vF6%OtjDtZLU
zIDJ<YE=K*@AUH&=P++nv%n!Y^Q(CJ@#Me3zC;i@*z(reiJ>KU-xz_wBA$TlN@sU(#
z6#MUUGd=TRJSf@^SPc+f&sHM2AYH5`ibf;rp3u}esJbk2p5mW5j`GFzRT0O66AOvF
zUb=>ubuwM$he@;F5(lR2N6a~oD&e1_tI=h3^;CT~Z;YJeRK*Iz!VJg447<3*ysW;g
z=B(!G?CR>kLeNlN8Ndzf+T7YQHZd_VGSaV@4GRkc9E89ewc}eyISM(Okg`_ns5Bqe
z9Y}-cT)Q+*7ipPZYo%iig6ZVU%nN@8cQ?0;jIYP}tzp!#C_Id`RIMaeo#vH@uTMkt
zBb>u)$*AE$L3Gso-u5pcLRYpc0Wj|p3OUYNDWFIX&p52*YM>T4Mf#wF`=Il|ckheu
z9u+>DOi+ffUjdWEWYR(odt?U9bQV{90ato~aHtJ9$|ZSQ<<G`3qVnSqhcLdpi-XGW
z;GdxTNFy~U7v=LF(AxyKsJ$y^SLB2(T78p%RTE&kyNep|vr<#9$e6V~UXk5T@M)_5
zRQr}#O2)r@aGPGc3(~fME8Bu_5G;Aw)>w}B>OC~e-02aC67ixFe@lQB^uS_{v{9Z(
zW~|f?BWyiityEr*THT#cg@zE~KmO380=h3Nw~JSKSAq((aU~;J!|YcglG|R-0;kDf
zz;cEMQCgNU2<J^OHZ29Unj_ytW7kS>H|l+|3%}Vh2twV`9|o6b1jWJX9m;xprLq&q
zMS1v=@=6F}OWur%KNisBcNijMk15u_({pL~2&XB95y~nTy5^86*&b}gGft(Ug3osZ
zdn?(0U&W?U^myA^TQ5{P))b7}gsLx)^s$x)+0vrBZ|yOcEX}I)dVc({Ed`&yYnOZC
z;fnnX7{*Zl{2A@W_vGr7n}esSqQdpI5_r)tO>-Chx*{th%{J4<K=o!Sr|r$7eC5K-
z*%VqgMb%Fq?d088?6VpqW0Pbq3C=538vR2wdHp5pEv4uFWIj*)MSnZydXUR~3h%`y
zW6#1R>-{v8mv~@|Czr)Q7T)_xi-q`gK@e?70X4JKj!}$o3moDEoTQtQC_XZ6PY{-l
zq3os1)j%DD`*-8<BFFXMAxBr#*EYNKXZv)H?dEOF_4UQurE8C4_o9iZ!Zu*JTzC!I
z#tp4XY08N5A$_zS!QB9*V6qK@wYz&dz@*a8zI{JPlBcZwlf+cR{}Ot=Za3pu)_-rT
zVVD`kOKVwoMh-7O?YG4;HeC$W8Rc91u&23XwjeS|Ju{ZXR347nS2m=~tNi(rQxeX@
zvqf`%vUWW>D!i`U98}91-WYKkMu>Cz+d)$z6~Ww8$jCX)k6)93SgVSE3hIpl=Kh=@
z#GPl*SX;@tOAAo>oD7m4Op_jFBZT1FrTBH=-wgsh*{Dd=Xjv_-g})fl+YLNZID^8e
zy@Yz=HgCDHtO8k8QWk?~Iz9o$kA*+y*Fgh(Os^?NcL37yM-s@JrG0?U{JeMM1qaz=
zyXHSS|JpU3ujM3bahYC#p)q!AHj^u(lTfk}X=Z7Oyyz=F9xF+)0Se~kV0llsIFLQr
zq|nnRd^v)(KYult7#~<SNCkD>?<*FNbh;I?qhA@@cc*N^-E!oBo(<U?lil}17WmGR
zp8a^Pn>@5uuhy?Uo;<Uk57+M3on_|<2;U6LJ%`_fn0Rdi{u%)Hj8=}t|NZuFCz6dS
zJ__CNlkIvhO)Ib|d6gy)i|O%E4}z7S_gk3U1@VA|;ysQc8<RQgVS=?Q*}?jJ3i+vt
zFTtPBVoTk+q#|)oMiQcM<&g7(zMrrwxF9gPL{MN^?sN<TGr32Qn<s>wU}-*1t4=&U
z4!48#=+CRL5qB&Jzs}kh{#Jp#`_@BQjXAWhuwP<a(Gv=K2lgRv|4sgk|4x3?f0F<4
z-^o8_|NrFYiiU%mxb5eTHm?0992<k+TX#V<N=3Gk2@J<!Qt=7e9CO!VZP7<_!Veqv
zy3%e1OY?JDHD6YJq6_#qQoAw~7ToD((Lw%B>$na@cpXAG<i~*k-pLnDI$UqJ{eGLL
zyzGq=i0S&$kYK%Po$><S`TMsnS#hEFQ@;cyTn9b2u{`VT!a`?L#VW*(VuJ-i=F!TD
z1i3--m|vtZ!37x=zcojEP>JT7wWJXmS-$3G{~(}u2wE)?l?Vjsw)TgemWHI>schn1
z7xn%rCbowSp6mYJao_rNOc2=!zL^!u{w4Gn<bK<Ayoq%$E>wND5))*3O#ij}nh-)F
zeQCp}tE|kx&&*G5TVGIL(3%NvH58c(k`%;yzfgB}=)LFPWUfY4upDcro6}MNYfy5%
za=N?~*izw{q6cShSZW!NE-$<9rMB-iXcg<~YP~mh`m;IW8FF)z0fN#WG;}hlw{(JQ
z!_&;5;^%6%Yj{);_Q8Y3^4ad5#|P?E*dKmVPbNhH3)t#X5Z*19<yltaV~7eB*}~dT
zs^mc9o`6+Ms+j_tMLf?RY1lo8cs=;7B~g@t!VS`%?x*?ebdTCg7KZ==*7j8ODLMLg
zF=`cL*DK=YNzw&zxh9w{QlgEG-}YEs9m8H%9Tcs7JB=>tQHlk<C0pa|10!EOY9{Vo
ze2;PQCda6GI<$sU0`8lhfTkp+jU$0I?<XqHo7L%3Em1D-rt6@Kx0ar|Ul9@w6`01Y
z;$ab=f5L|Yc<a#L=(+A5Pg8YMNn!8PgR!1e7JTz`=C8lawC0C?1Xnw1AJDzpUA0E6
zGzUarR#p;F<jD<c2-C$Y?+QzcxKELuId)meu2EXCGf{bSh8B!CWvOd_8clEVslr=s
zGEMG7GIf#zAWQ6LnkzvdpDxxHIE{pJ*XIaz)?`ah=PGqgTdivu>|{Kw!pw4O!_9U-
zU?_kHXLq-7X5YOX3?Q0Q0qat`52F8T2L!0&*~aha*OHxw`R}N0uK))B<?D!;82r`U
zgI7nGG_9oW-QQM=Z$dI*Z&Tg6Z|ppI)<BVMH|;VjtSiNg*c>;~=xxU*BL%=HFBD*e
zr@CXKbdby^z^<q&zSZ;TwZrYe^ZGcce?d+8<rc0)T*;`AdU5g^$EP`8J|O;!EG^OE
zXVy2lY_pIA*f(SRR#L7z_JO2s`;P@Lm{_^cb+IX~-qfNoSiak<$Bk~PuYU7Ma;NIM
zgvKAEgL?MSuC%^QkIK_2$pvm|J$JoP#JL7D0M2AO6j^&)e%tSLZG7{BahbFGE>9xZ
zNGobrff>u7=-C|d_1)dUP18&F!8>?%$nEhw<}$-%+SQ<nmy15iOgu&)Q7$&2@wOxr
z(=QbtavS=pyS##7kTf*PBf3H-2o>>WOIeajJcRt_lCdcE2kr|JjJlL{kUAr~fy`oW
z;@Cc<+?*oNU|N`}<tg`L(=>U6KtgIVuxO?9h==2stgV3z8*sh*^*9;m7{~=3%1c|8
zzHx(9!IF|*2UMQWPVJ!>WLLHl&cRcGRr`}KpPWJ`Cv#zYtR*d(Z`<PXT8L@QH7oM>
zVjX)F*v8%3avugz!dusR>z1Jnz1xVnN=G5j{kYwCH4k9p8d1~8A#ln||3`33ANWh#
zG+CxN9N3ylu$8N-tYp*p(!Xum`H%2~<Mv`KTQbaJ%I<N0%K{RzZ<UjFXQ8&ftry0a
zW^F01JVW=wG`;JGs>BDADUx%mrQ%7?(O?t`O!@?#b;@Q`RE9OCzH!{m8ROL{JvT%9
zY(G5Y7)?rt`nAKDHJ#>{^q4yQ5%03TfFfinr=F0V5R!m&=g+|B96k52K^bjyyWE?r
zGV!r_8JxNPX*c+$THWN9`J*f5=nf#Q`SA5}4wzKk#<O0!tyKFt*67jS6J@q^pAQLf
zDYQGLk_OU5cgOVgkG;RipYz|zkM>XUKm0rSXBhvV{E;hgaPVc`CBwKc)<94V6+Q`#
z-x{Y{kJJ9{*fWCj;N_Xp9pO4WoNEvTe}=<O`?x-$MV=tkI8JhXzl+pZ$mUAtdW-AY
z8EI*TU}`&W@i3xH!Q=q()Pk{OuAZ6o($EC92R*o$P!J)(4AAcixb%kol_CgA;Rszs
z!L6bK%ssj!0q3%IZ4ByDK~G-u$u}2Aqc4+&<<#uBAvDiZJ96xl7(5~%YcJgiWE*6Y
zjkYA_qN*^>2e4PpEsQez2G(av?aSKmM>!7#cnsgsz}+r7Lm-390JPaB&CfP-hn|y|
zNwrVCY=oBZKt^LUP64@I<|0UmQ9r;?m)EDi7yNj)6gl%rNCw>UVsbKY77uy29J?}l
z_dSVqoq3lXkMv2zsRl2ja+m+tNUREMMsm?dww5#6ixC$mQa4xLCvQ^8qdpN`cqAi(
zC&W&Zly|Oz)%Ok8?(VCC-%6^H(Q{?M<08}zm11mpca>t<SLm)~vaDwWMA8*D^1&y+
zP0!WlZbDv^eWR`2qDj$I6MG%VG7(Jv7VfQo64F~f>7nt<Fc?e!@Q^GnBcsW}m{Ors
z659tGqjZ?5@@#*DO1%su3ox!XYyQN;BSV~Frv|nB$(Y(|YqC*t6?fhDSD?Qg$_$=r
zy~hBf5L%)a&&E&Q*c#i1)o&`^-L~%pYzho)S+ZdAYNxOi7K&IDDr<hxj!9tAtZ~X6
z-yntPOA=z#eNP3OzWF8I`o5Tpj`#EymOxN3m=d&EO*HVK)s3qg$)<+4u_R-abon@<
zY)h~`_F|Ff?}KD%B~c`-vYRe|2zv9pc@{vs!zQAGuTh_L@Sx(h>-iN2WtN!D_sjAm
zHESf2p^*`Sp_J&!3%X?I4CJ0o+z5q@FGhyHeJV8qWwr(!ND@*vrWt)xPYuQ(2o$mL
zTKx^rsl1BvlYkuxt9oK;%0HbDsff?(NsyCOw;5IOdp(9RJgMcv=Ew>NzFX|$T#|!m
zHmvmy{imw4Gmogwb?E{l#@9M*q3fR2U5JFB{dM0(6Ryhst6ENY?H^u<z97@~W#dgy
z%Q_UfF62i}iOX`0Or5K{(dA)w%gB)6#?vcrP!2BQfFw?Vr(OH+?fdk!^*_})%gAl_
zY)8lLZ|7TRZg8Kk^I$r4#49093?CzJ_O{c#09hv`zk?~xjrrDKVvtP$CJC)5F9Ng%
zdV2;`$b1^G9-v&NqtyRA1y<Qif5g;*nX4<!GZ<V2rN_CS?T18;?ow}csqDBz;wnDM
z8+3`e(+^Z_TqmIqgXbLMF-*J6V~fsz;BH957v;JM3BEiN<kEO_T9lBjYKXm|2lahV
zTYVkilSV8;sH=Qyelhzi7`fu3Y`^ZP#TqY9Xp=DyDk&a=t5Vh699Hr3-b*L;&wyqW
zEeEX&^=l1Z-v#7z^)3!Ji7X~Ee1e9E%m(GdD3wK4YL0`MC&OCTTLGSqi<)G$*GNCi
zIlkQ<Uc?kJHut_v=OI3itfn3SR;V5FcQ$ZFai#i?-nK7hKh{6?YE=nIxPD#mJuWk@
zvUe@GIUUs7e3PQuvjJ*!4z+cy;DeRe_`Ap&Z*rOwk0}%CMu=hvIZ7GZUVMk)yU{hM
zWKFf%eTS*j<uQHf8u_59>1M9UtldkmY-W|_1l&ytIHMRD8+|sae1KXyI;vXi--6<s
z%CuYN9XIE52bL&^n%Eq)kDDDH(Uo?$9~$yPLe3VoOSLlx`-g`KWq{_{c`ay9V(4Y@
zS!~TRO>0&l?htw0@EwekQITA+M>V~p7tDsd3s<Jbphh;L9hgpRuOlNSFJ4)@S5U?<
zq_{9{^toevCIzuxxdw{W>$0|+$53L(c=c^ewr4*2+CblubqWr&S}(#K$~xa}X1_OB
z*guh*@)5z8>BIzSt3_Se+QErcm1Oh&Dt-{3<YR$%H!}F)Z}PYNck-kEll=GpPX5J(
z|0jPU!0j2YxG5549vZ-&$3uc(t<YbPQ!#({e>JT12;v3IJdc0?49<Cp9*4RD*ay-G
z(|9`1%9BBMk#3}YM=GK0Avgxx1k6ab>(hsB*;`fzgH-Ezk3v?xY{48y!D(i)Sc2|l
zn|QR_=v1O^0B9TG2_!$Q9PQKj#nsNnWi+YI7}?F0LFB#SdHMaR<cpY>tR>2kJ_PG1
zUqq(bo?@T!mq`?B+@zl7e>t`Cc#N&_eaIB}^y8Bx>#n&P4kK?S6~2PP$ioAargaUT
zE>U)Cb(J0PU)?yrq$Y=NJ-fOh#Kz`6IiCWCol>EmQO^J4>n)(#YSyrA+#LeN3dN<k
zySKQz1xs;vw^H1#xD<DX7I!V~?(Xh<Y2Wj%?>lS#|5+<!Cv3@{ooB9jX0qqL3%g$9
zfx<WV{C7M2_m|D_Kf=bzzh;|j{f5x!-m?|$6p3!-iMS^<Q|W+9u-;i+^S+FahtNao
z4T8eNEEf5J-WzN_u+m(_jpNO36n6)+eGsrU!=(?IK2L&=63}O9`<gN&x*g!X;T3Xj
zQ|(T>tNHbATIyx_$-jV~gNKtt`FrL3gT@tZOX%Bsag}3sx@FCVM*%Z8g$xwz9};zA
zT^zB9sut?dF(`rt1-mq|3L_Er<hP{~Vk559q<dQl-Ppyp(omD@@bJD(Ac4dTJLA=7
zo;vh_UJYgI-F=qmw}bj*;w}0wI)iwZj&y}9sk8E3iT)o4gwGSPJR9A_?ezy~Xm#Fo
zoG(~FWG9LRBn?Sgbp~n;e^O~3(U2B=OZ?FTiu~ZRcH9P@I2<kXDwd-PwpS@EC}hz5
zW#HI>>sQ*sUp`?1c8@9N(ei94F0QTJ0-N@LC1ZX$?m0G{cEh$`8Bs5P%;Htk&{kL1
zR8`HM0-1bad^70%3`wXKgp}J<6gH@FD=Z_1LohSmKn2rQ6R2sy`caZ|8it!EShG%^
z>bB^CHk^xKUm7>5>g^C6QrnL{Yg$EO?;}kjs0@|ONgM|lM%x;vI<w-mQj_MFbIaeM
zX0y}?Zfj;aIE~b}rjHrimNa(c)Vy+l`VzP(9|*<j4?_%z!IHX3vU+(MFt!@nuDShF
z^hfl!#J(Gf6MR+{4p7xa95pnjW$X`1YvpMXpNzr32jlhlPvsWDdxf@9ps5m<R#)4*
zo>!oz&B-{_?$c^wZD4%BBJBiQ+Q!I$HJ1=)CU_kyeu`%}bD7TyDeFHgT~CgE2EwUP
z!X+fAWy8O_fK*jfSKqY)Pj8RUNW;V=Io)eFyh#_T^xPec3H=e*j~*Z8smbzc_z;h7
z%Fo4qnK&U*+h6JVv~ZW)azI#xY4fYraZ=MB=C+*uuDlvTa6v$~oaxZ$g+6&WzUDqG
zRP#>YaXx!*7sca(m|N(2j}qHxh>Bv`E&Q-m!a4gQ7zJHW2)zmUx&zrZkj2<lw8pLZ
zBvu$zDJSDGo22@!UUiBO9sTk*=*%WC6E}hRJzU-#Y`#O3-Ht+(&k&gl9rHOJaw5{g
z^(eWgi|Gaa^Wn@pZbR8n0r|Z6uvGVaimTNF7Ljk{;kYDq6;cN#shAuxg8}){!?^rZ
zWFAF(P9`ktLp+Uu@JbxC9(b){Et3HC`~Hm+;uE+Zv^)|CNtxAlgI(lOu?HpWZ!0?9
zoaIZkT;d-w=cZ>H>g)B|yzp)EC%k!|qae)mnmy`UTYu!1kZ~|L_g8d)N|RdKT^8B~
zFpA|zjv8wAh9_f!mT7C^!+VvgJ0aUP4e0u4G7^Zwux{gyFK1MIcpx-<79w|(bk4D-
zrrld}x55t<+WDOyj=q(y`MAtsrL$&O!8Oq}-4nknjnV;+XwRsCN`}@-QeR^oS^|;i
zHG4ES)<p2B(T?d-lZwL+LYJh+eS;or9a$UB7H)ISzL6_^MnXaY8$v?3EiNrV`u_^~
z0lpb5KOeTJ&wx2ZoUEOp?W|J&7ZaIyDpN!L(A75tN~^Xo>6(O&O@2ns%(C$k0vV*G
zqf!O@`UTohuO$28iP2qP@jxl12kq}M*`Yt=uQ`H;;Dmtq`v-wSYncMJ3ZRv*8b^ST
zfPkQZ^!!8q9YHYp|N3%4wsvs;p?;d*X0##(Bm^os1jL`C&>sKKJA_dFwjU4w-F|FF
z|J#1B_d`HLphmB@a}3zFo~7<sCNb*OyMgZ~p`T+4_B=oFd`9mLqBQLfObJi6PreVM
z7TjOII2+SA)t@4HVRk99-8^R?i#FJ4BJUT`X8~;)(+iK^E+=nQGg#jz;V_dQHP&Jb
z|GJ2jb>sUIdE^D!JZn^c+RmqyZ*wSl<o)rbxi)cWhR6$)T!z4wJRjOAVMT&t%Gr$U
zCE-z;a8EhxOPRhPKN6=^T2E-EfLT*puGj@YgQYv@6e+=$mC8(Xk~tn0wP6Ius9B|0
z2XuTFlC~z8gi+f-`}{U+<#*dTN>ARLPan0aO*%Ipn!8=;5ug*LK8y~B$%HR>x<v!C
z&)^9)DsQ!5wd-wm4xQ;YS{zQoKqMdaet8V?uGKFEymaS^#rKA?W_)eF2doB+L$(=l
zR}x9N?rqcK1=Un>_l{{;{3;ywLHzi>ttQ@=!#)se-J<zYSL%qNZH;(q@CriXQD!ZW
z<s2YdHk2BVaxmoRve$MIJ2YI;aV+jk>lw7B*ZHXN18Mf|YcbIlJw<j|NK@czbHn3(
z1+d-zBsh)JpnMHM;7IUX>tw6h=JUYqJEa8iG!TgH$!q89EipnAiV%i74L_|QCkLfc
zdS((4UfOreqY&dEExe?-mhB<ug#{jSbLm*gI0W`YGI?$)nIT0I>^)HSh|VvMIGv|A
zFG>u`<1+!rdz+n*)}N#@3Cy}eRJq?vls4e@gO!*G*9GFMXGj;LVp7*C4l)+iMQ1A9
zz|+NkH08*QQ%aoVsQt#eR^-|3W#v^QPbf_FPo;l8Vb;B{#{m{j+4T|<IZ+8pj@C%r
z9T(P5Js|x^U<gEx2kg>A6IWODk4VB{gqB7wB5BX==S0@~0NOU88Mdo7*Xfm$s;D3m
ztt~~d^@5Osl&Gd;@_4JuI>>&?lg(kj*&M6VZ)~CjgydKMs!}CLzAwQ`=<b%}X$b+X
zeA?qW2Sz>!6J&EYQlG_#bjcV0R8rQZ=9(*&mbV-l-BwSZQ0Lgu;Gj%Bgsc!Yh`2{m
z)z<1QPS{*Ofo0>|Q`lDdYA<0Qlw$jMRy49n-uX)-ANGI<@lXIPi`L^H>LER<c6I>>
zCOVhqIqfC0rb#KfCe-&l+z6C;3x1FuB_{;lczVV4y4UN3a*%26RCB@m4Uuai1|%1e
zjC6cY^~$f7fct3~j8v6WRXEJkWE2BnGP^kKm0fx&h%qMqg^uJ|(R9SXO+?aDCIN?}
z7YTitg9)2{{&ZQOT3sAr-q&bMiVobUEFX!jtcv4}E!5_l@|Eybjd3!iwRhlSYu78t
zqil_r>^nEZuP)0DYTz58RW6dl8P8RT$2RFbYF8d#DuW<{2Wnv;8v?k%3z^V7Mpe?{
zfp1fGlsy`B^=jhi^jBd_y&1DpgkBQA9bA`#f*e;oi5R!(S)^|)1=`5GwM4Cp+KBgb
zbCgkNa)^UqF?C`0T>V&f=^f4SvyfzvYkw;#?W%eHt~_N{5JBP?lVN|dl-Y*D_643W
zc<JRK*KY+LQsT|p_G%DecCRH>nlXNSYL0$s^STidd<z>=Z3)>qeIZl#Jxk$~^MSlm
zSs&VMsbR({mFMFi9+pB+>_IGWp!hz3`&p=q?r=2#s#@sNEe_xO=SFsiH~{i5n2?aq
z7HN@NMpy6Zs{m^_ctz-JSd6Ww2~5M7Jw{J8H2Au7&}?W$Cc9<}%er3g8HV0Z(RdUI
zPl)|e8Abzbptw+P1<IcTxU^y!KXSlUq_5L|@@X~(e|1VpKfFMWhBs(HM2W}aME5hj
zJ%D34QF~LwhD<c7R>Btz1Gv8Lm9o9NZ*tN??=jt<y|KQUB(O1j)<Y<=f}zA-%~q7c
z58}ki%%=cxV3c(TOYR0N4PDluS;U`G;U~tz1O#r!3ohr%#!ghGvksjwkcbaz!m-Zk
zUOV<_%Iy*W?a%&_pW%O#AN4Q!@Bf?p`(po+f7KTPVt;*u4tQ}aw7(wfnZDaF1aLAn
zZ*uW%D3R23>o>)p`61z~V6NHr(KKD7J%DJF@d<3zF$U*=U)8D^;KT4OI-CKGZp)Yg
zt}s^rW1oe<FUJFkSVZUudWe&!C~s-HF!V4?_@0|eGXazk*2!h{=?|%>H^e_Zrm23`
zTNU>fgK|ja3vrXj!cKB>!?oL2B#$&=YoGuN>WEi~h!=q5<G4gp#f@}&)Ca5!0CFh|
zbdbPMRSmiHbaeF_X=|1Wirr=u+vQcFG^yacu{mm=m+=QZs-YAHY|uat)*j9r$f%Xc
zb0D{y8aJ%IxP~8*wpvab@k2FzoDM~-4xuL2N3AwB2W1nT5vH{276=NeQBGPjrrx~y
zBqI~6#Hh&v7i~%^${hBh7o#wH1&}+ha_;mJLAnw8&n^w=z#c%C{~D}DK{r!9{S@LG
z)}j=?=_f4#nbsIe%6-gDk5_rp`Xw6&?)Jw19x^0s_b=!-nF*xOJ0qu^rqG~-i7x{K
zR;4t`lVeHBCka34Mq%|5Rm~81y34;PYYWw@DDW&%DQ9eBUEV5orAyxB)1%ZiOP2h|
zJn7i8+a+`h#tERO30YDb!Z^wA^5f*KtHOn?`=~%L#6!ZfEgL;&kL$iZbjGR)a>ok{
zu+kixeIL#zQ^7o$p+{Aqx{WWRWrk@{grG$z@fAsn&PdYS5|3W3H;Ijm#bSwvxRD-^
z-1HH1FB{G=WZZssK^EUA8q4$;nA@Ni6QJ-0l?{dQ6%`3&W8&!K05Y`x`_k6P0u_mk
zi<Fu4?<;<OCRKMk5R;;z>7OSDkc|^5D|n?clQPKB*4e=r<Ots6ldX-@p9Kpk$DehA
zf=rqUMiwCBKmU}n2JgzkMhbrX+3oLJHXc&&<DV@R9c+zNKu$VLisGM`R6%Y||7;@q
z&qC~<g_IsC_@Hti6LUjRTQ?o>uFRwyJRFQ{tfbuREQ~y?dZbKZ;FAEKo+Bw6_uo(Y
z>|pC`_wV`teZ!=}r0QU3<7oG%9LDZUVk%7HAQy9Ekn(3y@ZnVrjU2(7s5m(|8$10|
zR!34+LBap$y8Jovzt`oHxs?;hf$5W#p%X|PWNd2!Vv+^fm^zt}a<g#$+3Vk{>Xu%v
zzGSl~jN#qbBXs<OIPqe&wIWwCCeNBqf{a1=eH_1LkDppcu|2^}{9|$ki+xwGydp9J
zVN0#&=x8RJ*gXA^ReFT9ix<)D5G%gil&1?e+Es9~-Tl)CRQN#(9STqqlf1m<+i}9n
zvD<7wVyZ+eL<{Yp2vPxxWPe!QmL5s9ME??3h0w9v26g9GxQYe4<qMdtd)$w49p)Y%
zJ8L#tw(L1`hWDaew}8Gs5$c5aP2Gss3%R)8Zew9xt?ui$GPY7Rg0o3wVHO({xw*Al
zHwOF`f{v<L6@4;EyrOjjYORadzGZK9Ji22#B`O@e-=KEyka>9bu6+O(``gwU)02pX
z2ISVqeQDn$xPT{_+l0g^1CFc5@#Xw@169JiGRb5WvRE7;w8*kNXh7o!TPfq9qIB3o
z3-KJ-o{B+E&)#}AHf8^$o9nw2wI8#>BeaA>$8?0%Mnu<04qkOel;Xr9V(H;47}#?k
zL}g+e*ft~MBgm`1Ntkg{u9^HEWm3?ZS8jTA*V?^mSd=)|`QnI#1I#za-c=*}6fjAE
zuf5Kq)c>1f=4a!Uegk6~zpdh@ih>JjQj(k{3iMxncrC926hO+m`>V{BB>33&Y$j}j
zR(#%i8JF~!&BFbWxNk`jyEwFZ$>taIs6_HMEZssU!WN%r7v@E3U(3HrPLp=^ge)YC
zwr*+<m=$(f<vYeGp8m=CKmTv?qx~iS-G7t+<nCYc_n3nHT@GwoUr8v)$H{dhC;Tyw
z(YkDm2-(Xw4`++acVK9qlyze?O<cpm6`{m+8N$S*@pY9aKTNR`z1tYt=;cqz6RoaI
z*Ar-t3xdAf+BxXO-#W<*XNOn1qMy6B?$HjpS3kx{%(CGiv=En&r`Fy5(PE(yeQy@3
z<fKqSJzaD8KqMFYk?u}Wn60AcP=WzOoLt{mQesx#zxr6`mKuj2O7d&G4U1&&+KY4e
zqEqElStvTE;?*(-wVHyQEp&^wng0wKl~TR(G7s{E9quO{hp;X<s$6f}*c12?CzQ#S
z<c|q#Tqo6heup<CrpeHi`f+t;^b@J`ilvIUi7f?s)*Rf8lZ@(A;o2GoCEi2MJ4RRf
zDyKlpH=dCHZ?OHL&c7A-FWCMADkc?YBd0&0`^zUL4Rez}^_ZENNfKmkYUV`B34SSN
zYh~-8VrOU!`oGv<5;b>nR0KJQ*;?D#+Wes-H<J{YLk@Pff4D&U#n8$T#Pt7<3KnK|
z7B1%hrp0jvye6Rk@h#rh!PX((63Z4#F89;NqWNYT(s>CFJe)kP1JX%xjQl$)J&&_i
zSBwKS5!tc{iciLat$jroZ|~K)(x#U6Myp@GWRBI2r7xu1d7HY7rkthdp;@dZZ^g&e
zULjwFNh3=SBM;Ms)0KqN;o~G|>?Nsx!A&gK#qBHHyAPHqaR+`P#Xx|8@?Ym_E~A^H
zc~1^Koo+(!(^I=P&6`(OpX*xJ;)+6Zj1Pb5+2`2Y&&D@a=o~@Wm?dLI9BNL$t2|w7
zXheC$8z%hsFr7jT?>|E3<YHe5u?ou-DKrDJHYchaSY^#2PPR4JAnvD8J!dimlw4<j
z+@^b;{3M?-%@~3|LHcFwpm0PzWBz^Nr0QgcYqc29X3g^+EaGqYJK}fWObf@W6PfjV
zR-fZAzrA?<jLZ=llt1_rnNVYBJYSe%;SZ;5dJElzfd|xF@4nQf?6{=j-D)MG%qO5N
zsi)U69<oI;ahxlR-$e$h6!2tFnae$ur}xNeKm0yvZV&vTNqtgd5`6|&4z)_q4-=Z*
z^g_4e)=*dlW6DKDLx#P_*p2d*_kQ4>GBcK66Cy>&^?jK-Pj4?~>$#gU$)EEGnIjpe
zE@{IXfW9$r+*IM8e@(P^ffoY;P&JdY>dT2Z!kK0qk(sX}r|zOAT`t*~_Wf%=rJOuj
z>n4>ZR_!c^wzEk}a)zo9#~Bn9AX%mT9F>*iw2zzp?uTGnA%GzK?Eps{E$F*z1K_*a
zSu+yHjuZ5vCnLYdbyK;cs=N@2bm~~d=%N9%ox^ok+nedC4J3<(&-CX%U&-bT{B>y9
z9F2Rn;EB3dm?_DAY2BBpbor|Q!O}@X42^==1-O1O@Har5TJimBezy#Uo*gdxyZust
zr_6l7+4IQ4@nZs|fcxcM;!%4l5d%(~Tn94A>je#ezICi>ow4LoIUl;F&Tm~yI$I@X
zuZ`r-(U}q6Z?!Gvi$*^wj9~G9<ZWCDRSSd@YSa|Jd;hj`5igWu*IBV{nlwjjf+{OX
zWz*^Cee=+=GL9*q(JMJ{^ewgFbJu$TA0kX30@m=U8BT&Y)wTk#Y-l?~r9(c)^t^3r
z75_r$89F>`7-G}>lrH~_@hw4@y-t$%OR+NUT@~h^cy{{@>7DCj^qpTZ%evI_E|ax$
zG3*n+Y{9&C-!-7k9h9V5e1^HHD6l)}(p~&elH-~n@hRTAm*+}U`SCCw|Hxh<#}>fs
z7&&1T+fAz4V8NWwjV`pBNxmD9ktnnd*T44qWN=IM1YT6tKQ-HOefOoe3LIt|nf`g^
z^Q|RUg!B*jW&St$(f^YF_P@!0Rr)Xa-}ym65C!*Fi~?NA35583GETH|FC6iF0$LiJ
zDT?YJmb~p3preGxFrc9i0$jgFv^gM@1*eLcwl_Q8Wp>cbz@z(+2;K=Kd?&tr^XP@7
z^6sTIFj}+suKzrU5bgWQ$yC4{3RmrAZTuPJJ;#s8)kzE~3H<OUX5_#zvsvwPx&9bd
zOk{$doSbkCh$luV;GejxeJNdL{MJTyIK@X`5bwE|fAh%Zy@L<Qg#V-w<PA@KJtKXi
z+_0W&Hp|QQQOJ4rn|XNROYV^E>aV-KtcVkGZl8KpV!o$^5me1DsWHl9>#i{mFL%Kk
z)jVruljNx$&-aLJGFM=;mda#HtVp3vyCgHB(yJS?;>x5`!1BhOtl;mp6GEl);ghGH
z4%}mu4n8Qru8j+&%gI5{?HtyFNy{)D=U9)XjUj-$#QeBR-zJd-k|B6$<GtP3_?_FD
zsV#30K|4^DRwZ3Lu!%!zCvaWWuKA30$4Y(<;cs2$f*Pm3v{~8qe=IBi?oxp(^{&f4
zKO(;B6Gk<l)$MzPZ@nGcd@{3aCj<6fWyB986mMg+Iq$P^C)geUQS}Rb+N5EhmMqXb
zp#~OPlr4GiH^8?6@+ON%2UeW;J--*s!wSKeOHv!g^40P2^2wMCg=ys+o4xec=a;ot
zE}foNrXccDUe?#GsnD17VkoSs<RUM6D+zW%hgaUGT9~cwJx0+_a&zXlR7)T_t)>h3
z_P0))d0j-VeS`_V*?LN(L1Y*BZW(UT_h*;dk<0xG?^<U$oF6=bl4@;n3sT!K7h&7J
zUjqvLV0(!*pX4L5IOKChK9Zz;XM0`Q3EG@RzWZ7^O|#(?`L|hcBZu%NbIl9nN6GJ*
z43mN?k8$wZ`qugiQ4Kh8d&SZ~7Kc?I4qVWi&2IvYYdjW5>{SXI9e8|ArBov>`3ZrA
z+)cBdU@nWfPtP5GP^$JcG#?i;^|1EF@|t<Ngt|MH03nGJ`Xdz9+n3)X!nW4Wpks^`
zWV6y{Y~%Wz2GH)=RqiX+d)Wf7{R&{k-*dnnJ63dl&+myD?~Cm6xV6JV3$TJFF9?eJ
zAOlc=81Umerd-`gJe0s=T=TlVzi5<k8PT?FP@{)S)xCcm+PiYyAd7#8nCz$Z^xDPE
z5~%63s2f{rytbF*JhHa?Q<pM)ibM1-HX|XfLn9pN!PvB<R}{2MXQW~EO#HZwXEPhL
z<)H@jn-A0Hm)%5-u$_&h?yDV}#C-CGi?1tyW)w_vH?0!-0CQY27T7d-7u98hMo_@%
z-=^K#p3V>sGTseY9Mk+EWE;N3ANnH#K8*7_(<1gSaZcQ!cCGxEnaNfN^--8<VAYiE
zEbkV6sq>zV3z#|~T)=_^PT!>q+aQK@%JcxNDuvx+U|(a?@3q5=6Aw0njS7esDDhsL
zcj-{bF%KROg6luSRps^IzUFnA+SaAkk2-bA0}(#i1>cR-f2$2*$nlCbK~SNvf`*&F
zB@X@@0|sWuxTHSJ^`abUG97;yD%=7V*ok#9>oN3}CB~SFS};rsR`Ywb(&@DKFS_Lg
zF}2KGt~8v-&0DZu$Y!-8js<EN@q0R>auD;gXSA#rogCWgj~nZ=8>sO{7=l%WJ2trY
z8HJ}Nu<0siN(_eSZd&p$?U7v{KPI68KLWz4MJcUw`EiF}8-GFG)2hQX66@6Q8Ki6$
zgOCv2t~gTj=~X8?cLPqSzo$A1h1crRB3dveq3Kk;a1&iPgoIfe%*(W3EIJ&rRw;8h
zhRSXm9fSaeiZMnUc5uESry$Una=&;|=t6xtc|zXmL3!Pgpn~cn(X8i6{(nllU<?fJ
zRtGYyfEaQCq2R(YSy9sD-kcy6*Gu=OXir3$E<Q&ZV2o_uh9+^096OOCU+0G37|Wol
z5R5qBb0Pf}1_Az%U*Ug~ALB3iZ~mM755RxP4<7~raSa*6C1uGPQR!E!h)P#ERU!VL
zM2#d{fx?<T<$JvsdTc&em;401TVBLlzC3%80M?b;NI1T{@1RG$ZVPj{j^tyY2)Ae^
zZKgMN`&vcTA`0^<)|ZB~T_-G-A**1APeI$?Uex6Yol5^UnZl&^@LTN^I?1fn+M|gB
zpCSzqyG@R9rhN_Rjl7NM7cbV~HW1tk+}I-+@Y6I%tL>BtP*l?1IUuvrMkH(Us0I$D
zp;-K-#-AhY$7du3fgxI_b3yx_CEi0(jzC?W`zb_|_tkl59*d6rpDoW5BjJ@rawXqU
z#Y0+%dM}pW<BZ{6efkr9fAT6M%nWu6IupOtc&pxMH<!f*hYeyMs?&=9obak5V>-zO
zR8e-J0@FEk)yN9R-~AAJ(vXkNlD0xCAH%|d35ueKlz*P`xmY&%BxCj{TE|}j|7-{&
zg=Hj4b3i{pBxDn~BfwuqUD+Jd_7?$A7fB*wz~3osSJ6VB{DYA9$h?F8ljXvodV>tI
zlag@1rxF-gmj@=#&E$`yKg>)QXYKBO+v1RuyYs%^fImG=`ue&2HA&<V=}&18dY0f(
zy*UK+8|}AB<kHlEZOakK$cVq8LuaN`C`g&HE47rdrj~S`!FQsO{^zqc-_Y2v0Yo#?
zdDAnX5b1-~(Cbt2E=#as8h2?~fN04hl6h4lzzGEGYHA$~e4aG&%z%dkSKP$$DGhPw
zuV=u-gdTn${yq<+F|Wsigw@r}++4GU$FTeGA7!g4tn3&#>1z|K5j!8CnW)WU_{5+E
z!jK$DysszlfL^B_J?58iV`z8gMWuhF<iQd<jH75wj&U&?&->#eq3nX3vTZZNS~pmm
zxp<74=iob7$1pJvP|ougpA)@c4IWWf2b(-oCIdX@pF<+e{KGl&D!~^)=9|W2Nj-;*
zq9VkT;!a-W^72Q)=kvfo_&di*4c(UZs_mff?+87J_`-Ige>SJ4zPoTXKsP&CYqji8
znPOPcJNd;6Ph~qkE^HhA)y-4K*w!`Jzm4(X8<Qz$a6~dTK0Y=+adb%5d&TJKxOVK>
zOW^Z2k0T2@6HwkjlaE}38qZHR>l=Vt^q*WOq!Cc^7`A6Op^?)GN#grlof|-;LM#o8
zu}8Y9m5|^xbdQxI3`cSZkynYsZhN$NEX?x3dXJ031a|&IR%BH~0OTrs3zSX0-APV>
z!#(8URAmG7^@;nuKKS}I&Bv=&PG28P9a+*Z=%=C!-b1XB1tue1IxyQXdz2aX@-D_q
zOfKJnFIz1d6s40>9qVM=qzbk@3u4mUiAwPNM~0Cm@uigoPS?@&s~=+L4#&&cejUf#
zd2X{Z{3-Lh2nh2eHG`wFgvV!HFRTmHaDC?EA4kx^qMeB+6g@{cc)N`HAFo$E&#J8@
z0A&EnwVx=+Q!oaeA2jzqRHGdMa_~4y@fv)nd8Dmw0Lhrf#3X<Ef$)`yZARLc23lXy
zP5jE~vL_Z6YTHjvE#S{7p&Qw3S9R}Y;U+j7`%v6yKeX|%k%Rhgt@}PbiiYFv?t!dh
zF$%Yl)itex$Zip!Iy}UUe?tXU%~uPkDXD)Q7CI05=|>soTs9w-msLsqCB+<r<^$cM
zY;#y>=z5ZIF1d)U*X1A%<3yK|l+t?((Y~V|u+VhUCdbN3)cTTKd}w*WFIh1?)Q<`&
ztgyVp=1A3WeF<-K?Sfx-=RrHFrW0MT-~crZemYl?EvNBM0iEy_x(}N}G3z1Bx(}!Z
zPXTgp{w?y^vw%H5uKZRYxMDu9*H3E5%D-Ji`=%2f1m}loJW7B5Jly~EwQ<gV^F4CX
z2f-|Krr&4;-FWU8Zs-0&mb0?v#R9uus1m%qA9nD{f8UhpSG^bc_J{mN|C{`nf60IS
z-{gP8{+IkKnGg^b=T>)>q$R#@PiqDw$b?rxKkxU1-UfNqHGRCSzH`SlSs4?+T;lAS
zV$X4V*<yI&BH#6LYIEamo7%3Bp&9yK{ho`({4ie}WAH{PgNu%OEz8PDwv!*EQYa51
z#+CPH*@1@k(kRnJ^Js3ajZ`5<z=}?>rk6JOqV+UtzUq()A&VE_{GN5j&{M+f>+kKL
z@-?X_tisX`^B&E9creKBJCDjLg;#s}B_PY3SAE}JZW}(8Wc(hH^j9+u|H}OufpLM%
z<Ym~O*f%&Z9xeDdFgi<c>C&LC$Uw&$5m)K`G_95ZfPdr_0b$-%X7in|;Ipa*a<PvG
zt}8ThU}m*Ht_PwEk8FP_#12LvWPd*5u`er-O;OhUPUy{=ep1DT3gs>vf!Zw=SjBHr
zWxAxPR~3mn4EBFfR?r}X>QH~^`KpOg6nUc-AB`FlpIA}O7);5*J#YrTAJ&i<ceW$M
zG*k=*vP`d*ppK-FHyh*oZRK}uC8)J_qr*Sp;sR9_#d*Z<wE@V%1P2SFk9jnfj(0EU
z-@-$>d-t~Y9756iD`;czl#Kx)Q=d4%0PA+uq`-H5=exye4A<ci4v&-U*I~8nDWgJM
zmN~yh7?9_G)}<&qh(|+TED(pW4Ymn9-#awUC3|Iytx97`FnGEPJoHo(Ar$7Z55d{S
z_iYRj(ibJ7N4^SF^nDX_p8WtKhPfO`<14HvfEpHqQ*T5*PO@s4Fv4e2Kp%K=%j(d7
zJp#TNrJ~dsLkB>;2$yzCd?kMsMzhz{geK1frRG|yS03_C4Hcv9*GVAbwLG0Rr-O^l
z*0t!$*xkhosi{*v+Ks1=Nnlv(v2mKbN`tuveP_7AE(p#9JJBT%>3h<kP#-Ra@cFp*
z?dIhb?Oyj6{59T>q@gKLb?A6WtoCprfV<t;A1W*7ZFnz`<kPfmlaLwPs1Bl9IyGv%
zWNT{ATJKhe66xg|Ia)F2HaUW+TYq><=wBjCH8t7Z&47n1D$&i}{%I;<0vi7|f#2`j
zYgdB7b<_*$fc~GP0AV%Y`rp>u)^Jke9P4l63IoL=wfgX+FrNJtOPVI<?-TpO^-$x)
ze^QcF>CD{!yQ(Mr8qK4P_@7+^Tq&~KN&X~QJvzbdW7Un{Gz7mR5d6~!hcu$cP(J%O
zJxu%%(vM31?=`Xyb)0h-=(@m*rD1v!Ss2uRk_T{0KdBL-fjp`4cP!#b_z~&C;=_;1
zfi)_hot207k%=Flf$k{al^3ZUC0<ll7&zdtLT9S<V#Z{5%V`U!g@S?#&!Wz0FO>KS
zGxMDSS8YO~OrecIfXNCQy>;F1*#BD(xhvDP$s{tv)K$Psmr$hJy|`0(xzTbv$oN$X
zU<PXqbbqcy>?ZFnR%`8_`V~c$A*eRV!ObeZG=0P=hQW@Ze6AyoY$mx>eEu3!f7n?j
z%!6uawf7<Z(*GGevFsFc@@4O!aqpmgZ0e0_GB6ZoXKQQAsu#VqZ8IK^^~L)G!*Az<
zl);VI&bC*52$OY6oJ$wpRylntM11cX@TAJmcK&boTN~ZM%%}!}9X)=75ZJq?E6uK_
z%MUkmK(L+|s%fZ9OL%yAadB}&!!6j4Xh0mwI#j3+7N7Y^^tW*LaMs6z!FX!0gt~==
z#pZTY2_8`liw<ld9v)s6##2FE-L%2MbVvw-yuPZMnvAqG*eV8>m{@K`#zq}VYEXO-
zSr$FcHPYCKOl>+rbMUu32_KhaF`uqtSlZ=Uu&deg0AXD~Lkm)1Wke*JBhS*}#LUu~
zkQ5#wXhljbFmUaK+is(8u<Nv{4EM1>ax7*JChI#^+u|KUi2IIrURcL_rrLdZ0^#mK
zZVvSFKji=NzsZmFm;6`%MSg#n{(s4DEe!$Dh+qjZ5@`85(1Lk?!GsT8D-pd+J(+3}
zJYQV|R<G3q?3HT?wj}QUBT2N}bg?B4c3jH>CmVZUEtS{HVJ7g6fdTob>SO~ka~jX*
zq6O```==Js3L#Pa_^~Nzz_sZ~F6MEraddn)#2`B)I$0kw@b~2gh3^fPA(r<P{Eie5
z+L>30f`U?HLvQ#PHpqIX&feme{cAW5tPqi%mXeZURjzasuyJtUE-6~o)+T7O6aiLh
zv8}cRdw1y0D#*ylJl(&zY8~ML02Aj>HFQi|sH;^ydaR5$wC*3?7~yCWHDabG)jz>V
zGlxpltE9(7K2Z0l=xL0?-~^DLVj(YH(xGHd&AaqXlY9SApNHaUcV`upNrV=6?i!Id
zF-hi(%6O8oalW}mvJ9$oc9NUS@KnA!zvHs_HLBs1e#YbbqUc6xt#W;x7}eH!S$_n{
zK&)r<v!H@ey~2JSVhrBh%c^IQ+LJZT4+X6Ls{O@wz7o*+{bR!2k4}o4nT>fD_c>OB
zxg0P1E7=a(f}qOBL$F*;w)^sz-?=dRl$zuNNAx4%d*YX=lB=t$g4lzuWDjx_Z=pEM
zv0xv(pPnD4fbw<ha}ST6{?GfTBs8|CW93I<W%w|pDy#hCQ$h%Z*<BP|zN=JBEddd2
zn{C#xLrCJ>k{4^fZy8N?mKGLZ0pNBlEVE2J?d*-9@;0y*Rc&J<yd_vItqiW%<0tb6
zPb;pm((>{fj1=UWAqA5!5)!@Dkx*dOwOh+Va7`-}v6H*mH2{kz>dRw=lx`zHH<9ri
z7}~K<tFJpW$Hd`DKO(`X$)@9B(y*|u_PYR)$(hHKm3@H)ZHL?|+lPl<1FKZz<S8l{
zlapS^rGaQ@F3$Drlt>>R3;HL6a9)y5BXx^2sy;Ef|B(7M-|3{Zm4NDTVR;vfIQaB4
z2oDV%6$R}!+&sAZaLT73Et82TIKCcSlQd@q)hAed9*;TL*2oqMiVjPw9Rv41J&K4B
zJ3A_=X!xVFwIbph@u+TXj8YG%%JqvYt<d-!mGX2Qo*R<ooBR4Cyy|J3rW0>0R2f{O
zUptc3HpLEW`8B9CVYnz+$3;<gd<jplhb#7b8Km+#qPG$Ybyf&%$`M~y=`ulQ&&#WH
zI}MWcU6@>%LG$=g)Kb&nO<L<gTKg^N5RzL>RUdZ7?CiM(Ton-hsR~aT%xdchQ*b46
zpMZMz%{^q~6=rUoH)=p2(87Xl75QG0ot-@)VVMIgf;)IbkHL&}Rp8%rxxkOU%6brb
z0oE&epL?|~mynzR>wc67{QB)1>%!M}MIM90Qs1~}L+E9VHu@p<h|?)>DVbDn5`D9g
zvE5;%(h(4N(aLFl$0WP^GLv>tQ!&yBu+6M?GV=1K*NckyG^7NXTX<X+_qgfs(M$K)
zN32XG6~R<aC}`!U!8}UO(*W9f&*}yfYsQkDX%ro3l?9b)a`76)2Z6fOUX2n%1UKtZ
zqwhW1?5xCw;F(^xadq}EHI{fh^xoXitX056y!-hZotZ7q$BBfT22ZN=vlZw_XaNqS
zmnJ<!H(i=MCakrS*{li_xJ4?owfp6Lh`2eZOongL@@JAtO0gl!A~7K?tV`n_eX~rT
zRjIw&BF3QH!S#1F4ecur-0tn|%|#`XKVm+!?kY>~Gc#IJIhi(#H|47?P%C(%MHpQF
zUY_nmu9n+N#SoA2=`J6Ut^%xes!w$>8_TOQO0z?IR*+L(YbXUj@X}ZMeUQuy$Ee)K
z1<a9k@cjfZeMJI~l1w$Hmg#3I@qJh08_;0V1gh$VyX^!8$4qE2E&qhFhqdI5ZzH3P
z(OeOEx4oo%6L3VYt95hZviT4e7S_<fsUFDQvc0$W6gpB?QX(w`Kz?7V5^sQljEqbo
z=(XRhg&-a^)S{4b8@rw%>0^p$@#PCe&EL@;_y0|P?7!r{{BQCjdHzfOMJNaejroZc
z2R0qcgcijajnnrHezBpP$pZ8!MS&{<dF%r7f@_R;cN_We883HN!#2b>tu+l#`rn3%
zi{pLUR$jhas>*H;?uR7Q<%tESP~uWmtWOW_pKmAhbfdW>L>MQ`)-fs}X;$D<(~vNK
zUNmhhdm}PG`^hS3$u8Q9f{l}o3`h@mS=ur8R43xrr?ZYfC0hC=%CRqdmv=pLKVLNw
zdOTXIK`bVd(LJOM$9U!{`%Tnic3=!cR@d33PI{0QCI}7|?tz%^)W+O66p=2XYT$gz
zRQo8+LX2FrQRbA#@fYY4tF*LGLzd60**rkXuGQV`N@l)2AQ~B8U@k5$4#0Q)4c?R5
z+|JBQ_)YS#4?6ZK8lV%*#oN<B5@u7&w~)J~_VdJG(ulHso4;)tNouH6uL3LEB@d!N
zSJQ!K?1U||9m&$8pz>qZ0ex*YFBl${a}@{6(b+J!X1tW%63Y!nD?hs$%R~4ymRn;E
znCQXT%XxjitpUQ)$zTcoNCmN~GsEk~o+pG!&Cxqb6hu{laV~Bme1OQ-D1i<W%CK`F
z&y5(5v)J=h*Hzm&F6$!_wnqAGrNLqcW&uV+KP5w>dExXoj<jUhV0h(83TZe8R)Xep
zhK~d9bj;~3PL-$PSM!^+L?lE-v~;!Q#kKXFlIxhQnZCDm9fK9p4ot*jqLV$d-w@Hc
z;Av>->A|9Xplc%sec=uwKqi{SZ&z|LBarDAzp2elBRBeo6HP?@kIBAK0!OfGE_3C;
z^z?Lo-;4C9D6|rN`T0^87netZG1B*ASwiSoN1MIj1`K3mMl0X)>srABLrg7d!7HP~
zzZLRID*eL3HcLtzzQ<)hX7Rg2;Ws=U4k_$0>iu$i6ZEoJp{Hdisi4b0EUM369q1w5
zP}Oxap`j@f3%0foRf|c6-K68;V7WATNAv-x^l1+_t=cm+JN=CxKP&RvAfMIMN2uZK
zs>=5Ex(2y^N(spc-)60_Hrx6LG5_feukaX;#;><K79trdPD#g6Yz%77JBjrmT|Xqn
z$T+P_HVV4OZC=c34nm3J3?i&}Y^UqG^+Vf*pGPrUhU2O%_DWA^W?{B#N}6$LaXyEt
z$}LHw{xe-^vo<)0NQk);z=++3QI12A=8q~)FBYJ5897k`>RVqgEv*V7;Xwx%bzDhW
zH&Yhk__(+{XT5bjrs5M_eSJoX3Xbv5Z|*-cSM`-L?40NL$5o#MN-0i|C4Sd%rF;oX
z1r3tWvLV_`bF2SS<soe>3vEDdz)`P9pnW`XW|+P%oA)g<NpTSNQb)Db^NR|&&srg=
z8|l4Hj1}_DvV}*5uIbm@6QrzazyFa}*@0}o6z05#wAK)S!ynu9CxK9(WQ(u8L>kh0
z$0v!MYD&}SBY9$Wag%ljF|f^nvIlj8f(SE{&B~s`dvDe1x6|@1_PGy}`*IL@74!XV
zP$QUib}RX^{Q3w5l@Y}C+jq9HGpo2*I|@F;!Ktq)HU%~wJumc@cw%~lJJ3l;7LRe0
z+Djm3msFmjgQXLdnKg+eWD3oM>WJDO<*}WRi1wJqV#IjVgk>0x0{Bd%o~zz>E4jI3
zcacE<1m0?Q!3dNP`aZ_l;_r)#+Q~D(z3uIH2y#KGMoV)6DA>5bl#C2(gWS*NZ_;b(
z*ikl|VP#mQV1ZH!T&jFhxJCV<L;6NzPKbg^o3+;<?C)(uqjHMsYI(fI_zGfr+`f0G
zmG`R&hsDJjzGp}6S-}UTnNM1Wp;PCz;7ph3{rjO2*_?}0v!Y6<PyitbHo<!@I+oSZ
zRX7UV5PB6hV>f)bASuKcrh%~nLn6)6_fVywHICIP%Lf83KW7+xbwWxB7AfU^Xjpzd
z@J#Id1zkFJk%y)!+w8f&j5Rbk=9RM_M2j>-lS0WOHX4nF7;Y^;ENOjaMq5dDaVe1V
zH|O{M-{i;nOa6=hCO-z#zvL&2fq*DQbToKayg@898ZHfsZsJ*(*Y1>&1-d_`+u1ui
zI0;%=o7T&#T3sJQL^3ANG%%<k%^Sz(9H=qujA-`Xy|0|Ss+_rc;(M)M6r8!rYo*1<
ziyN;fErrIMnV%nUDyyu-Q?Ds6D_br;K){kwbOO50nG;-Okq{=aht3KrZN6KwAyTy5
zS1CTyDml}uIMMoWq}jB}ZJlP_)}X*p_OWz2@LRC^t)jY~W4}>8#Lw;pPXW4~a)&&0
zyrTECx@G%W`qLfscz9ITiG~K<;9v5s-lXT6!zv$<W?2h9=V;y~gb+&4XJXxoA#L9P
zgj)Wf7u;oxEI;|_j3Tm`wg{&JJAb6^u$BA-VZ!`8B_GH=X#38}$}*Tr6+SB-kIHSI
za_^^fi~W`0YI4_ZEv(%4+#hHE#QBYgp#3ifghJuct;eCsUQKN+hqM|ygS@j6wNlA%
zkf<2}BeGHZSa+2H<j_!L-Y?`W-eLlC;G9CuJU%n%_yeA$RDF3}>-ytiGx8S8M2>V=
z%~YYcq3-}EC$FrQ62VY4(ENKI-hD$Z13Q2{@#%44Jh`h&^j+)7Jc4Gs!<5Pf`JB_>
z-o?d*ieO4yZ0v{98u%!BE+l^<@bqd%cP5NOb*(-*VOJeMjM^Fh+mi@}>O5o8nvxog
zl4@e%Nl;vyg$;wVbFG7Yeb2R;w>JYd)sM<tBQl?don3H8c~j@4ezNU-o5t%);BC&D
z^yBHC!6V&Wf!f>4^D5s@JI=hx?Z-&V<VxMJ$jH1qxK0Xn)sew$jJKxycZ7WO#wub1
zFu`yg6W65P_ONA&sLMt;S*oka8hj8kraIKMc0;t5+PUux-m5a~sUm=le?QHM!U9X8
zm$!F79#5Ged;rw$*Q?(oJoZ<~Sq46$97XAAX`M^>0RqkXn(08rbm+^$mwP2$U`7NI
zy!Vd7G$tJGoQ4}LJ>jr3nUS{uv1&hVk6%n~dxG_>e)N!lJmowuns6p!j6QE0hw6=*
zw)Wz!HyT)gkTCINeHi%yVG~KnW`-L@)Y5;yZOZz$YBNTrZrg@%!ph(mt>%asf}E}=
zG1oM4+lgr194rdsw47aaBrKW9oO$LV!&*b#aoW}8uA}`!{T$r7VLCt$044b=z}Qsk
z(5~%yL-&J3djQf<Yll7RZ(zYO`VcBKobFuX>BCE>>61ok|8NdbCA8#zP!`n%JTW*>
z2i}+5!B=M$<^EyxR0CjYRBipLXYPd_=v%oFi>Vv4Zn6Ct>N__i2n)C@;E*)&^)S)<
zLI0BAQwI*!67$pHDP?c@4+(}n=0q@1sUsq<7gpN?9Zsh%gC3DgI3Hf<$AnFF*g#4L
zGmsmr@RDz_9PCclEd9M|!{PzSp`lXQVq|1wvcF|bW+>_-?xqv^tP^z=mXPh=hI$uP
zukK^N?+=7s#*vQ(SBc)kA@vWsK}xat#zORXx&3C3(L7MvAXOA_Ei*GS8;}=-{juF@
z$S9fdko8Q?#^(5N7&NZJQ~X;>O3LHY;={wkcI!aN$?@T#gPonha#USHKwy16hh|5f
z#z2nRd^Bf7RMh0Hs6NnN*}{s^#iiQLfrb31Z(>@Oq#7_X8uba*t@~X-8<fDhHW^60
z&gr`G*KM<XQ(IUYqvx)Cn0+Ty|8vF`USC_g8)O^CJ^bUikEtOR{iaD1&`&{C*2HOK
z&`%gR;P;+pU^v$rSF>4&o4>Wq(*Q=0>k%G)Ec)fdN^Z*h11!+Hl6CH$GdgdIv_jOu
z6K~)_`SGRnuw=3>!sH!%qw(i;K4({3YHE+CUzK{za5IehkBl4wDci(gdjPsh(ljX`
zVt6QFDuKqFnw#4%sUc~Zp#jzddNxOuagElM>093}6}lw42brZE8WM)?L;xOp>;5rt
zW_H%b2vfD}vpt7rj3#m~J0W3_z@O0`|Nl*Xz+dv8|2O#oTmO>ZYY74Zm8<}}t&`L|
zMZ0P-M|?Bdp)TtnX*@ipVR+FzzPXoI;Y2e(%yN(uI(3aS1l;SjokmJzmRIFd_YYML
z-5dHmB<LG$Jxd1Le#x8ao5aD%TV?=gl&4qzT`t@G!(r`0I?*^$b_{sZFs#C(oOi5@
zV8x}NLvf}vBRoVb<qZo3CkU`TS}ueMp+BzNk~*XxK|X@kxE}>jG=y^`xs_Ia`t)hp
z*fNlHF;N$(^405(SM2%uc8dWn+uf(h{p@hebvpw|o`S=jf_+?FkZD0i*WOk8Mp%Dq
zq4hNXdvfb3<-$#ODBuOtJtO|23sKW!+ay1w0w=-F*C8>Yt;?l?TMq7C*2i=c&ywZj
z1h8*pn)6H93eyY=tY#S3*$y6`KC`>`{stajQc+O>arB-{Zq_{Y5SGMo*#afTkSoBc
zw;0v<+Avt=ZzE;_Qcev-iBAK`08fX&8h@><tPCXpg}GCASbBNsP#Jjzwgw}b8w)^R
z!cN2W+h63_GL8`oE<;tw;LXo(ZY(Rasu(YuDpUaX_2Tc8_4KSQ%=!8GkGHqKp6LE@
za0Khv8=zihWMm9t!YTSJuS7NANk3`GF;GU0enFFmmpTPbxV>6bwX^YZUf!*dEVsJu
z9nQ#TROqsgXztHYxIT#NjobESS9Voc3psKv{QOcY@)%HkW%}8_Iu_{L3UFt2vh#Z#
zBk=2)<eEedM}U0TINZg;#Q$QFD<oy_>~BA3b<ZE%xR-L8IddrDnAh?Z=NWhC2`ak`
zg66~9=ZlwC(*V)u_W~Z%J_SKHpBcCz6Ad{K(QblwTT(yleGV1|g7&^JAJ7vESZ`jP
zP#cqdzfP<U-B^^%O}MRe7)ph?b(3B+8RW+Ge~#&>8d@^Spoi2H5K9+9BezW{-PQkO
z{3fls03LI7s*iwe`JpkW+0pECvlf+fZyz6r+Hz-Ft|G7^zj48dU>@`-@0WMi{kyB;
z$0RmOjxJ&KP@<6pXIeIdBD{qBH&m#t<%OJ;J|!{_`=%zc(~ppzXgk)8lGw`EmDaf}
z86hnE{7q^?%G1p9FK(1B{Yf*!9^LGAbxXV|k`t9hC5d?;@X&zC7&1u^5+WjEhNK}j
z;wsvFC12bexMwGPd2<t#3La4g2QPTcvZSQsyr#W9tML&mjoVcG;-sh@uVdA!We{||
zp^G2Pzurt@16>pKP=oexK1o-%$W~0tUs`_S1mDW%YSqeoY<#|mJU~5`_a&=N-3SQ9
zy5v2zM0F6fL}-%d`{Nu=_d)nI$d^?16R^6K!ELKA5<F!evS$XYv@4?fXA13<#%jeE
z`71#k+Fuy#gB5zslAofE=yM&q#WT{<(q{dk9l~mKC?q8E=Ngs{LKss-{)BZ^B=JY<
zHL9q+rNu?C0`><saN2F2H{-gux99sD{g#}WX;Zx!o}Ny01<C?zFcLC7peI;mT~s$W
zKh4z^Ha0XcKHkcl(+C(_$jU}!#=1DLF6><}gRPENz|!Ox4Xv#L3H$r|>|9)6?Nc$q
z0r&nl(=-0{MefPhth+4TxaMp9vrT>MrKSyoWxI&#$b;6D)yV43`My5(v{lbaD8#Qt
zxm^Cjx#48LbT?N!*Kw(n@7_8xZ?MF*LccV*3$~AWsh2Kze=&76ZDZr(L#DZTn9Gvw
zMQ$I1SIA^-Xkh7D^X+8<P8@)Eerg2<LVLeN+pPW?{W-m|FjYeE=I(VAy3}5eC*V+e
zh<;TPs}lKE7PQh~V|%b~WqD@S?E1!-5~r-kaKDd<6l7v#u}`vYeCBrA(yi4F0YsL$
zVxhKPmpMxGa)Z~lRlKClW67x@bo`a`*!O95(S<)&@@r;hMKY5weLesR)Y@T)fl4N3
zJvn^f|GV%A$zOf7Agi&TQao7$XKxz>7Yvul4+2?P<dqh-+NVicNMi;4A^-RPO@7?J
z<Ujjw@)IWiOa5p$2nboCFboooPhYbnc;}x5u<CDR^(r?#$9b&_c|vvU6-bMx@S(1O
zkh(84HljI-v&U?iq|0{WL<CxvE|xnxyAi=t#?o6(P!MC^p-WR!(=>+Nig}eA2`EYU
z<BgAHprLG2x~x=Vm=oixb)vu0%&VX;M9B$ezs#C9%VGN{Ul*{!64k9uk1Xb%ws+I0
zuL|1AGI=tn+-b$B4|)_Ro8P;JXH`<YL+bSoMJGfGa@Of=J$IPD-z*Jn_3I=kVh{G9
z(ABG6gbzDSN=iD|DK$}s;vtXMRXuyB=fhIb6)Aj2!3rV4xOUj=)vU0{*&VHWBxVGa
z)I>GOCY?6PS_?zyK6=zkoe$^oK1O{nOP$M6zu-la3YYzQwh{=xhak!yDah}orpc|k
z8emAtd|RDoN{;fBpzQAc5C;e^8`A=7!&fY|b<vNjX==VRt@(U8!y@CT;%LkWq%EeS
zqZwq<X?FXa1S<LU1om5L2uDQT4I0*%=lj!ZB#=_)`c_`&v=5h(n+#qH)=h!zYq=1z
z6;_e-xd;{~Q?i}uuUhIQc}88|i)RuH2)Nsy_`$-$QX@SHc76`m@E$W@Rxi`+ti<Ey
z+r)ZeWn;SwIr-*&y4cFb%S-SIdm4nHy`XZ@#RMd7oNVOJK_9mBm*tg!)~J_liF|Bn
zDO>zSKw2l0?2*au?eOwAb33a3NhMbI+7rNK<m<hPF=r@Pr~4ViG1utYaHD@{V^PuW
zv!(4WVJ_nDNAf8rFE&CBwbh%SIQ_WATcFj8Kb?uUE8u6)0S+eep_8j<xvjK7K{(<_
zd8)smR1o==lWVokl6G_R;?n%dwpX7AEXngza9-Dn``K$o++_f@0^Hm4)tFR&qgaLL
zcJtjgefZlhmM8jGdU17;SiV+(MpfV9E=7WBHd_PON5uC%0Fr`|p1R{2^VT0<i0<*(
zA>u21HCkpK!nkj})+AA?5_b2@BlH(P!%|mbTDp;}q5J^a#ypP+5e-=(+6UTskk}@A
z`XJ{ut&YP$<dcRy>{|DMTt+-s3A}XHZ*`{;4ZD%}nqlIbZJS^osjgHgeCGiwy=hXL
zz%T{5RzKn{HIADjoL1NG6a({0EKJLVG0jnNx7so4!ybJ~()Wwh@@)a71XaOndx7Ko
z_gm3I=U0H;pvJwhC7y5i&(0T{5@k>|H8n=nnqZgEbp1Ah)G5-BP4z#9Dcia@{7++5
zcjCKXaDF;8pABUQF4U&@AKds+>Qj8ftNvA9t8<=$?bdRiKhrfD$VMQ{wg*~_1}V?X
zjJuxV1YzufcxZuA7N;azKi7dLzq#JlxWd~sY3tkyr+0UbUh56}rN<zWx$N2<;k`g4
zUjk1K{jPlsCm7~0cdgTAt)DNbbLxR!PsMr1V|-|~uMZvHZk99<|3t2^Iu{WCo7x;u
z%ijJ%ac&K#1wybmg{B}cuMD7#jf;DGK~2KL$JfrnfB#(G-nw&o`uh6$Ok|_Q<tl7`
ze*XV3_LgB;tZmyclG5EN5(-F4BOs}iN{4i}bcb|<ba!`mNH<7#N_Tg>C$4+l&$r&^
z-PZQa58=9;8D`GdkKT{Yf(LlKi+xme5h0;1Jm5=uAe$1`(ODbC76+uhxD2XT1Ozu-
zN3pb~y6Ao^!VDaTT6U<ooG|z>l$;VL0hX{Luof08rY0iVGGDMgm6f7|3kF_geF^CA
zff3GZyvr=yn{Hc;JVWxR&o+8_;BPA<10Ta+1vpAZ`t)pUE8t*BP*G6sZg$r_l*0w~
z;NXiUPnZtZ<uU8)=Sr5Y&QGEi>tU%fq8IzO&9rMW!y}+;6Glh<Af7>ddytV7;D`9@
zfCpdvePI9Rm&XUdqy~P6dHM|fpD+JEKbRoCflp6oK>hhv@<0Cv4}Ly^<3At&`@^T}
z=9|0ih5o|3ugF1X*2vah7Z_%_lP`~~z5nF)B>p?{<NiVZgMT9b3-P~^KQ{yd;-@T{
zab9KvY2C9OEDeaM4uZJf{?zY8L!(QKP1sKRvg9kXv8wzMx=du(e`gejNNuLcS#OJ>
z7G#m+!VkB<_v<psYp{Dq!shiPub%nu%{z>4Wd88~URZcGw7~5)U&@;l9v=0+IG=7;
zqk=yu-|`BccFJ^~gLy;#$G(Sdi9VK1aN`vHsm>P`a(NeX_LmQqiH(OH>J+Zzrb`y(
z5cdkdG-i12UVW2&9!!i>JW0&hKQyFPCRkCK`C&OwClYe?lr0}7mvcRzYa>7fS+n;+
zM#+bF9d=Qdi-a<P6*A*0<wGka9b&G@wr0(`^g$~2C`tL|smL+54pw0|xjR|&)(`$x
zHC-6&(bxi=CfisFu~|JU(UJC<8LP-z<w;sP|HG0O%WDOowK^XW+hWXBZHg+%gq3$I
zHk%PHwff4j$DpIvxfW<fU0Gc%!1`A3G%#CNFNRTB6?0py7inocUS{R(j8&ZFCiAd}
z0^}WZ=ESqy$f@$zN}Mur*H)1+?q@e)g<YjY@`|=&L5{5<x&%!U8AnG^f|<bq-i0C8
znlLs@hMmOW<>YXg)gOs)qQmA9lpAc~!lPru4;Yy1wYWBXv1~djkvePkAA84A_)aYR
zVv!jX*-f@-Y4NL9(Q$A=q^A2&as<({b=t<@_7~Am0~?xu$D6rHjOSj#D)Q7+RA%#y
z2xuRyYd!-f$gq<)Sx9c|XAzOEd}Q&i#93Jg2GEn?u=$paf5B&vHfIZFQ?)QZdvyHk
zY*(>P1+B`gL1A<`mAs*(sjINAqah~*HoAL2d`zrl@bExLmX1(XwlD=H+!rf&CW}@Y
zqrO2&8;&tdyuHWeR+r_huwU*sUGX;}dQSSgMRV-WDo<w6rP0l0R0Iwe8mzXT>U2$Y
zZ5)K<lr&1!t&D#MCro(=LS8j-`>co^dIVPN*U6wk8hm+`c~UNrT8N07v^O+YU#rT<
z#Daxa7ENS(NzINxNNw1#=0q`JCXFgv8bEShEelg&QKFk~<s95mmMILUiV`Qhy7Z{j
zFa}yM>e{iL7U=1bnLJPUG=&|Wlw_f(R-9M&;??-0*Etg=%gd2>4ZS)T4OL|oO?5R1
z$R03YO;fImbk0L1AV#;hdO7EI3kPA=B%r*QGz-K^ea@f9WF5=bOio4pXk5YkR>fX0
z%~MbC8>J>fYSmZS3=g&m5$jJ1Dhi^AI#Md)g2q-&)uxGlQn9PoM4A~CK_wK!(xJ66
zdyIa(8+}V>1hL90k0(e3(;s(;Y{m!RokEaZ>Mh2{c7{+|Tb>CG6)95g)-6yR|J>eF
zjb1bD>g65?clT||xK7SDYux=Naq?_q<?_}OLc#6fnp)i%My<94?gVAGjdzhLS&~6r
zb1AZy;Wa~%CX~}vxH06|uDdgN?%;~7{5L)AZzAuCnlnl(op;oWmGIQEzt~^xID4JX
z1lH4Z!Clh$<r9AJ6EpiVhKU<BZ({NyE1SW!<1Do~E3&Mr@c5%rpp|mj@q3?k9MCc9
zi3}1CZ`q-|YghL+ZIESU-F;{A<L#=gKcZx3|F_|A0VSoGp?eh&46!|&!yqMX*^L=Q
z6Z;Ur-`a5L&RA)M+T*veu|Xn#mz9@i`1o+|&fnG5wfy1hR~~ZmRn}vVQ+oL+**tT)
zVm&<t`7DKBWBoLv5Cs9^G6CWrygNIHe&!d(o(&jSI_l7HCVoJ8K>;V+eWSBZ0S)W4
zgTGZ-wVV`2bP$irkj&0H#bUf2Lw_mDLYt5G*3pL3M;iM~T3Pp_gRX^=@R!#`rJ0SX
znT4sfbS=JP_h&OQ4CW885V*J-JA^x297#2tru)k}CHkr2QXf5xP#9BdIn1{hx=(+q
zN)4fiQ29U$6hhc7X??8W7aQ|WJ!#Kjv0gw>#W1FzgD=p1_vtoFTP84%a$<ax0Gm6&
zPqU52;YsID{deTY`-A-Z|3rSO$G?$(cNGGnMR!z<R;Lm2_qF|i^+w^~a>Vy)DR~ot
zNVimmUm)(Op(ylCNXJ0d+Fs(T&Q}3z$QNv{Ilq4(&&;HX82b=;Ha>r6G7bF~@H4$-
zIX^ki(~^f^C9WywNY8LsF3n8-v635l*80f>Q+p9KOY4HvIdqebRfasj!nx<jZLLW_
ze}=&|tK!hfKx189!*9erozdPoC;P0xb>1A|a=CopXhKdV{<@-}qN=F~J~qEBSxG@q
zUtU30E;=d-C(z(}pDmcrn#Luzq?}bXu=7nsXRrV_ceW-DT@U#I8r{J_N_x8z`*~8R
zEOeehRpJy|dxt8{T1xP9W9&v^PZk)S{;R8<&OqGz`+Ke!*lUc7Ga^29O*JaKF&G~g
zK?-he6;V-9(7#zg0Mgag+FF8J-9pU;GcG)7Y-F&v$S82w7@^-Rs7Dh$Kp6plpZHy3
zkO_^@x6|6(v@F|;`PZ#dtpX>^s%`BGn*t%-opsZSJ#`MV{9CJf$ScBAm}oQxd)LAr
z*GfUHy_6C2jTQk8^98*=wh!_*)sJd43=9m6jK3yq!U-dG*S+#8EBb#W6DNkew{KnN
z@H*LP=sqK7U_h0Gde%5_RtD0|h`F<&G^~VFo(V|4ad^&JxkfhMYz(y=RyyqiqS+~K
z_&Z9{6S7o4J^(K+60CNE-#0*jiKeQ%PH{Rg5Q3X%SJwR9OjQt_QSPIXn5KoL>x&l*
zeBa{<QzV1?djh0BB1@9PQc}TmQQvfS-HLSEiwZeH!*c5Db*AuIwT&D*i*hgKARVaD
z1N=;~PL@z}Iyv+A#dRabk{a6F-y2p|BCV;YnPB-95*(bH9Wz2JMr%m<x%<m23RRbV
zt4-7I&3nYd3GsyR-!9+$utt>9SAvVKrC=QP8k<P6{9ZNS5`dcW0fQxYF%zd&qR+}Z
zXj6IJ9a;H@09TpuTI1DCHA7~RTPmu?>lU)h+KCY{M`5#PQQ>i1*(V5j){a?G=Ve31
zwqUhZwjPg=CMxvQ530;@&k(Ebd89Y~DqUvL|CA6**xr}d(UG@kW-G0?O@lv-tUS^t
z@(}`_pDq=J4e{3N46CIDO2XTwS(7d@HnvuNK30N?0rQKttU{aE_m+3iZS_U*2}Ws5
zYVEmRw592dwT+dGZ(ceTHEurqreNxqT}Onm+$^7b?Z^_#D#L^GfoAVn`G-~6$=nB8
z&EIK-3DKeQ+G?fQ0ao9-2pkRvK^oJVOX0jssR`CkMAv4>QhZJnqctaw_wV1gw&R@i
z2?z?dx3xhp|1p9;?O_WrFq8mCkM{6OJ--sN_Gd#G>Fok-o?{hxtmnw@nwrQIdwP1k
zqmC3z-z@z6z+OYPn_du+_M;gBcmF@@H0Lgai^ISKOF6r^-s&`ay}tgIOjc&5PIDpr
zWxe1#agj;p9HQ~e^Ue^W7(Ta^AfWP;motA=W@csv4lanz2&w0#VU5#sbF@1jW1^$!
zl}_H6lv{7xZEtU*0o#C1?F^aj@EsY_bBdC3T!fV-U%SYd7~tR(lyGsmUt7~5BqZd|
z0GXc6C~DspJE`<UCI%YYw6x@<tmUO7MC7q3UwS0sL<^vNB!}tjycOzp6z#MZ5vup~
zZh-au`uw@|$q8@54{UQY&AnxfskXLTXGSXeo%A^vgM=VijZ#vogW;`dzaNNXxa^y$
z{11y0=ckwD<<&f<PGX{mAM6!BYr0BF;ZVMO#|l)|xa4^8K{ARiqg|sUF00XvvyUn&
z?+L^LQR|c7=~Z)<tK?h7uVurv-!4oyC{7je&rzy(e$O{a$<T;#>7jBNE*pPy17EP-
z=(&2GAUHa^ah1^wXLqpJm!92;sg*X};&QoB#LeD?b$32z&ajH1m3tjm3jd^WxQcu`
zmBTN}{2?crompGU1r<+|_bRAcfkRu0uJ8%@EB+n%@&6$I-anC_uHtXxZy|+%z<~2J
zGB)%=q<h`;Evm4aYw&}+*Uc==XF*jP?ROCqies~1L*HeuAxbeKxg&qa)S%usrJH_n
zG=VxN>vPbZGLc_kAc@Rcs`3Fs#KI%$be=jVOzIo7A?ze%XZBjL+|dutq&(L$jiPir
z+xOl-&wFwkJ?Jp_;#hb3`^gj;6xD*aVM27b_;>OpiB@BXEXTNUxuaM-B1-JJBfAJq
zS$A~9K#SJpO<EqcpBn4?b2VkYRG=xJsi`STtHRfK??i?-y`Ln4j#1B!k1SzY1)K$}
z-@iw>@aPrBrFH@DfGkIbiTsB3nbbks5pyuWUwJjEfb8%aJ>RI%yYky3c~e37^_Na|
zA53JY9)wr?V#8N>#Z`nM!Xq}L&O<-a5dXN^Nl9_N>x8S`9BRD3nB(xhp<`r#VBx0l
zswgkF-J6LG3oBJ{M&ut-PFn|T_H&odzr4bF?X6lWBIWSO*0y>pc`!LS`OxL+5@2u5
zq9fww^6AWzO2VsYvsYOpCuwSdz!@7!5GjE~L2*lscDIV*UdSWZuIeE`4-Lx=2hDYJ
z&24`>?cg|5Uz?ns*<E0qUt7;1sOx)b3DfpH-`01U<oT32`XYI`%k6<`!^OcujoV{d
zyKkYX)Q5htr0S{}+UCPGL*p`+TmDHldBJ0LGX(ezZ5@v1G@=X)H8T2z@cvA~-s6dT
z)(CMQBm$@@I<mu_Lnu3p4^+ygM~pd$igJr!FGcY2zc0HA>xZQzwbV1SuxO4@PtT2B
za;<n3Rbg09@8FXxydzb|Tpg!{L-8WG6niw;cJX7Cgrk+rer81RH=FrBNbAW1S!?I3
z<z<KqpJiya@sUd%MlRlgi@Vn*bKCU-_DcvIZ=+%{pZ94NZo=(Y<d&~MYRfC2^^D7v
zCquwjmJ295pf{ys4JjjMVC36yOnuIQB3|LMBb$cqbC@P_e`Y(;mS6IUK}tg6Yq?}m
zyi`GUOsnHJ<Sm%qpY_JsS+9eU6`(kMb<8G^W>Rsm7`+b}tl;b{PK_wk_wQ)cg9m7v
z(E_Is6VZFp#gyTT3VV9_;M<snpGz@tT<3!%aF8wjlQScEQW8lal;mC8B5ilC0taw9
z_BGfY+P0M6-Q8`k(;|If?CExVpN8~ZqBx(Z@47tPqYaX#k|@pDQ@7TUH8fYyc)VvC
ztyD--5ato4PNPwxgle7k7YY8Ccih-;xTdCvug4-zY=@Kyvf+Y@bWHar#wAf>Q^L93
z-ped}ZR=2WJl~*He>}S0RChZY(LV%vxvQk2O+On8G1U<50`j|DArd^9xtAB`t@vZb
zvS{-6277wKA_<i%ZkH$L=jYw%@4Nc@ciTgktZZx+nw;1l*l+c^5r-P^ioa=V-~VDv
zx$1DA=4gpkT*}2u$u&6ad39L&e0cfuWhz=ts>YN%KPVjubbW^Fe4pszoK#skQE5}T
z`aAt-m;~P5^BCJ;N{xx>SpDMT9xmT23;vVT%*r(jWAU(c_&{xHI=T?js?xW7jsx>|
zv7BAnuFc7Ji^QK_{tW)AAm|I_C01Aa3in{?1@>q0z|$2RJ=w8kwr*6OmoPTn2(Lr0
zA`?$W+wSJ+AlNXNMkc8D+`nJaY^R}58Lu}+lh~?|Z`0`Fppl3}AAWxJzSGOCmY`#}
zk4*iW4c%*oR2G8)f}2ba12lZL@5q{`V7ZYUYa7upQKOA-Wc05X5fDi+b2=q?D1hRw
z$e-?t-;~p$eNPctdB<-*-~OKAj678w#;$coUg2qzQcfV$@Gb0`wQ;h^FQ8dAdN%LT
zma;JGrTQW)*3hB$Vk)xoa1v3Tg9Nbh9&JoOJF_yET&>d{oT1+#3_lznVZ-u45;9x_
z^(wHe376iYXk&0FeeMz%d1m*_hg|Us?4>=;Yxn@-=V^D}sVFM(C*DRr6AzLMKGN<5
z!nvuf{R#PN{vG)V{viMEKarnV|8L~4j0IVpWa$2qtilIsu3c))BCOtK$-F)!ys!h1
z?5GSbsOBz;-!8{(EG8aKZa>u}9Q9Km4)hzPtv59_aXI>KTh}*aJoB2Z_jPo1th7Oq
zmzS^S#sfVX4U7&h&+b~pQUuZ(&7LIpXI}m6oYj=0fP!T*zErF`7}j|X=@W$CHWm`8
zo}<ibkrd4*(X@NbK1Nth#m@$f6x~z!)n&Fr+)cG*5YzHditPF6_O7+LC}H~Gv@9XN
zhoRwMi+&LEu!KTD;D>xAk!lOo;>=l8kT*IyS?hE;^i$*U_jmYlxE(j1%()u#R;tpK
zw`wmc7?21{Q6jQ^2zvB;ng~R6<;`A14)6<=A{o2CDut7Fw(0qXzRQOSH$xZXq*;S(
zgY;YzpId2O)QjcqbFYQT(FsmDli%bx(F*Qwor*@EmGP%<yncBt=H9r9z{ZE(zp60S
zuP|23bZtb{xXii8#4v6Vm#LBai3EWNA<l0wQed#x-G`)7GfED-OcQ&IpZ9dI{|tdz
zy=bmEo(Y=d#*D-<2vUI^RaF61RirtvAR#0$fsKxT%lZB3uA58Of)E6i(g!u*5M3Zb
zg0QR%A%b2W;j)DI+&!q4B9dWfwC~G`1`HvWlWX63$*cXAco+u7OOE7NyzfXY0wIQ5
z!j@=kzaY;7BnV1dQp<u^LF=M%!QWgl@joQ|0t17C0{w#mkdRT45s=}Zqnw~3oFO6{
z!NA<yBE5mW@rJ%_ZyEWb34c8Dt@~NmQB+L@72PfwZLM}}+Wb|EKIJ*mRe|RqhRGH)
zmRQKpW|~PWY7^LIt-VlJC1G_K7di;cVcadP1-nOlVLVYUw&vp~HK<DkrwR9n1WX37
z3%f;Hh8?Jmq7*Q#DJ3aO^eP{X26n$aJH;NlHS^Fn`rM{*C<c+v|2#bkTg&C-^OG9(
zI`0+#$G}s1MMkx31&-^0Q=^kye^VW2baeD*qZMI|8cWcLAU~FmIXpBkSZ@Xq)F_PJ
zjY4kFW;(pMbN2RnI^L>#T_G5nd0#z6YT*r608QZNJi;+HI2U8I4Re(?vkrTe7BqyX
z$n>V}Q21a)3;uaJ5I^zr@>8)C%^Wjt#`#mY1OMTjkidVA`1D$5Z~aL~ou054f`H4P
zS;yXFs9_}Re;rg4kK})y0M1N6ae`{%^ZWB$;K^J9R^n1Li!DOU1%G#gD>r^@)b}{M
zAS0aCNkJ~LwTuSk_s@*SI<s!(VbI+_JyS``h5|mfaT~(vbrk0*?O<+wVmp%PpErFw
z7O$?mS7_*3*5@q2l25<M*p9CL0vv;tf3AsFFJvYi19#*c`1aQuvJ_p*bq&RD;1&#Y
zzs=aOL}4NNGc2PL#;#Fi71^)L#mp6qZQbQdhu~ay+-QTU6LAfbBZ!hub?z<=q?-c*
z{qHss%y~iZhBaa)T$gsy^>!cV^6_y56$Hk5EcaFq!7rYMwaC!<yK%E@cST`rUKv8C
zD%Y4&CZoioUYtznknaMqWQjvOVk~r4s(Iy0c|BRL0X>xA5C#eqlxF2JEn!*N$aVh+
z7ti68X8Y^g!^elqmPhB~xx>(u#@e~dvklMI-Ah>dg`M5{i!gyhwQA>1PdHQ)6O+bw
z3*ZqH{hsEAMH7!eQo+Id%4n9wR|$>SY0vlVCrY?=hK3%h10&K)+p6Xv!-G8&>E{nz
zRox+@yBdj=QY_B!O-xR<(%gtM9vulQ+9wkrrO)7Pe01>(riQ(fBHq-(CAEj+)JLV;
ziQDzT7Cre(3Y-ckW`f~P*#lW#S4FY<l9I#uIxDL-g|UgBLQkut*g|bkkyUja`#}{S
zZyPM{+}zjr3HSpJx=h^ObsE=+)_O85E6<;hf8pPepYRXz@B9<_ISBtoer84ph?$FS
ziQP~A&KEvO=x&2!dr7)$pTGHCze={gH;_?}CsggCm$L=$$Ia>4(b}y5isD{i_~#SM
zj-S+Xqo(jU9iJRW;HplM$X0&s&)tFVH{>N%s1h7$8(+1zv9WP;Ye`BXUZn*);0@C6
z0b=#nH2qfe=Q!B7C~pRA{=5%p$s(_SXLho`PFJx}N*s)iF(ewz)W@v0`IaUAL<b5G
zq4Nh^%k?+d*)6<Wh3~7b)#{%4xWBiCgaJpY{?7TTG&8fKtxaoe(o|A)>IOE2kHCJ?
zb)C0pouDqgKT5Ged_v4*>6y8?IddEjBcq17dFT}am~O;&4y!>0%B)Vm5~|N;1Fr+x
zC!>$v6{e;@4NhV>hc;~(vIWmz%xQhG9v+K%Dbj2xyi-0A@^xmeJvnK7NO^;7Wu-tg
zlti`OIuB$j@bS6*-Y5#*6TiGku2y&XJa13w(KqY1R#_cFAK3ZS(g&2n!NI{DpH7Sq
zv;G;7!CVV8^}zt>4O%y=H0GK&5|`K%1#YU0^Ro*hL2h%eC*MP6a%K&5zd9C`chkGV
zh6z<0@e$RTC_OYd-yRG1#Uw>pEl|RdYSv<o6C(d1M1Fm9lW$~zJz~V=<`OG)_=CM{
zYIGF%srvA$Jv=}FHJO8hBWShY$4g<(m&MOI6adyZ4F<EgT^Y%K<Q|JxV{onzvlG-`
z7gd#88rO4MK)aNy+pV$P={Gj`9fEPFQ86wX#do#r`3dyzo1YmQvwVJ+9k=j>diPOj
z1o<&&PM_WyF>3MhGXJwJIqh-R-nP-L>$GFT_12Vt^SLrSs`~l)IS7YfVPj+C;tFo<
z?a`Iw3iOuzdbdK+tWHi%ol{;OE|sGoCkKqWcP=;963ql-x8v^-kFl9`di2IQFi)b&
zemumM5VhSL_Z1x5cG5n(G8)>&`rc{25eE4Io*sAiB!Y|f%)AUc{-n8(!hFk+fsmm&
z?fYW#LId7JC6M?~E(?aeOs-?j-_uv5sk-;Xk6J1jR`a#4ix_8q4o?$TX%i7MeNnzC
zt&G$`@OS5X=U1Xe3nm)$s2&=Ug7s|GVKz24egXP})>xgZ-~V<bE6&cQ!U>$1pGQKP
z92q&@o2mGCZG<HsY-B}A)!}@9t^hbHG(V@3vd2ef->8^3bv6Le@r3eUeoOR#bUu?@
zXwg>eLi~z3&D9;nC4SM5!kU>H$VYO9O8&{sC}cPag1|?2bf77FoSU6bgoE)M5v`3G
z=e@kh4JcAZJUZQYqw3JF7MP)z;(P*cSCiptiA(-cfcJJ!=CiEMt4jtOn+dx`hs{`T
zPW7k}`#2V5RXHJZ8~u0Ugbod30T*dG`}kN%QuQBLuRYB!rv1(*6x5@lu!3T=8@og9
z5q-Zc4n?z<P)S*78`rsxhlcYWims)spcJOF>d-*DO-#p#)M_rzS2U+FOe9t^)eTq;
zjPGn2phv7mz+2RFiPkPU3=<#5`_%7H2I5{?SG5iw3{46Ly5dDCC+0vI?f@%1l$5Wy
zxHyEky0*6V>dGDl#=8RdUcN|`6d(U185%H@!y_X6g|zhaHUe=Oh=_@=U3fW8G8t6s
zq3O>Hkw6lgOZWZMSUU`T)bZ$FTbo5Eu{RmjwwnF1Q8HGgqm{WZF13-^Tp@p_FNWSq
z1YsFLz)?<Dn6fBbtrh!@s6y0O_T${dNV(J0(62BEpzQ@h&_R39#MW4^zi|Sx#BN2s
zuzcgb_f3u4)r$JGSzQ(99X2{icv9TOiZAJr9KK}O@YnOw-wpVI2R6nQu?WIKuRkH;
zC+*)5s2~l$%Bx`y;SSp#WM5h<5~}t6>9iMnVpY+6w;FhCl+H9ZaF9FkTt&d7LYMbL
zr35Bh;N0xA7*yYA;Mat4i~OtR9BzG;n|&FtiwF@Wf!|s3va(Oezw+<MPxJ@*xBrR!
z?}q;%KOV#_x+Mezw90guHun_wVcl<4sI<mJBpqJ5S~Y9s%dyZ5>A+KKGD%gA>m5+Y
z3)Flfl+Ba%evl<tR$X0faiUhHrz$Gi{a1Cb#p%W%(5{z&<qOJxrKF^s&((tijy6i~
zhf6IUi7|^g{7QiS!`9x_%JdL0p;!T$oxSoVOI+T?jyS=Fz%IoUk;%X@z+P8;PLmTA
z+^vu?NzozN-X|-K!46rf4wrC#F=u`nUEHW!5?TXCG_oT{OSqHo;AXkdDnD(e`Mp7<
z5DwMNJ0zmSaaPMIwm+E<0l#tkWOdQscj30ADgZlY&w`a@aw%(WY=&*o2lG<>nB?}0
zRmA0z8!5TOXUyO@J@GcFC7Sc>*6~KT5L3@_KPpV6$6+Gr$dD{EL)S#~hl0k-byeih
z(MW;jVx#nsxbcCr@gKQJ<Lrx1W2Y(Nm_MDYdNftD<cf*0$467e@d<8pob|POky?|Z
zhDK^y+II=6oUE)buOiRRtbte@ff7q`xqs&`1iA<f;j__1fegT#+rt)aZtl~51@oqJ
zoQ!y%H-g-d(@tx;Jgt=9|41wrBO>SDbGt@c+;#y19EJ|ui^WJtHln=H(AztPEU^;<
z1h8}(p)kO%0CnX2RC+#*PIz*%)m3jz=Biog*`yWi#hp|zab9rIAid4+)^041VYv%3
zJk1V%a8+yM6TMJx<$d{5Ktr=pfJ9&Stp)F8b<PE2bhACy*``L%SVH}<S>B~8hFb@E
z(^y$XnE>^>vs?IT*0;Z)b~NM_f;b-nE~l3qHi;n;D#zF0Lv#n;CUnEYu^F+UX389p
zP%o8fTy#b+Ayo9v3bznOxOR7WzZ7!AJCLT?jLTzJla>rZ_JnjU(^X_-Wg<A754L0T
z_F~)GHfnz#>?{?0Wfbl0TLKFQ2ZpFWZ4f$`+CW@RzP`40kC08#Ke!)sTFEOaGBq=M
z0I4+eUu%Cds2dvPHi6vS>0vAk&5?A{TGjasHqxs9qVK@MttSA4b7ULj;ByFB`_)iK
z-rVBs@E^$th+lqy5(|Vxg_pJufNCX(sH}a#d7vEEWK1OOW;UP6O>2a_&4Z7aZLe%R
z*88p_^v#iul)0#;-Ff=vrK<Xc1L{|47h9R%y*6=kZxTqYO&fcakB<UADz$ZE>I`)p
zqMnd6<Og7o;h2ErtBF#Cs<xQ=sQwz1wY5bnviZr3#hQ}s(7^_~*3G_yT0-Scc8@iv
zmYppVB8EKi7&`hlL*3Du&ln9Gt=Jc5tZgiObnR*a8}pL-V1hbgj*ccGs6WvI$|eqz
zm!cIQ%Mx@+DVy25xVQ+>{QZsNDY(m^K4^Ud^nO7f6Q3ZK9OsGoHY4pCngSXr@$c7M
z3MH8OQs(-G?Aq56D%5ahGmE>CM78;MXFjX<#Yt0ylk>VIjRSW(t|fXF147QM35Ewd
zTAbn7=f4#c76P*_y@eM)AGO>Bc1M}g$9O5;W4&zqv>lZu!)Nz9X%L|QSWaOKgSroL
zJz>-=C*R29J0Jr-rSO^>82s!iv+^z19@EUq%*@Qr4)=Wn4iL>^ONlKJVJpd|z5feI
z1iRv7njvd<_IA)rTu0a+j1nFC6`F{ZAQW6$;uj7k>lZ0*N<}wjB%`_&D2pcx>qjc@
zM8@ohZm8|JG6S@l6YJK3`#$nezm3{pAiQ$0^pzarSMFi`C_1z=?-XM3Cb}C#2uA#8
zhjDGM)9D~PJ0LnQEXHH;-MkZee6nej>nztZL_=?GZc0mAS{{#ocSAuzd3t(&O6GZX
z=J;@T4Fr`dVKsP5UZ;yaK&+Je_#ch4<QYi(dv(M*yyiS^A2&8PxL0_$C6X{bp|?G`
zI(%T)hoq)JawS(@Ve*Ax|5jx%kY2&Xy6z@WozO0ls@PHT3HcQc{<Xi0^Aqx~zXQns
z&;Bmo$r_&ey9{0Y)!)V7@L%uZ^5-r*|NAb2o=<lvr2p$K$VdO$C5GgW6x#f!6cY6O
z+y1b~16{@j<V>wre)vV9c*Dh$>TfLAnc07cM!jjQuCqt6vX}b$XlEqd93B$^lt)Um
z=e_N0<se7SA?l(}gOh@ygI_%~7K<-o8<@99_~rP_Ly0GHg4!;|Du{I7^o133<8vPa
zBn=oIb0eCo9|LqBu?Jgs%Y!OW6Y|t8X<C|lZ_4RUn+mEP_cDv}K5);s<!jfl+1gYN
zpoB;{3ak`X)v$9#Og!*8sY9v?mlYvXyg<hcM-#w<^a_IxOMOM=1%u#0rYY?s`XSa=
z2+hww)#KAwvQ_(bG6MPxvZHpy?_|7j4xz6l1fZcQ$)E=ym=UJ>b2lH=j24t#8XEF_
z6Dg>5+>A>qc4QR}fuvQKPyl)_s?xlM%TVRo`S4I59wH*p+Z}hh3sa;XzTM>frkt$k
zC=pXcx}Ipgcj^lHSW2P(Mpd!x0<(o2?RlqHMOJr7_|gZWw-ju)pC#I2N7m!izkBHr
zUy&PIEpNLFtKI7Md~)I@?s?AH#IokB_p8n&)cm?(xI~nYSaC^Xs;hU2bT-Cj?We!C
zD8H(hyOzI+i2nEA--TK+J~wA9kt#NCk11@xhNzFyvsh8fPqf2by1H>-UULL6zfyus
z47-wp4}8&LY4PQxK$_jh%WLfiR#yq*FqSIaae*bJrK`=_(L+-M+y2AB#QiSRWe(iF
zI<Bp)dEh*$GU?K!<7K?QRcO_0d8y+@vH4eD^;UP%P*To^_7&0)60c)2SvY1p{e#=3
zfu={#PnkbFor#3;BZUb4)!%8I^c)q0FOGr4r4uiNA<qnn!7@soxWGiH1B=z^%hXR~
z)K1medty$Sn|(eixNxp9$~I%pONY`f)eLU&swkF8OK_S{emH)ZwKxsYFf=gl1vS?4
zNGmj`?|HAD_h+=0h%F#Jd4nRPt2d@GFi&wW@wA@_e=jAS!c%yCo$|SV66T{az4*vV
zN6C{9CP1Zcl1N2My1G_OsWL9QU)q}Em=;_fz8YQ5+8rGm`KDMJ$25Dr9E(`$E&%v?
zGHbI;z#~)X1{OpLCm7bz3Hw^Pu1B`?M#g^r3EV!BFJ4<&nS7Mm&>iB`?bic;N;=x$
zDhl(FN=ECI4SP5^B{p(2nE`&CAPbNei^|^RkI%3^d9%RL`;shCJ&LV}>Mw>Nd+X0T
zF(Xfp`OgC>Yuqi5;>jHZ4hz;5iS3HeoP-!S)B`J5xmiA0j3<sDezID$$WRU_W9G+E
zY3vr7S@F-N>6JT_ijX!DR_`CI>A&`+(CZ?7=P&g|@Mh2DetXw9fa;;_Do4{IF8_)<
z^yixzfd!!lYh8=iZuOB&z@>KK6+ynLK+#DvF1hwe0Vn1pM;u>JKtSu0pZbr;pwH|-
z_*9ktx+y%o|2wAM5)|U;(|N1?qr7)9SJ?jeX=dbZ_2spZe5!qTV2GWxeAJUTY}fK~
zl7*O@$&0xD-zW8yNIhCN%H)LHnfrWrDe6EE=7;64Cwr~xmaiv8*wy$WaqHkfjfRC0
z{NZA}lY-i5yom^+unZoBwvr>8gT0nx>oT_Ythjk5^zu+22K)?q70b5{gUQKD-@bhg
z|M7Z`I?GI73H=A3($Cu)`Td0k{mCCtY;WgCUh6vgy}s{t-rC%~Z4EM{lxg_rN_qSw
zOp;Z(#TJ6WsC*4Lf3S7#9K9avB^`?9Xjz4gtoQvG>sQ}9JPatp^pbfjth=ivn;dN!
zY`FUadSaFZ;Vy(kTgF@5)FWp5sB<u`BUowP?LW#D?Z_}oz2a(d)Zy{~8}i5MhQe<(
zC!4-C_F)>I$2J&sSZG;KI_21%4l2A8+GM?$<;KRw#rxr2m)pjmj!ggFy<b!PG2?~!
zUQLgU!}>9fPg02P-;tm65AtvP6Zt=~|Bd`)BoGi&JX+*C*|0BOm`jO0luXcuK7NbU
zH}Vvkap7Uo`Igwwz&*O8Q|PklPi1CicDMC%DauFusQ7V4zRA(OhY+)?W#jO0m|=fM
zZTr6E2L}7Eu`w2lHjXUUH3=8HfHk3ogRy+e*CQtdHrvJ=Ez+<F`8G7v26M&8QXlOT
z_P$2(t;0TTs{kza7OrTUSC#KQU;1923Idy^9SH&+KJT!DN^w;I@!?^;3wb;CSTS9>
z%4qL%yHA>;KU?7^#A2D8@rDg_%rESwb2m$6P;fjmbfewfn_y<jB}~J%PG}?b?V#Aq
zu#Qs>8(ns~>54CY9E!D5;w8WL3T!-{)>b=GyBMaH)lZrT!uka@p_?fA*pw!sk^1M!
z<<_~<?_JQW&+fMmEp8o3KYGYq=CX0D6AV}vPo{LTw}SmX9RVit%GrE}yWJOc#g}pO
z(fR~#fX(^DP7D*EElZA@EM=`Jf2TmCBN%Ee`~CyFCB3WL+tZNGFz~xC&tl3+uhrjt
zmbf0CtXNN_eWThk>iBZqJcZ|cJVKIy{pR6Ua|M+MLO(vASx`+4d$Z-cdg>k96tSoR
z|BIWbzJflDF=VNcFAK|&28?5M%5FGI(Be<KmI7>e+O)x=f|O6hh=|6y^J;I@-jdGI
zQY218i{FVw{$wL<5a9h0&hbTPVZ1>hbYG>V-ICF1GN-v&PAQx1gR`@9smi0%4v%Tc
z`=6MVQzaz(#gPoHzNiQLGcO%~x}8PXL#eA&+v^SO4Tss<*$vNMw$OANVS>my;bczH
zeTf{8=%tY9<@QCqxc`fmRYTL=NU2{W6R<fQe0p38$=`1NdQPFcd=Epg;Ctq0+<tGv
zoVMi3KbN@5*Ah1Lkhz+OpP&^G*r~AHHo_z(FI$kTkmfZ-!|-Tg<Go&ZKT8(J_`phc
z;JFIBQ#`JCM#vtJt5}xaTkH%i^zhi4FXy7>S~rC%iW<<^I{GHrfj|OD9S$|%{NyA*
zweC?Y3J>p;bjy4CJCuFMfqyvDLHUAavbv#4j<v@Hm}TV6pXo=mMV3HXNTZ{-%r-dr
zetfMk++sO1(R%KkJoSHp=N0zH-sd)$*JDwgS$EsgU0_vDV*)&-eEI(iPhYqSOEdp3
zME-x?H0P9-<<p>LeQ8~;Y(5nTZ2ez&o!DRUmxMrjj-A+7LL}T3$D$9&SXuOk5&@*#
zULKNi+tN`{!CvprR;d8Dy_wko@WUU)#l}u&h@uLbl1I?R1rW?t8iMT3wqY@GaYSU~
zch+0Knw&0CNO%Camzync`NOuKQ0@QVes8P~f{d1ymaeW3U<Vw>MMioNt#x;Ho*ynf
z-d&$^tOLz^WMrg2h9PEJd-!@IEniAUZLZohhEB<Hr42?;1cYfoTAJw=Zf9(ds{HvJ
z{b3|}=7h}RoneD2Rq%J}-KmlmjaH8Wg%UunWw+GqQqp)5P)?B;78P~ghR6_v$JA!q
zRR1f);!AUdRxet9fRI&EFJ~s;b9qit5M`N~fxZZ+&{jEplB#t3qq~9$Q@HJhbg*g8
z04v&f?iV~r1Kj+co}R7wx{5eVNdc?@pZCSaEw5aKe%;7G7aUWSFRjh?{q7jm033Ap
zLrL6GoZPm1_6K#FbV~Ga2}n_#^qnQJC`7UG@kWY!peyUq$q6%^p5Y5^6PW})!%+%0
z?4t}~ZriUduJ0Jal9NN~WYa~})U<Ml01)mw@0E2wTo1dQKz>ljlZJr@4sr<?o=4#3
ziM=0~(;j^quc2Q&K5lovNexnw@6+)x>-wLNKltB~pX?9vum2PIrFQ>D{?#f7h<w+%
z^+131C>1y6So0XbY!8Q;%x<2n*()AHFIS{I@%Nz0k+K<2?g4}T0r2n@#p~D<YyV0T
zYzCP(RFd%;X_d;ar{H}(U$0;qM!!C!6Dj`LDj}cdos+X!q*7CPJuM><$4vR^)$=mn
zg~7v?$DtD@1Rqq=gWta~@$fi|C+P|nC=m2an|rGyAXVKU5pn5-DrJkm;&*`Jo6h_l
zsYH(NrdSsi*>h*+7YY8P9}|1voSdB-Y4DD)BL|L4<WzQX)(TY{*vQF2EcPWcGe*a!
zMYMgLE$KUiXLTks<=K)6>6}$Y6Y-3i9_9Mq`5x~ub!_&g%a$j6W&?&w*i2_-Ys^%u
zd5$w&U0tV2)Hij%RRS4<@$TdVgIo9)*ZZlV_nxqt{McAnsXV+tNSJk=pD@)&U1+od
zQ;1bNlyWn{H=j%J6i*%uS&<4m;f*j8m1T_FeRV%BW(!TtgAU^oeMFz}WTF2CUbGOt
z{i1D?@)lUEyck<CVo@}jC#~^SdV>UYCm@vyB(V?#y85CJm%1<3TC``%$!~Iv5P7U)
z$ikVHeR(Yis#J5NlEQul1ikH#w4U4;OaR%jHoZ}~2yc>sOM%zrW^b`cr7j90`%}sy
z=zTjs|Fx8XBl^uMzqB;Q7S6oodS6tt%Pq~VIHIXdy2j*2!q<L^U+0@3@|EIxvkms|
zQi~fO=wZLs^P_KP*>|!?MZMAfi=j`JEq+%hkJOr{%f;SINz(-Z#*rY{RAKx?<T8du
zJ6LNSot^8Oo1S%pu}m4lfjB3&Wxb#CTC=XA5)ug8u=jAygf5Zs7&WF#HT$}lf42L5
z5;PV5+H-Pp!pLK{KbyscSb?JlFZzPi7RyXdqgp6b(?Ps=jO)G5=3oN5N|jM(|I5MZ
zFM_@(!NI|uba3M36%{KWMb=KxsgP?)Ixtclc@U~JC-+N+Pp@jYSj(#}p@Z`LCEIJQ
zRfYA*6qLYy<~*WBPijia72m=_IyCI{c{w4!uG&{Azc2RZz;-s6DPM;pb=FWsr0ed3
zsYt_gG3sKJ3qGlnV)oUDV`(uS+dl@$M%w41T0@DPcQHyI^@T-5*vuE5TRmVl3VuNf
zS@%W0{=B}ujgO9g3`)_pUWo8UA6DoOmora~kUdwbx80vj97zJmBb^)Qp~SA9HNz-X
z`RiQYz+ek_E~>oK(1?&4VS-r~$cS%|r^G%c;-Or;QK@#PeE{`#r7RpAc$8)5)Acq5
z<=C^fAl&7jb-376ki;pc5s}8+oppt6JK1u7LHOvnKg&8nf;J?os3oeQcZF;5q8*9T
zboTAOk`IxJ_iC+cmbFLE5I|CDYHDqr7h=Z%_Wg)NSA@qces^isI@sI4HJ!EI9?jBN
z(Az6pb3XknN6n6Uo6Wvx4+Yh6Bwh63pQAgL!ZxcbUAGqg9BN}42t9vH>il9uESPjA
z`aXph?Ck7hWIs!Bjtam$YHJD;&bWyAe4a4axQVhwc|V|`+tH?<En=D_@#d}jA~(We
zok0AXvGAcAfHc63qXd?iy6bhP1hyqv&wHMqg3~*p-ii*o8CsnIg?L(?r|<0Nbl#+E
zL_^n!RrGSKpj~6`kKSvdAf&iGI2=h#6gA4vQHGL!NsJ}h!(~tt;&BGtmww+&$ic?(
zE$Lh8u(^&}E5OO`{k5WXm#^AjD|Wi9wqU$Rb(r^RRY3kdYDk;nLa8PcLp2b13r<KJ
zNd0qG#C9G%QXv0(9qF-~)NPAvKaio>FF2Uh{1dvl!H9rb(kPD!JXo?%V6cuXEPo!T
zHIUg*IBVYQ%ydkP-RH@-U)7&^0zf6M?y;{9Ef~lxglW&)+gtH7AYtC|^71k=q7|%p
zz#y7D@)}s0$qv3)ek^HusP84HdP4rJe@Ffoe~^FepU5wp@;CCM4?#dgK{{O?$Z<a7
zM8Qmo3J>>y&|7=2=8aF*L#t36By@jsZgbcV0_Zp|--NiexKeJ5eqrqQZ1nKKi}lAu
z`N2o{)_|<u)w?wW2P8Bfj_1kf?MzgulknABXc?Aj8yNvH321u(WAyjW3T22zpDN8F
zYs6XcxxNOeyMVwJpsE=j8iMU@`L@#L{tRmR9bpoeO<zwBM1?Rf*D(lud0Qb>`Adur
zvLkW2z6HKVI=Y~H*x=z`zdo<K5mh>_tq%gh2!B@?{YHhH;1ocJ6JX(cxlnIoyr%8Y
z*@ZlZwzsD@oDAmEl;f*b=(|4%{lh`s?Vi<^9gsFW?v}JzN5$@$eF^fP*OhB&Ith0!
zc(wTuS<_Eb8TCYrI{mt$B@;X+s>%j{%YXrTD!lsDtQfV~Mu$@%!$LSWL6I+BTLhJ4
z_$!mi!WmIgm&``1u4KyeKY+nmtW=ThAd*uw{>6Ut0u0c#Lgte5sid#}kU*G*r05)S
z!7rF0@O*EgWh)UE3He-kZuw?G<bf0u({lxaPe)Jhgs(~yOT+zZgDvvK+2PVsDGq4W
z3tI=IB=iry&4IYFbm734q9Gc*@0~_MX}r1Z4onss>voC_Pxr$MqrgnqlzRHh6)GM}
zzX-Fxn9+|C9XzE)pVrA8uz2md{_5^KHVIJLOF(2qK%fms9%Ap7L=jQZ+nXD5QWdBp
zMXy{Te|pX6HSSDI4u+p&z^{)?$aZ#g^mDV#8xi^3uTQ1CI}`It$?x$y6kJ<y6pdUP
z_2dkYH*22tqC!Ia@X@oao^YqP&_WlAHq8!O^3=>F9wb-a#%vmTn(Ch<B=Ws{zxbIV
z<n>sos(jiUv0@b*G65DAmKPPf;VAT+=9gYAk6ilXP#e(ufGzahMQlzEb?sQ8QblEq
zL4cX3nf~^WO*kjC>`^~M3y|0}aOe;BmrJK5AJ~n?{j!j`X#v17G9H2G+6j$yna!?z
zVNRiHYilbQHJzH>pL3~-=Q|Ugq{$8&aUdKdpM3B3Yi^G4W!u0boNy~0yk##L^AeXo
zA1Evwei(pUtv47UFA_M*UP<!BxD__eGD}n>-kZMB<S2cM0p!xeM8<eYzSJVU=!#D6
z-Hy@SUmecS*VbC2qKtQGzAHb^dcLag$8!_OXfWcu_WrL^yf9$j#E0_ussE=%1qW`&
z-|BlJ;(sncdp-nnO#7b>6q_Db*#DuSwpuZ|+X1m|khGKsTqwT2-I$+v%8Vvx)<+T(
z6A4(2@Fpo8ef*pB6AWmR_}pAU^*dch&dzmuJz7+a4p6$CrlAPasCjstPu6<(RMThS
z3d>Fa!Osx|ot>3cJN0PKk8#@3m&bzWX(}T?n_K<;`wO};m0MFM;7)eD*xTOR>?V14
z2?B$Jyp)RLXbX4|wf*_71?x%YJ;WzDO}5*sKwkzt@}~2(7C`lIadB}v->GuBwUyrn
z6=s8hFH~2S)a5)cCiCTtuZ~vk21|v#Y&Eznkoq(y;^uiGQQ_h7xorz8l7;umW4Z0j
zJYkW4Edm_it+np1ZSQajiFDl^$><)4W2uA9ytY~vUUr;cSkRmR5q@vR4N=@T%3gwf
zz8(RqVmd9FP5H}0j%QmV8~4j-S7S6{7CpJk(sw)H;@B*(qatEr>_DNKc6Uf;N5@eH
zDhZFlShl2?SU_*RP$yknei48oWL3AVUugh5iFxeN+TWiy6JjIvCsgKutxPLl*fTij
z{qagdLZSmAGLZxuJ1Q|TNO&Kp4ObGNOerK&tqxy4$()47+rq*EaF_DAJ@6Ru08g{E
z^;;)>ga0v!Chxqwpxb9e6o8~fTF{kl**_Vwd_w;Ge@A}uKgj?4pUAH)^EdMMCPP4&
za9-x@+vfc$QE&N@A(CeE%L;6Qpr9ZyO%*$giKwK!L2qGM72(vGr~QFKsSk=-oDQ3O
zpBZPU!Hc;Dm+nZIz32lhBHE@=EeTbHP?#qXpLqRa^?xh@f_fkgxHIp>6he!a!2NL1
z(0-~Zd(ra~WGI@UPC+?=I{H+d4nOp}S2rl_q}(tgO3{`SRkT(+lSP0kI*;b%DAh@h
zTqI7yXj|6R#Lw?gfX7Ezlv*;LLLZApQMpG5OF_l3JA@c0>BESbIXSeOXhkFr4*p4&
z8ZWok*C{#g%eqNqnl*5@Y2@-h>_jDKP5|pkdTW2b$XR9+1jTKpUZ0l4$!`NgGp#{l
zr$)6o_DZhqoZ54L>W7n~<4$ur?!;gsXT*Nr`=5ZJUvPo)H+YX<8sOc9FsA@>c7Pnx
zfw0GB$=5n&9v&h#jfa(8W&}VU^*_ePUD!G)$2W+G@X*jtV8N?Y8hmH2hsEQP(S6~z
z#KdtC`C0}f0e$0|egI;Gz695?G^#+Yi3=r|h%;Q>tIp;2BK5teGXj%N51Q?>C6NYz
zp2D{m`!%L>T`gvdjd4v1BWx{N%dQD*rphV2E@AfTQ3^oUH!}zo8wUD*zI;)i4LS0V
z&!-9D9<6nSBhFWt_8H|t9};>}<X@D@zg4q76+WgK$?y<AriH#M*X^I)4K|v{XVq+j
zCV>Yx6;PQL`=WIxRwK>F*8&XhQ)Uk3B4t*8FwUogD?efJ=i<t=yR}%_q<ojaD0>Ak
z#sFF8gDt4xj-^RE$Tt3=0{1Xr2YVa+x>f1(Yat5S1sLAt-Q9wB#vmmRi0Fzmbu4Y4
z1LnN{D(6TWb6Jp7wsfW-b3wjbNS-+U_u*kmN=oP_I?dT#1qTNQOlm2ek{cUxAxs5;
zSyq;ozxw-v3Gdu)&bGldu0Xo+kb3`KUDe=}55Q;9bGIyYw*IQDOu&V*ez`Z3(bUnZ
zu_cj($tX%mNolh`i>=;@TyMP{o{)gphhP*R7Dfi<f#0e4YhBx-=YYD@JG}usXJIOo
zG&|rc&@WLXcPfMw+y*M+-EJ@;JEH^FnPVSCi}W?Jp0Bs}3N7yswo1_~((eH)!=w24
z_&}EtfNXWIT%(KN^r<>c1QhmGu;iDXPZO}IQ2$$)T^-9D;~h;cR*R*Tl^`wS8~1~@
zlV?z{rR>65&G||d8-Vx6er&*ic2$5X9}CH=iH?<*ckxRtw#N*{JD>G8b;WHhziKVC
zt?N(FdM-kUxs|I;u3O<qmuVrZ<O<{)c}DY1<8#%bNSuah#>v;G(gb}$>8)1y_Y7b(
zp`#ug9OTQCQs;lkfL-nIas3j6U*DhkUrzuRU9~vOz`jhjgnv-b+1Xi;pP&8Zg5C9g
z$dyn;Mtb_q#s2PRI(#u`I5^s+!~-n9tEiLC8D(HU`l?$CXu2xkO&XKHmtG{<Ew<vp
z38Oc`&jzv3Vl7^`U)+9Z7Y{O-Do_Y@f<hv7TsvR=>N<$*&t<by`j(13+3jGS^B1+#
zKE{kTwzHZ3Pc*?0!M>8pu&co@wKc*hyo1y2yPX;XeSJH>(xBWXP5{H!=1@{#M<S<H
zBp*RQ;Y8J#&VD|TH9pUP>sI9L``u61vovKwIxPl`TN{C^lIfx_F{=uxCI2;&L|V|P
z0l>?!4F*+{)9a**A(x2eeI}YJ`873dTPEI3lR5?k2^qEp)Idv1=4teFtQ3EL{~jiF
zhN(YpENMSEq&aBlYF}Sba2wEd04OgVp^GhUkHPGVxhggEkMKY9|7U!Y))h~3+T|OB
z-0!<XNxQ>47;w1}-0JwX`lH{VbcVO~Y1?b<rP?}84N{;T)0%EP+~0z99?%gX^a=Tk
z{~h^X{z3lLe<HsI+~3Im9xzuJ<Kiw@x!oO$(sck+tVB9X45Y-I%vQArutePeS~F}C
zl4gtFBAM?=B574S1F+Z6(~;(fMn8OO_L_*^^b|O9F8DJyv2$`$DveD|RTmJ22rSy_
z+w2RIAAhPqi-HtxiA0VcsxHD39xEERzprrTzLY8XzuPbkOFSPDB`sSiA)up)95|;v
zy-v4}P)PF<KP~`P@#{^a&**Fl;#;}Uz#||O<za3zUHTnYrN%7jjzp^c<l-xJJuc)e
zhnt%l1#n+R@|kJ~X3{W}#O#)BI-iCa->wESXlZLJ5vU9S7mVhN^x|h7xxXamu<Pl1
z(z@J}Ceqt#?vMV4Jl}a;?xp_wDVF*;pb7$?q&_Z^`9i&JPYFk<UuIU8T!~uJrlMuG
z*b3N%{Me<DK-j2X>al%k`qkd!o)Lz6v<o{;aOAwlRAyW{MK9<iv0As8EVIY}-8}f9
z67T{-y6+U&<^2bq%$yf>OV*)cWHfblhiVhhAw<1OQkx1#B7jMSeaZRdrb4WQ>;qlM
zZOOnUSe|O$7{HC#e6v#k00RhE&$nu|-!y-^KdZkqiKYIqaf)mR#TQ^ffP-Uub)?yW
z#49K$81)D@zVjo7-TV`93V|xmV)Yi3&D0WLWXa(;F*KcF*p9`Dr#%8w<yDuN!jp>w
z7(U4{F}@b@0A8(kCyOZ01J3;Jmg#b_w9fe)PAE3ofpnUw(4Q(+B|LV&14bu-Q{47g
z&LgnL>%}B&YhHD&9Wa+HsX2UXmW#A<>zmUhnZ_wnZNM2v-><hnUIl$TX6|Ku?hww^
znw>$T&Ly{<yqo|ncbtuDIevbK$#S4OeNRl~27z;6HeW5+EiE*=5H?f;*)<7}VO_;0
zdomU%m)SWv?Sz0u={f4a8_-7L?vr1-V;bCg>lT<6A3u;yt92cFc7z?rF%C2tChe|i
z<Cq>2*ZSVpTA=-&od72UV{-^8-y$#<fJERxFc<A!>wV<mwpi_mQFm3E;<Ie=4+$Wn
zf!EHKO6qGNzX!?jVndc(EtXik>aQp$goa8=Uw^)qxpt>Iy<eqsr3_$qz!n3T4Ot59
z9$eedpk4AKEX+ME?Txl#Oh5tQ2Dijn(uo0RJksuiJj0?XJKQol@sh^8mn7_ZYs&yM
z0^oqVEdd^uGW~w{mMX(B*aY2ApFTmafd`!Kf(wLnQj^aTi#qbRiGEZoR4Mro+JP$U
zRg4d`N<Tk8e!^C0SX7b$^N8G3UqW^>zj?~hL$r?A4&W|VdBZTG4ZrrO-8QZpxa(R8
zXTBk#ppbA{QZ%%SP9f<w8JKHmXaKLd_}&A66(G{u+uJocZLNSmU7kzy@@p8H$t2?u
z$Sy1^<FZ_P&Y;m7r>xD70l2OhBiu*b7d23vH{$d;tir}`d#O`o3*?cn!8`uO6)3wE
zBy+%pgm*>mGXjbV#PrWqYl-o6wtP?tm(t$5Wt|8EJ9Hq>;&4h8y%Eo9TwhlQe8d+O
zF~xk8u9yyT&|f|dK!8>j?;ZoJGem+Z^y7NJ5Kj=-<yVLV6Hpp4fZ~1x13V{J+=l-{
z*?Y%x-M??+O2{5%?=3sB60%ZAWM@-GWM%Kj2w7Pno9vyLO=ifB%ux2;>ptJE@%dce
z`}@1@$FDznbPcK3`}I7Y=Xo5*d7K8pjgRXCPS~@bATG}>CKl*>F8Zr^(u~SDFD|GN
zo;`b}d3zaZ?a_w^hlk&fc~Khi_Kq?J|Ln2~d>(5*j1#b`bJ{c{XZAM4ro63km?i0b
z&7ek4_Ro%M`gZb=)a424df5h}3{|W5sQ+ur_2+L0OOC2&Jf#2Jv8auQ@O>bfJ8Mqu
zw|XB$Tphq%Y`-+Pxv}9i`-XY+r&j)%iMUGlq#hMWCC>-5Qtp_8L&?Cvpa?H1=U32@
zgvw-u2-uVia4lXZZftD8BAabu1oAiiJMuGJApguik^foEU&zm2f`rtQ(=cgH-|q?M
z9gMwY0gLZ}<<BWv%6l<hzPs{$ptm<vgnD<iVrpTXii3{*y-71xxU0PpyO<dD`>c_#
zU$K+!)3+sFbajs?{=KWa;fjWV+)sFRdYEczmH*@u5dA$<g4$B1XvW_pTN(0hzl-<Z
z0#^exS<ia!dc3{~gAAzHWXZKDDJh**Dys5?3^@gZyIR158}}r1@X_SE^n50wJ5AN+
z&z5;F=CWhDy-INS@uUG71Q4~j<$B-qGIMdQ!(|DLLC~8wHlwFC1;5$l#;EQ%^#S!C
z8F}494N5_Y`Mwm%{j~{UrwtlEpCxwzR+4A|vqv=!tB}nW4wc|Lg!~n7DT`wm{6B(<
zsbZX*1)k?;(Ea--0%ZhI6I^<A+J^W3)1|3dNl19la93P;xA2``G6Tw5Na5+|=s1ZY
zf~4G&!;a`3kh1cmOB0R<G-t;CpB<Os|I%><tJ!GSGgaWtmzI_m6Ln2}eKPzC{Sc0!
zRCj5+)mYi$(ointV~>nnnGq|fhA^*Qt#sO?+xmub-{^YRD*hrdN~!9L_H4LIjg2!q
z9NwHLdqB(ke7fNk5ISQg1k>uNIy31H-jTeWkpUJw%Pm0L#iiO7=NnurF{3xo_#<?6
zb#uC{>QBobykjDfA~=OTHl6C90NmemTw(f(SF1k8FCS+zjui!!j(Gf*dkaFwYW4fO
zpyV0FQ3s%#P)ACuhEJ?S=gx2*uGop9<D06Nzi@7iW~pEP*0Kw0i42E)T*Idifq}%r
z#r4OI^*pE!ZUPPOZ9o7Vhk)SVD`HO%(Qqgl(&v8uR0iuG5yz9{;DSqjJt~^*dV$y>
zBF{P_lapx@aLRji?{H*8Yn1`U-;36Ypy%l!Sfi<KnT9>0h1s4a&gpSexG-`}r|N3q
z&kXC3jMra(`dUa*IR!7x@W)5gGBcRiA1@j!;Jah<pBs6gKAV*b{;WfH9!U-NfJ6hA
zRyh_sadSEp9oLxT^<&afDEy%%0xHsf(eP^=pK%%C2R&H$f_{xyEAc>S)cW+uUKdp+
zS2dUE8$B0SvGNs*u;LFuZ&)B!Ia1%8f|`Cb??v1en=yHYh=w(gC6t*TK0|i~(P)}H
z8aRKyXR#HH8JHLtqq}J7_EQ{|S^sIJ%9{x>FGZI_$;zflmy7dtbAP|Lx3}#VT(6+u
zgWAHRkkCGfwkj3CQ~>PH!rWYPOcc4m!8vHOj_Z@BumICZ6a&QDMqBQ8|92}jkgLw6
zgN*ed+wSs07MMffGM;6t6o=XuTAAWbpExE4hW2G&s=h?{7(vDHt~d4Qj=gyhC{H1=
z9!xIKql;*0QTzy8i)otw=%uc7O9|+$3B*zo5&0D!JhkGFluXyV-mUhj_@Z-S;<Acq
z7n?_e+6X44@la!l?h<kvVg0EjT^_9mB`*zBU23<DS1E`xK9&KLwkq=x&LK^Gnw8cz
z2wM+n%E#-D{(Y0(s>A;L$fo9U)^#S*`4lK~a!Fze&i?F=t~W=ltXK#FeWas#clN1;
zE`apR4@V14zTO;CR?uCW@AT!UvaRW+KU{mR13oS-&)b1S1sa&JYmk7H^i8d&lvGR2
zdR>>5V+(T}1tH;3g_WMa;Tt77LBYzF$@M%pn{pz6yBXpSim_9Ke!Fopm-F0zeQ@L+
zd6oLRZfL@w=Y1dUhm|9O{tW_p1oF52JMuGLApi6~k>A|vFXWHJLP8n`a_8qHQnNpm
zbFE;E-b=|;SoX>O7XAG%kic<vI{x@LlEz87Tf%;ZZLx7Mc)Yy6wi%u_!M7}d_!#`g
z>|XYvY>*t!Jf7st_nb4IPeVg=Q8j;eQ7!T1Bn$7nypS&RyxVrax&P3bM$%MRLYCEI
zwTe~^V?s!$*;-C|#m@6M3j0IDech>zS#fbg;i$plkXtM)_g$kqJNDP7Jb%6w05+(r
zuvQo|y1UfC5256_?5}-DNWgmh_5spG16G{!=led8q=2P9>UnaoiBEs8=qqNfC5%Aa
z2g$cJMZ-|T8S7Cn<>1<nuFp6(>-&w@rt0f~T>%lh(zbYjXh9Fr3Kh*lR}Xl_$jz+?
z#K7nOyA!hdADz(qUp~Ft|J4bZ{LfBEU*j<$yuF(Vu*fn1+eCFE_wEP;?(2OrA5joe
z_Xz|?l7;Gl-W&r6OiZ(L(>mn*7SpXzxG_UIRncdWk?b|!2C}20<-#B`x^LU9#Ck1X
zzC7QKQuv}<2;IE~SES>XAm+l?Qj?2^gJ_6|dy75G9K|A5w^~~YRakJLsj!}}XbB*q
zRIS^}2`|-8)I&i-gX=3nhx@brax|E6kjx&)$svfR-r_m=s3xE<U$J^wLz=3d$9ZUu
z?r*rp3>LS4^=>b#{BPZk-aoq?5W7@$n(eR`JO)HqUv)&>0lfSvWUBL@PKQF}EakXR
zHvGT!pRaX)>pzHIg+Dl!vo9Y;`Bn$BuboTlUY5grZyUobhWYarJNpWB``oBWh$`V6
z`T1^pS9}Fpeos3r=smri;8QgZqS1VDAO~(H*$Pf~8FAM#lutKjKuqXP6oET_%(_x?
zWe(BJ#E1OZ%@CZA`aRg5GrnK_D2gkv7^Ecc<c0ZpgC||Ry)v*{aF~B*oQ<oaBG7j2
zk%=!`xinlwDE3k{oVuR{Jx-h)#G+{HC2GN2?s0y)pX9QXol27I>+C^@hv)SP8bDVX
z=HEDy9=p(+dH{a{m(Q1i7a*#_fiyZ)`;g6-3B?x#?`+(Ym&a;Ceko^c%yfP&HB0xm
zxHES(d@tHmn7GmqWfDO!QHTj2z|p-i#uEP|OIz-OC!a8C-DX?RgA0GQg$kGtTYL#7
z4QU$xcGG!FtQRa3oAWVx!@HqBtWwkH0%QZdzvu8j>jA(AtIgaA27}%__1;GG7BU>=
zkf!*6hI@c|#UtQCZRoSU{x}jm5&B}k7Z=}%Le(Dqo9Pnjsx-56U2{w9W2%P_AHEnZ
zqIG2oUOH5-c9ELr_>R0qO-Z@Byo~uv|D4bAhv1n7sbU&zJnm1YhT;k_|IMiJ93o@7
z*Cp|Us=TSBw0j8H-!ltHj;zw{FMT1&q}+2V1}DVKwK6GZtsut#(uEcfy3NKt{vX~x
zJ~GfjuWfwelhouIBPSslg=b1ob1oZS1zpv~hP6h>#1E*3qI$lG5Hnnf=fiRXD~&~7
z2!&7+CN%WJBw??!vRJwql5Zso#3Cm-FOc?7FzkA4bua@lDS1|8(0t&lxN?Sff717^
zx1LYQ7-zT$5`U2(<+V>)Z&?w-u{F<aN|RS*MKyg^lb_L914IhJ+aMZlEcR~kNO@Ku
zTwNM3>N-lPROs4$l|^d4=aKCmAy9wzaSx6IsSD*!oJBi5vii>p5s0Oir4?c*I=Z^p
z*x0)IHGz3=v223N8iD*>|Bn1j7sx;LPvp0u{|ot*n2?aF&QED0?f>XXyqA-&tG@%J
z<I?>+`sGcs2FO*aqDx_S|Lk8zF6A>3{61?pZ8qxZmkjgzkG%A6y^e&Yc=6;7sS4Wf
z4QVq4v!;IvRFQ;{4NoMy-ZO^PNLllF*n?dJ23$Y_ZEJ3Z=+eaLP*=kFWr;Gh;tByk
znQU-uY~>wp{{kwtk-#k{kt+vN$ypA*s?=Yk2;T)fJuorbttXg!*|YF%!5LJtt!-^-
z((=8a#H#qJnh;J=%d@`+e!LuB@1w)R;<hq`GwFmdD|$!xN^v9*9rA<Auw@;L>PC<1
zGq%93@W9h~`y;jp!Pja7PiVrR008|7bM-}kdI#v%Q6GzBZq)4#Yr$n*{KBh+LA7q}
zhoMn{HD}q&Ov}2K4uXI{jwfYT{Wr3^uiF!G6#-a4!-}wW$P=<A2LTr|R%!DSekTx9
z_m+mtfxkCaxP{(9GqmccbUqgU)b2DJGuP<h(@+*mp+EvLMJ+|e<nG4cbT`6C<z$zf
zBH+cqtEV5G$ZMjYt2+r&Q7EM_(Y0&z9WjzmBN&yb|Iyn#0S5{E6%eaZH>MlI!tjQU
zEmgSLtsw1Zbu3?_m`*@|m}!Rh=FMUN*D*uDdfzmLBcRKV_SZwr&|DOfL@6mLYuyfQ
z-;gRSYNE@>jQ|0|C>O0=Y5j^%jFwh>R}J&sk#sRk41=Q8t!EY<8QGGQWbvSWXsdku
z*<-}hd?CUV)$k5*O0P)25#b7$tgQhvgSxJ>v?hT<duON1j4$!MU=k%e<hi|o1)}kn
zzRJlTc%={bj_%tLT_%~qj%a>~C2S64sJ;xV?X$@ukJF>KWPBKsNDn0m5wyCnWBE5a
zd?}y7IkJ}HkxBg#ggNh&r9_6RLOM7JTs$zoul&B$s11jA9i0c4pOp0_T)VGoGBY#d
zdSjaVTi6WiL9aK|=?-;R8C5#Os{++`{y6Rv_z4&tIxjV?&(CLco`9BFEF(!FyW{HW
z%BDBua=7(O>QhTF!Gb#7wu)ly<k)8qCHDVnbk69a1;F2R)Riv=UOH^5JF$Amk&&P6
z771K43SS!7TN-eSsb}>8%>$*!!HAycr>E%-J=f=j!}U_$S_{S!h#t0*I-A_IMZqyH
z!Qi+fB4R&v?X5`bA3_l~Mp2Cc*O<fg5O1J1jt>s5prZD~@pV1lKBVCrSdTd4;~lj>
zMQ7Kp#8XnLvVDf9enz7<83uxhKKZj<+C4f~6&tOVgEyg}>L|!{-eW@P>P-l44<CPK
zW(J>>6kUR?P(qlr8v2>LoLc31W&@d~3edMR$;URhs6}$gd^;S1Dh*MSMKgO0g5~{a
zclk3`h+3{15b6jM<5k2YTkJWg?8Q}z3q~vk)m~r6GH=uy+Oe%RdM__8cLg@~f;+&w
zk)$3f^O=v!3&NO8UzH91BL~TWs@rtH!NTI@y7}go>!V`TQ)zaqIvu9n7%fktYxSUs
zWG<<rPDHRE_YzMaIdk~E3>vDE@cq*-_cR&sOhe=A=Pyc*@L<Q|wd`E^>FLuzcE0ar
zM)Q@2@xv$QZDXL1b!-`PB!Ye=dDg+88$xZeWb}e^z;Usk5zfd8CeG6!!LZ24E7d5>
z+Eun0@cu?jRoP)r`wSLM&7YbZ7cC#XT!ZZgS`Fs6hxeBwS~ds#2*~W;-v9L5CcjJa
zlguO4>-k+N-YVf`vgrLeiMHCgLlKp}WtP&i@9;9Bf_~Em2FNMN;-Obn`bvcbb)D7o
zob#G|_%z%d_h~OA6M_7*|Bn337sx;PPvmzP`3w1lI*^cf)_Hq9h7(1W<JXUY)ST3G
zU9BZz2lDqB>^K32;`#F>D5kQ{oP4Qa)XDMe#F@1vPv`nr<tH%@Ab(*$yF0~Q9Or(4
zxwOaG;OrYbI5+@5iuWb(y_Evgxz*g~QITa)J;{;q#ki_or1u)l&kA^I;0X9XCgKWT
zv$}T=H514PVO0}@TOB^3js7oMwFtA?!i`2JBbR@h8XoCKu!>1!WtC(VxasLlff0(<
zCFKEVEEEVc@-rW(Y2kZ95z-yUCzlTU6I5{<5>t)8#(CE;M7gQ4&(F=3y%>+KCT_DE
zF_WzmS$+7Ok)^)-sPy##;b*i*wojUH{c)*LY4JOh9G04UIf!h1IrZ_?1Y&*M0*V*P
zp3cjwiTGy!NEI#t9+N&4!p3njr@C!Xb2Uqi5x|a(O}H+BiPr-)q+}%Qn~sS=Xuq;+
z#7$cd*P9zdP~Qbnz#)p~sfOEKnKmaO-On7u#0`bHra(;O&Ych{k(?J;k`0XwTKajF
z((LYKHp^iLARS#&zXKHePM-2d9G5GML2uux?&W?861`fJoP0N4NR_5TQ8R5`-3`67
zfD+i}QsB>d+~Yrdc(~`4=OT&ya46U7FC(8T8lmj$5#a(;xpZgB>qmGQSE*jOM!7xp
zf;Hjv+R!b<@xQ3HotG`LT-6+P15HEc^CXXaw!izpYxHZ};#gcmC3B^Q+0gMr`Pe3P
zucT=i4zQAuc-^Nxq7{NjJ^oWO@sMP^9!C7jbE81efv}@w|FD@>agpBkv{R*^59L4=
zTnj|nqY7(!hOeS{HFsIBE)cCQa$h5QH8~!*Ue$Cng*u_J8cKX{H<}M-+3c-ohI1a=
z4fApG^2by2xv=rUDN83c^w|<|QY|80Wta~YHg{`f7Vb(alH13WA?eSMBi@j=wfaaS
zc$76eOuP9K-qx08Fd*S~jIy)CM`aZ?<-WYd)}zIt($V*2T78Ej7f)i|+G8kNnK{Gd
zDtSb%=C0f5dndk;b1Hgf!#oJ_myZWCiqd`}8b<Tpu=dBJ9y0Uaa9wNoS<kWSes=0h
z79VrjaG01PDqiA{)E2Qo2gYw4eCJ^0GoFWs2Eth<$|f{y!)r1neUouI!#g)H&&rr&
z6x*j8eWcgwS!uIe@VljF|3IkY!^5hoDuZ1tY;3+0kFdX=R22e$&}H5})GtDq5s{eY
zUQPL4#hZgkbipjW`nolDO;BoImyMq79}%{RRlkcATdV$Q{=B60<a?2U<nS(=yn}`c
z__qM-S(YDu&$#?nOQsd~u`-;z5wPkwtUh^N7AS4{OcWjqyE{A{wax>;++1+LghM+W
zkrW-xuit=V+l!i;h#M_iy_-inkO(5++T!AaI-f7O{{H@3735EZPWEPx?7&mX%8D^g
zBzP(O1k9~;674cq%@l3a_LMssw*udim(z}Zhc!$?aJ7U;pPCoe`sqBkwB+2mWA_`c
z8WRg^ZcrG*dnsSD6t$)t5Eo3wdg=kw*6=vN+jU<S?)UrUAoB=Xjud=AIW!*MUM=zB
zS$ov%qTGie<hsZ1@MDhI%-7d<)MbBld_-yD{g8i@7W*#@LZI|TO?oKiDf#wHbMq^r
zwaN@_hT-n~twjML5&rzI8YMP-avSc6e^qU$f>uQ1@r;R+8T3+f`=-30^9x$jWFoJO
zm73t57E>8tV!H3(z`wHyT!8^s-h)m}WxKW!iwJ{5u-{e!_CXUPCHks1fUVz)tOPi0
zpdd*mDZlpnU#pPS2%+YNGuNrZj*6q}G=rj3oJZEYNe72oIp-iM{~*XnN&(0OI0`dh
zZ-|L$D;z-y`fYo)NU;7g0{MUaJMyz!ApgWak>4%oFXX2rLqdY)4lG|%XEl<$=jzqA
z8mkW%uU)(Lb9HrfX$gZ_-}CiDjD;JAR}IRab`Xe*c~!eQJBwe99)t3{@AwM038>AX
zr`|z9m|IIQw$V`@qG}~3pS>STWlHu9M%!wui(lJ`pSfhX9d0?Ha6EYQNc{~#q*ac{
z6sL07*{w(;qUw)ELqNM*L;av%vZluxbw%Ue;sOz7RqAWIg%PbTjwi(d8^~xleHDTp
zpeVH$&**1lW`Zh2DP$`p^^y=o+~Pz6v5{<L6Yzq~IZ$d`3IyyD36{%M%crBKf8e@x
z+z1S-{=EP=NxTm<%>&mCwwP;(C_I5iiad!$X^A@Hi|)tUv2^-HD@U#HBS(Q5&G;vp
zme?)&Ho=YE-Jv0w@$fY*9TuzDiYQSJ#)}EdMsLa3ZE8C0@e#@2(zCd)=hR_(5q{v3
z+JZ}u_Au%q0<1;SPx}_N^Zh@+h?aIn<Ny6@1KhIuJ5eVPQGM~FshH)(h2IPc7WbpY
zj{ww(u4`3AMcna|Q{kKEs7brjOv7j6419br5fIl|8qKM*w77_ly_s|5siadh7T?cI
zOZ)1?fPU_l<qyQR5~f~)c|jTVGvHDo>rx*-Tr!C|B}($qH_GeB2C}sf<pNz15Y$m8
z8IwTsW1Ta`&g<&Dge5deZ#>vkvb@wO(!RvGDX(&jK9lv(-2R9nRNda&o5b@>7HZ{$
z4<B@NbpCYg(R~J*wTv```glsFp+VQtao?cX?;CUT82V~U*}yHESZsnEsxbl6K7E*}
zsXoU&44c7o<j^QehX1XotGQY7J+J+-A@=(MPhHQ`T_9hT(FHTl_j`)(tBbOkqRg`_
zLxX?AlDJEZXqrU`=hdllp~_}1NH6qqXlQ6APoF~j0WZo^&@RS|!AK-YE@{RdC7<mA
zfCtroZ@fS#0=`0009-slS2HxE%Y3us3_?#i@!&@&27y$0_~?<ptP{-Qurp<rzaJK2
zJp{8g!ind&MlqKFCgkz)_&bsBGW@2KHT;rY5JNjqk$`-3a|(WNV=i`@ydQvG3$8RD
z<R7)J#D$kGUCJt^nX+*0azO9oGCwP0m+?h(E+jWE4>yXb7wWzZ40HjHR)B{5uk>^V
z3Zut9_I(-t2~N-;<>lppYtyi4EX|7ur=vJipZ|WApJ@`92KnO7Er$J(k5Bztj=}v;
zU;f~=0GRT@m|Y#A+St%9wU`tc83}C1JAb^!A;B*e^UKW<y%<kQ`xTX8XA$U#SI1hn
zLNx_tL(=p;=OS4>pq;e>gT}_V#YFY)cax+c_rMB_OaiW;I8;<r0y0T4_rv)Z_#RT^
zQupq$z6?;qsTYxXBw7@nr;;6!^LPXvm1>TPlIY`YxRjsL>SxpPu<YGc6d_az%_EHI
z<w5I@?4|#L@OW~xSCrOP>UeK;<%z9!-{<7ytPX`CJNUrgO^6Ja^okzKJ1)ZTtp63)
z>wT+FDs0z&RB2$(=u-3@0m1@*L~@(vyl<E6Ej=9_RD$4R1riF?<NgvLzkm7;y!DVh
zf>_M-!j6y|iy+Ex$GL5K6v8$Nz_6}>Hs1U7D<gLMwqYNzGx1x_H(7;tIOK5TJcYSL
z745)d#K{>__ckPiskgPXyYOn3=bw5H#plC?czD|c2K^b62+NE!!UZo4rO2UAaYlP~
zOZ4^nZR#6!2f<MSb7+`Rx1yrvoMeco_s{k>xsO{5r?a5veb+`_Ra4`+(TJAQ^^If=
zhNB?y<)KvE=?Mm<fmi#Mlo%l65)i?r<ZefE?;hFCZHyz3pJDS~(;IGFApehlBEPrT
zU&w#Q3km7v&eKcePc2>o4KWXH$2=1u8AfW&``NgcyN8CNZuy*p(FNBx{GEWs=v^`r
zoWKuwDvx}Nii&_U&<gA2F#+CS8nLZv?g%+VI+3;@%F4vmrsm3gjHc(<`|z;Q;yIWU
zl<OdPqY<kNe~0dF`Oi=)DY>4q($gEww!E2Bs>iv)W&>g}FCQOaTHcS!#&e)SSXo#O
zz)Wu@LI$1d-Iv@MAOLy?hPhyAJ2?rW;;ddHAb>=+j9f2+FqRKq6u_PK!OX;G6cZ<y
z5*Qd5C_eIuJ32moXKd>A4FAR^Fe<>{^UbNV3%Q-H>cw+E11bIYIJgw)A1uid&8f4V
z-+cjE<L6ek5bRxp4il7oO|$e&U_Bz=Z>$;~wy|G1wIIRe|MIy(p-8XZV~*rf+LODV
zoLUZ4eK82}sP1DXV{CN8M1snrKr9Rlo*i`G4{wMcY{3NkSk=pqOYGcuTX+w|#Kg32
z`udGg2>Go(tO~Jgxtjq!BXw~?TEzPDvao3%O}C|K1XNi5FaV+SodzaFL`CbM%qcbg
zT7r%h_<=i@%Bxlt1j3XEltcEH+=WnJ%1s0r&0F5r{!cSA&=dUnM@YU6e3iDgHXH=e
z(;a1(8hTv=TNn?!i*6B^A%pPF^~snCW3YQ<xLKDIjeZ;mQZSWY$7sH-K!0fr!ELtN
zC+p@h&jnsVpOakp+1haPvsAkSOx0uwG;GlNU$im0T5=B_-2D5gn&L1ws7Smmcsik<
z9B&!zY0>KHJQ$#NyDtg=M$)XBkA%!A*3G7)LT;J*EUw)<ISKn`<Cj?CWP{Ob;pS>q
zpEvzx-nJyz3=YWz!O6I*2f~B=l(C5kJx-L>OamNL4B1lN&AOd_Ik3$QBtCNzk@bzJ
z^zhZbQmw#w<C--*$WT%Nkopy6AdC)<Cm1tJ;NXpw;w8W-t02V=Jmt>NRZ{u}%?vOT
za`j`}Y)Q`)08znMhYLE<+Y#`nrhf5uGlzQ(T0@JY0dEST<a6kb5Xnd-&a{SUX=yfh
z>&z81wB;XlQ#uXxEQdWQI*2N_h2I6JrnCC<W3l<v<QMW&XTS*Qw?bc-1%C`6d}|#Z
z(oiwT9x^K=nEt5T1mVCM>v4*93cQ^%WBP=Ct{pcIs!|d!-qFx2bJj!lz<%WXmStjn
z(~{mVX1sgLA{&9!rr<Pw*<Lm@Pk23~+Jo`8Nwd>*)@`?g4X{OBX5&#42-n*Q7(CZJ
zP=%8eSw*HIRTXLUo<zVhq4JjSHLjo<Z^sv42<9KJw4px-pB$o@sV4URNl|wKOEYlE
zZr#@kb>}>!r1Ml<@vn3l&4Heos4IHQkFIn}b3r9X<$<#jrE>4s>3yOxt<tVI(PxcG
z!*d(rR#65V_i|joCMP4Fpa+fAuW_q-Mq;dD6M;F7>oh_@9PvFLOy<k<mSVJqyEhq+
zCINWAky@_yi3t%tz9<T|LOp|tbaOp5HKKfzj+x(&%Bnrj>r%ETJ|D~mbsl>+<aSuy
z$6umJDyvIQo(4|12)&JAH+1bI#ntk3adS1Y{8#pHJdPpM?cfCC!QFXk^L@SI6AM}@
zjT|N>CKqRCn2VF2b3lp4ixzzXg4zaS^J9V&5Xx0WTz2j&D4?Dy$jOm&>m%7;9u?i2
zrYW24muJ+S=M42ES}6SZ(FA584RH&pU?2Px^7HwP@u1}aKxI$|@T>&Us(ynhE#qdl
zV~8wH^a%9F^!T*gK#V*eDZutmJNq=E+gv~)MCw9y+wSTF3M%SYrOzzh)tm|#;asr<
zD|SIVt5EaD94HhrAClt@1_xuM*8pHrRG5$Sc)OLZ9y(~=CEfpMfIxnhe@A}S3*;aF
zC-VDm|AqY6u-2@WriddjAOOk!wGLQSsCkXCs**ax^cs^ulaB*moZk77I^44o33>)r
zA$-L}MH^t%B|#`t5Y2iDv_@xFS98G&xVJ%>qTe<4QO=bICk;J4{mfe!?4i38rUhKQ
zr045^th)_Q!It<L#=4UdCqW5M@MgpkU;g=1a#_<><LKI8j_NYZ!wtsi$8O(fYHH$+
zgWsq5&TWKeXW=W1o}01NQBppLIJ@rvHwFSG3aAgx4BR^}=Q6UHew9@ohO~`arhQ($
zg?ATJ&y+lNjq8)XenFN|Mbe>R0McUD0Nr3Q%{N+4gef@U;GB*9l0N;k|ELdSDHwHz
zx#XS6MYH2yPwgKlnq<O5?tBE<B^T|`wR?ZJL&!Yqe{@5?ybz<dac31+T|(7cK;~dx
z#--JG?vF((QD2XWYXM_;{1Z^RTwMWaV&E;Ix#G&}8@qP&VUJ~XDoTIkn&b52AG#L9
zl=e@;GO5Ge+8c+NW814dD2tCIg=S$I5XFjNARokbn5boT<Xp^2S-HLkozCv+_<qWS
zXGZ>yl4o+T|1|}CcyNEIqsFgQ(J+tZ8O$Pvz{zuA6uTcafd*d*bq>l+oOT9{(7Uc-
z$i@6h_ryKK0u=CRJEw5rEC5M%{fOS~TkLS@T+t4*MxC2bc~Xvk!#zT)@G#BttRm|f
z3BhYVL8TC^rSn@zNNDtzgcDqL8-Ye!yU_(xf@cQKp(tu{YJIkIMaE$z-vjXJHI9_K
z;{|YUVV&|@j9SBZYuO~N2R}Kkn<|Xcq#xPyVzSc$snxfYJ5e)>5_EFzfXKE%_n$W4
zq|<0)Q_ZmhgQ~I#1lbeU_yOTCc1Ryt;`8|TFX(fIxt>zubQHoT&A@PGeWzPG9cG20
zIH|Cvi}nDM<h&l4thM6UiMFC*A9z+k@D@^I$BfW>fJn$WnF$LDAgI>kd14)&Hg|{2
zYX)@V#|8#7&5H_KY!`nB_^D0ezkc2H>LjPlmA9Pp@FROkJ6#asCpl6soH_L{)Ii3I
ze+**xRA~&{^IzV$Pqe6^EWO31`7~UbNRujq&dkfs!i*&&Oz&-M35&;6c<zYRk1AI#
zj_pq3E`e0r_VmN7&mKP)AQoXW&}h*5b)S_O%JSi}QD)4(?5#X$12JRW9zQ=Pog#<a
zlq+hk%12i`s+Oi6)Xy(WcqatQeV>w9UlVo+d3;rRGT$wPSJT04esocwIhCzkui@7?
z0gl8?L*w?N7wKp3ra!%rd1p1*!{zYv(|VfcqOwJuFSqsmU`^{FOIJ*X2cBEw!VKC|
zC)1@x)Q&ps)zB18#8+VMQ3~-1nR4KJEVvQ9@H6ViU%kF({A;dt^>FA{n)4n@atVve
zKCKS9=F4c+$-`ewtFEDUC9#GN^VnXhTi8ZM$WBnuF*|+rG1;COD!E*PdwMqU2)#^{
z$8x;@x$Tgdph1YZP<N`D*KE3li*hZ=fBn((kqKAa6^zhBl$jSPdj4FOLLF|rIC<U@
z+1lRURToOdb0cg2x8{1Ub~*2&z~H&ZUQ_1kaafXTo!GU)_}TrGFN$PrB=RT^3inM;
z6C=*-o!CXp9ZaQ$qs)IUz;YU6hlXEW_yxQ%?!Dpqqq>SoKTUdib*jvMw}~sF7sfj>
z7`hMg3p<@)QMB7Ib#Y4a$(q_`x11$7vCmAS=UwjWvs#)>H~LurgwXfsnh96;`JR7;
znC9K?bF&d~oo(!SVg4`dmC{3#B|7~{CwmTl%WIO%cg^%EPkf{u?zQ_h*MGz-ZXGxz
zNAz)Vk3FOn+}sDd8>zqQRoF8#<%wWqSyb6_I5z!=svdr$706u~`N4;SirvMid*#hb
z^)(^4ekIx4oe1P-|99kPyFmW2e<J_ekAES5AuOicE~BBr2a{DaAyR8?qU+0@ygsVd
z<AId~a<@9EM=i;r3DqQ*HkLbH;_UY}?=wevk=`~|V+jsCoiFnBV65j+l_jq~a_qMX
zYVznGCMKFt+Im4je4U6?mN&{tv!*^^ROIPIN)nZjz2%qwbAoiuuBND$ifsN<iD}IB
zJEX#BmP)E;=9`YA@92cA6FN$ABR6tSyd|FD>>OGruH7C|?{&jJ40(GK({iSQxI*se
z-PB}{HAnT!3V5}v4b`PrY1H3sRI{?`wiag9hUtf1&QUP&_e+wim&$a&%{^iDm{M}N
zq&(ib)h<{hh;<F;K4ayk--{Y?CGI%=#Z%<E<kepVqmec@$oc8&UzID-R*wt_+G?O2
zuBv%lV)z-QtI6nbzkX-B#%nORYr0}^oCd368}sG1r8^~lu3fu&E`O3x(r)Oc-c#Kk
z)Cc^8a=-T#Hfc(BWa@2PJ*4Y}oGT=njWntT`*44X>AjM^WZO5fSSCN(zW>qpK&cL8
z^|d-jFn!l~XK9|<!Tsp|FNJtcu{dV$V{W>A7jlkwTw&%lmzh=CxU_=NF^Si<c^pC_
zTbiWzP?N;(wPZB&(c;(fLu97zj29b=Z{sV3Y!6n2TuLw!Hujh?%h%+a78Eo?f4I^v
zv)U~Pzk5cEW8DcPMGE)ASb`ND%Bh)&(i`arrD{yK>4nwHtD1W3Q?Wbaq?lWj<VHk4
znyk1iV|JM9Yd_4munX<RG}n6`3_TwbxPgcHa?5fa_x;W^p<Gm;UgIR~J8!z5dsM<7
zj6*L!(b}UHe)v8V6nhQ<+|JVK20wGaF+2`C<VxeNdfX3!!aF}{6d#6lBsox~uimWl
zP$sUwX}l*8ZsSLOFN8wv67kXQoDZfSo`N$z!+C-eR$`mO^!QgXpTMxAtOKb&LWVN&
zS9%76Di{=k9!%R?eAaT}V*3Y=LME=)uTO9CQk;JC+BsI6RtJ=^<eh~cFIKQrlAhaU
zy0?K#J)86U_arA(0zBmVm_%Q~=RJ?I=hQnNj~xsF_}&!e{*jCkyI6xm5juX%wp4t4
zU*T)AHdz~;Fb!175e)s`Wc2dYKA@m_fA{x!fsSj8R?eUpPv2Hln;o03fE3k~uI5p;
za!kVb(@+Q=H-~$hyQq-qL)+&IOJ9ZAm(4oq=EngVPd=ZMM37VP*)AEzTJKMa4BZ%&
z)Ty_*mZ=%GK1xzLO{Czed;!Jdqy^_BVvfz_6Qk)y=Aqcfj$&)66~eQGOaOS7qg9@y
zjjiidB?=pM(m`!Dw$&p>Y#8gtjFy{st>U_5D7U`-D|<avXCYz#Czp&vCO<KId*&3l
zJ>SI-Ph*AGQ>S{S(H#fSG*i!5oToMyJJRbO&jEVvo;PyTWm@u7rS0z{_;enA^47T5
zDU2dJj9+DVI`m*qcxavkGNOGe@zA<#%aetv$$oHlODpS&eE-c-iO@t@#&?4&f+Z(h
zL6(5n7{bfq7(HI@mr}mFh9<Dq#n5LR=!T$GP^}UkJf7@n38K-inV%Xf#VV9B3${Jk
zW$S)s;mLg(Wq4ET^!!sx-+T5N6_k!)1rd}WS$4Hz4zYDKWcE7Eqpg!6G40+{EB-YR
zm*Fp!wdw`)Ih+rJx*RS3ahI`br<@=2MjO0gjwhzu8}Ky{Jox2pFLM1Pu&iyT<;N@a
z)z3KD=3Si+H(TB^+MLR2y+KiVKn8(B=P#Jtif1bZ%np5}cj)U_qAAo~;f8;`JK}oc
zuSzi7xO9~vY3rWi)n~jLZbgNJ<P|15RmM)r6<aNiAAO%{cP5rU6_N2&t7jL{w4IEv
zyZ-vuif<5#uQULH$`qyGYd!qCGePQwGGA613%G?t{IH)YAx?itl2BoMuIj$+?@5<*
z4hJUPcq*6c+wT?w*EdZ#j}tv{(+ynBm2wcsFZS=q&whdY-~WmH@3j6x{=hsWq-q0H
zb5j+!)Bva$vN85<>^KJO{Wf!sy|1}7QJ%C<P2V<p#Q4!z|2xla8da2A+m~3B3e$0|
z(hCqSo{_a`HQ>0N<FY!0<cdLvBbpFrLmE_9B5Wh)$gs6m->;_I+4HRyeYJD<N1>W@
zIA(-tvW|luH6w$+>g9SBF%M$CCya~ZaL>FB-tE(_zudtr(6uURXE-tZ!P|prKCMvA
z$MDry@ebO{fmPx=fs?_PB;=N{Pmv<{g>TUbtP@Qo8Dp|ZbcdwPsb|WX{Z!vpvzqi=
z*=f%XD!$=Vb5Mh7+k4OUIa52bLu2bce|Otv$IC@OL<2|kwJ*{4p!aivh-HsJyS-Cu
z`TaxJyZICzt~Tx-BJX+VpEi4;znr1yo(GH)j82dhZBoM&9`FoK%C+dVW$J>OrB`1)
zqzY9;EcTSIIw$}Z89Wk3yr1X$nf^4rG+Z3VqNwj*KHc0`(<=zBb{6*h8tu89N!GKG
zy_DY?TY1sFJ@9;D-kVL#K1%cz2OACguDW+Vo?g^J>mPaM)Hgo%`fm@PY`pCB4Z<N+
zRQ;$=1{G4pmqI_!>ffE8v_Zg_G%^m2FHLZ3?I5_!=D>97XCSQ*%k9W`>WjDv8aHV!
zy}8<)e|z6$?Q3>Wz48}AIh<UY?boN3L3OP+JEZe=-IY&7+x?YTrj^Pj&-LVNw=D6`
zLd9Q??JVDEj1{ukYsz~z!+wfCbk(Wfs;TjO&lQS4g-fkX>BmBwB+!rx+0CvDN*e&k
zh3IS}j$=>H%<;SDY=S#^#>Q>oy@f5iH|R6UHgl<31@K?J^*Z-yJ}+CQktmSa9Hj9)
zwL3p^|4cVzW<}VCbIaGD_Pzy+n9lV*<%N0kxlkXKbI%Mm|Dnl9(R1x0&c)G1s6wYH
zR(#4&J}2oqAn`pp`OsrkY4@R{1oO_uex#j6b<o-mkr<mBx9<2&qBndSNK9pOSnGVa
z7(?|NiwUoOouyW%F%wPphCQKC_6yoC@*M(0iB>T?AAR>Igl16&UYvVol9wOetfydd
zO#FS(W*I(2v$8ojRWFlT7fmlw*S^j&9MY1eaoZqf>%7p;mj>C3K)*_6?Xn5d0L`vO
zByXS(Mop{GlvGX+_LEYSagmH|=x0&zh4)IWKt<H6bW+V_aF_FJLu*PtIo0pCGTDeO
z*CYJo^Juk9!7HaeskWg%X(wK9W7;tYnle<kx;q@(JSWJKeWQK2H0q=5^qUgb`O8Nq
zw@%-9zvZ7a6fedTD~qL+i9TP{>Ka%LXNLx(<B!&)E2-d)yaRp-Et%`g%~sD<M!7}y
zh`;`0(CNIvR&FUVC+hoi6IV?t<M0z%qCa|-6|SxEo0^fWGk^aZL<@tq#rAcg<U-4W
zpPu3W*+xMpB}nvFOQpFn>bddp+F91@H*56=8h@%?ElDW22KnJ#?{D09ELMbD7KmFv
z9Ll4efk(nZLL&P=UK$wSCT`pR{DKW*;=s?RmVgN}h=^kr(_mFRZ}s70W#w<5w(_8b
zgJo0_q@O)bcSrmP5Q^lxu&@o#B8IY*d<17e!K!oK&V&XC;&KFcDNJs+9M1OfB@O8S
z=Lw_Up!)?L0jd2k?$#nG?nHB?-S9(-@hD$0<+83#Fq!$**K)_fXw9R6I30=(*}g};
zAB2B_>1b^&gfr27?>i_8Hy&kc6dQumL+t2x+R2Gq=_#2+e30F;P$%%F9o1Dm7Hd2!
zPb$vht?C+OoK)3HP=olPfp-Um5)3m^)ryxS@4#dUu=#?*!Zp>^e>(c;m@&KwyV*S-
z3o=k4{CuUCzLa!%*H(AP5DSX1vB_!r1izM5jw8Q(bkaNC--1AXseea)jtk@;{U`Fj
z$NdZWA0Hth6@pg}TL#SB|B%D7_BS^{vKBM$1m+Sr2ao_xVVa9f)+qa_tm@7vB-l7_
zFMKNnFD2Mh_SUELG&Eu%>kmw+pc~pU{BHu;3QUR?yntseAQ-0HYny5GfeR<<FmLU)
z!%8KDFO`+uGOVkIZ<z`dHm@+a{=pO7T?w9sSw0#XBtD`!Ez9*R>7wA{ff60>&I@NC
zE;cq0&(9%I0=&UnU`=AxYC;F2&e=F{tUbc(8f)srW7;h_T<8)Rn5r^)+9oDzvyQT_
zUfpx@nd>8KZVUtqjqu}eHU;8~=srl2h`n5dsUsyVUAxuE_Qwa}=6Rcys_g7(W1d^I
zj`8X<Mrs`peVl=c>Wl+Z5wV`zx5x!IJoiYx3@`_#K{T@Ia;{3Y_wNiV#3~Daa#`L_
zVZ|Em`ua4avPX*$E%VuIfN6{da^<Qb=`Xq;YMMP@bRVn2R1Tr*tt+%26X)gIZtGF7
zZllyRpUrc59tI&E3hgSWk~<tBFbQKJUN^tT*izV;Cx+g#N^o5i(j6w`Ds!SClgbUI
z1KIa;F<)>R4#n>p097UiJDMN`FIKg~qJW+|ss>9qgJ;H?oAGl$Tl7gI-5dsmd=VxG
z91zPNl_~jciH4Bf0>?*U#lZ1he7xM!O-w&*@;%VWYO1QfCW%e0a2I=P&ObT^mVSeI
z0|t5NpMbC{t_|Mxf(Xx*(VG@&MWMVy#LzCgYQpOaF?hfrX(<Yl@5lQF1Y89H19*7Q
zqYZvGtV`rR%AQrf+73iKsD;-TU=kJ~cs+fJ9|kO1+Sj6cmDSZ`h+YRAx%u#jo;s%{
z0eP>QjV0<1dc>ctj`jMa2=@sjkQls7$&-05QSH@}vzOx%%}crLW|P%Tyu!)Oo(H4C
zh!an7$BBFEF_6hWg48K+DQ^#YyLGL~1?WX-dJ+VTGqRk3KJ(bUD|wvY#k6zR>GPEM
zAdOwYhRR4TJ*p101QR&=ZZlwRpoWoHqSF{%7j(?uKv<)E;)!4GUf>K@K!;IRh-V8#
z=DtnwPPRv1T1G}4{Eac%#npYOkcH@ewDbLwd5kUFCHW-LQy4V>85!-^+o*#M=gO5U
zUY3m<u#sbNyn^f3v9JzGS!3SrN6A@u*uNmb3$hs?5EBA2Bje(L+_%oCnf3=;E`;$U
zVia4%B-iH6r3ED?CnL6Cplv*Y17eLNl%?`K_cjWoK8S)RM&AXzz@XalO>w4%K9+!|
zPsplrx6=F6u-f1N6^mp8^og{|kr795E?Kkhp@6B{R2fujNizq|r(mp!O@wSHl@Gow
ztt{h#hei2LxtBi)*<y{y+fq_KOsAKBJTG&VP<6OJ-$ZDjxJTew_*VXX$5G|MJWXZm
znDmHV9$xtL;lmuP70j$rP~PIG;G*?VH9j@tHH%5McEU}ZD|=0iLoJGxDseK6S7eKy
zn+U6~|D$>Ftf0gh+53%!y}3!KBtJwiHlo?CL-&CIi<}=TR}2S?{fh#n360N(^EBZC
zfvw4{HHb7lc&YK`XJ=>U=Mlq!5y##|ZUe{GMQP%A5kJAVsC+LbBEpb$@Dt)`BmWd1
zNdh__l)fSUdot7d(;VDtKj@-$@?7#S9&l_diFGR|PZGVLm`$@QejOdv$Z*Tof%C`E
z2EHXfOzLkk2%ipw=)tkbw1RQV4k|oxVIZ%ia7<a-mq6VSzmA>py$V*SD8%zWbd8>&
zdUzpQRlRu;Zp$*mCPnWpGo+#QH&&jk6<I;%<b}8A!M`Iv=LPbQ{1f>ToBu-oW>+L6
zrhu7@C(&-v@1ftNg19h(>jXTyh>=$^%s)R7u<SK*iq9m-(OqdT#wNQJD`=Ct6z3<R
zKToGtivgo1h$Fj#5~PCg?Wv94UsL9Jog)*ztUg;MSENiwL{QW;_J?oJ`TyIu7aj0F
ze0y3&#0uQGCyQB5`iIvX7Cl}Cg+R2*<wUckVeM$0*}am8P|lttu}~+CN^4p=idz=n
zQl*`8PZYFc^lT=dr}VdhEA2wyS~751sy2tn&(R2S+0vJ^uJX9$vm}$Boq1oBLo5Y^
z@3CNwYrXuiRAZKx0?hdUztNDgqRH*y!`bQh!WA5?Ca~!_tWWAVONMI#`~nZ1u8oI?
zc3AabxWJ2SMWPe4ukeU~TqlC$z2ZNf%&5<{XG{e|Qh~4wX@z+aFk}>6Pkp`ntvBMq
z=)=%3D|7M}CT<PDW=W)LTL6MruG&IG0|jIc=<V0BLky+F6N_`#(?H%3x<>iai-%DP
zwwFAZe_JWaf{Zl~3l)dsKXpacdYcoWh_3#q+D6P673c&hs`CvWE!{+|H~gM)@ihK-
zkDl6<6~2aqVp4Prj2y@t8Y6+rJzc98LwZ#c1UblDo)b3x?Be9a;)$CT)ojI8@CX6N
zsi{RGuV3PItk)fL(!F+j9fnFcVk|xJH_kq_zmTm$V9?bA%6c7I@8+*Or3g#j*8i~N
z4UfHC`kESi{LU&y(^MD?ChQKwe_HYk!I%+~;eg)QM+m{7Paw?-oPV}Gpj(99zKo14
zbQz{=FFbl5c!zHp%-_bWlKZTzwMjVvAu}mfHYXtSja@;-6u+!+bsW0}a`9l|w;=+f
zX1W&itFWmwNE9^!(@!kUMl+b1esgKu#N-x-D4Uc=kk*CmYJkGqmQ<}4`xY%)43>Yu
zfQb9XwD{b$(I5|1%2k*S1%<)yJfNwhD-W=s`Esll%noxBA)|49-tgX1w()4a{Kwfx
zc=VjQ`vM8shO?BKr>4YU<w=x&JPbf*wJdSNl|7^<Z<-<(E40gRdHEyuZyPA2A-161
z(=O}mTvi<?xAum+p`jrR1cGU525lv@XtDVYBelU1yJm@0ZmFe6+j|_FIzhXyCiVzZ
z-IL)9Q=KuLPFTIh4ZXTMy5e&E0|Tn5SLWki^oAQ@^e6c_y!TzR*8iue?v{r8H<yhB
zC@zdb*Jo!huif%Ib6aI3JGSqmWS`JBp>^D>Q5&LZ!le+rJ2iXo-XxK>&Ce$)E^cXI
z!C|f)--Eas%G*{K*_9mSk3C=o?^wOP!OsG5?z_|ea8pC9X~f>#z7N=a8iVl;Pifd<
zh0X>)HCf!TKB=->d~7Qw6u@?B&YnR_@~~MLSJOeWNL}Et2x$*xyW=K~o4dRH?zh{D
z`}v%a0^Q@X)b)s!2w`FR;x#yDny<}|U9Q&NKY11QrzdWfR+1CK?->64znt2`f)?m;
z{}hNoBcj0k|M_c#<)G}G<KFofPnfoYa{-I6oK#OUm?0`rgc^q4`OJq^5}(PE0#|ng
z-ylrP;&lRKV!$+L+ni=9`^O20-R<qgjeEDZBZQx~$9`zMd)>c4BYF%n+u*g&gP_5~
z<t7-0Cq0wnmRp6p8H@7v4qQ=wS-%opp=`m5f=fF~s-BP)QS<BlJMwc~Aph_`kw4w>
zFXZpRK|)e#U<*+)dRX^;FT}QR=ObT@U3gNG*#FXzqz`}>q2E~0W5ttN71?!SV!|Jr
z{9Y24Idj>y;Thg=l+vE`r4)A<wt$W*<G4O1lz@m`qYuo)qsuchDc!|6#yK=f*ck;=
z|83Ai?!7E0$`<?I{=8>sP&;RXRi|QlT3>5(s@Kr&@1`Q)s)~r=J>vgq%zLIr+Pvp|
zWVbYE22LWlj6khH1npfJ<WE!BzGz?0VL-0$3<kv@VW1j!Dt#4uK1NYZ{mrxN32<`|
zvZ+Bj5B~1S=_z*U+kz8tYWbiy%t3M;6mO8|h(#fYw@Z23js)&T!3G$G+9ZQX%!|v>
zG19fGQjB9fL!#c}6h@FPEz|r0>l}<iK#n-ZBF=!&jT`7~v4i@Qc5i5zCu<zJ*x1Y=
zE<IL}=xBaA<r^yoJUFsccNkC@HasiUJYTungct|J-)7i?#I$OUQy20Wy~WONyIPP-
z12TGtWDxfi!7uC!7p6Spf12_heHYK3S4W@}#FljoR71S&JOJ*uP%yYkXXa=727hA1
z!op&><>S$*evhq9(b>G9`CbXQ&U0il269xgQ{AK%5aayldfz7%VI_+?-ShEVp#g+3
z=YLrIOykAlwwzl85w01O!|3rCyn5EsGX}g0ITT`ufRfostwDJ45IGDNUc5IKUOdcG
z+Xh+fm%n;ibI|r@y@m_5Dhi;b@4Iy9U(jVr0rNuh^DuV-RUz+&<l}m)DN%+DQ2T#;
z|6T?6m}y$BR|>BxS^qCeA0x=^tpXeoq_lwhG-irxPG3$d?H;z<Ehv8l-wpnnpNA=_
zgH1y?H!9ArCL(p%-MdraJHr9nc>%?VGiTy659zz7plz2yp!M`LZ0t)Ab+1klWk1Z*
z=VyC+KpOdmlhmz7<Lrho%ZC$;<`J;ALWLS$0eW$*!z$V7_2pKGB{XAc@$f)F39Cd{
z@8;RkqKvXWYmONB1g~~OP&D9l)Gq5s+FX|7)~2PUrA{*|mh+hnHpx%u;9jV9T(=Y#
zjaY&grGvf<#$#dQCh}Gk+7^GM9ke1<XI@5UX%d=$SHllzEMqV<t`?R3VU&B|$o&yQ
z!~qGMYMnMy_l{KW-TTt==2}OZ2jx|@*(LY{o<C>3r&(p=a}L>Cs)~vmFtOY3a%*pM
z^VNbr6Tr%qd7534N*HX#q8MXlVAxq2l2gAVX~GIdIfB28asq!D<sf<ijB?w@z7!YH
z3t_)#2K@2s_a|MQf@IxZe<KxfDdVfrIEqEde5{~=<L(Mk6i;2rect~b-abYBBqAcR
zNmO_qTDy+aHQPC<en}cdNrgT6YH^qs<GnNzIm6IVw!Kk4bBl2OK<tNx>bLHl?-8jR
zy(!Ko`&wWqsjj3VrFe<3w4)$9{?k)|lS%*MspIaR?poyo(J{x#Uw5W>UoP}OOxF0M
z@YHn+@+0~ZuIJrq`8OX*NnJ77+OmB!`}1~t(#dm}QR?id1-53zH4+wk^>pgGS5{S#
zl6A~T`H7c+w;o18RX#i$B5mG@mS{VlK;>(qNxPGdF$UQ#Xjmj(lYtb<k01Bd!^g$A
zh`ss?r=G`-yn(C}@O;1@`}nG;#jJLpT(>OvXpQvfTLlp*db(~F@!CTRu;iy?v%5rt
zlaQPEGdwpi5NjMm3FQhIgC`C$C#mgFX2BKN`B?s@EOdQ>8*;y~=sYq`z;*|lGZ%<I
zgdsv54&y4WI31rMkpJnwBR}^A@(=wJ`E%I*LVj0tB&6eYqda73eD}i<d2R!0{_net
z7WA^g7GNs=AOi_{4s(YW33}wP71e?qnP+4Q92b!3P$hMyfkHh_+Si)gQDT1{W%;9|
zWaOaFRK2kp?>jM{v7~u5naU-)FK3mJF>>V8yw@BJBt+-b!4D&`%gD_9@*$^oeg7=9
zxsYO1zQ>;1Blz=(@Cy-p&1i-Z>WjWUpQ5_vfH@c+BqOT^h=9TE2mM{E;~N7ED#r7c
zVvu13<WqrKKG`{DLykLpcHQxsa9xm~zI^jNu<b%x#^uLv#gXb^ZsqkCKlky)4=sh-
zyovmsjF(Ry$;(rSx(R9p7p=hDw)b0j35;)Kl0;KYpuI+`8n3ZrdKI8&76q;|bLb=B
zf{%Llf&b=IEu;Ww*ucdGe-_nZ!&acdSl_+J&FuF81`qtII23|jFT&8~yCIHK$+_;n
zPf_U$3&^$m{(iafSJmY6izoKQVQ7~W8rOU=q^>6UDfKT8E9?kJGFAADbB8O9p%KXw
z&LykIusda?-eQwS1AF}A=XdSvPPXLgfcDb$pYqIzmyda;W&ee{wzdya9Qsfn`a%je
z4heUIn+wd~RW%o?C|18^G=c8r=8GFvEG5tDftQmNMN$sNb#ifG<w`U<HC^{$xOgNg
z*1k?-Y%vrk(Inr})B4#8$%HU2GSnL2mLElFhJ^F)VR|-RWh-N!a$yor+vr9ts}CHI
zE2>B{aDhZlou_pYJ3vMG-2n{j^$NZjmqv`R15|x#ZAp)e2*5(8GKt7>NaT<vM!GS7
z1YZhsGxtVr>i9eVfZRHL9!4uTq&C>H#6(2pp64Dy^-a^sfw&W%Q57c`E0ndUQtH`K
zBUunw34TMR`~z$p9EXE#pH9`p6ZR_JC&GR`@jD;kYJ>6T<Fn)SV${Y_9)}f;Ni};P
zKeHXExkxnXz;g{#1+Z*_kC9P2Lf24l)}$weht1X%vZ^$WTUuI9;47=|$*b*y50s9M
zPXAhKH*D${DWtC90t~-LlK>D)GE61v7O)Bo?P!q|SFMy4At%)%=c;bxu2d)ld~T;|
zLl5V=oL@0|kxX|8o6jp=E_7#u1z3Tiujx)bD^%YLb<hNPCnVp-I#h+k2p}|0fc(=}
z{RFQ#TmrncL;BA@m_gJx^dNX|+uQHo!VP|9(wjJsOB=Z5OPP+A=DPD6|H<H7$Gi7b
zJ_HUaEh&%!5sJvXf!Awe;Gx48m{(1UhO}6}v#8iu4LA!>@fbgw3W22HR_a8^4Sf!O
zPWzwqq4B@7uBJw&ez6#edwh+USRHOpA<)^>Tm5T4x7vqI9jHR*F9v?#d=Kardqwss
zT(N@=_w}+}0`Dh1OMP@BR5sz;Cwf_{4(hOTAcPMO4iJfTr+h%to>`JkBqO*vV4>~@
z->?VkcV~^b-GJPR+(|dO-Pgb$oT+FE`1X|7s<7iOeF<VON~8o=p`RYh&6T1NPpHGN
z>XR8e$Dgo&uZWven#ph?i|)DuDWs^A?bVWZ?>2ygY?M;8+LC2k+8NU8Mj>WS8)6!A
z?^sXYg|j#<r1lb$rW8>xlIPenWg}UjwD7ebhMLCdvRvcfZR7|%Dk_{1Y*}O%pPLZN
z;FlnDe@mxG|5afj*ADmwQS0%JAUryS*7+GS`3YI%knNk3OGOPWizHdn&r}Rx#_B2$
z>z_dlP}a*Risu<j{P?jE^kProz2zN7n`_b#JtwPV6g~QF^$qJWRFBsWdy8Qxs*ih)
z{QC7Wn1p|aa^qIJ)gKvi1;KX`9yY|lWH$KK*+1;Ad!Cc$zJci6G1pjcMU6i*5)RRv
z1><j-B9K4r-;w|31@aI66Zs3L{z86B*a_UH4_6ew!j)FC+jd!7s{U6l{}DwuN8M*Z
z_i8OEn4fNeMfeK(e?r5F{tgYN_)lnf$e)=E*U9>xO0_fp5%=&~0y!@D>fx2cKs~dh
zXDsRk2}@y&!c4oikf;p9iZ^<n)Vd(-w;&a4m>-lVKX8#dgXJE@#QaT&$?!?{eVx6x
zJ;2-Jkn&uiLS*_8kN4d@hx@`F02$JER%$cB`f4<VMfe?mG5^Sns@fQ4#D9VLI*q3L
zEo?1+y(ryU{9KIf_#JgX1c(UowHr;CD^X3U++#&ne6?v!a+_u9oH}>lZG~79n9%}!
zK}Z~9pO#_pMl*AToCRx?bE|%xSlSu5dmf8X?n5>Tj!VWe(AV_;Zt7Ec@&r*5%+Stm
z!}N?N6xt!Sj~C-5SMszfa56W{$6o;@;|{d7wirb8fjrXr=;>W+$a~rZRbtDLome&?
zE-Xu_cp`#P&X9o=#)Zy@%ds^+NRoE<wyNzaNYu@$v%)?kT7G`D?Bd8EmSRSF2t?9?
zzcws2YU)L-khHem@Wmuf6m=(~rVh1aIoAj^aCvuj3l@fe-5;{Wz2pu)2-+CJRhEK_
ziwgr+80SRI03P3iJmdMy%i*;L=WsM4J!^#*k4~7bwzl%Uf9DFMVju4;`Xpis0Jje2
z?2mxs_XCZFJfNJ6MH*9u_1v&?q(HZpjFj{}BTky?aruBS>t_JO@%hIoFz^d+yVRoo
zFY5DyHu#H=mA~jJk#vMqM7r{C+2S(?ku3@*y`E>VZgr|VLFgJ~=e@dWuT8L4LouM1
z{cR!|`6~@Kw>7*UEZ=}og_-aHSQ#ZFWY$bAq-bLbezbB*q}F_u?0&fVihwy^1P5qm
zeQNt7sf>^5>0SeIhkY*^eLrWG$-GD9Ksz-A#?SN}aMt`=pKkl}#3lvhFMaTL>nemr
zQvvgY5;-cjL-pRMc|x}qY`l>M1XJ7=qb<}JN_*n@l+G@1l5F)=VPy3Ub{<nCb$_b^
z%;%OZews2@`+jo}3P6ZFdmQp=%H#hq_8#z9@BjOFgJ@XUS*4U!Rv95XQ5j_x?yOSD
zs$||m$%<rFgp5R4r$JV-S0q9dnb}*m-*wmN^ZB0d|NA(PzsKX8Q{3lvzu)iI>-l;<
zujlo=uB8`aGCcf2@hht<OBrWgsXwZ<V4)gq*BIYJO8hK@2?rPviQ<<wpR@Q$(yC2U
z+j)-5V>!#8AcA$s!erf>wv`15)(zx<^G;U5zm*=|HJ#4_!?rdmWv{g`2x_k51r+{X
zEM7@}(Hs?X!@48&WmrWDCx=;{3}4(X&3$f}?{so4sXVR8kk6KEN;htYX%RpJdY(@S
z*QvOUbhNkU;WUr>8NR*^3MV9uR5VF}jnnTjeEf|6{<3r>_gXyw)nfJq?zZDX1!SE$
z91ZIvy_I$!4U{)Ow}^Vu5}kl=Z7iY|zEd<CzB>4gwEI4NFtvkI_aXqt_6&ktpLXa;
z?SuQwM10BVPGeksN7gBnTnApK-r$_tSM**O-QuaIaw}>{^_E0(3gNEIK|e06vk^2Y
z>OXa*WMpKN2FVnZYSLxOmrpHYsg!n8=ULsdaxxJ8>$ceIHVQ{wQqvJF!~<F8DfJw%
z3Q=Y~FtMJCi)+;IOLx@EV1>;}Hda==KG_(JI1wf6dH37i5-Y1tN0)t*0+Dz3c`rCT
zgV<Uc&f3R^ud7#WH+1CH0BlD(=R1p5Ms1-Bj)NaVeTSwu8;71N$E=v-bXG+MKhy&U
zR19HX!y_xp@#41TVQ9$W-1V5~TA#9)mnU{9JA3#i+L|PDnU_`}-@UZWRLSh(Ns31s
z%cX?8EKd~s%0yLxB(ES9MQlt|i(_RuQ-ln*>0z}ePPrrKeRoCpJm43gGw;H7MeB3t
zBo`I2C7l%cpZ<H~7yT9aKm9ZEzY6^m`8@~LtuwZo@KrK0VlQgiBt0>Jqej~3{iYpq
zpO8odE%+%-T!q>h3MSGc&ClN(oO*C%DsC#JDw+2oy#fQ^Ph=2V`@O09HdHhkS?i9=
z^lB1cS+|Kc_kQS-AtsS;Qro8btB8U#h{#Ogb8D}d@PaVAt5-u?MNZhh(%RM)`y<h?
zt#dnO<V9M{&*nuJzptpT*Ic+F_<|$%TWV~CdSVA)mLHgs63*GB#mC3TavSBA?o+D(
z^KVDIXdX#2vvdBn`7;3r_0fo2;fGna(gmUO;Wg!AHD<Xw7|G`PhFyZ$v+X?USpKB?
zYUI+!8fq148k+IuH0BnD1;VfTYUzVu0NTt914yF`*Uny=rc-K8VD-(`BHnxykFl|Q
zhI9Ru#;)C%(9qSVe6<>tmGB<fLhHayb8~YXPapPA=Y5fvayq_==6g%S7`&1k&LKBw
zAVD`i54c&avxkqj9^L;}nOCJp)6~*<QLxm8CSR(l4(gv2ze_55|3=N6{X&tIg?F9&
ztJ7{zrHB_eFdLglM@4yBXvo|cizbMpw^9G;Y|QVdRhhvl>vC&iXf^B6qvfIhR#5D%
ztWXt~$g)=WSz+_L2J&L^{p{5VnPSBf`oBx2P16G{(JGGHW>F{z2bdb(`Szb8>uBG0
zwNvb&bMEkDtnACPvSvB{SKxcAZ-t{X8r}NoteR|n+t;t|+q>7y|AN4gh_4~LRWt43
zbRkGyWH$KGU0&y2UcvDBw_W9M)2eun=v9@0GAc?oT+9}A)C11Yb7;M(M;>?)6L$Ti
z--z!`7PBqujO!PL(kwnb;oV((KU%`9QGf5odWyS-ndcPj?1a~1HOTt>pmT}{ci67$
zX6YKn7|aiS1g8K{6;_u$PPSjSGWu4^a<7YauJYWA@=qt6>)3TKzS}&iExi!k`tsuG
z=7NWM17?_iTA%C<P<4>A`XrI3doE=d9D)1$+VgH?EXx^{%*-iP*a}Y0%;>D%_9SN}
zXqesogxWoD`hMPF6^Rrp(k;_5K!70G3B7*M&GH2bUAgyZ-ZAuSyf55e>M>2KGXGOj
z>9Lbas>>Ney<{DdPUZ#%tvD4%C)1!rq6PvS|Hh3QuiGj@Otm%Ja%<jBKe96}6IdXR
zvUb0Rc!BOlp@V1kE!ZISW@W8uBr)JFNYu=t#6Xyya?_ndY}xEje(AywxynW;Wb*5z
zyc@Oict^8vonP=u7}0BNs6Xw+)^PW<Nrqi_meo<BJ0I&WMNWSEywZY2T61n|>Nn?x
zDS^;^Pi}tb(l<C1*Ss=OLi6NA-J|S-A(Q-KFMS+MFc%1WbF=3qLQ6$(`g;5=Uk-R#
z8`|7IB=qEeJOa9Ur8$*x1{z8mIO=L^OC={JzAIUitaTQF+<K)~l$NHH9}eLNF&QJ(
zTmfxsq>@ZCv%%!GHS5t2kTy}X&!G!#E`TNwSOBfcB4VPV!bdWfyp&B}Ug|V)@%zSa
zB=dO6;Q@tD_y3PN>wGco?^4Efc?jY#xO?XHG{E;}Am=e6q!B_F#to81vwzkww7-_s
zYB5{m-BY}wa%1Y*>jw-<(M}4RWNxF|#m|2US)m(q`*{9z&}X$mY3C`6Ru9x()#RLI
zv&bY+qF5|*g;Tx}$yS?c-V_g27vu|c3!Qit7{^(|M5@7Ea3``5L^`M&OIUMmajr*4
z#+%<UH<r{{tcx7?AF1iNC>g0%Eg)BYFy)4zDJJn#U5E{Cg-@hHjA@nr3JeZb6;PDB
zFTFS0oD})f{yp-G{fhjJ|BU>3s(&K?Ex5rWSYwo}P+<Gfl<49N@NDMMRJb&IW{lsH
zH>=dwnMjV_!w^t3bD>u40wtxEAl?EV51ig#pml<i6<x^Zgz{jn`fqh!_TB|=Qh}q*
zm$_AsCGb9>pw<8Vpf%zyGYv-~KP{mU_9Xc;wQo}{qq}{)Tij}s3v0G~4sNaY_v71-
zvdz6nzM<p9_t>XTG#G2iQzCnemX=o7td!F6PGCA)wVSp{?O@k_>Y_D&bC?CD&Y6D$
z(GJ^R*g4*)`X^y<$9jo!ouG>x=K3ID6d#OQMe2%R;YD7nMXLW|@_?H^4+#(F&fdM@
z%m`^ttuSB|?Rl%1-n_NNmLiZ?`bS5pHYK?cNu-sE1Db0{%$|LdO7Ie=v^yjtW7I2G
zNy8M+qaFss&G(Bl7)<Z@0LlegQ1K)o(fQjQ@HE`aQ7pjL+SL-L+_$|gvXp+SMRbtg
z(NibXoO4ay?8`Qu_g)QpobCdcY#*b-4GrZCzo4M=?dO`};(TlZ`t{OW_U$VATL*m0
zfhjw22m-*`@&fc6Or+$s{#Y>uDRO@BLDSu!i0E$8r=jKfw}xKOhB_azO`D5$NbWo}
zD<^pHKUG@qy@|B567=mao$rPUSSu<0E;Y$EC{Qn~dAFpSq!NlabLfd#C)a5Hw)<vz
zKe3v&b)W}~k|4s{wO{h*&Ra)aH*WEteDD9B?!bjGuQA(wP$5@TP&iO~=wOWDhTF$)
zxuG8>v`J7uoqY!4o4Obatd7`UW3m+)&%wF2lS=<b<@bFXu`WO1MA*0ca=_$AZr{y3
z4I<u+PWMQ6yE({^!EMU(4$PqE%ft_gHwJhKH4d=9En9==I|vw56;bWWS2^|CZ&niZ
z=6;^mx&+~^D3bcyYunBPn**qpA{yIyBYBq6nKaoP_e6wuseWo~1iA1`k~(8pWYLq*
zeOGVXpxLs;KPX6i`Adv!q>jtiES098F)fk04M7jyx~Sdbq2)mXg@gLL{xb$$CQUnN
z0At~#d>giDq}Q1YWEI2H@n;r-#VBd66A8j2sgHY<V{{Ukn_VN~LaXE1G>r{LFLSS{
zj4CwR)J1MJ)pmEI-@SdU_g+GrOPbw(%R6y_rQPIEXoWrOJWx%jn+QWRrbI~4Lh6Uo
zp2{r5Mob-kzW~%<KvHrZp$y7mcY}j7AZxhHvE(y&a`6+=c*OSjc|l4*o)+WWNOVZ$
z-ot7PVA?KgJeGOj&i?6=3!~G-$)PJsy2}{5oE!W^k-*(i2=Pk{|Gu_vyKni1%4+m!
za`F?gCzQy1!HvuVm(Ie%B4RL;<qMD)$J`TNZoG2(^4h$SlAD!<rSgc#H1bn45|9Td
zJ=m^*ZnYJ(AJFi<I(D;z>tieT&=S97zL1zz#fgw_CLFM)+jw+(Q`Pq!CDj<(<ZTU^
zOOV>jG5j^}XJyFlkK|ehEwZ492A0Ja-Vn+s8vKm`L&i;NeGTQ%;hW{1>P+PLX0ty$
z4efRq?Y%m674oEW9|crB7ZRF&&FCt9oDxvdBf0&OzPh=ebnAb)Y|qWR5WZ1u=WjzZ
z#a-(L^y5xM?5VHX^=F>%|NCFH12s<;NRIWtzl<D+Y|T$bo>JGv9Sh-psu^=ra@JAw
zZ?m*JCCf{^VZrPB?-5w{nrGN|E%Vn4<-xk)*H;w7>TAtVK0m^rZ&dQcPNaqPUbfxF
z@w_f*p7HlDSM#JdCcd(qE^j*9a{csSZ-TLAep9^r*=ADYfA{Z^|KP94|M8!Z|J~A`
z$bV;i-MZsn|MLMDv_AIfqt*rdc~awT>d8Sn;&qYLYu=k?+oZp}YNIRS{v}zni_ea`
zTVH-8+fpLkSTE_CWD$BNQfodzpGDv}{rihtW6$yygTMOMlD?|xB_|I5`Tib<kcl*$
zk;~JuYs(0%VSIzD0)I%txxVwwkfVx4r+a>~DB69+f3vLIvENVZl$G+#au;l?R_h7G
zx1kRc)z!xTe4bq)0Y6ssVSRi|f@ku-@7CMAq+(j96}DV`!sYK@ao>$QknrHdAT3e1
z^dL)-XzXM8Umgna?{*C=Z(+hJ{rweoe_-w6Z|=a~5384=s`}`Gkw4$d@fF^p(_3UK
z=J@Tv-)qEgm@+T?AhYAIY0*D#v?aZFVTt$8-=-efCBL*H20DMI;k2nF1~dI$cpE$w
z7H)2HrO#t!(9V~<T;kDbrT*L6K|W`t^MVDgpq9%E0q4Ol13y~I+tmLF<s`r@*XPHN
zAJiO&d(Swggc#Kbti?@)znuu@)r{M=`|WpFqfIriZt(2dBHXLrLNBzRP`IrqV!oNM
zI>p?rub!BkytudssOWHuL!xu8-OZtoyR>}hzS71_g5}}-gT_;ycjn%7T5n=0ASKXU
z%gPTNFR;WkRm--rQ!Y<j$K6d}M1`~o<S<g(H!sf>0STnU&6bLa8^XXBM1@x(^g3ST
zAR`-FT7eUf(0MmEnUTxE{xfHKd`zT<1eqzC6Rz|=j7<$}U<Cv2v9uvQC0Wa@TZE)N
zgr(llKJB$KC_hS;iJ~^S!E#D4Y2U(?qmozqw?*lmI8h64H6({5zZDRMe-K;-lYsVl
zpGH<lQv`~PS9!x3lmpPih<82qrmHdw=oa$VQyh$gCm$YCCZ^rqK$fb?Rw+Qd{h<{&
za7Wcc`JFj?_bgxfR6eV{7Jz=vnYTpCV_9L3j~zY3{_u#q3(`jfUO%ezH3+F-Iv?Sl
z<n=<5tS&{pFQomX6ryfBBy2_o2c;ko_Cw(gG%dBji?n*@ct13>FJ$mr!4g9AOP6Tk
zzz2@PfGbXxEF@k4*1n$3;TPLKKvP!FRVT6KP{3e&OG`^lO&S^o9RuKP*>o1hTmcyL
z2KsgA#?>|D5i1*gyB&e0L-3Tm9MCD=h(xW*l|zLL$Y`qiD1;^8XO|l*DIqD@3Z;ZS
zdwPLUZr`0U1{j0yQ0r~c(=K#sZ&nPh(D>MexR5a&F!Ft<xOnsCO~9X53sU49*5KSu
zqn~TiqNyt%mKQNZ=jk69sGMBs(qH?4|F0i`o}QjQJUmDM+V8E&&3_8+Ok<%txOYKU
zZ_e1j!9QsRo;Jw*n7Ozh9&{`B=CB9>LjOrgNg!Bx4~IAbIv}`Bl8YY!{}|(jpukeO
zOq8IL53^ws`yR?&>@ZM}5oO6jg+1K#%-gxMzTOrz>=BGX`B#ZR6AN_|vVvAG(`b=-
zaMXR(pEg1RhbpuZgj-!z6_*gh6B6jED!Et(?l|N>sIUXTO{@6cPk8&97`ielk>Ww$
z&E3IP-k+*hSmCtYaZ}6=Ag2aW$Q~&O5zvQ_^&l}QXAlzcIwfe3DgW$&oW~KNhv{n%
zyynbb$+Emx8KO%I2fTnxKS6ePV%&-4dnt1KE2<tLOMC<R{lj#gW~2K>MCe9OT8aZA
zGCpN;3P(ld=IEK_ot*$V#a~06N?&YQJv*^%o{x{5sm$%Aa(AHh1QqR`A28cqVBGV3
zMq!y0`Ah#j@*nyY`5XQj`O7o@ME+0o>(=##*kfa61}=Ej?S?KdY2nTo?1YBaO;_J5
zVv$F>IDM{tRZ0!{Wd}cn>rXh0WA`T6@{SGSK+Z~Ei%_ArlX;l~N>vsT;eOFo3>7cX
z1ce{PO}W5J)iG7Ik1KNJu=h$1)RXjctl3VBr3uo>M~V2EZ){$#=R>uu$Tul>x`Fuo
zHHA{nF<GcVJ(jdre0;Q-D|{6Z#Bl6sG~q#ps;=v9lG%*|t45zbbv`jkms8R%4h1_r
zi?**6#eI2K`oh8nM}N3#IZRXq2!*bg4G|K`s2!0uM^<>(a0)QaJoLK~AG|pbwdNrV
z&rxt}z9euLP##-H(<Uw+mY?LYwhA8y1vG6@%Ij!qU##=*p2HF4ZRg|T69F0>r0391
zidfoMSiSN+QU6gwzLDf4^3FRPy{L9nCOn~j+;>}n4mJFX-`Dd#Xe``7&4XbfV;C1Q
zxR`MEfUfK5n1Bzy2l#~e5d3?|KJ@4Z6`(;?`c_(8Ji=J|{h4p~2;^jBJ0C1m<}Xjx
zs1vV)E>WIA!iV$MwoE^Ka65BhsXgF_!V~88sy#hDZLf#k7Nb4|l^Gfw87mj)FUUGg
z$UhSaWZRnozS;cZqI#pn`L)jK6>a09Q&KzMcpoE$Y1}S2v8`dKChM}(+w{guuEMth
zns!_Hjm-+EdFU+G4;%OHo8La*kK@f}SzRX`PnNI!(NG7%ZQ2=Xe0WKww>X&g#Zw`N
zisfpOy>(~_eNyy%MXbz;kn}-`tO2~~fKkp(XA7_;aVmtWo(IhWP=S>D;z7M)$u!8K
zSu-KDt)icLfKXUFR`h-ju(K7*g|9!wj;UX8YPxr4=lbfcXPodvCFRh;?fb}V;<Wx2
z#d@6>@;>a`@Y9cZZGaCeS3{Jnsi_GO9AuQ56;@=+qz%l+&20uZq_^ZEg3R28I1ivL
z4XI5Qw$?*3#`=7=G(ImYEDrdnZZ(oEFD-3?cr+5u%&U{#Dmnt6jxQ!Odi2#fyd~l{
zF{gW(#a|_P7TqKGRo@Pb8yG!#{lNWaf8UHV#H75!&$mlDJ$M{W{cJ!Y<L%{@`GsoR
zHltUUpx3{F<Gohk;Krxtwh{6iUzpm#Bl<2Y`(RcI*Fh`V{++xcPp^%C<9LYqmhW${
zXs29DRz0FowGay3jEtgFjeM9z97Kic;c$;OSL(oP7LrM5v-iDiJNIK~Lfu2zzT_nf
zCnuz_CQ*z+Ym}Wny(6}_*P=A_ns{b$hLk~{KBAxZK&In#|4Hj}k+Hm6lG9JBxgJwj
zf6vz+D|GdlOKmMN`KIhoZIsGbA0kPKazr$$Cb;I%Mo)9l9Uj0!i<$)SPV!=9hH{_c
zQFIEG8swLC>S+L#Z;_3ZD<)+wA8uk1iQStPaPi1vLSIVEO;VsG6BL@|o)g3pz}v^e
zc<oU)<vW(LEEI9RFxgZ~zSC^RogG<<wInja(8}S)Jl@8}MobMw?mrvR64ZP8mX8lV
zVK~fId*_e{ND!pBNlshjpb(cWEEMpKS%H_Amv;6Tsg%vx`+v431M>TRJ0K&0qWK>Q
z)S?H(=t=%r#aaLL)G}Z&BC6E8(>rj1WycS)u&0gd$B!S+7alXo!6%?=RvuTlZXad+
zgxb3P;1Nk$AfdSvt8;Eg#J6wZ!5qPj(J$dGCatQME~RE<j03ov{t_Z{)H6j@hn_#c
zWAtH{m#|cwRI2Q!`7Q%VKSJBmY8+E_0)PE<1mQuw@hR?-;Li_=k-`8kH~Q=RNp$IK
zZO7+ENs+(m-y^^HugG8j&&XeE{wMPPRRCuesFi<uedu@;j<2O7yNS#PjI2`LT&ma(
zZSs%l#?pe_t@|cOXwKebl)69`QqUD@pdcrA2ZZh*eg7yWgOG{L?%gGUa%ZG5DB?5M
zmt4EV=QVbt{2Ax|wyHW8WlN-)9f7e^CqVC_dkL^7R?g#Fuc1^`SiIJ2fuQ+$r|7bc
zmhD08dj;ORxki*+FQ=e>`Z-~Go>AstqJg?*FO`~W)2`h&uNc%BhaDM6f)5>Rciv$X
zu%QS}gM~=qpnuxikj#q2Yg644vKbIN=U?c(_<|g1k4u{4^CzHaV6W%eec#Y+hn~y~
z-8H2j0OQ(nuU<GI(17&g6@>iEeM^Iy9j&&*{qPdZlQjgb1}xc*(t?Ps$9qU8IO1Ln
z?8b*0lL86?!{z`M2rHvC`4@VUsExCS5~&zIJC@xng*|!nq03A(VY1Rb!iID~52=hV
zxSg|els!DV7`_X6GPmi@x5Luban*>^#bQtg(y~0^fvjvZ{azi|R2&y4<Cl^$ym$#6
z2^LdzQgZ3)X#M<bUy|6>w`2ynHyr{3FV}26H+u6vc=l*fq#Sv9p->r}(6dEE*-p~&
zEs&AV{V`zVc;i56eN&T;4!bxob*e8_vq%z2`ieY`CtfRkP2j$OivCoZ-u~C`4o3ex
zDbDD+|0%FYkV$kerEu0Qg)ZTG-#_1@c8)UKy-5WTBg-C?cAa~Xk<3F$XkD{x41XM;
zsNA!$1UW8RxR0JuW>87Tx=pERY0+-73kxCW=U*Mru&~%ORMyhM?A9v0`lR}Pt@rkv
z5A*N3MqI9O7FAalZauD%r4tf%OZ&zivgQ-Vj>+GGD4K|}usf!efcLz!E<U`8nw^rE
zCPQu{fhESr=ck`eCGGR=;biAyj{S%W($|Mxg8HPB@;T>qJ{UEdw{Deon-@;r%svDK
z-64k11L1t9H=SQN@WldW4v$NSyY?dcBF=VoLD@{t5cP{(D`oBNXU!<`Si<nMH&rwc
z^fF9d98P@{Q_3|@K#2h0<iSf@qDe$6-FowoArF)Zp{u=WvSwNJ$u#X+mN)vU87=N$
z2vyE56(e3xlakyg%b1ZzMMftz<;~Bpi=#UCvHH9zvB@U}H?FL#Y}YDef4h37aoWk>
zIVXcmaAO_}aa_WW9`W$&I^3glKD{a7^a7)>>zuXq8f<vZ&xa!{q$(<SXL(&ou!1PF
zb$e%Lte71c1(~MvmM>>NjQ&{MeW$AU^ClQH`(58MFE@V`-G6XW<r#AAuQ+G1AF=ON
zrWPX?-rZ5;!NvA`z$~}7zklz?v#&zw<wWe`3LE;fzJh&(=8;j3-TDX;gtRL_KZ_l;
z1882(i15X4a~qGk$8XJ~dl%@wS=sPxw)f=eSy?OGj>=FM)c@}V%e!G9$r#9n?N!`(
zUpJa{UtL1x>okZfc|YW~v5usuc3i5hExZ%aA{sb-c_(s0F+;j97E=qy$y!*s9G-G+
zotYK*YOJhO)!@&xpTGXS4~LR%-Mnpm5SbN?RZ2)mh#OPGp&$pTUX5d}!#k!OM;81}
zli*_A&1<pD)>m6IO|3?S4X`J1{%6nTsoji=5YP`AKl363j+Jp+kBvELw?)c7ex)Y;
zWq3^|`20P6EOW*12R}avOF!pn(^*2MhfxxVg9l$)RNY68BjM~`FSF%x-WC96hp+Q@
z_IYMs8UTunX<$Cx)UYA54F(iP9mZZ<A@al)Dci+N?z%A~vexNQ7JLNh*Zs%io5;wH
zjj4+2Jj_ZM4rb4Nm%)O{ZS?#1T_Qo8z4wOotzz-Xdh-Cbm`5H}LBO(}_X~+f7bq^W
zTCPEN{zpP^ri_R!{WP7cNnr6MQsn>s?~z~PSLFZj&&c1%{3r4gl-8|tk53EQai}`q
zeRHqjqn8N<9^peDw@syTqUsLf7wdbHJA&DD_NY`elX~EreYmD^K3T=|ivHA^VQo7}
zecakwFmL}BdMb%i_#2}5>zL4C{r~Y8tEauY?%~kTb#$f^a)H4ZqH+0Sq1GY~IoBNd
z`?sm2->z1gh7<f!&u)Erc3Uu%>Ce?*5)RBuCu9md<>qE)C|_@2RwQieASAD?g$NdB
zz(JcUk|Lrtws4i_Eom#eq!G>bzTeKr&#$h__k#nZkyz6`yLOo(yj#sxzsa*2&7b>n
zIo5rSb#beP)NdKMio0x2Ph_xBea(qqG3U63Ea><g0$?r&-OGByY1!(Ps@hL3rI`s!
z^Y<5s)%TO0J~h|FcsY{?F%vvNmSU6!ndd6Fzjk&KoFlB<5+)VcXk8sq*u24%Zc`1!
z+AuU)7wlDT{tdQ3n<|x*m2Ww^h>8VR?x-VhBmBjAg$`*)5<G=i{dW~Pj4Wj^37G`$
z(s<S+F7w(RBTxtTZ)3(52d5nY{e}45F~5G&_V!9q=9VQ{L)@(z@L8R&kb8ac6RFT4
zdL4&tS!}1q-l;2ak^!4Y!DZWPG*cU0F7G9r18daoe!(5(g(LJKCKd!B>alM}DXwxy
zn2&tdnqhe9(cEnN)t;n~j7b%eYUAe3#bJs0(kcw>UmZ+`mcjkdRaaU%BmMTIijC?m
zL^u*Q^EK<8!Yr?lzDe_L-+Lg%6~){yX`FvI<z-)M0}^ca&$*jNOfPP72OUdcNVu4<
ze*0b9gGW-{1)q8K7YL{DNYqOKQ+_f51~-E(8PFnU-fJUPPm|iwb+7)vcc~`h+DePc
zx5A<VT61XhqR%3U<ljVEk@r@V_?3r4rXq@~WT|RDmn07!p^c{4!NpFwzv!_0&@Hw2
zacSwz7^6#Vxk*auHr}NnQ}kT-A2-#CKV1_tFZ2I83}scG{bQ%9H820CA5xqZw??t~
zH|X}inQa?Au2|#aRI(|ns-_*et8j1Q_eS@%eZ`FOD`osfnMFwIJ}$Ly<@F`x?u8%$
z{1n3pU$|K|d{=BBAvi5Tv<_@d1nYO?O97$tx*_Zy9u0|W&SeyW&XrwbV>m8m<(9wG
zfHPHh+ikk~h`NOHR4*1IPJbs?SGZ3BH;SR2tfPH<cL22s?tCg#3A(u$7-qn75M2RV
zghT{OKEXOSm;&M&o1>d{j|`3#<QycI%hTvhnB+R}grU6C;wE7BaM_G)hwI$_q&M2>
zCkn>j`j4EJ3GY*Eh!7&!G#2hTP4WxA3XExa>88(xzCEWcKOZnD5+AWR<q?t`*;?i7
z!DnE{S)>@V<CNeFIlT(1JAq>2=bq7J-^G*+T6m-(c|`Htd$uNR!T-tSw7#KnZ`+y~
zk7@%Kvqwke2Zj@HWg=IKW1%08D>JvgRrouRGwqBlg0oGzd}wTxew(VANH)}vjSAgZ
zlm8d?XMO^lXig#sdE|Ggmh?Wg3ot9bG%MR8Hpln4+F_R!Af+q|f<zvP;Nb@N3d>RU
z`cRnezN=&F?xZzm$VxX6wtX5Ny84Z<g(=!)rTU)P#g&gdC2){2jeSYId9xIZ1zOVH
z%~)vw>qvpgQN%5)Ry2RrPh&Euf>JNrLe08zG+@MciculF3jqRCMcX|PK9Fejg;NP0
z#)9Zu@Ne9RNqc2K85x-k8#c^S)a)6&-eb#%omg@IB*T^~&MHLy<5#NIlOliLzej$_
zUy;A=pOL?%=1=5L?nQ@p5mljg|KwL-7~qZ9K+u*#=Oxt=YK&Mo@`|%Q2P62-xEWj0
zYg4&9gC`@>@L^Mh$^!mg2N<T@-xhh{PGJL<l{LoVX)lXhJ2ex4SD6NO5AyWT%rdtR
z?r)1<HH$LQkDXpUl?l>Mc(^-rL^SF4_30aIxapZdepFS}JSF65u)jZYXhuD<s6HTj
zzSliPMLtu)E)%2<mb~6M9>;6bxOdxGO>4vE#W4QZAa$(@U;$#>MV$3hZYqNVwGZfj
z`;iM?x~D?I7uw$VV`3!=SCo-`<9M~eRA}t|lGPxq-IxHFygPlCM=#yTFDZ#?>0Fn=
zz0c21Q!ID<4Iv(uJ2rxBR_iO`X@$`1;`3Kp>%o}pdv6su|0qjyQYS({R`zS}ODj?7
z=S8&Zt>Z?zba-7s^dw0-6uP^LX`J%Niurb*V@Swn@cOLOxDfePU{&vcif65WiPnFM
zU|MV1&T^^2zju&?<5h3C%SxvCfW@sU(cO>ZtD8y}U)!2@92X>}!{@z^ydN)?getrv
zX_1&eutPHodusG-84#O&C!%P#Z$E`9zpJYY7#N>W@x>Z}sZZkAJ6L@fqyXRog@Xe8
z#e3=5L)x2u+h*CAnJ<(SLO&QYDCIOL7OICNq@;3@Y%Ftcd>tNns;<3W&1JgpecYY+
z`apO8r`bl-1Nyv&0xn>tp&=NDYDx03X^sAd^^q?KY0LhL0Wz|aX|)?*$Fh9j=I67@
zo=;Q))VCksrat0(V$kcXylM&xF}S)c+~zReeaz=^<?DrW0#*89oNR9e1k>iOY|OnW
ziCNF7>krcHLt<aYSCfy};JL<yR8pqplTx_hjoT_+z(2*_>|5J<_Em7R6*Tob3+#K=
zTBYfK@TV>Xo9l6t-Mf`}n@rK`BjpxuuMJx$!wyw)?~!M?SN54Zp6b+DMz1q;x5yMy
z&S{CqTW{BT=Jn!?=dFzl7Mph|dTsV)3_t0(;-NV<7`;$m8zUk1V9$8*&#T0N80Vi~
z7ru5H_kXz2U*{kn9XkTB9%I0m@4gEKNYZTAq>YV!zeL___NoU(`{|gVqe`FJrff~v
zgJw(PJD_Xp&w<{DBHBJ+_ka{2vuRL$oy3K;FS8}1W#+_^nQU93!rPig9+s=Ga&in}
z;NW`EVFg||eQADNB@QPYzASD&%SEkJn*Du&=VWg7GE2G7!0p-<^X<Gfqjz1lY}ta{
z7~VC@YGHr4+>Pi2iGMpuzKE=>o=oZ~O?S^*#%sXXwCio{c=}0WlCyG&RumUn^d&3D
z<4ithv^3j=z8Qc3bi=jR%a53!8hIq$G@dwXTY%YvD|Kg>2DtLpTjj7Wws>;c2ysrc
zB}cluPVUcNTUEH~PW~zrW4N<AViy||OG}mQ2}d0rUoR$aJG)q28f=;?Ix>`oCcU{=
znJMM#Fq~pZiHT8>0yVLZAAiFV!TR03iiQgJBgQrS*#k=J;q*pBTKjE)m%J(&TlYvN
zI<5l*GBkQWCl+Q)jz*-JsH`yl)h4&Lpefl2b}?o&kunQBKI6T=0HdTAFJAPCu{xE$
zR~DvQkjt3xTQqwacctt)H7El=e|$`^@8wPRc;^6XH;(x?k2>>BM7NDgNX*pF>3CmM
z=%7CTwaC<-<n7X~@jz51*CP{WRcqt)^mH)0lqjkh5J6H~?$^n6m_+wUs7c&v4{#<L
zzO{DE)t+1(AUqgOgQ=P<H@9NJ79aXVy5xkLH`k@yMx(6y^P!)%-4&Tetd6s~CMKNX
zRhN>^DO{yKNk~^)1soJG%qeoQ9t39pHDCwGAubPL8bZPCl~ZR0D2jJRWe*-?AVq$b
zX^M5?>(>4HXWcfw%MWPqZ;i|b%5^I1*72?<k|KYfG$Q{tQuJS6@J^Bx^&feD_0XbS
zzizwex^<*?xr=uhB479GpWpxg@Ao3T3wg)J!@tgtntz@jUp@YuA7|{>t?Pq7EBZ-l
zx%nqQGx*r^ry0cl+;)eSTCA)tKB`T4n)kwN8jC$>>7fpmN(`UQgUh6?jE9ObU>|qx
z?eUCDv%_~7P%FDVdDh(W7~4gl$hp9xYeHO5@WfSe%JxtBCbWva%2z3D{OU$kB%y(?
z7_M#D_vKjSKK9g|9PJl@LE5i-Vsc!3jpcJq{*Oob9(5~~U31-WvX<>NRNIgT%S<&M
z7lJ?$X`VWqgOX2mujb?DxoUT#y!%DnIw{^nK3Z=h<QQ^ANJ7|cZRaFf%U=CiI=5(9
zJ4`5d@igh*qE)2aWuxS-Lb>Y}ZTEq{zcF?ychR5pliqUg-+w4Io?qLEmniz?X%Xn~
zlUq4kXTznKxCYLe67#vv1}n_%vT1VpIw7+(@)uL5^)M6f*m>8WCp6l`9?umMKc|7(
z+JQHrQ}3izUE6ZChp#6%fW?G-EkL4BmxY)5HWLGbjzxUwmcGNBt>fXoH$K#wOsy)E
zM2hH|{WZ@71{2FcD=lSZWqEmdBcl!gsvLQ#^V8SWZ|t5=NlEEk8M^@l`Nd5Kff~6>
zkq;m4U}J-4Da(!>UqHS?M9tm)=-t-#)2~%f>>KAxP{jh3p!Gv4#yoyf$pyn@#I>c)
z0Op9nfjgv>Q}D}#Y(66`&6XIk3qg0q8+W;(FUNQrQ%Xk8Lh%)^tQUT!+H+S{Rc)rB
zX_0P9lx`<P<wv%KJJfs|?~|3Q1UJ$WI1<c<JSS;6I9AYe5K#P>e|vTm+x#^cC!f>w
zY0~kV#BIOHRA@t*p8oM6p`=5lFX(tLQ?$v%os-n4)+EFW25(PWJ~P<Ap57MbzVLa%
zVAv{&YKR09*Bexj+r0X^-#JT5M`vcTf(t{l-e3zoBi#lMcvYeC3hAfgP0Yp-;o;2~
z+SE6rce>(w$*2JSBvFM&@bdTX72U)yHCcg|dd&7yavhs(eiq!kOM~n80pJQz<^1UC
z3J4VL5VA~P@^08VrOi8Ks>dF2m+`saMM-n^piecr7bI;f*iCnIpZUBJ>C`5vAdJzK
zhoYAL<?%<p8v12VcIo9>j{lr`%w_S?=Bo>8ZJ2bKMbki&MpP-LIJ0|kPN7#zua${(
z;t<||fD;w<Lz2I=0l=lexbwBkWYu4a-8k>v4Rw(9=+ibcwC34E>YGNH;?T*AON0y=
zv$`lR?+;H3POYHvd#tCEoGhKub5B+eDMYDSy9;V874{0K6z{241&?i|rX~(OdkSl<
zBkaP^mwBOl;EN^k#4_6=rn9+(&&ki8iko8;5ey(~`b<I+X9pcu9<fKVzAmaQ%Jz3|
z&5mAMsQ0jI>W?!rT;6N{AxdQ9{+p{_^13E019}A(=W@WDH$c$n=@8an&7M2>EYdW$
zzhZE2#a~PtOE96=ZYw|l1npa=TEs-nnRVsTb_}v?XJ)=5Rc9U#K8obS^m!*O-lm5Y
z6DJyO-4SUZneT3$4zzwR@^hT0hb%O+^~%N1jZdZ9w_ElUzaTBU?1k_1lRY3`Wx(%l
zPD{(r+1Z(!l!=i@REGr+ax!Q*te<X}k>1jn(|F<28%>Pon}DK5!826++D9Z8k}Phi
zYu67&(}b^kjfXT|@RJB|?_t;1OB6ifvobr`_Vqo@Anq^NQe$K`SR!sswntG3j`m25
zwPXiPIpxK=X~%Cfn`kwL<YJZLBvGg#MT00WWfu${_j4cII+Z~vG6^ZIEJCY3@!WUN
z?OoyjMQwbtJ7ggwsb(1#_vgfl>8kY!?#(#(U^5<7A+)iN`>!KkA9xIp3QgmDp*^WV
z=9Bxr%)xRY{>k{;;dC0gW!gLy2AHJw+7yr?f5^W_e(7J4zxtn%zens(<TrV`Zk@%;
z%PrJ4uywoRr#&5N>TYRYeecy%wE~Ow$ZwAh7X&V*;vDAHSnz*`j6UhZ1V%Etc&D%d
zE7m_h%rQ#K#+HX60D;?PHepqn4tJksW;WQJc^zc3cCPb`naAU-ADwLFo4?R@Q>k2L
z-;r#-o~nCb;7*XYxCy52!nwCqcn9=F6m(inD<R)jqLIa?IgpZpMie!h_=!a1yJrTm
zxm|LTGSG5+$~xd8=QHYEUR7J04<}yx<)Ey?mzsDhm=i56EnnGoa&Bd@HemA0UeF@D
z>3F#<yAN#OL+M7=6e}|4L^Y~)37#ZZqy=#4ESvOM^!MJioB5$_sk2+GpF1m%kFr28
z0%4M7r3empwR^0%Urj$b6-I8!SmI<sv=|hXV{xsPk~ntF?NBgblW14N(b%!tqS?8~
z1&K*>-}|SRH9ZIWvMM;QW*He0+0S<$Q{@UiJA0pWY6jA?dwiEaw0H0M_qR3=owi$C
ztnLomby+ji<$*Q9G9#mwaZbxjjLvmSpeZPg*Uzs{-0H|a#3+(vbzX*Ec>lRb{mIFk
z^o%g)sxg_Kk42Gzp(ukA1e=ccXho#ogAZ{}ciwm*n`!{(@sGh2H){5~7S;6ML3YD`
z;oIEUS2j-00};rp(#C}J#SJK(=38Pnobm{NMe};c52fb<Gn$=+?%@j^2T1BgYdk>4
z1UyV?`jyDmQEiIxF1Oc<=5&|-F|dBxzFS}*W5y52Cep<v+k#oWq-viB;Thn<@*O@5
z`WWb8*nCoB4H+qOaYASMRU-~ed)ue{;C_`7S|+6AxLW=9+7_|CuCbn-6pTA^?5jN=
z3G`J@nHNvg`kbAeqEs(d_H<TilV&>{S;nXI`SIRa(Pugfg8~8r0hvYb;twZZ=9vUm
z8+Gcrk>8%o)wQ_1$v7>BD<a1PzJHH8Hgan8gV^5Hf=kizT`QBp9!=6=NtbU<<c+>=
zmx*}7MKcz0c8;juP)qZ}m!IDzw~s00<R^mV2&EGXhVgX#SKl(+y<oV6e&ksD8%?!}
zO;47&Ot)IwuuN!K@g%jdm>aU6ti-*!c`xp`n3xy`!_(qKj)T)T7bGXchjDWxgOrZ@
z7sbPKdqkV?>=E_bmzaiqxQ%Hxyf)bR?KdbgTrch7`xrwIC1{smreIq}kwZTh0bZbo
z(zlu4TVOsXkm)3S|EpSizLEQK_HxuFs$lPq)JT>8Sr`1?qP2PQa-7lev9Ul{pSu~8
zW{zex9u9Lsh(rXK=<w|`MTK9#IspUme)6JXP(-G0QGmQn#yqPi|4Ouu$ooCU8)u$|
zFR9J;6n`a!)g56AyF^7BC*BHPyZ5%J`box4>hatG&Pu6C{m4x#kKbpye|dQ^;j_M7
z-w8qi7Ql{yV|*d?cPejgBzq|j8cqCR_OO(5->5fOatd?pJ7T{UXUZM4<D2t93{GC(
zcBBG&BBxY`GDzNMZ?9b>5|5lYkK*$O`N>U6G>cCxf9)}lYbtJSb`I7U!7-+;?(e)T
zD$KI;ud)^I?$7(2u8wg1C2%SJ0Y4S#R$=6E8KW?VmU~WltC4err3Dir<YZ+FfHy%H
zs+@QUSW~55giBR2LAEv6{EaUkrH0lR7yy`)ynKpa7%ggH8r4*@$Dw3W%j{`k_NfL+
zs8%wyXm^PnK76JlqXm;@a8kpzc;YU6mfQMelmYql=DEFaNy;`!sal!u+d<O8q6$uU
z@#ayb&;A{3^O$oFTcW5NU^Vn`eqN}U6ih#z9X5kOX>?54D_VYJcr5pD{YZZL*rht*
zZ0KZ{I&y^@ZOg)c3a+y#xE!u>^%gV|?m7DKSE}b~`M?wB*zx0`RGe4ksxu&-WlW0v
z5&s_fWqw8es((iQ9|M0PzZfgDp06#ysO9cF-F~x@Z*2-PR?TQE_6bCIEVXw=R1PSW
zjRLC2T=GF?_wWLa6aDK?Dwrt*(hE7Sh98j$_Ji=34U)-HCI0^U*l}%w>9ndh896x;
zP^v4psT(aC1S=Vy)du@{D9N=da=FiZB$Y@~;#p}K>gqh7vGRq>p2d3f)vn>(4l?%H
zt5d>au}UID%NH52HapISJLfLWpPV8ku|{|NVj`z}87XGpAH9>oG|omku!YyKN1t?n
zI=GLAhcB|E>fw7NAfo#aEe1D`9_ZB~zIL)WosU*#^m>maUI8Lxm-3%07Fog=dFD8+
zoN4vqFk$Udme%^@Hu#5>Jo2j+;-rj6qJDWyW`CBHhO%{(X51p8XtI&{?nf8MvR6fC
zY@<y4dP>!u)DJ5kLnkv8DzeGG!NGUPnhAH4E9_))bkhY^4m{%0+OmhK_h6%a*c%LS
zh7daBd_O3Dv_u8!PuJb5@VbEIwWiu2qhGg_1LbBV=86r}Uv}-?+n*48<W!+qE~wvT
zZFWa=C~m$ub@iiuTYIqur?54Jh{pV~qhfU>Ml%`M*--^?={xQ$y$LVjv(ChzfH=vL
zpNV$SP8<6qIP>E>W1hA7f8Wc#hFWNsC7LJ2J?76Szf0yyJ*y=CJnw#;KFDK8fK>Nv
zdiQ9y`6T5m<3DSj<9)w=eCr+?&F??Z-uS-e{i}!?Q~YlcRd_q2lQ=v)NsqVEi!0<N
zy}+J%{G<Ma@U<UWC;cntXPv`tY+6`aQdL&o#wlZvUsTo0qmFJ+fWQCtaSm6coGRVm
zbb`SM?jM>!N=iz3*N0zUYUU3;Hq!r7+)b8<_bzpv;CF9E?maSMeI4&gH5+a)kC|!&
z5Hb7iQp_Ag^^!(2#&UXsKp29f<M(Ogo**V1X@t!r+~t=cgTw6(C=qUSm@^diE43lo
zmbCQj!$;1ixG~#Yv^pzP(xSO_M#x=H)oUBhH>O1DxpDO^M<By;gt$D9NdO%r`+)6{
za8_sdJWV{fWe6yQf`Y=(se}9N)>eLI80DT?cndNaqQ2?+%g;JF#_0^9jt`!R3&=Kr
zXE|9|TA!$FZTc!>JO|DC<>mDoH|YpjLWT|&kt(jBDS-e`T2VpLJ{>C;@^`{eVZ1*$
z1(`dy_jGr|IA>=>7EIs8rss<>k3hR?h>ex?S$<q~q7msf)!45rGb-yiIpv&DA3SZb
zxFr^Vxb|EVH_!h4qw#k*Ni@y5RpeJ3;?_~b{Uu?xg$w7w&qPIk8PW}Es|^iWvxOwa
z1;Wm|4LW+52S9fC6CKpE7u86Y0;}5wIVf8~C<63^f+_VIhHnK|G1OHV3~nb0^`Sfm
z=BD}wFgC~A{-W?7hAHH2ovRW=ZDmBus}2qrz@|LOyB$v)h28#$EMYXUr{^K);n-q)
zgTz8<XtoPSj+^!Siui)pD4M;hm5o@3(r|X{TtikD9)^8s0}sUBHmGV5n=_Ksv`=F~
z#`1c}G6+*zX4RzOjHRWe$gnLh&>_JW7%pfjU?f;U>X3!6V38n^%x4*>^KG(I6g!Vc
zmeI)i9Hp;8BdkK7=V{KwHu+RA^`gkecM`S9W`fJ>(XPna!sH(iz;@8;W=8*{Dqx){
z%G#wEtoX_E)q{%yyV8<1VlHu~Z<}Rw8p|Dk&{KM%JWI-K<Nh}tW;qc@$h*m0*PuA&
zIM&g&r)Xq3d;<eB**nO7HW5!W^hTDgVJz#&T&p>{Hb|zR6SS2{P*@Y6?2zyFG6!w#
zkSC<b|JT1qe%W7<zw)1vf9%np$gje?Ze7AbsTW4I=LLxLu@F)D3Jy8u^RW32$qnjz
zdh~Ibo_woTMB32bPAnLA9!M_}rPCL6zg=*}&23qFJb(8o2#TFd_f~w|-EF2M=LIPp
zKnA*V0#=`r?=CKqCIEbgGhR~ZYSFT=Sbd2oU#RO5;(IavHwGy%xHu1rZ)j-f?ubJJ
z8MXR?uFImacv@T%Htb=eV)ZgT_Tg|$E1A~kY`;soxo4_pSBpuiG|EO*GmNA`C@}q$
zt3iX<PEUXJ>eYA&Xf^`(PBqy&WQNw{CBLM3g>JAyvle4+e7k7izf(+%o;5Szj)$A#
z7a)@vi8C&HDjxxk=a3`1AxVI8fexV}Ni~AN<bh>P=S(E70;dFtZ~y9PF}27tIhf}m
z82~f&90Ca1ck1vptR2)QwB7A29RPgbHRdh<CEGHff8Po}s7mnkYlXh(a)ObLYT~1x
z(j>&G&Z&8twTXc1R;iZgbn`aeZ*de552Qa)9;bYm10e(<GR5}9=~eBi>FKRow|e)|
zMowC#*PN1mfT^CDb<3(MDtKTg_Y^`#3fp=!6_tt$C>){p?}ybq*cQ@<r9wxpMh|=m
zVG0C)rE^hFYr5-eYFuYNs-}f|k@rOh8@pRd5U<9bRR2h}^YR+WF&m;a6P<{xpkMhb
zPZNK|LsmraU$I_d(;uMhe+2#ibqa*1Wsop6MH`uv-+$=1{Rc|>^9_}Z48e3t1r>Ld
zk@xmkS-t1qX%YAcmV3z<|2}v)JDc@+v(SpK))!p5SDt33+~;!*5)L4Q?gB-Kmp27E
z(RgHEVQ<#wql{lT&wJ!W24pd@o&5SbIy%5l)qAUKfAeQ41YzEhFdd|N;76@M=%>?T
zZAF#SIWgOtbV9jpkNvC<iN0zC@2qX66D>unx}|o&GoiDX4)qJ{KJ;7<U+oX9ECK|D
zcyq_cXA?R3SAe(Z6N+e3fcp{*KWl30v8HFAu%(r|(bv%8or1&kzTLZ(p5;6@3Vzj)
z`0`To5cDwa7(fQY4DAAxpUNLFHG2EborE7~e16|2(04{o%;ys12=rpd^jxboJ^?`|
zbxYy_t|vyzd6-lMUx#c56AOzIqN9T1ql(~V+y*@0ODLJWX^!|>p;^{rwp^rF>9q3}
zt%LcwCmB9_X+AD{-e$;X)Cb2fAGME0w4`UfZPAKe={=zJKnk&UQ^-f=%Y!%srdl!x
z9#9v=I($bx35@GqVXF+sIk@{wm?i?ore87&kwk{7%H_`RaA0Qe6Eb2w{sRIn=KBxw
zVJ?CTgl&VP=P=o$<6tJS(z&+!6En>f8+2}kJG>Z9yTj>{0+a+BcmcrKbB!BWvQ)!M
zO{X>E52rAs`mB3QT)fCLfD`9qu9gve*S04HIWJePK`Vrw$IKLUD=A&aP;K6%{=5HN
zAvM>RmZanRRE$hn`Am{BCj4X_5CI@s9hZnP7DfgJUzyfn6=h}LJ`C8QzfezNi#WF7
zO7)j38=H;toiOI5EC}1$2`mD$1+=r&%PjlOJiEPPBxo0NnN%9QmR}fTDONp;7AxNH
zp7(gJ3lTXNR>)X--q;puY8xmvP1nl_Y4GH>KVDn}%&GZ|c?Z+f(W=dLf)TqeqU~GT
zqq-`P#Jd&a6X_K~yhW4pB%Jx(@>+4m+}PWtF{W0_F8Z2pb89<~fYKXCK6&TivEm>D
z_Yb2HXKm;f(63x8rPu7ZS}*&C6#3u$d*nazEAm(TGxE=9{)zlz)9coKbGeKH6w%u9
zF~Zp##)`nlJ2_nuQB<@B&OoUsQ`j}bT)j*2rf}MZBFYyM;)Fiz_xI#HPv07;*n;Xy
zCfNyy4qL12nb?~zr}YTeU4hW(K8xJ@v|@cS^8WeHzn@aq<YHO}2jSXCD`%{U(@MCh
z`n78>zh770(&`6H=dg@Shm5SKs6*9#p6+Z`Nge;ot(o7^aM>TxJRl$waXE`=C*;Ag
zSx5y5+UreH2#Mhi;nOl7s%I&$8Ea|XV_aiuKOL6=Ddy|pE*wxI#0T+_;usd_+(AQ%
zN88*M7adE&kWW*wiYBI{{6M!Ji)r}N)8KhrZaNon{yUViptMlrG}(<aXL<(n9U~(n
z*xu$(H^(F}V5l9Puu{y4kmlskzgB<y+$irAZHN2Mue6+$@-g)Ab6s_{kI@7dINYK6
z!kJoUBrq+{4X5GtNn&mSsl+tqIADFN?oJ!m>LF>H4oMw~aK&a&Am_0QSo^O%&v3ge
zgOe^-BxiD_83Qd@mrHC!goQIvP2poQ7MVR=Xi%a-^8?|m0F5xbuc&4xbPAx=k23^w
zQn<44Zg|ztU}%Z^DjqWMvVnnteT|lVUtZik2bK+j+R*X3kZIVAra|Y~p9p(^u-Mv~
zSLqo?R_A+g>zbhjqZ<?$$bRTjSk7|Qi@E1hYueSaSNl)E4SDudW?b~N{c*y=pU0cG
zSj{Ghlo)rvreqo{OPO!Zs`+=P*hu%@ZL5+yc|q^TnMDwv6FyoU+;R74p4y3oj8uc8
zFEaQI_io22aLb9+ztGDf+cNwB^+nPv{(j;A_|F;g_S(V0KR+w0CbBlyHs(>kcz0(T
zZrCo9t&X48R^0^ZN}s<;M4QrFyide1ocR9tTRki<wRzh}9vJ!PdNCS5zu$JTdf!ZQ
zNXb%Uex3n=eU|apOHHhr^r>f>>4RzN>zArCd1{mheH<N2{rM8$sS_6`UnWZq3H<ti
z`3)%<>^}rv8vL{g9_f5@yz_qgut1oodHLmwNhzP6W&FC*=`#t14#^qs;Ac`GHqiMn
z;+ip`?m=kCoLtJ^FW8J1JkOA?2pT=K-;i@4LsU%c&yRNf`VoKsvaZ5l*(j=&CjDR6
zzu>P;kou(0=m;+?oI=TkPe`}5ZeQSHwP#^!*AfL|&x-f&SKh)a8}#??uNnww{Plqn
z3a2#O$!$4L{tyt5`hBZ)GqnkZAN85eHZr>F-X`75Ld~SDEJ6~)`wbo4$!Y%F^H;iy
z9)*AYf?F`XY3WtimU;ExchfO6>Yh9Vo%zNy{(g-_u-|btfi8jn@ig69_*a}c{{H#5
z^ZutEO38kG%O}BkKKzJk0O?oXqHL0=^xc<rHr{`z*wApzRhX1BDN^#ycgl)ha<}ZG
zQ5Z^lL=h14C?>`j{N^CCH|JcpSM1rlw-DT;aE{v-+;}t;+2!3;WX!Uz0=9arDYx=6
z-#gct^s-)H&Ufw*a_r)>H%{KnC{^>_Xw;&Q>>6^_7~v=#03saj)uH|-;OwfgABhBj
zyhsyAY}Zr74v0}P(bs^wR1wHZPe<oD1MU){#+hpd1_r*b!pd)qRImpu@?%IFfQhAG
zP1@pdpR+4g^A`%dX6Krga!JVJqQnhLSq-Ia?Q4)~1^L#B3qY@%87m+4a#Z4@gf<gE
zd_7Lp;fOUzBvMb0=)E>;s4z7AQQ=LB{CWQ#`Q?5^{_=lD{>6=dB0tlKb?bh<+&-xy
zGnBTn<cNjnsVT5{2`4@zjL@9|^Y24d)kRoNgU@Mnf^-+Y`VXMLR9Rik&(Hs!_*YJj
z6DB%ZPwsaA(GX8cjnJfQ1jgBc)&)jxoMwD#(d>&kbU8wFv*dIST|nrGwgGP2VIfwV
z*#zeRDVuuu!CyFkKBCOqgwS@z`12}~tw)mf+y|QxhbJC9eCW?WL5!ZwfZ<k}NuTVu
z=q${^RB*bUh#kA~P=V<}S<jXIN^Tri-NSF#bq2C#V7Acm{CRe%5kmrrHH0MCe;V&Z
zs;tVc<>mBs?vV@91qjH=z`%f}B#?miE#u1z(+GkFP|aV2-c&{+sK2Q=1v&Lqi)O~Y
zF6lSF?0Q#EGT!a(29aM|m2zXqJWhBLS>WKogEBItndYC8qm@DPnQZPT@Zb<0a7ob#
zT#NFK;K-km+bULgFSlm1E7*Q{IT$28M!T<&|2U!Q3)hQV$mYx!prU-etD<c=u9Nh*
z&rXNuxxu_h%YE^h?P<Df$=NV_gD<n1$5=%^>MuAG>SCn#je4NZ!L4FeH3K2bS2(RG
z%B1EFkuFr^>j9gE$i7&y3mRZQfNtpwqh+WIBdKiLVhc4Q_*K8#5El4FZmtG{Vh0I7
z0WLv@E~NF5z$dSba=>drsGq=MJO3g2*$4whSl3CB4S-f*j0%S%wn$x5a~vhFz5OIs
zKI(K?Ff^~yn0zCMvj5zDW?T0sNZ+nE=PCeBQ<vem+w-}9aBxLyW_PEI@UZ<*$Sb)`
zZ0GM|>zEV~Ibsbo)YR;|DvFoS<rL)T3ccwUxRL9&kbQ4uNB&8b%I+ovXSc2N?z11@
zueT}}<xxA!c%HvD+JFVU>x`tQLeS<m{<SVG7wlWn=s7~+>4~c%HObr0EdUAA)X+G<
z&+jz=7p7wmLDLAmeq3E0+wmu`2fvK!m*-l7A41fI|1TpfmGG;ExS;FLGa&E{SiMxV
zbkoq~vEoNd$B!B=YJW$^9USK?P&9x{=kq;>qed}->@qiU@ng~E>?ivdLtd>RxLm`n
z;v4A8v?i*5dNH}P{m&!SBDCFZA<*3rS@W2v)s(ZE+I@Q<BW$_V^>EIUC7jY8^Cet%
z2V)*R5;%ptgEXRN&Wt)a>fXIf)ClZ)kDQ#4K!EF>>ZZGQeI60o7T?ehL-+0CUiuM^
z%wXD@lsI$u+jH9WI&V500&*$FM}$}{$5p8?f&k2*T0igV62e#f3<T-~7bS}Gt%8Xb
zqp?wN?dVoc;Rrn7c4WF%>=+)$nA5#0LN?7c()EPz4auOJVIh9nhJ`q>%s9Efqrii9
zx)m@B!vJz{dJn1Ga2w_~%QaKxXEI%nkcDohZig;ue4&<V35K1~e?J**AoF4B$G*RF
zI`;QiIE?!+V8kmZ$WUV`<-y3oLG?!OGozEKN0nU?*C98krFIv}d46r<Y_vgV?DNW_
zb0#lU<+A6Xqn8RKf#g*bn`3ub#-PK5y`|>GLbWl}at>QH>~w$o<{717w2PfvqD<9y
zs8KZO1Nzb@yg*_J=|rPWuX;GM^sVmDZyfE8@GxA3xfhDJ8vvk?LdgQm10%4ur}%`I
z($|@p8A#iy!~_*gphwX~7JBsP(M`Q4iNwO$OZ=a_jO8TH)PML;2v84&9uiRoIf(s(
zdq5g<EG<DNieoqp$3(HFwl>`tguyG_d!^~~Uldv7GzS+g)Y*dgu+2R{60qS{Y&Y;y
zA=3WW3Z|xpu|6Tecjl+9SF%+e9#ZGq>z8@o-M@byZOB+jds5_Y`1i;!|10vB{WJ2f
zz4;UQ3DN7;ZKy%8E7~Y$8O;^;CHL3n3pQn=-fVbST%x31-?FDV-6L;M)WUw~A~>7L
z495hm3BU)NV?XelNB5hyzhK^#F1L0G9CTn0jP>NF<S5EtkYX$$!UGoG0IQDKHl=`6
z5l|b$!l`N=n}g7eTK)TvZLYnbiwU#{8Y*9O%Oi^0bg-cBzuda}IZ)EcX;Nrq5#a_E
zYC~=HiuXfdhD^3HHx@?5+jGSoIq1O#YviZ?x{Iwsn3xwwcTrL@2Q+gWI!uw1yh#Q$
zn@@d5L;7W3r+PE{l8Cj3)fW`apox;0NQyyB%*@gg=J##LTZVPZou1#hVl3C&*B5^q
zB8M6E&jyVyta2o>nXx<#jE-iv&TlQu3^x_!qj68FNZ?YmU>On+$hejMe&7wgqOX4A
z8(TuG(|F*o+yObQRtekRc*v8AiREy{UpPljz=&O8b`N){csjx37tP2a^q+jAe5$e2
zz8U}dUixqv`BtXV@^Z{Zcb}f_*i~|^tuG*Z*)fYPco&Raj;X2n`T9=${8_OtBE)M3
z0;h@ShhTnldwszJ8RzUNr|%ATRegE_6j2&!3tcDXO@>{T&STM3P*~pqq?lIjE4pux
z%ANS39$Xj`K0s`rwT)T>an-y$P+{v%kpl;8P#I8rG31D*pI9uj$#qmsK07U+yLhAF
z$hUGt5s_YuQeTC@F-paz9+{(*lfHTXSLTp4<z`-Tjl9lnSfogWy&@qVr4KY|N~4`e
zzZ`N)PEO_~AEc3)kk`}G)7Jio)*c$3K-w;^`Z~Pn4*5PJ$n9m@{(2PSeyJ&s^Q;6O
zPuW~}gYHN#W!Q=H=g+IDRYCL<t!!zqh4bo?o?;ebV(?v&pq!)K-|5KPe(28tf_OQ9
z^D>pqT>--)$pbCj^4A4cr{-+mxaU*p6rq{|%&0m+dj@J2N3Zis^D4S=-k2qs1cCpS
zAxRqDb)tzBG*%Gnbg8watC+N++`L)4NP?<Hvij2nX^++Xg{7tre+ogUIv+T2KvI%r
z*i2P$d(2=Oc6DvaQ1fW{>2ISWdNL>!fs05Oeq2woap(z>F1?&Ex)|Aq>h0~~D<AyA
zOPz%UxoO}Ml4wzwZasW>5h_4Te)!}8J%r-1xv_V_rtT*vQs*Yc<0e3_d+JsPJ~Q+;
z$-@Gu25>Sl)EMMUe~>N{jjfWm+1AmlAJi$7(H7R>!c}l~JdaD<nnk%1y&>>Wf;0so
zkow~<z!^_)@G;T`Qx4*0L9pqe)Yatd)AC|C=v#1}Q;V!2@>X|jCe0`9ICN>xT)(<d
z>)ogM?QJid8YI#3OLvmfzzJ&q&ZK<p|MB(J0ab19wtzH9cZ(v8ARsA?l2XE^q>(O3
z>5}f2mJVSP(p@4UAf3|P-SFo2{LZ`g-1qKT|F{L&ve%k(%rC|_hA2((((>}JfTiMh
z_Z2r_C}Zp53lx}bnE|EkR6bY}X1@iHabVe`l(U7l2E{$PQ;jpgxzqSXtKDTQLBPq<
zs<vzsb8<Sfs+k)HTde;Pq2eCKv&N|8WTpf_hCWydeOBa^+f3UW(Qt*XmFwa&0l2yc
zutf#p=UA}d@>c#@aEpMLTMvH0xNIht3_kl;u_j=A60|Ck+?Z*oxIu?}G=mGcmCb@r
z3J&*MpwyP~RSSSQcp@;b3U^i4HfzDvxdH1gzd_Kr$d1emEz6)3bUDCR5Y%7lehm7q
zu=-Z>^y#y{doVmhPft%wNcadeaNJkWP*K?r@$vC1L15xhueIFUdr_lW+Vw8KKk{qy
z^Trae_%`GY-yZ-_1mc%=AoL>4wi;pt<R|qD(3G-`I|p6t!apAqYfx9?Fe3?u{G<Pl
z{Gxx5zw;l+?~7#dH}dNc!omG@;^X$WUbq9x$*8QG5WgkZ+({Dk2YY+wr|Dpr(HX?^
zppv*oKMXcxM|->6jo{5e2Pk)_HmhA-GHVDl5GsHh36m+My9Jd$@RXl=_P1>*j)E4L
zObG1317QNMtIhmJ9-wyz+Qne%NxR1S9lo%l?h>{PY$qNc?q|+EPj87Cg9Ox6Mb^Np
z2LI@42UB>!7V)kA^co1x=gSRI$X*Bu=^W#q5*|8&#XPCIJo(zL*?NxO4*gw1Y35X%
z;95=4vI`d|ZL4~Cbb*}{CqCipi$GC&22`j#+T=cV<CBus0j+JjF!!?^jVXx}u%VdF
zt4On2um>8c`x<mAoSc}`L0P=`6tn&-%N07FDU6Oo&~V4P2Bsu*K76PM&Hz&HB<UG;
z7TTY~yu^2`_nmHkY%zDtOn1+;vOM~(59%$F=`9Gbi8LT{EWC7a0yAY?qu*j)+OGAy
z*R!<zS~~!r0rIL|52Juh^eaFHIM(X46C~5Du?~O97$FDtqbH#Jv%o6SQo8jHj95N^
zap(owpdn%OEG#Sn0_3lg0W``=ODk#a^MC*XRB|}(J75`9gTrP_Lc;s<5>M4r-#M4w
zhBT0;fffhMfDO<oBE~^a6&agq=Ysz;DAB?yk~hU!dJ_O9M@K<u1GJl6f%zSn*+G6t
zMiUvF@n1oa`YMc3_dT4`28Fc3j&7Tn^uKRa%&E^?75U5)m*N`wVzAhR-%o3m><Fkl
z<pT|SFgXw4c<h=(JNIU~O@sf@bMXB1{*D*?l!X;uC6o$(G)SLkb6Vy=wEqCM9q3PH
zWKav0Uo*3@jiWpp+Oh9@OhsY1B*h6lKHdBQ*cUk}fl$hBhk}A)7Q~kzmJIEaWl>Hz
zdp6<Z#6k6ga7X!<!+|guY6k_pj}FGDIXl2-wNRmEd!GFsNT>tGX@CR+jIT~iK;RN)
z0z#D~{!2h+1HBn3X=h{Y&nKan4Koezge$Ik530}XL@qb|zkX#w6`Rs6T`dt`lKJHp
z^$-s{SY|-Ig0&lPc+o*1tOXjPV3w4gt&`S2juO@yuj{D;)kDDi=qzjmW9#aT3qCjo
z2>-L6j`8;wKwz;!7x~KLw0J`JOKy96rFv8%4>7DmMC9sWe9;dtUI1-u9RJgHk;=`S
zfPnf|u_Wi{f2&vIuYKgc`bRjB@h2P*(*8`{@Z;tORjEN=<byUn9Vo~Mfx;%Ub;&mc
zjhjhx>Sv=6r|XIQU)0w@>t|ko^SD$ew=oY28p5}m3ScMm90GB*V9?AB6Zubpq9xfn
zpGurbwuvInf+|diso^+GzsYF#l{-eR{R0GqWG=I#oytKVOi>PcD?(xaOLRbC({X}A
z<wC>ETnx&vATa~U3h1nKIhe=Hvr*lur`{WT?(7NmFN;3@2F&&VYnEzG(=wyt`tY5H
zss^3w13-8i?C-y+I=K}9`EEx7T{YAs{bL>os-H4fTTEDk-+BlcME4yq_Zwx;c$<7G
zM#F0Xwh050h;`C%ag7Gtd9lrLFdYY?pM0=nK+o^%Y*diKa%r>j?@AhV*x8=}&i)5j
zrNFLc8!mKdWBygtQ&e2$5C$0u{Kv0upImAg;t^V~WMp*)WvNF!Ehv9Hi6el(v?{n4
z!PI0JjHDQb_cc?3L)4Pv$}Eh-{NlcLHNp6LcMh$+aqxPFQ-B8)vVnO`Gp9gJs7Fnx
ziR&BN>BXsg&MBV`QLHM^g$1n&81irYJMxSDLH>?^B0mQ8-^ia#3<vk?SM<fh=kRx6
zn$WOD_zg5^$NRz1BX7=yVK6#~IMddq%lj+Aui~zC7sULk;2a1vX9uc{JK{DZIm(6c
z@$sdlY!~j=XI4TwO1CEEPy+QG3g8z2f=_;aej*|wkY}dmnI7kcWPlM3&<@S=AU+4_
zHOQpYBR-AbZnOJ?vRXmUfm1Kq79phCJ!zmgjxsNVzBc0#>57ImD$^2p3bsC(!am!-
zTfFYUsPXAE{kw6XLRDivCexHJVydhNZ8o@~dO5g1+GkV&?D`HA2GQOK2%bKOrR1fs
z_5uY7UlP>TTGcXPAX>P#wl?`Xi?7L`VtH>5%er+B(8xgJi)9iE>+UL~nj-ELW{ooM
zek>0p&OrJAqb%+0gx#+!EGTMf!m2?ih=>QoGdY|UlMr+{ClG1E)XaC>oPakK=+G{6
zNv1q&^Yr~%QC%HSFA?Ge#uY%H4xDwCCMMl`m_auH0YzOW#gfjhgIxqx5esjS;;?r=
z##cSC_Exw0-N^UWW#}z96#zJR2E;u}Uk%8lg%#0=iBUQbO`m}g{d9JHU)SAOHfC)Z
z)#m#M?@S#Jq?aUTZ4Dqpc-s@WsHv&RawyTNmjfbeTj=8FbZp+;gHdcbrv+R00eA!u
zB)9L(0^u-_x`9u=vPl?Ax#4B&1-hAZ|8*DgLGR$A<_z$p;ZA*$*T5MpNUu=DaCclj
zh$832!paJc<R|@4Idpw*!F%zjiY^w*h`9P7zvsIF$pDb)>KqYI;&*&ynV(7%-@>#i
zE(p~V0O=GAh5@AuuyEeyiV2JN5@&o6SEK}Y2%I?FC$V5b$#`hQ(;xJqFUNtR3jpQ8
z&z!G!O+-!kO;L{_?5OX6nQdL&M}7TAM8{M=br&<XeZ8xztJwvHqJT2>g<F>q${tp&
z@Q`F<-zD?(2gPw}-l$sCOVIvoUBW;|55OcH27O^;h<vQ_^C<|CoD)s@=Ht3=dcBG4
z!qmc^nCKuc^uNNN4HKCMRTnRC3bGJAeUrMexrt^@T}oyNTs&xy@8hT6@QJc|<@N?{
zHn#69fN2YMZtfE0`5QvFx<>^VK(q?J4e%rk_4J0St+d>!l;5>#Q8;LWCvtjpw4{CH
z<K2pIy2U(%2F68e5B>cSccM{L+)oSpdi82~fV$_-FB0U06B(ZotU&>8u#OuW8!18?
z0UI481c)<V#Jnj1rF52B=vZ=#i8>GVDKRiYfp~|~vi>X+QD`|IycCVPF2|n_2uihi
zqmAe)&Hk60z|3}UZy?6oel9LOo$4^)XsHWB@TJwCbr{b|op+30Cf*6iIpy~d^gR=)
zO9Mt8M0vPTM-a_`{AAQ3!K>TXyA{R!{$3C4t1?I2vZ`<2I`4(0$f-$5(ZqiMR%DD2
zeQ%tO1`Mz=lXhAcL1E52{T?uDK%qSFFe2pc;3T9cA}|o;;=zEoEC?V8EdyKVU7r7W
zR=T>nQeHp`?|@!dnEJjlsj$#YMy3~#p+p*groYrGYc{BWvLx-mkQp?JK^xlp?jCdk
z-vMLS2Fg5lw1Z<nTLPRdm!lOl4%jpe$gf~yK%l@YGVcqkWg2ok*K37SGzI4YsOVZ5
z8`JrtJS2PDH47dnlb3NHc%Z%0z^e@Au(qMjFbKd(tQ?>tq;P03>Zt3j^%l}d*|tZp
z34)gZ&=_?Do@yY0)6c=d#r>5lOMH6OvsYblDJG(LeGLV*;qu6`j)V&#(rK6JkK{X4
zZAPy(*ryhSH9GgaKsydZ31Bc9gl*mH#*FSqbd%I15(51EzMQtpYsX$MiM-<e^K@%p
z`h4@Y#=p4)Cujr=`FH*u`NjVrfBQd?A7|um<VOSkF2LKW3y8UDYG{~QSaeXb^YbSw
zG@IU<fE%p7<L~e94sIKcjkPru8CkD&AfqnA4I&yY0f9tF|G+?XWhLi}7Xd1uuK^+g
z?{Q-e1WhD2T{QrJ`T{_NB_t$-Y22w7G4Cq-?PXaigi#<f+tSMF^z_ux(GhruR08t8
z`)NeQEv8j-Qm=fIo_X-TtRViy47?rE1H{@OAhkvlBdUjShJs9qgGQVdr|g}9iYlkr
z&@2Y-nuv($kI5PvFifZeG9wQG-=QR*6GG5MM-Yqk4G#~mfa;2iC=yBOKBD>SDj@#f
zUdxN>!bTI5k_wg<8+y{VJZZU%*~c=FwV-5~vZ&zN5>pw1ym;{fkd7c-?f>JSe8~3!
z(ukR~qoq(Va^ng_ZUJ9!5^tVfoZRc`#B8UD1INbL__PD`#(_ZGjuWB?1d@2d{cuax
zvFx0W(`WOQ2$*)1Ha1=b3wox?0!YUoX`zZ^hGwKPJbQ*BaPbicL00RvAq2Jca<a2W
zjrb~06r)Z5D)30SQc+Vw9?J&XN3RGh<>#NnM(FacI$Cr%E<1+bOo<j{jE)>~h*beM
zb^*^D7m#!AG^v7^#{F;!NkK&dwJdwnHCKsYOk?b^(ACD{rG^sEt4;bKeQB7?A5fmq
z(9+u8*dQS%S4d)C1iS~;qnoqs32X&qeU=FqG!fz1azj9C>jvkr1q%<VJTXvMZUCJY
zef>qSSpf}Z0*r^>-0prm1nEVB)DuEN!lC<)@t;3oX)Vj<C!b1sQa~F7WEMnq#p=i_
zV37k9qC{1iJ{}`i0~c+a$CG3P$t5Mb;H?fHz%q0&$qE>E9SWeI<K*OIP@dG~TQN~w
zIQ8qBM;@~$5b;n{Q=|v;&ewoBLO@Im1k(IQn8z#_Rb=v<da=xJ3D!u)2Ed#)E)^9_
zYqOskm?!H)mmuR2dD~+RqT*_5B*4_H8VG{B6Mw_M&gTFOy{(lM#1iDvWuP~k9v624
za&Ofhd-RD_&>q4GD1LxPHUXLR0eZwuKxZHo!@PE_!f(jvi;f4kL1z${ik-cHc_8e6
z<mifp^Lq_G-`yr(n@M9rLIOy*o}Ix9QDDpogv|p4&@1!vvXGlfm(kVDxJY}B3dZyf
zPGZq*Y;1O31X3HAno8Zs&44>OdHs+O3dyd?HoKOanEw4+h?h4Bco&_%o^tJ~+*{m@
zqa3|LBlHB7x}l&<#>1OtxDrY{-j-t2D4ASPP^+)6w++{WqwW9eGj~kDI6qGY1g0h@
zQ~4c3=w528P47F3y#W*xL15^M>IXLi%m<`(^<6HH=+qS>w^30M3n0229+BzC0;lW|
z-byP=U7@=>I~O?+be3DRA50b&+x`7=Z!iFB7iLA~f&dRB%LHKz62PWI3H%bddXwJZ
z=l5WiMX%F8JcR}(MIq#=3@?<Dl459%E{wCM-TC2xhq0w)zk$TTsX46^msLjLod~Qv
zT)y7|7$U#M#^MK$pH=nimQR={3mC&&-8wis2d+Jc23^Kf!H>_WyG?haXkvSSEKr9v
zO0tfb*(S)KDRFRGpLp`_n%3(yk#o6woUZ*OS6qM@CdJ>(h~os1B%FZ5!EXzZER5H+
zBxaqUehTc`vWg14YCx{ZAJCm^as%?K7N813*7s0s<df?u;Yt5wU=y&fRiv|d`X}fj
zIXL8&q8wsR-Hb<)^{Q|?w;m8cdJj*1EY{lJ9~QR&q+vk5P7Vaj00T{ZM-cS$0Grpv
z^U)0;enduQJQ2wN<R%o7)o3i3=Nu@Gp*f2%l!GxEk&Nt;lAi`J<Uja#<d^t^{B8e4
zexks?k-te54(|2jsX4#X@6R5}w?5em(>_#ix4JqyFdGCu`!!oKr3n?wBH>y}aB~q<
zZV^j@YO+Bg42+l?1qNMQTmZhZsK#M$l6!@(Q%p!CrTj#(vtIxd3J2O;lxHu0g6IJs
z<;yp40`~y-9HGk<{CDr>B89F@K_hqaN`xhUC=NEI2t0@uIC4JDfeoG*A8#foiz<)(
z(BuyNY6jdTajk_|9Y*$3dcda+psE59StOD>91{G~U&=~K`sU`n1|}el19~;K6L62q
z9PRD>NZtq+k_friMn+<vifpKYcx54B6m%LQh3|N2X|uorWN{*!c2^RwJdW61KJA{I
zyZ}qeMeyz0$B!Qmbc_{1rS2AJs#Kn`k0~fpx(Fa_{@5gmrNjik=^&^P^#A+`3g=V1
zph=7g2tt5-_$^ZAaz^wRvX5C_UJi(@r7_PU!b3xsKN5_Vg4h}KWQobS4f%fd_WFtd
zz#<gY)!+OgBu*DtJjiz+>`em)yjg~*pVHGWe+RX&vO<?U7rcX0Y{8LZL=`Ut<<7ae
zwER!Nmy`wb!2y^G`SrBH>t5*k9_RGrB#3kJnNA}OR&Km&gg6p6DdsKc%=Q?(?%E#P
z*ljetcKM@vsifO>Td#9MsN%7vo!|LZ82E1-ICYxbh2*A#8~zY@6<ddPA_dBA%+^(^
zvwU9*0cXuCL8!75*E{I%hrcmAkP^|h+(CR~X*Qu&4tJ$WNtwn}pBi&Qh@8hLkBCV4
z<?J3CRMeIM8nQp}FUifNySpcwhGE`QI=Z$Y?C+FA^Dq$#Kv9GtezkBN=+po@dAi`o
z_K|kLNY6w8-L*qdD?AjgY(>RDem!L42OClH-vRMf<s>P)9vnkG&~Rz5MXSd`#U|ql
zno~&M(}!17foa)+;xZ`CgW1@JHI-n8lu;DyoSK{eg%?2*S)c>gUghTmEMO=LKBPuU
z6^(v@Cf(?p=L`A>EG#a<@1m07a^(V=C6m_T;R(>BdHVDzc$*uL;ayUgnwuxb#2jsn
zF_Tb;N~2eU!?Fu2Pe0DvMScdd)%!g69t;%h?Ct_>nXb=NCxGrOh$)@vc?X!e;MsSL
ztJrNZ*X{v_wS&`BkTXN4k3V^fj6npk{gYo^-xUMN4p5^r+>d?Kj1urdNI+m_U|?W!
zQe8`H29#mCx{$7PoCFX=W*8RKd|%G5n}Ikc6P(HHNy&hx5awLwvH`KOveMtlE-sz{
z2_eWT^!wP8;H;?KA{AjF7{-T!tSsNZZdS0w5wNTf)%UHq0+YQLEKG`9uH2#mWL1O8
zULsT-tmJHTqxdE!>!74#U!POoY;Y8qn|1`h*9wB$)r}3*a8yL>`+IEV-Jt=C^00Uy
zSyS@$YwJfvAyCZo-F<7;tWz%Hm?qv^IK5lh&FRDFp{GaFxj)~M!RY~9e#2guUBQGF
zH?qplHOe=bF^8~0gU+cpj<K^8Z<86((ML^pu|cjAaqRl&&I!yjz%GAhv>Yff`uKB=
zV*GEfi9EP1)-Z=%rGiAS(Bc2Od?;D2icYR_!6IB(LT|_M`ztPl#fAct8Q3~(%|kW&
z`I%{Y82TsfIDh{Te(E+9eK4I0%z9XUENwwYL)!#%CSWdFPu3k9Q$;WUG{^z$;YyOZ
zx!&QdDRk6`U*o0p_V$8WqqwxWnOPfAJI>=)>MdEH$$8m9M90exJgAw#erU#zfoo$F
zc=#{B#GAHf09ynk&HzVrfx96%qk$L9(mqdKc=y58sRelUAPZhH_j&o!3-vgEai&dl
z7y_8Eb@}=9rb#?7<bQbbuj&o2{vdzLKarn8;BVyr2~_@Vez%TybUZLXybx~(;)5_j
zmu_mj(N%?}MEeKl_){NSc0k0;g#-@yaL{lC!h}4YK!R;YKwIvRq_L?9NT)$06)|=;
zFU6CDAI@W8#WW93OwfDI<FtduB*M)jT2|H)usJh*re6ARxPggy2L}gGss^iibo>AF
zpP*edyT5;*S69b(W~ZvnTCnYQvUT;_L%h<@F9!<hxguYI75YBdL1mxVubsDf2Qeyo
zr>DtEaT~}%8D$q(u%6vkfrkTHy@eAQuFuwy_vkB*J*PxLih!Ou2FXn1l^%nn7GZ+^
z4(uuqj>>@+SfqRw8HJp(;N$*hjggVqdLYF}Gmba#0;0%Y*UIt1pP!%#c2t{`c)3-D
zgS#CnUq`3Bsshe%0H#1C6x7G{EcEoi&c2}*r3H7c(eSO(-Lju6D_Fykd9!$hA8V?s
zog5t>0xJ<P#1z^ECQg8etl3lrU6uQm2iZgLUqmO!HMuqk1O!dyOd4s?nk^F9f*=DN
zDxhxyCJy|pKq9*HN<soCID-jvO_58kPX=F~u^l^%jE}#f3k#Amj$eu#b0N+LMSG5_
z+E*GhH@9Y{={z##S#-!3HfCeJL8duh-t{tF3Qz=H0Z$iCpsxgqs(_k%2l^hM?4$bj
zZCq?DK8VqYh}M>u{e&5E60q&wge7U@evlV@!F?%}$hO9`ro{ScR7~FG2ndU%3w@Lm
z$Ewujy%EF5kHtEitECdOoT%O%puCeqQC6ri9{HZj7J3i|Q_==^%gJ(HMkXVbWa5js
z8x3NTfj?ay|7N9UcyKuf<Kv)*sjB|O6I?1^uQGS57M84!ju&k-c3<+DcwApD)j?ax
zra)G;RakBq9<C*y%G<oru3`Mr9py@<YxbjSt${xFd9FG2Xk`wtHNm-5!Dq#7Ve^eg
zt{N-g>6=_)*472c`4b4|XJ*0~je%+(DDvDawE0z3R5UgU;=BWv+CW|~mCGy!6hu@m
z*^MO%wU@PQo+$)soFP=a63o_njF4(VzZXnqH4ZgcAB9x5q&P0Rx3xvxvJWjdkcZAz
zJC2B%&>QrJ$MgkCegUa#&WU)y4K=2|H;!HiZbH)5%6TOv+ns|N8RPTk&$HyiCgFn5
zEiZ1<3McsSh$V}%c2+E%5y+mpd8Band3GM?XNo6bu?V_N4_Kc7ce1y9P(3D9n%=ci
zP>ZIU2=Pgnt8bF^=$ewGIm&seNgLK6&4CaXu%OoQS=ZfIAl(^Mg1`X-=EVS41u1R}
zBrg%0#lVAQ;mRC@V1ONFz(~EtMioR5=(mR0MN(_SlYv0WWlA%fTyA8WKR!MlaPY-X
zG%v5j=S!e(xls<uFc+Ei6FSCbAhQa>+$XA;#l;QQyG-uqGt&5=EnDY&j#b2H9uX9w
zWWQeT&=W}Q8AShG@XK^3>(JGMm)M=Pb@hr?c)LRhtf4k<`$muS85wf7j_Z6!hB!V@
zp+*nI|4b1GjKds(ylc>m8W!jDw?o0Pi5w-lk&vN#|KT}5Q^o7ZJ@<;RNt_=hV<^=r
zwod{ki(}0NR7NH%rY4Mg+Mml@(^lCj3%7bv$b7W{#2Ozh>}wx-g_UYELm4=DINLiF
zc~A@g>p}xx`1>OI&x`vzxIbS7(l~H%h<|_gzy9Qavju;F{oG&Ql>g7SfI&LkJ-Gh!
z*Z=!RNKSg%WLG=~*Kr2=apq645x*b9+liT{!PtRH4Y=$Gc~89rl(Oqm?&b>xoG<oK
zC)YN3Q<~1dy9u6QbdK1Y6Z<fPwQJJ$d9-N!nc>C#cjSNl2l<=-iTscD|3?1aYB;#4
zQX1-9(HZm6c#Wlb<ikdB&N!(je0+S8l9DvVy?uSatM21s`zO%W`YcC8M&=6g5}?tT
zaLMe%J>1klXC%nSQEH$6CiRWZ)n%iPPuuEJ20O;gEsr?ovtlBjcbNq~7Y`H3{4%0V
zJL}h9Tc|-BopOU5vieU}oUCS+Pz>^HUy7IyjKb}aa64aJxgIc&zmBdD{}!y3dAh#f
zL$mSwkm>ce9-Zo)W+hgYzCZ_$;0O*?O(vTJ9UpjKh8vu99~`sy<Ixwj_|P{)o$S$a
zPr`Itc?l#zxbqo?CysdA{gSwWrudIvh#c*VrSwqaUs!7^gwc;XP3OUfTQrYoTP9X}
zECx$kB?RxBJ~ZF-KQsjOD35WdK0gkbK#+*?ld5jL&7~mHjOQQm9B_?~)=x9eF8yDm
z%+)(}eYJB!Dq7i7w|?K^`69#Pz5P~qHcJ{_dG~Uoh`ZqW4lT|{Wp!Djmi>|65q%_V
zJn`R3Ua|7g1v3lo!)jSsVE72|w!ut)d`1SWrVLJwjSW-FqYxF{UwcdNtb9UIej|eq
z+I*_3@7q`x&=Fa*Tdp`y99=#u8Xj=sg||WzL!aR&l#d$Y8r6Mv|Ag&H^Iqol>%e42
z7EIQNB<?K3oY}UdVw-sdH;r@uHX23&iIiF-O|J!qPVt}@Q+)|@JVnOlmkYv5l-W&7
z-yD*R_tzVI2zqj$dQujKBgEer3R{iwa2+?3qj5hvNQVR18ke>eCu3aV<Px!@S*a{a
z&?GFZN~<;#5!Tgy8$_R3{Y;Rf@aOaBre;xAd6^)2xgc&14t@S8r@N48Lv}~IoUo3%
zW(p2Wyp95T(|f9E%WBhK2$gwXo0VTU8}5D&qc-VYveKBNiabU*JWQ<&6<LwiXN|sX
z9?XJXFg%p+*H!8ww7ZQjFFyo>+oCc+CC)c5Bs}~Rt3Mzgu-hRiu3pj<$dKURuA8g#
zS|r?luu&*79xB)W@+i~rQ7ZvRm(w!NANQc1u;+*}U}lOeeedoKD)nWg5vuKwkMBv*
zl2I09pfev&`he2#;L5Ao#2M}vewKU|xM>AFwkbQteS73%&#T-IG72Jo>DVz5vucYZ
z6Y25cg!-qugP7=o=9}CXXu&oV8T$@FixM6_k3>JX@Qth6N1Y~j4%(eeaJac8;F4o~
zEG?p=lq}i(CNEClxls&l?pzO)-VL4n-nUh)@w8&124wv72I&6E56T}5W(Yh$H@fo5
zS1yTm#Z)Hl9`3(Bt^Ca6jJ1MA9;#G1Rbm0@PgcH?5!owfU}>Vu!07C@A7Dd>rvFqW
zads_qeM6W(oN2|)v=+@&8gvC?=FZr(ATc_Eh(ZyGCM=X0?*4RlRJ&V3R!`1H{=suX
z#sRi>{VFPW1wB{+J2tE+FP!DckJCEjZ1Ey!$$Y+>&K*C-`Buw)O?v<775|7Q|E~-i
zdU-B(_Euv0g}mMsW>T7_4i-1fdoz2Kje8B@+8_yqpclbJrng^^ZBuUg5>_FCBCOO2
zzU?pd_aP~`a4(szeOxf5DyHUt(&oWJ2B-U<IVVHpHHi-p<Tz^ObMaKt`~`fQn{`0k
zaJD<u6QkRSEO}RK9-K4ol$TfjF&0}*sc<)R^t;&%OV7izE9A!wZ_@fTtDa9+JL2z_
zAB^Nk;~&s1vAjes3^g=c(|U0&Mk4%}J0)|fm0<mfnb7`qL*KC0Q61Q}`A)b&?F?V(
z@C*x_KPI@5Qs=f!nI~Zx_0p8oG8JE25)`FIMh?Owm$hVk!7V#nMa3=espx4Qi~4j^
ziQRD@&)oR+t81J#bE$I;?!3i|y@VgMr3D{Rf~A<tX_P0gCFdW%Xr_2X`$FTzp3Xax
zOA}pL*}m_2Hln|KT+c}lJxm^32k$I}yx0e!GtfuS1gd*c6gb}RhUrns<u7SyX<;!x
z;lCrl)F0$;`X}<!Xa9}-F?&EUPR4xib{7ce-%P1%(dO4OWsg9NkE+x`ATS*J03!;I
zE8<90Lc;PZ*yKdGxJo0IajemiwM>RXkkn41?~h>#fx2EAp`EIghnv6m5W%lFErTXm
z@FRb&&hOnP*_#kq88UiV3w1^Jr?-~<zbPi>7}NEGuRCAUa`hqd6>@xd)yufn_M<+K
z{khV^xF<cI8QKxl<<c^?6eVPyrS_nY&;5kJGf}b0D{USWa78l(_6<u^d<!zqdo_w^
zjwT$OwK6kpRMkK$a}}hiQg{?sh}+&{B*-cjVx?jxWf77rA~X4c^HVK3n=D48OlZ(R
zP*4wEm(iGIw$JB9ZOrB9fH<8g@wditv^0Zc2?DrA)lVlj1C1GJ52Ft{>{^35?6Nw_
z5x?t)703$4T;W^E<T6GOQ+_9fR1(I<bWMCw7oC=RMWw%}kG^_{CMVcGAe9;{Qtqym
zD7|Ek*N(?m{Gg|oJvVt+^A#RKbj+x^j7HM;K)lJ`;U^U*WHKWb9bx?i#%}}S>O*a^
zpKsqV{VcF&;b>0&JQm0J+AM93r7#sQOv#^}-U3fW!G})o&}XiKc4}}U#O8PX81F|d
zQAw9>rS7pQ@$<Z|?!<VZYIe9Mg!#R+c`JD$#&iaFO8#7nVOKJa<|4Y%^KKq=v_Z5_
zJqVQ`isf6(pDqfyi}@M9Uv4v#E<&70zZXEa@Yp_caZ{*2t{E1!4rXWc?ZNZ>ARCU^
zF{VTy`k1kc-<L@R@w4w&X_a=m9^S_}JyFI=4#~Vsl9*}Us45!exQ?ns4eH9powVjm
zF}+z*&$2RylbW+STgW}==2c^x@hs$YB|lg&A$v&1sK2d~j8h-GVp92%SAZv53e5>I
zqEHTbQf!_ZK|r6@yris+a6%{?d@6fc@~Te&ovHm3WY8u56lG6VU29)OJsJ^-PEnVx
zncO2cNGUPT;1@)CYY0+=mJ^T*-FRQ_<Zl@shPR&f(tc^>kXj*)_v6)TJx@<691QU%
zpkGBZ6%obygs@Xq!0tQ4lC-%@aAjG{Z&XPQ{iPx`<FPW$z)^-$E<K62$Q#9|Sxd?r
zZ1VE_(LW&a#>__g?|(i~b!7XITvR>A(2gD-uUS%o75g?JijQIJefiSnCn9N~rr673
z*I|fyCaAL|cE<FWl=^QJlLgb|j=eSVkWB7sM?~vmA!@2MNKmhek(PNh-@|-&#pH6i
zbfF+LusN3!8-<Ct9GI9eXZh_$QdDe`-Y!I|G2D4JDj*x0^n~b;UjB{#m=KQ91jNx(
z@+t)0d>F!lC%e+%D6XmsoBm^FV%qCF^oC<W_Vh&r@5TA^d10oP#9O;uA`M9bh*3&X
zkPMxr1w+g@E(F~}a#p@XNxOoqi;yawit62Khp_<%#@vQ1)JoOSbyp+1+#$zujn3nc
z)`xQPJ?z3N?IO>mV}mQ0w8f%S<^20!<x(Plp_4|q^bzJV%4o#9z)`%=R(m`FG018T
zAt-`Asft7z`wB%Bla;oU{M;U6C$F!MCmSNmqUNCrG3HRv`ZY)+y={5f|BNvkD#HD)
zx{B4-mLZ7~#qdk^vLt=JfysI?FmI}_jjOBw{lWQ}v!e&EE7z0ntlG?sV>k)~`Ogp6
zw}mbC8mm}Tqj0d^=q}UV5|H5SEBunAecJSGeSz)%-Hg)?8tP<I8u9rL>F{X#?(|(f
ztJ^j1tXg)>V8X(%<`{3p5bQqfm!5sobmr>5lKIes*ZvE^UOyg9uzpz<loX#e@)K0~
zZo_BXK$|@nQ!6U_#EI$)Rf?Ds1@DhC^Uz%%8pd!YyxhYLW)_iX^^}_HCilzdz_a6a
zvix0x^EL3$Q(6FaOglT6Jv1DBDvi_Kp}m8~W^c3?(a|v!SMXmN%Pob(BF@ptCJO6(
z^=y|)KB67;=rW3~B5l4Z-c#TXG^AzXhao@jzazi&ALMWRC-SpG{ziT&5;!<Y=7Z!-
zZtyIn3Ey(ZDJUNfLngI}N-K;QX)tNc6W{Cm$}EH>#Po(_d{tJ}Eth7|)}?$u1hG^G
z<AZc~r}0TSP!Y<W$6YyfETUI3D#sAzwqpopr7EV1dYlG}c0GFm3+arC*qeCCq{gg_
zO@p+FrD2Fhlk2Jg?`(n$$M5^YZj_1Am%ta<3!7R^r%pLN<=RcGojN#JAvT8T<;zEQ
zKg%^@nCT|Q+A9+WpAZKGq#n%z&gkQ89_rG5GQ{A;s7ZUbNJ2UlD=~MYwuG<@BR%aP
zNG>{F`?U(>S?~?P2K8>QitZ(nWq(f(u&8hZyP~Ccxr73i&6KnX-`_l#si=6qPn}TS
zZ(z60e0eOY)bG=GH{Y!O{@sg;OQ*=sTf>l1#;;BKfjdoNS1#QT=RMuu$d$`(oxT))
z85Mt9w>&#%{5kgxT4FafzeSyhB{yGd+mx`BLsVj?*i{jm>3DJMI+XUN`ce>dS(nF4
zRslcf8RKU_AWq$HadvP>m2Cx6UqEw!hV+S=@fU)RSmA>b_&%Vaxhx<pIrMg=N|nMl
zL{cVtMNJ;lMKYLPCHkoxRn&IIXxX%?PN9B9vbXziaPS8eJicK4Pqsz5Pd?=o7S-6A
zrzeNJGNyaIfc=mzm<F;nU_7RATiSEUY}^@Ne@f_h&JM6Oy>W@tOSN*ENlC7_fvlie
zCiWn?s~3m1+=%;11}|P3N9hTkXM247aHaYvp~lXk;3=U#&&c#u|2MM<=RKB(nC=d%
z=nOuPXS#Q4${%XJ5g?RZZ+C^Zd<wY3rMheV`4DdzrRajXX+(IPg1_#)<8&e$+Dp~-
zfUrY7*5$^p8=ANz^U0j}_dU#Jt>ZhNmpD@*b>!5}?)^IF7ET;xb8o%142TX#Ar0qy
z!$a2`pgMBnbippoA_SJ&RI|hWFI6<=jMB?2OP9(JrJqjxk%aXA7;);3_t+${E;ymW
zG!N~6+m?-F)iyT_c*jlK-Vldn6?=8gyW%=;OD=r6CXbk(jZSf9xN9Z5Cp<ge?T+|d
z?b(rcu%U<*EP3tD9;~#ex38q1$RLMcc6qc4Isjn)00>Lr*w!W{0`I{RUTh$jTv}SX
zbJr);H^I1sJ_2dEyRrb3_y%9UeEAG(0n?%N>S}R7rDf|b)9=u`?jqI&qG|{+h4Q+%
zPw=I=clm37Ivsdvl2wn6jcuMv4|1nKP)8uXUGah(O<y&e+eT)yDiaday5CSHu-HG{
zV4hwNc07&OUSEKJu3}z|_t8L(mygx)#_2m^oq9-Ajs(N#+udUUv!7Xo=C^)Yt&gSS
zGBo)#B&SN!24bH2eGgi2H7ytxM)|bK9R5>R=}uCexggF{NWHj%-6LM)*gZ;3S32$&
zBr|iV(m>@ytcty|y;uKB*CW%t;GG>q4Zd#si1hxSLecSY@o}js6tPrYTDsEer-b|Y
z{-i6X5W&-UmdZ8JN2L|KU{)=)J*Hw0-T0kH{I5!rGp{?9mEGHe_D_JXe4f9uf}ftA
zyFEU4c-pkN?RGuM5p<KAxzJW^6-mVA-&q@Nk;~)HQBLDvbyWN5*GsNWZ@GLzw2sf7
zb8$kCulm#5`z|ft{8o%ABabQnE&rlbe%#BV-=KLAr7MtwFAiv!6A;8DBqt{(c7F(c
zLK_J;3AFoR)MYReRW?-yC^^rxRtLTjh1z?#nHJn<vpy~|lAWj0I5jf9kJ0~W?K!uz
zxA7jOnHrDCUZjihYk~g*NjtWfT0JH03!VYdUG2z|-;VF~d#mE>c<lC?E=1JMv^CGx
zBiefj`Eqrn*XJHcGFMyAHdyVL+086JN|1KTfBn=yI-ankx#+qxDpv~W&#0HNi3yMv
zA}1q57Z3!40D!}BYfI#T^kI5>I$1?m(yr+P{0M~A!9kOh^mOC*oM9IX`33(S`DOkf
zf5ShKpA+M6<bQkw2Z!F`?ag<*ejb+%%H)8B363QknoZ`S&L!qz^Y^9gg+*qse-IhQ
zs&THr!H(Vu4-#G|@9p{~Zvl1OOY+e4=%PLTLBMOJ%KQy89Fw?SAb1ITPq6GXRKI%i
z5$08hh_+hp=op02DE?Cqy=9h}&vql4N_PyA1TG|}&++Z<bH_XsUkQ&cafw3@>mYfP
zo}!7?P!d(OM$LFaJHmuiIoVn6GxsR5FWXSl6GFCfJgIFc2%Nqd7Jf7tOcnAtnk--D
ztE<zPni5Xujn2@u1?nz<xd!-vpacq2EVwu{?2b(1bp$q9oF+Nt&o@%RdM5>lcb<TJ
zcZIGZaP->$Nw6w@(ANfZ<{0Zo3H6`wDRVzZKZ#ia?W-7m=jM$?c;{XF@^WG#76wPh
zCURm3ZS?HfNn?ZiWz($oMWN|@^Za_hPiO7wHjfQM*V1-Zpn|1Sc!dT{xh3jsI>-KG
z7s0E*K7zOY*zc_mf~XK@i5mR(4IDo;YcA~UG+Dnhe>2eBDxynGEv!2aL{zMoAJ$d^
z>L?}{g&rS2%XL@AO%ChEw%)l4kv0gfVXdolvQ_mT+3pDa{pzET#vSQK@h~)b?xJ2}
zHR*lKrpGxIx}v0kaR8fFnTJR~OGlYB`N=N!H-`lIAcj=06)`=_i_Htd^23?A$kg8&
zCvFR?`C5a*>K<D>-7CcrcESzF!B|L>y7=c_$-l2vJqIEA^$9`9l)-a&DI^Ti=<D2{
z;#pup02OGe{{}p^>JF93r<s7j1{Bu5$9PNXdVmp3K<!xr2MWX>T9rsD572R7(qn)$
z!^O$DEo{4R|B&=Z<Nl85gTuy9+vFt4z;O0!Y^hg6kTEA)FvOVGpK3JPi!=YO$?W6y
z3+iev%gwtEJi*n1LtQg7i(dmWr_`f^Z9Se5m3|SW13!LsEasoy71uj(cdKAs9^Idu
zoN7Z@+T#f&s)x)t+}c<yiJjqQ-sRf1TCL*AJ^t16NUol}mnoG}z_BcY)2iuyt85ZS
z5D(MS>YVNZF8}*5^ys*hZ!?7MiAEPMI2E54xu&BJvp8hf@R)I}5lXn0INBJ`qHk0U
zJV;6L<<ez*6Vj94bB13YX4v2_KFiT}p-}AJq?IyWn}1U&Htaw&%2sahu#u@!wI8KI
zPL<<^Nn4jgh9!K1`BP_6G1PPo%J9s*AYM6ol&^RvTLaJ~Ln4BMLm~nWuY>WsF$U9E
z+3H<ZKODyQB?2uthu!J1m>7!*=sPy1`lv+br}P3aOFeq}b7;%mG(}nP`eQND#AfAv
zCKmTDx1W#Ow^&sT#*{R;HDwL?L!7K-)E;L&k?38)D}JxWsuBY@xyhfpN-i#1?r%63
zw}EhMlAXu+*NJDk&7eo^dw*Bc-m`hP)CIl2Dt^Me9i2w`<a?!}vXh@MK89G6VZcvf
zt#N^x{6YNtT4S4p8Rf!<J7V6y*LA^qzm1rD7J7@YL0uD<-y9M~V0hKr(Xnjmc{fv3
z6zFyDkyU1^Ys)^%Ho@QrQ%(V%sG!ve_~2b9gzGniyN}zo@2BpOF|T<X&bIw3bpr=H
znC(6;&D9vWR5iD&bJR~wl|Q}HO28P0(2vX4?N4vkyA2XX%>T60TCdliIs38k<5s5y
zd0Gea=KWFq+?xvb`I~FDO`aWN;xuKMW`+8_&mMg*_woz-Y6epT?tV1iLH8ZqZe3>k
zGMekyZd>}*_mliRZcgHRk0Jem>#M8b6nr0mtes^bC$z;^1(4p#s0VVOPw>z-_(_~A
zt|OV5dsz~K3ZTGPZ3;}?+S?xk)*7IFUympVSCyAvN?<WFGY0|3Fn<>*wGt?5<*T<I
zxy8kmKRVC|kg8{TW-*_P=gpB%S6ley`y<AzuxolCO>Zi`&HNJmWq;t5{K0s;!cwRB
zGz|Hb{vG*c{~&+;Karoe<qz_cz+J!SgM*u%c9Ge4+!Gn%d)_WUQN4T4X=deHhuCiU
zh!?KL^HQbV9OZ@pD~I9f)Jlc<`0OS!@>PP`T!PJkAOYpcYJvXF5;_S^qwz`-t}QA>
z?a&;Wm(WJl_`^5)L&I<aMJnqNnffnwwXx|-IK3oCA&idHSa@rBG~s4iBTf1O?7xsK
z=gTQK==4x3&n}EcE4Zya8;TS{y55@1&M`h`#GEN{lcMx69-p#|-~Z5(HfG%J++Jjj
zA3N@Wj@_VCc*K3sGiI?MY3|N)A+*UHgd3V0ob@9I)sD7||HYgBFVK}^h(S?v(YvdG
zQs@svD2Vc76BApWv71&6jw4xHnD9cA+1CT@A}qQGj>}WldB)8~c=P4)*RSOrjy`Yg
zaJp^2I#<=Yb>78(hyg9Az3u~Q)>+tGA|BwRdu|8B;8gUVYPpIkpw*Ffad=4{KV`dl
zSb&z0z?YDqU_D!_s%ZPwd7oBmrWlYT*2an_pgL)HYbgyXd9x{8o125e!fedU)O>h&
z%g^MSl$>I*kJ%{aW7f(P4c_fLL{hnAF>tS@N`2@RX7lp8%U#~aqZesh8GS)E=%u8H
zdnTQ<MJbF(LecUmzd1&RE~y!4yJ-O%y7bJ<)SDY&@L|<d<3Db}SWRG@pwXX)<`$>~
z=zlv}&+ux$jg!<3Mzg7<-6}@im$s?F^dRRwJ#A)$`n_)yx|o~k7*I$!eYC}_cUkZr
zvU|b<)p#PJEBQ3QMB#oXz|U+o;>-D&`$wDo#Pj=%rekk&1B(e;oHB~8>~3F!bBLun
zF8LV(YKXx;60WEuzszf(t4bf`?GS_mUdUogN|aGa;)>ckKYt|W3O9J!<UH5(JH86=
z(R(C5_s5=JuaWZvLn2US9ErY>viwqwYF_hI4Yg5|-HZt}6AWbW^6#+7b25A4T-3=e
zo6=P(l*48C>sNyb5qJI@O7{kXvWR@DCILpV@angWx1YTIZq9-a#sK#Me!k*2g`csx
z2)v-Zqa%z29{Th1VLX^)$~<&;>ZTT>Eyj7Si`2S^{&2Y%=(5?8`1<++E&>Q7K+jhY
z98=cHGxd(lBtRTv0I;yzxX^XmexVv*ny&bKZ&I~TW78_{Bwt1#qK_scE>wB}kJ-v%
z;juN!*!;yBM;G2lRWHzYTTSIX!mQY<%Y&mM5k^%LwzTB4ZZ7sWv%+R8K37euzBvy>
z8oVWo9+1d)($fBXxhim{pAJ__qk~W@`QWXhHA!|sR!e*++I&B0+$@uKsBJ9zU0x0g
z;}H|;hl286YS+YH!kWX^Wa=AVHIJ!VOsEt`v3FS6hXrWbQ&QaUK0#^XvJ^)=953%t
zOSS6_f=$XeE%B*`pTfs|Uf3t~bSaDN%3w(lR^9l1yGT#-)H=tOh!I8TAW@MBBl#-r
z0-e-HEKqQN|6WEqh?0av0;%ij(?w-1G)mMx>Or$X^eR@w69$G_XwBeHVh`1>!|Gp^
z4QqDiR(MpCOH`9|LS;xYv`ygE0zrx0QGz<(GU`Xl$j;HP0|RelnVHdb_4V98eF?=h
zD7elhqt~?~V93d-4Ge21ymnxb>9nQ5>GI7sefL%3mHVgc<zoMZpw&K3L?mG@o@GFj
z;jt>hBPyLQf3O79!31<Dg=PV#l)e>GQo{N=!n-H#9e35YGF7QkzYmjV^AeLWG#L(*
zy;)PoeV?jG6<bOR6V4X2UULn5QP|<c*yJz=x)b90`V0t(i+2FE5vJloeFFp67I)I8
zIKv^KV4TI_vr<EQ4p>F-2kL;^?Ck9P=1oLEDO0hg`l$OS%wy~4lfpR{>t*2=QB5mR
z%Z#Yyo`|!T1#A)>5D_bbAR;?!iz*94NtU;9)K@3pUAvGdullAP5vNZRYlJnzCNzig
z2F{m$WdsmM%%ZX+M4BnJE)kYrxY@bDkl*|CU;SOYV93A950L+#{w}_cp27TG27LbV
zcj^E4ck%x7E`0y*y9n9C-lhEIU+=<v_OCo6`9G&n?LSW;A^X4c5264#xS=}Y87AsE
z7UJJ7%muFJFYgJvF#&UddA;;bu+(NO$a6NU-apiHuyNxOU49SoZp7UYFt}M+S;uGA
zIM<mES`t2g-dtE<2ZCZmDV)oICuUgA7X~fB;0`ltOwmXIwpR#x@kvROKwSy2sGfoo
zn4aD_e$>dwsPzKO?a~1PA{RSp#49hkjQ4v+Ii=^Q15$7=#=q*8<m94WLXwf0`e&K0
zqDyE~Y-XE2h~M?D^mJa(w6ZRyX}v?(Vc@I^ds~I68hl6C6SkDrZ?UFlWSRYXwg*)R
zsXGcwL<RQ<%5|#Rib_$czFyCX8~sTFd#~d78{F)X;_>ej(vi=rrOz}Q6~z_!7^V|_
zl~>{%VK5{bA+(3Q`&#vSv6@oLH|v&$Q)Wa&Ra_UzVWDShBbrjoufSCIppDv`iG2pq
z6~m_sVat_?VJUrc0i7*LysPLA?VZq*Ujx4Dts~tJAAcvux!Jv7qTwISV!u(kt9)&0
zw6Q*zZHoj{Z;&&-Jg(%3456j!ddW%WaXy@AsuwpuFx_IXXW+wE?R55LfUVrl4loVP
zHqF|UHl2K=U#0i(m-4c9BdT7zSkb4ZTf`JPhu|}<YFN7Jym3;}_uQytCx$rNV_?ji
z{9b18;eOL>V4}~#;2+PPyo80qn%up?{_3k&e`VGw^aq+=l<6gtLr=`?>9&A@LG$Uk
ziRC=jLXp|Ibr2NYc^}#KR87Wwqc1U_wl-2(S?`EJx2mc_@ttg%%9eOZ(u0=ZlkynC
za5_cdFBA{2^3aG4WN!qAx!X`ThCC5(f~0P9mP~hlWQ*`e$D|TtJj8H&6^xB6`TCv)
zM+hJF^Xh8A+FHJ`QD;{d9k2C5Obr+n0umG6^OW!2z1z7&e-U)XAs<b6V@J+m8)~t!
z8KJLrsDHiO5i#6Rx{m6}BUJo#D@tU64)<dD?N*$`NxBH{tS~9bVmF^I(x>{hSskTk
z!o{j-*zBq)-vt|yg%wk-bWcM@I%+-yzQYSw7TC^$y3aA5Dcimrk~G@=<V{98_?+|{
z&#c>bIbo_B(^g=gH~S%?@M{IKpsQ`!IXYq+P9}`d5NH7#V*i03YsL!L0=&QBlntu+
zFq)Hr>#VSFOJN~ns58n0Bay{1-!W8*;Zx^OH@bA;ngT1PmX=m=aj}Jk1-$6k#01Za
z7fw-R8{U%asA@iFdebWQ;=E*OO&`c`B9caNT{3aF+8m3Uh9vHLe`uQczzK8xh=MZQ
z2MlG!hxTALZzkHLonty3VVpM}FXY7+Gtv=A4YVZluSO@(c0#<{THz^PdZNnIws*E+
z(Ijo?lD1=cOY`%S=lO2?e1GZfG&>vH%FI_|PEh=+iBVkEsy8L#`&y9meRzK`c{rLF
z4|4ndMYg(f#koyT8ZSD(xohP6yB?IBFZp7As&PGW*n7Aua?=u|(-Q9#J_kTCSsV+n
zA|Gl0@+N9Z>w0?^cZ};tM?8QYV&Ivtk0|@qfSlSWZuJg&sEYUM*f_vkq3M-$y)rG^
z?p#C5rmCW1EK&Y%wNk~%*g=urkwZdruKYA4T_qX4wsgrK{q4itqvxlGSg4qoXlP(+
zNLJ=e@4x^H8&g3MOL1Z8*OHR2C4~j0OwSnE`hWJkk(O^0@}eRliU2xLs0S_Cwu8d6
ziO8kwhD*hV1Z1mReQEs=BjQkBbz1?8xI7ZtaVRR*^ZxMHD&KqV#u#*w+6+HQuxh^j
zW@p$Gg5K&4o+%u}%I&=QjkH<k;?~)|7yZ+5YFv1=RWoy}bbh3#DlaHJq^Q$E$UlVR
z4{p;*-3oo^dplUH@aYPRG(_~0C=*|G2?>#Zys*YhSn?Wd3GcVEX{H=B#{~kZ$Ep$%
zyq%C_O-(gxYax>Uu@oNQZN`I+W(E8^$W66s&|}HeXMw&qK^}Y>V4d!HbDJ8$PN8T2
zj{I-_Ab-t2kza!TZ{$Dx4F?CNF7$SRU_;v&2p^6Dk(=I~v<M}ist|FwV{o`XI21Sg
ztxzm3Y!!Ly5Jg*?w&PV+VT+cfjC1%3`Ij^D;T2c>l@ZSEI*t;A$0bXfcbWO#r3S@O
zMwTpot;%e`S|#H_8=>?uIn}^-%heM8_7T^F8acymE01eV9b*%Z;sIAk>IY^Gr*8XO
zkDNHiJ-cHT4!@PhTZ0tb*bcn+95|2JM?HoHRnSN`W$%wazes3Hh4Px=yWi1-UeM5o
zv+9=5q{^v08V!=9Xp1TKCQ~<`nVxaEc5SE^XmG0s+9+}H@v6~e8#wzPP90E+TM^lR
zwu+_fVF?9{Np#<zn0Tve`SZws<~Ke|og%yHeQUwUEmj!H9yS-2)oW?;PSfY^y@-ng
z_6rhrSMmj^9GfRv!Odh3#%Q*$?-(3K8Iedy5_B_5Y50?U2iCAeD-^nh8jte%QijS$
zO-S8vosm{s14Z}_qFJcpI_m7X;hTF!Xuh+8V1-v#HIvQr^26#jB)*90po8yAU0tjW
zuePULn7v8<_wzPGjndaI{a%vBkr)p^7(%?dBA{hvcB;>q{Ai;R_sl38Oy8TY5|H91
z#0B*Y^fIwAmX;KnA-^7(ni@IYTJ0+xPZ$T&LqOuPadrm?t{;@KTZxBKE)`W^t9C=$
zZ*>=nm1<=~R5}RbL%aHah(+?q@T&c~gov6}cuDF=u!12kW7(>*16hhaKs1+^GP?ei
z4aK6~<8|0biyK`(uw|c&NxIm&INS$zl|2N_=4LjA1r>P+#otn%G7@|8sPZI^P^h<s
zVoq3c7wG<07daK>e<iV{Ww^i9MTPPq_{B;pG%Gusrdb&Rp<fH9!2yJCpnRzT<WGTO
zd9JY$n|2+7!(nfH-$d!Iu&o}LPXZ&M$gr_Jm{P+73*hsP;D$p;h-C7RDsu4W&#_UJ
zWq&Ab92O3h+|wVC8*JF3hG=ctaSOH^x1Z`XnBNm6X&TMfYczfs4z!PL)?U84rbQ?n
zOvLfuM&%qRiZl>Q3zd)L64IQ^tICweZyj?d(LJm&V=YqpJ(*}8Lz&}tR((_IR!vWN
z%wrMotZ|X{E2)syv`eq(!$*AchRA?LNx!3nS{NF)ah!hMw0NM1?M!i1>lH+vLcrp5
zxob(jO%69zJ?{e*BbgOLtt=~pzgtXi{<4Qm#IM8=4d$o;q^0E`^XuVak|k|>gOi}P
zFj(amL5Xik*4u}<i_GJ6QygJ@Az#G1>UkfabV_!;!0a*aSC<@w?7Sa-MLyL^$e9tM
zZxqFunUyX*RVO?(Kx<;sCd%yH+qcwN=X*$a+wb)WiXiRom~h}YAIRegn8g?vvS<(G
zef?k2BO@&;7WlWeuHW5F7BRVhl-ASDcBx;67r>t3I3#p*$C2!Uuy=;YhLe(z06`HG
zW7YVS;>w8N?lajtfk92#IWE<qGVZF=BP`V5AlLMyR8W@;mX&cM!d+h^x71s6I{tFG
zXz!Y$AUJ0?<vj99J>!4`L;&6GkULx<`T?1rX*@v4(`4_aE|VH(^R+0Dc*qZ=1EM+X
z87YBo$n#;WGd$Z`TNUAW)2<r2^^SI9$zW(`!8bT_kr^@j`_G?0X%#O9)zw!n9&0tD
zCkeMC$Jvj$uSlU_q3A7KCqA?3>l1$a7SrPrfe2oEOj`CqEm=Y|d@Q5;*!b^P(4#!s
zKyAtGuUajBjmK4UA5<Ab%L#?*p2bjnAjs_6_^{s?VAMN(!9*}-vPq)kre$Rx4uAIK
zNehGXz$Meur(^?=O!;)d&wwikMCvUjO575n6laH`AX+K95Xk6|t+<*~*U>6m6P!Gd
zv2z7_jzH-`3k1br6bG0iAX{Nw6lG^;S5?J}Hy?GmI2A$ZO<A54wB-ya4BacNA5NKR
zjgQhl@ub7~jg3h#1w($he@A|WKgeJGPvn=L`5XDUWZ~c@S5XH(dO4AarkiXaFA2!`
z3k0=lY4I_>BwI95%=?yi+EbzSknA|5<@PWu@x6tcrGL{(#BO{ejr-h6kj^MtLt{zN
z7nLqY;EDO>WdX;>$l;~f?{2EJ&T|;=T!#vtUrqANdIik?zWY4@@z;qI`^?^ie)If(
ztEC5$q}vS%W3=$sv3$t_Ob%N!jDbxxu-fJ+^uba`^wT3uYJK#$yd<d05+Rw?fP;xh
zMx)QakoT~PWd6wy4h^Izs{-CU#4b5Q+Tw-i2Gl8jNH!Zjy=n<>Fx+#aB6VH?ju6b}
z>92G!-Y{&u7w6i1FHUQUD~Tez@}_ma7a|dloc^?N?zD6!G{%;Yj4U}inuC{jbpC#~
zBk-ArM@D^v@VA;4)}QCw%#$ewHG>0l0i4ZQdW0e7{>e~=;Jxsl5AE#i+S=Mc*V@kU
z9QEKhp?2F|hW_;{`r``Es|S4!hLM;MxoR(UCq0P-XQ_m6oBBMDUis`C&PbIvLIZK*
z1JT3%1kLFLIJc=jAG?$Yos~&&LpABY5&a*&-U2Ghwhh~*LAnK`8;0&~1PN(|9zaTv
zZlzlqq(MQthi-=M1_23??ha|#kMFnNwfDEy|9>u)!!R>43_i!)&wX9jaT-ni!1{rZ
z_t*tGu~>0`HUC}VyrvUb*(M4%r#we5zo6`Pcoqc5Q?k!myIm%){PJu2$Nt40{FY7b
z>Z(DGIb%y<F6%F+j7sJ4fkGPv)uLbvSoh=^k(l`|U=#fsfksGtDCU&2H}pl9?T@h?
zNS&A1@chOZnoo}emNMmuhMw}-+B&+8fg2{0pH-2tQONNtQB;LX2hlybG#9flOtcPY
zR~23v*}lF1ETU*Tz(g2M)}M{S6V*C|Uu;tr-QU-jxDlL@folY>2?)e8MLjD60y;})
z%it|53_JXS<8kAGCS}u7AV)$<uO7(Hk<tY?{&&T^>Wa1v52<f#6y)dU-YlaQfw@%8
zFp${Olc3>U(%4g{IXo4%S6I!rVZJYky$f4QIEj49mMqIPpOzPBOZ=uVnWm<mrKFzr
zdM^0=n9Buu`@+k<Zjt4Rwpui3dz0z`RN%^+&Z#~})>FT+?@sVrE|n~Oxtqgbyt|lH
zz!$DJsa#`1#jhj{W&HO|wuWdUzcdby{er?S98MeTBn}FWK(r~?#BZO@be=zL)nIRu
z=iej#@!^+#-UnR2@uWt0vLSR4Tll7qR`1cJ9)S*izvn0MODF3|_$X7{@?84#IHGD(
zW}?9cBxXdP?nJZqDpx<5h^aQyph8k5kZ$nkM!;nQ5e8?J2;*R6D+!k-ZcntQl~dp3
ze6C5al(X!i;&Qwhnb=4^8)4oMbAwNEAW5UmP3fRo#w5c7%E@>N^nAt_t<Mg>LU;#6
z@9sM_C0A}L0#h1RVq<2Gh>omrttzXikj@R7B)M$<L_8hGJASaUT*Lh1tnxh8{`1J*
zAnVak+3p+mLu|F9Dhzvd57u_`ET+6KzDlBoN_4U}2DHHDl7*SsZemRio;*LY(;E@*
zW2C++1Ya%}h%BB#l7v4GNeZIljwRw8IveroDX|PIjI2F1UXecuHkpEDIxeo`ZB;GP
z!o0>=$*%;ncA{_oy3*ld&<Sbtb}cJr4k!bM<6KjS-@R2iY!8uxhV;&VVM0~=n%ha_
z_w2_-+7CYBlSxin+*-b^Ak;Y4T{8F;;;2;o!ejgs8kR_m8#8d@Y`yM`UoLjy;*z+Q
zTQ*}Byh{u>2?0dhKQ?r{7nqz5kVKTy^?$s22}mSOivYVZn{f+a4xwr3bNr&MreVD;
z(WVjLkU|?pq89*?9|14Q#re4m@D4FIH#yl!1GyzzW)z~J(W9V#FWDu3xUnHCOlx;u
z=e`1amU4X_NzD#<*~jpnDHeQUcxLSQO4?Ic+LcAxj&zM%qyG+P;asO~VfI0*_Dm$|
zOax=;$4=s{lAYNtMPRfmMh~=H-Zo0upyb4##7&#&EX@R;KH)x1IGpOj0X9~<wzyfJ
zx*fUvm;CDgoBZnkkiY)F$*&goFZq83!@*_OZXMqd%wf@7phVsHVM<W4>CFePU%SM=
zBkH^Hhnep|x^B@2d4KBb7`}O|j%-d&kILl5{m&_C4BbTJ#qd5GIcp@tmGV$z#n-;Y
z1~P97UVUf$)mOYgMXkwv96TDy#TA9gBT)0O08gY4l!g^7ABH=#s<0l$H4&*F>cKjh
z8(i%l13hnli<=>ECD6>ZS=Q20*x&!Bvhv#NVX4i6@4M-&Ym{%p#u|uFHCHqX8o*jQ
zl07i+E?ZKNk7smf>~nMkP@ijg9MsknPagzthpH`)*dyBZd}-BmUE~G*UPu3p)XTRJ
z_CwNzx%r$gwHv&|GzvCsa70O^r!$mAmnK~x2}oe4H6)pH$BAZK@sMV7LLKR*{e9Z~
z0>Ut9p!bcW5fJAFQryXVX%)Rgo;n#||0!=%hMU&rG=<=fsDn-|ZRbnZc1`h1@F?y*
zuhn>y*8u{F=RniZPY{pg@FuAbFZ~2LPOJj=AL!~h(HoL|XD}9W`0a&})wl(SYfMKr
z!G(%8W{ChoWbwuQ;9A?O+11|8k^sh?M;XOZ?L4ZJUycyfr@G)?k=z%vF!}(}S|%b`
z_Ri^KKH)yo@p*9FRrxVLzq7sljn^8R8Wf-tkORcD0g+CPW<6nm*u{bJJ>Y;rhyt{3
zkXkD&xQf4GK9e>Qb>f^FQr?KI44{g(w76&hf#BRIDMP;UL%!2KUW{=Pv`r8!kK-=C
zC5RV<uqazm;@b}olF{P&`Q7vVT)Nq^{53Ea*@z`Ct|JTqK$k3KbF@1;EjakQ@v1gZ
zsLO$~%R;ov4YkXoF>08!!H3A)iNe$LW9v7m%sKM5Z3H+l7S2xJ;kW&2xV1(Sni^@h
zzGJ&r`E}QWbU4NRlt`L%F!T|W(-$Kb<*?4$b<FGaFUt?>q8^mK)c)55VV+#so?fO~
zjdk8f-!myHj(Ju=A{chG5$FDCP(`Oc%=kfMa>a)p0sXIIA!l8)l874RYmpTR$V(Pt
z<FlN>Ad#Bfvl_i_q8SlzIigR8oQkKsO7K9gsk5v<*<7xB-KrDOTjY1ZDY<kPpoZND
z3zvMp;XXa4sLU}XCHdf>d;6#200>5ze94ai8}>-0)vh=wan9cXk#j68E>@Q8F$92e
zrt7F>j)(PTAQRxJAq~rd0)71jMeUp^t-QLrx)3=dP0eXzov4jcp-ylkI|gO?)>3$5
zsP$z&F>ILa_zl~~V3qy3Ms{@%awZ6O6wdgQoj?=4cc_;-8v13|AjH+GhhUK<q98X<
z<qx!f4E!U)UHObLt;&8!Aft(<=TR|>*z>grJi9)OL_NJa7%vOjX@DWf`^*fPlKs@V
zj>s;bAilIl2R=3`tgm=2%$kM_i7`C=P>_+L)LPz}LOSnn?Y;Hh@<;z%gLZeE*tPt0
zttM)fKr>^sz}M&`|4<M*uWB2T#kEnoaW@e=gn@BAhj;4dPcI-t5;%*4OV@>(V9k!L
zD7APy0W$%jW~xANE+)bp!Y;BnKK3a|4o|05z$B0q_H%jJNK32d1w{DMk`GoA6ZHu`
z7kY@zFGk_La^;sM0)ib!J{lBzftnHo`^TE`Y3h_zcP$mo9OIlb4_0c@Dvq85BXQa2
z+%%*LIG1}S^hibkotc`Ht@pm3qI<j>1Mf0{t3Ew-9<cRFGFmshG`it66@Gaq88PS{
zaZohwAa32Uk#S8ad}$I|)gHMP?=g(RE?hj;F86VocIeGT+}Zd`Np@Elwy$YtoF|v#
z^yI5b#}{oepNs6-PHNZ7(w=ufXl3!`HOr*aQ@gTGdR!!D8A8WSG)xV%{%TIykqQ0g
zdd?{#{Ma!JjA-GYu-C)`&f?=jtnu`3+1U26s})%i1soK!L*>7e@S8mEpLASwfvaoI
z0gLWYj+TD<E3!zqa(<zo9rjBunoobpul>KtukjE0>;9YkI<o(gA6p3y4!K(6V%FwY
z80OAKNcZfoEe}4Q<iy1N-QDGdg{9dmSl$N3YT3F4J&m0_prh$SeSaG%qrb`z4Y}c4
zoSx<Z*_9Rbt7*+>cEN9MZ!YW9idAMfnMhujI&AxnxZI=pcqxHB^wm7{1uKhj(r>0m
zi)0o`4(HE_0IA5$j!YklraCJ#w(!2X#znGc@y_zCYjaZ*r46f#-pJP%keF@r3VlvR
z^Y8a;N`mTt^33wF6XL=WfSoUxA;~z{mR<pa`b$hIkzN*$WzAy50CEhQNkf{mPke&E
zykWJOk*&RB9&`TB6|p0pn5<f=*D2n_?Smg|?BQHlGtgc4@w+1I3)vnw{k7ie<M>`&
z1+E73k0qa~$!Vi%th|4{Jp>N$F+Us_1`iFrnM}8_vJ$YHV}k<&6-Z#yA)p*i0T{+q
z*4B0dB>Jcdi$LdECoKt54zdO@bv2+LhVKR9k5NNBfY{+(2~MXB?oAMh<*lgxdpvwh
zw5Fo$1QdoM2K2h@Hac-brk>YB_d*?ydsvLD!+rvDQ^x|g`ubZ_FbSR!o=bXVt#yej
z|0BQaN<KQet8z?}BQhGz%mCQ^?0r~sjD#Hw-N#Kr)5f57SnPoSes{Y|Y;TWSCL-x5
zVp%+brveKlE-7}!?f0i&YIl{Hks0Y_&9LP9v7t|upg-@OC&YQ)|LJ<eE64O$ecw<%
z9Zt3YPk+)VR@uc`*%hS9a0VW$;48jmjmLu^*R<^RCTazdGIPXtq0yP`DpV0nqY-Mz
z*~xZwe!fB~G!N3_Q|KPfG*8NVTmRzKQl$I(U5BhuHRcgZza9~}!mSo5ul}QLlevvy
zwMvsYXUlJv@^YrvNqwxMQSAvta_z)el~YOQ`uVn}Du?9(K#h1J`}f)&Zck5-j7-El
zR0Ej&Wo8>aIT*3E_m$a!#GLCy1`E-=^9Fy%%KAHQ?&fys;;Q`d<J0l+6C91M25n+I
zjBV8P#Oo1MdXKusp{p;i4@_mhefw=ni|!r420&k+mVAC*b8tPzFpCcl`PIPoql&XZ
z78uOls4e^C3W5|7!g_lJ4Ux5n_N}`wp#8((DqJ(JA3Islcy9Ou!3v-OMMqG5<H1>&
z&@Kwk9Jw_&3$6k<_g|14j?>r|71qKKuc6B3;*5xB>k;c(AC<J8?nV7BPbd(-h9=|%
zoKEZe;66s(lp_B|*^^gpf3uHF)|Y&%#W;yJifUIe?Ktgt1xZl*#!)SV`1m~$onNnL
zxmu;&><j%w7glhcPjW^E!q?A0hak`}8NO-@cvJ(*f%+LB`=#kr28I>~6f&Bcg!IG!
zy*6A0VAe!LL8M2anM-6)29zT#G&EB{2&9Gv{LOxKAc`IA<8h@d^VNy_^mu}>J`wry
zvoD%R8Uocu+I=oJt9fFpJapJ-Cb_i;x)a*a@Mi93s-tHfAKl(jc--HH?S&;n6ODxO
zVs$olfdFpC{LE@!^Vq1C50fqWSl3o-_1mlU5ocYcWxTc5)JiyX`}DXs;jS5%NE`Ki
z-^3-pmiXsSdD*32H5{An{fuWS6CmHos75^-c#Cw>Fyw<uIW*$$T_S>eyVIy$*_E{?
zYwU^dqoyxJQhf$hyawShPCkL}!6Y6LL^8fF*U;>ysCD7^ePcK@zrhVISJA>Vi9`Bg
zei%m3UF*xvOHvW!S2lKzHk(g?F{OOXarw=bBE=ywqLm8m!eb{HB%0Nb*eOuNkdXUw
zynuAnI^=tQADBvVJIK`thzvkLoMcp`jfJ$-o%Y8Zn9dHwogA-N4ud~8n1_VOQ!J!R
zdiG6Da^aH#&a~{LBnNZzsoATrAU*jPPa#PRG%e&8M9n$OuVCn(W#_f$=Vs>><P{K`
z5F&s<er;ppnbX|2cMWTADzu#!gx+sO-}if)aI5}oOI^@uzvcJ+OMaXGO@7UP$Y1;4
z<Ttqfm;CoeaB%5F(BNv-uod_D?3AzbD(@!1avn0yngxO6RG5}zR3TYq)ND!?*B%a(
z4(`6Q+~TqE{1D^hR?NBMpCFkyolWL7MMkkYDmSqOBlK8>gr@^0;2go>O_#!C^tSry
zKGhX8V`-7PFBMf>H8BuWz=~j?^IJ1plN3*P^Dy~>zG;$d6p3!Kw6u^XRmCy`>)G;l
zM{*3RR^)?gu(o855mY|ofaq<;F3dS1rD0&e>c*3inK_Xuh;up%><0tIkn6(*L^O0K
zLO50ymXa@YM?lyP&^ZiO4fhc!9(e*?rf~g$79Z}6h>D6T?HRCK0bAd|`eM#!i)izX
zk?E#BT{rfyB6V!6H>50E5(xeC!$ouFrmP+gzbLOP$~2zv)b4&ilux#zG$R4|;F3FP
z4C4b;oE)_Rb_{o*wZOv@EWlUz(c5w;i(af2$8*-wc;wgA+@#&ic?QVG-k??l3%ttz
zvW|7au1yG;Gk8~MV%E*o;C5``D$?~;^0pxB7~<E<5myzQ2X~k27D;OdsnZYgPLAmk
zu5rbK!Y_ZllRc4#i9a70W_4bd21~+7mL!NhFM-%ZuoS_1+2^^A4BT(3ViJQ0)yz-H
zHDM{AlPe0^YwK$>E6R$#hC|z#H0B&6w#UD{_TX6DZWz8Rw00cUn9-(|Z8Bdq>KYSg
zQ?}^t7SXdsxgY3bn~l_r3?wx|j-IMr4{7=-qJ5}Y@$(B2uPqsY5qDr+wYPrxO(boY
zvn(MSvK{#?`1UsHOJX-5bX61n-9`Q5_V!|+)w2Rn|7>o&8wO9X$KliNH0B!wa87r1
zeTPC&69#i`Zt~-(I$D~%Ou6vd+q0>AStG8Q=sB=I@|eIPrGY)3-q8@H>0lx;F|pCn
zF`#YvV1FO@or^9SUS~}u`z5+xIwVG$^vM=|WYQ*T2p9#E20+)zVh}PM^>vk*>7Qj_
ziz>s8f_2=c$-ke(Y))u2;CP1@mEL{S#a6W?7B{cZYey*8nbXLn1F>rC4vLNv3@4wP
zZ9+mHL}0mR^^}YESv*}P9*Wi=E-aP84~pK}*^aR=nztFWRcJ9x$>HgYkT7Tvq5dJV
zYO!6V>#&!iq!}&xaAP#<9~1<NI5u|bVb-NOQPU~G0qT}sQK&%jSP#J)HA*)%fAdTl
z>(s)4=s%>W5KD`E*&S$6(GDOGVxXtbFDL+{s(&LHffi%HCCb9g44CMp-n`kv`@8qq
z=6Uk1y!;TD6ayMReU6uft6p@nN*Te8b}|C9@2l3zfTG6^R^!Q4nbdmdd6rdKd90R5
z3RvZCu<A~Fd{wt@xx3_>P8A7+%iDF^YW>o_w@vu&J?OdV*m|kz50!oUmdXhM>{cFb
zZmUa62TO~cZ?inn!29Ag?zI+OV9LO8k8ls72sKBa!TDP^{re4hFL%F(yyl}uFOkZ#
zI`JD`jSnJLbdHymEN9_`$S2t>f3mlH{MlZs7zD1G;H*YQS(o*4aM$yO4?n)dgl&^{
za*(SK-%j~ID=$$HB_Eh{Rd$F&9z8Fh@qD-7%ct2NmIqMb@K5<kO+`rv3yfemeFmMh
zHP-0$5%&$H`rIh(?h7Jr;ZH{!Oq}`{jTO7B`rL7tnxR@HSs={iAL~*CbR5L>ugwnS
zCcv9QJfI%*ZyplW0o39wF-r~RgEDMYkw6miE#}TcMkaa*k)kprzlp}J!_0|~O&a8r
zRMM~g%!(N(6d`p=^V+aqF&raMFG7lBa;}4Ht4yz!PIA(9AEPY{NSA$<csN?ZMJI~x
zVer4>o1C65$;$&AY^XH4@N=oSoVdj-A~eseVZc6|k_*t>vShHNqM`~12?Vd#PK$_U
zW@gS&&7iEh$q8t@?pXisonUD5iy4yKfjx1^=T_15ULVAfO`Dh569NqquH;nmyQ>W<
z6}$OM{ty3~{96BzzvjQmZ(8;*`TM)!;5<d0bt4NUf^%CCEH@)I@i;gtKb4-_kTtEt
zRqLH52SdfVm2LNvI!XLrZxe~VjB2AAD<Z@FV?$CRdkdy<JCu{`p4<qUXR|cb(YPSW
zDO7GKd8xYLu*AqJR3zpy@#A!CN}7lyG$~CXX{lFRv~RwdiQlV0pxLS+cqj?$m0<=o
zDbu%L$<Kui)hL*SI{h_X1~I-F2z*#=i$yFvnO0w2K>3~Uhpdev$ZfQ)V|tPvOpPMx
zF4_b-c3RH%Fyj=lc!i)BS`oC81Ch=?T%w{;Qf`Uie?xl`en|M-!1+l5TCromIRvap
z_6`mXj*bA;m^)BV@bnbS$pCcMQv63pM}U88wMa=>Ss9T0%E}^MnhL>zEiElq&6T2Y
z$ZUBwK-BNVXP2z=RqV&$$gr?{QBC=|xZtoifOXa*q{H{-VXLRe&)oMe75Z_-e}8|^
z-qzvx(0gX#7h*u9imsQK5Q-CA4x-1o`UY(Hy))gHf%0=`x9?asb7*;*fwQG<)Nu9@
z%Ecnz_B#J|W64=P%a|?r2?N?OeHjpt2KQVenL3unE*AAna>9ql@r@m>lJV@rLX!o!
zdcTHnRz7>ZSz?P81%p2Pz90;>*BSQda<m?i&WF^8={XyCcW@Zzkx=w8AK$DOeJO^G
zaOl?0iMXq6y7IX*Xd^Jx99};BG3w7P;i22eqDAnMDJ3t2K-hcB3X_ddQC6K$A*$M@
z=7&&csefmiImP`eX~xp-!_llV$T!12Mr9|qlEb{8!P`|bqM{e*s{Ar1!Q6qMSi0cR
z$Fff9+#KOeKU|h$H5>!_LYYKZU>7K{u)Bw|lv89FtkIA9X``V&6)-W$L;$(pntFQ6
zzn`(Fbu~3b$Q}>JGAH1w(an9)oH2Z7NzaM$c0^rqsgPL9Sj&pbk$ykFR*QjyG`BPd
zDZf^mDBEq?Jldgnd$9G*D?rry)%_%O4}Tp8V+DI{9TT*WQy9w2RzEfkUEj~MU=e0p
z?m&<JOa<{1&0iJT%(x0t_tmg)gVTn%9fk3C=@EvgF)22=>m0LYw5TIyL0576gdxUF
zew5{lu1<ns+*%sd#C6#lMGQvjz4xf8m3ksTT4<3+nA4rPwALw}k~8Z$YjG2CMX0>I
z(aWQ0IHT_~2icbVa@%}N$@PtwJ`bnftB*T@cjKP=?&89nA1^ZRA`Mnhw(9>L5)eLq
z>1l6{w+Y}v0X~~_w-_FqB<hXCLd<NGZ2e#A$c&Ta$moLtC}qqiGU?>HtFI+V(c0+7
zHeayP&;Oz^oZ{B{Y-1unX-cH<q~m2lB1GEZ&$NzZ1C(=*fWFYnJ%SvzPB2_095C5=
zh0aBE`QsH@aYjZ4oH~3Gf|L&M2axarULd0f$)m5RdfL{D*E;yha_@rV_);QTav8~L
z-|#u$3m*43O#OVv`4fX!N+be-wp}UPB!D!GbaC<%o*aB~ZgGIkhtK>Oz5M#Wt;cyU
zM$>1k!f0CWeNR4BKD$@)stLQUwrr0&K3)4B?|cA+l0XDCD+tszGCi&N(vcCiuK1->
zf?fnI2hYn+N_Vva-bmd0d^5rJlh4WcQDqr;kyD^y7Ay!({l+<LTfyGpeL?)KyfYcD
z1&HyYhtUkcOIK^Hr)yPpuLlP)#j)QmKb$w18B-E}<shcO?hz#)6(wIeuJSLNSvc>m
zzNWL6q?CLbkxm&=h>_$nAFX@}h8^B7DnQh}WmJ0`rOrf%GKD`d?_Vg2>^7nf_<b^a
zEOyQB7}+s<AuVzs`V2l#{yg(61e58K?gXd24N5SnIb(8VM0vRslByb2dPm*hprkm}
z6r4b(OVMEDfZEc3XBFqHMrp(Qii(uJia=>{8V5`UlQEh5)*~7Q6RwNHi{j)J)fT}m
zc-u(b_Y~5k@APQN|H+h-^j4_|j~nMN`Gfv9`L+KcfAxQp-wN_C`BU!T;C$$;VrehZ
ztWxHRx?`l#2ELOy`sm^QA?pRZjVE_`8-;0Ptqf9kGA+Y{>r*%2G&5h|fNa)Y+J&VX
zkV~}tTcShW#E$uD3fI<}7()n~^?><Y1lqZc0ZB=(Q%q{zda*T~yNH{f_E9hpwh336
z<n7Jm^A^t1(mL=Y%22Si{lUDWipcLkvw1krd|~Z8I3cyCz__NSwXeR>F4KRsqOEUa
z?@w$;+f<%I#iu@=#^C}Eq9}4@YkLmNx9b_*;Pnsi${9^wx8@ki7`5}GoljIC;@X)+
zT#2ji3yJhEFn#0&F($xy12HJ<RnbIW?d4a?Y|MV3QnlltP3{|)(NTt@wTGP&;Z^=<
zl7IVk`n?f__T^VcUANcojK=%wO3NnvXT1m4hiW0`nGVGKzuE0uIfZ7hQ1U)k1i*7O
zTRma1)HCAO{V-ydXD@eg<io#QM@{8tHT(2Op9V&;YjG^X7gb)<zx+;E`Gpp3<RMAn
zrIdyx_8QUshO3$;JkeBXZqoe=Fq~q>#D*iVo(m~Qwoyoyifz^zWJ4fvz1r6iGpetz
z4<z1%08)0NHZQ!o;8X>2oNxvt-czD-&V8zFj7c;n3i>iYW)0-j<L3POVlA1f?2V_)
zq`;P)(qv2aY4%45!-g03fk>-^n@uGWjI#;f3G*#J?pBdOmp<eLTP)v{?|sW4-ZmCS
zn1HWn{?dHQh^uyZ53UMvY5PVMN24e7UggV@?|!w<=U=%xE5A9Eehb&$H}OwmU3<3v
zLS260eRNyU(dN_g(C1sb9HQ|jc1b7^X}`7F%qR3Y>rVg_9Rs7|;apj7Jvq>+mv3gu
z5LoQ+BH+9GOaj75@}*Ar4Yx-ee3@t4%g>lZkkAxWVc+fGn~w*w8a*8bye_x!BMhy-
zv+BLfP2qPbw%Doo?6D=L08<k){vu0u>yK^Sk^t0hopS1Fi;Kuy2O<gx%_S{9M!x}l
zh9*VlL9|u4LwDl)E{RBrX;kGEu6XERLox@1yQs$1ZQxb<@LO`zcvnj}Bhp@tc4}ep
zhyi-H$hoZohMHDdYhUm&u`Q;cea}VmPrKu?#W!HqJfJ$5tv-?cd^e-UTK@3{*K~HK
z)iZk;_E_9{Fa3S@5>#Rt{VU64vuu;iSyooo-o8SS?fmRYc-t4V4M}ikJl5{F!@1tJ
zcEg!mkM8d<RgNvxZo{4eL5r>H$b(~T!R3*%d+B)pdnD+)BJkCCK;f7KR%WbVxeN4b
zdqwYp<WD)6CKVUQE*mWo8NV1Z#^*GDc^!wObm(9K(csW2W^N$p(Wm}Fy9*Mh6dPr$
z_GbK7(=(FKh}hHKPHF$2QVekR^EpDBm}h}#?b&@+l&80~Lr|BE`N)<oGgF^Y{${Du
zq~=En)cSyTeE5nUjPUMXIb5WUB!*{iE>2k=&T0os9azr>4WhHxztm=UM`~#PIF$u?
zge0GA6ujFeO2qUu?W_%nJ^m9rj%_l~9!qh3e*WiDXnSpcZGCf}K3S;?70Ezzb)>qq
zwDcciAE4YR2e#b+>wJFxCZLX0Fpd>z6%J-O{^lS>X>z>kbr8#LQY3bB=@fdy%6vyC
zl?P0rbWLso@@!M}^R*f4zTA+_<PFVvRn`UWt5MjsorkK5yTOuQ#Re+}?TZNPRr1ZU
zh<tU~8+2ys!;qQ7^jm^E9aVligZJ(SKcfFUrX1amiIRu83$=ar)|VBD#XfPPoZaKO
z%a}>SF48dO$P+d0_n@rb|LM5W+;}pxAK3B8bFp*KLpA@W_Ba2$VDHlD5)TC=eH{XX
zteFGxX8|=Nr-fnPpsU+^d(A)(gOyb72P!@r+*eC0UK?23dmq`$;RR|HT8g5t#=hZd
zTM+0Vui74ZWaD87sNxJi$}LM+)iQa#$icWoK$$sBZn;SgGb}#)oKpT{JzluzFZsj&
zH~Dq`A%E3>lm7$3zvTao4;Z6$lPQ~M*==QMc&gP?4+mFOGP#MO#fVoWt`J`VNfcGr
z*lwuoClhIl8v)dT!*U|+gjzPY!#_nZ3q`=<@961JFwlaxL@eunScFQa-s$Ek1@B;N
ziIH#++N6jg<%Bj?p}jXqo9UYgB3LVkj)Jm8I_|WL`|60V=?{%&E?l(oKKsc&HICPL
zQzUkns6Cx$>_(M6Oe{6KR#r*0W^vt1c%GLft*w1xxmfx%2*xkShruX)r0E$M?(S{@
zy;4KHv4f2e4xi=mnj;X|-mLAn<7@>s-7xD|R9xG-T+b}1Z=5jp%K|%VrTyA_>Dk4-
zzpmSHQTEF&wN;zF9(vc^AjVz5_m=P?{8XnwqK1dEy0~V!#C6e~w?@wPJ}LpK&LhSP
z(ZG9&4EgMQr2Kd;vCL$!nZCwS{y5+9baj8y!Nkf+Tf^B;Y&7J!j{*^qe0(U&$rW#3
z6Sy8_=OR&U`?-v;mG&g8Y0+gisX3({;mA@xfu9u4Y^Sy6b#h2lHDX*1_f<}lC`vM}
z=50{RZjy6YR5pV4jCP4<N?;^MH4f_%NuF3CBG{n%GrK_{t%2d^^(JOrFAGgQHcpWg
z&%1~bnodO?eKONDU@B8O4lQvM$Qb1S;+WRDk)7ahmFe-3QBaS?>qM!CC8bF)-sa+q
z(y|DfP;cyRfMzAcB#?5ZfUz0V{+BA(Ex;HyP8=m7EU~hFy!xww>uPX6-Av{o<B-vO
zy@^AIO94d!QBzuBA!C5yD!p@%4dQJi`<v5q*Q<tx;l@2fzFfzvfu1Ft@$$@f3r)Qb
z`+<1#6tC+}d=D1CH;Nj+UOBBf{_}15$lkTbS0=nC0=t#w7o{&H@s;;k-3g~4%JR4$
z`{rPF?8k*#&Gjc$ANg8XZD^>xxj8N3QfEv$6d2_~J&qg=kXw)dtQ>=2py6V4#vNp-
zK~1~~vM|vX?QOrf3XA(P{wO~uF1ociSkTJo&ESt~D9GKU*8^VM#~QqqE)V^E_vgq?
zxO;l#ks5XlBsv@Z`K1|Pq9^5q=1nX`{TxBC!30CywY+TdeC%$2!9gI)>2c0*iaAH{
z8z_-eiG9BtCF9Y6q%BFS>hs2&B)u^<g{PV_taFnfX|_MH;;r?2)`Q_5+FzF_y$<$h
z^AGJ<{jxSNpr#I~a!eE4?R!4D=_);d)FRcJ&I><8WKyh!I4R?1H;`G@uVz9^)*^`;
zRYE{LO%cn3grIy0-W2OlPR(JRJi@t%0HuIcbYi}7^?BFM?ob0y<pAl_$Z`v>n(k0+
zJfi|<_qE6rC_ch<5|ZjC{fCvZL}zGZKa7>+g4OX7wABi&QD`3~zg053VtxDy)*Jzs
z^!UHjPom6T|KucZ<D=+!mMkVo@qj-u0s@*QfcLAR;qlVS5_rimwSgBa>3brMYG>=R
z1tYO3_F}reeCIw%`Rwh7ug?~i3U*FdL9O!M^N-%Ce^BTAc64uJeD{J78C)ASW4@+-
zyt+??6~$%(9ZcgyA!RG;AbV#N3fQ!B8S~i-zo6aI&n}fTK}`jzP+|(OpB3lru<BEV
zV`beTK4;l*FvMHQnMH1a%y`n|mrGtwrEq0VI`|W)a-WeTno+={1&t`l&W<w^c`H%k
z<im{q<Zf~^AwO;M+)iNSPg<rQL2os6v%{&<AxsL!n29<JYu0B<h*;?bV0r6WwUqKp
zP7|mB?tm0bY39U^A!1#IP8M#nxcI6l8&2*QkZ=IB_i(vfBP~hY1LydTzgm!sQC5#Z
zY`)60s#h4Zn?E-q>khWcX0p%%UIVk>G8V`)?Z*$NRodhbQ_+%shed{gJ@E4L^6`^&
z!%mAbyM2Wot$34wlrGT6i-m<14~63=9RxqP2?SIJXM&NV{mQ&FskT-n80KUTc49!;
zA50_){AXN7Mq2ypk4R?P#{ZH(>VK18_aE{@|C{{I1OJlWhaL_t*SB%&ijGd?@OQJ7
z<U{GjDt3pT=k%Re`O(FpOSZzWAKO4R(3Tgy9inAzLOKKn-e)O!tyDgK{D^ad?&JA)
za}r1*9mNwtft3~)lW+s->DwVp#iS#^y9<41XkkHr;pXzfGl&`}o|I^x=_n@jLBMLF
zC24d=K|YpOIEJVAPA^x>u6@vaLRFYJXp4i#??Xw+Nf<Eu=UN*{o&@%<gh~utT>)Qd
zfHw*@8Jaj%jX%G~1Buh&)(QHbjq-uq72qMAUaHVn-{&{-c|FeIcQIqXg@3mWy+LOc
z>WBE6wLB3K>Eo#u8KX7^C#*g=V*1gsFcbnqL#OQ?6m@;KrnclYu8Sb`s#Q2O|JmOX
z4i9>#&w>7;yWKll&G#ixDq*lRH`AIs?F72$_m2;k=_me|dn$p_-=*@{81HN`Ny)~!
zk3%-UeEEi+9{{Rc%#?|7;gFC}gbmp^%Kd~p9qPM|ti2gpU7{+}E&VLy^rp#@91?gD
za(j%kA}ngURAg&kpuU=-hS1>avA%1Sy}I#+<ujp=yuOikU=J%ROp}lmPJM_da<Xc2
zgDDnb>!8b;%urAO4_|cH=E}%{tEQiExA*b(p}o0b0Ob3HOqld&kHI*7OOQU4qB>Dv
zzWC0ag8}kk?8&sb*D7I^YN>BeUXW6vsbj(8i&PhHUk49T^%L{65{o(7QNnE`er~+~
zY?M#vb^X(EI<OW2^qq(=bdY0y6})uRZCt6e>-coM_!t&TMJDS1VYg|bv;|Mgo45K8
zHgFVvbF>Y@PnIW7^oj0e|AQLC;I729VB{mJ?hu3N7Rq}4o!AYZnhQ@gkPa)MP7LoW
zmI~CqnBR#u*c_e0H<DPvimD)#*=jdYBLq(vU)QOr;SZ-Nla$uiuV3K`I^lg_IEU~y
z#vOi-K%P#36ZPjVc0ox&dVxVbSmetr6r0P{E<{CLAPq#^N8)Vm*ZtP|O<|ALqEV5j
z_h{4ly?*tQg7?ZnCP#x&cj7+05qynExP3fy(q7eu#8RF<jQnTo?5F60n<Kxy$2*Jk
zt09U%A7Oo+K2g%QJ*dg5q`KG1I!C|5=6$aE7aZ>eKloMjO_l%Za1?}280-I@%Mp}m
zP+4wsm310r0p=Fm4lmEQl$(u!J;zhZ(`3Mb?iRlS<j$dVo2>%Ths8je8`r1~JpR~5
zc;4%npc8EDv_h>fL~*0w$qur1(Mj6{nB+x<Bwiy>`TMjB0rm|vuSy@vI^rKeVvs=S
zC#SZLJ(1rXv5%rEI1&C7zjQ`0{r33_Q!#nw6O_}WA-)rAW%U@Z9IU!y^LD)Z;~4WN
zyy6_*(`kb00l4}bxfZTpyZQa4GFo@>i6uTV?WXtEkWmCq$%hNKn`x#?l62_JIlYt0
zjccbQ{B<LzR4|@UV2aMGlnp4s<L?`n6kJdHZ%>s!EDBUV&z~nMJ~Q>f?XdR9!E$9-
zrX3mJdznJ#DyGkgu#Db^vX2F)8`#RsxRn&X6E=XWyP?IhIWx6QDYy11(9~3tp$E~@
zzKP2f)*xqj)t&4Io5q6}j#CU6?|Ih%3z4Yap+M=tRSA?qR&isF1jP>HhPJBWs=al~
zhPp1^a<@2z?T`26zf9zh*XoP#$q@8onAXRaP=A!WGwU_+Uc{?;Ahnj?m6s~L*Y(iV
zllu|Iet=9`ct*riquA8<0jMxo5Zo%U;M;Y69`B&l?bXzzO_}0I3H0Hg=SS?E9S#Vp
z%fN0qq0nFOh6880UU!=Eoqdo+)P8SVZ9E*V7&|Q-%CDc(eyWlJ*?z6MvEzJ8=_E!H
zfRgt`N@sq)3jMLuRN9&OdzADl0&SAQ>I?l)SeRPAwzK_8br96&JjKcKEaI!zK2uPP
zbF~`;L4=h}JK6OadCBzc4<OqF&8DcmokE-)t#}*g{a?+gsKAoK`%C`3|4n}IKjg3c
zZ}NM7`j`CbfIV)Lg9{^Psw>X}31%+E_A{A27SZMsh_a%t+27wsP@i`{@Q^3Fp8Fhk
zay!~|B6=}3L>lK)q!W4!MRh7^MnMCw!Wm^|K&P>Qd0wpqif<$})+77D0&|}q@03RG
zn8RTysH^DvU!_CyP*dJg=$#D(@Lt@{Lq9&Qugous-MJ%OLY@6a9QvZ!4Z#Raxs^kc
zbg;k4*EO}Z>}+fwJHbFYV^|2U+phXQM-1Q^K|w;|8m;)gQwGRpdOT54Rc7k><PFg<
zPG?0ON*_Q0dXE0>@7vyWhnF)3=&9$;k(0J^BApWLG7O;7>^tSZ2r()L0-a?yrD7s{
zCgH&;UX$KbLX<)_)Pc~ITFQA;-d5(?TBmj+8R)juku$~B^c9pxI3MF(PZ65ChEh=?
z(f3fgm~gX!N9<PVleu57Xb_y~&n#d;u4~Ax_suzSEN=~Rzka!M9N5wNuD^ePsR1d%
z{r)mc<n-nwYFj_1MoH;&L2<jO8y-r#(`-*2h&4Qta$?gqRz_b(4mSNQMH$v^GX~-}
zlBV1!6~>}^t(_dYBRv_UMqyhc^syUQ8!&&<m@e_RM1v$Ks${VsKv1izow=*IR|Uqm
zoisHW0QbFzlaq>~%BEAZW=VcsU4F^lLw(uNd?m!OW6pWY7OZSI-<L8z2l_f+r6jpC
zF$)A&7v?K^`AC~<YT`$=TRrXrOR{03a>*p<k0X?`WCs$BH{8>D&q`Ss8v!z<cbEpS
zyHO34Ra;-ZlH5uHpFZX?GTARtwDb&9H8pzP-tSsjkwNW;<N+YFjW|=T46i~M<(^yR
zh~F7sK3z#I&xqD3V!Vv&;bc`n`BBn4)&th4iA^mJZZsA6RI_Xm5Y)iz(5P)4<Cplk
zl>&>=S%4fe_%bo!hBc<=jjD^AGZGb6r}C+=gdQ3OV^+@{*t8W0{sGE4aGv7R9|C&6
zN%~XbldW%V<!pgS5h2x6-$0gKH`F{(Q<{iZjSgT?Z(NX72imtM<<szvaNiqNTPyqM
z#|77zmsMGyI{0b3_wUV4q0IWq#V-i^PieE-DFiw1hF3nS^cn{D_T25XiF4u9R-IR%
z5XDgG-8}{DbE0J3TA2>@f1hTjqtG4IgSo)+b`qF9(r6mp&QIKwoPr>l@A{(?lnPXQ
z<PjB(IOc&+k>zFb2PzV@@IdH?4<FKkgZVFgwpLe7H!p(gKt$MS55S2bSHHOTV3s4(
zy>*uYT3{iQ09;dzQOzq9)QaWA7iV34BgB{_LIG0hQW&Y@1Fb4vceGXUx40J+s10~%
ztkjFwY61jPq?pIE5=^@<j~`b;oO>TY=b>wD)OCAf%2fOx^V9V^kevC_D8J#N73#&1
zeZQyA!G?T|JpUTfYRZTCbfjGyF<)}jeMY2^$o28CHT&89E$6M`rJ1w=jFu8(SH|!4
zR$bZ5BEJ*EJRvZWuN1J%PPR4*L^xYwz>_SNp~6in%>|^W2eNks>nSU10b9NZBG1F>
z>zV_&tu3v`K#bdZpX4oqw2X|ViqYZptnxL*BF-u+zfLZYd^<A2S;j1B2>HFZI6XDx
z3=HrAAt3?x5>0E34fR1(BfyB}Ei!UC5Nyb!?<3Q_sCwW*vB)yI`L0hs6gZGj4b00Y
zi}kGE%XET2;wtCAz_7)Z1IixZdLl7$hj>$3#P)oXNo;IZ&-;0@_;BC`?qvNPZRX@+
z=Ig}98!O0*(GFshX`SCC2C7mfew3X$!v*2M|7ATL!zgV7t?iTsueeDRX#8k<iTvjr
zjM#)!bhY8ebyPHT+Eb=IqQJ%x=<w0m<@!GDb(Wf%g|BQOBONXVgbu^ny6-&qn*3*l
zIx{e8d2IGdDXQCXRo0Da$<)0Z=&NSh$y>U%e^*4mUuasLE*qi__o5P*YGf|~eENC{
zWyeOc-~N)n=zo)6?;rA4{5Sc1IsYYpbrBpK^O?pC_&GZ3igv&DckT{catOsRh&c#{
zD;G;$T3R}=`b_#EEkDWYH||Nh$CBXqv&+F~N#&Q<@+u_bq>|B+W+aaLRX1_$4=|D=
zA;<2yKL00&+4)b{N0%=oQj*A(BkAHh@QVG(cvruyjQzOFWt{8aX%=Jo42_7e{PSn9
zi)w;O?BG?E|HX(70U`!tSjvK&&XSxCys8il)%lQ2r?HfyPYVeqWBJ=+mX%6hdi7`>
zn*qtW@CyGiyctO`o9Nx`L~vuE8iuX1qK0LKtJ4(UHtJ(BNFR??i(8UOQHL$5hp*6+
za^XOl0tKaMf6Nv$iHlJx_Dg?$x3$R&KJSwjZt0+e0s<=SY=U`3@~~O9Swc3V;*`~)
z&fM_5q}RmomC>~oiavdU)DntHW7G6D-r4644)0SyJhZfV<{Rs&6$TzW%bagX>~`Eb
zJ+5_M3WA9<b#zVqfN?%Rq85}red;N4LkXWV>-_l9)m2&JjfTpH(S*D|b^_(M4kKiq
zlHk~Ac{{_si<;gHnPZ{7p}ySWpQdmS4KAYZ;M63{Nc=yEm*=zhpT58w9jTV;2&^DL
zxUVX{%Clc9asGz3-Mt&T3jZysiCo0PN(N_CP%jQ294fs3c}r*3%Q8t32hI8rUxiEE
z<o(DC>l;UPpX2I0{TTv_K=JAdl1I?bZ%O3-Ketw6#h29XvQ?Co0nac(=gjglCT=ms
zl7XS&t5>h!X9u^=fn{p@{k2b{bA2lmq%b^PI6M=EwqOA}#{nmI<}NSVf+Fd=7u!a+
z_otOY=~;N99W0zw0;+GpGGo8+VVjBs-2_2xh+^16$G;k^FBZqjz>a#&RvW`tOF*Ak
z$5B<(ug|8?h<seG(cYz|H$L(NRD4eNCp%?NbG$1ncox-6qb~kQ$+e~rL*&#4ok1_8
z<)v1=qCeHlcIk~gCYYub`iZ`%{(<q^DLwTaappLf^ztYJUngt?t|k|b)h8oG1DRBg
z(5E1^yvmHRnjkQ0kdn|+ZxRVM-K2wXnYanzwr+S=+q7?c<npx$ZD>K4YYjaV0lB41
zy6pwy<RNkkT|z3dJ;yA*m{Wyp04k{uzYWb54}>()Uq1OR_A}>>_uZ$T$F;`w4zttA
z%2{n+Z+^m=p=2j#kdVLH-QK8~_nRpE`bu!o0dBF%{jtB|pv&(u#obN-80vJMof9|2
z7FqH}_Ih2_-NYl{eg>*T`VQ|S&jrPN<5{!`B0#RKVg{ylX^o4N{a>(=!KT0X^S^I}
z>zp;~YHlkubo(tD8F>L$ISmy<4u*$F_p)-7Q7h`E9VVS$8_U?WBlNf^Ukq8_#El61
zR{AeCeB(+s^Fc;t9ud50`Za~v@TtLmso8Si_(*ZdBPgXJ^Ml~x@xsU6D<{(=NyEfq
zE7nIJ%aG+b;d^hY3(++SN_;{B(*DS(7&L73C>);NG@iL`d>e;mF?~%<mk;ICtdSHb
zHmr$6A2VK2a*B*8#q1Q-DmMQ9wmJ7i1>u%^f%<c_!41D{BLyKp68~dS+|^jWT~Z@?
zU9bt)hn%qw-I~Ep!ZPk%AS}ytQ#DeZqsU(4ALQ~_#?dK+F!>@|;yhW)w5Wm{Xlv|h
zB%`~Mg?fevh0&BVp>f`nll&`kK1PY+^n#e<JvF=eEl`N&A|{8NZUl6*B_foZH<U3T
z;+MUg?WCpxPJQ`R_$d*EjdV|B5R^|dlpkLGeJbPVqz+>?bk${Mft)ldvk+gcf4kt_
zv!F{Uk*hPx>t6gacDC<7>0$fG3^QDsJnZHrsZ+OtH{f@I&e&%Y&G{y$V;{Dd?G_ev
z#4PK%PNJJ~I0}m2YHD(_m*9*Pqc|ZWp~%7zhB-ODYg;s2tkvOMzhRmh0#|diD!vhX
zlq?Q8{4!qCoK+_jiF8GIN<?Q)`rXZFT<7GBC=}DF0MoOY?=Shw{x|vc{~>?*f0I9G
z<6rW3V#C3`b4o96k@UJM3CH1h<lF{P#?<*--L?8_ri0%i<a=g?>N*U;6_;lr19p@T
zs6Cyg7KT7eKg@#}(T*Fadvp;6mfJ{2A$)Pd3?ud|6vCm|ph&%b%Tev%<%3(D!l-Uz
zOCFCM<FuMT_Nhp@gjS2xndDbwAfHdDM1zs6L^r~NT!!tD+%x)faZdj@e$J+cxt}OF
z=gVcKG*3`ofs|%2vC%P?a1`foXJ85kKdH2C-4hYyI*m{&e-%VzE?u6x4P3m)kxTbs
z{=VI5(`3F5`mV@c9-8DWpSoT-GyTdZbize&xm%|BSRDK1bTUcby}?Oklp%q^ar#QM
zOQk6bO4=lLPY`ZpRsp*y*E-135B@991@D)nr>9{ohv8<0B&{5=WQ?99k3=!bp5Ev3
zWu9kZhKnB?(pQP0S10SB$cVL$R49;n_E;A8Xnni?eER?r)0(2y_0QB-MEqc7$A7E!
zBQ_XR;ay-(uld!(M<gWyn`jBGkcU1^kyu`|m-WF`2(wyJ<`1Fp&mvJx={LIcyXMri
zWS{HaVZKZs;G3YF{uU|A`-_X_wM@Z$%y|u_G+Rw-=*TMm@MmW!cy0w{JJ%^;gC_n$
zv&(p#yzrL76v|;4(!<yNs4=S`+nQ-TJz8=j(k^hwgGbMeQh5QJ?BB7$D{Kh2{M}`;
z_lfaEWRu+Z%Bt7MY*9Ez+$@L-6Z5rCaze$!^BZSjn4j?P_fip2O9z|9yzt2>IZdM&
zgy>G~t0d@S_%`{JoqB=r1oKEsN>_E*Vsk%Ljl}4<kx=>7?$j{^L(4wxY_9vQOiL4{
z@&zboV04V5S#M<YgMWbF$ePlJ!F&feWK9K|yFYbVqCHa5Y_F{AYtlk>eYV#r*xSSz
z7`^qyjZLajEpR>efMlO2E4YO|^UHcP%9r|t+OG!`k>1WU>4nr@?WQVoDt+OSYC_!g
zSxG3O@AXy>5uz^jFPM=DU=EG74?USC4fa<kCDuSuGj7nfv@KzdnEsJ_UOtGOTzPu6
zL?m(~6Z1o=K$w{4LI-6N#Ja}-dYvO93^pHA9t6{un`09GVeV0ibJCFPz6)+SN}>%Q
zaL-Ek1`WYH>!MVq1uGJzw+we44Gnj?TgJ-?_qkcducR&)B&r?rq|k?D4$nmtB!|R&
zwv6;*t@hqWq!+*kmlCVdjd4erEOxc=Q4=@JM?x<W3-G+@F|c)&!$kW9OZ%oHVnjO|
zYn_5WvChsUe2{MW6QH@tp>?A~ZJjA2wEC$lX>T=iF=;QY0|~78I$guoy5wa|J_!X)
z>COp>X6qGW_)M!fDShtX<l&HUI}?07c_UL}PCNO$vJj)9v>5R^{p2r<O*R^b%J}n;
z!pNQ<$YV}G#_wBE7&k@Z{M+8l%@1P}vI5Szm8s*Y2M>|GudXZ*v%5!AXFSeGCpriG
zD%V@wOwPBQzRMEXtw||g<<rESC&&(8dXZWtpq4&xG#iw9CS35N?zgwdTUwvppc~hM
zf|<Wt#nBIHzo10pF2SkcvP?{pkC*zC#g1!L_9wpgbfBL_0UDy6OZGw-l@hm=Yb*Yb
zlF>`RE=K47!v90ijoTd+Bzfc%3*FMe!qv^i(#-y!PaVx|vC#RrsJW>B`AkfVQ`_6g
zl2hHx`tM&ZmJV*zJiv{boSK%dj_xk+EM0-SymoYO`+LDn&Hwi{2?<U;HFI0bcYnY5
z#vXVmH!n5t@%Lf>T;=1T20s3CPjwf^cUqQihMekhuQ|0Xz1;qD7n%QD$o}WzjWIRw
zkE&W)yf>3^^fCk<%0<mD%+JBgLoLL|%^}QVOwB0^JPF|Gxl;3S|MQ&`TpZn<{(b)c
zT;bH>)OIm*aCQ3obG-BB{7e3h|4n{_f5>0<-{g--{g?bTK!sOUi&M_h<NZ5JO$8a?
zNot#!y8_=x%gx38o!ft2F;{9{35oyTtNZu){rl>^e*eME(uMQ&2QxQIIm>sB7M7eU
zmJZf#Hq=7GTz?<+@9)Mdt3r3lVMYqqH!jKlrvj(u+^5EuH2IeZge98j33rp{ruDDp
zX=9?^G5g^A4@FbRe)UpDdPC@VDBfyqC1!24@m}X;)L|hb)TD2wW!&NTfxS6$2WX}A
zdfMn3sAc2S)i+Kmn}-ff4RPP{Q0kAA|Db<^6fFH_JfC`)D?M>IP9c?Z&{k~mr6(U%
z+`3>8+E^3gMV}WvS~!&Yvjuso=nz}_?>L35O)qazN@Mxdlkwu%?INT~-WyfxA}SO7
zyU(M*%|%r^eKab#jAn}{DnderJ5J_l3k8{p8KuQ+ILCCUZ1psA4Di#)^&0w9pCh@J
z1y4sPS2g_$7)v8{-kLsb+~R%RMX6%mm3ytMh8#DySzUZ$(|UeB*)XEblPA;gG8yvw
zJD&d4?c}IZp-MCEg|2N~G%FB#L6J8Z)a<4x@M*0(g|s9s<=1(K;oPV}5BY$Nlhu-q
zki5_g`_{U=T{12OLXptRR@@Ddh{?n^3kqTvjK<yNG%wKJ4p~<)7VQksV-r^9)l`n$
zs~^eSu~!#FvaE!as9iA0M_VY_RZa37Pr5ld6pxF?-5<4(Pqzi~DT(s>Y5u?~R&^2K
zPFVf*Nba8etNV!Ewj%#cUALq#-3$Y>dyva0_r{4-I{({>7nLPqCiAen?f2+Wh~_s;
zIQefiM8t8zE`BSeM8wLGpk~RgEn~dodR>%}Ug0#(6K#C#d2sd2MG8;0V6KESYU)Yi
zfhZb3GtA#(`nF7)%hLblOD?u*(LQ<Rt`IwcP?iGB4=iU48$4-EfnPUj@7b<p622rF
zeb9chPP%{gaB~=PTD6Uj)i>vG_-S$CqaNy4PYgq89#K5+L36D1-^H}<8ZisUXa4wR
z5Cf~e(y%Fi=$RQ=GDgyCjPXVIk4b^Vv*Vm8PFfPgpxt-3+Zr>+N?uM>T<ULx2qR#D
z^bx8gYIi?h$GnQ$$5&XXo3mV-su!tBCJuA1r>Y>v?PXs)KofujLsqnSaXaNdR~v9B
z2Z$4sgb)$&43}U`yFrOs!j5egd8Jmea3A=w$_baHU9Q0}Of%%9eF?WBb}>~c?)U%{
z+CXCy-h{*2a7-p{N;vBKY=3xs`cYMqR@vgGtQw}Qv+a$X305KG0J3P_pOn?5m#h(C
z2$cdKw+7Rgt;i$`ymNJhh{ZGxIDb}rp!h!{@-M&sJ&6B7<o}C2PAzwHx4+2zhjg6a
z_ZGmhEWpFVsc8A$+QyBVPe2er)dxoxEhn>gmj53*IAz|uxvE>b$U53PIXe91tPtlL
zfM_mGj(^!eZDsbs)spl7jtg!+VPPJj|0c$vFRHeVe#)O`s6OxW{_)<d@$4@hOVZL&
z24kgh;hij3{P-+nN@`)c2t^b;df@uoM2&<jq(1UeCD4t3oSjD9FoANB-N$X%RmG0)
z&bQi$mHVvLj`ovQ97r2AWHZVqf%9A*HaP#OeKTvgEjVa`sZfpq64{c5=gV^7V>`F7
zIof%nys|@J?}K1jK}*;MEemHWK_2tR9lRfp{G{^#@O4hnm2}(NPdc`3vy+Z(+qP}n
z?%1}ij&0jcI<}pB`+fi4xi~jxjD4{$YSi9UtLiuBnrp7-p#h^c52pR%ggO(ruL!tD
zBtB-Uz1>4iyh%&B&Dn_Hm;Nc$Sn7Ebn1!$;-MmYN>qiME5l1Mn??<sHltPAw?f!58
z_;|qTiv5s<N;9o^*_wsaiLa|XT#ofoVzZR9?NS$L#6|NPJhtJ0To`MAyg8w8#2M`R
zhx`NooBUe;lE31=$sZ&2AM!))0Rbt%xA@}L&WVs+I|NGj`30)|te<YIid9@cR`(qG
z<2>77yjtY0++#2NvrCD(_`r@j#d*FPnm0-@$>GO*l7mExgF`9<728?;;`AOX-6^Lj
z7K=;UZH~oDn!nC9*YB+#P%920Oem>m%Uj5HHyh3Z7bU8JF@+ybB%Q7Uib<98Nf9d}
z1(|gVl(}2s!RNvL1L1WGX=xMeu~Tua=faAQp87{wKq|Ydu1ZGG8qc?b6<TI=vU4X?
z`^;w<+_{R4<mc-&N8AshGU9-n8aOCRc*#Izy)bH)Re{!K9e1P5ceQ8bZk%=_JYSwN
zL#npgp7U*-;kuY1(4WZm#2oHNY^yis#;CRaxt>|-)I)x?I$#u6gzdcb>o$`O%ELVE
zr8-cJFV&X2ujspv_?7MXqc*VeWQK)tu!)K6i6GXT`y{JrW7Us<%t}xElOWk9M)D16
zBl=Fu6=}Ee0=e!Cz3J+R8L*lD+K^|h8|{J|&pTyH+caB?&oR@jA=}!F+5E5tP}Tmt
z?A>KAJ<|Z6B6d}><f;{6o0)N(C16}*J<NK8;OIoxxgfuUeXE|I_MzAPh*Ma6!qUU6
zbfDQ7lVweWrz-8v*nUjO?~qZu5?5EL$6>qCa<QwB0ZJfoJg(?aJH)eOv_uC{6npep
z*9yDNez4Nh^4nZy`jbhYHk21XRg}0;m00%!B5t73;76hX4s6(trB=;H$Uy8uQSwTI
zS!HOJDIPm-(X#StL!|AdWxR6*n73+It(9OPC=@cO>kr^_VAkx31X&f$W7~=l*&d`b
zgGNiD#H{u)Yt7Um9qcAzwQ$#=UaD7r98lCBrDZ$=$I3zEtIY?9^*h|zDg>nl5pf<V
zPi-m>YEU`D>dA=G428JT$tBo7#+WkVX|mQ8Koh@WR2)~*`@6o9A&50&hY)b>r8bI>
zTBQ~qNqm>Oo^Bzg-F%7;o<e{^G)mJ28WVbb+YBWqZ|*Mbs(xT&EjglQYqD&0M1O$8
z`n&_o<H@RVx>bLoGgnfq57C~TE={Pr&@63nx^%r+&%hhZXZ5ek#o*v4ODH&A$vfI|
z)u>L^=vAMrRvgY%@6V4_sYFgEEJu$dMS)76&%tx-r#wDjn@}uH7+-3_dcVEOSpMF;
zdqw4WWhsR9_GIR1=Xj*SVwnJYV1lkFQ?eiPy2OYwTdY`9&g>O<oln|7N4VN?fg1IE
zco|EMx9BNLz~JLus0&YF;ikw(>m@v;uv4qO<{`9Q8a0tGKiwWO)0Qb!>@QF%cWl?$
z>Ck&oz8ol>$z1nbGu~WligK4*#(8@>^LXSRs8x{)p2Eqi3v^P`xxPG}>B&D}MP(e_
zWvt+<QGJReC;jKWF*GaV$xkBPlP^I6NACO*Ed$$;e<Cng3g^qmM3`QJ%oHhf+-12>
z!;)P8L1r_@V>8ESs|uDaRFdQkk-k)L%JL_(=B?E+G*1IOm_KlO4aYU2kvd?-*qfYL
zh~g5(>=vHGl1M32`pt{=w5z)qVgUPe{~e*N_)@jm<hNx}tmSs$!IO&l)Lz<ltTWa7
z%NAxcPOl;8lLQ*5F7Ci;(Ssw&aTMUWcQ$e@E^DW+uH&k`8~?b|5o#%Dy$Hzl{kVO5
zxa%L+X;Vr)xEFmBJ4$HCsMI9?b+i7Lx%S5pQ-y=|-O*sQNo|=Z$+P2VdX}#2n8gGw
z4t|b$T5ElQX(mqgTCD4+M!SdJ^hbk}`^3k1&{+x+S=57=T#iVwa&AFUDf$z_?`gJY
z>Be%h&loCVVmKk)*?XL;Lxdn9_)&BpA{}?-a@4PYJ26x#YoYZcbk&Y`(Q!*oPEXN}
zcZ%T}*~SPh*{K@iWalsnWkYwh@5j-k;r5vFzWTPSJ`dk)DI|-a0kzbG#?0huMhshC
zO`VQrN2lsmU%}-IN6%Y*hs)8;`Sx}lz<vLR{IJjeQ>9t^U-Fm#H~AC4|3iNAR3M<o
zKORymFU_aPVX--&IWkmsxChJa?&_=u!J@Av2>*nrz`+;=7eNMr%^GzUcf~coi)eYM
zH2DWC{kd?i8cg~<dD#clXUsE9pT%GHY_+eh6QhZ@Yi4IeiQ~X4s9m1wiv_WjHW-OC
z-Kvrpzhr_C#UaOZgq7vWH4>k&%P;->jo$x~VO=vM_d>~DI`#Z2*IUbXx(o}V=2iPs
z99xD`<|R#_dmobjyi&g<R?zWXAeO&e)Gh;?fd<MiEl{p3xG6)CZ;2iQqQf+^bFIec
zAR{+*{RZ$SXN1-&NT|&5d5$ixCYaW29sc7S4flH*n`>}3s=a`WlKX1MRbsR4+u8T@
zX|f+XeD%Tkhe}NOF%&QpE^PD+kLL$-W8I~-;Hw-TFI#i|czpq>zoi$%@b?S_vU9;=
zO7MdtC$QJ|>hM(`mUq$|%$wU=9L#GYp&ln)mkxLSgC+~cT@427PfhTqi&Sx=S=v&i
zpQ(-ItuDt<gJ&7<Lprp>y&0j?^ct|s*F0nNc2VK<f)f}Ikxx0w$)4bLyIXS<)vfKv
zXN!^5W{inVI|p{Y(i4=@5)*z;7q1QmVo^+BSY*n>J#m`pDLZ$c&pV%oamKr^+_2i}
z+Q<rp-u-93+8kj5m5vKx|Mzx}l;x|*qBc{>!(*yFV0n`yd50a&I0s3{QIdtPp#_PO
zZM}aon%Zu?b~ij5=x*46)ZRrN;TWQ0Db`d&>u%{QdOltnIxayaPkc})C4&qbb3;4~
zh(b^h@O(dstgMm<KQ>)R(pB3-9g9l$<)ghKNMp}6jF7%aEf79^fYt0L9~dORKk%GR
zw-9vC-ZS(SdCI_QqJefN{k)UHA5zz_VG|lL#)X{7HB52t6ZpRQ8_U;4No^M?JLz}3
zFZR=j+Ad=iT->}pR!{Hkbj0lJXwl<9(b3mU-sxfZGLvQ^CJ7OYM-HWwof@rTV;*Xq
z@AE1wXPcKvOOMy%_-~bHlNGj7h!$tqGPCnmTE<?o)9zebaLUPG)k!cw_TfpV_^j~I
zTbR4E>=8W%&3P+5`5@Lx`K)aPyTb&^LJTiKT7Q<BFJGgtNW=O17QxMSr|4jw#U<ZY
zFDqW@3Gl$q__-@6t_eeaocIT~d0{^)yT;cy)2C)dWzDTk15;O8YKi&1UzAFv4@IOx
zcYlAiRS=mJhGwr)&Pz2yTk3VXf7#_ilA5v<7FTy|&=Y_9`(HaO34&ja%Mc_0UPI7`
zY{8CDT{4Y9MvUL(_9beO^JM#*RGt~o@eA38blG>hKG3?Kj!CNM(W@xqPzB3ik=tsZ
zcpFk1c0BJ-Va>_!^xb|}e^WDb)<??m35``quh%3@6sG`V`Utfo&3k|<l1me*+Z8B_
zXX*RNG_gZmq_*VZ?H%_W9$xrx>Pb0}k9K?Kr3l|P6Li)MTk%y{@QAeYqvWBI7AsLN
zw|c91&zZUC&EEQ34BV_6(a~(q&UCScl)qG$$V^R1moF(}qs$a(Va_dEZaD^EjnL@b
zT9IE{{uwF8p8$6#=yM*I6l&#l9bC{YW~?aUGosRSgG#Qj@zi}TYi9T*?k2g$O5ak&
z)KkU6*(|%n2<$khEax{aT7OqbS#vc`W8-u;;{ZEqcZL~1Zy$i`q2nftbzE@P-M(yq
zcK-V)hsrC~+=OH&G^T$1EoXU}2+HO7;;uVo`*is#{%jaO_nt*Bk^(njYL&#@wnuyr
zYKd0VrnT&@RaC?DaOtEdiw{rrXz91zW#%7y=+Bo{3!URCy%!T4NoTE@7hhE&&T^+d
zsOaJ)JP(sgY}H$VTexN$HIjn{IY`aLrWl2f#B3jA%M9?<L0ZPB4H}#`O-}GjN`QkH
z{c<y`_e1g@FJl|4m9(VD!{SYFqHGwkzjRDz$~JFt|0Gu87pR=gu+&ujM;doIJP9@b
zkRS1XlV9gw@|XQL`O_Q!L;l`JARwFJd=Px916v7Y`GgTXBQay`3}dQGM!INyMdeyz
zRgM!X{T=0b-;JL&*WbQ$i1u_XRW&_M`T;^qdb7lG%hg!Y<9S^=(lz;N6Z=e(frwNq
ztRgeh4bw~4xjmS8ncrWpu>lGmo1PBywl<FVI=C71=?{GHjow8Puj*@GMo>W{dymfb
zU3wG`3nFg56-S`9pNs4_ZrlxecO4B_&5Y-&NcwY?9Qg{Ja)j<|VF$qZ{yMlxpWgU>
zYT_J(u6s=A9kHhmt_&I%2l?K^M;~Oh?`BogdUve^h|rq@m#<WbhXQ-OTbtWn>~afZ
z+IdRj+Z2dRnOhD7Y=?E~?0@sV9YUhS4(Fe5+%HWVcV@1A_(`2HI$%f<9pNKFuMZH`
zr;hB!DfQV}R&?oBK7VxQI(hi^>p#sgbkVo!z(a>!9P-}Z?nLtzvwa1QTv~;ol4nbz
zcX6V3X_{`GrIMd4<?()I4IGB6pEx9M`UDzyv1fhLp>*gyeBjHj_-xwdHn8KPKfP;`
zo#z>U;M1|0JBqWPgbOd~;^)d?P9Z?QUhX|^O&o$>7&>wGUN@(%JTs}j$Htsq8U9(H
zka_*RbX#UVtB_ta!@=`h$8~Xd%T4VNqx<t21ML4MLDTtaBV{SX&S#7#2_qHcExs1#
zdLpe}&m1kT!Qn3D52u`}(dyt!qy|ya4}Y6$e%k2S5NJQf(w!6NSYBegK1vzJxnTUE
z<(ET$G%vX{Y|#B#D9RdZ5J+1by;H(U82$Dj)jt#{B&~SKvr_)dJw@F1o6&e{V~u5i
zE&XAJTGmh1^<$Cyj$eGLuP$`JEE7TO&xMP`dlWes>H9Z3=`&2LV@6Zs*@|_b2my2w
zlO;N%1sa1T8iPe@-HFPtbJhJc0iINaMxdY4nnTj-LxWt+IwS;_m_tQMq3Gyaj-v+4
z)%uH+`tmad^VF+xO0XQXZ!9MRdGS%MqSgJ?j_S@dWkSp_WveGMuoj%fuo<su7~{Vb
zD8>gE(6HMk<)wQvmhwU)f4&K+m_wRC3YEPnk)<k8tfxh3K!8*Nc^6gW$3qyElbio#
zI!|G+OS@^Hpk1QcFl1-wMD<iG&CB^YB(~ZNXwLj6y4EXUGXJtFf=(-u>|l;uSIdRH
zdXPP1Yl2(mavAQO*V<YQ(w&!BC6=47k5pkwk>C-TrPX<3ZZ5SDH#2|BJ6;n^-Gvo(
zsFcHOYIQLhyrd?*n9x`%)OfUNNw3M#ph*?ugBKjUsATEV@}`F)z~F7p+!9~>H9t-g
zD$$=Y@=IjBI6~)uEb)sgsJE22IQK2Z?@F(kt<F-<eycm~&8M%~OX!Rbp=u3H`5D6G
z{4=n$P0pnOXUPUE%z<ZQOceeA{Kv)c<Aw0VSV{F|kH4p-mDeY|pl-a7jbGRIghDOC
zYuo+IeK$8b?{ZJUla&0SwY1m?|H-}6!BM#yi$|kmE!9mU(Kn$D*Z)nyL2WSE>di}_
z(~877mL%Dgq1Td}($VnH-1tZ@+{IU4%hG6CbgR;2>RWZNGEHe4MI-YpD*l?vEd(0P
zZ;K7_s4EYI$eM(&B}=g@N35aNSBTZ)uvjzckW|Xzx9Gw$WQW^uw0Kap2qc7y!1s83
zIfTf=S5q2Ha7*{q;7k5GE!A%CNo05psu&<hvhl06e$S<T`Yu1a5yPe2_!1cUa+6f`
z`>Rl>7IV;Se#~m~PkaTC_G@gH!Rlys=5U^a-Y}WMQisw|$KOpM)3835$WjUP28W{2
zilYAf*#1;BO8xMAJ`t!{uD*<A8|L+Q!fF$8>r}=zccBJKsRCBmGKWEw_3uE$imYfV
zUFbD-M8*kyCBIi5s#J+jV1t$*<ZXJQZs4;3jP2*BR(v(t-Nw^H&ZR-0iu8YxANOK5
zfO{=dwVs-$ESRn`kfuBUY})(}`BDEj`E~y#f9ZddKiBL(<d?Ap0{WTvCzzo^#3@5L
zpD${8C^~1a_Q`t<d0hBXW6EZ`;nMl&r?n@CG_`@WC7)dBo8!v_Nb@hzWJvfz<Uk1(
zo{pt1h^4L?MEQ*$mQl}nXX(6Tl9kBC(f|K{%j8{b2e^5ZQge*lUFMz4hubdZ*jC@k
zCO3Juvm*Uy5$ixM7TRtToi@NBf<MgI#>?RS1WnZK@pS<xAOn=OBL4q*t|Jc*lMj<s
zGFo42cr0XFq=ov&r<&hFho`4q10~edj(k7%)&}0sWAQhM{%`ceXNMC<p0BHSk`j|A
z#pTG;oJ~Bw`aV0<Mj$9^qyNpJ0Ap-!Wcs!~%TIyB<Rj}kOrFT=ZI4h|VkiC2ROg?c
zHaGIU8eX-h$AFNMeL8GmJiT~e`N5>57EnHRn_Rp$^h$->xlq)oq{eoL_%p7qoso~t
z32!7bnyYVlI#~6ZIV*Hkjrqe2-p_B!;yIuN<JeCBa@%E(H*btt^^6C@K`Bv<ZS`*R
z<AM|}agHGKCa89_gmI&K;^@e)^l+8=(#1_+da4CW3Xt$2gu9u{pR0-0$iVKj@`l1g
z%ETk(w{c*Fk6kmLhGr=U!q5HSeBwRW-d^{2|1ow__sh-bcs|^15ast)(rYC!N4Q`d
zh>@R&I7Mg=?W+a6SYA-N9a*<q_Gh(pQv<V7TrM6y`Uh}?(SUKq2&B`^ZS*3L7u42n
zR<)UfG;AM3eTQ!|Ic7|CNRSl@Nv2~8hMBj|H1o2WQK?O-pPX7|X&4SXul^TEM@<X@
z(o;W&oi_c;-`}NPW?oDs+iicRxc43}z*da>d*oC^PUrg{!We@AcbK`(iCiS5vbJ<!
zV2X@#G&c(s<K()LnXkCGJjTlPbD5EN>8-l>vVT#vs(KO!>&(f?2^tETbZ}%-Q%7Al
z%lFP)$3M5FriA#w(b7<GGJAtYNX_$BmZVnnfxow@zW(CMT4d0?tn%)mXmChaN4Ce^
z$pif-&fBIx=t(GIm#Y)-HBA)LePdI?cl0Q$%c)^PcwAmm(M$0nDJB?E%Sy^_K+EuI
zIu*4BDcK-kEAqIw)S+>)5XvBDtGSB_JYF7%bSUEq_`rxLxIOyM6VW>Aq#a7dBik))
z!r^UA9nix|($3ngtk^chp}|rAEMuWBSn@#o{^(%ry8Y?P!`V0>6S5(@TwZ<>*`M^%
zg-q7M5S=Ja`Nx;dLoF$+!f==vPP&?sg4){5y*n8A1M~W*MM!LP_WZP<DQMTv*EO&1
z9?Qzf3M|^`Bed+jh!^d4Ih!3>uDAWK;_mtewh8hPqj35YCAJ%0`b1<Ly8QmvgAoTG
zADydZbq+$)fpKyCs;1b#+uN97ID&O<SU*6X1q0U49Bt|7PDDvD)6884K!hdz0}#I)
zF@8=VTJ|zyN6gOmD|=ZL*2NK$fbdX2bOdDsb|jpqLC&*=2(dNoHdIj352LC-Y*a?s
z>6lMi8Ct9BXuREg{lu}FsDiD~nYHw>fjW<Y5!04tX5f9gx<s?aH*EY|5QK(8{)V}w
zljfu$9o17+<o_kOUTm!0xjR@lo9E@GdTvECFc8?zsd==mYCt3%0SSYS_Lm=iA8H?&
z8VnIV5DGp6$LidYCNSvZR4&W^Z_J;P%RnHc@lEaQ8Ie#D?Uz^2un=%n)g*qDGH8yy
zd;!9>?JHN%tlPQ1hbGj)v&g%GuWk5(Cl3<DWkTR0AknMyOIqs5kRJm=J_^Uvf@YRq
zatoZojdu;iSQcX!RnC){+37KPY@C|}s3)nZi4h*P4{kvvC<jJ)!^vNCbh7X|IzJKV
zti$R_gg%RhUeoFc`Cy#26_X&C;_;15wKIG-eC*^w$Q?^tD=2A(M?`}{1XRi~P>3Kt
zz+7?K=TUG^AZU6?j%Tu$=9aCkEd0%O=_Yk`H8HV~{~<sB|0ciQzvM6ZZ}J!8{D=I|
z89+do=*aFwoQ{Uph)BHjY)o(7pvLnx83v0lCurp4qSpT1IWd0+)m!nTstT%{8OV^n
zCa1c8zhU^~A*3vAPnT3R)zuM}wsgP^?3Fno8G!g??;8@|IWk(LD)ySogLhcj=TV$#
zyX*U3pNs-g%NT1Q?GdR9W54x^P=4kC;m`oOeDP8cHb8jAG|6aa;G+0x$c8+Qi3fJ!
zUW$s?3BCfnFih?8_*jX!L&*r|gF3Td-9gsiRY41S=T1`<MMK~0(X2O#a{GNr9P=-e
z1hQj5tSMF@?FJC0WSZ5>W%lf0Xu)ommX-64ix-V4r8iSN&P9~<lmcK>g>=9yU{@O}
z3P8X5y4&53OA-paMLnrMQZfX$fLft>FRBp$d7SmobUNx|Oj=o8XI52t1QKUdIAnh8
zm;}k7F{qXd919wn2#C+tISNTrtwvo=QE+Qk74u)zza}KaM1L(UD;DPPa89o8?A=@(
zoA?e+pN6`9QqWBaS+L#85XbNC8R6iZQ&Uazdw2O;LfX=MYFGX)DcIP+sh|}rnUXWi
z9ZyO}&xD5IzMq+k$Mw|50~2E!uDCK9m^vC}g|?q<J)&`G(FBt((w1i935$e~k`78r
zL7VT4gG*$?!LTwe3R!?mMR-1)z2r3~hlIx=zVNV79P9>s&Mto>QJtL_jdUZUp~*`A
z4ynlFu#YYaAMJWX1AjxYM`DM}prIO*l87iRCST~rf<dmOq~Sb}5GWIS1>v)@EGy&`
zN_x60;wPAGN-l0I3;%_j6Z`@b3hw#jx~%M*+g(ydh=Y0}<-k*2RAjIJ{k7M(y<fmB
zBElh$<A}CSj<S=Md+WTiG{^XBwz7g&U{h2A(7t_n?gVav(JG-SIlnYi{)^9R2jg8?
zC8^#o2^FpPw71?!EFWB1kSe<WCnNFVz!uy&<oLi<;1BkkPTtUmgGwW@%Zn<3@+LM+
z1?#}hT}yX<35DtPaokEM1#!n+r`57D!myz(KQ}b6!n8EVxJ(zU_v7>0Z(H*sgwnn+
zLhYugNXYD4d!ZW0gpldLAKs&Mve;OGu6;wq{em_>AEWL!RK4w|gS=Xtotp{@i6^II
zh~#y24%Y|8753=+6`TuGuC48c3wlMZ|Frn7$!H7LA#EJp><QUhyO~A(qf?N;t=U^K
zS`rE4)R!*?PoSuz5{eLi6K5<LIOvDuI$cCbq`<Pv7#kZU%HGdlh;4{>x0g|I*YkN<
z3w_ssdtqJXV6N=Ffb+alL^{O7v&lG5|K!}<%(_B?`*U)KUs>SSE$4x(16MS+o~Y*8
zP}DJHs=4<yRE{8!fPZ9chrWRU_)$asAAYip<@J}99>vGKqa(pf5OkqcV7dBVOjtNr
zu7B9(T4CV+2nPJ-f7so|hJ-{Xg1o=K*ImoAu%nNC+@N8u0&yTTwX`ZHS<c55@&UE;
z$9r&Ye!kp-F%@=KQ&0?6AjEF%pOvR~8@SK&s&mzm390)1aJfXrtD932ngIxLh`YxJ
zdwZeSvjjwL9Ue$t2E6m3wK4brec(Jk2VCC8l?4gua1ku9{q7E56f%ml*{xhZ_<oT;
z{zX3)+S=H&;Sj(lq;&}N^tA47>_s#lPWo(S*YbrR$jAnFBU^m4Bi9tP1olS5e+dA8
zB_DEdX`Qd8-Pggi#T6e?(K1|oUS&ee!hzjIVepNLOJV#qadB(L!aB>$WefmiQ=?FB
z#{BWs+*}{}RYgl{{(bsxw_A2rq3Gj-XJr-Do#VQW1M3~ot|A~XJ+k3+z1?+FnpOrm
z85Zr*oXmhR4NwOIR0~S-T?cxS4~Nojn-W3Nl;z_HwBSoQH8bl(;uitK#qVK{60Bd_
z-jVHE+G=c80`c<h?%7K0GN?Ge3}NKr(p+B&Q1grHH^_Bs>LSh>FUm8e4Xdd^zk@b!
zNQ@dC>!aiOhx{V{oBaC!lE3)B$zL(^AM#IT0doG3s6>#W^z8IMRx5NI99Y(v7bs|G
zWX4pt40HC_$U3y+T1<!l1b$d{q9oqkI+Fb2_3?&C<zRwAsgbeyDU+n%wPmx5y$Az{
zi?TA^hk;;2{<w%8arbtcdl#a+chC2{j(_Fd)GDK*P>7+Zf7pu&Zh|@I-C}~1_pkB$
z<??vBjtGnKcsQ@DiW4M=g?cKes%xa@#&U8outLtKCME-yJ2*KII~t-!{{l<6Jhc{y
zhLwH31xU<+2f%Zi8`(spc{7j!3;Ygsk%CbQPoxY}7!Lu5C;&9vf(eZ~Je(jYn~@E@
zURYNl!WTdYrKjgCE-zbK)If-lyk#>p@+Sw2j}8w<GQvSn>Y$;aeRy}7rykcq0;Bv*
z%Sc$ATR!m_=DD+`q&{zw8cU@kFRT!$j`sK|n~u-zo=3=s^NJvemR3?+9$<+05l9%z
zJ~=t*eriY@v*#@!0PGe?6Q1_eVm)|ognvaBam&yr;H$p5mVOQZwZa<<t8y4PL|sF}
z$*Fn0Q{7fi3pguqkp2K+%UElcr;9iHn>Q&cNM%2Wd|rMxG@ujF5jnAdy0n#Zz(Sqt
zBG@T@@5F=SllZds0E&Dl^miK~87XZzUWoIL(>OpXry(I=;0w>kmzx>o<fzEa4*w3E
zo)+1FoDf$tjc!W^pA;u<gneGAn1I4R!tOP{dILzlj7?_y=KA2r{ys!kHZ;sv(N4a4
zq}$0b$<I(zkH5dV6Xgalj*^8!yw@@KB6Y*>Wi_*)wW7yK^$vG#O0TmTqCnr=tEwac
zyoM4J3b?g{Ndt0YSJuYxX`)~S1hrAIu>a6J;frhQ$e2(dxFiCa999g%q&ZnQV&uJv
zIFWI~&QU+W`UQ==t(or(Ky?S%iWbn(OU?a;g8oUq>9S%$8woE`(T_>eC@6;Vt(#gJ
z1$2TIvGZ|~kZ}LTP7u`pkQNsDes^2p+{mE)IVpeY{r=ZiQ4ltg7nCg+=>#N4Fc)U-
z*s)>0PqLf}s!Z2{Z#LZD>3f=59hREN`pLDWa1t~szZ>S}ImE?@si}W%c&oE{I>uBB
zr!soa2GX-`Wo{dtU}FP2ACrkGF)`6cSN3Rp-rB~6BW)27s%lF?%EP<5;20B=i?RIp
z=+7`boY-csF8%^({fZlwv3S9i#`YqDzVduKp%V=#l}B4%Q4#b=8WRtm76}%B5EJ9F
z_i-_y+Pr(|Yi~~GNJzm+JSYQJFtD()Ahf~6zX%}$>}k~3jeF4|01g?btQ_BEkcv`b
zSu&vn%EYmPgL{leHK6m-vckl~+>NqbHQjYP0m(SGwi87Q#nO@GGCaMV8ytkhf_VZ`
zhkY+<ZxGf~gV+Evn~;K;TL{{JTfVl55NrMX>=FxuKt?vy4?MS^kj6vD4lh8~!mt3r
zrn0459ouDrb77&EgJ!Iu`P3O5ucI7=h+8zM_4M*6Ft)X^@K?*{WAzh#6Df1E`z#6U
z#GP-PI*xAHxRgf&^Obb;7Sd7iwM}WypqBI{g<7Eq)x(H^uS3#6Ov?8`GEnM+zKFBS
z-5xm%+Jq8JKsnIIaK(O-7+jmpsabAqHK(O}lCyB=3-clWrxK!7FGN0+3^OmRSPh8i
z4a7V@4{ry!%zIw%uO*N^;`d12=5pYjvyu>DI3QPA&s37okPHyr`&7?yVom65xP>JV
z*+A(gZQge&kt`9Tl9EvgWfTOq*XO-Im*?;HnI8=nMJjk-*t>3Fsd)<mMdL_wes9V0
z2#bI+ltH8eW*(gD8SLWgW#+vv@)54If`FBx6IDg!UP?SX8CbEdxa9aJz%-|yUp-P2
zVeanTOb(I<<G5T-Q;@MF^m!JJAr~@vP^tO8(OgfMV7+H!=%(^Oh@1lMu%4GuaTeI*
z>$9U0rZMq`h?}1qLAoqpS{}_T8~1W>P*^hZPVFD^OZ;#08~jWDqW>m;UC@8X4?+b5
zgkFwN*e|Ny{#r%L+}9b*%Um^#f3xa72}M3&Q8t2iVWU4c98?H1Xf!j3Ql$RFP^V5S
z4|%b7E!w70{KFYisgU9ch%=8#y4%SL3okr3a&yfc*(EFlZI7S!d6@ES@mFwbPyOu!
zqj$GIhy_(dd&b=ef*nfFvoJ~ha~{rZ(=TOWR-%|W!7V|l#?jfPrbVyzjjQ?2C4|p-
zd_Ytt@-Vlv@h|JZ`6FjH`$^N!z_qjuXS4I<ea9`Sxo?=1k`iq1!(&5=gDKt`{t`f)
zFd4V&56GAKc>Ms<*-v3-fHmsdO2AVh0(oX`H$E{%I=is+B-`V&L0wu|=%EDvi*Zrz
zohJX1UpTWNAy7tvQh(?E3r%4<Z+yFg2z5KZe$Zzqu=ApNz{_i$Ees`@Br*iSH}}$I
zN+ELIm3F#-SoHQKr-w5bcd~iu?^(sXUj$Bsd_!d+SlhyM6btc4I6F=PB0<ons$!Ph
zf!IhKLZH`-&ljg|Pk7x`?YBEtBLc!x_oI~wAh>q&xqk6bMgA~;0rka;{-QN=RD!?B
zA;MspE-6E}<9bMS89|53zj=rC8&ZR`;(A@We7EXOWCX<r+5RpeI9j*7>zO40RnN%v
zEX5N~s##V=kA%J}gGf$7?Nx<g?iv3keE&e}bVM@P+G!2HU*tmmOD`c2_d-8%F74@L
zve#jkJ3XT-=1vM&(^n;gS#O2t07xUs>|VW19g3XUW&1h}0ZQ4oIEIf${ePE;Y-N{a
z$aOTctSl;GVeex(2t@y_kBP_SMX#RR6t#}let)UBs&e)fRZl&3a%*2$PvTzC{=3!;
zIB;Fx%xG`l7zOpO9RO@;&bCKyLGNz(e4aNib3Xsp%x^1icE=9FzHJ0VUl5|i5XxzE
zbyYW)*Kh7o#GGbwecZfk4yP|w{_j|tI$y8Ht86WV>z!9Ze*W&}KX>^>0`<*Hhg|1Y
zJ#DF9BfHyOF7l;uKzi%NMN?*O1e-lxF5c#MEnj-0|90BxAu%bTsJ(Uc2l`~;Rohfe
zUR23-QA~@4k`9R}XyaK|?`UOAQL$mXFCVS1odV8T_%)*MdbEC%EbEFMx|#L6<?FlX
z->ciNCj8ogmVk-}2%UsSK*2!Y^dNw~cvMzWqZ|}|f0Xh83Kh`M-L=dVVqqh(S3Tc;
zhtm70Xght^5@sbe$Ozwd5O-`=T!TG>J2e0FS9tx9_Ovk+m-io88#C~Idb`n|Ssevx
zbqPzu#KFbC*cwd!iV;J&4g-C4aIBNj#Q~(SAg*+9n0QxV@btxxE|b&J+dVD5LA0s7
zyOG!a5~&zwZ=UNNTv~qyW|MQ0$<FllHeSwM6BobnJwunjOL$~Hxt?GK<C>FSmy$WK
zv+b(sYOFs#doMY67w7w#$v?mUX1ghCNpv3{XRYOU_)ShvUUfEZG2OpSrEkXoX1UoY
zn3=|z#=ZIpV-loLh#beHfx_Stl*9oI!TiY3;iLhij?;a>bvR+JEgM=1o4-fEC0ws3
zxxD^NUvE0KX)jf4skHF+0Q7NGX4aw>&MnMXv@^Dt4aiKo00pty+DR)uU%ebJ2NQ<R
zsWUYV7Hl;3wIq}32c~tbR*ld3l<)R42Bt2~7UP1SGjx-(K}}fH&)+T9ww}%ouGSW=
zuos=$-Je!br{6T0+1NT-8QOX|ntF`3I1@@zP6rE#<U`zW>+K;>H#CUfIo0$51-O~4
zd&f@gYxIxro(UP*JWx;wDhSUA4-&83<mfuFL(CUOC&yJe!oB{v;zK{mTVd2&;@r-U
zOa*k8+4TH4R_V_#Pr<8gVM-Ld8g5scAcly2bG1L1S%K}GjbAhpcrzVI(rdL8JRNMI
z%SuJIiWc~sbW=UHs7cpXk4n)^DUN-0t(|6upXhC=;S!u(HM!jWA;0ebCcojo<S+bh
z^8aD`5BXo$fPl=EjJ9h1KF?Qly)M;yJY_nTE-x;7p4R=m?x(&__MKADOM1s519CFX
z#*v!)d!>1;Xzq7$!K0xe!$<OOe@+2;)9(xESvIq%Xu}`mt?9Wa?bEy1r;CKN&1gzE
zba$3|8C_oY%*()Yj~M=0St&@tD2-MHiersX4<BfW)09YJh0Ye8lN)b$`_U>OUn%hR
zc)yJqV*~ZKQ4$Fz=;>JkAp;o#m8Ygyqx@vcO_l7EF|UhpFHX=_-@;<|smdxlG1uDU
zE19C`hq`i%bK;;#@D;b9TerbLgyULQv{K^PTKV_5#r(5Qn2+kjV5%%y-toyvc%7R%
zB>^@8L3$<w!$Q;0;tGi({OH$&0Vf~RpI=<I&|t7Qgh)5haJ5@EwG44xN+=|k+6*<-
zC_A>Bn(Lg!T_7+e#kh!#QkzmmFr%>f%V~nhLgFTFR?O5l^o39$ob_VsEIj3xj6Nwv
z{K&31X};aO>nsS?)>Q(tHaS<T>Kh+Mb<NE@eqY`!6+aN~MG^wRRq4=<jEi$y>fEt6
znBpy3SUJ7g3*l5#QtD^TCD?kzsJ-KhW{NlcPqmPX1?iHVBZ9fhg?|-YWG^(&*UBex
zp2?Um205n7lU^XY-9x+;C!$z_Foj}G``rvgIH>sLf(nBXCq0J)g?^cEvq&q-`!&Io
z`S?;YG9m}?1MDCOo%8=sF%e*t$i`M%RyH~}cREkDajA7qxCZvxX4mzoDlSe~cJqGp
zD-YBEAidFyK8x@9=4-k%*VplMUW6F`zTgCef6pPEz~|vMzEEs%OK0L;#;>J;8N|{;
zUS9u2*Pp+?zu(*2yGGXq*wDl76Lkysdf@8H*6-sWS6<~X)T{}F8`%wJEBj*0`lmNu
zl}>e&9p|sK5-q+d^_omw-Ne*Xr@cTE88}PZ;W#^R+#;mr25gPfU400C4<jE7-3>Y!
zZa4U3!FFpm4r*%49Tr^|r>7?rtuq$O5ZSjbd8X14atdZ;==#piq6%o>s)mLtY!xW`
z+I#$w$H5(@f$m`Za4_pwXbXNJz9t8tl9sn^%qGTeRs6@SeB(W=%?V{JLzCs%3a2+t
zyWKNUlt0(e^wZI`be4xfx?)vyKrJ4)_Qp@8DCEN|d4d`E#~%-6p29)L2>GuEF4l0N
zOKgk<>1+b&fe*2ksCjA1!^>6auVeRfvd^Vj0{Yj$b8bQA=c^Nc2kx6~ZM~g^x7f<k
z*hGO3+8DU#&QG!MRcX5>C)2-SL8Ni9u{oWaKina|V1sWK`}J1m(ltm=@yt+}bKR|`
zUMAD|S%3u2P`B*=dS<JDE+Yrl2j*21rp0DS0!s@NGbU`@EB$5_#E31Ye=w7PUayA~
z7dKaDH`lrLdEWXIi^c!A84%J3XurPQjsUtEy=xms<Z?b<{#sz35U_i{Wb%5nNE5rq
z6b+1byHel2+!|?VZ9HG`!6D#tgYI$JxIdiCJ-6Qs9E`;JecW0k9na|TtERv`N$HWE
zI#KbJ6$GM7a8Q;iMx>!L$IJ?n9@vA@f`^qfCjy7-sb&S<Qw%F>!*_v&+4dPlkmBa7
z1`g%-#Yj^x&e+;`TCbCvc*1UC2doD68T6)zTlVcU5IXXQNo*0%eLrMa{4P>L!H#k|
z+HKXQ3*#sBR0mcL2@NfnGbc~vU}Y^)rpCLVx7*p4M?e55QU6F{I8pWw@`(aJ8FV_H
zG<SXj=r5WX*?8OyLXjeyxUHdoe6%qElcAuX(9+Usj=A&C`|J#Fceg<YiIx-<@xG4K
zH8w8Hu0nP;5Q*gS;sBSQGM}mG`RD{tnlze&-?^H2$Wo(`fwvwDd5ez)1Si#Lrs<Wm
z@Z4P5uabXeu(Xezsl>-C#K$AnL$*4RK%jjV$VL;#C+lQqL5jN@8w>OM`^7eCwIELJ
z5ZoMwoUX51wp7|Css2NLga1u_qkqX?@ZaR`IR6j%i#CCP_PaG8VkjZJ1_igfygKrb
zyWNQpGv!x-BVa|9kBBQ_D&<2)&k8O!i(cHzlxczZu;wUpGc+yqw;yw<k6&I|86zAF
z-lvy~QYtkwF|*tKj*-H)UyXZub1UdgAgX3+v8taA3J2b<u8s*HE)`2FQZ*Aj4P0U4
z0%_ug&{{l6^S1UgYAB49sMj&^5^fb9=RXFA?@*ITrfW*3I)5|j<lq=ZLDXlH2q{&5
z9!#JmeZf0?-*w(92P9R7zJYo_eZF@j9=xM2<echsH2rqA)7$yGm~_jq6j+l8aOyle
zIEILbyhxTx(RBgszxx2a!4+h**AQPn8lS-%uIv0Yq~E{<qaayqXmYz`1oGO$jNqLE
z)l0kk>i@ZxddUhwsse|1Tg8qS$N^!&fl<S9f0F_e&t7T%@d}yc!LI6ui1~6)vO?|7
z@LFO)3U+voxwV@<@l1=@YU)Tg-13g@oC9asztFxM9gm8Nn<=}!sjju$73m2G2p&Vi
zLi!F4&)3^SFJa3ao-7_OtR62cUN8APpL4pvo&)X>hFu^yHSWLf!48-jOXadbGo1Aj
z=GVoKC#PCkTEKn)qeqb;N01_yt6)%~LMKbwSXo)w*_F<j>+8{?2bnEwZ{vpuUr5a#
zD|YKmn=?QQo7?!v-~{zuoE?sff(9w!mS?Oj30agbu`B|8q|4HLG6fDZ?}odpmZni*
z??1}gn-s$K0R;`z+Ep3-qGaN$Rxp&bCR_tLd6a>Jr6UlYCn7+Bm2MakqU~-4iyhF<
zWUlD*`@_g0sTeovbYu!pVg{Hhd$h*^zEr~)Gp0`*RxDZa_AJcx*&aWEi{HExcq5`?
ze{2PDK^%hIwD@%LKnd^f&nwEs;x?@SP0gl_VyGE|n1u#|_B?NQWS&R$D(ti**=?yy
zNQ6>QPy{7`gjt)KmQ+d+CQAyS1@`IJ_I$M;g28-#Y@b)&^FMq(we%D!NN{Q4Ky*cc
z?w+H&2-bEi4}vK;?K5aNxWwzO{tZv*U+g4go47}hUQe#25O~B{qSVpWhK9L!wXMCz
zL2C_$FATzTX6gxISrs~DoTbIiuW3hxhpGSb2b6!u3BjLrY--HasRQ~WEadZyv<ylJ
zx~(qJ=Xm<5o1`*e+>~*Bo^h9(7eD%E9|}$QUrBTb91Mhr00HDgLzD#lUgSjm`rEm<
za76N;_S(sBKs_dbIo-m;>%62vkA=C6WvF*H`Z1GbshQ8Wg<b+ja_uWr0vh^<dxVDv
zz|pbIP`+CX`m^0an~sNu3(nkf$lrTM+P(W}Iwm^SVn0f&=dSFnxA?8A(uKf_)n{+v
zBie3&>Ra=@EEF6$mm)6vrsgJ?4J6u>Q$p=%r2Ip-!2b6N+Y~`obpgD;=zwrSMc6x+
z2duob5=yA3vp={hF*+`n&+z2_W~rVpSz_dstzDpXOH-Ho-9>s&_cw3OY=fn}!!`&C
zpf!80tl)mkPLDc<hB&ie6n5inoVKESh>e(~8fa~2r{#~ac|cE)5(@(x4|Vc$BNv&o
zE!*n&J2;TEKwGCWw^CxEpas1gA=q;M2J|40jkN+@1>A+3%kxR>`S;Le0vvU6Ntq*$
zM0S33&8apG`?)mfAxiC0ls&-o5hb4PS9}qT6pU09(|ZCcbO?{<i@t1NE(QyIxE4BD
zul<DLN5k*Bc_H;nqMC6DtF9szjftzbCQsx3UlIT#cRM?q$LD7!c3j@v9WYHE9YpAm
zt*tFX9iS<~Rd@u1Ou_lCq#k!Gp!hCF2bZ4}*&9PizyCmso?%65S5?IqTcgD=l98a2
z*Z!%&rc_nZuXs*jNE=31q|quUffT#-c7c%#IhRN3U}nC>lv>qN(wjJ7kcqHSP330o
z=qkz2A-k}<#xIN%Rk#H4_{sAqO{N0+v1h<MTh@9s1|<Yz_U+9i`49PB|2O%K|0RF^
zf0Ms2_dn!ce*yxUPai{a!jlLQ6o7@CTSo*FG&U9z;t83DmPCnL9C{spMsQnELkCFy
zqT-^~xt#YNp>9s^Ul>a}CkYdKJbXU;Pe9$gRA-*!&_tbkYWY}lX|atXh0pNuF?-#V
zsqxP*CIvS&F~{8j5=yrnpXYm_+|O4zzi!9F$c~Q8=;+J(LNR`B94jgQdus5vucsCS
zho4jDl`!wa;Lu<vVq#+NNk9mKlEH%13FC*=CLBVFbNqUKc+9{0$Ic=PKkxQw{omKe
zy#b<EnwpHOe3Y#G!Ir3slz*w-Pk6S1fw4r0?9?9qxG~Cq;j88o^>Jxs`se#Uw%F1p
zN(jdtje(>{vV{}@O=+x2sB4ROnmSv1*ZIYHiKn?aQZqAffajnl=P|h(DqDECdJ7s$
zSnLVB=2@vXZLMfXQzUREvMR3EEMw~^HM@&7z8gCob-Um0@qZ&X>gb3rB>gFuGA|?(
z>9=aV%35jzSt(np<%FmKjJ1xkVw_%FA?69Nq9z}E){wQFj9g8*(BYBEfx`)g*Snr~
zxc}XcjB~vAhL-G#ZHEf?iSB(LjKw*iCK>CEL(p~;=2vO`1FY}$g#Z~Oj=>>~#JA|j
zd3PU+$k7DWhA^1=d1ysFB-!QRWd9&hu3Q<Sa$CIZ)8e+V{dvO<8Z}%Uooad=XjmvJ
zdip3Sf4%!Bs0ja7Pxszk2f~hJXWzWjtxo=1DpbiC&<7FBQ*BU&uE4jG>HX+rs;({V
zY+bD^X3ifF%wOjdOqEg#y~`<Pf9&XxMs4CHL?qgh=f*@D@YmMorG7p$fh#T%ok>&{
zwNW6^2NzBWWljZV;u_6*us8#KriM`MUeA97Pd9bF`TIwhBn{*wqhUS`k0<F~p2-2R
z82c_4ZEld1D^YK72Dq?BdX7REp@?ze&A#}B6#X*abc?-?$RTy+jX>m%;2m|B3rxus
zA66+bpU=+8!6)R_Xz!f^Bedb<<a}wLU0Z{Cf&d5S-#FRby|E-+TJC~^i}x>X<TBqX
z9F&zoQHobz(D6T)tGFC?4DCe<bx)EsQ_#FEc^D7eJlSQu75*VsK<;b_>CIA)k`}pG
z46G#>mO+et2ziKUU1(XhL;3E^<I?3np{+pA?_J5Sw8a~@Mk{3zCouj}O*mbHR3jWh
zvfIwNR>FQ<YdtK%`IuCcXC4?J3=0nr4G#|s4Gjw`oG&l@Lx3(-igaEmjCYb=nwD~^
z^U95feRc;(LJi$)V@()=4`Y{ntH<wqHh;zuMk$hpk?9`A=^o|&ZdYT?Azh<hW367o
zV(xXQtyDG#=+H|(1(2R*<fJ5}r@H{m>3Tj6>GuqX4#NxbfO6Ts52EAZ<ja+xPD=?)
zj|a^T2g!;>39Tjq=)){(*n}0Q>RO_Nbei0ptO?OJxLH{_dDu!-%Uey>Mk&9O&Zk#u
z+LxD!tgNUdkwom-xtU0ofF#0_K3SGVms6;1t%zW9r^rm5Mqjg&K6t6XbTSW)&%=aM
zmR3k;Xd)})!aD=G<0^X%-Z@C8CS@&$2?^s@4t9UBx;MCMPd5fk7&N5aLNQ=z*n<{e
zo;U|JI|~-%6&r3MX4y9|rWR1clHl3mMrOQrSGrEc*fRmmKZyX3!2FaMcq$<?sx830
zJxCmHI|Zq%yrROfvaOMuk+ib3rKB96pdVGWgz%kd(6}tO7%R)DIMXyXHPvj1vwK*e
zo)wSu0-t_U`CO~mJ*X^842T{(yc~M`JxklKkZXBw-)Y6UL6yFjIdVU37-E8wa`ZdV
z+1K>POHG$g!glwSD}3tY+29|i8)sc9uGGGRfFK_bMVp?7K7>|<gg}%Ma^_|i7T`Xj
zfc$*4WD|y2NH&CLfEC*8%j!KVYv0};a=QO;p6C1P+so@A#!+P`gtP^yX)|UvXu%9s
z`y6f6p=bOJW0vQ153;8CKjioP-{d#>m;8DEP5u$3|B%1U8we=y@9radT4;5zJ#5tZ
z>zYG^dXkc&jz&~XnFU?BwK@NR56S%A+95}HNvpK5xwdVK@DD;ONti;v@9=zQ&OS|C
z6boC8&dPK=wfVMbEbU|Fr(6G$I@*ubaL>JD-J>7%ZR~6*5!PH-^4D>~TqyEUgMl5H
zzc~3%2qZz-9i0v)U=A{A5~pX$-;Ixy5_Ct@`_^OLmz35DHqLwR=f;nN+6$u-nCZ~}
zyx(|zgGWmxuXkxW#p%%DTw%6#{o-+bYeGu6y14NFlPX(!&5$&5aLNFUxn2yTua_^+
zO=huF8HdVj$XJdTHE>rn0F(iwQVi-ruKD#6Mu2QN2&9FYA4-dP7>SmK{=lERSQob#
zOWeCxFWucL!wmjQ5=c>5N-;X7$g{$-wSmEqCS;;GlX2dE$dW=~gJYM%+Xc_(7Y0eL
z-bRkbT4ec2L8K^uF!L>Y5Cv#IYSJjpsA5-ct)9Q*jBclllDMUn$r#3SJ3k|>cF>g0
zkE!ft(>-Kk0>o>~EYuu@F@2ZL&%R7mx)GbLDLPK|urP2yR*i!*(Wa69^tEi39UIW^
z^Rl}~k?VbN<~GK%dNkkMNMX&_;>zPXblll|J|=Z#7OUxV26M~p^R_q%oPo;zbeD6*
z_jMb+zrQ~_J9{t^LtH6oT}8XEj~HvE2C#^TF6iG!;PsqYe_S+?YdlcReHGT`aowkc
z_sSy&<4{#s*Z11~0rprK^oFDea9bs5gozUBYB<VDYOt@x^;?-(J`N%Z5HR>Mh$o5@
z7dH^t9$x>d4}d*(P@lUQt@~A*F>fqsBdw!gu99M=WI-7gN4IML^3i#TdqH9(NKzow
z^~s%}m?$_P2=6InPA%coL<$G%N?%L45M$rk^1j>G#na*Ujn57_NXX5gC^iqmQr`U#
zU_`VViEsNEekCQYuPJ0fagsR1wBwS`R-<4mV(hj?#z-gJoU=?jTB0(sFFUut*|b-y
z|IpCXP(jN>(p-~IPS01`%APCUTVz(GteUKrPo1cQg2fz3g~ydiqZIvjnlF2z;dif>
z@%=#srz$$RU5$*~Z!7+VWBgcF7~9U2v4#jcH@QNg2B^FMmJe0gjcewLeYb`ZQ}UKS
zEmzxHUr!s=TU(b~b}fDAA8pNz#aJqCE)FH|Cv0g90Y!Q9cdxiBRx8w%@ubj1JTyan
zr+4v*6zAAh8d*=~=0$DADlou0I%;UCi06BU2CjR8OeGFBLurD!;O%w|LaRnNs%GGQ
zTqgE5$m(=hxEt(eZIlfnP0MurRC;f$93m^V^f-#@l~D^8uPOnvStpD0CyNPbP4nS@
z4c%QuG!<mDT}><vWUM_k^rchyNtwY)fC`;+UL0YUd+HWw!ptz_nj?v_V~KO4Nppk#
zw3*z?fwCSh&kF26<GI<i`qt3?PGx39@KW0#o3q(vrlCA+(vtxx7ura)#+DXHmakOl
z0*UPI69`dsV5mBBBsPjI!pK`B;cZ^}iJNR$W+zW{O@ND|a;+8h+e#7hVh$npHIi(4
z*D=fy4AalN*~z_2s(HJ38?lT{goI6)gpF&7ZTSy@Yz!dL=8`N%u2ZB$jTA00<8oQD
zd|X{!Wp`f`6-!M`?IXF~-*=o1CmA5s$;bt~?WmmDRCrd#)F_tiL6Mx}qd^_d-4ny3
z1Cm@yXJqU-89#Bz6sYj<CW}3URDQ4rfBGb#bBEHXfZUj{NEuOw)Qcn4u`e$Ctgwlr
z!#BDU5k_AA_3{wI5a4g>B2iwTpdAKHDq5kr-Tkib?#YBsWh_48^4VpCJ0=f<Z)5m<
z@01F3nJm0XmI&!pBnS8M$`8qRoC3Ipi9gFO?wZn2w)Tb^1sO;PGEqrNJQ;1o%qXhA
zWy(ldj3o5D?<MpHSs<=qe2I96LS7-pnl3lai39}9F5olQ2xcaxHa=Zf{vm(H|0cib
zzvR#TZ}Lw;{D=G=bwEG>&(DdKLU<*e@X<z><|Y@u>?EW!tP5P+1EWJ{YUXKzQN2t3
z)XzoGS;lPdCwkx8sDuP$7#J9KZaNMq*X@2<HVP&N;5WPPr^=I)G^Ns*Fk!D((N-=G
z^;c1y$A?>eCJUPPN14;NP1DWIEjo=1j1cY0Xs8nm=dxsIqG}g!!%j8gn!p!f9jAuI
z4%|#2DG90Yzz{NW3gSxYr%(t!v&?fTG7&J{?wql;F@|`esWNGLgccgvm{hurl_Q7;
z`-!N#-IdP|rTIifCS;O=zy(I7ghXUuiRUhj1r`e-rE<UBB}U<~>FGa$48ORmHkpbY
z?X9d};+To3#z7NeXuuDdJvRy=_-2z;zW%zkubfd3xKdpq*JbjeSslOih>*N(3Ek@b
zo`#c+ky9)eR_bmAJ_g#-(a=aqfEPA5k<~?yn}H;}rIGx9e4S&EWJ}k!+s3qQo71*!
zPTS_R?Vh%6+dXY_+O}=mU(I>rd=cl*QxUs<R7F(e-kEvjs?4?SJ0TwBm^C~Mbjhw#
zE{Uy<&xO9f9`Z(;EO`YKb#(onavA|=EP->OQCg8sF=->a6;BYnV_F8+Tn9cDRa>zD
zn-sb3*XV57Ng21R>*AvNBKzVa+<U91ovXQ9X-9qI?<7XP`fgt<K)iSfu<2^^^o$_Q
z0%K;Q2R?LMIJpi(`88Va0s*jWddf`tUWcZx3l4Mh>a53bHkR@Y4N74F9?H^YAuGpx
z&m{-3niEIPUgAKbFD?1T4{BU`BvX3CI?LgF)@|{I716C>C$4l1R@vkaxj8m5RW~^i
z2K1CD*?u0fqoTu#s$XH9X41$@>9UiEfD`#Qek%xrHb!nXuKc#_Swr;bh6u8j!8{_)
zfmE+}*v1zjuu0l@FTUi%*gnSqL*vd>*J3f)kE`a&xAMm1o{u3|XXs5IrZ8{XAUB>w
zb0kr&6RjvKluBUM48~08d316;m)VltpUt<*zz^cymeqxIRog$}eJ&%IA_#L3hw*R9
zxeoN+*oSAOcfQ|teRP*GNdXk<&I^Y5bJ29ZgLb?Mets5jt3T8Y+f|Lr$>ETl0PLCH
zUSG{wu`?zPPeG;&fhq-(#Y9EH!NFfng#Z>XNm3uD6*btW3N=Er!4@#!Qy0g%FyaQP
zAeK+_ACNJ&7wcOsot~aYpC6$y>B}V7mIf8}K_jM&n2860{66z~u$0=!twq9oYJO)U
z*2!01Z`VVMof&ISwzeB<t#1OHtw{dI*80@kWStz^1v~!muMCs5%Mkw7wQ-yx=;n;t
zsscnYYuxM&^>})8hJVO^1Q+~v0++5NLSh2iWssf))R4sPuq`J44dK6JF#yMN-*Yz@
zCmyD}KMY_b=@>L97mO|qpuhHNaz3Y;`PNuiAQ?i>km^<r@Vt7L#QCQFK-D?(frmlc
zl-BS<(F;@v6_9MX-EB#aN%j1`TyJftt=&F9kI&3hiYo6qbe`zD1S{v_<XER8<6Yl;
z3GywJx3nA;+_=hhM{;rimK+-$Ew8ZB_5JWQF(XewJtCx$j>i4`TT;#-oVfNQ!^}ib
zD8EBU2v6IKLA*adNCywn`wS*JGz4OWlk=5xZ9(wE;uu0qQB1YbSL<gdkft{B>7L7t
z5HT){d^jELI6@4RoUFV>Z@xMLCORM~^;acz_u)avVBXnj#;#!i?nPyKI#ZbB2!h<C
zO)4!ZF&R2~LQ+DqUMw0GT6$`{g0_m=G^0L>WO`hZhL)b!##Ae+VtxDD#c`>rp`rEE
z(2!Wy$KzT+-+EzUYIrzutPtpLsQETNclNBAN5D<kZLM0MQjoi3s%;cmUC!0wY#wLW
zPN3v{J58B2m|VT(iv0<ek3?|0lG;nBvZPX6Op%g^hMt0sihfX1NM4U=1F!)BUls6i
zWe6jKr~?*lXk!G%o<iGrVknxZ>|Wi^zOHGG>eC4$0nyya3D^0)+!$aDncY(>HFC%d
z_#@m$PgEm4f8&aBYwXCBB?<oa0qWi8@|XPe|C{_~|ByfXzvQ27|Cjvc#Xvx}f`i71
zg{;^M8)Ff}W;?$ot_wMqD%7nR^g8zU-FSPxo>y36k0rPweuN1<zk0Unfle05ikh?n
z#|P}?+6*_tM!TtkM6ULv9pzs1(CS~j;^`m$u;NB6$PjHx7n<E24f#{JyF3nK?%^&Y
z#(7Twj~g~s9biJ((Wi7QGdcUdFKD5qn|hr5(0Qcr8Ye9pZTrmHav!x|;kT6Q^uEHF
zsfjws*|29UfKpv`xA@u^MsN-kS<N7ed>l})DIrbyV95L?#Iq-Y`7-T%f1}Ws#`x|)
zK$=E1+dIGPn%g!NJet0u=RtUZj8(1awI-5m!h;ffPxFPY4^*78-8h%mlF%hVSe=64
zR%8`as2IEayga<ci!K!W-ZNRv=)VcJ)5nV<B+~QjlXW)xkXD36Ldsi0cCx*_{gWj6
ze)N91&ZztA<7z6C^9~>w@p;G&@C4=my0atj0>b`MC!vZGD{kO4anp2zW+)O2uqH74
zV`^)Cp(K*9&}iT$%U&3%KDQ`tHqCkNQb3yY<dpD-gSLX9DIQVKX>nSW5cwjRPg|OR
zp7b6Z&7nS{T{BCGkWH3|3V2KANP6xxD41^6BZRoEK7uwgRigt>ZM3Es(UeU(-V%&-
zlQ1j@@0fk|rK83lvPo<CW=5RgQwRe{(qCyV=JGjIi$!i$v7y1tPra+HV_J+zc|-&z
zZCPp{0jgyazsy6UwY7^n;lb<Sp=4#LvT_O!#t%#-nFPTyA6U|$mNFJU>IdjRR#cR%
zy}iA%^4yLc0tGpl=Bn=V>TZN%saa`*s7GwX2fN*i$TJ`n4Tp?s8sNLm@AH<`{Pm>e
z%X@zkYS;03)%~_%hk}fZiCcZJlyl&whj8;7k)3~k-v9>_d%4%73iq1nWcFP}#Mn(k
zr8FVJs^u-Io^Yw2@k;5Jt75K|sb6SLXHsC6jhq|=D|S3&1l-+|l#FCwZiWE!V-!4P
z*Q#Y<d$X2}urn-zx?-49=c$^S+UoSQ{lRF`Yj{wm3??l-IT1Y<I~Ct<IxNq3CVqye
zqu9h@gZ;yjMRs&|5AI}jVi#9ev~a;BONk=v#kK3}>DM7KF;i?-`i>TktK7sZRh7CH
zWn#1qU;C@WD4d8p*caL<!?dw;;V`#mIDP^wxtByDP@lc``T6JjandL;EWDMkxe^Q`
zh%#`-aDTA_G~*HzQZwTsGO|HL_(yyd*0=fVU}&+>d6dobgvbZUJ~uLhOhfGaTM6n1
zdmQzEz8h?b4la;ph~YAU26LV;|Eas)J2Lbe6Xub_DCddP)5pcCsHlgDiKvN*2QzC>
zO66;YhvVs}jOL)eYW%e0+$kUUgv7yo?)LWPx!ygI@o~wg#|M|TUANJ9ZBx^bsw{6Y
z7l;JmiZbC4@t_y&CoU@kMV&zA_4alS_L(81oJZkoI9pCMxlgWdPtHJ>I2TQ#c6ul0
z83OM!0+r%k4Ldh1G!e=#zuID-JFbKB72E_hg#2A#8NAvOfLvfm5~PXa!vpd(LGr%E
z?rsM~Jt0tzzsFJ?*wEblpfK}rR4GsdHbh^TiP5&>z*#v>+;kw$ZLN%}zA#_Fe6=;7
z0*YSIVZQ50zniIYDbw~-l*W_nz8>`Q!TX6V#DxUXqYhs_oDQ8ebhoOz3k~$jz!ST8
z<8%h7dwZvn6tor(XiRfiMO+v<VVefG$t<j^<Ntha>2B_BE^*DZ)6ezQx7SzTECpjL
z#KcxZC<|4!RB#OqacycgGmVU!U&n13piY8eM4eV9j*}=-N~6Djd<@uQ#2g<SJlKoj
zhhPM^cXo2B6jbd1k;FJ6Z|7PWP;(@a&DN%gtUk7vwTcl9bGh=xQ0jXcF&R{cb!1cm
zDajEa4>&Y5n4G?b*qDyf#RZl=lxRpFsQWXyZD{MJDQ?WkU!Knb0^Ic8NbX?c$&bbZ
z`j`B(&yYZDKtTUoKyXx6X^4P#x!P$cAW?wyKCu5^@*i*j$Pf3I{=l6*9Dk{w5wL8h
z@C_IULl6k)@2}9j{7>~Ci+|RS%>S+*%Xa^+AL+C}K&<stSCVV1zfj3B1kWYQPe$$H
zw5N>XL{SpPnrn_6!ozMGhc1P*<+<fUC=3^<_j262&2xtWk~7Ehy6+~}{Juk9FE1Rl
zVsLLo#-nP#KHn6mQts<_8=6ai%aq}&QHP+0=XGuRxXagclrYedd|aQ@bgbh}uHgQB
za+nyE>3->>p!1lEXC*)F{`zEJ(OmI;?kA|UrU#Vs`9?<scHeEbV_eX8eT}qlrFw%!
zJ^pU!-oCi-I-SSZ%)89aUW$wdRHS_?^m1`wqoez1nBwF1er=Q>{h_A^I5Fk>x<?^E
zq!_Mf!l0Yt@YHMDJ(aL4Ip?NV`7-6Cq$K3xW2R)Co*i1es7D)EKsdbocJB3(AN&%0
zcj(g#tf`q6`>U42Tt&dom6oR(SJ6X(;N<XC2|Ry(ZV3e<#-E~Z2O3(j&0q@PJOoH|
zIUq}8YihDMv6x{}ym4Ui;al1sxp8o)OIQsi)eSCO^+{d)>fdw)`kiKSGMV9_TBEyA
z(QN1Pcv0v*r^V7RH`mmD!6wI{Z)CLR2OP)*fs+9z1S0823Wh9Y9LdB<k`G1<1@4F}
zXdK5v93HvB)^c}`a3x{cU<(>wo91v;siIfr^YzKucH?!l{<Zn@mN8obW@2rBQI$Gs
z)UW}HPnVTzBu9!=+4~PF0rKE*Or)!LyNCWa#EVM|^jfo$Vb$e}@88h^g+Xa(A}T7z
z<kfScqY)LQWE$R}=qfbLH{;IJW6N$%>cZmk;y%MhZcbN6>ESE+4*XMQXOa1lnFwR$
z5Obej-XKCD;;DRyh=4bAs;KjgI-`FNhFzn6ii(i4wIRH;z@Vra`AI}g(yChb;p)Uk
z#Y7>%#|Y%e@foTy?@A@R`f@^{qlWg!OHmve&v}FLZjW_)wbtRZd2%l;lKUgHXiq-o
zmz&LMmbGXa>$_d#=jDB(^`n?gp6YcO8XICGW5dnSv5-v6zGlajooIeU^i*AUi$`Z|
z+uy2O!7E>$0<&!X;T0XG|A@rVnxu+e=>c!Eb=TsE8s|T$%$7W;Xb;1xe%6P3sSC|y
zCz&pULR10^$BZToX@3do<BtncaLw6{c46YFR6}}re29)gnEYcD2nV={HYSZwIuiLc
za&5te$=0Kc8ETnpa0+Wf#I3M<guPM(3GnY(Y1mX%wu|21KJrWeMQlbQv`q1yaXp2&
zr4Lx7Z<$(`k|mYC?RZ}!S;O0Dqo7WuT8F{)6LJV|qUiWtIc^i7h#(B^=mbAUfw32y
zM>x%LdJY%pO1-#qlO=EXo+qx@x=n08xqsd<XlD41Bpb0Dp*f=I+t`}=5wGE9;I-TD
zbXexxM=*39pP!>bfsKB&)!3~BzdbxWK!FLVtFtpPAvqNU2M?}YY^X*a$)VFU<md77
zsN+r|&#_>KjYQE2-|0d>AidbgbJ)}kW+f3bWn_Kt7^8_<I_h%L?s_Jnt&so^Wh#*T
zJX)U==_1vf&ia!eg5exg_d_b<_4ZbC_mE5W@sf>A<tNNC*#mFm{SZ_Wrk9ev-Pmdg
zkI|W7IJdASU8|~hK)n)vjlI$yOZi$I2mger$;-=biECJ8X|kjl`S9fFNj4kTO>b!T
z%eHIx^F#OhUX9O3gWmh;7m&~6-Pc3R*L%0`+nXLP*NvyQ5uQ%Ju=@Cv_V=#yo#^+&
z3Jh*G5XLeJ2pjvO_Yx0+vrI0xx%b(t&+81|kByqi%%zw6XK@0bcmKFSEbqI7SMuSh
zEgp~iJ_3TaA6eX<*p@_VWhn<TfYnY3Cit%v6+I2#-5u;TFt(14&K`Qo`)#1!aT<QR
zxySi&uy6a3q08?4jS#}ypcxG}8-}?X>*_|z;htm<aqOgP6`fsL26o0eYpaQ&sjcN*
z5B5c{le4RfAQxxLGVyv=+~uF^+E|Pnx-0Xt0Hf^GZ$|-+#7uw5&+xy=Z}|`TGyY5d
zO_G1fkA48~aYv%W5U1b<a>Ft`Y|g~Zs=a(vd!mcQRF6FjcWSI_7bivfR!#pi{8t=z
zG!~i+%ol8bsual#sF$!%S#Mrq?l%|~lCGlP+Uuh=Wi+MbBQzDp(4+OO9ZmwOvi=Ov
zDMcC=TMkaL(PQdzU_zJc>(-&`hL-7isi4ewIrzpZ>G@K8qiB#L#U@H8sf8sd=fnQJ
zUB!nXudh-Iy<Lfdoufh8xV^BY2|{FVuSmzhDg=5$0^jg>?tApPV#~-mk<>8AiD$vo
z3W-_jd*};iIVJS>5}25{S_+|lw{fti)1bbUu!+_G;A4&<6+x}O#LoqSV&dk;vkuW*
zQIXd(vl3UfDgnXMGPee99Glr#YNAGQaS6Y>b!-wJRqEc8=+aiRJ~Jmk$G5(_-YjD&
znbB~vk`}geg=Br!?*_Z4ND{02=>&GR+ZB~`xxz9s5;n>*Lye=><<MN5w}6`9@ho_1
z0fw_a+hE(8!zb~2Y}*H1A<{!sQK+}&W*9B2lU!!G8N3qK^Gk%rOb?P(2LWyaK~{J>
zpa&Y985~=5TbSn;kxo`sJ=R0bVA5F0sEO7K`FmJzeR}a&^$7cos2CW1EgEBrut;YZ
z!xq?>wdF}_no2`1<agQes@jJ!5oV32YYQ$mX!6ek^=`A-%m&+Yqs1Bed0eophiP^e
zR!v5}^0?2;ID%v>5y&HNFNT|P#HpV4ebmN0<)+L2=gL0IK?4m{p?T&q#JHB14OhCE
znJ6NnUGbO!BqTZ{q^cN#W>K-xn|(=76%}z66)W@Ox!&HB7jSQ9nb(69y~n2~yO%<#
z=EkBT@b%eWzkUHMoBaHMki$d@W_o6xpQrQSOmEk+D6-OU=@^a<Y8_wlvxi@749?ZI
z5+PE4QU6HhC@-b)r=YSsH8`r%8qD9={Mk99kcDSxDwbZWmN}3RwBICx<}z^Cjsnih
zq&<?*H;FtWP$xjSjS+~fFjaVa9QSeFaW0h2*xklJ+Wft|G%%LbF{V1|$XOiS#Z>J+
zX(_B17UJP~(LpZJ@76DWxk}=+09;CZ>iDD$ay5_Yi59nd-N$}p;I-pMhu6w8aP5g<
z-GR~mk=fy%`4Qg!W}uy;ePxAnIc=lufs)5~IM%hNPy-PWRGRn8Jn{Q($cnc&${8%-
zb@GF|)tYqi)BU*u`}s6GkHpgl*72JQItKv*C@3iNNKHp%_eUZZqlL4{$=Aohl=Fj}
zZoA8bz-MdayLOw?$?l-^a7+$I)mIozZzOV%i^%#Nv3_KfT^k2?5h=wvCY{1ap>YTS
z-SXBN<esd6=k7Xhry>~f5YCl9iQDtb-h1hDE+aNc>?I&}A2H_U)?%YE8#edvDU=Lz
zn3O1~J=V`;KquAjjK!2^XUJ@CsOYTP10^0AiwP(Ij}z(-yyk1k-4@{1(#k#j+^oJ(
z$xoL&sOuoLG4}17mYCaC@ZJ*8akX={YOk%v=SZZZo!EtD4tKW*79DYax#2ut-i?>B
z0|`l(+Pvt5P=WLzi|PNNqh(=TeHGv6?A+|~<SbRB6ep6Zinq!?zp=Kov982mS-Arn
zQBqu_6OZ7Zs}U?-2A8a)qk0(C|N6We<^#rHSLvt6%C(MxgAx2Npm1U=Zzp3fAy7m7
znR@CEFY`(nWhY86H2e!6Lal|rn(b!PrRd=B=2Va<;s@7;(2JRNJ)-82k2&@vb(!9>
z&PBiepK+OsvnwpjORD|DBaC{Oh`R`Bm=>PY+`#}PTMN$a4kZmm)gP+Lx?2joe4C52
zs{@7?*WudV6R2Z)ra`eJEk;a|KnV2gq^-u@5DA)o;Ur!_{D#2j3Edywt<59dbgNvk
zVNp-i^3_WrZ*N6670>vwI>9@Ks6lboc0kaPVttYp-&g+25GKhjag^a3TWPc~Y(tm$
zY;v5Ig2p%l<zWNI`fd0>8A6i(oBUS)kU#yu<lkHRm;6C5KtPpxn6XsTr48zYtL%+h
zv-EQu%Sgv&n9`%~<T`k}e3H^K9&yz+ePnP)i8N<iiuPmO_xV=T&6U7V(kT8tWBP17
zTJcSdF1W22zWwr-3E4?Cmxs8{f7<rrDG@~&5(sFMLh%-9y*gDs551ktOSi((KW;h;
zVN;2(?PJyk$Qx*KRTsK?RL2T^y1IN{F1hy$g5Ktbn}Fr<nO#D#m|E(5-JC5Hdkcxt
zWL_84^#H!dVIst2{(U8Y4fBEmVd6M_#?+jTbF*CJujgU@&-)U7UZ>+}CcLci$i!wN
zr6TG-Q&W?s4Ha4*oWDO#OghKI{m)N(<BNCN7PHUSGkXYs4D3x87q`7|s%q^O)+DOR
zs#;ijNV)5<bXzcXR#HeVXQ=VT>alCA@eQCP^LpSSqslN)j|SG4aX2)QRcXzp56RH)
z!qR9#)YEt>kG(QeL;fs>9Muvl7ug*sZ1EGYR8qo?>~WRRD$ch|XFMrmp@1f$_jj`I
zrJcri<(W=4ZzLPNSj-B=kj0~Sf8J~o!rsNaG-n+e=}kHo&Q*N(_Wr=<k6y-)L`p^7
z+p)Dj($;21@@M?{R4dTBC75Sx#FWg|1Tlp8kk#RzVz=tKMK<?ddA0dO@v_&!+uzs6
zq+#u<zJ@a@;)4*U=eWHbTKFv}_(b!kGVjm1pUsg|n@rvMxnDPNEZzLx7bxm>DAN1R
zQj9Z`i@;a1*S7;fp`m#Sm+QL$>@L^TYOccoU)_Md<G45?)NqC*x%}C8b5{Nqh}Sz(
zHwDm-YoF!qYk}IQUwi}8)3LR+3J@fIgQFYOFY3vMhWW%<8<|Q<MhA}jv-=<?aLoR{
z29cNqMoEDt*xwafn%U`jXn6?zJ}HTbX=&kTOW8p}Dom8@Edv6|=xmA>exHw8s=150
zSZEdtr1l;ZjjSY~Wh9{_#bKqzV`s->C&!_|I;p8@wyjMo$>rdx9p2u~0&KV0*mQZk
zn*gu+wx;*<6SJu$w&dg#HMNxF6pS3IOFQez2(644FV&2vL>^>({Ky-T{+fci(#rAq
z=*8m4#p0om^yyjwS61X>G=HJ}qodNO@!V_4m#0620|OAlu`o`Je|XC;oAlzs)T5cm
z_d1MbDbyT7FUdX^Sy$o45=T4pbj*MmsS?t7SeZG#b0gs+^^MD*Bt!ejbBely54!i5
zi)za$LYEX*hmXh@9Ubs^-&9sL&{2f8s*|g_By={6T_5Y06w>h#4Z((X+P^sJ>Q*~`
zpg%V@70-ePr)T8YTBGxZh5NC!nwx8=s~2%8-9L2}L)p*IE*k74J?5FrLYm$*ruIc8
zIjqc2_l;lgR(h$kXrNk-fLqp4CXAX69TgAz=>bl}VZ)`Y6;Q=#`vWnlPb@><(jg;&
zKH&CR0Ts@fNY~owIF>)s%Wv}1xDXTQJ<+y`lX4uSVr2G4ibKB3qY&y%XXBTlg&}GU
z>yW^p$&Ai8jJ^!8DQ{637&-~GmR7j43Ynu|X0puoHbo;yUp4Zl4inTxM@byW%LBE-
zl}DWvLMH^c$X23@CNGJoFAl0K4y!B-t3?=A;Otsr1K<3Xh5juYm-Mh_HHCg;Ql54{
ziWX@1^=?Ku5g#8vJ3Cun&wLQ4^h~+rh6ELql(Y~>B0ibT%gw=IZeS3Xh<WECL#>+G
z5OR9$7EJ4cu1;79q1P%4vSpu@k}`3G=2vbErYLD_sAE&~V@l<vsk*C)I3-E*4;^&{
z+V>{s#fUX<v<3Y(STIrfe0)VL<9r4_?hH;A&f>*VwSgWB;38n(NtzlE#V8w{gWvGM
z09VQ2N^La==tRyaxb%{mlApr|6Rx4;Nay@~j(?JjA9^OIpAX9_mSVP=I9xAQ>&8-I
zHr?%K7W@B1>6`93;K|mreD8L@7*cgbd|GR^+jH3Thg)?a_x`jVSr|F_8}rNlZ}MCJ
zL;ke?lK&*)|C2u+2&gd*VRGw`T%z4&{rs^NM~tFcdxnXL`zL_|ygz%xAZF{gOO7^P
z4(C@?hzO?dOoN7u*&2~8nygR#Da;Xf%I~}RhzRe=_<KIXw;d-{bH%1+wpzy<j9eDR
zUZ;6$&S1UcXm+naMnR7bJT*0DR!`H5i;F`;5P^bbCWUmia|?t7JBO#@6uaI$ag-S9
z>f&(d&|7kHkGdSK!cvHY@nvp52v_D%_QLIpl*%MXsmVAw{RG##l%c$4pO-PYG1hYJ
zLoza0Kz4$LT8P#&wY6~-F01)`vKs*zq}bWxgn(^_?X_8R6;v2BJUq0X+`yU-F-m@C
z85o$3v7B8k-84PLBxUV*l>ymZRMOfzqXx&E!opy(q9Af|h`}Ky;v5A-!;=vU`PkbD
z^}da!2+EJ)jt<;LiXqsm;G4ca_LdzLE;2@mPe&A<;c0Oq|6aHj6l8QTF&Km^vhpow
zy~g__(Uk1uU%ejswU=d7H)tmByL~*Eo@9f#d^MDevC%^<ftlq}c|Uf6$i4ee@!NCE
zW%XCT&7GHlvpMB?OBCtYCz1W0A4qY9R<^(PNx$rG;jx_<FQit4{h1&+;@}Q`9#Y&!
zZ2Nh-ddj}#^<lX8@;ZibhO@Od_<Cpe`99HMjqpo#eK9dEDLXBxDeH29`9#2OX(3}M
z4=E;~Ul=bF557k4t=~V8vsH6cdE|C`#90+$$!>sjU={?_`rMiUOP9}nf9?l7Dr%&_
z^=0ohK3?KHJFA9A$!GtdLe2L1PFHet6S+Nvp2^6$V#Y2OJ|@;FxMFxm@<o9#uLD(@
zD=swtKrFh$-m=1#zArlu5Zb&pRc~%^4*q$H9~;hjLWC%@<7BI`p1|R=C_0dV1-^xz
zW=CC~t$`@rvb4H)(CAa)aHb;y?>NuZH^{zF$b;UZ1$0FG)Eq3$biA~LNBJlhc{pd8
z7#G0E((oXM7&?@P`z?>)Di<wbTI3DOB22?98uB~q{2Q7K7dP)=v?KVL_ptc_x6kYA
zt5Y=ohK+NIR-)_e{)k=ohuZJh`FRyWh1?m2?sp~mD=#7K#6snF7a1-lHXs{>3o6^{
zJ@i1=^z5{_%%r3r3O(gD73Xn{gF|8~tNi+4O2U002DjyGfjjB~tIvM~T-B}0V#f?k
zj7^LE#^6|W)P_JUyma#_GEfk%uwE%Cd3iN2e0+ihUNYj^R&PP%5Kw7JNH{6Dv&Iet
zaGHLJlKSeIVGK`S=ZYicP5b%6GplB(+L&7MaHQIvyDbEp8-%jfJF+_6wpc*mhPT)r
z82%zoT{E=hFpRv1i+S(o|C;iBJ(!xz=B_BXqtbv{+dGy*n=z4w;XHI1V%sc+VrW=%
zNy*}gyjs@lx-vH3^H@OoIkz%4fbTgs|GExI@Oew|^+ACFfA4#ju|-NT1OjfyZwXJg
zPIDsQ#*toNo9lI{!HLBuvJM3DySCH#$mIinmwHrOw<GjdMX3DePWMMl4(?*ym2tb3
z1u!1nT5_jKxyA-OEWD#INzW6QU8=x9ETvmzb34OG#CB*A__vQz4t*sG^*0>$8r@D)
zsDVf^PruBI!gp_zh`TK9toKqrRtTh{K=QY}4lhPG;$(?iVnzE;Cjw^pm`9Nx8tErl
z{8m@`b^rk_F+9ozJd$P5ghf?oS7RkINnUs4UMNDepK}dAvyDyp4NUpujKoMwf(C~m
z2L~WTL|KRn%wtHXVu;`CbSV*8l~mNrc7eDX#pGNdN^kmyqkZ##o-davw;cf<XN_zB
za|q4s3fhkGnf}@SsoPmoT3|#$^d;5D7=$eR@A4;DK|1{&4D|XJGI02Zg@XgH?dg0F
zHZS#LSWBx>&X-n3lwMeccCkige*ENdZVS9#jO0ZXXb=)*Jn!A=cCsvIDej{Io>#(`
zT$6EU5g9KJA8{*CnVb!TQ);Upf5~t9zsYa&5BXF7Oa3eVf62e74DffEM1;y^44|~Z
zn~0FUgN3cft7~Z_v@9=TlwhPfwWM*;4uT}FqCP6q*eGH$x1}tEgot{0yzkrTkwRKf
zx2w7gxC)^_j=iKrq=h)UI0(KQdi%ET|7)S@vai&yDL6ggjN-(+yt=yW5IN#n{_NXW
zf{eeMt(^@RC!wD6CkW<Lk8)4zHR*BNq>DpM;dgqf{y`Ri+70?KrtRaS6WqOY2&Csz
zVO-+muiFxnxq|phThJqspVqI}3SYJ*(k?Xk3h(-M-0BLzG9DA^U2Bh-;=N2q>%vW%
zN9TsUj>l&fp^FMuEaS2<g@>y7$1BUZxK0Ae+`OQYCiz%0I9|xCS=?D+`6h0R^^E@4
z0`xmbB_++S&3A=G9bPNv_b%jkI45IfW?QX4*Cr-p)5=CSylL#vycoj~)#4C@5n61l
zt!2oOzDNp=tz=-LwkXTR+FApufjBQ~BJP%vOJWaCpk2BG13`ISdJcV5gMl*F@zU-e
z;;+~mdn!Sq&*E#SS$kM97F2tK4w6tEBRGrt;%}AkgN1~Q6p3~O1&QENWvTD|X1@i@
zfU^QSqp~mhQ<qjzW86jvVs{tTHns7vJwlIy3L5z(;iqP27ZM}n&H4rHtkPMWncLY~
zRNGmXR@YR~(i|k&!%Bt2mQza$R=9Z--0*E0AQA1v2yMG=aV_oJDrB7CjD9(p5b<yg
zgnCiXz^24T((9uH;&Uh2OAsMNyK@G?6_-Ty2h*_AC&Bcz{dqs`0fxhV7#uU>c7f4A
zsF1GrP)x#`4eBQk;&a%+h!-ZwT4@d1H;!3$GX`E8=HK3&QTCOR3p={u*e=84a?>}l
zupKs4Ieg9rFwbLcc(6@uuwc2BugoHK8B7H@0u$4AYVUcFyhVqRCrGGWHSsP#pV;T~
z&KLPQTrI^_?h(El<O?n1I%r>B-*kYKT(s74m!u%T(GfX6AGCqRFm;>~WF}CGByb9<
ztG_?A$+-T?%nG*M`Q~(1+uJ*sdogMxGAbH=WJ>l|7_6*(jGUBDX6(1g(P&s-k)Og`
z(9i4Xr}e4F=0+$+Ca(<_v)km9b%!D8QBfG&mm8|oJ3RvBuzkItQT9*vqV6q!b}j=%
zI6>D@{a`6Dw6xkGHPb8tKXl5~K1+r;Ue2Y}Yw&oBJa@-e=rXxVN_+<uzDAQGuDxHv
zdl#%Q==DDD3#+pdjLbX}R@sqmd&a`y`)@JKV05Yka8P~RO3f@CMTi7DJwe*k6&4cJ
zl~xuO6|{8JbSCNOjYWrwm4r~d0+HYQ;|Ye%k`wK<GAy~)GIp9(&b&%#8IANMdanQU
zY%Az}>DztjZy^G^dO$+FwRw`=15q!xano~A5%V|&oCeyi(p}O!-Qc(tVC=IO@w*8m
zv{tGp<SHd%*OWB0R_3ScXs?o2+gYFkxB7wji-i;`j4?=kIpoUEF2Ul>FVa}h?7*I#
zS-zotEUazZj5d2y^y7QfmgB!yKXwjns4l~86bS2d%${y#h@IxcOy$BvFPr%~@qg&i
zDMfEZ1PCEKNVDEZE}>J<b|`(h@$Vr=yY?njT&d;{nDBhXv&*}C_eNAaGi-Ka@>ZjV
z9htcvyJEtr9*{}H-mRsf($X;6ak#G-$4^aOD+gS|@Z}K!PX|hcI(Zh`9gh}=SW*wl
z7qJrfG9zW@y}tFjs<r}s)|Ta&awl{t-frM%=jSRS)#}QsYKjH}QPvRhrzE6+Cf8;*
zg>!C;diWds8V)E{MS2izT}AW;V}&WyR#yfdVwrX@0LCdqbJP%+Rz>Tpofc3pgiR70
z^2i$&bD2OaGFEB@UfHCzEr&#?s-~`@+ykWwWTiB4P~<B;lQ9j)86C`#aujY&PD(bf
z=d_ep7%TJ>U2!sTPQ&RNfVJ7*Hy7wj+w62r4qyk^*W==Q&&_=d6^%iHf_!}aCBNnW
zCco`J<WKo8`S0)kB|jU$+3WpbEN-U@g+d+zeAcyqy3DJ2;m`bjD*I-dU#o@p7jCe=
z>74*#D3eetHrMi5LWitf8bP~}2`e`*uv4TEQH>5uP?y?FWQFt{;N(wZ-x)Gg8jwC^
zzOM=y8bLTbd&-JByK)lW)obAI*Zy*)hk?G2_k1j1!l^g73tD=U=f8RUN5Gd~9(OWJ
zj>5yEH5dZffg_QBB}3$~zM)&bAdX*84>WLnWhJfO-~yA$0`~5wax3SFKPxW!*^vIT
zhdap$D$l~!8V>!j2qL1HXJ}|ae<#kAIw&Y6E4Fhp=E>-GKh7D0ntHN}@(fI9sWdI3
z#R8BYENA*@2F_V}#;HJ7057!PSyQqY=6Lxq1S+UDCSMIBcSKrR+N6xUq^zurq@09Q
zr2Ma#u$YLDtDxuQ!orsM#DPp}Q<GqY3%2K_;46p;@vHqH9s>5|cg6{TdXYaB=|xoh
zW5{Ln5MP*EOSh3o0~z1R6X&Fd0O&LpDq8Lg@F$?&rF}3!jsDiIlHa$jsRPHLGmg^5
zGsezWUp@hw{OW0}LwI8vWSV1iP@|=r0z;`)8A_yAA(V)nkGR{<_fj<)<`1gk@z$lC
z8F^@i)|wq*LJg5}qyiPY!pKtG2n2l?qBqOI8DcuLW_*;gVK{tT8T#}2S_>^2<FE-<
zfwC5No2e@`<NNOI?E6tpw@RVUGjKwH2{<amJ>;scupeEcXaQhOUHTmrwXy<X`bc4K
zOcvTDdJU^7VOn^PqQz7r*pp@m`1|nz4}z#bZ7Hlyy400+Q4=bBHlaF2!<5)rL8h<M
zU07b2TR~VjcHT>21Hr&ODJvoOq|k2fm;b@d)20cDTR~(iG?d2q)@W$Z;UkT$9q727
zg!;{^gM_4ir{swjAg?b2qoJ8Op<n!C<2TrPr<H|`^HcTvj~AP;yGO9CZ|Ml9*>Ty-
z-O}0Zbbfn?@?GRRo}5~Jd8+=|x%C!QlHR;omR9iH5~SNnzFk$Z$yAaz+Y6(@!1k~~
z9frTPG;`e;fAG|$`T=o`#7NvwFk!Ot>oH#cLG|O8jMGx~IW26J1RJkttA~;0z(z;j
zmw&u_cmQq+f@L02r&^y{Dyi3oN(vrM$38nKPJuAsRr$ho3WAuXWU0BGhM8AHd551p
zv8CBWh<p$Cew3LASMMj8Wg2`$MpKxsZeyXcY&)@A;IlKzIj2A6RW}<}^5^H~=6vTx
z6+C=8-I<h$rmSB_C<_jUdYmP&J@*QfZ05MRxQ0mRlB>5Pxd;VpV6>8{4*pt2NX3xq
zXy>fT{G$c()a-V}hv$MRn$A@A-ub@1->?AQqx=lWA@y_?e34SID5^N1I!I8+x^Qd?
z>gULerD1)!)P~PMYPnsZA>yapKkdu6mLjsTw>8yHaGgMbQH2IcK{o|xdjr?do1&(w
z9!rWQvQ40`89dU_$$TlyKVj(STRSk-u4OxFnAcq?@S;4$r8X`zoX>N6Ce?m@eC9*|
z^0c`hWmmZel%8==uONA=u@Wrvg3*7N=MkY=V0%nu^6l)KZ>?>RmsfaU%&WmJsig=9
zVnOn~)>ake<#nBA6{<qNy^;Eok$*5m079p`DfVKD;X_mM#%Uo~y2fQ1^dqy7S2D^%
z*o=uEn%OzoxV{)NQsUh&hi3!N=J7dKeedV@^8?(H8JId+TA#bH3bzGUoq3<OwJjXn
z%*!8K2}0ddQ?jt`FM!1a&?-RF&e6Unbr{OA)ui%HFD<NW&M(Zo+kR_qX081>+tV3*
z=9&TlkPt7WrSZ9fe{c;<m-4Y8lYc5ipkY@YDcmi71#C2WdmR^$<lxT#ZQ`_H4afUP
zuY8PG{@uw=4B{uW(+RgQy~xq=jyxY<Ek6k06A?U4uj5Yk`7QX|;g}QLmkYZuy)wTF
z<Jq0w?6y@vaj<Mb>5sp^^_Tp%|C{`F|ByfVzvO={`Ir1oW<WrHo23vD@_Op;GjhLQ
z8ZTK=GQ_sX@7a2@doXlI0IcivGB|X^p!fH2@c-zrqq|w^!^o)t-SlKi1d@FwQ5gFX
z+_8r0cje4i(;}!+Wjy=xasnvEw=}WXIa$4(`<?U@elV3?RZYuKSxx)5zxjVuR?&Cb
z>C}CVikATie!W9kK6R3-B<}N;n^XyHqD^I2Pfp3|aQM=bkeFCqU7E?O=Z)!hX>V!x
zcGcbNdIQ5S^065j_*fa2iesS*1KR(rXyDZ1YHImD#=z&>-Ddce6a&J<q}balsOOLK
z=<|JN=ymiqKWRZH&HC}clXhtA!F{DNxK%TzP_`VZsAv$qm|Wb0Y&T&zdjIIan(5>Y
z(1aRaHiiU9xy(#VcRiqRv*H17kA0LfVy7ujex^de$msCDneiWVSGYPuDG0n$R6pnL
z;Ym%y{m$NbDWB){_K*@TL3>rjSieFA%zpJ}r=K|u4(4$)oQYjEHO2jSTl}L_$M?<8
zl;82(EgLoUelWsp+7`v=WA>)^34EoJm6!8yKg>vp4lqLoW00lD!BcF!TCR9c!@Wa^
z!+K(a(~z=ypARdh&;;S;Kaz-*RtlZ0EgcP&$_dl!KB&gmBNNpJxE$V7W!Oq2%&vV_
zjcwIN4VYqlJlt~S^G#;ibE72>h+52w#q_{iGIW2Wu0$UUrU85lz~SqQuApz<$EfN`
z<nVLS;zPrxX)`MUlk^51GbeG*@JpA8ZT9PZr94yes|)1t4``!Q=vC_0d$#0)$&?}p
zhm%uoK~1NJQ!Q*}%Lg?aBUN|mN4Vto{93G&fxi3mNEKPb;!ZRpwI6`3PUe$I`08j$
zG|l`r=Cm@4vM_)UXW0l$A!%U|X<-Qna#~qf+KHrnNzj;L<@GsE8c2d^;m`>#@9f$J
z7vC&9*L(q>Bi_GH&ynHdpKJa|q+^)40*<J6Uy<?FnRtzuV%<;wqIH8M&q|Mf{0-y2
zQ*7O5@VU1pP_~_ODQ)mLS~xe$B$@MzM(X?mgF$ZU0;9w#O$B_Osf>sB+e%Dnh3D$%
ztB;0;M((b#8Q8NjmN9jfNZ#9AV9jPdm&ZLOevHwP>BSy1Eu#fG%gvu1VN&A9p#$lZ
zhx_Wkv*j)FE@kShwUvvOj?U}zCB*BJ-?x}Zx66yj7FlO{384IR<TapV(gt$^HEyyp
zK9JeA{+l2FJV}zGs9-x3Jp_{pngUxHA2psYi50e_M8%|Y3D?t5=~@^PVvS1FlrI1l
zu3FURWACQUUlJbqvz#F$SyGj?U5Y%3I^al4b0aF!3ppk8;a2N_Bt!4r{ioxD)yTa^
z|DT3;^fWXsLLwr7+!HOMU-9@<3xkO=^GR6(*HB0ZMU}Gyr<+Q2JD|(!VgwFzr%%ic
z%76~PmyX8e;ZHo#Ov=Oziic(`&1vcRcHtyUPROvb&MTOcG7mCjrQNHKTKv9R1{8RX
zPyXTnJ}|(z^+LFnAUIS4NZ@~$mA#BP$mL9sll!yetUM~2m(T5-BWfC>??86sCOc9u
z`9Re+k0Cr(*e*<$0D_Bmt~FqoPmqR;{JZI9qIv7X#PlV&)RnE<ATw^Q*etl=rx-jU
zJQ^x$P$)#1{_MdZ*0l!35G!3qyrg_Kho$4-bX1u2mUYc$rJ8^FMETH!*i11Ly>7Q=
zyXIQ`3W(c>>73~tjyzz7`3kDosx8_rR@d++<dCJvURlJUt5{hoC4L6OQl~m8vLz+-
z!$BjCjG660WwR(7`TELmaWXM8@u}b%%p^HEGph2By#X=MI7#8t_#CD8d7C(j$*yTC
zljCJ(Wm=!^qrk$Cp$8-!j*qGbP=OSrH+8H?mK{2)A5LfHc(MQ&0Xj|qh5UDO10EJu
zS!t<2z5>$-7LJ}bg_h?EPfM&4n|`={3n3Ga?ali;kND(Y^85d9^4tGI{-pnqKM+Xk
zU-Cb80|6EG0<Z$`&Y&U8$immlOo<pBl{ve*m|v&dFjP|RuRw5!{+{uDUA7tqiai)9
z{?~GxM$2;B$l5-dmyX}WU>nN@4I52UHk=irbgINRYZ#R=m4L6WmAA`M%KFBS54)$#
zkH>R6*Qt<|4ZE(56$clwtla#3FftO&0bC$pP|aA{fN&UU!2sh}!ZdP#7qe~pynpct
zIZ0_j^dww&N&Ap)2<v!w6N^gDk$t#Uv#s0N=97C)xt8kBv};cHpYCG|uwvw=eGuBp
zui9KD(E(1lN!%$k<7q4@!uzCxyLf`9+LntAk#R_q@iMQc4JTi{?<4I$$fLrbVxTI@
zs~y{nn*m-UHH4WEx0NHVvx-oeh$;Qg3{r1MGF$>iKgq4anfJ0twJyU=ID9Z24>S;e
zM-9Gb69%*8U>-!qAmmAQHb$5JVSLvqqR=Kw2$)U-^=4O+7jf1Yw3i>gg}YkJzMZNw
zoI4Q;wC9vzH9GK^nLn42vXz5i>q?PhKDpI^PdGh0Q!LxCv9VcM(KMUNf{h3_x;4Gi
z3X#+F#LQx$8lM7eDeXJ9j%+bmVD!mh|DM=x%%1cI=yTyp$woijb`0W}hFz`eDyp%v
zF-v%bK#(<Pdgn^}D;&hQ?||s+nw}YwgA4n=^@v-5tb(Wl=W_1aooJVZB!%SV7z}Cy
z@<gLS#8*hy&N;iphb4!ZSCKnHK#3%hCaJI>aRN_#rWbPe8Rb&bThrYeIcI?0!DF+@
za}{GeVo=!S2+4LN`wUY0J(?esx}*f#<U?b2u|!iqF!l#@3tLoMPBv#nL4zhp1ce$k
z{3XLmF;SGE49fx8Y-3Di_Nt8UE<#>T_T~zj?ki+wZw7352ZUK4mg#fgUK>ku?vIs3
zJP-<+x^S-k<#Cf{jp_tn#MS1|c;L)Xv)u_k5=5C{J$3g+IKW=mWHVRQ7*fJS5`y^o
zT=_j{$NCF0;eb;e(avcVLM`;`l=uqYTc!<Nt?Vh&1~B<(uN3%KgmtIWeFtICkJ<Qu
z>`ND>I-83s_`vZiKHV_-Z;OXe=PccE0k-rLg_Zt%wWN0o0mSrHlyw7Vmf32L$4LN-
ztS~sw6x6E4XzIm^V0n`MN}#WHvq(6>UCNwVQpF7#qg!}xUQR<puf@}Vm%SB-ot1qv
z!nFI}sfjSMs~a1D;8ROOBQ+__!qoN>1KDQp(9CJGv9L6^xVX5n(aGGLl8h`^Unw(s
z_4IZkgI!Sxxt>|6f<_u(Ai^kwin?D;BTfH9OV`DvvZ4yp_@0e@F&Xv90BWbPiEYWi
z&RfUC+XlRlM!8nXfGI&NO8n*F+2EDJEA87PJmNtRIiEC~Da0^uIA{WXn-^3e`c#<w
zTk;iIkEW)4z43#w{3Z|9CWcSJE5tGFfv6M@w{EWl@IW{-5ppo$0If(7BRCf-kK6sJ
z;zUHcBZMP+g&jG-Srv<t(}Nm2ZLV7`g`4gvwEGJ<V2QQQDQASQwuE;OU%X7KoWPzZ
zSHINnFfVf+qYOEebo1?+Hy}dvQb;mZLMvM`OtZ4O`gTSfhs|ac%Ip26d$7qyR?5pS
zO!A9}+{UV`ri{9(ioU<&@$L==2AZ~pvboEAMnNx_Q&(MiQ$vpo)x>_DPS!ccb~7>Y
zTSj*B`sVEP;;aDW+~VPDb@X9+d3|{}a)8y3bjvy&b!Gno>d^=V@PuCV(LZV$u~DFL
z(cR!Ln)+tO0;K#r0|GjO!L4{Uvde253qOXxbX|~sH#l=TH*t{{)oBC<Q*k1$M^z}x
zzLm4CHEh+$C}SO0<xOeP!~RT4LBn6JIdEJ#nY4NObN$W9_)7OAx=9QZOHIfXsuK}7
zJ|_dZ=GST+yl_$q`fTY1E}Ick0>Uh0=|<FVx)(33zTCacMkf`n63b#nZITx8crn^)
z40DQP4~JA4gP69z<Ofs<1D%2c{d4_aJ;49f2K=oG0AB}n_=o(7|0O>J;=km_g$4rR
z){26YzgqpxLJ<*AZtzoOLqR=Q$GcOf6yfmH+RlgLyQPhZfti)8wocHXz$+uU*)QYS
zB@-p=C<yY2kr9A?%+t*y8*7t_%0js3H!W3FRW&sT@&kL0va&KEa+}hM^(LFKPN1zn
zzhZ-0Qc;FuqNCsdUkwb20PIZPaM-+lr9zs?>glPgimt4kJ<fy4>&U7C3_ix@_L7IA
zD&b&!>$aZK8a=9C<?gcNP58mt1(UH~aBNl^ET+PEr}LDC3k3{bwhnV{IUZ&vV_Yn*
z9LMcN@F^9(<i5IXpU*<@aGI#?R2vjP*Roq(#ddQC`1!sdZx!&BY4hoVt}h<JMOR5z
zpp>iCwZ%DiS9j|Wjbe1TUFeT9@dhV3mtHJKR1*VlZ4zvL(_7kXG^4#&IH`?vF5*#5
zcPH9WakIMkrJFdL5Q&Z*jVh)W|1M5V$1IbS?BLdjmW2L}?KbtK-u-&Op!*>sJBi|O
z1tSAPAbnw7SNGeo^K{o`FMaKyg1$N>JRBAW`%FhW>jKXjFY7!j6K^stGg$4wAr&kk
z;H@db=I-tR2EGf@5$uGNjHl(umz|jQcy(b+tJy2BuyosX$<r{hpp=k;q+xjY4S|eI
zQCfP>uSv~C4cl^QcD|=Npo12bjDew|xDAmM9|_&s(96~_^UQ0+XKj(;{y~ljqOD&D
zwAuPaNLCemL-Vrhf;u%(j6k2!gM~&34g_zi{dA2x$3C*lRw1dQpyCoH&{y!G-Edf(
z6QHy6tuVo;|67R@qq{guD(ZfAc5-1sgPyYRh2Z%|Se-!-0l>+G$LSgflb@X0@a`~*
zLLL{iH_Cox%S`F?Tj0#1rZexyaj*z<w{?V^<p)&6S&q?#a#70n6VyIH;BDZ*a)Fvo
zhg$gUknvfEU}`tN<IGll+wuFn>eFRh2qZlXl>l9i?_*kc_$^ld9Lc&MBsb1a79*Cq
zyQqf+&`zCD#8bbY;_lY*l6nb}o}Qin4Z4Vkh_lnvzJB2;&1K3m3o|pbg{7q>D4&9Y
z0)R@`RAHwVxs7e5Aefc?4-BL4to!&OFd+#5W1*;3z*IQd@$t63Tw80lwOzl5hTwrh
zRgBHd9PjjN=h*1C=0b|5*Pl&q#eU*?x;R~%+T_l7W5(!k*&mHtgKy?nf9A2}K{$b)
zLXK|7Tk0%=O$YV$U+vK}`Dp@~g%I%hZtmkLe<`{vSCu6=PB>jBTQA$^1o8+2JOe}L
zzIzC55boUZeV>$r>BfTCk`<nP!Y2-XfvSWdg(Jx==cnFF2lKMpYbq;PWrzR!Me*9B
z#p5c%YN8$G+CozSS0mWOC%qXNKZQe``aXRkSXd)k&1Hb$wu<+a$LH%(H$+r66LZgi
z@swx02`725HJAlLJ*20H1#c&>_lNfetEH@svyrl}x3G?mw~nWHdrXb1e(u#VV}$<f
z<YO^lZ31Xa=Wtui&uXtNE5O&-n&<NKaT!}#*%&&~lX2qPf*F&Nks+aBJ?_uU`_RF2
zMA>LH3-I<HnOl_SFmb{EhNYyT(ynE_I<XbsdvKDk$Mp7mlq!&M{+={`j~WCCiEv(1
zO$(lt*L{pc)b$I>fBP4Kp%P!zqw`?h>UXoyNqH7Ib__}g9W{Qssxy~G=h%hsUr2Jb
z-J$I`1B4y8Uf5vFToL7pS1T+K$jI%aE?2X>&LEyBD2BayU$5JNnU#&#wS?f{oV!xb
z0Tu0p;-xb<C*u8U<CdoVAgAy;N>8E2dTp6`Y8);Uehmz1Mn{=>KUQP8#*HWVlhkWC
zq@|_%2mzx|8v(Qzx@F-sU~qvZB~ONo%%%Sp=GO6gQx3t!uRBLx-_OpkrnxDZd^rb@
z*vouk#dKof&1fMl4V#KO@6OLGB&cIHmz=e-vJw>)^*dl|d0E55gX>S6z7iNChshjD
z$C13*U-D=EZ}L0-L;i&Sk{`DJU-HMa0s+k_p&T3-BRNP)oeNb4ql8i-MV=g;eGFpc
ztgWrA$3THkjgFr8J_~wyT9Fh3IgIJ^B?!rp`zD>Moi@2&9csxoN4MZJA$&(L2>x}2
z0jc9d^d<Vf=SEttRjwtXdCsy4i5?hBn@zLWl52ovb+T|u<}OliUM+E3OIqp@dKeuM
zhOtM!D-a>ng5G92VPc^>k6N6G$QR?NK+d5us51Eb&v!>gWNM8GZMsB!kAl-7PlB#y
zS(CMzudSMi{)s8DOwI$J)7U#ARya}wLs7K)*ZQ6Q9rf^<_lqsxwfv3)U!Ny_aszTo
z<^LP*s+Al8N1;MN9H&<&1M{D~Z-qhRzkfHlbQs%N`OZvk4xQ#71h%BEwx!dk>s&L;
zGU&Llvhk**VvcziNoHVMx`bVwUs{qi+FMHXg`tS|Zb&#dHU{PfY6t6PU>*=&(=*Uz
zrs4BCyi;NV)5hkcfa@tLWtLPITiSZym$NXiqkImm&GiqzJ&vFZ*I{t(5r~wPQljmf
zZ9Q~>Mw>Eu47gs1H1t{l_NO;=Y?cYDDZUsJ5E$RulmrU&WH-E++%H!Clu-yXqktk0
zhFOmIhtTr*euy9C$6%dM5#9u~m|F{26>vG+;FazM6k)Z2-kF*f=I<%RBP&dNJ^5ah
z07R%jKBjwDLf^TQ0D~={v7Ty<*j=1xs^UG&Y^Bmns3uT48M|nT&Sl@}{FlF8m4QO^
z#WW3e5v(mP`*)QbUZdmP^Zf&NX}u?7OUFJRI$67#wO_j1&3U}87s!CRcY!6>rtdn9
zO-@d=!R>r*3R<Q$PWG|<JS^@x_YY}}-QC?)RaK3RsD;o}mZr7_=H@}ZIM~>y;N4+i
zVUdxM+|9PgO!&mOyqyV7pH(hmHqNbqopi+X144j^98;Q^*)y7edv<g2cw4_BFYo{H
z^_Ed_Y+bY{2~LpU?(XjH?(XjH5Zv9JKyV1|1cJL0Jh;2N%PY>k-+SYXH^%8dE!AD!
z)wOHxwdPuTPBUYlPco63$|~v1tlh0UCOH{DqCwI1SKH?tq_^UO0~0<|OtbW$9MRiw
zocQ+!ytH^vl9~`>DC=nJsL9{CZJ(aBoD`_XDd{QY8tTI6e17^2ug?cd)+qlgZ7L;z
z$(7oD^o45X*Rp!}!LY?o(RV#RLn#V!7IV76@^NVy)suxeV`zOc4RS5W8%Tl8%;4`l
z>7HK)V1nSmb;Y7ZL}EqGcx%y@n9Zml#C7SKUouY2H^!swnG<tJ!<dBa)z-n<iO6fU
z0O!&KV^cCz2bgy{k}Ur3jTbSz)a&FxbX#6tX<=;(1#{DWysxaTZ*6W5L}t(gxUsq(
zIVg6R-OO9I8SP&F6*5w@uMD#qI_cjtaS+04Y>(%IxR#(D887xBp1wiNdiIX>1ln+5
zN=*G6Qb-1kfZ;{OM~}HuRlO@MJENu=ij9bMsQHzFv;Xw`4Tu6~Chmv=1BNa(Mkitq
zN~_MGA21nQMKujyf-L@UpIIb^v_LyLJ7|*O8r-_?*Df`5;M9Au8Qmv4yQCIziLJ6t
z)klb@SdXY1PiEYlcR~m7F5qK%%L672!n!eunc*nm3bU%px)5%{=-zGT(GHr$WczS(
z$Cg%Q=%^pAc%IGrevdD;29}du-ejn4W&vp0POnPEL?OOK9(!hc4Z>#&jeUsqUcFY5
zE|B{um2y^~)*Jl$U)seoHU<sZUZ;8;q1HhB@Nu(WYdG^!zz`G;zO&nM<+kI`hqg>E
z9XuOO3R*BUP))%5c_IxLR`(YA%+5fR9J+i{R#vvNvlA2)R8&;dw6p|FWi>T5TQ<Vr
zER-Z>mp_xCPQV-Wo@SO;#;8g;y-?UIq))uV#uymlT_G2!q~j|mrl&-y<0y6%75ZjN
zt(c>%*^+2PJVc2QWj~}{!G$o16DoxZ@9mQy33>`arES9~hYy;BAJ<-6lQ_X3h_e+!
zVY77-ZPs2pN3Qq*wzC_M8Od}C#nRs<QvRORfm^#Hl8}?~HKTtZf75>>zw<xHpZIU&
zM|A%m@;}7@o{p2#OD9|3B8W9;o>q}w&)0KF+CF6oh-(+LuZnVOTWez<$8UfD+?F+U
zRG2bx&v8|ctJFdlp~##Ar9y!SUN;*YqkqkAUzzTfh7tPfT*%6s-jVk&Vi$2~=EJTo
z5Zau%D&FzwY@A6SiS_qnFNX$e$X~9#3fKCJvdhOztZ2-Xg5x5zU#bYV_4B`o;Mw@!
z5*!giZ?f6a>G?kiywn)<BNlX;hj)*a$GFK&!P>FWd3unCm-~iXN-m|J#=Hn0qIOSK
zO8*e=aar(ZPfbmfC?Sb)fK>DaLS78yD@;NuAniR0c^w~@3Gb&J5+=_H^wcFg<pZR=
zL9!V+I2INcC5x0=TU&vM@ENQ#;FALl1p4c661k+LB)fex^!k`Uw1!Rdx=Zg*i2@Qt
zb*F=BJSE~QDEX?3j!p;T;eAQyC+!->_i6^8?yB9Z3ZyS(-#cpw90i{OBZs&PN!BPU
zLM79Bt$vXASHyXJMa4l9IX(M*0yO*2q-xViH-lf;sEgNMlR{cZcK!LwO-~N`8E(rl
zz)xdCAXv{dAPn($+GCYj#~)25M@usBm^&1BmXi&o-3;030+kT@FobI^H>R?8#+55}
zwbSzhR_x<C1bQ<iL(pK_tn;%ycG$a5If0USnVW2RY0KK!=**P-&iuCN!&ZkCF7h+&
znobN!?xgnfqz!WqZlRxaFZ{=hzWk|99zXK>>fG7b5?kGY*&bi?kmf;G+|h)j%Dn)}
zRyqtV1hi=V{_Gnr`G}a@o*h$CVh+gWG&5;lNTa?`ph*4RNJ~gah>y3hH+SbJa_O#L
zcIlpOEQO}CxE$oe=gpD41(io1LoFOD0&J6w;1XEUlHXLZx(kVU;FG3C-&yvLy0&Y3
zg}wdaC6TuZs@EMxCx)F|>a<Vr(fk!`leTp@;0%%n@$mBB(bu+FYop0daSyD|todZi
zAE<u`A4*qk8bo<G51gmZ`JGh1z*X+t^X_6>Iggj>&i*)y{cFh}!@|iIebx&fRed(`
zXSjIA%Q8E!Wn$vc>J#lZxzZ8QxnUQq_kc`2tuTcedP{Q(StDEW_tl|jy%*{gvS@^_
z^mBv)OouQU<G&0tv8;IPTfLg~JAID#oSHpfwNy+r<lUb$JG*_;n$rUtlHXWg2h3eV
z>OBGb7Y$*Qu|2f7{p)6%4l>+)_l7xlceYBT*LGY*#7|Cjb<EUl?rC%S%BtVC2UOMn
zN^c_azuuq0-zc|YVM|T8q)69d^?$G9JD__ZuRhhM)jU^>;<o{mn92xpi&{zxDqGUt
zyXPA%#}e(${JRywXRY1MwbiY)r3Axmlch}NV^W_&Lw`$goHnIC0g?Jy)qDr*(+2Kv
zA+-VPIyq{Gu?gi(XAekix;Nai7{lS7EIt6km6a8~k2j0krC}cjpgabMDDl5uNq+kl
zT9^1@cWJAH#H|KxDS3&z{L2O%+3RX&3T8?CA{8~D^+D77OL28cYh`17G0$(R!Jka3
zWsI-Ad(rpO`EP2t?_tvmF>sCjr<Jm^6Rg|xPggRLYJzQ(KPz*as+#7jQtz6I2lfUs
zQ}=!YTuD4lvZekX>(cFW)*zGV-C8U%RMhbEB;U)&5)SKn<|N{kJVm@P!1T*HI>At;
zD(mD1gg>Xt%lH1Xw|ZO`$a>q#33;6P-#=*`n1P)>?LMokpxKqAm5q#WyLqyx-2z_1
zQugxZe)O)k)uPpV?X7(wi=PDNuC4WjU4?;j?J=0a!ZfSzz3;Xa>F8%q4tRa9ea*!j
z6btpG5o->rM<B-==hNYrkrJp8Dh(6FH<;9f9moZ-fe50M(BB@Yc!IlQAzTZVl_1mo
zG|G5bAdWC77WSBCyXc~5=$(v=i`eWOhM`-7A-~f^1i1Qq_BZnAJu#Qhsmbsmx<R#u
zUt@^k7U8cba6J8o?dkY$<ahZ8`4j$){OHvGLw@E45Rl~+cKYxVO7x(5DEoXyW8$op
zF%yQvA*eVH;XnxnwvjxN{&<<+B&jCTiy4Q2dwEaWSmDESsU&0m=N<<6xbo%xrp*et
zt4`sm53_N1n0Wr}f|Y=`AHfR_h)<EMkffY!<jj)Nx`%a9)Qtt4jC4Z5F_Q8zU*K*&
zCAqmYC?|@}N5e|J@U8=*OmCX*>a80yJo)&(=kOfD(PtCIk1||rBmMf{qf)tl*{?R;
zGS^n-M8Piet#_P$F(n0;FlI~gs|^88_c@A3?^xMYe*1Lda+5cel>Q||jq!8pA2xdt
z68aXe{U%zX+hB|6g;ZH={xxD+N;0LKXtP|n7x~EgClS88HA>jp=V!}GuR^!}K~ZFx
zCE3&Flas=Hn)1@(!lJ4QN+k=+6YjzS$D50{g0K&VtBK78!&6~MmRVI)ku&Nwu!csJ
zMwVn&6;#nRZkCNMU)BZ9o$;>2J#Ld}a{8{#*Qb)$m)$>pGBV+$=?zuIJ+nJ)bKqaB
zsYl&ESww`il!kzRj3wUm?^;^v5i8R19@ZP&Cf%OsuM1w%48rE)W6{9e#W1TL3IrU=
z!mQneGF-M+fzKXhS-{bMT#|p%_c|@CFE(d~X2Ie{4Qn)ggh&0^$Fh7l_=ZlN&yMWW
zM|J-kr<$2hU}k?qu4&@2w{*LML+$W2ursnSHYK_;3rAB!+XqQt7jEccU|?tb#_gJc
zX*`<|*)|H;j-ehb>9V-HHrd)%?bcv^{Z1(8uAH<zt%M9@jcC2+XQwZ1C#4YyfT_H|
zJ)bBhCZ?t`g%<NQYiLVLdU|?cVIgJbO(UH*ub{N`dl<g2g^>|VQe+!re$Uw|(sEy)
z%>1PW6Z@}+oh13>l>7FC#otg%knr9Y-JSD~KZ$Gk49pBIAJ@Fjbz9wT`_<(!K^sP{
zdVrRVG<yB9F&X|$9}fID{Ba)No5{6_fvKs>#kBhB^kgb}VoWTg;L|kvAC-h1uX}*U
zt^AD~Zd{!F2Kw7vnzi;DSNC7~oN=FPB8INPg#`?=m!rpTEZcx3)9vkON%4UB%PXis
zF#53*jUfh)CreRYm6EP5ak_&1x{mIP;{9n<O}v+w`9#ICqPWqk!P#=PX0%?!>Xxw0
zK++(y!E{+<etuwEMwl{-74{_)GFm~{`-E8c{tL#d?lWtOu5LAt4->J8lISDv-_<Ia
zX!zS(mny<^7cGQF*Xo<9@bKq2GcqsB(|>*^undEsVDP4`BQJ0BFZ~Y~y-La_wRTg3
z1Na-apA@I<+q*G&%QNkGgGgjf*2Z&pwmG}|=rYkx-z;(MtLWZ-8sF(K@E4Sq+&i_$
zav>c<295DaDcu0zet+xs$9Nj>8a?FeK5h$zc;;ThilArmz89mxjp>*9c0JHIe7VW$
z`vt7Ny0b)BPmPL*=<4z$*+O6RVFp}o<!kwS;G^cJB);Qk&-NnQl&`P`Wuav~xboHJ
z`V((ItF7K_y3B6f8|EX<7huS;arQg%&SRnZv!VYQTH8_?Oygs?zMR{1)Vj|n5L}`$
zut@xol7BdviIHZsgtSjrRZ}7$Cr8HFk@wEBGbO`4I40`=mG*9kz5P~wqMaxiVLysw
zFzppiKboWgKx*m6al5y1RT#P_?O<V_z>{JQsZqTe_s&}5C1;Lg3AuQ9edpf!97%Kw
zPErp+lx&R1)$I=w-)W!>1)0Hn+lb2TX7k<;=vzMXzwi;#g|hQBGbL>~KrH~JAP%}M
zW%p`ib2>AnZrhcutGb@Dk;KIOwmY@AwA&%hW~NkQrG?6--)+ql=;lY}^pL5>(@#qy
zTRkfSPe-J@ZC`6p<9gqN8R08Rsk8;h4bguF_ZH7UTIk}AQ@pQY<_M9|Qc&RR)-tAi
zCBMI<_n}{QTw`#)H4c*8-)CW%4B`c6X^)pwRQZVc5B?kZ-Tp!TxPK!*&ien5Kh6^b
zL|eKy5Q~xH{P9^rQc|bg$<rp7)`=Q81^Nb@WIk6OsbaRQ9F@<@>u+}mfWn!*?=?21
zB=lEm_wbI-Npi8y^4UDT2e}gk8IHixB5geO0ddZ+O*6<m9rlk2w%T2Vf$DO%IsEQs
zqp5%RU;cKwz@GpOl9z4Uj68i9*qB11#yo6CLd@|o4i?IR;$FUYEVWFjCQ2SHt$glx
zl+;wz)L1$E%S$>4&fTp&M!~l=v=1^Q+1z~s(8$I(AgvBc4yh&Np23N@oA7e77X-E<
zYvU=k>5@~3!C$|#*{Z~+1tD&2=R-c)r=N5SWa40xRh0vk)*BQY7-b-@9OuIk&IiJ6
ztVXyy#09XRN`xXpey3O`NJB=jq`8zL`X9VhV}Gt3I%9<l@HL>D^1q0&#`e?_l>V{-
zBTSl~oh?*O<X^hTYs-o*Xos7q&gJg4$lGXde(}v4<+y!p$yf-X%MA)#>=T2)__Qh#
z7cVsQ=W>d0tTnHj?_{Z68)ucAPmCu=G67D!w7fi525{n8BopHV3Q*9FQ#Djd48INX
z*<E%sz#`a#chhgCPF&>OA#rG2@OeNdr&X5eHCpRFCmA{6@_1|n`MnjC<_+{coWT8}
zo=GA`FgiEp=BG#gaU|YoJ6zt1P$K4i{_O{k<H_TUrp&_7g@KGbz|&OGr2z)UXX3$J
z3(EqvM73pgvr8jHBpm)7#rUhw!$5TqiBDEb3#RF)$Q4-1)5tQ{?F{kotf9+LT}dbG
zfaLK9!JMBuDKQHrOnAlqHzzme1_{yBUj7^=G3deKCgC>|kMN=p%))VQ-v|#$GEtLe
z_c)d;Pm2p));XWPGK~B0f9bfnn|`qcx+^7ZkIVc4jN=1&-(U9mv$?I4f22m!Z7%@n
zxw=j^JvVnZ{6-%Tu^MmJ8|DR2h{(z9ZO6Tz8ki>~rJy0>2DI-Mh3uIPY~}?pa6?os
zv!bIworR9C?+u|aSpxNQ4~xl``cPT8Ic|45arZOv(BC?4S9cw7qdM-+qSsH)KRft-
z_&v?w%V%=|0x8RD^ZvB~lx&mo{SLr7aG;L^avN%%)XlTG)sUuJy#|A~uFi{aIn7w<
zq~BtAblCrM`;Ljesv;6L^5fg{yS2SL;-mfgZ%cdg)fJ7=!p@oA2(SonjUSTuMuB6U
zlo7UotWAO>BG825i&8h$zlb=21{NlnSC;RsrGGz}2Rb`}e{Y*jnt{^I)A!N)buFI$
zHX;S{(*>xN0PT!dS9J<~K#jktfkBkbr(Jn47I&>xoQjkZUQ2bS7!5UbwvZzw+`&Q5
z!R>6tEzD;NU!?peMK*`y%?T!`h=|vnMDKP04N!e@Z(;{@3;kMmEY$V1{DooRZtOi*
za$OruO$*PKOI#k}CpLq)2twTVnf8omh6{7~F*A6B%Muq`Aq7LyO2R^amyPg|ibHZk
zu~1S%1I5*aPg$Rxf^+_i$b{?#ip{K518tdZ0@|bV16F3=8X8+B<_ECavc6|mmAES@
zDG?p{VhHgiLu^7Y0kpf0X^xYnquxu<&p5s%e+v;o!B{a{zwd}c-ej_pk?;Hb??740
zz}7V4ZkvY)WJp5(^6qz0X=xS6ClH4>WmzEsKnLyP1`WLMzZ?4heenJU^3SV4Q4|CO
z?0;MTzk5ay2jI!a=l*#Ii0uE}1e8KS-htcyeft02IUBsY{-TB=oK)#U?H6r9Ln|JP
z!|k?^439drvY(z+=#B0L6KB~y-!CYx3WSDd3!YLlQ@Z(G+kw?UP1i9qbkL9&pyz0K
zHV~8ZuzD+mlV4oy^iUIf3m)~0enB$c1DD2Z8i;MKrt{JN<n%CJb+U6I=)ecDi}1UN
zd?5ene<Q#9Kgb{ZZ{#OR`XBPwRsu2qoT(-muiK4-LoR<7^VV2Ryug?&2Qm%?WlL*S
zv5|Lj5M|SdG`lp@;ln|E+`Vl8S+*d{7j?D~<MUPO7$(3z`uxemthngF;#}OA@9|+B
z1_r2T)Fmf_1xhABW(S&s&i_Fz1V(U#Yz%8Q?)b$iurQ&lj3V@ig_RRhEIu`{&vL1x
z0*n-#EaXp^5%^TsM0iMFlkMq|MaJ{p<4Lb0zy3L(Yy0Qo_h2l}XX2Ngbd*e#Sf6i!
z>Y8d`?{Ntc1co!kF}cv>;$9epL_9k~3Br2rJXqLesHi*p9iFlIg+-)!i;NT95r~`J
zP`Km+q4XM=xRYxLt6Dng$Y@w#(neN&Vxl;+Qv(Z0@hdUip;>u^0h8|Gyzx+(cGjin
zs7YetqCZQ^W>wPeU49uaovl|#EON2mZ|w{lzjdrxkPw9&4kM1y#BZm?l}u{EV)XsA
z`>TVfMUW-Xd^<i`!aQRfp27H9Uq79DJSfJ&KU4_ksu~O56o2i?x*G}O6lYHU)%a$b
zE6<Zq<;!)w;gRB6?$97CG*bDX5m{w5ZCq4LPx7x8gDnepL%ysNdL7qV^!3`^Y0~{i
zd$V*uS9HbQ*YNnK-y{03S83tQK)^OPr{dz$K!}jxf|Vt&CpSQ4Urt*hY45268PG9Z
z7->u_y!`9B^UP=KfpNW6Pazj@X`e~rkuW|`7WeuNG(Y5vp)5@6gkdc2)+G_t>hIk7
zebKl&qRXPvKzduBUIDABF3rP246m!pPfdjoq0lMM>;A}IPZtQyoG*o(jZe>XTQ^<=
z1wu=1V{zsK$WLsnsfI>-4%wJ_&pijXY4v};)M_M3YG+#UKkW0L+Eg|+%<9tXV{O+W
zVhiZyjXKue3#Rd{xeKrxME+ia0mA@{iIZnVpd(f%3n$Ak#su$Q;PJT_dQ4AOT6%%G
zu9JVsA9gsxaf{nspozF@MnSz-0Zh=iPv~AX89gXlP-#+Uxycq0HEDis4jdc;htvCF
zF)7RfMDAB&zBe!-B#A2@FfBo!Ld$Y7jeWip<OIw$7nk+=78I0}BqU?c&#Xjiz8%d%
ztEWk)i{ugB10jhKi9e1ZOf;s^0Iiu)y31d>%il{<@nl9RM<YrasJ_N&%^tS0o-!&N
zBZ}(kK)W6xD`i9u8XB{uxmQ8RAt#Wo21h}`cOr0#ih7<%$;$r7z|$WqOy_e%$Oo3&
zF_@o=2cx0y3B?o_lNey70^ao#(ZBIild?NT=ES9$D2vS{9rcX7VTE>q6=#r)2|uZc
zXfPQ4q?C9}P>9wbYwtIKwJKKCx~>806*TlnOqTSOxJM5&<KMNkkJevZnXCgzSt(!0
zgF#P>y{4$RlX}#XL0Kqh%+19Q=rxMlDu!MMSn2<0hkIMhHVuV;MQev#>}tt1DF1>M
zxNH8BWNmE>&ikBXti*!hH|2Cukdxz%AM<YG>Zh*`lynAUZeAUleQsvE*C3Fh$4`Vk
zBC=}cg3_NUXbI_lR~6^iwQ*1qqH!{wAa1Mz<*jD{Jx{OIreCe$5}=@{!idFgE;YS1
zJFxKnrVcbxPzYZF@lb|+0ELF>)MBoNnDhva)mp}cKBl}MXYed|W_fN+`F}Ajhik-~
zlyDjg`ui85oxT%l*lGha85EdLq2jXQXQHnR_U2y56_JWSUw$+^onC8{2rNl5?5FQ(
z-xn9xV8i^S62jxZGfw*ad8ZpN@v`o1_4Ww@i|E%FD|BTwb!6Ox;*JOri<(+eVP>4z
zhDV^g<)K7%q#>h`!oxO1Mt9njEC#c7-)!~>bd9cdc10h|2NS|41bs->u!z)s0X$p#
zi=d(-+LMgEGici4sWqHA1Wv7h^jUcC*4s5rW0{Ar1|c7p2wMnu2-)bA&QEa{!yLd~
zWbukqlChBXzJ5p}S890&rv%xZRh<vyzx;3H_xK0-WB!f&6ypCwelI}l8B>}MJjfT(
z2NN4J@R*G5E$$MX;W{_sf}VyzCqt$}DU>ywFbpx=5!~7!i2tO82ICXKnqiMV2+zcB
z8`jT_WPrTA`U*h;PdMM*AxjLE!9q{}J~bBX00XteFOlU==68Gbm5WZNJz9@gg`n^_
zu(4Hw@QkU~AGsQh2f4f>&HIPSf;CDwQoQZW+zTnZAZL30@&3e@h#a`ow%^#Oh+zGS
zx|($)BhuGloIyNv&m|AB#C$;v&uV}6_(9{(Ir5XvIgmC^+qT2I;=T<cLL>3JR-h*R
zUUxy}(`i!MfE;em220}eWRX2Dsj_`M274J4f`o)3d)?c0jt?LDesf3Y5hcgoUHB)5
z?{h?Wo1{HH6an}05j0sye&LsgGdRHuhAWWnLjCH$ANjn0ubGJ{Ne5rj+Ew$Vg&FLU
zIb8QP!{Qj8X@9$;<0X9#Kc>lD#mD#LPASrT;fr}dgH4h{_DoviYZi_+bn9%|<Kut#
zZ?XSTk8$isa~Z1HzDkSK+N7?c!uKO%LqE&Y*!5BzH*VL&uY2-f>^H6}$vlEs%SjK<
z2zrjaFC5van!0LYQi4lEeei{*FtEnSxuJ34qS_DRd%DL;n~|MSbJK1${(>$`(rT+$
zb+nCzga09?Pr@&86pnoh^V-8CxDprFcHY(TXgHBoJVX%Wk+p#nzxTJbBIz`pY+Ks#
z=rs#h3|AN@C8cSv9-*_!kHc>78rf>Q)NJqUxZi){Tk;z(%q){iOjLTZ-*I08B-pyT
zHpWppVtqqHLu(3uY7=hZ(|~Zl_}!iHd@C<|!uNQ+tbDVa)3O|;DVRo)6;(zwQ9uEk
zlA%=@LrlSO7-3*-6qHTMVkluznWir!ixi^BFpC7u-NcE{1f@zuE;8zUZ3kr1C%9Jk
zJ<s+xlZ<YC?(lP5bDlZfbA0YD)}FJx&RfnKQO-$Yuvo1CD_LsVTrR!8dGFjTR`0KI
zJXhiSKRl0a|LUEs9i6dh-?ly-Sx3UV{uIVNQV4rPn30ak@!Q=^`<*5UiEzYk*kgKL
z`tY%dYc>zQJ*~lJQ9DXs=cdYR`a@VhP1kL4XE;g!+hLK*RX@7E%U&dPmB&^D`PP{8
zA6|CL>B1a9JgVOOkKM?A4Ex%o9`@hjB;{h6ma7qJzxU^Lcg|@*W#c;2x=ORgK=7pv
z=y0QNznLyoE<viEBaK3*e|!An=li&uMz7P%Fv0VBGXv(Z8I8%j=KFkFtlkdnWu{nm
zW)Hpd0UZ9Z^Q`T9;=6qZ=j+R<y&tz>513N>Mb8&szUwjOh?X2cf#RxY)N-pYf&?0z
zPP1<3_i>f;RV+}XB^BmHMCc8}`$m!7orK|$2z=A?N&OB2YWv&MvFzi^Enx7yp2#xs
zXB{{wLr1pTnFFY}IpBDP!eupI0U6zCfqKCI+cty*u-o*y6-7OTYnOAX8cK8Uy6A@7
zhV7gVm47<|`r4k?-`6^J9sn)$nGp6B2T(r;v$vN={^!L%SuLkc%UY8C<3iGY0Hv^$
zrnAlIyaxrBI3xBfC2+s$j(_h~>2Psf)p};s`jEEW;=CV;Zj=;R@bOPj_wgVO!ozPG
zhugcysVW;`T{**IH9w!Ves4nDD|OH9-dq>_w5B>jityBn|K{*|`&Zv}PIbk95CV!p
zCp|I4>ZOEIQH!^jbPGv`>!I`MsN6qX6W?<u;h}nT6I-p`Y<#48T5l9Z?er@`%iWT7
zzqAgxhcf+vd*?ImI|7Cbi7$AXG!b47Ev0KDAu4pvKnF=O$QpswEUv5&!-U_AEIX>{
zN=sY5hQ%<8V;d3^WiaPvFmlI52z@-;1jqs?0?$Qm5Ion_5HVnP=sxuXaGZD!U7rfX
z<M{3tjPKX|-g#C@v;djD2=X5b<?8gtGUS7RR=UYhd_gQ%*$47NJpE@^r{_P&AN_CS
zr+xk(@;{7#fapQEta<MH>=5HWp1F4(KcoS}TfO5d#W<GJ?7aP+@9kmxBll)+@_T#S
z9~PDvb6>V)7vg(5C@|p$?4CPsEA4^n?Z|8WS<e`aY{zjBw*+p_crcb1c!w_P`)Bvp
z=X-sx)5fUjUEhl!d|(U@gkN-S1b)%Tf<U^)f4c~)xz{G0f~LJam;#;tIBpTAP$}FB
z3kc|^VR_%HU3x!HzzZ@aXUuWIFzir89|CGP<~3dzp7UWND4TODocLu|E5<u|YgSqQ
zbhY)Kb3Y5&++b<ZJm*wvo9T}E56{fSE6>fOFe9VDQta6DPg}ToE$hlmkr@ikt$puO
z`}Gd$!T_=1L%-_wJ0hx8BM$pD9`n0JbNo!l&=;ENhJ1_U6_7`eb-u&Gq;!lGNevA~
z7BzU6C6r@4kBtBWRm!d-Qphr|vzC&xgS%t>cP^X{<+!OL2n{J5U^y9Q*_XWat^iQ4
zyOYOxZF@=&zWbIxrwuc59(KQ0-8O@l9A;5P5A$gx9CCZ-)U;*wV+&loOTrN*LB!$U
zx~9bl57od#1u$6+cM9AULfzw>hJ!fBSwP9Y+x<QqCeLZJS!5ayg~uIf?88kf2)naJ
zecUS7f2C?77LWaa4eP{G4Lm;YkDuh&3^~_=)BFH95ga<Tq>IO3v%@1-WNqFZ3jJsr
zp(=+eXA@Q0heA8eqc}-nr*GLox|4+i&IiI!=i0a9T`NT~r6Kl?%NPM#vbW1Pzmu!<
z3TQDaOD?W0N$Lm$+(6CK{vLSl6Nf2LbW~HcWvlW^D*tm>@9^!Ec*!8Jib%%TfJ(uB
z#x#G$2@Ihu&!f_k1Hsbu<Tw>5xoc*sBq=geJI&(hP$PNDVR;3b3@-ne1nx*DxB6kS
z?}a_zQ4=MSJ(ny?UJu0ijfy#lAC-(V703gH6xSe!$>?ZCZ2F&Ax&~iZR*B=Njw=&E
zMlsE^x|xx$X@9LS$?G+U;6V*H;#iz7pfo}_9UroHKE|}64dPJZUK<)Gi+I>u$>>_u
zt5qz-UO2+e2w=kb8_Bg=Oc4zv7HoGOahW2RSoBBE_0ZW$;T5v20fYRw`bf#CNp3Jy
z{?E$=;O`L2Y~S&?S7X@glszlqyBUH$f<A(WWgvx0pYl25fj(!GQ#R^XZnpc{B1x6c
zuxm2lk<lFl`IkW+4D&$)EBBi~Nf}D-2jKdQ(*Ck(J#D(7u~8Or7!nMEn5)>FMLs^S
z8>M^1G$a*h4x2?=n<xT*Nb9&EbtTJI&V|5P3(4%CPGa;05VV*yC9W9_Dl|teM#J{I
zZPO-F%Gw<C^XV`BC(3IoP7)peVNZr=rqZ4jOi#@^e<V7|DnQrVB|xSOn0%fjLApmN
zG%mB!FM5y}%CQg;$sR;C+p~acKb?AN9Cv9}Tl7kVi24zP=nww;!+U}zA*3#4CB^1X
z`5eB1g~%37Y@NsuC=Aot&ev1>BHHWj{F@z=hXte{HnC`ofYT4j#crcWa&+dTuH+Hp
zQjx=O+Xa=7VK?(^*Ho1Cy?DaJ_y|=3ti9lyJ$tJz<~+v`LPIAU1!D$M>R#_8@g&5K
zsfJcSW|~9cx6t%RweM{?2O9mdeW#D9r0ri_cUjg=snJ3n+Hq1!wT4Ld2!WR?YK{V=
z@OK!iS_Mr88L&&4u50GJyBFASgPEJ_%Rzid#F6L-WO83%PA-8vqXp@m-2dTKRYN<n
zTj4sdNnRTJ{wJLg)J{N%D1z8EO;IMDL2ysCEhDK(>uzV-2_`H#h$Gz}yfV7zxP}$m
zQS0IhOBa;$ST^_H;08+P2+4F1%n6%$0vVZ~G2!l_oJ(-i(o~3?*qB=j9)cDf@Weaa
z5?VLbB+4XuxPxXRZD0H`(#o6ZcFUtg+VNx+AKk`#G8Jrp<4j3i5wu9U->SP(a)K6V
zejq>0e<T05e~>@w-^kBg{SWeEfIN@zfq?v2`VJWwHJfPfu%yPPnSc{INj{SVqpkLx
z)0vD^2bd^>%{9OM%vfwGD=rWlb`G@EX~3<Xg!l@LljbmmLDPU3VJsE-J3&wsr`EoC
z6GCCH`S3}DyKh+a;j!z{Z@t53j+_X~pPN|1wUCt7(O%Fh6h0W8M#Erev&iebot=Iw
zwM~Vt%72;luTJl)$)?nKphcJeCm^m#0&_L@pZq~+f|EcBUAB*%fo}Q}Y5I?364~V^
zPOVQi#h^IpDFb6)Bkm*Qy^ThaDc?*L7Je&85}$))aGy1UUZI#O70VkC!A;qgbK}aA
zb}|x!TPdn3*Y==+5h)cx%5>Z{R->ANHv>^l38o<Ncn0&}*T}lhlp_zMRD9kV90rMY
zSyP=v0iyoo#M6l+qnHn60ew<YqftnVk#%Z$EEDn!o5WmH_203k6{XOo!S+^^;z|Q#
zMtD_xTC_9*CS;Xn8;oT8hI^)KYk%q<wyC;@$_!=AO&3XL@7pWNqS7)^eucPleEDIb
zBpGb?h(W$H5SjIOy^pMo9RhZ-=+FzNUHRUSB<b9f1Mc^Bog*%-iZcndf!Y>J-@Nhp
zu<=qzu^>~agi_=&Xs6#Cs`P8fjtm)hgBG;nv^BA%lc*g+#jO1${m8v~YB!8FAEj4f
z4XX2xjh7U4J<Vj%Z3t|eug>_WP|(Cet%9C>JydAIU1{IUR$c$fQcq8YN_@=?RgFEO
zp$OdarTdHe*+gwxIpj=6BE*k)g!CH%Gv&=Bx1#Z!PyINXv{R3ppv!UPulbr0QhYvd
z4-^|HK4}3e>K`C=LePQjW}lh>9f&4|)ajzPC6O|+j={6Uj)3nP!^EGR4<_?YilX;X
z*B>X`QBW`Wv^srXQFLvY><b5EsCHE`5(TZ4C51XQ@&i&GL6>Y8%M{=qQobqClnmkp
z%Fu0i`wG)0EdDB_nS|%u`3f4qEXU=~_S@MP_%U`PI8BA33>`6XCblqW<~#7h1Wg%c
zS%xbTn6-HD?}RcHxRgwf5oaQc-;OK)-mr-)5C7G19tUMke2ZL?IZD)cK1u{@F3Y7b
zk9}iupGEix_96K$0vd1#Nd>?EoU~}BNW#@nR`2^wH!k7E_{b`Km4<amV#t7kYX)-~
zu9D1!&_@ldXk9=QPmvj+m=>u*t192gHN0$Hbz64a^H<QEJIOVh({ekQD_5V8YE*7W
zkh~?L+wv$fRm#geOBx9k;)ospB%D6PaRd5GvvQ8hPet|-(<Y-)wG;Lgn0mAHBV;cm
z9*fl*vdx}gRV2qti32bPBi*i?b^W$sF9nRYojwJR)e1ddPjDl20D}5xS+ZPuKDTqj
z^qELZgTd;XtH~`bw6=Z8glF{Rdo?O&)~pxb5|3wi8YqrqtgGASJ?1im2+WRAs7JO!
zz2LfWuAewUFNW_?lAOXeOSEP&HH-JUK?{zrYEvV3L`%EE&rpkWuJS92z;W+EeHh{?
zMe$oHUanA|=}6IspvM5AmZ<{L`Q!%^uF^8Im{|?2)g=qkM*zn$*qvK-(CkE~Unxtn
zj8OW%^LjNMUFL=1MPlz-rijsj;@VCWVwGBw$s*XGn2NGH?MS2#BW!n+B+)_dtJ{R7
zY(rDKX8uI~Tbn!{0L~O(98#Yk!uvxKNe+HFrIE!`Qc@90H67h_WCOvG5Y|vLA<?dH
z^1DN-Gci7@CYh;GBUc<!CnFlB;1-1A?;ux6)OU)~lr^VeXC)5kUpGk&rQy?-a3p&-
z3&wF%o)6fb8YJ`OhN~s~uZJeMUAI6vSkZ3!At~o&=izdjzU`tXy`LDFNEia$$rKhQ
z(9tXD29NjKPrrjoAh*r|!szRw%1lD(ku5sFs%DL4Q<fbpiYdwJtM)Haq{=o@Tx7DN
z1^~bc4zE0j(1xuOMH(1wml`<Km|0Sf_xwu_bfG_xAM5!){ape-kbjpQK>mOGy95yy
zeE7Re!2Tb97l;4eOVB@iVf+8@h12+BFHJK4XD`FRUjAcMnfE`lP{hAyAx`7}<saM+
zARrmDxqB1Yqn4h!1Y;GN^+N)GBGC-26L+Is$W(A0c+hNSoi7{-?Pc!W8T!=1AJxma
z3P)9lV7w>C1F6t5r*Nt3zx-5*i_kp7<@|zF_4}x7rbIsO3y`_!`3!%Vrg%rR_^a>N
z?lA>28$a(?FdN*E^SrX(6Ov4K#HDW83nL_8vMJB=xp}@&3B268+hPMON#GC9wM<$(
zt$ByZFcKb}0Fnqc0e+~*l0o?^uuS+kWj$FWiz2?_@{_WZrXn<)0ThkW4#+3Pf>3g3
zRc`#+VueDY0A%mke8!Xl8S;!VhJa8>oQZhZe0CyZ#2*tnj{T^Sks2?YM?VWxIBFx2
z%%;2A1pEuZNqJn;_<zSs<2j2-<{YstSrD5q`Hkcgc`B;Whz)|O&JIj4Z_@=GMP01G
zzDp44N==;Ej9BqN_CT30YU*2&(=K8~i+l3d6q2BlS{u;ptx}TDAGcAc|KLQ0C2YCb
zH{nJAujM|Tti&tG3<(Bdp5u(3sD(otvgkGDj9^~v$jen(a~h>}UUbP^_w&1%61NOm
z!wElV#y*o#!Igu@<5~EWQ;2+KMTIy6ww0kgbj32JdsyNKotdiQcv!-TjuTr!i)TKT
zPWa40Ke#&<RX42$(TcNH#sbDc4hB_6I|vHpEgToYnKDpGI>yN#mskNhY%1?;cxo8s
z+nWv6_-Hv^rX_lnKPFfq<GZJD9W0e%o;+-IL+l)a>zd~x|HUY#FOw|sTZwQ#UUnxi
zbsK$x)Faf|wsg3SFiIq`0zDYPq!?egwJ0-cyBYR+EF=j>eP=&MBOVI~`jVF)VYsrm
zxyEE8>pBucNbcH=j0je>S=jcqnJO2hJho-#BpM`&L57t|QIY}_MmTo0tUA9!aym#@
zFdtMH58MV7Tl7&x_I$1VQf9R~%&<2U(W!-O{Z<BMT>~fU3}95K_BkjSr(j+CMO3Af
zeqnQ<7GX6Dx%8NHlgq9%+{{Sok`TCNag9Lp3}m~wR^&^&qok*bXrvxp?f(Kb<WSYJ
zithvq`4R^t)+(QbNKzx8x3hFOMiZAV%9GQA8YDxqHc-<uIgwpmiJjkwx12OKvc77=
zuL8UQ_1H3b8GO-U)LsboJ3>GK(Jl#<q$5em!D#2!DF&0WqL$LO{foDV<l$wI1U}uA
zbcKFG5>~b%DVgnerCns4yfQ%yb~|liTuWo5C6z0WelZ&Ef;ETYJu|xys>CpmNIjXI
z*o#jqDtYP7<okz&d)%iIRVXF|9@q%2M4R~D1TrIukZH+<`6h7D;N=be%GKBTI$Q)L
z9U@7i**4}&LyE40Gdew7j_48CB#Rq~D};Jb1#oXpQrpCCr%4aIKrVch7J-6sNg;;>
z%>%>UB{%HI94<xd&g|X?Z$b>6AfnlvR3Q!ui-MIqJz!o%!C<Ekk<t6Zea$lzR8%)y
z6{OW$*AUMhSwcIXc=gtwL`c|uGmFzXgH$ajkIti83Q1BPVWfUVU<0%(okpVK9dO|T
zjnz7=1g@+esEJKb4N*zYr^AwZl;GqFWm+uvy392tz|fd7BdfMYKN$h5ABMJi=y-u3
zMDT_}rkUup`)7Lp*EtqQ>ZIL~-;vQd^Mv3_;`~oj-}JXIPAtftYvX)q*1m05O&Cn@
z>O{TUy~~)eO-ZEu0G)!AfQziOehR#X-V6fCbre+?bV->IRa?XT3D!^PtG;w(_Yd3n
zItYlumSwsJZB=HSwPU>HNJupT$)bD)Q&IN7kvFLh>G-Rc5_yu_KinmtN?Yl9a;;CU
ze8Ps$`*fZQaJXzfBo(Ob0H1YPam6j<yg#venPd6>dVhYmeZc9;Wckn6H0HCfc@!-F
z3gx~z7pr)j<xk>t;^xk9k<6A^%KJaW=wzqRzn)MNCedj(*?i1G<NuBPKK~$p_`i{#
zAN_yGkDd+!GGCzyP+Wd*@Yy*4Q96-x{_W**@VsUJN2dGqI>7F=o_8#VJO+6JEEx#j
z>4~^4%=<<VLUC#o8trc&u)+U!ke6Bd`oVj;pXp>5mjuEYPGoV?+5ASZO}tJJ$D0bZ
zxr|>17$!)p=K4Yp5r@s55O+Fq^SwVg`pMk4AJ>lis;m0a(@EoBJz{@03^LB;gti|#
zKyq@w=cV6A7Pe3<JC;hPE9GlWQ8}lL`a#@6%k+#iUHiRk<Hw}s8+|VZ{z780%Zpxw
zUx^t;!p67MmNALSSdb33-1>|^(_Vmt*EMk`!jF4QTk<S%Qm+kucuw+6hRKeYR<BJX
zNF3j%VW3Wy)LupUdtXdUTG(LFBy8G`)mwV<h)QmyUAvZi67Rs?HqYyx{nqwf18O3x
zw!`@&pXtuG+v-wx$VUjZbG#|Nx5e1I2!uj|9d%Bs0X=h0e*(B4es7*`E@Q|XiRFou
zEy#^5tB9oP(qG>IU&V7Udi-80BmDQs0VNACPCFMZUNH-YJP&H|@8mx`h}s1Q!dxLI
zg|2d&qojP%nGRq)UBPs#Qo+BVVT2$)V!lF*IeFnWKGBF$=W7tL`ixucwt?3J{BL#r
z1lQxW)*z0v41kl@_lAGC&)aMPlB+KqvGPITxdR|(0i+xV6%`!Bb=S$^^SL^u*O~%o
zbpES^xGdkNL(#{om7#<WGV~r`N<3d4E@jU-MnBimuLJb&x2{i+4l1A#?&|kIGzNIG
z#&Kd*C$hQ-PIxHp0_5K=c@QMR{1hH(|Aa0OpUI1-HhiS=z)S&f+6eV{ZVQH3-lx|3
zGpn-ft9@{>Tt^h`*2Uf6=sF;N7`4*Ft%XVQe4ZO!0f+5om^%Pt{RU8>rdgVianN%M
z+*}h`o_iUx`g15c={C)qp_X5w^1Vp|UI1oO{e;Q(p*Dm-EqZiBRuRR{`eN~qZ_^cO
z#J6F5uanxT0&(N2>IIx;*<hRGtfs+e%-)q7{N=9C<p8^WtjlDdtiuetPZ)i?r2n#o
zK1qzXai4UW*+Hk9EdORa2V5DM*_fF}ZTYEg;ULWB6Fe7Ppu$5Q+^#_W^fC55Hr26h
z8xpQL?vMY*sm%63hd8hw{c_O41L_;)*d5z;=LA#9cAc+odRXVwm+hF$W-Kt29p7#a
z5Cz2{hGtHA%a_U7r0m-pB`-|_fJBFMi`0SJ_E{l$`D?b%-J&+I<vmtM?gJ`n5wO|D
z7|Sn%%d38mU@q2B@Go?`$to*Vr4rb|e!RoDxsRIYeGi)gyj!g6dleFQj0PApbUnbg
z-kz`X-^DYIJ^+py*={lEES5+P26gc~P`-iT_%9offsDD;<K)S~5G9pAL!b|im~$SZ
zb1v85V9%F-(T8EOTA{31ufvVqLiM6m2)B*2no--jx}Pl6T0%bOQdhSzwWDDbB9#vp
z3bN=gcH_D1=Ri}8u;_Y%MtPldzP}+UpCF-~kD{9*PR!Td2CRLOUMl<s)I%~ue(SiN
zwd~8KGXz+R5-9}X`rJ&#JofvQ$Yp0v9A8${PZ;&7;eSEC!jY6DqwM3>5q->kxY+E?
z&f@d==0e^$H3pOv<YQtI-Gip*fo|O^;;d-dPEOiWN&-&9p^Eq!MZI<vi<M?aXgaWt
z!lbp9SXxz1TY~Ra3W^DAm=+{Y=T4B%I!@r^3(;TMs1f5VM`PV6(sT;H)c#boZ`nm7
z9Kg2&XhpV+{ls2KPv%5$T&2=0%2NqR^2g`xn1=0GZnq2zfDv|TY!HSKC6<~aNJ?-H
z0|fjS4E(v0&IPfHc>n@;rkO?I*v*UUuxBI;;^8_3UGHbq&C}*bLb3ots7F@h4ZZ_F
zAT`o%$3qqoJ-}t;_6e!bgUR8GGJU-j*bZF~L(!fJB@tq3`au54|3-e_e~>@y-^edA
z`ak49xB&q%3O@@^Knmz`-%FIHi_k5E%4pcpul4S`^oR;hSqmctrEXQo{KCnqkSZZ5
zr?&Akbch~w01N6n9sv13`6viP22PIWQiS2hIW=CP!tlD5>QDk&7Z;@|hUm<hQ{#@v
z>EW&giMt9PkK@B;*sm>3Lge5bp{qKR5{o$7)L}_WfyTPNk_VG@k3vj;fhjk<r$7VC
zxPmMr<yM`m1yz6IQb>}sboU&m5lYMRd$BD%5dNk;i1SOh<Yl|on4eP{yo>Ja;gM9@
z)Y9^vw{yu$i|+0*tn&+I-)*Pm`_nT=PSzSe=hl)9D&UG1#~*Gb!ARZQ1Ff>dybm=t
zpSAk48%R^-xlbD;`b0H#0z%aA%@Tb?vJPU~;R}&|_WQk{pg$&lmH~k}gpG5`!$7Be
ztiOaI|Lg#wI8WipPO;vOmc9d1Sne&%|5kdOIi7sQYtWtDL%_CVN?8^~Z#48UV0sd}
zyaL&QJM3)qWkfSi-gGySdSLpl$LbI;mE%KLqXPyMw_40(uN?O&%2yc14XXQMu-n2F
z#p^eN`@2=!qExj)5f;{M{$g6_!7W~w{6q!IPu&7=Hv~;m^oer6@J(!2XuoRN)pSDu
ztm~>Ic{YmajxYl6%{Kn~LTwc)$ySev{w0s?63ZoqKBysO`T${ohBqqFxu{ja`#?6P
z3D?|VV4^P|1|QxBAdG4i<NH>YH)|8o-_p?l{|+^6+s6F905A?%s-L7I3lVf|5G<;i
z4HgL??hp-1>Ne??D6^!{OtR(G#cW8?BZ>)GD2aYzlUd1g8-)bfommFl%K@1oU(mV!
z9J6d2v(WTj4XCkO2+>|MN0Lrv%K8MQ3vi}YF|ArRYA7zYr|u-<od4jE|MMv^BIUsN
zlI7GXg0SH_|LbrVEM{Uk>Dg|7m1!yFUny>DOM^XZ*T2Qz?Un#s#@efc;0^QjfG;Vs
zT|;7B@B>!oic@xMl@~L{fLmNZqKF(4VX!L44vc`B&v2v^tB`E%D75&Oah6RdOJ7d|
zYY3?g<^gF<HD|~Kii4-yWAa#(Wu!<A(6}B2pY)sDE0(pF);Wcq5dDW9^ecOsNFUb%
z!i}%k8|ozI5W8L0SE$(5*A7pb)|HLZPEsfhDV3H~DvRAe>^PYf!3)|b!P29tqNA$y
zT&6@>B@34`RJb<wPwIrM<63r(-g)m=lqr30=hVx=WJnXgH1_hOc>`4kV{uD$8c@ba
zpTnZGLfUIbsRJOLe#KCiBcmNDLI~LnM<m`LK^8`x3w+6kVFiPUsQk>nY{P6s9b?ko
zz^=vq^RT1!^0GQ#CzE;vORU8eD1l0<*8ZY3G~#wF<zeGXS=nSLoU3zEcX_%wT<Y^K
z5z^5Lz<n0KJ({B?(@CcmcQsG1MJ0sm<3g~tX}_Jn#O-Zh1`$YAumjK#oyt0-g{@Xm
z&l_3}4whxwM*wl@##xsYY~|{8an^VXkfF@RWU+|HbJvmsYVCyIlR(TRBx_T#zd!f$
z{H9bKE#bQ@&1Q<!bV~yS`|3XGO63oF<=nCWOPA0P9rv}Cz=2IHkzB2|->xI5U1xn)
zZdTOOI>pqv5iBVaAO`zzr2cxxP6i9Pj^i6NJE)2D3mquS^P<+&Ofy+_wEKNU7~|(u
zPmV)~!Qrg?A^(;=lRKcgm8B9?UQriW7v^UN{KKFSup3B^^MOuAGwp>JGTf#uB=Z8Z
zIXGjTCSVH~jBAn2aJEs!FC-{%^?@j!3}?$~2S9l#l`*L0&VYyNQ$NGXvC@?r)ZV1z
z(<4wX&a|sf7+GmHx&lY;l6#uhpbkW}Y_)Vu$RAi)-;Ecf=qJhiiz$6#yqHX2Qr=Fa
zEvc70`dl{eO@G5inbt<p8TARD1EX@JEa1_W=?`fbtYx$gm)mmcbKoXG#w2&MVm}3B
z(&g0sl=wjY<Nro}zkiTF^xw!Y<@Z12U)%ty%`D2&&xK2d-(Vv~db{h|#-I@Z_EuFv
zs|bkuy$GzvOT3Q&wlBuDi2#H&;0R^j5;J2~a4c{xNl|Qz;64IZ!>|YA3S|Fsdk{Hp
zhV3-_;_|U3pCuAQ<=5yBA{F;g%v;*H7%yau9u4q9gE-fX{FOl8wKh+(p%KD;-66w#
zBwt{@H|PP(*>zJKgy&XoxRqH^LUeGjDWgE*y&aK+=k0Y?cU2TYl*2bC#T5CjRNgZR
zb!a)WfdX&K4vKb5V>g$rod)8USw|dwl{{5{V~gmY4E_iy+<Cv{Y9wo;r;pAw<d#%$
zXu_p;ilE9#K{G~cEX%yDBobMVB@s-3xco5>U#@kUiL#xM!rUPH23!v^@(AbxkkAW%
zjNPQTL+Qn0r?qF9Ss<kwdo=hmsFSiMTkC3z!~JI~P2ZPO!d;I^b+B#&nmjA_B)KFD
zmYnfc!EgYgUevQ*<|hnS5qC6_MXYhRzSy=zGUg0*MYHvd-JKL(ML3o-Z@u(fnot@E
zS0sH4`Yt+*hlEyRIBlJ*m=1^W04(?%vOJHVTs@}+s7JOstE6g7Vl{<h3s4<9;!O^f
zZ2p~d1$BEQ*AV!nU{5F*mId^$O0tv=od}gEcY+bY2tR)woZ6oI1t%Xx!53Q9p%d(T
zfB)znzEzj)ce(%wmlQjvLkaiC?3u`&x6gXECX9{cbW4kE?I}BqX?bqoY}v@hW9f`B
zW39<LmL)V1`v$6iN4zAZVihC|dayCsiw&OtAsH%~R-B}hp87hav(;y(iy@$L4K`ex
zG3yfQ(8J`ZNswU9O}hbNSpz$(NWG;3Ks{3mXH_+K<wU9xgbHU)Rh%?XA4LoWR~6jI
zB!I?2HMK=f4U7kcgr7}+p^^ayT2!3F#c5;8Az{*A=qd?PZo51@_;RA{@%sO^f;|L7
zBLhYJ_WZ2uOU9n#2JtvNZ|zz^+FE9|eG{ywG_e$zr`u{UzRQrU{wVYkk*{$Av)=m9
zYONx-Li+?!)KnKcufWGspam4XH$XQe80qQB3*5+7M|7GU@)B<kOLFe2BPWjMkVFDl
zh_{=0SSVkCl7X$CmRwC{Z&xjez;?-8)NY<(rc6fOr}1gw&z}wFRMk-l#8g_KrRR{c
zXz1lF4eIcPbC(~g1eJTTeyO}DOJwp7+@}y#f_;9D@Z*uhFizIQI!+Rq+>2(O$VFBw
zW~nVkG7h}?IVUw#XcGG;(zbC<?GV{D6qK<LdQMIwAWJwDcG3HKT(k19SL<?0BdwXi
zXB9-)hViec)~5xV`tj(71W?G>6hlYCSQiw0&xm&^+nlG_l4<#}Ah`u6#Y<7$8b$D9
zDrB_lts4?@c?}@x?w!x<*OePL`AS!a$-wd@_6+K)CNx1w>zrsytW^{CYAq#P_#_<L
zLYGEvu-52qZm6)(ROAk|)HJEz8ITb0;RLNA$rll9Xf;?U0tPQ^K<WV#S7kgbtyP%s
zf<8AHZ7m?_J-t9F>;Kb9_p{#)e2}WN1j|G?C6oAYo_K{4E0h2WNTCs7hm%I~WSMM7
ze!BF8ZQtkddOlQ6;aRp{8r2ed$?gXr++@>`g+zr8b|Y=l!*lAFl)Py}?$v1~a#V1Z
zrD?&~LDEu6iggg}UiY!z?Hud=8IpU(wGbHkG7iwxInEQD1QIY3)xU>Ojy^#fP38(N
zIgAS2x}~#|?&2>DE9y2DTgdRYL>?tiyMQqd#$c-_3m^szq#5zbR$`|jnbroh8R!6|
zaSMVKnKjES(;E8@C(=~ZB3MGxgDKMP$RY~mx*&wy0eJ(w^;Q!>-cZ6qR5gdZ0itkJ
zFu6X;sFLRi7-L0$?I)u2vFDEac6x*tvCp$yTXG+5Hz{xqYZ)~t5-mVZP9bI0<@UTw
za-g#MSYnw1qg)~vbKdgTWI9qSa{2@L&;J|w{r^G!kbfh;0`vcnKOgW1V^ndMN`8BN
z{<1(}+(qLcx7tlN1mQ80u@lJ|fC#ghszYJ7L+Lfm^m%bXT4~!XCGH5T4iWre(!8Pv
zx}0@h1GHSt*zjhDHew9NQpp2}$y?hdG3#@RRdPn3+15+1ObnPqkM<U}p{VCCl_f1p
zXC+)kE$?RLRbuBZlSBRghp)4Ys(S0fJxGHh-O}CNE!_>$ozmSY-Q6V}l1hh2w}c|y
zCEW<ZUHja7#<=Ip`^oJXpbYkZ&o$>Wf6ucdvqIBpZY>lYWl9GjWi{v0ra*sY=RrbZ
z^z^r+v_ZG8c!?ax8_h}1G%cezn0H@tlbera4Bz%gu8%&94#<-zy!5thM-kY?L3&Et
zQ`=OC8!uWY)-Z_kVMyNVL->3O6PFwjhjFyM_{n5d?xID$>PqLiRS8jr@%HeB%F%Y(
zqvAUgAzf}8;rYA}dj<0rgPUQ4Ml4+IzQY+`_2bKNg%(GG2ol?oDb9BPc5W#NR&}P!
zZ01mHqg?^ZUyTY^OV*VZ_*~cN4oeKdu4XC-AMi%lbdgjTf9l0Q9;-`!lam|iy0E`x
zuC&obnzaA4s!>5Fft4o|51|*`D}oD80Ge`05~ib?tT-;a<n2X0?B;c{+_nPqD5cwI
z9yRh5@T_n;2W8~FljfP=J$>}6Y3q6+Q2Ee&<{u@n3V6MNe)e3Jkk@s;n*(%+&ijJO
zU7PtplHF(Yxsj58Ny)zq|M^R^%W8=CIRGTV^6~NMD49y0-m#+-h&O<COir);0UI&}
z#`omQsPe|8<$xQ=G|iO3q=%z6ZxnJ5YAAzHd;OCE)O#bZjSp9w<?@EKbUq3!yqxSb
zX&hH*JklY`D&6vglap?~=lwfZM(^5?^D8sFmin@?S0tOG{x&nTxU70@y`q?xB+#`k
zlv+B%cy&mUVx8)DFjLC;rMS+LGcC7yBlv(1LG55NE1PFhS9bDOpTSmn{NYLmZN_kY
zRbWSL<+fwjH4c@r;bpdMHL=0YqSxm4DbAa#_p%G03@?285D>b;lr~L%o;27>Zoj_%
zVZ9Ef>6qZhA^&#*l*;`IvE(=}!?eDgi^BwXd{fx)iqm7{#!%mVL=r7%<6`?-^&NS#
zZvR9FKGGZ3cV}eE>xkx$oCHj;;JL84D!f4ewv!z)%ZoKp3=$&pLRj~GzHBasjyK^t
z%rkO6D3%}NxTE*RLs5mUriK0g<O0d&9KyATK%l~9=b;6)(|q3(8zL8=(VY(xD(7%B
z<p~04?$6Ef(qx%;3n06!gfFwaGA;p3CJ2za79hRW`Ry>&8n!2R;tw}{Llqzjd^|sk
zTb<<FBNFMkDrJeo=O{ZUXWJ}I04dqr)Giy}rAfNp%C_2raq!$nV^UCU94MB66mvWR
zU@Dk%XTbyDx0mO6b2x7ov4b^b;F=E_xYLFq;>lRBApOuST(IA|6;H@&Eb7Bv5Ro`r
z7(%1xBtsupK7G6FItApWDw`^o4dC+bIw%90YhKKS0qZCmY<t&H;~3)m68I1E5P|Uc
z^H1)s+kSEa6{W?dmNz3Y7kW_O@cRA}*``p{#U<d>cMXN`jq5lY<Hh6U6hxZ~m{EA&
zIeqmjL29Ip*{rSq1JIlWT5w}&a-GEMHwh2&c92(q60H*zlYKi)NL2uyd$I_k5DqGm
zfV++R^mo@+K#@i!(MFHm5<2h41k7FR%Ij(HQG-1I{p?bmQIE=4Faq(y(<e{9B(#X4
zw-MmyY(E!Pt!DY+mH_xc=;Fa$Zoj%lLgncYIFuhofqxOH0=xi0*R{3w(K~}SLvSB}
zx<TpSgjqFDQ4CV(-vvKU%LMmQEFRm7MuWh=*T*7D&p>}pAmE~(OYTXXli?ghXyx}?
z-!2x|<X>%M9Q8bdAe&Z*0Fmbh6yg*hO2i8llVG!32XhtUG+4zCzzoC11>pkuyf4fN
zhUZ<D>|1O^{O%x?|MGuV{@{Nqf7pL3zvkY*l|KaB59TxkwE>j0cA!U&;9!T`IDI^j
zrlrKPp*nXy_P<?`P9bz?HF<veyY=@CYd64&HH}p|OMWtGPaZN)Al@KhQkQVN^an&;
znRcetM7H|?wsu8j?j8-+j9W~ApEdO}a`;V#p^uG^A{SzHbG6j;<Nc*~3@jF*`aTag
zb9!SXIWdy&Zk82u>w3tQI5}!EVy=1QLTVb9*`+4#g=YMBUVo=>uX7W|Z)~<~@-i8B
zKrWtgd3|sSk$)%k18(bJP<csbN(TY3-K47FQJYlOhA<ZH*w3@ut`R_yWDWo%o3(_4
z*>cyMA!1*J9@C9}Ol2(new@BZyt@5Nes^02t+l@=p0i4d%wd-eQ!h2~2BrdTIBbnT
z_wtCF%RTXQULmMcvG%o_+&h<y=F5tTIJ378bV0I>;RtL&TRI2q7MXa>LCZV=6@oNn
zY!_C(&mrB@_-`Gi3$ynkGj4}iHL;~ndDGF`;Q0*0I8<<d0E~8pt-V#agJqE#IX#do
zz)oYe`Zutz$H>tg;295=$B<jtQGXvRXW&0p-0}fK(VXDDJZy171R{T_ZoQ_(xm2m;
zd%RMr+Ew?T2JiyToBhN7y(*d3t^flb5<rjM1~}Hh4}9hfWx_p+kb!&N-I-!x!^0Bj
zni(ymxba|H#L7j57<zhWVsbnfW(j`bekU@_e#YLHn-^m&o`Y-6HrNh><g|+gg*(YK
z(Qz+I!c*C@!ZR+Qb&&P?2>)UYb3KHg%aUT^S!5!M{75ipjB#no*0{z`)rSuNRm*PB
zG<CuG!(cby3=2FKZ5k?Vys!)^N8TEkk~EIgs`=%-rDnw=LkcVut)e!0TCH|*12Sy*
zJA4!b6zOE)pw7iin9DdS`Sc*($}cvaXaW|+5`MC5jJOfuuDekRe=%OvH9wRnsQmKO
zcBne)AcXB$sF=r`D?>{2_xzw^v9|IW(9E{6R~%myk{+7FZ2a)TODKmM%xr7ez1JRA
zGlYGLapd%}M%aNGy8zghWaWTaE1zr(l60cW<GL7^z@CMO6mFMY)?Ds6-{sJh{t`_I
z+HIX#@8I!NLG>>4=pl~z)xtW>Q-kEMW%jyhoNZ+L^mR0ni4A*3{ncnTv&8jM<*d9w
z0*E8OVMyVn-2lTw8QNW}_k{3SRUUIo&M?*M<l4g)2|H<*KMD`Wv>N>ehTUqyt_+Eb
zNkpbj9Kll_4YjbE)3VFqK^WuOm)9*GH!BlVQ&B9?-#je!Ld3;;AT|SG?%@hxC1xN$
z^XyFpdz)MZf>R8FLim-{EyPxQ-R>W5(_#qMN56pAV9I=Y;VWd?Zm<%@J||MG2f{xR
z4tmvZJa)l7)#9M0JhvHHZ0{1N{qL<RbUIFvEhsx;WzdMmB<s?mA0o5?r&I9>ytlBV
z$DZAnc{-Kp{>ChrL$^45g8(Mp#i-&KtcW;g!;x&9;q<sp^>60kKR@xykza1x7Atz|
zcVXXh`C3_}%o%%!5u>csJzOgK^=j!NJgNe7RKO#O@&~cUvGEYQf$&oELfT(UPm(Z$
zRKC=BN&Y2mi3mRWE+bTZU;Zk{O`VGc7rW)$Why-#j5oh={*=Bzz~itXn`g<t$chs<
zoiE>#T^?$^n%@+CIiBjoa>G|+uJ%WkW%p6<*w`pl9-pz=(vIuU!=pZehHj|RwpCw2
zQmj-1uHO{FcNp!VcgS$U#qK>h7A|{A8+NJ|W+Q54*cU#!giW(g$-BD#r+T!i54$;z
zpQ@C{j@%}(&DvE>hzYkGzx=X1G*=bXJyhEVHxcXkBl_mCN&U^H!wX4a`}zAud;a3p
zl;W#;_N~DJb`$NzFtk+{V+Sn`%n?uZgk<c?1@1&sXO+jRla(CtRG#<RmjU{>9`#ng
zPb_BiU9hnjGS^f?Ldv!43~h#~)iJ0bl^^Nxf3iLQa7HVk|E>IbIsaDv&|WAg)|%jM
z{fmun5f4$=S5VgBj1laA)Abzi_3*Mf=Va!)-W<hXU>D{7vdF31F1IjIF<Yf%E-d)<
z>&udZ9pcsaj?Oe=+QN*(&TKD(oZ{_DTml31W9wS~-o&Cg|K5Ev2bkJpUpYZA{Dq(K
z*9OBjJ9R+y-4!j;_!wM9qB;*Dvr2LsK@UQRuAhd<ra=>FDodtc(bq})vu@K&kCG?F
zJvllVfxb7jU(l(#_Dl4OaOyn9(Vg?VIaDoZtWT!As;_0gESScWtv%Y8B>FwXn&#^?
zjXY8$2m&0t1It3{V~Q55W~vRpFabuB3mxN^J9u6ppDUT_NGbbdJUezaF)hi=x(3};
zQNg_kk;kI37<Tckmv_avnew(;_cs==#CrS?eAQPL2H3a~@juKj+STP%OX^&MUEZQ1
z4`|Y=@ghUyK2Yr28alxF+kI-YoTOK2Z@djKqkhBhM(Y{9m6j!|h;+$eX>zaqI@*PS
z$+GJGy&+jfNu3cK*QBf~My6d&1AN97c5IADAe7y~269y8!B3c32?f}Z(*|N<5?7OV
z8HjK3mYUTw5K|Ul{ANmICEHlXlGI+Qm`s|3;ZrL<?y<;)1&O)<NLN0}v}8)!Zh=P<
zd<0?Xk0m&!c-l3`DjI%spM|%B)znCTm!Pc=7VEXDhBys|-DDP8lCwbX@XUh6I_;^3
zhp$q0j$s@u^DycAtqxyF@1>u#741)h>db8}495sE4d)ve*zA0CVh!60e{-ADj6NrK
z(t5I4wE7V)am!Lo@xSlqLxOLaD73(#*?MdFB4WXXNMk#I;m@*6aak58nWifL%V|vg
zdIKSxtT`$ZL}OxChKWKU#<UZvGPk8XQ?82C-%)tv+(wd?AK^nFJqMq;AGu&Rs=A3`
zY8Iz>D{T*)*^eWuKUd+gjyGYNiwK7LLyGv;<M#S5f?@t_rZ;~-(D-7no&pMvv&mL2
zr~iG%EP=7W_^kBXKC%JFNZVMFKhqH!Sl?rNL*ZYkQQ{qi6FSgZsVWt|6QrvWXnkXg
zq;)2@0=Bx!S*g#VyaQ4>Io|XJY8VL#!87J12c!htexEK}q;`uAg*0igE745%R!#4J
z#B;64(t>OxuTL9iYV6v(C24SIbON;jb<GO&2_=rdDDP);HF!A`nROUkWT{e2^+rnW
z%VBBLdn&E;dA-io!C=roRI~M+VnhkC-xX^nqC$3-ZMt7*^Or7a*^AV7ecImaO&Gjb
zWBYdqGua`E`GR~7F_EM7UaG~MfikaOX=Ub|j%RcIzS~MjIPwM?pC}aUyn9JE^vie5
zMYEX?XNKqbYd(f#*<dTWh@wmXQ(IN5J{gfm%O{w3SU>COQklMLd4NJq+#OGH$vlQE
zhPr5|)U1ppjaAG#6TZHR5{rKH^k82mXVkE+ZMzbm<}@6`WyFSbm-IdCx387>v^3DB
zX+x~-srp~P{WTr?oXP7XLyWP3v@`Q6!<kC6ggyOE!%ZcF|0iC^z)ze-5&;r;w++X5
zaBQK}04Gm@8?HdNDGa=NBS!?6!SSH~3~9=XYm<Cgb+Cz&vp7LB%P{}jLOb@f|9za(
z|0Nr}5cLueyd?4W)j<?0<@@;#JY4mI@|VN3Qg5pH1#g}kJZYx2)8^ND?f%wk)#|2I
z>t>BHav{h_4nSi|%H%R3V5MoeK#f4V_9CJ6LznkLJBvF@sfmA0mQ_c07L_DImsgbk
z?LMeh{SdI)bm>hp^(G*LMB=*JlLhDZ>ZO2H!QZ2ej$79g?;A{mbNO+G0cr>F1P(OO
zNiaogf1t6Cah_%x$h4;uF-6s(Tc*gbxp>aBmKWV9ppc4<3>uiw+z`j=<8cw<Ocz8q
z9@#6Iag)G_jV5WLm&^`zzefqCN)FQDt6IbRSu7bdo?S`|!;^^j;+&MYq_`myQu$H;
zcjf<w4P6QOZ{;^p{<rcw|AvC9esSnE`%%q{!a^-X<~5Y(5Kw+#Z~{#U76>~o1}+W5
zsna^<QbtqdRB@FpB~nuO$oOEi@n!tUQMP?cHIa{Ym?|5|n>4IfzxH!^awxljbyU0L
zwewpULb4GRs?%Dm*~_b#sS9t<7I0*NN{B|SYNZt|^UG^1PQc@6`1zIA;qxYL4}|bP
z1vA~~mu!I*yqFY&P4SE&v6l@4%S<yUBOuNDr)JK4^00HTh_c9EPAfD0s`b4jSc{6z
zwq`8q+9Tb>j$yb@$xo3(Yp{~<DfH-cNdiw?3*_UJ6@SO}X+DZ5VIJ8M(~-)mnG&N&
zrNWBOqpObmLG5c;uuhmAt(ruiTwX$Ni1Oyhd8L^$ykZ)|1Ue$7+ZXzRT7wC;-ouGx
z%h>z1ouJLCZBC|W;IZhG=-;WJopC6o6|Q9SSsD7#6+bKte}bW#&EuHg5Br(bQ=-0F
z>0_}6nbyHAqsdMf@J^&`U<kJ+xz4aqQ;kqe!*Y2&LwtNP?`s!crcu^mv5Jpu__Erb
zZw?e*GZ@`R7cZg@9gsPFR2<=>=Nhzx#j*>L)krhXBxEd~>$DV;rI+&vX@Cm5f+}yA
zd;@5aaop}RxcUSRK4>M5o)i~t-0+VWn#@{1M@no&cnf)))_WH)Xvsf_&Hm;*F1(9k
z8X`Z*yLCyZ4f`0{)zA+c!6Hc=x8_ez(u0g=Vht}xOe_v#OtvZnWL!rsADPB`C6We)
z6wuGX?(Ut(aBq)iX(MNFWW89lthC&57=jfve+Wq>>8|3(a3y-NqoLl1&u|lcs4XF{
zT-=)~7KJT>qayGibx|uzHNqe{@cZ!<&+_zDqOt0G%vK=IpUC(E`q!T|VNI6MQ8Oyg
zB~*rJnfEZTvgr>}krV571qa0^i(IduBNqjtuk}|r5u;>6!LWTLw$p!<x%+dA!)^%d
zYJ$^(6T?<nt!jWlO1!T(SmJ_Zwp=dZi&+mhk8R<q-1&p?A{T{BS3g7l6KLFs17s+J
zd--OMDLp;j<)5C+w9yvYil*l4JbfZXFe8V`Ks>cOaz8P?uCs~fJ;`n5Mm3GB4RuHg
z7%cvlEk8)h*EL6j(5Ctns!_u_u}2{IBW{^f@o@grCzsjBcO=`f?{t!9Uy>`y*XCD~
zBx-TgVR2aFmeC>En0?!SRJ45S+F!BMMVsISXmoKze5zdXeyfWThp8uexM^D*N(^a6
zk#WKm%+rAo)|atdI!3eM*J*vwP9Btj*7))$n2hQjnBw*3Sh(rwC%ehgQf1!!{lAhd
zZ}4mAyoof#x0%K67Y4gR`gpRFa>wsx4Ka|gG;-L9sdo60nA%vqHO%s~kps~Lid?si
zQy55daeTJq**Noa9kyY-BaiF8@)gjvgf4$-F3fb1Q}^YzP&6xgR58%47^|BB7x8M^
z6%q*Dc~>62ba;BLC2K>q3vmc51k#cPG6wZfIHc;%((FoMeGM_;RsO_-W*+oOQJv<4
z=g&_DgbLGDRCQPho_z?sZ)KE_rf^dQ@aA`X+vh3vB_^-ri-%vq4O)hjrd&=!1uxv^
z%oKGUuJ*|?;n8DR%n$wzlZ|hi8DONtL2b3k<ozmBXi>c2Mpt*`hb{bmP6uX^P7EPW
zT4m3peB{vsKE!_1x|Ud)$yPN+S0e$e?LEN?=I`%2Be2&v*c*N(k(uD|I9k{xDO)j`
zZfx%$xSms1JG7}!of|Frf8Rt5EXH0{YsJq9!^?qJG&W!|9W!sq)1tNq|K?mV&Sz_z
ziZoe0$g2uTCS3wsi<y63f&Vf+Jbj8j6KwA<5k&69p1z%<OA|GK9Z{*p90W>~jwARC
zP`p#nK?9c0bRygZNS6@E;KLO7o)lDK065*HYGwW?0aC?#U^R?QQ+Mn<AFM3T|0g$;
z?0;AOuz%E^;Qv;BE0}*Pe+mv1)bCFnkcPY=zJ_`Q;N(EKqMiZ7(OnC01Om(85ZIt?
zPTT+`Z1?mxb@XHb1l41E22Njy=)~s&B+G%ASsh>oHUk!Zs@-$)wd%TVpC9k6uIa4-
zvXvn6)cUn7<I@)0wN-(?2QZ9v6N3q~fxYyN+r<dYY5h0UgL03pb|5h$g&u<?=^1Fd
zH$El^w*&t+1UHq2D5dY3Ea&~+aB7)DoR;_bFHmrqiP+7DiGd_|+WnxEFNj|af$`3>
zg|e)s@(o<^C2OdPa+{Gq;*Yf9Shx`4Y#>eWIM$`-W-)ghv73VLIRRIZDRr{`dU=_h
zECLWcFq*g(kxk_Z@T?x<!hNOJV$@Qv390<W{UvyN-qt4hZV9M_G8S`Ixz6x`)OuHY
zl~@eF|E3YX@A-SvAQ3|NbNO?TqR)1cw9|t3US7*D%N(a&i>0qm;Md5cdP^I5I)8+A
zJtNQ3pn8-f7L1-brV^gL&3wF{#^$)%3Cz)96@bGW|6SLE`tp*Cpk7H7j1-Q*$TXsD
z4gnc~D4Q|`6-@&S4G2;LzgvOjVSN2-s2%sctgS5U>%g0)0x;93B$VbKm*=|3xsfTk
z0o@I1)lHKzgn@0(xH(P)H~KT>B$?sN2(WaY$tEL6b|BFbR8KvA9`U@ucLR|Obd_-J
z$Z>dPUZ*=5M#TP!+l7D!ZMxSq0PzOGKxF%1)r`yh_j9UjUAN2lk+0R0<&QkB=M~pm
zPMV&JhrsUo6?5u13-o$UM~bsihPsk)<FsM~F0vg|D}n$3k5;XHL>2abxS0@GkiL=K
zAc5_;m~2Qht(5?6eTVyRoH+LI*CZ!DAg-JVp0)AD?{L4tpWBi)$M8BS-yeI7zlH!|
zFX&b&hkIfKe0FiqI`1}PR$AH-=<eRInTBylde)e=1I_&2sb-lhZ95W1WGd?$1MX-K
zaJO?gog5DXxOc+5fv8vPxti+kCX>yqcmpqj<yDicTFbP_;X@JohPEG!p7W?X6<k_4
z?BOsVj+t^Kl<P5^`@kmuewZRbVP(!=Q>23DrSxN!9@a}{9>W?51QC`G=F<oye(SKt
zORb^)vKQdB$}(GvohE_C;`SKXeDds<QD}x<E?|Z-$}u-&YD3{;-D=Dm6-#pgIBP{9
z-dI*~5bpeu^R^#N#VvswN=<sFF4F|sPa&Z1znU%7iB?B%^}Rg-Mz1d&0<A!oy+r<{
z9wkpN?Erk7E!NX{mBd{jk%Cuc3=nNND9<0=V)ZV~Ptd(5_N_s*h3t1SmA`}72I9}0
zS)+VOa8&wu-|0=@eAZuP!D+ZZAbyVfE{W%2`Qs%kR*=q)GwdtG`ocmqb|$m)aveiy
zq|EyFAt((<=?y*r&NE}|jyCH3Z5-;-C4ny1SCFf~7$L_~No7!~vxU@Mf=B;nWr%Xw
zYdw`t-7f%qz{MDxoXXS^S;2V453#p1XOGQe^dkjV$ph;-t0)%#8Zc+ekBJ0h=apCA
zDY(l;?>KhK;NyGeu6Ex~I7-nJj}9FlEHF^MF1G(fZdA`Q3v+lmCDN1i!622?L(bNO
zbkt4S$ZRE7hO$kA9T=nG*{zU9NI=<y&lAdhn}v*LQ7^M6QfA36quZToHN)3*+P=~5
ztSoeYmx4m<dl9AlsHgIn!*(1WL7aQ}$L?8wvPnYOb6&fTTV&I20`;c3+%j_IZ50R;
zP#VoR)Q)y&FC~^{sHyJ*Uc`*<#t_VL-XJ`h*mhb?Yc;7FVao|+|3mc#(GE4Q_ZXQL
z&WYrg@tiI`X3HK%m??f`q~jmCIihp<jA7Lq3{a6ic2ph~gU6E^B}hmm`{BF7rlka1
zmpwvo(wyt-=v{llG@?>i#ZGu3oqk_66z_PU8y$G|XlqE%PxZem|A&7nf6#v`|NEAI
zE58CQ6jV>;3-sh*rUr_)p~7eMOM?&mX_Qk@U)YR_XUH>%*h{ondnL3c9tfL91T%8s
zH7GC=pFi%P*q0ERB)7ksE17dEmK_N_tSlw&0)h?l*bFn7Xu|aenEgw!?~`n5(&&{{
ztIXUJ(}a$l=y9%?=haGi{K0bVuOubE!M5P&msyItgMbeaV5>?U6%=XLj6{d4viq97
z&Sc>s`JqGOG>pNbr1mW-{gXa{7eDREx(6cK%H>(cWU&qW`3yZCSCP-RHy=r`_(9-B
z+}QCtp?lKkhx686PNx{AFZ;`F9M1_-2os5;91|=W0vcr57n3h{Up&&Uq0&VjV^pE=
z!*J>)(QT{H{PYXbQj=FIbNP<JN9%Y<2>XlR$TkUcsWh*|E3YbOzBsLc5&m^tLvwEW
z`1i{mH4S!fL^@cWYG~2&=_ImKYvW#1b8gMJ5hitmOa`!sGpZa~<|Cp&?v#UeyXde*
zR`FX-*?YE}@eSng|C6UK^5^VZ%j%=iY3E<dr_&YBRiE2D9%VeY+~8-6bCHY}OqZxP
zgS12TfLXVcy3X(7oc&51zE`_4Pua&I97L*uX0Lk?TsKN_E-3agySU7vM;{$i^A}(_
zOTKKRJf<vu9P8p&zcxH2!-j@6NFWxHu%@@xL~QVW$K@Jsi7Pe~xSlzU!??``9GSAT
z;(T8&@#7P}JIS(TDJ!H$UI?G9r`A;s)oaQSYTIV%(CL15y4LUockd~_$%pWLX2{9<
z`gZga=1cFJUVVVVQ7_MaNP+)c7wTWyOO!tnFCTW<whbQW4_;Fu&z)XZ-l4C!Wooib
z^5q>oNcUM)C9?X1(aW|)z<GvA^&XHbaYGB;s5e~mGeMh4!dN>gM}*|)$({pJ1;P>t
z56lMbXiGLPn&!@2qbe-d4C+<r@)_aMk<)3LD<<6*B7iY~GuylG+kT!B-o4OGVaA<{
zXSDy@^|#kpg9`Sb&Ex8|CL7CsdF(ppTc}x~6&*r9XpKxw>`y91z-7np;K68^x;c$a
zI_!TW$+xT0xgtm<<c{7s@jfpXbK|m+n_FnZ;2=`rFmfSd<>o2#4$pi6Ac3T^ZU+h7
zWwub)qM?VJbB&%-4XvNWd>=_&q03~ozw32Lv6Tv+K{k`~AE@b`Q`ME&Adq4e?>KmC
zE&JyaXsbuEkel?G*qEaIGL%v*lEvmVqT1+eLlI2Bduq>Bv<8{bdr>Rr>(ivHlEn#s
zUjJ@YkYDhu*L*f2IVF7l(V#`-dd}pu=XT1+G0RE~N*MTQ4h%Odw8J=o2Ypi&v~<im
zm<bIi7%k=Y-xB!arsl?_iA1@S=E+aM(e5Gps5FWx!O8RR^>u*C>vL1W45O!u3<q3?
zqeWn;;43nUY9m;{qBssiA!^l{Tt+7~PN)CAHBuIBLS8y*FIx%Q`AEj^oF#;>ooYxF
zE8pQbvDXmgqEWtKZLLqYp7cqynO419O@_14VLHFdKTG4!M@(ULAxs;Ew(Xac57J{2
z;jH)3R$__(U`!~0+H9ir;48%R6i>srBP4N9QDQ7mAn5Ne3+SgX=d8dD?I&b6kL+d3
zS%-r3UJcMS0#&JtEAOg7ZEoOT4Ez}U$)KYQ^~PBmpPqkVsIHh@fRImwY62X>iM!IV
zc&h3xPQIX3^=~Z%Wh#M0t|RAtBT@^lBCmAAvE88{BN6M~j14k{vg#N(vovyw6LP&m
zj3&SR@iK*Lo>e{^-J)7C>x;Zl7%e+vb(F3vCgyV~*<fHI{*!4+GYT5ERaV*LfcPR;
znVI$P))hNNvBj0DIa#T?I%EctOxFQUj23EH)oSm*(3UB*ctcF{GWj5pra~d%i1LM(
zUXztUR4N-aOPelvJb}4dsHQt-C?Q)8bx&f{<fqbY%{<w)fZwkwFYovA$DjXtKq^1&
z|E~Pu|5X0K|5kn%yMHUcE<F^~ca9$ar^>FI<<BcwbN;jOxnke3`GiHl?%sw1=G*Cy
zT0J3FXW0W;iZ3>H;iTd63AOqDH}3*UVc8W`%)zXb6#l^pks_Ox&*OYO4!LNKFgnfR
z+39uBUiWv=&uZgWW<$q!bjwF-;c*-jMw#qw4u6Ek#3UUFz*CN25yl|3$@lhs>&VEg
zt8b$i5?eBNPP{bEE8-&_YIX!SjYj<7;>lb#k1Sl?q_xZH5^Q?<`3MbX0HqA=K?L==
z3RN~{pEA8RVa++PB_-BQNDLd-NfT98*r_XROLCQSY}-yAO5cxNiofNTOJ>n+rrli$
ziKz|NERDRi-L;pS%pRFHuv5dlr~M~!r|j5dpAIgq1f%{wbcfrWIJLSIKRLfu#fP)X
z3o5n&SAhsU0lw5&9jYH4&5HY{g8EuE>^xPrV9My+J-7Xd^%J2GH?(`_Bb3*cD%4bh
z!eR5B&ESzJ{dTn)t2xJ4g<>tt>e6G~L}zCWf*2##v~F}c2Ld>e(>Ol52?<1jAx4FC
zPMXpzuOFP?u5dA?!&zYz={N2ghsew%I}hsG(HebJwhs6tVF}(2%?+B{{WV$J8&I5Y
z#miW@9P6+gQu2kQraT6BX5^CKS>{vck`Yn2FHzv64l)?c#@D><M1z>^Q?Rl)4OvuQ
zvA5{_Uh4@=7DVjhP|WrC_KK&(-!;hGmd;4ALB!_TxorHl)40%!`BnU!!LqO%mwL_>
zR(p280BeFQQAAi=S*g<#Fo0C@&=~AyY4C|LRq?u8`rLe4{{@t?Z7v-2oW~(!Y-4>a
zj|Q{r^ta-JBh1bwRT-@P9(nFRoMSXv{B}7C-T?%nnhKJuwk5vtvBFjQAnF@zerf>C
zPJ3B9ksA5>5<BA%JlD~uQPX%%b&4RAw*{$!KoiG{LGeb9Om{+fiI?a|uWgF@ahUYP
z&!ec4h)p7;I=9!>jr_hn`Y}_0_@RyGho2C88|%3~&|g>NYv|0xF9#*#Y+c|6<rr$O
zKtfeppx6_^-wH@N2ZiFq!~&wqd%(i5N*jD7%L=lRJ7-oMl5>^%3Ii?POoc0~8Za%Q
zRcV9A>mttSs4PMc9<mwA7D~QA(s>YQd=FBf;`oM@RZE4`4^?F^<dQfm`3HX^zH0SV
z1W%j8FtZ7@kFjZ!px0Pq5sn=2?&=3E@u0}5;m2cI8_s8p-VO4<t{a=5F(w(zC56Fb
z`{j&eWa{Gp#X1}6zv_Vay=R3l+>!A`(@0tOyhMGz5P&06t1j*3O6Wa{sBGfdDM(7e
zyJ){&qOeDVL)KXg_x2K(z8Eb(Jand%e`P9*gC@{X`q!3=T=>l3iEF3-SGDj1hP)cE
zxNT<oCMV_h?FcC{*aBgv@eHR$-M7_1@D#aHZPQqV-7Jm!1lmo)zTUZnlt93vX0u?D
zXVLm2o7v!*t8E7Vn+-|oHlp|7DWdEpBT?@>$mWK5K}~9Uu{{FIaM0PHOFzH>O-&8@
zKQ_b<s=;wm8_jM4s0xHmEN?(iC7bs9>8V=)Ii9R^45>S)ro60b{PUxwyL7muWrkZy
zY0Im)w?IL3#!rkDx!K2TB#S15Sm3Ds8`w0z5g$x&W(3WH9vlB<)>HYf35Zw$2^YG~
z)Q+Af2{Ta)sjOR;8MOKk8M%`vn}+k!A1pyC@n&D7uRRV<l;wCngOt1I3qx*I7a6P4
zA;hSKImolB3l&mSm)RldlY)ad=U4l|0&`|CzUu`&Ur;i<;m(_!dnXyZeF?J{ic$L~
z_c6cd70%O;MYJo^w^|luPQ+iMrdqO5?XvZH&2w~7OY5r2PHx*MrRURD?TQys%ibBw
z3*I6Rai~Tgx4ku<&+e(>NzH4)#Y!-z=qceMAWyxp!r?R<j6I{>LY_oQIgiDC<7&^r
zqeVApfK9;hkJ=;hzbk*lKb1e=zm?yM<lo9q#SaD591}*!M{_!yC$Cgpp8<0xCmDa&
zGZK(bHL?X35n)Kh(U=EZSv(YNcK$mlmC3mE@w^<Kr}uEBb*V?NJnkmC>a#j~8}4no
z*^XPUEe-ZD{7l0KQZUgZPkqQYj)?L}YqGcXQ|@|bhxeo*)>XNl9*&C0!eHwuLpluW
zyR`lIN+RKNOhWn6T6syL4`HSI<$s`AK5vVtt>gO|QWD9)Bv2g6B5}@%!%IJ&DxX(l
zKAoHx>rP8tpcOXvBcbu(iChzOP=3Dtp|{6uplF`rl=ipYfI5yspJAC%5PH4eI5hSH
z`{kbvFzd(N+Q{>>B&lWubT~I!bKyL5_`@<%A0;~=#9N2w&n9J`-f-ZPjl?PoHf(f_
z6sGm970dg%?`+A08Ag-xA59m%J@{&=M71l1MRh{Xxk<<TIZ;1S)kfIJ7vx4BmgY;?
z;srxJQ~W%O2wNRHK5+O)3jB+klqH{|_lX6aE-eD}&Eg{q``I(t65HRto~268p;pLr
z+M=oaI=VwuYP&mu>#lgg^0)Y$M6y<4@gMb&iv2UbNWf#`1l+Ts&sH3dsgSBtgXc{k
z?<L5@`u}A`-K=KGf8@!z;?ko3Ux~E7uL(K$S-18Tfh5;+5+Bq~F@!f7E9#~<N53X(
zer*CAZA}<_kRG{e1#7XYZO)>ksN%rB#!!xFMHnOm0=}~mgzVAexv6z|Y^H76H-PZM
z!|AuL6=O0_0F`8o=mEZ3i)ZDP4+x!zctsd~Unmx8n)VBLjsD<B1OYLNG9ZS8!!mXX
zL<uHv4YQqfgX+-E=l|ylt?^2H5n!T_*aY~~8J@Bv3h89Z+FP;LB9E-$C+<KF>6b?Y
zIgb1%ty@HVJE`h3y4M)~Ae{0OxkqO<UjH(fElQh%VGsy3UQPhZLEXr=F_s=8$Lk@v
z_FbymEWY&S6a~c*;0GQ3I*caI!8-!-<XnJmv31&gt(7sC`UucQ!QVAa`okXQg9jzD
zDW;zXKm?(Boyi=CcMQ_h^_ec&ZZ!a*9}P+odfaO}BUwO&d)E`fTT};X{S+8$9`6{^
zqS4RAH`qi2ZOi5rxF!ljNFsEcF;7-3e@9V~tAU_C=5#xx=xoRDonWDLg=w1W)Q1Gz
zcGK)w>qc_27ZSkX|A7?&7q+lZkGcEK^erGMp(wc9a2O-oO~3Qx+b`|_=t=}&pPOmg
zyf4XH5kzBth8loaz_XyFM;c4!(IEmiqS`X=%UuW_nJJA6x0=s$-nyG@2a6&rXUhka
zmMxCnHeld>1Hr{NxqOv|3#xIo2Sr_uc4XouK9TiiS>?Z@TYcNTUmPQM3i7PQ2lqg!
z#MhPD|J7u*>WSNq!R7OT>P1u7^Q33DItPbZAJ7c}xJ9#3fI7qKpZ=rd86+Dq24ko4
z0?R7E0FU=?WoQtHy$S_UnQuT8rq|nqT;Y<(J7E3>Zn2n)cheDB99E5EK<%E$012o{
zvSQ;}Jz6v?G3pp0g}}9f3{8UfcQOQGx|+-rFxyvFy8LRSEPQXCKMuo}qsMy>z}Tn(
zUMO#Hz~u3}(|6sA9w~DFqVysD655M+e+y#e?&z;?Pge9OlN0fT1)m=;6<`Y9v>jGe
zS5#16IDOxDEWmM=|2Xap0yG<9zE<I61_0R;9aTrQV~WeQ6q?`U5~#$>TNRYvrCuT=
z(d|xAoGMIwHvZV2oiBv%s*u^!LBF3blNfCE;|R`xscmkgqZr`{L<!L-WClecre(bS
zCjQw{VhE!gfYCjMvj^G9AT)NOkIzE~Dtw3}(2v8>7b6HkJj!Vd2<laN?H<SNi?-FW
z3LwgIksg@Nz~rX(p%>|N$K9zz%(Kh~xUc_?KzjbS|GV->{!{t=|6BR}XaBAIFn^$+
zb`DcOK;9mpQ_uJw-_<+esTRPr_7}OJJV#6^d4Uuz04Y`q3aF&Idf8B-M{5Rz!E4ku
ztJWHRSpfNFW~4+p-=wn;XicHrg?3NDyN8(7LTwBujkQr^+v2KJKPs>+CE~4``$GZW
z%ZAZjjoBLwY2YU`0#Q9!Tr2}5@v9#g!my3{n0z#(>R^z!<zErNCK=s84=h|jljsz1
ziwD!+5Xsz+Bm`W21onY%&Tlctg6sgRDLkB9Q+WjBenc${ev#MOY$#4nAo?sVEt`ma
z<CT~gGael3%PYR?4$<*)@|{m@x|uKOF=nhTXsi1XYa%}{Y-R-5GS|ZWoRQn47@H1y
z23j+<lqq*V(#of1T`Q2dD66=hu{3J{ZFp$>`ZJM&(S2<L3UY8_1_@O%vizGPGR?z#
zqUOzL29JXoDiIecF_$%)^1Q)DZx&M>^blFwf4nn3RE4l2TO8N$M<q&J`Wl<nO30ae
zR1FQ=wc_JG3N{7|O*A<!Py>`ayTsHzx#h4WHMzG<?1o6$Fxt0#Hu-n5w#-BF>K2-G
zf7mP6E-K^1sT>(pi$RJn&u8%vRUPNu=ALjAI{GL2_ZH9a{_7vltPL+n>y4UR-E&gq
znUzukL!8+kL<$J|5@-IL`y_Kvxv?XaMp#dCT2B`?Cqaus(sv2nkX=4<Cvj)!A7`l1
zXd17M&x9}VQWzzf)Ps+l9+2ou1hrtq&Jvf(CnI{BfZ%+5;w({Rotv`{0NF6fs(2uX
z3;j@$SMFW5xgyaU1PdP+IY=1CAa+9i<7r(yEsg230D;WC0lAZ<`!i1^&8Z>7D>|3{
zy4O;#TDIs^qP$Ccq1hu<Oe(C=I~~fkmKzGe0r2Ngw=^|5bGuQ`4P{&DQy=o81n#>Z
zs?ic1s_ybB58i2%$|VYlP8xIse@YRA51*}t=%Y=t8|KVD9a0!V#UG7q21y2JB%UFN
zC2^m*P>%qBK$vw$!BaU7ZHE9?TuBt2jN&JRDhO^+!5ws|+VyqH`c1XKDHJ9HN$v&8
z?hMjQF&eEsG&Qmd5n5<6T(CD*q<Z%cz4rm&q#NvSk~qo9&z4$SnSmi0R6M0&X;E0T
zTw787C?zRQ*+X7JTwwX<WH7YyDvdi6`vq@G#2p&4cC|!DvJ+Av4UU>Tf@<$lTUaYp
z)eKHKhQ)c%@27`T9#2|(lf>bguU@wdw4YT}_WGYp@3YniDxh&Gp&3QLVfEH-IKdLw
zc!Ch!ZJ2&cb_oLzJbkt7K(b@6Tk3d+ugr3P41xg@PX`VZF6Ibrc2b0lM_zlR7BZ5H
z|4M4_M^~kTHK$WL6vD1+ZaF<cVd<RiKJaF48>aG;Kn5E7`CwaaZhs`f)!sN&M9LuZ
znKyf6zJMpQ?+C7~i(I7r7lK0Thd(D;$dudS@jOkJWv;y_d>c6z?2MBN+6L~}EFaQ^
zX`?mZF5nvC25JxjxO)oBqN*NF#KoasKtWjjyMv+Lt#Vjn;)Dc#_d_h@iaU(;DlGeR
zUcBF|KfoUA(iVY%jIl#=YV?&8a01}ycP6zo#k+if`l|0vkE;O|<xI}j6#RVCu_Z9M
z2NTPfjP)$3>%jmXLEH}-`OfPJyvk|9`qt~;W#RYsL$H;DvyaHdFFpfg!&vIOXrY*$
ze#X_|e6`x6_(s{Qc6^zTBr7upBAT~+t~zN&$)XYxno@*?EKq{In5a3oS@lEAE?0$T
zk^UMVp((~*q$ElpLBiaooj53esM+a%=_M*@de1LLo%W<K@A|p-vi8ejwBiVSW69(h
z)vdebVYV7jBi+>ZCi7giz9)U0V{7G4L5|ZPevB|z^U=x^28qVuXv%|!TvU29s5fA{
zOY|O>4iXlb^=;?-=T<eW-jf$g8*0}d*0VLRXg6gB>Q?<Bm0$XQSN^DfD!<=<D}QLj
zzm-1><i6b+3}8@h``%^V{CF$KMPJ#U8qFhwyJG`}whZ<uB=L@`v-Afl-U$x69&DC{
z5H~~>+v#?R)V+@jXhW^62m_!*zMI>F{_=t*KXm>h(L6r+HBfd^aSY-|6v#4Rvf!6S
z9|=Lqq;XzmYNfrGnNKSM$-3dzn=832&d(`bJL!57&Fv_h=bUn^3~V255|0)$WR3jJ
zC3U3d<>v+iL9qB)qIM{?tMbR7LBHf?Ie}#bdt<l;vs>ttLJ!A8gQie_)C-rZtAp7}
zl$)8rL*oLULdi9Q)qU|jnVS1gPO035h1st;;^b{Zr^+JW$wgdzuakA+y9mjzH8}QW
z4iJQQnvd4)Y_Dn&+a52*H03INYhy`Xn`GvHyr9L_z@jIDxf!&iDy|tBs3N<+i!H9P
zPn4xl=lQ1ZHJHT~i1p%p3BSYd&uoFxYm<IQ1p|ClF*tFv4xE9UtPq(Zd_$}O<@)5Y
zF#1a4$V)~0JI$1wrQL_qAl@vEBEs=dS{!rt(^Vnu7&-X4F;rwcHo|$OQtOJb{#OoG
zq>bj2^k-it6zDZ(ec{HKQZBk?IP}s)FJR3el8RS$?>i9d3Jxr-sR{k$9w#-rKl6J#
za;3cySH$S2i@;zafjkL%h7*uWkMu*r?uyC$UBO${Oe7&SJT+B0<fNKB<8Zi2*!XCf
z{(+J1cKNx(V&TBbLCvJH4{A>``1y~2e)hoYW6~(aQdrg;h(RMn*4k{@LCKVg`ep;X
z7h)rY1cq~2w=HL4jU0GJEWG~t+&g;28^E9{=w!g0*P`r3fSoqe5~*}5?0kB~D|5&;
zbpCTrSQq>2JcS^ch!&NO$8W#M6RAl$i&g!LlJvnOH4usY3X=rJih@hoD|PBb(<iS|
zam1paxsrro3r&51SDcA{kM_ENzJfBXVH<j>Y|>`_7)m>o=4@W#$<Ho`3=W!B5=(jg
zFhs^WGp%GYHz@UiNfF`UP$By^z6=>j!%HoxPoQReX=@{>k%Jf&Ld8>}hpWv)Nao{*
z@zB<H7hSgOCbA-RD4ILLi=t3qF_mU4^(G+$pnH-B#CQ(*4BynU<<*!X5=vm~XD~I4
z4r<i|UnY20^SRv7(4dpDcZ;Spnr$j%f(D##CU%=I?F*pIuC&by0XvP*clm0Z5G$A&
zz2rO;MVTWeia7Q~AZW0Z9>JvsGD#?sSzCl_cj5g6IVS@~MQFa2A-pD(EKcPC>*?T9
z%ru7uf8Y^&am036in-{ZA|umLsr5BX_!W1T##={>miFc=w+y?TH%CZ(ru~s}!Fcma
zZM!8naw-KWy3A>|Ts$JBmscncF2g09gXEx1E}prXPCFaraJ8*S3;1Dj>!p%-`&nt5
zlLp*~dr+?SvSGzI^wlzX)^1b5-<qYJpDx<D-nhRX1Z`$0yP1Y6i4*vCGb=>p-W-9u
z6R3i5UbkAuIyxO>s#J{MEBNR`;i)6|vO9@81hqZq-2ht?j1=x}$6rW>1+(f3ev)V?
zRKwpN0G$YF6OR|E##`|(P1C{{tBmk2J;UGQS=}juuGGUS1_K!?nRn!fS!~Q{8`sd*
zA;`%10rB(528T&RM>v)`98$W$u0!?SagoU3bw|-ml53dYPb|H03)@2(8IHAm>U`bV
ze+<h5M=%2W{j0Dedb&KZUn_skCjjfkml%GwR|CQv+x$QTMrLp9OXF<+n%2!|Kw5|U
zWO}NK3trl&yL>XW3{zIHJeYN3X*U$W>_a>|OHV_F_=PcJKeW%(rNp@#(s7U76+GXQ
zNF$D95WO$E;K@;8%FJ$~;1i3JgVHK7YPheJaqBzjI6WcymVx-PYQ<FzADMSA!}W{b
zx7me`MAmR)w;C0?5C#{|abEg?I$hHE(rw-o39{s$$P6{c>9_<H_b4H-Mf{M;um8U*
zfAl|<-}k?jKT6==%0GAy1*K@D$s5j?ML?><`VGT5Z8I-8*SoYL=7k}-;6dELFCK2~
zI3}2VdN!;0g-pGP1SYLU`^Un2h((SQBVS7e(Z=mak3;)MYNuLZRv|0J@0n5*ji{E;
zAf(D+q((0nQa@J5N1U$^tfF+QRvQMkuR%WkMd<Br&UJmBZv)~kX^2RqHB1z40VOYf
zu2zGZHf6=@BkVRH1R!-rzd?}eaoySe!OIag&B1)5`4TU+9rbd$sGgmPUx<Qj1|+s<
z9MFY+Y)|aIcY=APVp++{!%zM2bla2gww3nfDY#)Tr)(*yz+lE~ekVm1(1W#M-QXGx
z^>vjpFXzOij4FNP%6p&k+1w)x+_H?ftg$N%E94exL0Ya;TBT+_h9*k3*}dHdHkmFO
zQez-^a?zG70Q;;j21pO6+I&obG_aXlDaqL)NuxH}`p%LXp*5uEJ0dZ6Rd~i?!Mh53
zZ$;*RR)oyNN(mjnvfuSw-Mr^?tgF5Xr{uTBux@piu|O2Yqzjnek<mEp-WA@%!IB;A
z>|L0pM2|En9_L1*L6DIv3mK*wflXbnqq28(teJ@+58r}aMoiDY0}}Ivg<RYAc_^0w
zI{O{ZLQRzfASOR}W`&0(vh@Pj#0&d!G2Njo(&<Y4kpjO9Swp#cSX_k>)x63e<(^GN
zdRke@5hc<Dfx!et`@>GP&ZIu4_%Ieeoy&oB+vFDxp#MV?4p5cT!_$b?_H^34C*w|v
zT-=^*%cewD8~aNNkhXT%zjx1IxLx5VTBX|1CgNHwd2j-CObUduqEY+|+R(64vy?N@
zq$8FZ5XQPXqL)e-(cp5`R21w>^O!9gF%?umdmYa!WqKlmXRzZm!S&Oa3(W53=sWl#
z8`?G)$ZA^eEYjdbY*PXD+D12RrXaQv4IFVL{Nodd$yr_m74I==%M^2@lxD}L355_|
zR2yCxpoY#k&PplL5K$b{4)ueRtG~*J7f*^yMi*P7#bJfOk&iyh#n&nT1johjq4>ks
zJL$Tp*+}@4f2dd(m*<j1)Yu!L%eKV`qvLu@O;{IMsPsYT3<&{+-Ih5u!1lenrS(5Z
zpO3k1u5xY$->WzLS0Zg}55T`1&gZ+TSI9Q<?trGgw0yyvuiPhQCnNP=9quqmR@!Ig
zsjjdzYxkKanQtrk#9{V?1gq)*xNTQ1Q|5XCpDh}flo(RJ07ei3BQ|sXOBe!hkm=QD
zcANhT6IMvdza1k>=?3e{@`8XrfQQfPN%9?`%7B1i2XU1kc)S3N^5p>v_bAO#5R)y(
zBri<CqkoU}RjMJeohSq$1Q1%r2`>nA;&Jg_rD>7?A&h^(6*WqCSF6A-DeMbefgm03
z{o!2Y^(P;2Zw&}Dh`5);HNbM*hlpQnpTJ3005VhnP<#in^&lqJq0JCrn$(WI<#v75
zkM~iN%i(-*>*2IV#ASP!*93$H>Xd$7keApRO7L83R;pL)glF}+vVKpan2psVCwM)l
zzU{dUTsYM&W~aa#AyX<L_uHIdK&^~Uy$p{)a^M_1)PwXu_v-01M7aWj(gYHO(Svc-
zkUuemWJ(H6&p>ElzssBK<f$B<DfDQ?I=RU#j&j9aE~>ptNNg|)pAKh&soeORELIco
zE>F7xuT7+yFsabhFI-f0+}0^>zz|1C6FYBG*`?!#6aa9&$25)dJdefxD9ju`hE@q8
z(p(W7{QKP7HUpnO;BpZ9T(iH%T@#F8ezy1Yw0kk_6q;`^mPia7)*j8HG>4kn29g@o
z6<92)dkpBjg3a5BMI(hkK%2_u8awmfB?K4ZKzPW*syTx&-HQ(!_g&&lQ8<h`q}wLw
z!kzq#lge_zBL#GV22{P(ffJN`WM+`cZ~VV2f6PCX-{-%TKmPRJ%5Mh)?gz_5*Niq2
zgy>3F$*+02h`jKU5s-4_f{VY$b>5Ry^08JhR(=qXCd4%QNM|Z@60Z#$|H&tk0brww
z3>zX@eUqF1mO2fZrTcCZh;e&$y{bQfFqi)01_TS=0YsCm#G)T8g659ayS&a#0}nw~
z{wmVhAfY4he+$W12UkTUSDt`hpwCrPJMe(}Tpx1T&Q$;()&*!1>JH43je*{v1QcE!
z9pJm^fRLsDfZYV?j;zMLPzqIqY|e`yF3$m^CSs(NJkJ(9rEUa)G4E~(i0MoXzy@C%
zLF9rs87m$HQWdkDJ%3qbOb5v%XmVpvi9ob_Myx+$Mo%xY&dH$S{BJwfYTFjd6)}n+
z0_FFCpVp7^?{jU`605u+7@C=9m=(eM2{>xNjU_d>fp+~m2)k`CJ}sD+HcK4iwhy*?
zD?x;~I-B+nSor-ydL!U5-tnWEt_`^gDCK@R;>E#gDLH8x^33}_w<m902m~0Db#hDq
z={Gl0rXvYAFu&n<WrH-e5yoZYQfOWSM$}q(XhSCN&$`)jP>xtZf@tZ;uu)!s?}e-^
z;TVGqEYdW2DN~NYM|HymkfE`pwnM-1Rm;UB1y|<wI+vtYd0N$im>j2Y$L@|~0^+CQ
zOG=rMq0%wLY<qw@9^GL}mNpIg8>yFJ;11zGs7NL?7ozb?^S>L?Bdar_87{V6{xJN8
zU~+90_A@{mkrz}FpZj~eMzRQ`+rQr5f_2iGz=F*==sO9fn<*pw#jkT<3HgTegyxPe
z2)W9~j=M+BR`v?K-C|$BMgfxJk29b;2Po90W~H!*&}p|cEG<AU_+2V4p3GHZ?j^vP
zUR;1XP)hfg_2_<xH{v3ojD!w9LV`QNask_!ba7<j{k0|?Mi?t&rKH9U;9tSo_?+uU
z=(la~7|Y8=zv&?0oMlF@PeX)_DJ)br$?y2(;@d9Iq?%5d46BatV9m$i{rOjifTip`
zI;+~DG2|K?Ns(TOm;Of$LuxN*u;~04f5@I=DiOwMjZ2j1&TH!z$2z-U%=;S<`xh|`
zyv&fS;t&q^ZX;w^o7G+)uQ5%;o^hc^(j6AnJ~5})tqle#r)~Vm=6fkh{FN(?pYh+@
z3c+SIog_V5%`!_mKIw?gu(<n-BXO4*(sI(_&ek3=p7xrLU+xBwH-8l*c+vcha65U{
zgdQ~ud!3U6mue)ApWuxK@-_s5!)x*0ZQB-%;F4q$j&5Ff!QzgsUOF85Dtp{@h5I9E
zh9IrBJV*b>?FmkSNCS}ojp?~c^}zcvBVZq_s#jDuSlkEL2FLNa9mY?3rbM1FVK~UU
zqFNQKqFN7lb1|4fY(-HWSXoR_#$J82U?Z`jFjT0BM4Q19!~+m{>fU)KyJPx?ezP~J
zxioA&<$EOQ9J%H(z_V>*_el`5W(D&!&hHoqrrQ#IF@ti!IyFz#2}2I$b;JzRBe+b8
z*rC!)Ifv7ASK%B(E<6GwdX#&uTD;UYTDz+bd8G^=8U=L4-Bn_5)8+g=;kr?MrVMFt
zasHFtLjDqi^qjR;ar5y&!C~-T(?6I-jT=F|HGP*|EznjE_isnG_j139Ts=v@y$j-|
zpba`tH9E@-f6FfrWpv1fu;`XgEQw0MxesRGq|Gdfs_y5+?heZB7Di^Lk}vSeb~y(f
zF|wRVsO(H3uS4dtk}2$@o`vWXu=)oP(#XZ{{dA)g?umlj&3R^Nf4Eu7{Q@WDBA9!B
zf8J0#ae<ekmUSbm#xkTNS1VJ3Rn~9-Ikz;g5T*8<YUgIl=DrFe5}<7F5~6FUuXg<?
ziAs_1hf@Z!ezxOJ4D}{>!q#meV>0+@Obc*Iw>01hsJ@f7EK1zZTPSq)1nL?*BrQsm
zadeWJF5{n@A;bT7<&XWR@_YZc@~3|MxAGrAK|#f(di==butKHUzKn$AkXC#7e+Yg_
z|82A!ES;{u=B8o<eNpTAnp*Df@A(_Ro6v!8)BWZnkO#a}&>qa+Xe73WbiuzSKFYO@
zFjc7(P#36Z*DI9a`IS^y$)mN#&|6%T`-ojCF8FPO1MK4B@*SJ$8%qRttgqEQi=+P@
zmQrDe0Syeq#i;T1nfC+KP$x+FXeOCknXQ4#T(a<B23W(j=z<s&p>?#3AvfM>D9-I)
zx`K1Z<sy!IF>;&r*YmlXc=n*81X}k!PRvQ#>F=*G3S}2v#>3-RocPBMA#+~6>NiEz
zUUN88AfVgWM!DJ+`Llkq>XoI<^c+uQ;&{?0h<o67n_HzX)0^lz>*#6;vL?1a|A()y
z42nX1-=?IyrKG#NyFt3U8w3<dLAq<{mX?r4x;sT0B&4OK1&R0J{O7zg=gaQ{jx)}#
zJIn6%Joj~9Ay%uQlulKIkbVSmnMHY-v1t0XjaW9co_phzun2S0EA-xj%|iNYIt+IN
zIYcPQl*OodDs~oXl=0Q{Me$RDawd-Qr(>V;X9iC^a;`Tyh<+VK_6v-vxOArPE}Zfr
zZm)bZWi%U-w*;dA8HgOA%>om6IiF{`h%fJYw?s$I@^9=c>~qu1m_&gP1*C!rmlf8l
zzvYufy<Ddvi|C_)3sxawMaB)|zcjh@yiLb>7q_d<6}0w>)B6eSt36NG!cNJx)gr3v
zw1fS#jwg%UlU$iZJ~|}1kIX$$$BP8fv;oOvk@7O?g^@dv(&CF&j%`T<5?3g{Lb%kO
z+NWz}qM{&DQ9pj9*awg~Lsvwplk<`xxSOQUDtyssvN`qGguSMs;V;)qsOGI?%nv%x
zi8RA0sJP~!q%dTWJKI!1%y`TMCL?~%Z%mQ_g!0MRBL;BE?N5vI0`AjqMTLkHs|vS;
zGgnv|M|Us1Kvt(5*SA)IK1lMYP3U1*bC;GH?y;7Gn_Bftf?ri63!1#jH(O{gMF($M
zZFqWr<#39PkylAh0CRQ%>OJ?q>uAe8c29_j+#HxVPb=Iw%nb6IA2r}GCehOe74Q#v
z!??w5ew3BSz{Rx1jirwxxA-I>{v8q74hl<64Xa;&GhJGWtsXMJvL3Ek_t*90_lYlk
z?L}MTiO*r@+nX}Lw#+p-<mG=oL6!5zR@7^8FaD`fn5p)8XPQK2B7~NTfnrHPP-$0_
zWq`37)^zm!BZT2~Iy*(VNMZj0Sg()EY0Qi|9ke(W?mTmFx=NLyj?x-9a=AXe+#^dx
zUOhn1?_F6wO@&7MHelMX@j&A%Zd6-pF|$b#CKd1{M!kSl(l0x<T9jDCXU(n2wi-`(
z-awYZxzNkXyL}N{vSqAu0~hshi~W8-nu(f`hSKc@`<Y6HPkHc|vPDUPip87n<EIjK
zCA02RXvQt~givtSGS`>F(F}KsNI#9+D;6yk{mS@i$>j8ovJmHLQy>*Ti9N0A*FoH1
z<w`8md};bjAMjW(A2-mxwoOccN9N1_<I&1W#51(nmTDF|R`j6Y(LdBjV;xL{Yo<S@
z2Z7s{&+5ISWb?l4rT!!ryINbJZgSo%|JhT~6<DW|iv@SavyxYe=!ys4Bc;OcADn=F
z>2pNPz)o8{7o)rfSmf{Fl+t>TX{jkCNk48=6(32wP>27d@5&)836koW85c|Us<&eS
zTHd4?_K2Ex%62Imn{mF#W-94s2t~ez!z6FkfJ>GiuLSR)E>8T9(ZH=XO+o=L0zMGb
zZHdIdKX^I7YF}K5n`<8>PgK@+THAJF880G>eP}0mlV)&V)RAX_bB!yqB^Y25)15%n
z^g7m92Zz4M`lv9o3zl^>LSiS)ibj|rw8jcCdx+vV;Cqq5Ij(9*Nq{BYkRR-FNjOn9
zPR3A!#~W!4HH?$=3RH@(1Z>n|;#5^QsdZOz{DhC2mqhB-7KyhS*AeQE7R{(E+E>X6
z)9;lLc6qMVrw5IwU&SLRDrLY>F|8pcCZp<{sXyQOqy9JY$Nq!-UjIe@Ox=Hx{}vYt
z3L;q9keo7Oh3cBZz)Aen`)X+yj5QNjn#=);m_>F+$<2RWA#n761z~Zm^4GUHr+%dX
z!OuwHINaUznPKg;9I#v9w`SAgT%!%CQ7w~R^D3lGg&L?x7zd$9Wda1#iYX;|4fiE8
z^rPnFV^hH2CTOfF1&x06+p@+O6K3rgnFa4WA|PG?dAp;pM#z=LK*Ul$^w8GV>I_bj
zc_EjT=2H;KZ}A~H5AR&MNs{%u5v0dJ^Vy6Q5+W=~EJB!8I}`u?<%{wAw18Uz1)c;q
zVV!m1<f!R`@q`EDTMBGjb9H=El0A^<IFM0_`0DNM_?aU~BJVKt<}OvEWlFd3LC#l~
zRfDQ5UbmS<-diP1?~yIVF>u7*ym~r&bqO0ZtiP9Q@nS@2$wn_hK#{%=-#b($;ax|z
zcM@dCg~yT$28LFvo!yl~Qc3>TLPX3L&VS+pK>}oBiqq(2=B&2_i^s{Fj4$MUOMxch
zVD1vd?1XMjJlgK0;9;f0%Yk}Zo?ND?*L8{Lq=MU24CE81rk1=nV1oA&kIou$UI!sw
zrO4MS?a6`d85UK3n&md+lthMC70hwEnU(GouVZVn9$)bM;d*n{yRQ>uZWDLGc45s6
z++@TD9w2mt*7Ff4<QhTGp_c`A&ZhK7v&3F@uZ}eZR$>MHq%s0OHzf~K8pePNz5vbU
z@>Du>l|5`?_>tgu)D><ar|B@3Y4scPC9jFcZWRvYGZVX<DEq{K;wMmei}_dkR|7@;
zUZ^^He5p}XsZjV{&jS@XHNp4akrhkQ={DjQ8XOl?en%~Lxp|7x&JyjhJ)N`BFs^)Y
z?FpxGB^gu*^ndM27jXn)!R7`bwz<QtRIF||ob$Udd?R$Kxxx;!^c7j$JV3z*Tl8hH
zJ$VVfG2ME1C}#i{t0yt`y~hGnKsHvIa#Ml0=Mk#ph$L~2;m!b-n$CAabKN6;5@O7L
z3Dhm-WVPf2#x){#&qTSGzD}BmB-0%#vT@pvK3LTo<gRSpsZh*I`bWa656sqjLu3#N
z{diO&Zh0;f%qF2&bc=1arO5b2WWj71r4y%A3SMZE1%7NKtodr$<2OcS3GMbebOt(9
zwB=MCmSg*NRPXZ|8shcLJY?C??5-|jHYa(;+$>s+#N|J}eJ=}7j4u;NzRd6ruLX@p
zt&nOK(m+ZiKZ3Dihl%`Bz}<>uHu2=#S9Y7G6mEldyMGjme|_8IdlV$Cjt3E;N1Bs_
zEuC4vu88u&hdR6#M6H<!r;y5(sN@h`Aa=~meP!YTpFDTvrcN&(lFBa^P$TUI2LUyC
z*B0Rf^TcKLj~!4*@!6wp*^L~69kc#&WxQ^$u&Cpk%)Yu#Ol7Kg9!YOUk;3L++dX>@
z^*brFLInm4ZJ@-$UKLEM-i{`3Z5MvUv?N2*k!wIxoi-*M;;7Y$jpesbM~&lWO%H=s
z8tWSpur%_+XW0Dyt|qUl027wqF15<#Wv|%7jM$vNBQUP4<MBycn%)nX_UkZ15<oQT
zMqmAAqNR?HPaIV8r=$QL*eMx-o1jUQ{wn0GGker^J%V+<0>bEqo+%CR0$T}}(HV~%
zUs{c3<3&ugDC$3^(l#VJN75Xd+w8EV5Yk?##0RHxs$uUttPF2KymuwetR$OdEB*Ev
z&2(H60%obNf0Ydi)8iw;6ASqa+t0iWiycKpb5IK=(o&(cM{#*MOYYXs*)>R8{sLmA
z<k6X2UQ^60?XMwgioEx!I@z1S*QiIbae$AY)4@S{8lLB~1R7()+zQZk=qy_M!zwV>
z|8bb7GQ=NX@$at?*NFfzF^d5o9L_&fRKs3;dKRn&*ghS~#>y{$dVX-gH8o{`fvl-c
z`lDjTQ{E?8YG?3LX2HMNNqxprAb$QE_%D_*mk|?ZIRkn_kV3IX&z_M#?tdeH+&{?g
z`CsJ!gz_))Zvt(Pi%fppB?!^|19mu0!0(5b*L}Zw>VE^6{O7&%Z59Eb@w!V5zT{uY
z-TCH}kX?Czav3q;oZ@-EOv7I5k!j)yY)KeMKl_PjPM=#zCo_4Jh*t*^o)`Ilxt>8C
zTs$^YI)F@TP+~N4=xH<q^fdfU=MORm0>cYXP4MWEJj%h7W;2;xc60yM@fBdmz{d7W
zIll1l4wSpNNypEfoCkn(k0byGoYsmP-rqr*7h!U(^Z?R@Osw91lL6A@`u#2+NCP~!
zc(((QGre*$2V%U+xZ{n~KlMx#h^YZ%jbtN0fOi2}r3GCMwsz5V(uE-9x+yqYs4R0{
zi*-ilVxa1FER|)8pZd*79Q?Bhsb0^k{awA?_kw<N5UPNV&Cu`vGZ4W+-XzN(jL-1l
z>^53^V~QTwXmIa-6&T3K{YvzCZqw>Ag6`B9RU(6nL!}t+K7!*+=f99gVo9fc8+!~m
zjx1)g0ctZFZp+_42}+8Ga!EnfAiB<N+LY1~oPEan+kA!RcIX(Q3s+g%WFH3WYU$bl
z;R^?EK$FC*GIS#Ru}cyhNO0C7A^(W{6RltnGz<PkY5dGb=IBX@MnHmN;C}z7({1gU
zas39&;l!%%5R5_ACs02O>uNOv%eX4w&HzKqM#jY|_a@>UxF)^<R^(g7KYigC&-LG=
z)htpB6}%TW0Z%u;e9372CjYsPK~NBI4e;nBdbOXofJMd?7`1ai4|*w3e*vDF<yyU3
z6G+6G0q^t|I3COO9CJKC7swOnKc3O32OqI?=x2t?)_QvwL?=9xK6lUWW^UGZz}%Uo
zW=P};{DMCMyzL~Y^Ubf#t7_RLx(3CQKl=6kLFraoCW(hk>qZ#y^N4J6V)F*qE{4P8
zdIT{tKagtBLK^Rt1up)?END4MUK7~lER>A}v7Sxd)B+i3d7njmulo-`q)q8@6vox}
zFYq9??Z)Aaokl`?vPhagpm@GI|M;p;M4y&Dl#{HEi)PsAC*WEVYtrE(fGzWbQTEn-
z<mJIfXjs&|CCh=vTk=U%qzcfQ9R{rxlR|=10feG;gJZNikPB;Jg<(ediZ-7U)qyOC
zI#i&?ZJk*UOjUmuh~X8JXKMnQJ)m+eGVSuu5%P>9m{8s%^<4RGWq;#dpg>~x^T+z*
z*G|7D_q@oI^HBJh&|VO1W5`;RZ4TZDlvh?_B_#&OY1PCuBRC3P&kcCbBmjt=gUYYP
z2PDo9kPy(5D8QUt@$_Av2@8i5Z@(IZP!h!>R~s}sfbZ?oUcjU6&v62fHZ^voBKGj^
zfzw!Lh?b)Vxo>fpR^Ds*-OTIPYB`i6DjWy|dZZw`z%_njC%WSB23*V>=E}8ASak5e
z7&h_xt=|$whst1z()xgC69VIR>I2Fq;^x<ps#=gD1=cB0O!b*oF7H`uDIG-*!CZd|
z!8>ZX2k8KW>)sp}pa7`Ul1#VCNZ+|kuQuodF22%b;j4$wn1(FPc7FhoA3y!_E~<QX
zK4yy3VWUp9Rj~rYH7&gclj29a^lFNRjaFwGRW96g2(2SGLthx0QkNp_#z-cQqx86B
z*)<S`W#080Ep!XdNm~>%D-t7#%QSMQb^9}V`GdZpM8-NE%+f>f5+}3x*mmA1x5~0a
z`0;p@aej3dgOTE5B1%ee$jO)i`Kq?COpALo7@MAWj#=Ca-Xjzm%Z_HCTk0`Is2H#H
zCw<V~I!_hFEuhO>*0uzZy1l`!ql|kFHqBtR3U+-3`TB@j+w-zxl2bYX8ofvm)rN8O
zEQ5Ruxs28nQ*fU`Ta$wl!SJ3a2+EkA9Ub#IV4xfpawba=u+8=yCJ6L#f5T(A2}OLk
zw+Mo^j@4DDHN@Z8JR^U}|3?1!e~|zEf04hq>tE#G=7WO5oKv@wD8m)ILVnnB3(=Kb
zS|d;7i%L`6_aNA59?MAMJS7kI+K@l6-W|{2mlrLRrk;?011f54D!JosLcIgMhoVeN
z9cd|H-ocQ1bpA17^`^{CSsxHzaN9?vSD0iWQOp>MeBq7Ah#A0_K%dnOZ{di+;N#R~
z5u_m?$4c(70wN>G5l2VNWGcKW?tnlyaC?flGIR+9DG>Z1EZoBUh#I7oBUSR2F^W&>
z3tI8p8osV0i;Psd&;pa?y|EsJ<s8D|Ki&<I^vU*$(z>@FWU+S~PwPKxHFIL+md&p$
z6rEIsJbemAw}4u0^R(qH>sAt&)AZD}v546>O^6VfV&7T`;k`%MqvA+)mo{eJy?pa@
z{ie*v!Hi0?_IhvEeHDvJcKaqMP+((uCxq+%C7(-nLe4H_Zbf{8H0mRIGe4E5S#f^^
zHgpdOS(vFfQsp>Ln{^WP>G#5L9DN?gH*NxFei`#%(?Ly@R?m^{*Wq&lCFNkWHoow&
z(T9g}%A5=>l}wqYl-;55XIM$~;94?EMVli&@(aAfqV{cZwz>6a3!z&h6?q!NSZ!q!
zcUP;8z8HlUW-nf+k4uA-P#Nhyvtw@f-cZMrPoAKpF4tH(mX)`vK$ZVh7`2&1d-JA*
z3TKk39r-obKup?^+PlRTo;w68XI6|Z*@^00YQQjA;}8+jE4qNzSZPR~bjwGLRCriz
zmYoduF_`9;&p52^pJES=KF)ADE^N||H3?WkqmksT5xvqcc8gJ)5%*19dViCbzY8s3
z-T_Ahg{fZi__}-6Hl~o`X=<HweDiS>9+S;@I#x8|AE}MsBv$%w=UV0r<VBg}HY9iy
zw`4z*Yosm)fV5tv+W-N3d&J`L2_^m4#3<a?-O>B&L9ECU$#t>3()cq7LHBdhuAe^J
zr-anJFGTl3)q#VeN<hPX9u(VQ$!EFNG~mw}^z=N<(0wlkUXf#GnX7m=vJ<-~{csvN
zN|>jNE__MO|D_gxDlKtWU&cV&grnI^_Y?nI<DX1vjYUe&0%Y=TQHCyqk<DG5njwT5
z6o+CbyjQ*pnL!#lYN5p=@2%K&=z3+*^g<iUr``iwzy(|9w-+DNKQEMPS2#E#P%H|@
zF>wqhH>BgjCzwQ9#8UUX5|=>wWt=E*R^zbV*%3G-37?E*XqR+VTyZ&3>?aJ7g?S}d
zMAF#;&bXo#;-Ht!h<d@=WOEaB$%dQIpY4ShITRDFS3OM&e=XJ)&V7g_o(brcM}}49
z-+;q`{zQHa@B;ENP9C-7+CqS>MGNi~ucb4HHo;tH2%*tSREN>Z2A8E+lp2<}qIn@T
zRteK2Y03Ek+Lw^u6sqL8b8!5eCXvNURv6%-7QXe-4G{Aa>w5OA+Ldit*F@-{hz{+B
zh+G72`AE$DeefjIRl*S;{2QY}ibJ*VaqTqE3c|hUO44Z)C&f3HwSZyeV}KEQlt#$T
z_^nJ`KvWcQ-M%7~ZfLRlmDbvPH5O-qPD(~ye{{62k<@j85JD5^S0W1C8KV&sm8<Rj
zf~An7u{Xd}DX%>`+LT%sYvTeo(HiiR0av;K*88Lri@c_Bs4T3^dLePI#MUs2ZfaGF
z)ebK;u9@W+Dz4cI^v?~;hkA&hJH%&+eJ_*ilH-?mJVNCKLHpUWX{8#!1cgq3$gf6)
zLfq;@r6lziXd#VHFco@MJTDc1N-ou5>rI0^vI<o;4QF=|$-E5LKAoPHv!-t;E+ywz
z`@9)<i1%}cQL?*h0k8A&5xCUE$U%}0G!<I56y*a88f+{qOceE72L_9({R{eNnd;s8
z=y3;ATt5@i{^q7?%!tkxF0P^Y)J@Rz!B9LD_YCaI(s+ZhT19|l#6p0%I%#_Q)J2zC
zmQ2Bmfe9u9nV?=!Wi(zx?h|q9{6`;j$`8(|+r>xE$Y1`ykw4)d<oEb5@>jh57x|}c
zp`cW(XL;YS?$EGV^GutUP+^&Fnq-~2FB2)9yN_(x;^Ht_qagdE3Cx7@)7!Q>8d342
z(ng=-Q6t!m>%~NDj!)3Y)2qVzsP~Xj>eE4RApE(=Da6V96}F|rQCb|35`)cRC$ig!
zKzVFE6={u9ICvt1@jCCoHNXA?Vy7@#Xk(`pqvP6CphbY){sY40({6)eg(H?gAoi7d
zc1?GCa%fBl1_&ep6G*y-rz^Eu)HznX;?hJ(jcSm3PWN^t6g@q))nQz`P{kyQqW8!J
z^?WJkX)!Z|wt~uBBt9;=E*h#RDtcpFyawgz#qiTz^;0IVjmUO_)cZAW+g*viXI1J^
zU7CA~o<+om5@t?H)E!i<{MvL@WF>OYVQ6^kAfkar%*&k7<QHZx_1%v;c60EED*#_8
zl176;Q<N_zf{JeZO^K$8r0O=*3kz8LG7IT+0&KI27^9cps)Zp2rkahBsS?ExuR&rU
z4Y5^)jVWvf*_PFKr<%I|aq3=St!8$5m6v4%OZS3ItHnIHd|LThVCp5fNtn${P>cTg
z3Cj^d@D}-&S_--BQ}GJh27Gw$ykh?m3M&MMLeJMxxfY6Py^mmV93$XQpH@$<x6qil
z%|zyobVgPlDq~eF+y&59<VCX>x8kbuep7iC4Q!~653ni8xTr8zTI8_GY=^;bA~Nv|
zHmJ(gBic?;828X!Bf*ePvmfm2yHXuZwR(Yq7Um3>Eqyr+b#>%WGr7x11bZk_E-vK0
zBB^W{?J*8WJ>Q*YNU+kX)DL_KL#JAqR%1Kp&w<4i!zsDR^MJzm5xPx-@iFvU!)mLC
zquc=~I41XIXp0dqzQkyzHb^G1Hhd3mV_-@dJNzB5?T`ckT+i)hG#hU{GeUsBVzFNy
zsl!W;da91oOmz_5%EOL-ph$c?H}B10sB;7cn|TY$Pb2O%x#2-}s=ut}e3I$w%&*54
zW<noiqVbXVY@Tc9mtFA(yY(HmuNxx+k3mlR?Qdv`i)f<`Jxz9sWg9NHoqWJ!mIZYT
zxHGhQ6L7uQD>JsT?S@#HW7*VU-Z5ZktO#6RAagR{%EPKVEJmuYH-gXSfMSLF%S3q!
z%6<}sDzhVCZi1WI<5C=NdA~BheZGRjv_`sMV6PX$E?8ey$WDiDH|Xf}!X!a>m>I=z
zJ5iwjozgciWR}DkZW(h|<L77$o`UkFdj(l|n*9Ma9a_sFbD*s`qR0&`(U>1#cwPoQ
z_a=4<!6Z^k4w5lRKW;{2#%MeB$?4kQI0&dK+RVMGfb9%Zh%H5br)c?!>U}@dLan3s
zPsVsmDYSXTivbcOhuiQVD@EB_n+c+NHQ&%lni(!ei4`0vQ5wStp{|dlxWXW%sjLl{
z>mnv+dd;b%r%fLYbY*e>X6k1QN{}6xB7_Eu+n<mmPO9P&6lL0z_)X8@p$5mZPQTay
z-_zz#8KA_eDy0rCSm6-mV^KKtPm{Ly$D6ypn231D0v<-HHt>>C*#qMm{xG}(#*6h`
zF|P@y$7g5WI+<E4Kv*+UIrS1s9Qw?<D|r*RzO^T}5SIQ-LC*!MC0D|?Q*>QXw#S)9
z^x9PRU4#?^y>eYaK{A?%<Dy&WoU>6CGci-DwU#hFpXocOd(m!H#u000d<FmXm!!_?
zgvlbYFJZO#On=qZ_TPf%s)9~LOg)f4l=rmHy9?TO(}u>*bWz)qf2e+eN6ltk#@3BA
zFnEB?7gvTx!w*#3saNtYo7pJ=?y{S3{*BzH`<YfoivLi%VCLLE&~eU5tMkRj_NRjn
zP|^A(C9x}0LYK)OnmD8~0qIU2l=rF>vbq{9Mq~TwNL<%)4|+fyGXg|MrE2aAmwWTr
zi>Nf*zBS8R4^kaQ{3S1T5|V^qMy7=dU_s#NS-8c;b_|6h_-`j*{>kUB`rpW(_z&{G
z`!Dj>(*2A44s}paoCyu7xVz)bI%nsIUTo}ptGf~9-WD)Vi!3tqNV>(T{n@&MXr5Tq
zP%OD7C^;yff~t!>VK9R}0M+s5Gc`4da}9V-Nrj(e+z}B@3N90q2i@|cZTHl^BW%WF
z3UD#Tc4Z<ujnD0%M@v17$XCZoOCF`a)I&D+8`4~sKJs)&<Gn=oWsR0_TWwAjd40AJ
z@USqK`-EhXjm?5I&DV81L8wB4gi-8jG1E;U0CQ@_D?%+UpX4ZA7Z-(rN6on?$zgRH
z?-r^#G+`=;p{GP`o@!O{uuPQl@*lSBGZ7M6=<#ru5q6oxyByV54=)p9<b#NqGJS}Y
z5_ny4Mq;J@rQGH|1NDumJ+*P275LgLJ>CBTcVrU~(*Ho?{mg5#olUHRTBlcaqQ%kn
z#Pa|DVZT7iiT#<B4%%JocQ9_680Bq3$D{47L=^o)9|ES%8Igz5{+Ye27V7{e%3Fc}
z-Vl6Nqs2|dEVR2Wm94>8UoiZ3z57Z`0U7kgXVR%07884V)~;PnE8XfE-yaME3P$(1
zs^{tc+Y>W@@Vxs~?<c{E$%R)YfIpc%2MKr6x;{*$ncHJ&Yzy{2xW7T+WCxWBvv5Xg
zDIi~-ZB;X2PG#h%B%ea8$5M+qA9uzz35ueYOTT?7Brx$Z2ZOwuJ!KsKS&FVn*~QKY
zjCrW4zZ7&U4a?Uuaz>gVtk??Uhd-b=1IdOF1tYo>a7OTsCYyD78U|?2hbqA-OuF-|
z`I@W(ILP((^ApKYkiT&PBREe!>AFexU@M4vJYY;%dHG8|wjAYd?&otufm=&i!S;?r
zSyKAhbj&824o;eh^-h>y$fCLXtVTd!oBO6`zQTvb%3oD8LLif-Em}~ZZyKn$s*=5}
zGaF59wGxlv71v-2?swPP-y(Y{MD*N~a5y^kb)A_=xjXC{s8Uo45BxB3svZe1gd$f}
zt&Zd<uQ{0g34X1#dbfuLM_<045g^`e+}|BmmumVUb;0t_Z6ATbF#oG6PeH?-qoqrT
z{HW-&yBHkW18v_Vo|*M>Zfs6awp$Gp!g3^T{m<e4)jDYrkMSbci_e&R+tl*+`nV1J
zo^}1IzltZ(zJ6v<o}*(%$%^(A!@*1hmc92tg4VFfG|g-dDu;>srOq+KRQG>%!(vcd
zeajVLIuSI#D^MOa2NOSN#Wn@D4V7#mPnY)B!73tGTJR$=7vq|w)Tz%-C&&dzZ#3xe
zxiUZetdzzI^iMYdXVIqFz+CGVQuX+-{v`5LW&OZy*8LHzk%|aHKka}D+gOwzpzck5
z(4`2JXE4~4QrrT+krsz;WYpWI+q|cYrg2bEnbiXncATS}-3JoE@S)>`Yk*n8W66GS
ztN|{Z`L&S(asgYA9LTjl6_elxC}@vOsg~{g4%IwS1k!hywS}O@@k_XO%XYUwIhv)%
zth$`~FmTnrwwb7L524ZuL3v*=asA_sDHW~G^D68L6B^J8eMDQ%aWkr7r1I}i*GON9
zokajXD;64qRImZ?aUkpYv)XE1mLhObzZ63gZ70mz)#)V|a$Hz%24ZcXrrBF=ahrN(
zmy7*<P{c9c$!nh-AEBkSzkp+}!1Jz<4a7#`kc}e|@Hm(S`F}s#)*o1j;|SWw>F#3|
zTv<WZi_h07<S5AbS;QpZAk_@Nf?-{}#w&L0AU-e=VSXUkP~D!Q=H{THT1Av52HOd2
z*x3St%ZMhj_%Qa4zy4swH;uUl-jEGX^h^e*tkKi$eIRO!^$gFV#!rb-;Zq<!KB$_~
z_p;ps3MQ56G-TV~6hAXXfP-mZC*@@jp?E%ZB5J)_IPyCJ<dsNtx;#HlvlzZdxN0*C
zecOU9YlRxW$J^&SfA9ZBe#k$_|MtJg|Mkbe$nTL01+`ZS=~@J(JWOjI$Ln2Pc9Ldt
z7BA_izrVeOsNLhOZoaV6FV>HqwmtLLVPGQL{0Tk`U=^o`CjtU4{a<_y#RRHgPkdw#
zY^b^&zH~=?ncM0=qHdegB4IqN1`QGCmT6UH=yMO5-%OCXg$w_50@5=$w)Yf@t~@1b
zz)gVCMDt5J?Tdl2g)1f29{f^C7PEZEg{s@M_gR4J02=vFBs2kugaG|skfd~Am7A7b
zMfjH4(q46Nz)rL71{6-{8O{xRgx1skL&%L*6q5z%f=h0I59~r3JsY_Tc6tJ~aUwVJ
zg)DKIC{06UPzQaUGQG)c${Rx3=3vya%LyQe_5t3x=h~!w79=iCuvT<_*0M`N-wOw#
z$D!uIcB7eto@pRlLC|3cwB0C4X?xhF6N{9bQ8Ru&w98O$z-v;v%_(~bW1e<jOEn1E
zaPd$~THY~=_sH`%BVy~7O3adlgsAt#%q8kWNPb8bi{NHbk1~9t{A9=YS98>iH_BIt
zb%QQIJV6`&SH+oGN^&}xv<OU+X~A%GVNinIz>wz2bK&`jM!LoJ_@;q)M&L&*+Yyt3
zHG%~0L3+xNW1zC$ro&%cq03-_rlk4U1P{UQYR))3zb3HRUchy@<spp3Rlme~*dOv5
z_~o+Nnh{Fh1vS;npYLX+Dg9di?3oi&gCqn>T8Yke7v;9Lt%KZ@<)$}zkFid2I)k|$
z{d{LPeC&bRawf>pyh~O|4KFcGqb>B0!iPBGnYf}%?W+s+;ROarILMUb!>sJAcqs!7
zA+JI!FUDKmGGwXgKnFf#2CPRp57$lmzbbaxLD}gwH<Z0SXuM}C<}R)jv=d#F=_n+E
zW;KOP^<jBCp11?6wLv}(p@l{d6$VSCSv_0QKR(pol6az}xw|6GlakZ2w~BmiQ3s{B
zbw7dFFD2HUFx?;qv-q@2x08kHyq86ATw_L#l{tU~YsxezPqe3515)qb;6N>9YQ-;o
z;G+Dpzf}+K4)zV$KPqK%5_V1SP@~l7Q+nwbXU<7=5DIRq1E_-WCSs!<yDRkgrPcY@
zTe^WX-Z-}FipOhPUtKe<^tqA)E^P0T0mh)ljy!C-i<%;8gGzp})#DJX0ZNuh3utN5
zCch)?uISLVgBq=V>7sMeU6H6ecS=j><%0L*NUL>Bf8x1vvOG!6pX(&jiA*)}V`xX5
zq6R7!)QfsH+vGFxzk3hM!00<skJ?I@#-@~9^7DqnOsW@~5~xKlYK>}H6eTb+ie*V>
zmU4WrPyWKDsPFA}^3$kJCTNt+qSFpyA89I^$T~HrV8j!!pPpbv1$+2K4}PBe7&LR?
z4<8v3=eR?EB3MJKyq6ZHr8`bDOMf9i-OWdN!FoC7N11v{Ng42kvJ4MDn(_dw-<I?$
zbiS0QG<>0hWR^7;a1YGq*M146W~`!<&ZYeT3DfV8rLY^?A>6mA%E%G%{VI?t79i@Z
z+4!lufKZI$#Sk#LmK!vu_5EH4``(9Nh4HCZ91Gx3l5Z;DZ8qt4$`t^{hKzp1xYWGR
zUQw(=9EB+Ir!e9690U_LO`{S@Sr~3m|2fw1hZDum^jv4F>NVM1MyhpmF}+tJS2_Wd
z_2}my$>&fBO`~A#Xex$48R*ohN~Sm7Blcu9KYyZ_28T1qREK+;xO-QwP`MbWN9c8v
ze@O@8J~l<Dt<bxX7t8#K4auv<c=R+O>d}$;(@;yy8Luf%5kEl*Nn3PiT+&9f>r#;(
z16jgsGiXXf!cmLPeHP_EC#7c#%%stOguN}}=(U(#4Nb~Niw?a%FBexYz_GYMfrSpU
z4@Ex!w}uJroo^h$L0XKf?e06HEMFH3WZkZ4X$U$w2w<=;^nOq4^`jW~I}jE996W=@
z%3a18k4*h0n{)7(Qm54TjQoTD8~Ky|L4NoDB7b}QzsO&;37lN>m#mnm`-`<((1-M?
zi&zRXs}+*ep(<|b7898~;$`r;3E^^M@6AHT^JtYaOrPh`PgLwUaT$%D3%dDVL;FRG
zw7^XK{0*FVi|KLn67d>{wF+OwxoUBXKku4c(o1VF(e{NmJ?i*nzMwDGCa#WA)H$24
z$p{+XXVyu~Ue=O41$K81mBL>@=+7;Gw_=x=tc%YJA>^`A?p!W%wWQpRf{2(`7+}3A
z#jV1&G%Tzs(i+813D9TdU>u>a#B9_=W^~o{qfO|=aS<Pouky<m%#|$Gs9RPguR$xP
z{ZczbL)&9uDjBnwZ0j;RT?)3>ZPUDqjeuZOfKVmY*UYIuGFD~Be!zcU{D!sm_<pc$
zB_zHt;A2S}{Wi^LJ@@pyKeBxAVq$r6an8O*x_n4VgC;ZjRtVk(WKM5~FTX<bT;shh
zehlt;gAY9$;4of$o5%vsh)6<Ygel!c`*vrkRzJ5w?+%?AHLaGk*&0t(kwh5n%z4mu
zv7$p+-p8*s1Dw8B2aSHW?g<vy88p5LT1CWYQ}H4Vl_xIl0iVfq18ZU%DK36?)uGFx
zLvO>z4a*i#+C|BYmn?tK;2Nkd%Yi&Ac?1c{r^!P7UO(DUWV|<+^^n$}yGxOiI@cPi
zYk>^C<@esjQb401p;MUrvy@VwjS|<}4QL^n0|{yh+KD!LHD{D~hvan>S}fd&H%Zix
z%&9+Q3ylsd4kJkl3ZAGL63N3`vy}GB)VTd0_Jr24AfMlX0~6O7T7Eg9IGF|hH5}7x
z6wFUUF<&BnG}u!Kz<nSrDG2h=08yc%y4*S%I&Gms<Px{?(tB=iS2QMzT<`BY&ES-p
z;6I}<Um&K!&RNDgNv!V^JHIZc5*cKz-B)=<4b2vElLQY!xnq#CyYA+yV=lp_k<qjT
z?o}y22Q*gLB9Za$$Y4K4V+va(9oGV`PwXwiajN<|18bdvJ22`hNu-&{mn(>N*ppBw
z=#`;Z4)}a0uamT*mbVns^u{G9^O9E+!`~*Vo#Qv=6bkc`H~!w1@LM_O{bodbLc41~
z2$?~i#Eh_gr;ftMAi;JYH|IQTiLn^91&3Ii$g9DIJx!b(x3mOgfYJ$z{Va2{#RYyn
z$}IX$M|TFJska)WmOV?Z)a(EjUi~S4i#A?IBI@9qiS-+@``s1f@#{^}RRSu^qN_9t
zV))^=(XDwy&lmqjTxwe+K$PiL+o%*ovYI&wT!7<4*wvih(tWE66Z;dX8~%Fo_fV>P
z{z7VO8cS=1^Z@K;g&cxejZ*js<T`v7gOJD&O#bw<#Y1YM2stO!BKB-mF3uK(^IdEz
zRf2DBP&G#+4TGet(L(sWP9Nuh3eEb61Qhqy$q{7_b1tQX%F66&kP8qi^TMUGjqL>Q
zhrKZF!8s?+aqULfVXXBpHN>&yz?(EV(@&$Nq5B#c2Gt{s_kiD9X`(P`-lD<q13AO&
zNQdYZCR+FwCvJt~dgq6z-E`#)&H*P{!tF>4>)2Aace)Wpvxq_DxzO;h5}C-;1Z0L$
zaIgs$_0V>8GC@QXWS}s8fbl+>LI)H#<|~N0sL`TNYw$cAfuN}Q<v8iE61lAu7PV#2
zdr^4Utby<n(3oZ^2*wjYXKmaBh7#Fg)B8rxnoRj(=B6Hf(`ViIO5ckj^Xbd7L&=U!
z@*%)LIgDCZj?xFk;srvpd7rZg)UgH$ti;*E$52AO1rhW6vbVAkMH;V%>wzAk$#H>o
zH8&x>(fP-FFmhn6MvTUHr!h}Xe|x7pzBs@Zo3q*9kcS?&DEK+L!4;s(F{6u~{Rb>n
z%7OaiR?BRLLrj{djaQEp#yZ7@7rotJ+!3Qi@ZNN>M~qZ$Med1YrrW|shQ*XnR%73r
zJ#z^)i;9QK!h>cFOS3hpF`psG!1mg!-}gS(xPC@{goppx$(8&M^1J;P`Fo}QMSj(O
zD5!|!+b>V~ZBf+XuE)Tr7MXCi37gxg#7M~1MU}tOsa>H{89nYFg&UNpsqU^PXns5u
z|6=q_Y!3FeFZ>B^BvbecQOWp3L70=DQuI-eKnD55fwmICy$E8rky5{EE+n34u-pV~
zXS;zOIN+obn292bG;lt>f_Y}rzJ2aSRxZeHt9AVy^{nhoU@@^6KGQQe@}Wf)u((ZX
zZ*-Og4J7kFpF{frX@TP_wNQ8wWRU4+z#!ipn<kMB)09ENRiCbS6O^CSpy+_GVflyp
z%~=T&Ip1-n`e=f{`<t+0Bk^_{_d!acupPutXN0*$lD`X-0~?oj9IKM6G+%Ze(R@XW
zp-K>DWk{d;d^RbvQ&4=ApX|jNq$6N3fPj&iER36*u4!Y$l*{X!*{)t>gXh))g)6Tq
zfkP5)sFeU6w9)q+ENJ4ArBpJx%M4}hD@2{1PEH@IWNUEFF5)$k>zr}71ILl_n$0*t
z{vNQ=WQ`(foHeU6_#%eK&UqE9&~xy(t)^Q%D6#j&9Ot3tyRt0DNI$YouwQqNcXK<^
zl=E6qSp<gme`^oN1_NylNTn(o9God;4n_{ZQr^d@0PU&u_z3o1z$A%x`awvAkjP96
zJHO!(+cN}mk32cmdt>=xRQfgF$b@?c5<F}N-)`n?L^q0*qC}uVe<q4cb<*}t=3KKp
zSynk*o|QTw{Hs0MobH3Dj28I)X0}j4v$Nj;8#d67x1|wM!+v%sI-xgq5n6UOK_oql
zY<hv-x#kfYl|jOJ)>{6G^}o8fkc&fwIjh>c(eLKWB5xFAYo!@K)7wzvGv5aOOi~$n
zHR9OziF=*rr!+@?WPrKsIb^6hBqkvEKubkt<SLf{a?ZqAEeFoiAD`J*V|2#uafCvb
zV)VO5BayTYzkA<?%qyhx(|Bv<7uNK#?_yT^Prgv3&7p@UgW28~`_zj*Bi_3|DnQL>
z)OCKk_p-QZ#*>kAF$C5d$D?M`IOdK9W0z9CvZV0!Peb#&(ZqZxhRA>j>WO+ic?@;k
zB6oo#ik%#em?Eh99YmePc`Mv?4&~KblbY7{Nz0GkTagiJSO+uu!3Y@mXO3@Xvu@Jv
z=O&}>#yusVU>PbGKpYzDzDvH_qKO5W<w#yS?vKxI|EJ9}#Rua4eEn*wIVqj@uRBSv
zZDmt^=Xjl;808;lfDbu}2Iim$Ev6{v#z~CV^X!YnGh6r=P@?+eJHfVIb_nAe+$q{{
zkb?J(rRrvGmGN>2EwbqE`!&m{6e<&+s~iH|j=4YFqOq!57kD31tNbiC>U4RtzbRF$
z`JC)5<bE)pQ>yNK&>n8tjP*4Auoo=W(n^#kD0XB%a=u{V=W%6t`cyJNTYHqkm-fZ$
zxZ_4A;65wf09V0O*zT!=Z@tm5i7V`6^`ed_uS4ZvZ{~KJ?eTc!qE3bGCO){+&+Yg2
zm|)JVSU{12sHmIb-a%=R>fX`iEGL|+&mK`}B~Bek7}UpYyZ$VclA||S4s(%oE*ME=
z%6-_bg7o^@WJ|MZ@7ztGuIlj7J5)C#@v7mw{X_oFkoM~z_C`D<g$3L8WLXs<?juZ$
z`PL9mm4YgvTFs^H`I@F(MU#`)R|dUzbP$%vrt7~W4@vSYn(nt#2IN+>%3Z;eo#)fU
zClwr6IVvZn@gbzD&6j`ji~@Qhgl_mBA%tdv9h5OnpSA;fRZY%4;*89h_vJ<CTScEd
ze$6Vgk8en+&jz8owe!+eE_9B+WE#v261hAIm=TbAbLx6ebM?8QAeCL<&k+-_@J_7z
zpC3jP#fx1JpNc-5@|hT(&1Y4d=b3h1+#NLOJpB4iwv+g7jCa*Ho6DkW244H`QNZ2L
zzB|-C#C`dNHCPP(x5N2+=r{ZRgFjhIQGdNZ=>Fh~F(s>Xd?R8lF5>5hE@HdbBS!X&
z{HXsM`BVNue%JpZ|Ip39$Uo!)1$9tL1oP*ekn>b$2XL*<<9)||>VMtk!zNaISOz=d
zJuJ|N_>!~wA-nZD0tbWNG6Ki(^49|FxAua+FQqnxpnto$u$K*I%ZI&PZ0Q?Opo6>S
z5L~@&dowTF6@JrFKBTWZPxj_G-v7fqgR?6l4k@YYE?$vG(T}oVcVmnx@i9)FU<Kc)
zC8-Oalj%eEBwsz=MM7VVWdr9t4T&F<2V`4<ZINzY*lx)sH#79VC)hCNli&VKFO=eZ
zsBY|5b{dj$M?TeP+Rn5;N}e)l8ei+xAvMP{X3S`^@sEO^Nc8)1mJo<dVoPSM($cO%
zgDLg5uhX@UqGxE)er_o34`C2AZM{>*2#x5S;HM~f2fyomkEJqLSr+fx#t%NmCf^OW
zr2HWZHjP7PY3N;+)0Ma1nuM+`%1s;(GU}72x>h@#MxH|Qo^skm`#$KMLuUlmj!P|M
zPNn2CJvk(KAO5_HEp-fAbfmDz>6*1`$4AAvzMibPSz-HFYzQy<c#fX;htC5`Mg1wE
zEl;%hXUyNKSRUPw#KR`PJ3$i9k<Wi$`TvTvT_$_0F2eYQ&@p`n>qA(v{M~H!kgc$=
zM^Af;=bHb_qOZ$Xz~HKo&t^y)#?hMf&rdy}@~zrGP7rc@J<i*D5yD8kd*)PG{Oxy$
zyV|$!d~XD6UlpZbs$@MJagFJSc39oQ#tVCF7V{w=2EXw(J1HOl?OvnX87S1T`M;lb
zW_-J`_F~g7j-r{?^i~75_538~l58iNnme6)Ejh<$^}@(uk@O<sr3+5yJUcGd<oIH<
zR4o6fW;BYM`jBut_@yz|ObgHoj+%M@ek?^J6L`PezGq@m^KNIcOtq@9VFqDU*yS#0
zPnW-7J&Co0gVKG2iZ222>WI(%w&GOT*PSAld3!B9SFgs2#)WF=^=WF4O|Af!&<5SY
zy3o}~DFGW021k{tie79n$rAtk{ew=l@fVFVy=#BYlXd6M$N=4rtCNuj*}JC9<%$m$
z(?epMo=c;ALn>LTXCX>3T-6=EQT}=Qt&na`?)kqnNbwqRpiDhrAFoNoPHiM%bH>9N
zm-z0&`&-xjvXGSAQ_SQ7kwZ1~hp<%%fs0(zv)Rp^g%yDo@KKLxf3wV%%1n2CWNS*u
z?;t$z-Y^d@5j7lY&|^0tZ&d3raivE@^+3)s+SJG6x|d*4TcXz?&wb?fltPTmXJI>I
zP$}jN<J*pp+)ang%B8@r-Q#ph{J62-#+>Juf!|m9DN3EDgHPvKCwXVH7E=D38P;hg
z0c>nGP>ww9PCJFFECQa3q|mFk@icuh3u_PKb-E^cx3tZN%WXmSDM~K0wrIEe+xjTI
zt+Wq*WGD=_CXsXEEOa8G0c&rW{K$ZN+~v=o_PrKD&)<h^xxN{6Fc}0U-bvdRd8W6&
zvt{;BNsTcsdTrxzSYJNW5B*^fMcvvE`1a`a>z8~kT3|5LZ|*UC^f*_&%%fb=jWOrA
zlQD@1TzNeg;^tKW``voBcK4M5$9$=JJ=1FIxr@5rijY(9&0?Wf{*NEkw@Sa69Hx7!
zdT$;G(Ixe~ds-O3g<>S)Q#wD<R}vY-nhsMPprqI7^d>j>vD@#T82q93NU%09cqHfM
z#3Li1ORcx{l6?7SwLZv^yX>v(4%bzr?IJsh-|_KH^Z0OW!tc%82RY8w#?F@CFK9>8
z7vk)kMR~<Nxl`r7Umca+bXT0D!*vs|`i7p7cx>=&m;RQQ@f*ReCp@>dMQb^ZojYCU
zyBc{vWW-D&{O6bEb|8{&Y(`NV>^Bn5yPl!><;7{drl+Gl1e>uCdAa<lAEzJQ9dxT-
zp=LwT8M*fv*!o=<J1RSbfBR6~f--B1*?Qj@o-2G^aM+sLn){I6NPL=utoL5HQk6F!
zR&pa}o?+c6T)QUQyh*kFtkYhI%*Ula?V-*)e(CAEcc11n@?-vQ<WKzv`QQ8(`6nv=
zMSdm&C@AU={v$!6d)Z6&)g8-?&NH3HKkiG7+rIj~v+DvI3v^Q62K_{Cr*s8jPS5X8
zmZ#&v<(+jO^2-0Vu6_BtaQL^pwS1;pXw^gL!KJuWaP<MALIUBZoxBicQgMUFvx0vq
z11AkFCyu3trLLafovWU)_fi52`Xz2mWaqcjrnBu~XgJHJ<qpp;f>%Oa^#P!F=-S}0
zZT^j5RcSRj?|Vs1aq46-&+sjYt|>>Pr7Wj7Y#TI;Y|0#RmE5k}%I$DAm6y@h@2N4&
z5+Z&?&F$-xp(D1Dq;dFU)E;O?87`5baSC|J1`pT~&PL0(yimzOqCw26yJTh>StMJS
zQQ(V;kg?Rs$hVquC_a<8{ML(wx>b+NtLM$KvX9zH^1H)o%OkhDd2-rv9^aRp^`}FD
zhUEbqK04hxO6<2N#fbq?Ikq2LFA3xJEF?*Y^YqP*-uuLl**ovL`0GYgA$$v=gw;s2
z|7eOn6ol!OGhnXR&a)fN&P90~!n6DNMc>r=p2)kV11Y`gzB9AlU4rIY2QDtpfZskd
zYgE7dsuu(<pN`k4<R*>Rt=@*TyL}ljFQ^#U5RZ{d!()oZx(n%#(J4g6iBb8+C3Snq
zoKc<eH{*d$O0D-?q-xxvVzu_D7a69xYCC<W-y;=iDReg+#<eeBzKXetNG9>xMm>dI
zJFE)Md8Et0`oQB_khZn=54j`qrEd-zolTu<#l#9U8;FJX`elHEv3j&4Gcxg;!BSU@
zdd2QI)U5zhXNHd&KgQ5Z{Hv23YtK1D<3U*GbZ^x6H+Z`HHV{|^R@Awj*_2}0s^1M_
z@1cEV&5U=K`>Wr66^iH&D;!oQjWh0sL8{Si%F;W#n$K;FonT%GjnE=k9~<|X=S4Vz
z3(lU)+YX-jwKGT^9ztG3Q_&#eBTChzEW)(Yye`yFMUHxt{h3xW8Hj_vhEGeE1<4tb
zApg{(rgl*^T2SqzR`E&rvy-gVm+gv1dGzj_cIR5q^Fvlg(4!X(*MM`RusG_;?X88>
zhasHbM)sSspnV{L$M}nasf7C<%Z;K!c^5bSkAZrMv=;Av;`(;8sn?ygyzRp9RTCnO
z_-1$%hjqbWAK%Sxg};|mLt=)Gva)kTRsM6o+|r$#?DA^r+?Hj8r4}J#N|Bz{-Zo|A
zE&)M`)Af9iNMDT-!+}Ddk`l{CLN91z(-`5dQL3TVvFpudtfUkCglUBG6?&wJ!!Joa
zoZ+z*ZQ`%8%Q8YYNfFp5i0=whj|DsgQXk*G=dWXRHM^Tt3sHn&(^u1Sh^s%P(TZ~V
zDmNKUW3`tuf8>5m+GW$7KDF?2!2rAX#wVA!LXc`qdb2^CrL`=$I}?eG5tH9l#3Lgz
zi%b}{u5xi}P!GlP#CEQKpGpUxC7(5$iK-g+=AF=o7fP6=U%Fk~477<A$`tylOb(8I
zH3vMIC@IzRHhx`u<805%$H&9R_lgxFS(r)`DqWgLO3u5*sgI~2kLAgqO>WEY{@AK2
zf60G!&s$Iaj;W<sWk5~<Y1rbLh`N}UuA-eV=X$_>tE_{rq%!aRH>`IWz2We2trRkx
za76k~Pa3jl%H?rBSE6d#kj^v<j_+NQd^P84kCzChf89el^6>%%tSWunppzwrXVSJ*
z;N?Di_2P33N$j`Tu3%U}k)(vuw8Z_5Xd0(5W*z62;cb{4B-3(k7jPLAU<borH6bj@
zlqX|uSUHLR*OD-J^*g!6Uk#omszY)d^7fCMmO7c(n>8D{vKltF`S`CL4jiKh^15=*
zmkL(5W}_Jr83fGe@1zOc@ID^BFqh}OGuBsZ!Rb*KCq};MBqYVonWQs$J9Ww!Rd<O<
z?Vz3<dCtO16~FRn-HzSomTXtPnG8;$k%qw6tZlU4I2OK7O2c`imNI0;^L%qp2{nUu
zIw+=J$|L_vzl@+{Pm^!Qoe0LKXXICUM1bN284S-qP^b)!85rPCm6|C;C>baydgy=J
z7<YI8@}oYZKXgYo|1;`m1<#nOVM0TZs6jzJKT8*QmV+1I{ttfs@A3clT+h$)Vg)w+
zpYy}{zvst{>A&a4dI1zvqLI<2v~fD})lo__GtAG3Vp*%@7@7h~GUUn0Wg9Vj%XJc`
zI(LoLOl&V#>bX=SFOFd3HwKRWgg;LBdS+;QdEQbNV3VX1kqmym!W|0hx9Zlf+}c@G
zMhzAvghh=-&sJ&C=Jc)Ta~;z_FWr25j!v;^9hA=TS?=RGN~|sJCL`=w$^cC-f?RQd
z$ff<!Zuo9wNP!V$l7yL`j%P|@p2f>X%aNi{`fNMD(w3CSgl@I+0LQm*;a8o6!D7Ab
zl_h~#3U1%C4)>=jgU*}BVI(&f1fgx|AxRvp%ljmWkiICKe#~HYm5sN1CQQxZB;D?_
zE$NyU1smNp)SJYFa@>UnY-QzQZWQM}(-XfMgz@9fS!hKtDD*9MR+1mwlqb2^W7II1
zW(z*<x26T}$3rR{>8cjkLn9qo=;7zM45AzlPlXgD2M(AxymM#{>cspv*e+1f5$NBL
zvA+`yRo~~Nv&%+`z2GM<F#*Z2Ml$Tu?!B24iEqWXHK+*iqp_q4riH(S8G2`TU}ufc
zkCSRgo5}aOa`N9vN=FsE()+?ocViY8a&whRW-m~@$hBy@?d}sHU(UZ(Clc~H3@0Oi
zZJwUV5yj#hr+!|vzF!ZWE~pm&sp3qUh4JS0PNk9o%WKd7lud`wQj7W0OXMQhwn_u>
z<I%9Pd1&`yU(0VR==EiJ#;T<E?}h1ECM%ekW=k^5A(^8EE%l`bCUm68kh;n=i|H2-
z2fvp)2?=WNwnV8JlT&ASe`pM-H55oeM2!0e8R_X76O+*v9TK!KcjZjzB$=?nJcNl;
zrJdt+3*e@?VA$@gn5UJnmD({X;0+l>y4@<#)w)si=642N2!9Aad^pRv-5yLwj#la2
z-6im8E0ekEB&a0H7|0NL*S0pz#mExQ&CJz>`gI$%LKz*Vx*0<jeDArcoys!}w!(&W
zJWDg~@pYg)tyf7Uq4T`vli%Q(cGJ`j<^>fk5~kArj?iA*-<B#?R*>0gJGF9^(q#I{
z$~vFa19K;@L_=A%eNe^hNLL_OA?4LGeH0I`@0)F%S;{)pv*9Q0Ztnr>XrLYt-fC!s
zus<ZCn<-tgiyBw73~|JbL+OHnI4Dg<{Ow?qDOsVsHL~4+j?<c7$6Ijw6UqNFHT}bp
z<TmbA!#z19+K`s>Vk~mew_`F$BIHGZ;EuASj=zaMntQ6&I&HzVud(=W-WlifckBpD
zr*>_WilgnLvVVdlkMw6cbj)rE`XG2DYPrNcs0Th2rgRwM%H50#q@BiCT$iIV=XSZe
zeECi{uj?>#OjpK(6U;Y(UkXMAjn=Y}Z**#N2Pg{g{{%_J8nuSUxK%v3&C1|?`{l66
z){~}i@!6;jg^~8!6FtvmD424JHx$n;%$-<ZBNF<_`8%tIMLHXwyV3+hPW^;=KQ@)}
zoq+|fgH;FO-h}gUOmTL`!iF&JNKQK&D~GUJW%e74c`mVbaNim^fhEMq;aeh;aTjJ{
zWFesHAsm($Gi}duv2Q7^B>H~j<b@51(YJ@`cK#}$XdRMcM&UTVvS8>7+51RagsDdx
z%KqRs$ktG0g;st+O|7cVRw<s&*Fu6!om)whWo*lkfIEvrHbfD)fE^iLI2%e%2yuCR
z!sdv5wzBc(g`iq^0bg?PXSicS8tq%_M&=Cu7UX2jU`*K9Rh0@w-cmY}2!9mR?3%f^
z3rTLQu5W`==rRt7-rf`)Nvg$<;~PJ??eZqeRuV6)Bh~sx4vYIu$xhGNoDd2$S}Dvq
zS5{zDBEm^1(Qi~}+r%6m;hZm7NR2X`)2Ly4@hp0}7vv6@?jE$|A<^*P+t2f!J2xP(
zZiVqr_7ga29Q%4YmMb3qKfc~Ns>^2k|E572Bn9bC=@O(%TDm)=yIZ<JQo6f4rKB5a
z>6Vg`<~Q8ud$0AJ^{jRNQ<tABW@f*3%r)<AIsE(c@NIbo)7EdnzbB};Qbi?u`<<#^
zy;#VbMo-ky8>8NDACCqFcqD1Eh1Zq0?y_J}JUVSuVthm{dLe)B|0aLxKjgRiZ}Km`
z{+IlyYY-5&wI&;li&@Q{T_||0_I!bi-R>1Z@D>ZBj4qL4AzQd)_?qc1Pru(ox5q%=
zN;?R@OD!H2ELW{0u4rI)z92tR5YC+#Z9m8MM2-I)tz$wZZbr~oZehNuuAfF&Tb&zS
zjF*r(lHHeOtDN57BjiF>5zM1x&oEc(mV6P;Z<B(aiWfU3?ce?p1?^~M4~2#;`PJdu
z@hS`{aOT|g^e?4UHu?pssjdkg=MS`#gjaeI6RJ!B#cJ~JKE?roeG>0n-WADJng^ci
zksT@|<ZJ3RnjadKRL0gde2ue{{oC0NO9_}t8Rb0X^+syM6xg_p`@Pv|5gfkM6xc)(
z#t>n#XR`(BP~14e!VSHDL=9DQ*06Up8=Hd#LbpSy<(T3)rr`O}A;{xx<9ZZVFpOx;
z7N{a8Rt(W-j7)pT3sL>@nSb80U*SM8bT3^nZ1h}RV(;YdqhDsPSl0Bw;C^pyTzWgO
zs?ME@!-DR5#_RfakfaoSpGF=bC3O4fZGh1Dg5igix;BK!5X`ji$%#K~1iy`x&^Jm1
zo?+EzIMs#fcYbU^?f??J6twh+FtP~kGAJ+-gEeJiS2Ac<o*Bw5dcp^)aEK6v+g58Q
z{F_eaWC*bAbudLDTfZKwHvQaCOnb}!Smrh<B~&(WI|x9fM95B122NL81(UUGKq7Ln
zg$HC0VjV&mvPMMzG2Tu#U`v6y4%^0)Iv*o5CTJUW3it32W+(DpbluE#_-x+7q6p<h
zN|s7|uEut#6imVeA$7{$RD<I9e)jkh+ddAs#JRt|w4caZ)cMR)<3_M{IP0F`zD|nX
z4q;v2e+eb<eigi#X7OQEEd{-M<)JdvTx!y2P8o(UQAa_Ji4l>KYIR{nnojtL60%uQ
zS?WM2NDhvy661BNRHKG@Zn`Fi)|Soi&)d2Um8MgrzZi_Kas)_OdfxUW?srGY5=hyn
z+7Iu%vz%@IarDj$syCkMF#Q*0$AG3E>0!x?+GaGI*n{=di7cmtJ>qiS-VkTM3I#Vb
z&KD?F6pRQO#k?5@g$x^6#CVtbCT!f@e2V`5AEFd}5(E9>{r#d?*ej(a3_ctbV!`sb
zN5&e7b!HJLskl4@M2PGPD^W@nZ(sL#--OqPJX9G<9tKhT7Vr|#s7`Pe>OI5YTl8au
z8$v&{R+i>c-Z*l6#YXa!Km{vN;J@V+&k(2nTZ6C@FLC#TcvxK>E7NlSD8l+3uV(HS
zY_o%m*=81b9!3jDDyR(O`20shT6w)_qoVMBoalkTTNUkZnRUP7`g=G@%FF)f(lfbS
zYQxw>zo%F>km7>CC8)Ys8kN_LBn!ZA%Pd5Du>YJ(#*|Q+DI@X$X7#e2HKG@?{C<#9
z{FO!!!)5YklDDcduVF-H0-q2Bhr2`Z9!wJnuH|X?eECyrb$DJo*TvF=*LfAJdJ3wF
z4_<w$TC$8!2V-%L8YaGx#k3SP1tksw`+j%DSXgwPBVUwADoIwF-<hAZ`_-FU68AK^
z=<V5>mLjUF@P=}AL><VJXEx)xMBbtIS~u_&w$$e^wlov_;eF)V#DtU<Y9*x?(sJ0m
zz*){KlR@*TS%KMLp{}ai_=1r9DfyEP4k_I*e%|VK@I4wC&t}*%1x>&#n?(|lzX1dP
zM?yOegOxW(RF$W0tVQ{6_%_tOLWhy*=#%aCX(Pz0li2I`j5v+Af@B0reTxlAQtf-R
zy$ClN)yV>kf~0My(!>$07)8Pd(SltCTm-KWEw}S1Bt;AT%ja*lesJpCnD;Hre9kMj
z%3XxX{vsPkDX%#MsQfL0Xs+_e(M1Zr!`MS2UQ-4$!59-JaR+1jGtc@BIv#n6+DLIc
zu@;;je+CK^>(j)<U5e^8YkQbOE()S_g1wVZ^O$JxUvenVRg^?w^lR)yO8c#^2Ns7y
zzaUA+3~Bx~L)CF$6)6?_vi(B-f&WeZw13EN`QPMU9r&00xTz2j3oP`qVT{TK41_sw
zBoLYC!Te5ep&jG8)PFc#u0FOZhAuIS|DD4nl=SHY8MA=lwnMlW1;6A3Eoq04gET}s
zmH~oLdBk9bI;}o}*F3*#5hD+kkgxrHhezJmSCWX;bQ)Qiu-Rz5ua(|?kch9FB|JAn
zG(M*(x9Nu%Wsxfkrb{AdVeNk19oLL(@rnj{v-itVlt0d?OE7sW*$p(WGbkmnSmB3E
zNp0lLI2PlkkdMgf`XiIFSQrO-YRkcveHKkc`Ky`oWc>5$W{B;b)%16sy3I%=R}A7%
zOm6Z|a8&qT*99|#=_EM|JY8@FX-kX0HH;Ch#mEeGucu=DLhmdu#8^%#E>v%ZNPVT`
zUDK1Ir_t$W`HGNFs)MjRB0uBUx}d*hZyav_H-Xh+t@F(87&v}w)vTkYro-!da=Af9
zYuRL1#MWBTHX~zSkv^<$KxoJK=l;}}<k<Lw`_gUbSK7m<T4Nipepk*#!h^bi1#BEK
z<4O>vElCA4+w=yLS{b0y!(nm_xjO%?{?tKLwzAAjc(}#Gcb$a{c`lIJ^_nkiY|w}y
z`*1R~tk3;uWi$31_w0Hgpi|qR^u2CP|C5aQ`?pFqI9n!>aspBZ-I{g`8}=n}BlEv2
z{MNsTC4$eiGb&dVs|xRi?Xnma#GZc-HQA}>ikfTVd`IMh^=(>!?lu#C%|42Y$6d2B
z4;rf`NnvcUUK~Yd4ydTiFm=z~Qn(pf2>J@ELaK1GMD-ZZ7}UiS)a(~k_2GP-=VWh)
z6+^F=;_OMV!BjG2JEy%(#v}Tkp|#An%-fnmOZrCa*yXw(eC+yF%`1T`K=05y|2pSS
zs>+os{o#qezBvJzwTPH>Yo<<U*7&?DBEm<^Izebr(%tC29(>h{tG~2+;&Ymntj-cC
z!JZZBK@<IW?U;H-BzJxsxo}71x99ve`b;jFiF!U&1sRjZ)f1jHh*OE$9RsIWWTb3=
z{8z9i3gmoeFH&kGZx<$7Nhr#AnzzkOH<-*Y`}2>W=906cJk-7sfs#>%Lm3QZ9y~#n
zBbi0l@(P@+Le(Sbt<4UrHijdl%n;fXg!9ZgFTB(K+4lYE$1+=qLb@Vth_5`$gz(G+
zVwg~zHJd|R;oRZh`&$Q0wr%ULv67R{Fm?h?6Pt5~J*WmROQ;B=brd#C-BJlo{77H_
zv>&29OvRU(-!o*Vr1*hsCQQsh?o0^DLs>+@@CU9?SfNlRTeJIN|Hob7-dDLvA*BE!
z%F&u^$%hkLB-e_jORO+-A#rYjPb690%68UR5fZ=XN`#5tt0}LDN|t{`|LjAPJ>k72
zlC<(<rJiee%@zLj-t#!-b(sc+J}i99(4dalK{wq+n6m-)_K>I>9f>IRsF2cVqzc@e
z$QEn-S20>+bA6BW%$AaGdR87)_TdDPakuKR=dKjPvZaq1x3ftPpeNLk9XDh`VG_Is
z?2d65LNy41<Q(Z8yGxk|@_(OR{21ZJxeU3jeC#y3Gh#|whnX(JKql9-Iifn0J$u_6
zLJEn3g!}O<*&U7w{xLR0DO5Q4Y3TDi3RQi%i?4NaCFR_xn1rd)qDl;UgxqSx-tm<*
zXx`;@?ej~zzD4dm5UvNl9dn5LYUwp4K{P_9p{mExur-_epEMYDb}wFgS9;UTOU3AY
z|5iz9nh>KnE2EaxCIoksbKpbJkO)Dp8ha-e_r3_mT;Ii5N}rzRyP%mXz4S#HT{tw<
zxRu(oOM6{iSzaE>idRq?R-CC-4S5V1foRhv&f|_}aRb_)L<f=Eq2W(ov&gn`uhndv
z?;B5f2+7WHmiN5M`TGOkzuTtg<B9eE5<Epc<U(v+_Oa2{zuU+DHD4ZRge#}Q%r=$!
z<x4TQ*|$J$yZE~Y+J~vtmAChzVuF`AP!Y?mFj{u-^wSyKLNVns+GRn|Ug+4Fn+H=b
z<lp+=<p1^$`9J?R`L{j)CBKm<1O#qM85&#st61Uh#5M`D-@a>*x1%xs8ERDed9pB|
zcJ?(B6pimY!dbXk&^egls_Ys+FcHy{)9bIG96ICgh>ulVKa?_r94pp{r~KtQw5BWG
zznv)`ZjtEI$2sJPCeNj#Cdws7RU9t9I!s8^I^Jkk`FZ_yZ%O>Q?CbKXRgfeNv4L`T
zbUDX|a`)+|4apm^t0M9i=!hQ8*B6Qi5B-~{q#674EemMduYSp?$X{dX^qVm6l6`%r
z)uAq9z}mdsG1BoDA%NCH%M7+#mVpV%GBZU)EVi19qUZug1p>8CqVK{f@V8g^XCJrM
zdO@)Se?4SzW9&N^ih6>B1`Lw&t<`bMP3h$Fi$gJ3B>Pk!W}mn#Lo~vj-C+}qK0E&0
ziwJts;JZFc93q3*3Wp~igrs?AZ|3mPegLW!)Gplq`uDe`J4>9JR0<^XtMC)c$@c{Z
zx~)VKx@D$aPx{}ozO_R8B!oPw`@WK<wYx|jj#YUmkvi_}I>R-@Uxe5=y~506o*p8M
zj$2XAyK<$sUh%D)0WD{t8i&8M2ZJ$5t_+G-2XqvlR5@5>ROIJl2mOOdrw&S2?=<2B
z;*p?@qI-G_m`*AvOA*$D+>CL|1d56$1dN<FHy(ZFmEV)(xrJ10x)O%Iih~QiPfKC#
zR&`7?2*1ncj3#dvNzJaP9hNT0V`6zdkV0zj7|@uA*bvK-)^e}*tFtV#`S&xY-;ng6
zO2(8@80P3l^Wao63f(|qrx@%66P;?5=(O7hGO#x@c7oT^<K>LaF5<_~BlU9xQPSpv
z${sD=@$dYfiIkLLEy+x<TpS!VA$st_(`zv)yhisv2KB8JgvRZ2%cOmQ{+ngja`~9@
zY9-D)tF(`2i_0M~+{<$#5*_j~b)QyJCqn|=CS|HIStl<B;Qi+#+RQ47%&%~(&L{b$
z^|N+sv`sFfm<Ji~KKJ<ry5)rIVwmdeeqnVEz}f8ds1VpqgAR%faN6U>I?Q_>`rJI1
zIgbTeFyTtBC^P8leZS7%^AI;Z{_E3T%<ecQa=BDDX?|~MB8oKTc)3I#?r!0N80SQZ
zYe*yQDKtoGA*kjcnsJsZ6*}}ePV6*PBvxDFWVOE`y`05w?{jLtNpVj+N9j!U^m}1}
z=5fyfkEw4?zl!uI&A|t&Ea{C_pP9@``X40fykHXo6R&v@<-ceVC(k#(^6b-s>XUL{
z@#unMj-GBG5epqti-O|l3g4(t^{sd>r2n`g!svW#wjUoMvG*mNkX3$-wyHeo(DaCI
zh8Q|c6(aRv#e)M<NU<vXoA4_#R&(KEZUqKNi8#NvJic!w)7}Z9r{uDctGHP*LjP8&
z;#I9eF)!C#K7`YpvGq6}5Ux(kM=V+OUFA#04QV`lTQhGa_U?$I(e{gLwb?JEkJ*YN
z%^bTpA<(q%g3jUDE#8`?U#|H4_+2u-KwKM|@NtvqV-5>v@uxu*)EnJh8WzK>AapMn
zbQ!llW5{nP80m+qXy}dQb!6QgKamp*FGImM%iZab7s{<2vRm}(O2t!1#a~8w;Kr7;
zJ<r-&CrXIwartumR@H@JQS9&J5?J$vkX2>!Rgcs#;XF9ame+x5=2G``hY6lo+RZj)
zW<L0!JK?YzO&rJ0BEZVYn_F~G+N`1XNms8-!P*($ZON^zw5HSWPtW3#q^6GI%}%lW
zSh>|msV#2eyyVNh^K-+~dd?4z9+U(YeJ;)=-%w$z&2HnU<?mtbB&(vBz-sIVOrP^b
zU2URV4~0$bK|KZpLRnWtW)L#yQP8`pg)oczd^Y^N^jQ5jW-#Ksj;m7dtq0HcL4ria
zF{oPna|>UN!_Qr7t4p(sQ`gxQ1?~0O<rKDAdA~+AKnH?voZfdx`6r5+XZ;aqOCHYy
z@BgZbTiENW?FG&y?KZ0Za|wzAy@Zns_qNVfnHTc!|8MfA|3iL@|0e$-^S|V8v4wze
zClJ9ezN;>Koa&ACDJg3E$b+V>xZ;^npW9qnm~N>0^4t_scgY2%=VYadS7=fZq8gg2
z@gMN8_oie?X!T}3Z6;vm!sQ-~Zl@C*lnm7bUdH|NllWCrX}QSpj>Nchbbf`9uYKka
zai8mR%d;oCJkf-qq}XO&%M<crxj%kZHda>_C2svu^ljvcKbUVE_C^;C?YJuDKbN^o
znrR3<Q+Pc726m|46!*3Wc6mp;WW2Rj&g&IZ^5bR^*gZh|@ZP**?I|1k(A@U;(8?^Y
zZc9kQbL0n#rCNoy>L-=Eql1}ic*fj+FIhR67xEV0A}miL>hR#;MB%TW6Nv4PCz^<z
z8{jkkX0cmf^7pgl_X;Z^t~RF(HqPDm!!}7rTzua=9Nz4CAQ*1hJnyNEUpe?h1yy)?
zYVNC`^mWAN|0d{d?$V)B*6R@QC_?+LTiw)fCrUA%g2SM3r5#HjYn8Byt4xcT!Y3>W
z@5wo(LTyt<tJY5hPUF4<jf@RHO@68rB<{dEn#wI!>&9g9@-5*z?LYkA@@euvw4{HK
zCnn(kY&`O4di6p4<EQw|@hr6RQku$2no0)d(kfb4hw5|z?<IM$>G<~6wDa$NGsF+O
z^DkZE-q@<mOHw5MGpwfqS3*kPnV6`A_0~wfKg&odGP!B$-Fw8=R~9nxo-e_JGuS{u
zmuvH4;)MO*A3Y=IN94b<XVGf3`qk+@P!PM`nif7El#gvPyv0^XCI0+$`h3Cc`=m}*
z@}E_+m+kX;dZ8E`lOzVxhc=%+U3C0dI;@>{bWwXeO$olE<0B~JsWW4(6jl0X@Gj*A
zy<@RfA|t}i{`@&OJhbwiR4RG;IU+AH9evH2qNais;rgqnfWoh|fn(=qqSzaX<HMtD
z5f!np|641lid)Br5M5g&7M3HAX~Xeg$09dCD+=Z6@Ix0?fNRv1$_H4f*IVQ>pAv{%
zT~)qrtEgcKAx|mjb&Fd&Tj<CR<=(Q*S84SMg7dfqqS)U5xoo~`(3?a0z=_*v0=`{)
zc~@sKgN6X7{wod>73{CEK^%$wQCHaTI!8d@=;^a$T56`7epg_3bOo42U2a=(V$Bw-
zC*Q{tE)Pr9oz>y`rn*!v&r%!W|64ECRMI^MpQt;Z!Pmetvh0G5`X`sL6MPIB+@7P!
z<ehh)W#nDw=}9bPRZ5;yXK-+EROjYYdB>)QhgVkxcz9|GTZL~|^@zbCz2n3*jwcff
zi;}tut75IW)@9W|>k+DNR?wWkJ3QYK5{{0I!9%eU5PXZkWd<d!BpkGRYkw7N%D2ai
z{4u<6Idk_w9=zn#XF<S?3p^Z3Mk}%N`;!xoyT>iFiO${@qQ6f3_Zw|y^2BwIIupHS
z@>%a6J0%u<9?ll)sMkKYUwYl&Q^ycHlrKD079pw1cY5}@$h(^T{g(Na0+a=v8=I6>
zl8}F|YWn9}wQt85fziEm&ED)uuav8u3BlM<8<sxryss>}@?l$6!4?C#YDGm!cyznw
zC!OE~9PI7>0rA;+)!K}V)TDT<nFWQiRVKXT#5ku@8|Y<w7L41L#X~)zj@uG&*^_BI
zV#O(v1A=EYZmIYu%91mo<;Mog`G=he;<YZ<ww4x)>3mx%`MWy<vyVE~S7up{*1wj1
zt~tBnVB<Uh!9zVu`U~ncei?cB#}D8<%FveX*Mj*<o!d2VQrbX`ng8VAz5V9Ggzr<A
zjcL(O)#Q!?DR5hx1URygg-;~3H)T(YuBqS!pW>ADv=p^;JZ@qwCwZO=`5Ja8Z{e@`
z0wTv`n=Tydw9&XJ`@|YoEC*%edG}jC(37_mw2*RAtvs&#2ecEA*zWHjg{<hDt$Dis
zhJu!J2U@NrFXVsv-{jBuhy3RMP5#rZf63py2LVABv`3JY3?_yN7(uc?m*lXxV)vN8
z<YQAZCQ3Zc?l10>gVy=!!9Mc=0#Z+cI%ql0@%wAuB@OkoW1{?`z>3@Tw|4~{NuK)S
z=#6t!g`Ss-z0~ESktlbee-K9*Wn6j=u}!V54eHmr5laY<Jt&3Rq2)X=60=rkH6`x`
zUYo`o;}h5nFaQV20&Uc5z54^sYAeyx#kTI<ubpju6O+zw*7S}djf=gU!DF01dTR*9
zd<|BCGxFe2@}8vQV+)JC6jwbAGYT1p&1|)M8Vzz}R*03>C93>muQ(=)(&0*&h%58$
z{RWU~&^ZfUdN~gEclP>4#u<Ey4H!nths&hhENN|J-uVQY7!rN(X*VrWZQ5INUIHi7
zB%%muZ(dY9fw%(hz>9U7jinWgJph#xh19<r?ZsUi9s^syw}%p5x}AtIBa(Kavg>(N
zsMl<QZatVvj}LnvviLo50v-?KeK9>d@%Z1=_?Bv#08Q*gV*<HvT(+5si92~A!+fEb
zTjae}IwvPSvvVHLLRt}=VO{JTTx=|CY`=XLDut%)^`elGfiMe7Lli+*fxCyt(!xSY
zYHCwc6WXlf&TwK&OG~dIY7-DK(9+W4<KtsfaCdK6_+UAA1j<w9f3<;5fL-d$;o;%b
zvt3MSW#wwe^5odq*vQDp%1V26^*-p%1GEj+!13RL#Kg`{9|?&)JNID#j@qH?*IFR{
zXq?*}KF`hnQoKKChhCRYQ`F9`rwvyD;yEq%c|G@ybd3Z?#tLF*esuVN{MSFCudlD&
zKgB~E92^{2U0z=Lxq?Q(Cg8!e<mGMeE)O6fA;Fk=YiQsvzZ~@vk9yNDE-8uNP4wPP
z-_}+hA4zq!&9zEzmx+m~v9ZyR@7+7}g;t+O-jIh)+^!UM3nc~6XX4|>j~t_K-@aYE
z=tcV=Dk@s8)no&t1hTzMO{w_WT3chIGQV+Jw|d`mdcJ@E{zoMK1?c4ypFzRK$jE3&
zawse4n|<rz;u4UkPveFtA8kk`vjL>ea|45dU=6!afBxt7IcKkL>?b-3#ZltL#lHCG
zZ`N8^J8MYUXWlV+?EDP)i7ke-J62um(H4uffVq5ibp`aq4amWBGc#A^<Uqccm67p!
zxM5l6@Vq_(It?|Dcwyr?IXP&=0{NK*!zal+=6FOzOpOEt1O}*XKj-Fvrdelpc6MIg
zR%&hsaVipfzVHK(-{@Bp?{fP?#z%_>$sK(0_b(SaJB;=6(o(D==wnV8T};x6XAY!-
z)=vd5I>1oxPvu2LM$(vq1-o;2h$!!ehbk$F@s@x99E4h$FVF?90xZJdX*j{@mEgP5
z`q?i$j;43_w<{LK?)Pz62zkgb@ta#)v=AlZ0*{xU)|DPwtrl4oiNfJXTHD$_nN|W3
z(WzXqM^?Q$)2Lt`bn!nljf?2-N-f?^3=X0%XETaz2BQ$r5cykt7I%?Ld1vr=cZJ;K
z{Cf^`Vi#Sf>Srb4F24;(0s6iyc0(?Xj%;~1H#Z8swHaAiXf)K6lq`7$f4;t$Ny0I8
zqfcCYYb`f3wdH2tD<J8=3S=~>j+S=#P#SEh<CXq~Sq}?lhfe^FmMmW9;rV%2a6Sg;
ziDGmq^;vw6{%k)KPbnuS2Ugs2ldWE}ok7>=hRef^eN9GsI&yXGpY5U7!{TE@>Qn1U
z@$tF0h#rLn1wmiF_*GL;Q5~hS7zGCgis<W;kOv0^h1p;=3i@UVbpe$R0bGLy0!c)&
zPt)O5<KyFCmHzngBQ7q^Z~|zKqI<qe9Qu#-w0>iXcX4jS#a*4A(YmsI-dgjyuFHZf
z%oC3Wy#HKW=C&M*<yBu-_fb+3;v8afdRpn7)5%K9;^Ly;$cxfFI1mY1D!UxLV`tA#
zD=T{;Kf?3>{I)0aAM%_1H~FuU|0Tb7H3URi-giPSn-$Pw%yy+&2$sua_^VIqr(UQy
zeLXj~8=%zK7c?~xL+tyfANTL++Wd)BqBJQ(<MQ%y1@Ol~wyW(!p|eFtqI8~~p7}t9
zcM0_V0iC$+WLmb0ZGd$2clv?r%gfOJ=)!Ni7j8BuC*$t8Xlt(kjjvQz1ftikMOeRw
zK0Q5M>`j<`%_>#>zXdtt6jz_uQPKR4nuU~?l!=u^;7xc$n7+KV%FuFfKFREGBK_6n
zCC!+$v~*?(wHmM@<g=ExwzlSG2(w&jk~YUZx$74}-6}uk{<mk+2c@*{oeBJ|fbO5t
zEmWH!n)>eH;V{k8F9?aTjE(@Fbo`OAv5JO<M1H}dtSn-$%d4vfdDc%&OnRN^pPMQw
zWRDi>EfS)l#z;P$oScAHGM*#gvcW2Hx9INfrtvpQh>s60=KasJ>#F_!dt{>_<)b5e
zd)z85bcm!fyxLROR{MVo;m0@5c&Z-~Kg1<2oj#OTGL%%&&KLf;EB$d7-j8JVks|S*
z<u1#4To{!Pk|@&dJ?0=7o~1NmyV@zL<j2O$lluW5o}STB?fWrgOsW5Pk$YU*CCRkp
zgcj$EJLWDzeuq9YatWU&sHhvSujjXmscb&SXdb6caguZ|C<iMN{O`;+r+c19b5WN^
zqgXn_!;<5YAI)2rC+*tA3F+gMUu+IM$sNf7?I}4(kZ7f99+iZ(`;PD4{E_dTposqu
z7OAv+!Ijct)A44Q`v-KBCGRvfwY9aqy&uco5)c#n0&%1H{`Xv5T#Ss?`*|TjK|H*?
zKtuVefS*~XmAx6Sv$GRe%~A~P<JW7CpXZ1uPuSSlz8{{zLoRDAuR2qB1FnH4fE-ni
z?rKX9w-+3?tb{fn<>bbPhTIuPJv}_Y8BmCA6z|KyK}l%nKp@xBUcU#zyEkv%z#Wk2
zQr7r9-sQvyNP0$nb}#I-LTq~@EpH{?{<*ie*C^JN3T<^&j35cTDEo1SxDq}6%i%g8
zH|u(_JGQa05!grO=y)+aJZ!+Shkon|@zj@;lH#`h9dc|Q9F??KEqkYsH)t4;R>jH5
z$;@xOKPm>SR~>YYBsrx%YVwcSZ=V<k?cI<g!pvtI%YV@ma(}%><SlAwY;0|Aj@6gR
z68N>Wq}i^um3mhN4`k;kBlJCi-uNc-m)zXk$f&6P2#&P0G`!sAW;b==)eg`3$w@mv
zcM!DCweM+wDe`Pu;)}}vn8d&X6q0}+)Yc|k-ehdc$jGot=XI8T@WsbC1-|TsuYba$
z+S}jTAAuC?R+^Lz!Eubwfg`F0kA;Lpu>D=^dMfx)TAIiCw$zyAU9kc}n2(RoQH%3$
z98X{c?cmV(%aMIUJG(Qss~Dim&f~bz1AAEO|1`%)L1Ek<j-6IT2sHtE6~e*6t+qHy
zw3&H$v^F)lnwl2g#I%43>HOMao?TZ}Rkcva5FQ=f2^#&0i;I6*T1ZGt{Q2t_qfb!F
zpb8=qQvcdXD4Yu+kHa?b=1z`|Mgbr|K_hyvzXfI=7&?}>en8TojDoU{Pv@@sE)<<b
zXDzR@v$G+=@s&IM7F$E8Y1+~xTGP_fl3;^H+0IX=)t^62OifK~ZP%uzgfxaVBVZyQ
zfe*m-{WU&c)%En|66+b)FI||iye%&;Z<qK)R3s{J0Z$~QG%7V7QHcW=3k!MnpTV|V
z27?XGXj9!pSZ{W@4S6Xj#CCQ*xitJN8yg%1f))arjaK*sn^Av%{`?6vtMb$QdIggo
z>YvTU*@xk|t(F_Dfjx+RAR&NxKDPC>G&7SB<23q#Y~MXKFc1=JZeSqvihNbk_vXyN
z=Ml6!9Nws`teluFmc#GyhcU~}pU4^s6&H9RKl1-3f7U<bH~nw&-+%m<{F*@V6KFTU
zjj0tvqjPg}f0wvN3Hd6948I2yuz}>guQ8fL2beAo505l1xCFO{4K&{uVUzvmiB(r$
zl{gdY=gAMU&+r`{9WyhQ9s=`xwlS}lPVhaQkj?4C5#eAk(9vOFFes$P@xLNN<x;?k
z#lsBo?4`p}(vs-Q^*&~56;*V4zY5RUIP{s*EpIIvUu>AD9C082q|!9r>O4pRC2neL
zVuIgbP`uV`Pu{jp`y*dp-N<O`MUQ_FxyO(A42v@s-^T?K|9&S~?{I%#aArfa`c<$#
zY64h(Y2UsXLBDVCeST`G4{%7w?F50KxSARlGc(!>by8B(2v4V2ijY4FMo~xzys32g
z%CBE<%?Q~bIh%z3D#EiRU0=IQ?WRnGGEToVTd4rJ%6TAX<aT`sKmY**a8^hvROkrw
zIPv58?-vaw6XN19?8*`i&bnMriMFA?ywZEU^<fR2+|I~|{0k;lYHjVgWd@tzo^W8K
z!*`k}d+b?SO3JI7KSoFW=uvU#+R)edc<4_G2<?9M@eQ!_HBF0b-(!-Kll|I88olpb
zuBY``{4Trh4$FR3K^Pk1Qg^>O8&!j5sX2h5n7+IE4ZGrDSLHnJ*Lk5<&C;gNJdvD`
z0IlLrOGrqFPMvT)NNsMeOJyQh*79n54LXwT99UI#y?!C&xXF&83}R=nS^8T^qj&Qw
ze2J6Z*&k(+;u8``{c{|TkB=8EWBaGc+{)68K3@U}H@~19@ePfSACYFLL#6AzZ_g>y
zs+|{DO4J)ZW3x`k@y8Sw(|r2$X$rG`NAKx9?&IU5RYT{|kySGyDk@G#raTEc1uQX2
z0`Q)K%=+aofs#40SYQnkKYzxtin8*ynu_Ps0}nSwFUkG^P-fCJS7~UG3C|&T1E1NQ
zsDB(CjjBL!NxSTMvckhzdO@GM8OqJH932s{br8t2ce;2COnTMQ10Ns%{QMjYRYe~a
zoB}_d!|mtLFFIvk1`R`kRXr*k;Uq1dNC_hkB@srjrxDzP6yGBEIN_&n2}UlhD?~~u
zqGrNEhvS4Zal-FCU^+-5WnC;Rs87`+G$W03^JOdg{Dfc;6b0c9`LQqPY@v`~CSOyJ
zuu8Y5&prjKOKM~v3iv9LyEy`p*a|F6hG!Btwz;B$u~0sD3?s6v?037tL_~MDkTIs7
zWD+kiF)`uh*tgdRU$CLVOqCE|3OxW51rcApdIcOK2yUQkNUe}PVmZqT0|KCYXI_&b
z-Gxdib8$7bpiPAG>_I+*U=y$r-OjSI##0OUJS$s}5e3iTGV2P4%+1bb!}JYT?Vv=F
zd(6BZcTa<3p5QAD<PyuW1b{O6d%upuK9HP;N}iFQpAQg?=+hy7D?E-*g67TyvFMKi
zyQ1mr?d?68udk%5)^pqSbj9ow<zQi9F$HV?9TsF+u*{*nA?rKDg<|7sRk~wLhnYN%
z!8$##b^!~wn^V)%0SAb@{V+$`E1lk25)$xru*O6if7FWpv#La#GkKj6OVI7qc)s7H
zL~5w3licd7$S8vp+;Wm-xTvUzRL$P!_8tj6@x~+cmsUu?Zu0dvq;2$1P&68l)XQ;*
zoqRA*LIEUGGU46UAd$x-WvK+n0`Vu75l24yCDo5Z4$HZ-0Hna5Ku>o;L=^AOJI;X9
zcO)XdId&L(A-a&V-*bRDOA~_3l!}_#(ZN9>>SqXvVVRYgiOJB=5Ge)nd^;7e1Xz)c
z>?03ybwA>tIntt4?=J+;+8qV;^oTqB2Je8V1L$7jiF{MuUQ!Yk^o6`qt4Z#=#q>O{
z+4ub@64F{2GPO4>zx8DfH#ec88cjxUjPVBgN5AlEUVxk<mSMO%@uAipkcFZ5EHDg(
z^QA3>pDyXPqJfhWmI3)Y3P|rg4NNOoI{z2)6aR1WXa7Tflm8<B7l`M7$sbe)0fDp2
z+#68t3nVASeB=U*@bU2U5n;rkuePiNJT4K!Fh7ng?+}gyOOBK2L)!>j7pqzWr#}MQ
zU{{<WT&4*0Agbxws1!6c!+UGOaAH7Hln2m@Q>&O+P)8?&4F1dZ-d@w}UhylK9%(;O
zHd;~0dIK>rF*P+@J%lkORaH2q@47zfy*H6@uXm1cqw$DH30OjfTEqF_>37?Yum#nj
z<h*Ls@T)B|C$Wlu9Lmeec7OA0o7K?ML)*Z4{hFMP&OZD6+@Ww}GJM_%!D2OwiOg-a
z#m^G~KSX~5n%rTk%@%J1Bq$gZ6qvz=g!>KS?rv^wf~mEYEG`geh6HI5{I3GrbGo>B
zhZoVPHJ~(h-S@K9M1%0qIj;?&6?0JA-oC1Zligxw{r=%cuV3DGv}a^YKPjYV(Le2i
z3HN_b1LrW}{qAM$RaAbi)PwHoj=`CkM15$^qwL&hml1C<!ZvBq*x(x#__CxF{l;#K
z;&7q7Hti+{y*ysQ1Q-kDraGBGZB-{Gs+gP8m^+=Eny>PK;N<A|xVNW=L=#t|!3)EW
zYt2*HP*9G<VlCfPP!M8v(Q?rYc9Tnz++R>Vm4wRs)K61NN(wUd366bOK}pHb$OxRc
z?l7!E5#FGpr0kHAeP`j~at)6fB1nS1N*yZo3I@tw&<z(o0TTiI>5PeliV_|CX+uX)
z=C1P{AK%9jckuTfY6QdSzd?X^#Kc)U(E;Gc2wfZ$X;NinWr2Z#fCPV%JJNjcH%?D&
zO--+NuR=mX$jQkA0|IW;U{<<(vpNb(+S}6;+r4gC+1OrF0u(>k642ApDPR&4Pjm%#
zbacGM=k|Si-$k@v%SVll@I@XTb1XkRJRA`b5forR5G?_u8C_3S9K^`hSCOb2Q3uJI
zz3&@aTU-78yFto`M#%kLw+M}FZgNu46|_GaPz^;wK+u0HD&PI7uC8vrN^d|{OKUk#
zA|@>*<-N~Cb4!bct}c<!x~#0MwUd*Rm6a8KM%PA_&dbZ^`Ge)Tkf3*jd8aHbjYt4W
zRCo_2CMJsx786+?V#2}{m6Vq1%wkGPXg%48LXove$jPDS^exQ;NR(An7#SEqzKe~4
z;U7OaIk~-U4EYyP&(hNJ+BCDio_&?alU!C&5d#5smYkY;Z+p8h0J7|*SQ0mn<k#Z1
z6tvPS17TokVNsLJij9Ru2yz5E0@ADNYs6;U1APKYUS3{zcXt}0h2p?>-}N4l@X@Io
zF`ij@)l^k8+bU`N1xdX6V$G?7Py<+7J+3}0D`QEbr`4C2%c!X}fi$?T4w!EpAZTUf
z$pEo0%!Hi0d>}r^4@ev2GI+6xiJ#9lMAX#O8r^o**Vl3NyzD_R@51uwdxs!VWp!Li
zN^w;cnm8z3&Ckv4X1F>zA)}!M=GE2KD%83hYf4B+;NWfEKHZ-#j{Mz)EvDw<y9e!@
z&mb`2F)rfXxj;AE-rv_1$Sky>qoAND_UI0+&d<XW4M^bP;?@U&a49Y|HTB`a%gD$`
z1}|xf#}rHQ9-e0ntjuaMQUG%UufHe1@K(Dmf6r9}y1}GY>UFIK_k#Yzo?Aaqz*oUZ
znVFe!aZ@`Z$<LtQGf0bEuMU6e!-SRtm5$mS&F?V}pUsicH5P()UkuB;6qI~&$B~eb
zx+@+u-<eHhdS8^aff8t}t$y+Du4$tO$0fs;Ly%J~NE<7-*bNRwSD*#l2&spl5&z(f
zz6b4@va?Cx;o+Nw2Xe-QRwyYc*F{HPgXf0fi@zlrX9ANUi2$sGB@)a|?eYG;Il8u_
zWGG0s8imqoYHE(+8S+2b+p|c!94+|wfI6(73ovyBOkCW7AHI@xEtV>v9tui$0YQt1
z+9b))@Th0w)YR17v=0tR#iMfp7<QIYFXSix-{jBvhy2F>O@6q#f60HL1py(_%XBX6
z(7b~?2ljvZjUiZ*eDzDZx`-3L<mXe2qAw(T$aWruR|s&RdW6{j14aZ`(OK2J$ls3k
z_V$jB<f)e2T(V~?%$Mbd2$mmgRn4~?D4Psabow9eu~>*;`IFYd!NZdley>*01tG?y
zAqEBp3Aenw{G<?wh7njuNg>DhczHQ(R~dG@N=px2yY4gm{UPsjXbwe&&d0mo#5S#y
zzq3+RodYd27#JBfL;#9_i%Dm6<Y7Mi{TqJ^Eb2P3cS3h0CVg3;NGKlo<b89NgAe~T
z<=eNwSp`f&Lgb84%us0+6_xto(a|p<z#1=MU-|o3Sz2m|@0ow>Dg*4x!U7W}6p{Oz
zLxjIZD=9cQ7;iZzF_YgjSn+YG!E#c2eK92kuQ3Tn9a_0KHy3Kjgbum&=fs5k=!a5&
z@mn!QSVHLY@kLEd5FFgy-RYB6v&sK1DJcOUGaLyC%c-xwy!o@G&*VdCE{a+xuB_mT
zJ`QC=$swupm79l$#g?1qIu}L)=DsdCEG!I!ZGdnO)7vBa=><W6x&m({+5dy;>ZAV;
zs-*#sVS3v9Qog>B`HL$g3oV!lbc9nVLnXj>fO^=ze0oFx!h(W=hd1=LQ6Ol1dW-Y|
z|C{VsCn^xL@35f~4}K^{8NU@95MT$7ZftA}N(?ucb9^-ry6tYHb0$gfPl*Wr{{DbL
zANhHIA8EnLftzG8fe{05Tacgca<W28Pj6{#TtE0*7Zd`8ls;bRsj0y?wYi=O*sVi6
z;{-H`*xT1MHT|_L(`mNz_f=F95$Ofv>goWzm9(6kDKlv#;H#>tcn)x$zh|QexT4?k
z1!IER&-J;;^(yJpF`_MkxdC^#5HLKkk*xRbxrK#r;d=30FYh7>LOu^5<qvAbpvD~)
z6QkGaB&DO%(bSY&gm%_5If;H991`+;RpraU!O;)bg{TEkED%7C>wx-Uy$Wn_$jitm
ztEuU=yI};`;k|tu6$tpawFN8}EYdPxQ2VK@WQx^MQNc#sc+bon)8WBINeNr?2xud2
zU}(50EFrr5np&<}ZMaSq9*wAdAg84Te;Ew=K9wXG{RC%x|HQ9f2?e~GYik`G9A2DZ
z1x$J?C}#9-h&~3|Z5YIP2_N=^fu*?;F1~Yg6nVpCwQ%;$!V$b(ED4x=VH$t*MHe|a
zRAs#4ZBWE#V`Ia6Zm6%Ho|zGH0aSb0#24aP@Z;>O1e;QM=fF3D1rJ>9uCtA$<p>Vl
z4rBpb771%TD;JmV<-Ve(<{PaKV&55gJ{uT7j@?|%>lrbJ65OF0Q?KL1`By&<e0cJQ
zSb#FVfU^Dz+-lboKL<x*moU;QOvS*DAD=BPBN#nPL3ArOcIEQ);9k>U0ra`*K$|({
zlrc301%=|0l8q0-k$ExbU7=Bxk08wG(FU&(AUap6gA@;C=1-nYoKuR&BOD9%*1W8&
zB7ef{oyYuH>F`t&7cb1tUI%5jb&jL7c^+lF1&w+NcJ@oKodzXWD1<8F88CnWy-a|K
zxw*a$0VF{7KET7l!K~D-gTTRx*^rHeMWdZ>o%S+FkBZ>o=BJw8@oqI}YM{WzehPd;
zzveMmcwm)RHi7(<9fQ%Iq@t=y?>!vEX0n+QAqMg|k*+XamG#G$HBRzE1s4U~U%!6o
zOG);C-nKbsoBa`B7e`1)2t?>!vhUu6##jgHK3^7n$blh*F?4Wo$(-kr{B$JEKnU=W
zWKDpFCwLZcM53r6rLK;ba@idS4|aSEC=(MCCta=hn3$p~;9C*ip(v=T+SuBf5wo$f
zZtv{0@d#Q5)(Q>K(a}xz<W|^)x@TRXAR{|DJHL>h`hSx@_aE{b{WtlM&Hg2S8ZQKd
z&O_*h@K>og;=b6#L|FSr&}#;`_Rb)Y7jtR`P8U&gW1hMKYzQ`56L1z57J`IO5HdH}
zT8N8;su5+%b$bxQ#n%x;(xfhfV`D+>Ch{!5x_pVBa?a};8oFJ9!-nn>T-(^Mt*r&Y
zQ;0MyN8s1)eDuLl5h<xx>S5Lc0|Vqs^VbN*V>W|OAhiN{niT;&xP-5?ba+e*+Tl7m
zBG|G7_1xUNJg|EP9H64Z{k64t0B8Zi!pXVYHVRSco3K|%(&WzR>gYK0^CxUr;AYpu
z`Nx`(UoV71m*h?`{IXVW@ml-|bS>OsW+nyE2iV*|2-va=fa$I)?!^&+9srQ0rKR;J
z!6C)12d#i;O8vP+goOpOcXxNQ<v_$LFFyf71b>5W!|Ca1u=NA7TrtuVETv=)W=6)H
zsuQrG*)!x14Ug0HLrYyfluE`K2OHZP$bg4%>r?3)83p$K0(IKyX-qaqWsxct6hSWF
zJV_=LQToQ>!JG&8lHw`uW%)kcx~_RQ4Nd{qzp)K=iG?d49v{VA$3QV$=T*iF)uCRQ
zP1n@0NQza%Z5QpwXp?l7S5$~uc6!~`R#c#H-0r!9Qr8*AO3lqhF{rid?ChXdNB;UQ
z%S|>*BR>Oxp-^ZiARvHhfMCzd&fe$3@AII3iMqSLPovGj&d%V_4B{I={@tCOSIs|#
zzon%ObCW<c78m=qWgt@1h*}*j>O(fk&`AR~kfMEcb`}~LiRFmOiR-B;g}jfH&d$Z9
zrlJDsu3;y_Nt4V^b}w_V4ptH`GvFO*iKy=YsRo2rSm{AiZ<{B0ADAA3%`Kzpn;W+$
zRglMke<6NDO#FWtiB`b>&#48-hfA56nce<W+D&@z`;_i0ko5ASFI;`p{rMoQ0`Hbf
z+0f7cM!~8Lm^L@J8-5QNxK99uNN#F<X(`>icW0xiY`}7nIzn}^K%x)8nM>K<-~aH<
zYB9}(m_otE;LVpeL`37yOIY=&o4fOcq%Xh!A{;42-Ww<#;ed2ryW23mnI871W+Ml3
z&Sf!GSy53@NT?f3Q%{c}(762b=TF2u8WPfLEuw<j+IU}-sSpuw@0WO~rG@9RDlP4e
zC%>?{`95%OZelVo!|*DICLt+tn^LEPos;)HFDrW$C53jY7p=?Ts?N(DE(hbtA3Q<p
zgGI}`&!0cDv$F$uZEkKZ+(!W5p%QZ20iN^l@LX%&pPbl$38=0vETq!HIi4-~1Qu(M
z)piEh^IlqB2HA!GX{AmZ=g7wS&Is_$;wI>1U2`uv0q9eK<E|DD3YU`U*1+s8)KWG;
zPIcB%^b&p`bWw_?*5}hub5Z|3n4tzkVU*V-X8kZec(V`-zN0EhT}+T*D?hGfquq}*
zn+8F~kNgF58yg}bBDkyo6_6eP?*~A@%f|=4lR@$^{+KK-Dk?}o#Os7WLBF1)d2w~M
zlPvk#j=3WwmJknbaC{stRZdnmF*%u@o*t~KjqI-H$5XJWrY;MLzTk7nF#Zt=#CP1A
zz&=6hFf=g%UsQJv;?n@*4>C6Yq_hM=ky4H}#xnA<F7+HPu8pB@uCJY&P7;3^n3+A_
zY_MCl9mya{8=ijo;C@cAK*zy>9h6N6j1Sy!U$l6tww6_at_-cx$<EI0av$S4-d%YY
zSD?*d2eIoq+%NCo^3ti1k)9q&T-?#s)m1gOqT+EWV(2}I5#SmazmVWyP^=><(BSze
zB=dqv8Odjx`P<5y=GnF^dTgq<H@50>``D(2l@LG%s022j@^W(*zHNL`QbHwqj}Y8y
zw*iGkb7|r1%rT)27FTq1wEPSCb^bT`^Zp^f;eV4Kli*+Sw~IhPWWI+?5b(T4rX<nx
z*<dr5nX;_VSMn)11z!h5M@7NH!Y(c^*S!Q@@0gc;KwrPj7&`wyq*jYA;4_S87jL_o
zh1Uu%rX9--{P_v!6Hr~PP*1_YfLyMorG>P62O75mPy)+h=im?u(9qBT8sW7yHDEUh
z=!JyXz)sjKH_B>iYJPtt{4qQ01X4P?K_3;whLI$FXoc088E8fKo3o9Sl$5@{KCl^+
zwnop){M?VL$Ka6l^$%Y_SX5MyRwLPGSy_}&Ptf@keH?rX_9#gEV(2{~!J=#yqM|Sh
zvh~}*&w@M;Jre9%0W!!GH#Rl>{{8zK*sk;N2pET1(NP3bZEbC>9GEZmDij1u*oW9k
zPKJiUqdZ=<I}3F5^i#tlBQLVG58g_R@At|6N<qdlW7Sty+5itm@6W2T1JTdR!Er@2
zBm9D)HB3;t=;8-^gJ6@M4RE%{J3+7drM|L}2hVa4ADf!m;`{7lVQ~Q1qzU~`$PQ&V
zU0?)k8pMPxc`q#Jk?y{5HBu^x`fZq-m)!JEq)x&>Z@T6$wd`WO)-J2t%d}nE;L89O
zK0f|pk!jI{I3KJY5m6@x8~?3~3>|gdmG7L@vd5@<VCjx@b=1n*DcYN7iGIT^jFBjb
z@;Tb9r+c5?u2VMcDu*|eBSfVCTxY=e16}Irw0*O;=h@R}N0X7#Vuse!WnScwR8<CV
zbXUjmq)V&-mEjU9U;SIxx2_II@?ZHj!aF`#ES02WMM={lgiY}3@7Fx0JZf<d{IIm_
zoR{N4L>soXe4cK|=wdP+NPKd}ywP_Vow4)hC8Ipr+H_ChVlxctiK&9RQJGI7y8T9I
zvpVR@)2BrC{FCc2rMEq9;<s1M;M(bYU}U6K0e<LicHF%-)#L4z9~tN58pq^(4OFUA
zQ)XRxXIXhCl2uG5lJxg{xg0e&Diuz?*G{xX+vE8;o_(e$-wOC#7YlyZ%Z|u-Z2URn
zM@?K=u$-{9ov&T<*2aT=GW-@b+9S;L4qu0QBfDZNG`bEM!SawN?+sMal(R9h#x_m&
z8h=&o7wa2;uDPVQsHkx=HurmO@BXeM234%X6T8~^Zm6oChg+@_%DU}E8v2Z{@`;YK
zVU$tzW`uG@rnmGY`$u$#$(O&Ati(<qjY@azmk5g4uQJ~*f3x?nR|TJCP?PSc;Xp-2
zNq*lf8z~imR0sS_7QZ(PtcPW`#B8wb-<Xv{mG?AF4k=h^yt^KXpXSF7lQPp(a|*EM
zBrVjd)M{>oy1$_4S>Zj{bScWY=Y`F~mZ-^ucYOO<!Bwm&$@sm(j%b93+4iViSJ~*b
zU077sS)<e#qNne4y~(&Qx49Qjo_a6udRBO$RtzGN5V{t-)jDCw4J9(8=U2PHiWy=4
zp0kKx^jWTu6FmRFKPxhXF~cpFC%ZRWU6LKu3V3ucT4I$Heg!;H?Ww%2IqOhdQkY*=
zyP$iuS7}_OCg45INJd#zTG~P|mLXClS)x^@ahD^39hH$N`>Q*-?z<>_<oljV)8yHP
zUSAna(go2OPW0sru8?T;yBy}_hNJRF!#bdUpyet3dr9QA%@K#42yQzwMKYI@a+8yu
z<Zy2!ERX14<^tSacQK=6J((pTa{09sc9>VTizX;IX1RZ4p-&k&9NNBrlrA(QOE@1s
z<Wq=`*K=NB!J_4L8+QCNh@ZF&*SCRAGqA{I_evt;rhIz1kSTqp`I0Pg#;jl#qvZoJ
z&z<u$M|+-cacj%BAefn2B;n-S!B6L99OVyFCYD{z<?$ZiqhU@0Pu&HlzQcJQ`J0&V
z{uX+!H@tVBkV@_8k{`1&A|sEWQ}Gg1zhY~L#k67Jnpj#KS=s)fcdWj=u3l^30IsqK
zyC+{?2HB?4AZ*eSPtzb4d*Gj*j{5(b{Q3Wo-{8N=k2~=%`QN%iKm?477cJfl9M3+A
z(HVZFFSlX2jx=t6CD0>jdFVaG#e4kaBVPQwtcw}D6C5AsEPsN}hRXu`tik(_)W2#r
z99e=0LMqTw@7zQwuGWa!(sWL+Q_FwjwO$pUq1z$tt=qWp<Fk7V_ARq;KUFWLT5BTd
z8i>0Uy(ec8;BrM#zaJo~Lo2m9fpb0ja8S5~7cfOc-Z*eefsWXIJZoQl9>L-8Atpy_
zp2c`giYp1mSY%lMrnjv{9?Pp#>poBlTh84CXCAh%kUq^VP$8Dg%1@n{V(*xL1MXlO
zCka8$K)9;0VSe)Qy+?>B><<%egx+gK&JT_}c`*5K7JACdg{PQ>UUyceQok1WmEFlF
zE;o56(fKec4b-N*V-XC0F!cp*=OvmMpDU3|l*aXDkE9-|KAnpb6-|iZ{;UrO$oqtZ
z8?^$rVs=an57qw{QV-fL{Wg`RE&HP`ZoK`b9fRmMUF9<Kqo^*g?d$G8t8qiz^X5Im
zfQqk%4sgGXOGIB7u44ulpO<MOYxgR`!v`2Jk-lm1bR$b>;%0Jlue-x!3XYA7lS&F>
zu`u#3sF@1uxDb{@^#!f{;LULNz^ZswY#3y+Wxr^-$&2T4LPVzfKFLVNQnY!!-{&Lp
z_qdAt<5#KF`Y$IV73R`|bYmsvJ+T7GGO3OcbyEb&3|wUzfe5uDZ|o70tIMQXu<_J#
zN(JSm3kB>C`kTa0cGWoahG`)80s?-PKUD50_n9S`s<AJ@BHrSD#v&NRgHwlTnQVb*
zOPp=kP)8VL+OKW&w$nA4ffR{}l3?gw&la{bRJ927wc<?=gpXN-6*=;YL4D(yi~6yr
zwYR7S2|E@cA4(dBQa4U&z1up?1p$tsF7u<ZkaL;srSm8xS>=wQbhTItp~NMw73|?+
z&loRBM{3S18qAC+X~r{dU+XOldUHqqA_W@xQzY8;yzd|Jxd{yeh5Hos&mef==1F)e
zH^NdWuRcZ*UZCUDVeK8Jc-z^_(#QLKs*~KdLWM{|YfF2bp_&q_V!Hb}h<Be`d!zZr
z@-=$0qIO7qKJL#yae0JTS-RTyy+W^Xro~l0!WvcOrg6p%22R@VJEdDT_qZYtX%u<!
z?#{>AZZVk$3bJJQr6-fUP}|M=<ma!46#~4oECKhMqXQ#F&p!`C5oR$J3}c`kriPFZ
zP{;c5_wv2X7MiPb<?Ewh3?kLV*#h%T4(0?yZhqrKonO<AcQRiiqi0&^7ZsSy$#&CO
zXn&|o(pUx<5TnK{!4cJ5Ch~1)YA^5N#aHVtZW7-kI}Q^#5eCc;5+GI46FEZsJ>bh)
zc3wFc?N?SHO%KFC%{=Gz=6s{w;w>Oc*IrS0?8Z~a&Mokpxt1EUj{bZ5`pSh=3qN#k
z!PQ&-Kym}MI#LUGi62HvNGz%$R4aoOR=g)zh@`6Xb6TsD-SH4pY3XVjGt*o6aWEao
zPf&j{x{{FMnssk4CtfMm1*pF1WW#r&h3<n13y~2ne-$P^_C{wb)rs2m9&I_PlZCRu
znr_!jNHC>CF!xPsh*4|6QIOu)2@#&ZoP=_UFvSXuhz}=Wjp+9sl#E9aqZ$h_@ZaHr
zPnkH*W4|zXi3vq;*I`HLK$E-b^kU|~+r}{Bw0w<SKhkW4$DqS1vsHdGOD2ayLr|})
zyc}M)=4gop=_ld|FL67_oWH#lxt5y3RC0ey5VSz@MNxv?K~j-h2yQ`EYokf5e^Xo|
zP<@;GVDMY!1&^T;Yi-Q(uJ@+7$LHFPhMcxMjoCYorMp(G?Q5&1I!AR<8N}K)#npXB
z7L~=LQN?c%DWyTD*G8z5qIh(qAWg#h46BI-{ifAx;s5dV)=^b`-xnw?B}hw4NOy;z
zfONNXmvk##(xG&BcOxCr4bt5m(hYCp_xE{ke8wB&bN)f@#dFWyXP>#(T6@m922FN`
z$tC>i2Jv_pb1^McG`@>-5?1)1d)eD$HpDFFgsz=-%ltVVo$<45dy71re1?6=g<*;b
zvp2M;NLzGly0gPrX!#uTfBA3Z&-sh|y8lLgLf?Oo|4$DD#C-baddX=7-@WB4d{Qs1
zvqef_!iYd~UovOD5lY;8QLmaT1;lC#=nQwd;qDI`f`oZE)85)>wIHxEMl(lE5TV%2
zz=MLWPX|vk5no)j4<1<crwBO$R21q?N6IX^+dN3PQ4vG5W*_DIkO$$FQ6ylIK3H$X
za`M3RtY^KBva=f@VPYU8A%P=cD=CL_N#L`#?;J;!|3<m>F=s<a{!w)E9EI@3pRB~3
zr&iP?gSm7)Lfw7FrnEp!5-iEErreqrYbf&GwCt8p&7@ILr!<QlW$mk^KO_;XWqC=T
zMkC_i-D~s>^6%JL37@rMN~3WsfYk=-&L9@bF@)*57fnyh%~)HRmDGf!K<##wPKnJS
zSR|ZL>a##hxO;iDKl>e}Aa`|%>Bco&{|?Wp14dNj5BKxh(W*u*!l632h5+k}my3J9
zmgjw&p&ztp4^^4o@Y+C<LyHJH!J<#pEB|sT%BA;z;By&%EkC=?_l9@E0im%$W|m<6
zkObp6IambQ7NECZrB`Qs5k`W2=-C@Wcm>n9`AOfei+%QtL%Z!L7r<0b7A$SjA6H58
z;tHL4J<`6V1^sL8vVEpIAE|keNY*Fv8_m1VgkFdB?gIJ7OE_gXlY$~S*h<TIgp7q|
z(AFw!j^1AdAoCTMW>$%8U(yVM)v!Yd;meCcn$|*GzByo~5$W~oMkJ3!iHV}43L{bs
zgX`PoXADjgh{e|*7LDS35!=~MMN(G?10AX#@_fYg9E)m&;9o;xK>NAV*Flj`C!eaj
z_FAMwa${<`$d?qi(B=}aV2)B%J88O%wL~4Q;8_Of28w1+3{oN%H>>m^-@_YiW2e4O
zsom%msOdTI4dWwYPPmcpBWO~YpEEcl#sTijpEd%9Rv|GF#)AFhk-a!ED*J5|90-Nl
zT6YpRXLlkSI0mEj%bw7=hYeP89Hg+m+hC(79&?_H4HjI#J?+42-C@fch1u}a`l8Br
zSY(8=L6|^?$IV3;WBX>*)>ayyz)n_x@u~G4$d+8|z9yVM4l0RitcMk!7pbmAMU{er
z-io!k{i3etwuFJgBNQEN`;3(>MMHkAqyC<UnR|e{+&eN9r>CNZoW^qCkH3PBm*}F^
zOKsgLhGNg{>^P82`GvV!5S7Dm@na2s&P%kQdKRAW+u?1*LX9!<RS~tTwsQ9sBc}*d
z((2NZy7a=XIYw;iE-oE~=~Q_IjZeQ3FZ!ENI-oL<aqV9=@*KM>F!B4qu<IV{Y$Ahz
zm{oN}+JU^R5;v3}Mg5I)hw#X*CI=38HZux&cBDUw7{{Xo*$(Q&t0)yeAu=r87bF-3
zY8p4)KDimP@?Svg!}`(><`8*%bSndaGyTzTyfJfkc*8+UBMq$6pfCL3@NgznC1gPQ
zdt5?Fwt!(Dp8=WzMdtTN;qZY&A57Gg#2O<LP)+ete_%uhP#PbPIk!(375pGuU1<qj
zQ(sLev}$MTre#5xWa{}ue(EKOE4M64=LTY8`IiL)bOrA%Jm8kS4=P3cU<OvLe0=wz
z*F1s<u)aqPM)EvDKtk9&DoP7}fcW2m0ABd#c>RC>czT5R`|7h*B?Qbr@BV*3nIUYz
zFVFuE?(d7z|MwOG`1u5m|NHg-{XuZJ!eC{f-zJ*+UD>5=)V;2hHTTu*=F2~*;|}ma
zFC>FE2`CpCw|ERM7W>Tn3fEt;T$uy@)g{`Dpw!&rY;vUA;RLloiNPEXPXmH#sg%@0
zvt!kMTZ<NLfH-p|5eIM8bX%CG2+sIvdBO<wh?rK-s3Orev&5M`h9jFLG;>SFtLE+*
zByZn{SLPkW_<Msl!cWYuZxxA6Ij_emUoK?O6UfU4Zkguj9il!XzuSK!f9_x8*ZDW{
zlX3oo{4e$)AS!1($5T9U{K9?Zc&L+p)t4+FOh;L*QfhW!N;jcJuwC6rbRuk$TCi*%
zLY@)fxxBDFnzH8y3;&3VOvWo`(8}u*@*mVRDsPH8_l2(kfdL?NoB4()2777uKEVM(
zkxWbEXd7)F<Xe~cveHQq26_#GPPR(nzH4ORraMI5+F2y}{?S52awtM1g#zC@xDD}U
zUOBFOp0+jN5`dLX0u7_5<3O05?~Bd^pWJG+(UFvm((6wm<7Yy?gFdY0j2*JT0N*31
z0c*f`j`Ma#Hx4S@FznrMmR#>jN11nu>Bhn&oT{PtIYC8Qc(6!I*gleznY|0Hr){Fg
zt>eam^B{^2H$h5DJG2PVxa3!6cu+9Ro)J`acIDB4vv$hMB~M69=<4Zt@A~Lww}$e?
zUf4_lm%(F9K-Qm3an(LG8NsvZ<}*$fI%X!+)w;{7V!?H<hwIPp_S8p^GM5BnGBO$E
zDhK1l@0s+Ev5x|i?e&lk`ec#o?-kqg$=){o_{?|)_kbQgsVQxC1p4N|J^4`ZGjXJn
zMb@`IEI$@z*f0)2OxuKr3Gq{E{N!y4OopYtuovRZjlPLYL(<_kk^ObrY`}gJ=XnT?
z<TbLS@o`w9)>bcs$J4jB-e27*)7H*<uiWTu{;#FgH`v_#mHff})dn&f`Y&fy#pt#J
zy=(L@=WsE>m-d?j1*|()UY7>-v$IODX-?7I<I*^Pt2*PZ!18=l8r6L(J@OH{bK(7v
zD^zzYB5Kv_qOtPsN_^AF>Spi7t|d=t5@>z(_uyyODATVO9Z@^K%I^C1btH}NXx|LK
zY4&aP<8YEYq3?s1kZ<#^I+tk7tGT(yj%;Z6Lk0ZDi<Ai>gR<WB%STYb21i<=+59zL
zBkXbuI}_`}**uglw7ZrT!GtnaIH58cD>UCw>;26W-~sZxyQMLkNgC9I#Q=rXs;ADo
zuV0>s{#OH|G`-5BB;s>na<uj-c|s?`F3c*jcjMn7dT*s`Q(2yGW9JslY-VnM_`!4f
zVYjc*;McmdXy5<7g>)k;$2+c3B#P$Q>6<_86K8o5sqZyLbC1KWoa&z3(yHt1cU01B
zcK>gLWGCOy+_}vC%xRu?ZPaMwP0}&X?~bpoYG&r8WnXvE@4hfUQ`gg`u=s)a_xqvi
z2PI6G#l&oE8S9MnNeuN#-1!}d%w-x<4oXQX4vm&Prj|}E9o2HObpxR^EY3)PigL7y
za_o?KDML8Q<x~ukDxesVkwsw^mC~px^J8MK;Sf8MFl^oD8C1xxs-kD&kThnSBN*p)
zM-UC$=-Zn~sVhV)Dnvh>Zibxjl0~f>2qyhxbv$O^_;a<?nIF04fhx=Bt?P7uRP=vW
zXbP&*dxZm!r*TgMQnCd_z%_#E(V@7QytO1pp6O1<X4dcfO1DWaCB@I`g`}VMo-XK_
zc7V1XLA-c;WT8eA6^p%%y<sG~n6zVI{_!leG`8iacB?y)VRerAkWXufx6b<X^z!Se
zO+!^P0@mMAC!c`3ZHy}GzTcdGl9rV$q+_I^AHH)a&VSQb(X#b8i21X)uCb;d15b+c
zOBKH1^zTWYndQwj(+cyr!A7Rt^9l001NFO-q{Uga>8vaUl*PT)+3DHo-wm$YDkM?-
ziE5Gdf9G?IaUGmX8D-Ct=Vc3TVKCkPv}bGGmiw7;Ny2VIDoPoUz;UMJ)y&t{Omdhf
zeJ77Z`v`+39!!cWEbc=EANWzA9fInOK%amQ%v<}u_+I(YCgLlHX;qcUX3ZG055v}n
zj;f3H`v-G1`xB3cT6KF9syZGV<_Qiq>8P4cty$Eh?+im0wi<zk+LF{pN5j6kC}feG
ziTZX*^({pw*eblfP3hiBPiCRUqEX6kViin?W-{A;sI3xsMt-mVM*h6N$gllx<fq#I
z2l-zsLqI$Ny`fsO3zo-ct71#@1Of^yb|oyFO|Ve}d<{~#G1yq%aXlK_^k*yO%VnIF
z!W$`cWJes;`3Iz=kolij{hHdky`1vzD-_4yFJiIECEzhU+;(>PV(RsO7c425a6X+_
z9W#-Qc&ZVMWKUT^QG)MDP*Yh`z(9K@A}C185l|K_ULcntxS4|1pWS*dJGb;23pY2X
zAlyhPE9&Asbu{OcYD6ntZiQ9Tu%-FYp4;fS((=M5q4@LN9XSJ`urIJ+WaKhf$TqcI
zCH36~EsV!A+97Rbujw1tG<=V0IN5_fpImsjM$OCLaT<>ohemh!EM#~u@#erzI!gvl
zC@poHSSp(dSthK-UgSMMi-_JHMK9{BqzisS#G+x9*)yk!#9;6^J7z5F(n+<HO0;FI
zKb4ssz>#e?Qg-e}C@pO$-jk`AVXed8Kl<{O%X+T*WGMdJ$u@O}gjV=#{Wqj7`WxH!
zvQxev%CxafPt#YRi#vI%(RwCvi&4pk=MPabPNmaoT46kX;672e(3WYqrcbUCwyUxx
zr_`DpAOBSCHDa{PsL}8zsqDQ@z1?Qi*ea*4f>O=yE+;8z2iQ3$?h-OI+yK<JKaxPn
z8a;}LiHT{AoUF4woO0)Qvrylw6FU}|mQ5!r66V}VDT)Bw)yYK+w%foSN^|LOKuQGB
zAQAAfu)v%IS}TdQ%AK8^jt-6H#fZ+RnO35x;JqRqVyAPb_t}Eq`mJeE;a<3;@)3T$
zH2j&j|2V39d}b1n_Kv9Y^pD(f$aYqQ=&fr5Q7H0Ns~bPhyBS{w!>{G7MP=J#>#LA-
zS65DgBE+aIZjZ0SM!6?>g^l3gyOlLU@@sM+)2c+(lkj=w60=?5EZ}9_N|JuUN9kv@
zTrz+m@-QeUpmDwblHFLu%GIl*qytz<A-UcD<)f@6Lyqg7jnSA|fr!6?A~w&H%xqQl
zi5ASe?A#VMCpL;wP>=O)+zdZjU52F|iGD&sLZD%!_e-T-W&|VO(1aVs!7;(cp`-}r
zU|lqYytL}}1HE0+_Rs^IqbYC!xj$}M{JFZ_^UJ-4JtpmO{|WbK-1E`!=O2~!0MLQQ
zZsw$`>c_@@kmvn6@h?H&)c1ras7N=*PmjygeF#(r5rlj`MoeZJlE0#lalnL9`z$6M
zJc6)nLX(>K7<UylHMvkw!eEWA{J+l!u-JXue@#0!i(6nxf8jW}8OJEH*gtY$YMI}p
zi0*nLXeRC<nv`Em{+^#>%S!m9nPaTvKD5Xd$GoV&LPkYIqGM9>rK9t_#@=s*(zn`;
z;}deQDT*yRO8JADkoaqw7?Y~Lq_$AlScX_whDZ{#hfspKe&V*nM7$PRMI{YFs#=m-
zYCymhm>NFkbZEJrramtg5*~}#ax_yK&OWKM5tOc_VNldk3a6%`s=QE;SCCOC)*yys
z5uQb$b0V&;i=c#7V=<;{3Dv6qn<tUx+E4=p=_W}iYsm?6bFUDw@x10OZjfX77OmCT
zTyELb`=sAWsw^`ZUB~cs2h4MNl^UKSM}$lfpB~La9!pbrB5UC-Kk2!#XAvfTmRJv?
zS?|Wj-xEkzDaTo+A51izp29rpaz^5b{NWWA%t?>x8lMs)U(WARV5#_}D{6jY)kG%C
zVIU}!SM#6^0hP+azX#cQugwwec8;qOYOBD4c`nDC^zx6DkQNIZj2nZ)2kvzO`f+;I
z7`<fkLfT{Yr67CDc@=Id0p4f}#aLh5Tne~P!~=MrgFn4^ujg53Q06#MZa(84A7;db
zy}x5>ML118^=E*IbxxpmfH?TLsV(X?+<L&I=?lTB=y@TdTzHXTe*5*{$`f<mZ?I~R
zdCfmMwL@A5qa?4-`H%33opbW`A@#;{{rhW*JOK0e0?5|@XWYWl5_NWlPV?u^cG@%Y
z$NV?)=l?~1t$!mwL)u^De+_XL%mx854V07)iw$X(78WFc+on@%0dT?|5XyE|sQja%
zN>UbUEemzrFJb^et)wI+<Hs0K*EE>Nt&-sWdALHF>5rpRtMqvAC&p&zl$FcLEq%Pf
z(K%RdP5V92YkGA}f&8)}e6z*<>G7%+3oB;J{f>U%^xF*1<JMHM+TAZysQ$34gBu`z
zdy8vk<hT;T*m6(28G_y3>-n(%oACB_#xt<JR0}8&J#Pp(tz(nUXv_K4k&&I4>09p>
zkI5}hMm#+t)TAXP@#!xwQT9C^6RJ&3KZk2{K=;sttF8g;@SEMLk@u=fO3~Ha;TkP>
zR{Y^CB0f=3RoC#mPwT`_fPejcA_Wz=nE>IY$Dh@JTtNHX@_kYA{(41-mDPTho>Ikf
zp?Y_qtR->u6tGF5vc^V7cdlBW-rG#*Jf7l2HM`z4>vj`hGg+Y`+$5t8b3K7(;mWm^
zcc%ko<Z8pZEIl_(Uk_|sTrTh)x3-2;dJd4d(XNF~QUY=|TdtPw1}M|qe6${c5`_6a
zcaAhT0T6^xuJ6)_2nj`U5@LQtCPrSbb)7x79C<%#*CM~XM16U#7N4X}$o1#T&om}8
zgNMaQ+E|zu0l>@QB??MpH;9}7`HY*3D>^#*do0j9_^ALQEYO^iD5-z?q*-qVdkADW
zuk#IBp)h|hEWD$DzC4)y^~@+c-rvW^#uiZr1W3Raylw_W5Wo>hC<E-Z?UA(QMrTHY
zn|k|gz(?sm-dSBm!^7)WeFS1OzyzRn(wDB)Sn>Yz$Ho(g=N=yc36#~u=N%v4O>^qI
zuXcca?Z<l{Z*ER&*7Wsk3p6oYnFM!7JgKOlz`FqGB1N3XeU8%eqN6b_9sp^PQM)OA
zl-_0wD2sXlCBW9$I5vC8cA*k*Hj|SH{s>!IK9i*ZH4_EnQYqN;8vZZgZSyz|kp0co
zWFW49n#fpiz!}h{f2{%r%;qNSv>qLxbRr}=?@!SmP@tGwSuq&k_iVdq0<AaSFz{Fa
zf3`wE9gA_l-3|2Myshhi6V9OB^i#LpXJTRk7%nhR$#woT@?Yac&E~Ul)Ys1}Dw<cC
z7i5n5^Tn_{?+z`VjhB_3ox7r}u5r%_SUd=8Nefry=eArPT_-i}(+Jl%*IKBDu$UO;
zM>xPlm8xC*wq<0DCb~}i@#AD?jI2C6CI(B8m~;<VaG*ir;p5BCg@%S!1Ewb%+Z(Po
zKf3D)UcK_-iU=nU1)ND{NC}?wuo8lUP`8ziZ%EIyLxN&27@~n>?Qh?{_1-58k#u-z
z&cy1pxZ&DHwsL<Y=_GBj^D72?SqYX(z|l9aj3Hb833P|!2rx@P>_i8ox|Nj*3eGm?
z4|i9y^nq=FYd6m4>pt=Ow?T_OF&I2FWHeC62Ao3#C%wk5;bD~3#Cw?FdY6mBY)f!+
zzMdI_f!zV@v;e{<K<>D|zX!ZVibY)x2}w!4ATe@%&fL5_vTv_8sHtNO$_cscVEo4C
z=Xo=Lzr>!Hwat!ruD9%lSY&8tdRO^seETIgu^1}gxb)5-l=)O5%%0GjtiR_Ro_#kA
zcmJ$~YQcS@M$LQ8010h8TWJJbJU)r=ki@$w$o&D13_vk{<>JbNOL2I-Pcjl)%Q20E
zwZ*}q^khe=AQV%%M!_F-dz}np%|cD<gHF@ves}pJim-QZ5a`W#U9-gUY%75q0bbD$
zY(LH9gTS21nb1$2D&aiv-;fdY#-V%^RaCZAg@E2fURl}w_MG|#u|ZU6VtU$yE`Sf{
z6YqyI&@q)za)rLf8IsEg75Ay2)P3*-ycn60I7S`P5gfW2`1JbH((uJf&?mU_gZMs1
z8-2RW7A+JP)w~$8y}dmOJBG~ylu4%7+W{LHK|!DA5%%##M?-r?{u~JS|LX7Z?HTzu
z*#PqYyT6McDb90$m!Y`-^>^9-@3Z*-Jqzpq|14~Z&u3`_s(|NfQGkU1uP!l#e^()m
zf3HGpivQ#vdC?FM-lnpdR)F~y85tR^<P9DD9@tZb3PLb+e2R>V6UBQoBOJMzPX)M7
z?V-IIh7|-H#P2-_$lr#fEG;cjeVU;sNIQc(5<(Y_WgcFoB5?U$mOe5YzhJvGH6^0X
zgvs652GIjtkzaxk*@Tl+v|}u~()SqsdqNvv)=+~j+4yr0QF{gb`zxd^khXQ%Mdhn}
z7w?<YN>1V$lK-~Y;_eEVM?i;`FXiaqAm_Js4;!Z4-~eds`+(p33DiekjJ3_oyuRTO
zl(Vp)3%mgA<3JB+Xz0orH=s8SKV4hXx4=n*r_%+LL=zb{2%vI6(?Ub2;Eq<$|M<#|
z@7=qZ*k59gTY%bg-H&#o_XNB%+Twj;aAZWHg+uKOQLg<U;padXk%)*0FtxJXVW5FL
zvs^>23-F%AuB1MHrjasg5fK&5S`tWnsnWrKq=HRQ_Xa-e-uq;R5j?gNR*{Ho;Tq+<
zZ(JrA0~@F;0pSdgt3&b`7Iop$EeO#3ae(f5l>l?gW-k6GIDuFl!IZvOXIEE7u8o63
zCzC5_w_mIQvXYWgx+{=7UGmV=OG`j`#efaV+2_&s)`Qy|<l<yzhV05>*t$+$wzccw
zo-*nF>f}_LUeH^kQlj297PQ_gzPE%7bn;y3`8~5?z05XiRT|&<y&DtE#|+l?(M{WT
zyQ_7-q<>4%Z?3RI0lJ3nZ8ulP8L1Zo)VbU+3Dxx#x5jf9Bm8#`z(e5aqV;iK%1cL7
zBkN66sph4@moG5GYS}Hln{omlg@sosvpa#-C#kayYFHXZSxNcXo2b$VNrj>dkHyjt
zjg8b~>s5eKQd)UTlwL%91SEp8T=;K+axy3=#8<^tmh-g$dzoz!`)iYlOM5!I&~&&Z
z1^{W@^WkFJl)UhIg-SF;j9l=|;+t-OaoO3o<xywWgnP3HWk*}v+rEtnWn75m7_q<P
z(;dZw5SQuU7q5AM=LrzWN76=NG{Cxr#d{?KIRgqkRa_e(i}qp{8q7K+1qBN|SUHK^
z&&R;r5*Qlw50zxPt)Qno@Y;OlHNvaR7|~@BB#qkHd1LaH0+$)=(eKeu`>P|*ngR_j
zejFIr<fxzhSM}){9s{;04o*&)ueO*9z&S%XnZ#a<XIw40q6&B|23Bta<)uNL*U1x*
zjFvMF7{rbF+<Th|6#B*jSy!FvFr<gR4nsVDtfG|tp9F_5`K_nJmOyUZ`f&IV@&0k=
zq4m-6rZVl+o|Q)(A12`(P<~Ibyz#PpO5DVdw`kXBrUb+c(|Q9@O*itUFnqGyq~1|b
z7JsfFDgM>ReG_}uE{`(R7XE6Tdz<hD!6wz!sBMSVmX3}KwZ8)y?6g4YuM=)!f;!#(
z>tJ^RY#|BJmXQj6_3ZmeDtMIbjvQ0(NJ!@FnGt{mS!8f<yMbku8Vmzt8?K*X*I6jo
zhG7FpiCa&&wo#kJn<m5`r&p?N&JAGOu{}i9)G3r0OgGr7ll2pY$|*_;Xr3-|vv^<8
zMLa3fWKbBzNBcY<`q(}r+0YNo7d6gF_&qwh5`J`?A%)aYz%&XRHf_cVCm}Od@7!5P
z3(G9b3XLRPC51%Io98&b@;2^vWCP70fcc}{T|IR$je*AUEgv%1fV`q2+2%0`5c(hn
zbHXKwTW^}cy@35$-*7N7Inyi|N4AygzwGvKlOe=$kbs*TEKbblk`3@BCkN#Jr~BdW
zDr#$0fN#V}#>6b#+qXF&Dk-RazS=cHm?ZH5N$Z5f*ZqB#(ere4h^I+q+9Ah>9%8rX
z6fcpGh%w$*v{=q_09e{OdHVU2izx*#e-p+`rKCK;V*=J+aGgLGYOv<22CS`s4T%eI
zl6Yj@Qm_Hx5?ETD27ol?DZ>slRw4rHcG5HQtNb_e7yU(k^?xHj&x?PMzY)AqRbKw)
zY6z&Vqpi7#Z*Fcr2?z_r(nd9M0bLVCwWb{RGQHcMm@|4DKg><=Qsma^SJt`})7!f{
zpch;Ba{2P5X=*j9%dU3h?IJ8266%iU96hk7(x;8<q6gIv3yPr;>4;!14J|dNyrxfb
z5|XF9pc-lVv>E$_X}1tdvMn2^-8=ij^_fUX1%Z<orL~GmY-XlD5b9j)Ps_g~@kd2Q
zevO9*#7<LFQ~E<7u>KLSrlq9?_|!lLCoeDag_ul0Svdyim4H+vBj6o@cRw3HzsG9F
zH&8wUmLt*Sd9pw{Iyg93&JF0l(ba*-Ad<8g0QwTzpWGiK%gdRH{mY#$57a)=0F~@+
zY%5T}GBL?DXuza>CXpp&>OVX<_)ZR-Hke|`P$5CBHgm&}mU5&R2pvf5rY0u~3JXC{
zC7Y=MW|<zALnavtEeb>Z6Lt@dC?t0zopUv!I#4`%LkwTu0Hx2(obf!QyJX#Wag?A<
zAJoAP`s*NhA_9WYaGQ{%r1|~SjNimzVPOaF{i&#y&@CwFdk5h8TpQjnvQqB*ryDLb
zEiFyCm957i6|UP8lxVu_MIQtB158#iGE#rAJ^{OeotWx3Dc#(_k}SOH4kWHrhP_#y
zz?DGix{JFAOuF@Gu6!?*;!h`ilxgWmH>#NPV3mKGUw(vZd6lfCCq=M&Li-iw_~vXI
z?6?BKC)iaB-R$XHasJ3<XKPC`0QkmYbASR}J}^#CjEgJK=uii|H3Fj{RG9nGj4LSk
zaR<ORfE^%??^J1VKGt?%W@lHHlk-Y@x*72Vk%dgA#tf>1SHX0#+VAD%h!0`GaJ(qK
zMrpC$2Hb%VLBMHUuGcfwp_Xv8&K3y{VxInus6ZVP28kedp{m*fOBK_*ccJC$8ykM7
z1hCgiNkS(_E0zfkld{^{OJWnY!%Gd0NM=g_=K<Z`Yez{-D-1$IQPFpT(B!SiF>nNo
zAmH|~(A3f*`~g`5k-*?TA;Be^qv^Z`F~26|M8jo7h2LA$=ay|~4|v@0{uTphH89&`
zu(%}I=|6uJT&;B>IS7cdl%-=12+$g?u~S<KbhR%pB(R$F8p40%?oR;gz;`osaim~8
zOtSlMDvg=`)if_J2o_=kQPG}h9Z&k5B~GV-_-hh5AnBdCT#tCK4HAS~v|oLjALB{x
z*6#@hnAKMxYe!baA9K29ojy>G(f3xuEc$$mlMj!=^pji=q@Z^zVRdMLq<(P<Lr?~C
zg}a*@lA$bA3k4}s3UBe|W)LQQKOoV356l!yc!v42XF>I#xw)Ckp4s$A5t*i!lz2~U
zEQqT?#wiql5*B1KiiaUf9?q&IQgsuRf+&OAF9LYe=<>$)<=a3C3EX%>H^ml#mCp^K
zfCzYcbi;tn${+TI^mV^j@O)Y<HK{dd1o9F1`T2cPQv<W$i|txewRg4dZ=W(QZ^_yI
z3VN8AEOq1Y*IjIb<fTz-*ghbu0wDMkUKGQjEkRsX#D<PC>n$B!=t(_DFQ3#GEO^tS
zcCg#U6INnDN-M$*7Yf|RY?10u&(uwJ9E40vwn5GX3adyjNHyX=+fyyEH$6-)dU<_F
zwj$RDk1%@0TM7y|HO_w7N<0OD<j7Cn32u!U8Q%9l0x*)BoFIePShS5J4-rn_q=H}S
zVUS}24LotuaBuGiF+GjpCX0};z(9DgpObk5J_k%%AYH&v5C1OAfG=T-v<LgRC5QIL
zkh#CkdKo22zJn>&+|+bqW8)7m&`ngu++AP4@ryiwm5;s;dKYA6W?^AymD~-v2>ftp
z@HUjlYu7O<LY5_8J>P1%lM456yU_P$<KQb>?_v`WcH1%KrfYnd+E8au5kV&n(J*{5
z*kZd5x1DA_(^p_G|BU?B|Bd{`f01A9-^l;I@gL-;%7%dO%FE5Iw9ah+`KS8Kc>oj!
zy{_AAj6shrHYN@Z*(b}zhRMM}sqrvv>-78gpSin2+ca2q`!_?#NQd=aQ_;}q+mK4c
zCnl1*T3cEQ%Y;-BZBtO8lHg=qj9!}uhS>l+F4}cXkJF7HU^D;<4eFyQ1*wJtAb8!D
z!1L*@G#bd3ZO0)bEJ;uI8X_@sc64+<SrZlzfSk8$PkJSXsS9fZqYr|`=@#JdLs?C*
z?c-2qv-C#9i*;;hC`>-wD@X*!vUbyl)6!>drXTHGE++j_;67l}^Y(Wdc}f!CGj(=;
z9ED`diuJaaGr73B%Hp-~q7f1jV!3IeTlo||=HvD2vOb$K$$0V^j^8*N(c!pNz7D(I
zeYrqN1~kRMgwod`Zt=PuI2D5GnMvK7{kG2s)Zc)FAq@NS0X4sI%xCAMp&y~4u@Sf^
zz#NOX;%~NkZ({z&wjRhH@IXeumAwOl04#_lmo5c8gvldb`Suwwcb9hnu=u_oi4F5g
zDcAJtV!#LaV;iUopzZ4D^1BKleXVZ~;sB|GHI3mH9)jF${C9@cn%H%JNb-}x8tt|j
z*!}EVw>qZPKNM`ef=y1}`v-{N%JCExGI%2i>;iT6H?!RaZurya24G`GqM>>C7D<tq
zbl29`6P)8P(zRtIB@ODL<Kloew9?(j0haz?EF?LM^+iZ%zfn6rZJHej_Fq|#WINP;
z_!}tABKK#5r5qgA(EZs}1bQdCL>ab}q@~ia1gIfBc_a0H;uGA|ER(6Z*I`UdY<4s>
zW3&f*_{fn_KM?r0OTPy7FcGR^R{FB+(gp1Ck672K(@k-ei!JWq3;({MiIrqS)xXg&
zI<v-<+NMc#FVhdwf!!2!EIO`LPsdTwD7Pe5_mEr6vp!Bz*8Ix$XZ+n;R&m0cN-^ms
zVPVB{_551Tif#d1Uj0V<m_gk==Rs|%c)@fS-VSa1LO$se{8c^GWBnoMv*^J-h&IaZ
z?(6jNWL-Hub|y2CF|F1!@z>)l;cW#=TES-CbtdC0E8m$<25EqO91w>M@&+C+HiAj&
z4jdNjaNL2b!%kUXP!PC1xEQUYm)&9brfA6?qKI7mJ)IGEdi&)Wxw#?|JwRx0!9Y(R
zR!{8z_m1r_gltw)Z3}^D%8viqs{Iz|&=ihjAWuq0YqU&OezuR!wqM;dh_))bIPE)g
zt2G3C@#`ewvlpN4Hn|8t!45B;-~FkwtQR4fK0iw<3dQjG6QL;5EyZ?h1B_-gEB|Sg
zH(6_3dhwWZ+tih-f5VHOxs*@^4*R$6p8l`J_J2x@sJOT0o$Z=NeCNW5V`cg<HZjS{
zhC(lqTWapiQ?44j_=L%dcSU@$GnedFJXY6Z+e5YJ&ZS#aKi`moGA@cKvM7@Ei@_VG
zN|L6%wd|g}eqHI9p{u$r`yH&Jnp#12b~RY$fj)<owF=D5+FA~}V{{=&Nl;p(=H{N2
zLY9;qfJMRv)~+a_D~E^DsfQqne<S;%*XP;7;S~5_TZ}C%5Db(<#)>tJe1GTSHB^wF
z5Bxux0gfwm)oT9P^=fJ12QCmI-1R~;zkk~c4)kTc7>_xFtOKf6rhYwEJWxmP1b=8H
z8?Mp&;0@G7z?oM?RW+`<-j-s~s!_i&OvA?FX$26Unfrw{HaHRc8S}QZhNz?l7^`gf
z8WpBvG3-BR<Yl5qRZ3)*ZFevI#Ij|FK9sB}J{$PlR`}jb!<WD)L;m~EroORWzrmv2
zZ)4N;rAC-H$&GL#+Eu@Z(!Njf9>9u!okVGD79Alsiqn+n3lSfd?xo`>zfxRqJ#f=^
z>dCS)Kem6rOAv{9VoE^~$l2SOOY*S<^*$?#F=vBOp{~RBNqk?<!|Z}T;(N~Al;KAK
z@|>@qUYP6uF(79RTX{x)`~OD%lE29R>EFmNZ2b@N>zP16=o?chP~^Po%pM#BnpdIJ
z3y;V9dLSq4XaQPY)~vDBUjYe5P(bt#>aoDd^y8O5EAiL6jzD&Wn|5bR+sU$X4K#_P
z;@6vCs{$xEK|vu|I}jacqx=kkc@L;}0JD+aCWcNs(^qc#d@L;J3!PLiii}N6vKk!*
zD)_U$Q;9A!pO6^?uP?b?Df2eSYaAz*=cP3Kb$(INz$cVEgj_^|I;H_Rc>kCUDW+Y)
znuoguA%(MkXvSR4dU-Fz>ZaPSjbS64!Rv8SBib?{jq>H!lbD2qt~;Ie``mTXnoyj0
z+}3OkDvR4@M=l&!PL8rqD~F$dsD8PxR1K1{(=yv8^tiB7Z@(0x{G+_oDZD+3z;<*7
zFWq0CqN?tGD|i~q$B+z#u?bfgdL5d%o^kR<KN>&%*b@6_Wx1?2{tcwfpXPEYsHkx%
z3v|{Bv%v1!7cJXS-{*#uSu{!w&YFXb)CF#qvIJg_Q-96rJ(u~Ysb#%FC6+r-H&4Jt
z)NQN~%7!$(vXMM~5LxJ}y{fA$)AN5Altw=~f9Dq-J`8q7Kxk)+?duG-ovsdMp))@s
zx9{r6%eSWr4~>kVnw-bS$6OvSzo+on`+VTIMM_qc&)g5J-z}}JBi!))U>gXCh+_Fe
z@MZ}Tgu^Vk573e|QA8?ZvXEFq5-|t*HtZ}mK~80BYYS`;J~Dnm017HYzgBKzJMPS6
zzIp<)AN=(M%iEv^oy<8}kzsjQQhxPGMm#3RHL!-WLv~DI$hTe9%C9>otC;tI*#2!v
z+g2yHj5MNt*w5IY8T2%dqVy&dTaoF@?BtUlgtdA7=1CT^B88tqb)=%ci3{|b-GG{+
z;%UE?@`RSuFtl|dA(8}R)4Id0PsaK#SUM74H1)>ta6I90T`Nzpi@r79jGfwun`}sJ
zX7RWgZnF*A5|C?pC^(CZk2cniiVu<&@)GZPVYf=iI$hO!#Z(?bi+>;^qBTGzIBe`f
z2fuzO_5oQ;5t~9-f7gM>W#mWO;_zd^jS=sm%#YUhR8b1$%xbJNQD2q7dY+KbZ2tK(
z$jJ+fitzF9;%@>!lA=`_or)j;C(6?$soCuwk<4M0;nZ1tJc{JmB#ZEb*`x}$4up{)
zyGy@q1v*L$(7q9hOun2fH-pI5#^(B<Y6PYTIb5SH8~(zu!+zX{0AhhBL*sRtq~7@U
zh|X)Cn}8mZ<Y0-9)GsK)n&p{1i@H|5;w$%ZCz>jg=O+Wj=B6m8nq0K@MZ=(R6i?f-
zsh~Lz?3@sqqU9Z&&yL6>Yf!dgrgYugnch-;!q9Z%r^bh&F*!hYpk}9IAoTvDWJt<o
z8<R?32;srV)R^&mcPm^J`>0)4c2S5wq08CQowPj_gN1silY$u|$sZ!BA)s?DD%(U{
z?d=dDYIDb$e1iTAokE@6%Leo`?cVyq4!!ZWiR)4lkNCnNo>IZfH{|m3&>LT9wF&1H
zn;S8IL%D&>f2em@3ImhLOw<+WspK<oyW_eL%W7=A3&NoMz}9;vjwIvB1g|ENInY!e
zR2{|1va%uk?#IdTYm4v_f*<X`Rr9MSb~Jp8B_f^gCjnA&4n&WS4uXXvpN_V+x@WrK
z=4ShUkf&z>6BdVoKFOamR@^`y%n{&nAN^X6l&g-Uhd$7IMvaNufO{u()}7i)&kf|^
z?O&}?e8(td+qqC1TmZDAS4qgN)$r|9+91IR@6F#0t5$rR5pc(gN*+Mq?VS<Qw<dbo
z<cH-kUI`a~y^Lka?kt*3Lshn@=PdDu;;n#MfeB8Ww&}(}gtS+BSn_?@cC^oedsbwu
zDWRWW`y93-WIQGoTgM#Bq0q8*mEVsyI#f5>T`VL;uVF7D@Kk)zBEZ~@36hrmUewsz
z(-OHHLULXbc~dh;`h?U+C5#Z&kQOtXy}J91{6YVX{H1@9U-jR}FG=<f^3$qAKzws9
z#}nC-oeNkP)~^3rbbtPBpOOqCX^uEi!dQU^ki`6Tr4y6f73C^f6}hD(md*(=FtSQY
z!sLKMSxIqmXcX|W$3Oy`mz>s1oq`Gq=u;zoeLv#jO!SpZOejg;q2B>5_Qqkp;Z58G
zjJIM^3D|yYZfPOPVOUePwLJl*UuaY?%U;OCV0W`~>y<|NF7QZQS<$WCL_VqT78q6`
z!o>6ohnE|t4}b()n4pF}L&Wd)8tFO9LPo|crslE&<^cj<eRg_2q2R+T8xPweoz#OW
zuzr=@ro{Q?h!YAK(4;ue+^PQzIB?{~NcgU-@HUc@J26qmzZcqx)fq`<m|mD;xCPSp
z)$GwPNGjb!8DTy4=<l|iNMOatYHrFk%WEz>kP2o$lo8RE7z%g^uXwU6?12-R{_a7g
z3+?GOUAp#`&Z1W1Z%B3vu?6X;oeiyU530<nVA`vn$pVex7eSHz{%s)zpYQmlD;~%7
zFBAXX;b!b|(Pt-L%Gpn#J_c&bv-DKW&-VEocW;`~zwz->{UoB-)6?_m7cRMi){iX9
zW^pD^Gg&U>0ocmk{KwD`3cV`{7Aq3)K0m)CcsL#SY$+?UH=m-OX%q%*&|Nk5)9YeP
zsO)4wZD|udK6)5%9@~w_lZ&hUid6mKUfkZg+}^q9{CGT()me@rB0BPYXq6-RiU{&w
zBOM)`kJiby8}v&CYe@tXUAjvuVD0cYoTEi$0ahcVq$GF3;q-S!LNGDDx$RcvkOFYo
z)H6uF1UWDqbs+S!!+ATk0n!zndb(I7nx5SVFJulWDXC~SNhTc-^WrY99UK$`BQ8qH
zfEJ&p;tY?EZ32nSVnhAcVqVVI%5IBR>lp5QoO#(aS$~F4%D+S>?>pI9k3c{lUBNe}
zYWYkKQyLc>ox#kOOgev{PuFvFD`{!d3io00z%TdCl3dBbhs9ER8>1`2ZGZ#ACVBPU
zZ&07=MO6Qx?W$^Sk@HN^(b<P|A=s2eRpU+ETB#n9-~C8BXZ@e;B#TZk?ii$v<IE^H
z)DmXQA@6<y_ZgW=Jzd@OoSZJJ_N`b(o#7T$ZeSrq4+0=5NnkRhUaH+plizf)M0Ter
zpZ~UR(>*kY6-Uv*(#^qACLDEoUitO-`(yN$^&OLw6fqF417y}5sc&u{HA~77&AyI>
zC_lUDv~YI~dWstV>TJR~BNZIUO8?f(w48WgD6Gc9%+k!%vQ$xJ!O+ru=fvjyuB3_a
zmlq#WDTP0L82v=nGVke|!3vLdB6{x-O0Pa8{>2bNvsSPPPsJECkCV;o7t4~mRxdH>
z$tPXRNS=9PEVLS)uG%eg>IbDHfGS9Z_=4Kme^g59mGyV9XgXY;hw0=^R*;P7>FGwD
z1j$PiT}Pf`BHQ=D7X4^EVCq)6=Rsl4zs6ns8}ma1h$}{6+}*i+F6`eoKd#KF$Y`i&
zQ4rV5YHt43JIaWoO%>GwJ^F6t!gtO?ZiJUn@z5-I86LIKMfI>;BlGL`aN6KyWFIMY
z4XrUb)xKCj^imYU`mE5Oef(MziV>F(g^AbcG9|9yk_{HNix=tt%{_g^4aZkk^@hVR
z$n<U0L4rPW7Ndttzo8=ZoTVZL;|75A?av?hKUp<37ocxJe8EU6zx&?dVKbmR02>OB
zym>PK^Py+2s#s84-rwE*fhz!PLnkID$Mkh|<y2KE8)sRKmX!XU&Y8%%57<T1fx0Ou
z9)Om2het=xtuknV4_;4Kmzk+);74F<MIkLc1nhQz$vJ5L@Z8A*1x35jNm^XIpt2JE
zJ=h=g%KKB4kwNlA!Y?ow{Z)~g3LM7JOOfK!#kYMu+vKlb9*E#Q+~0$OBrxe8d50R4
znu<bkdU4@sXGa>5?cMr}{9*r%{AGWUU*+G(FE{-U@}uQJKsX&QfzCmpmpVgVeAYni
zO$j^6q_e5uZ(3gk1G4>|<|a9hOsRpvLAUdru^3v_;^N{qBVf^z&jXyPp1BY$z_j1X
zJ(gah7WBOW#bIA5P)z|FkQtODBzjWsOcJxzBYkn1t!V%o1-6T>eV(=8DhLC31wAt(
zaM^qu2nY$mwhR&?VrsCwrly6VAtn~qx6h@;#mJN9A3t^i69`a8K_PhUx&H3P7u`Wq
zNr^mUh*kgZ4MAD5Fjhwl-i@exNORa6PfxEBjUWOSM1UcilbMqf6B!B2<1CDg{drJo
zXy7q7i9UZ|so?MuL^ljT#5@o$-RTDR%-lRHJEm*v|E}?cH3us_Y}a|u{8D41o9)L=
zZt~a_0pKACX3B(lFLyg5uoVi{_fn8|4E{(uirr$h*nlN$<lw*-4_~tc#$nW_1<=}A
z=H8KQN#_6?td$|-+?@3I#}(Gyl@H5|6Md0@mmAxy-kzuH<117iY7hAlWXpX`Y5HHj
zy#DAL8Krqah_MV4QkG7CX$IvlJg~1ln1FVc`*(|L5UxCdjg^m^lJ)@v!wq|<-M138
zY@Aco?9=&0G;_1Fzq!Mo=Mojw>+*!^pG-XizlXkDm4@xBSj{$tlhO1iwO${jiH84_
zqX5?i4&656@yN`DUouX>q67?{J+}+!?2e1`6&6;MQuLq444F&Sxr)^~6HSwwhov_*
zPu4#z9Oa0e85l+7NJ#)Y9^jwj<=G>zW9{r{q^31QSi7Pszo_-KK5e&A_kY(j^ZgtX
zxn3tu%-(?By$J7lHo$&+1C#2rdn_!CM@YEocz@j&MF}hxeSM&4kE3fj5Z=QICH&p?
z)93I7yMFF`VArpb)f#-u<I!pG><tVJfH2(DtXN)QM(lro>ErXVy{OS~602nB;*H|=
zuK-YcNPX`)H8w?FSeDIB{r6*GUnm$OSrnJiFwzp?5tzORn^GQs694-QQeA`FG^*R0
z-_lTDfjvGpHM2A~LtbcRZf0s;y3V>AoQ4e>;3sp)@OQsaPKqRz&$HVjm5r0vz%aix
zvpW6O3LzWOF7Gu`jdD)roSmaG?4^ab^vf7Y?4c_gXMCc)<2|?k(Tej21;5&~9<KUc
zE~PS@5QuVL)=o(TpCaK5YMie7sBYfH4B&X4x8I?lphN`RAv_xl3H!lLPEYc~-CbV5
z_k+naI@&h+2GDPF!vbZ+lT&{QK?4~FF5Uq#!9m_ObxZ=uZ-?{C_pZ0uWpx@#s<TTp
z{R2bcp~1kXFDQIV?EKr#&dkr5t*zX<D|LjZsbFiVhUKyGDVn|GLxLS&hnJVm&ioeE
zR)yA<R;K1?lamV%PX{T^HdvyyPfrVl%SA3_PFIs#jtg4b?86keQg9@p(%lp$26k{H
zcEeEQnAR-~{oImNqH-T@BpUkF-jMsXuPk01v;H36%=Bx!i+#Dk!#?@@_iy)xyX51m
z<ODROXe?#b*mqGTr&5n<*_qjIIID6C4<tl_Ws3SohB_V!+-`&Uz`J7YE@vzmsl|g1
z#hjemG-kSv-%bi>Rh0GU80o3lx9lveid(*BWe`)-57Q5hU`qu*8oh;8-W2(aLbzbk
z=$bcFYB^tLiGuvc>~lT?^>7g#r$4MKqc+pL%lN0FAcIFemapTl&5JyD0w3TLr939i
z&6v7ACofpA^?1aF6!2AY7R+`oskSxPrw^ZcHSDRTrG^P_KaFc#62Hm9VnCq}n>^x~
ztY*yB4o7LUx!gG)p_EMoY=K+cbOb*7ADYL^*1H3?kE!Z>{TYvasuyV=M0kPZUf-?x
z<tJ;yFW;jc3VLdmyoHVof_5Z)1ZHDz(TfnWWQlm?l;ug|tDlko$A2S#`CsH${x|Zg
zg#3g2u)Pov6Q4fRH&xplCQfFFge8K&Jx<4i-R+tZG~v-U4fM1(cxh%PmOg##c{MMM
zKYcuFP&IG7-41=XvH*Q|H3J%=?mqo!+pVoVZ#9TGEPc4UJpYX>{dhdFgJ*;TeNlF}
z#K!@~c=cz`l!!u0MAs_%%lPT6o)~qfV?V3<6giXSrA5s{lk}sIo7YJ-LQ)wflm~Z@
z?zJ3^<eSts!FaMf{j4|g9SqU2v25%UO0hW3)pZlov5eYWSIy4Ld@dVrcz-&NSUJ5=
zb<eKot9|fmG&ZO*Sk~4+^G2%D>jc->PbiV<`ln6%W{)Ammnnnc{Cln!)<v0~EY9n|
zbEmj$RG}&sj&Yk5Nx#}HxQX6=Nf)Ap*0|p-n64X{7s0PtJ{@8Sy>q<#+R!nDgN<Fy
zHmMwo<yc+AHl^xT^|>#}x@F9$nWMwy>S*^j2OLWM)<YNmhSe1cruW^L=XNbw0P5y8
z&Vs4gD=C^WQ#CX`Vjc(J63Pwisi>*@dU{NNyB_Ep;VU(7#qr`6cgcPGkj0?ABx#5<
zao^6ql>DtGL+`+6bIZ@o+Ok7o*lO8=4~y3G>Kb%3X<|HcWjf-rbJco_DdG4-cApnS
z2V8#gQ_`lar_6KCTXWR0O}fq7`j*r$Y2Nk9mvT-oK3r0W-(D<L=L9s?S=ZKZEH%1@
zSRx`Jq}!G~fURRM3Y1GHP;QMo81eKh`<1Sm_ReF2@ru`lqh)f6z?r)veR^Tn^w1i1
zPQ8-lH%GC~fP&aQwQB96sYPKKkJH8qra7%|<5ocH5}&p6+|cC7qjTNu?p`CWC5(qI
zPO#eWk%|VA`Q-Tds9;7+o&Y`u7QkZ*wGk1F54m|1y7ZjZY?<guk%<H^yas-kWfcuD
zukzMf-yF%fj>I(CH`X-Q6ihpMP{>lyhp{^!FO-%=Y5$Jz5B+wN5VAF*b~aQ<{OE)e
zRa!tZAST(6_#;$wVW%=J)h8&G+g-E7?$B890F##i-_5fn)ERTj#6(Nl+^p2Hd1+Km
zHQ`4rJPT-5wP|QXPSGj1Omhd{?O#Xnwi6R;qk7o_>ceTNR!J#UhSA7y1@m07Mq?sJ
z9Z_w!haW$!RJXNCS%>0=0Pj9-W-Wjz7dy+EAQu;_;xY;8@Ycv5bl&j?U3BUN%sO;9
zurk)#$HEoI$BTAN4r7m*DLF!X3+d25FV9Y{kLGJ%Tnt4%ZEYKGZTlpLy+<c`niQ^F
zYFy^%ozhT~SN|S&a}g{Yf<q7S`_owi9>#S9Bqygz-KBAJ1Z@45253k~dnSSC)QkO&
znP63MdAZT|Yjhkg{c=>PPMz`7;{!z$Fi0!_%?CiLMMKjM>f|F!&AtK1KnM{Ge}R8~
zsiDfMu=lyY%*dqac8?ZRVX6#lKdh}*MnW;gKGF_^IS{REe|u?AI-!Wr<J~Of4f;W_
z?-fcbX<HX=MnlCTXH>CV)L@M-x5Z*Xo-)g4WbqS<8<eP5*sL~z@Z@$|>0S#Jx}uj3
zmQTn&Swz%dKlAFSx~EGdlSagxhQ3qHRA`$mE0jg-TS2@c%nMY+KdUq;lDBNr90RxM
zzNW-@2eLPJu66H|Sk!WCyvYh_LNyCZ>4fL~d3I$T%svFX`E_k;V0-hMGGeu)C!9#L
z+VpV<|ANXmHEyAjigSA}H*CMDdBL1UG6CL65MRmY^Nzm+l~96)kMF%m#O?VdJ#vx4
z!f+wQTkTXf+jl&#G-F~n%GA!-<#B~{T?x7>lfD_#O+OsZ9Wth-a2xQvl#4Mi(0WVH
zT9)12{c*vnRYsDTj3)yE%3`5BHY~TIzDVNc<_WY{ZPa~KZNr=T>2M;*VLI8r+4XJO
zG^m3nXTW4i<*Ic*zl0%+*k9MA{-f*Kt3<uF!DusuSB-B}ykd=!zEVJAPF<?p4JDP(
z-`vz&H$65q%G5t2fA)VPf5l(qSNb>dYrg*n`PTy>AdD}@jU;gfn&euoBZf4rTbMl#
z;(rC8z(Yef3=LBaqEAD}#?ou~z0flz&A0mDBzlS_0|-~M)VpQdh5hP{#YnA8`yXyL
zg0fm4hRPHp*LUvMZmKYPppgyU@j3k5ej9KG$OEYs?9B9U1w0Ux6O&)xjY~4>w_#9*
zU!6{@K2nAgBcQ(QL^eg$9HlhyMn3&ruHbNOcrB-?VK?3&;gI{mAY6*rooXOggVN2<
zjD?!Xa_4*dE1n0WWt>Iyr`F3oS}v584@qJ8)9%;pcSS1nzX~?-%}0`X9y^dmOpJ2D
z1MdEKvn`Xx6Rx6FDnA@Zp!O;=JPd!TMB{GgP=oVlf99CfZFzRnr{crqM>~@xReLpD
zeVKbfst=M)x`R9N20fvONH15;3z9~E*DN{Bx`cJF3HUBK+1t+48Xd;jn;=!a^Emjk
zU)CIaq2H~Hl@p(U9JCqf?ldbRFW^MEk;>!2PL^;l=)VBRx)I#0JJ5M+fE-0Bi^uP_
z6VIFl>Rnpu$&BfbC+s7ZR>iE?+l^ew4D{5WKNn+3?QQRKTg;RLjTfL-sNARm@)I#}
z+3($GiOp<r6;@*@+0d7qtY+#G_jzgIugZgXU+K#)88n(-Ow$H&05#M3@3cpU%VOLO
zO|JD*BgxC-`4ngRsLBGROtHu-`Xr8@T)Z3GMuJqI90jyFqA{`1Dh*ErRpTV9VJaes
z_{&XKn}RU9*IU8bt=;hDM^Xq`uWY}sD$Qc@gF7E8;Y_3BfC#FuN|qfG%K5_sXu8?=
zN3S!}^ZwVsaqAUBA1~6E%fTS)7PXkyI4?z$dA^3uJ0C8Hy#E7Ly1lmXr}h2Q4d#BI
zOdJCXTIRC5t0m%T)mW7HkMoDqxYl?kkK&F=v)#yV_S=JNOP$xR?>R}|nRW%|$b{nz
z7%rKp?cCJ0-n`_A!h9Wa8W^rZrz5d|kA6_+Hmm<FDe9c~BpTa?(r*V0wBJ`+=`Oq)
zd_Gq^hXtRG!HLJUdW;^F-}v&7B#;=hEsm_@!&FcU@bjszkM&psvE?oo?3;2#Oo6{5
z#h`+;Q(e@9otKSRx-jMrmrZytSoga^wxX6QU5d{@JGa?ruoKpNKQ39+sts9Ko@&|=
zt%fU8QbO6K6@IXF(Dtn=iZ2Q2z9ZWLx7q!)ue^E!2GgLcZ3LD7i|6$4p$C7eAC*fA
zqL^U~XR*%NzRttviTodQk_8oB!p7_Q+YBixH4c5GB_et#9I1V675Q0N%|LHi(z91;
zOir)Evpkp$W-_;%X=_B>UHn*@56R4YKi0tIQ3d2zuekINI=U}>+a0D$)uadFcWi2r
zr>kab+_%F^X4<spwcg*&jzDngSVKQ{aZqCoUr%^HxN;?0B5!}gd&BD$-W&DBY>4xt
zb5cE<%Xyw5;to|N#UMfwE~gc;Oc<=kWdb|<aQJ1=$ylhX%@a}dwi8tSP!fm5d;_<D
z-TY~Vfk@BCZvyr<3@_2wGBHcTKYFc{)a4P4=$m$MqhmmZZVx9Lvil?BN^P6Sqy-|Q
zVjG7-Wf#3(sx3(htcyX!p(5^$Y{6%iz|e#5SV_Czpp;T9ad;?uy7he1oibkn`KS%L
zqIG^0KqiQtA4%n|2knm!2tHq4Tz=SoxU=N6R+ohz`cyn=m6Rd`=ZS1Jx^l3KG3fIM
zY&glf`R%^EPw(7S<jlykXs(+BQ4uIsmD7#(-?GyVO3`>Fwi$E=u6|-<YB4(VKXWoE
zkCINBnmw2kKy7rgh$3<3ulqd@-TQLSPZQw>viciIU8H$YsMok?$cOrV@d-0=JxUsx
zW9SCnNoVz)KLdG}ohBw#5GmerS5_tx02NbQoGSejmEX5-1xhsW4nv9TXWQ;EHr#`Q
z*}DY@Ow=BJiyl07FoB5T+%sv<Ec)L)!P>5e%A|-=DYor@^q!GF|G$yH@-Ol${u}xA
z&i+AuyE@P-AmIPu>nx(;TC*^U1b26L_uvw|aCdhL?he5%xI0B~2=4Aha0|g9xVuBw
zdu#QeCq1i4)u`^i_n!ZJ`xDbqMA6){4Ch-Qa_XAmzQRCu8i}(7*9wXgM}_Yy5-rt*
zBVM_e$=|F0P#BpswJT0Kn(yhW(4}eH2bXg`?VqI0&`7_73f|!rWx`<MA1(NB<!|MQ
z@}v>me`N`$+_`)7aGMUa*%~Y4eJo}?PJoLln(P)`ac^!b%riN>#n~0slv-WtRl!nQ
z>Ns%sDT5^6DG6yv@&&RlkuXDI)MOTy{n9T22l^MzfM>j${Q!Q4!>uiH<0SIIN`=Xl
ztDTd&UO84<uk(fFDlHXJkK<GrHF<{GeQerrve}<<wAB<6B32kGA~XyMIwWy~LXYP3
z$-l?XPZ>P@XI6tY>H|)I2)pVjyTczx&|8H#MPp>|m#&^#0?#VYXAN362a_}aY-F1I
zyy(-lp1mrz1BE=hZtp9oB>4u#!AKOCTX<NTIyJs|%s$<Av!k~9l6uYLJq~l4$Kw&8
z1Er+0B;@|j;1EcW>ZkO{6ZyC&%KPBaO&{x-`!oIhU)cx^Ax=M%#qUu`>99YUl$40q
zqkwZ)R!x>S(x1J4|D<q0hma?HS?GQ-mj9HZrJY{y{&2owSI%U7x#+-^f@$3S3@Q+d
zOQB2n$y4~&5A7F;LL?`do#QqPvKzSnst-?IpBR6#tW@7(X57#?hkDu=z9q|eWuWsI
zzij-CCyKP5^<+Hd5|4P(u<kP#gG?L>?XVuZ6YR6=l*1)t7pN=yc}d?XG+wafYse^*
zf>b7!5d>GL?XqjFzrZyX!WwNtnZ($$a?tCy_(@bwR3XQ)nf@v*))(JB*9NqH;2}bP
zz-P<r?8Peh-tQ#*pWYM;?)kA>ocp_;l4DW&V=jHgjRz*cE9&S?6p9eV2&ls`^~`*D
z_a7O4t>Alih?@&ltQd4s3Z|<6)v$)M$@YLxqm|M@Dmz3TB(YF90+bwC&@Dxe#5sH5
z>+f9|G(&*AkjFJWsy&Y_<t&o#R4zxns>thQz-6R2&Jgaq><%(3hLJc3TN3J>j42dg
zU#U=tvV_!9ZP3#93rKCSwfeih1dVJ1%^i*O6=M~$%!FbK?FBWW^JD?awO-BhQ(r1Y
zD>gK4qWnx+F8%~fh&et{+o0!K=jzn+x8Lc?+OXw~k|o11j!Fl~n8mfN+#4_Fj*1@b
zCTeWT>xUfX{s95t^{bsdGME~zlhe~RrWCU*g`ao6gL{XUvnA3y>XK=}+i(}XqXH)J
zYS^<n@i3TOUqacsE?>v7WGW&7s#ah<`#7L})3ZrD=qD`e>He`ST^Q~b3qQGILd7@e
zN0=2#VqULvW==u1vLq^L^n{+5bHU7xj7ZYobjYwzfY?hu>4$rFYiag@@EdD})8=NM
z^M~HZyFO=6IE`^xdFsEktT<M`<izdb9tY7Lu3~4<gZ$wFZPN<M-7NM(FgnaAEml5d
zwUNeN4%|#DXY+-m@~ag?VC8$W2!6Aq2p#@jnCWJ%oD9s!iHXV%CO;$+7{RJyj614`
zHV)*M`RnqCjVsRW!B0#4Xf|}UJCfXlN%7N{z!p#<69BG!AE7ygOf<z+A&rgTn7KYq
z!_LIcLvRWNcOV2@J!wScu&*MMG!^g%WGj{MIeGc^ht}!Pq+i`ss0Tj98cWJV@Coue
zgHF|w&A?{&=zO;BN2o$LSn(cw3IIL**T8c`zsl69(}h-&xsO032J`eo*j+A4dO7@W
zj=y3pJ_&wlrHVw2Bjb%&@L2j~Ygz;uC#7)xd{S3*+|%7T3ulrgY){*Uf+xB%nEs)I
zq3lIO1dNpDU(t4JP|IL`p8Ex47D-ny(4!UA9y;wOE9OyanV7`@I{Y3nz6e@f`U8Jz
zE+kNM&Gz7g#nkh5(E1bIp`l>_J^($yG(C~TQI>9I{!D+FWwDQuR*`rb*L-6o>!|Jb
zPB@b3S=XAvB}LzK&Lw{6prWLbz(3@#{{Q4}{FnS{|4V-Bvj37F1`7hhb}p=Qa|8ME
zW`O-K-;-O-pZIoSfu9$#)1vZ9T?!&dP(veOyT&Y>DVWl}K8Fwllwu={W79_Mt_1hc
z^=4IdUDtF_R>zRIJG`e{qHI_S^x)w{?+UXKN9s8LQB4c(53#1pLE{U|zUe$JtV@Eo
zqp}?iRQzxf%;^F?&rhyl3E=JOsJvYyh*|JJNiY=hXSVZ0Bv}ug|69SwyVEtvlJipo
zO<m73;xPvI0Mb9I|JrspYiOuAcyQg)VbE1EOadw%>&hyN5qH6SnWMP!vhQkVHLoZe
z-H9D2yDlR;3;Pw$_Qth#>|%=%;y^6u;^M+XM>+rWsL0$jgV`vm8(|Dae0+=j6#UX2
zW*G>6>_Qrg?<97)k)}FvU`}2#X18728+*=n9U%Rw9SF}{TKc;Pf9#dDkT={dC#S=P
zTLg2tGdVvs$E~@&q9qn^$JYDW0N$PMI05S{bN`aT*xQ4>>Sekj>oB6m{#W51_F$E^
z^1$OByOS^}T$obMJ--cF6DAET%%kl1Ru>zEhy&U_ro!{=C>hkOq@&-%@0q}xA1D~x
z{kQx!Gpn~x;Pws*8vdz4LnOtSqO`>!@Ic8yr}szkT9g+SYlCkaX~xcOaRe$sT#gtq
zng1oJQVdcYArI!VSe5BuWWKQ5z^b~kKUBOCUl8of2#P5&rIG)qrhYF;r}Ayn8B$SS
z^dMqEN8}?Tu%}eV$0Vp>QL=U_^F6#%DZBt2;)>^IHJ<u09g+lzj!Q-w!WShTUEK#4
zB+7;fnOj=X6Qh8>vDsmX<p$JkCmv6^AGo6rx*dazvpCDHi@v`KAh-Vu&(I4C=xeR6
zs$lDR+!1FO$yCeCI6K=T#XgirRU-OjemP1u2wbyobR!B74>uV*H(W(v8S^jwh+We7
zB|s+ZAN(ok@F&G73>T$uh_H*lF&P>e+n@|t;Lp(|SOGul8FFw*)}pBCc0vLkq#ACd
zLP&YAc-CuSTQzlod$JA(4gb5|ecIj0QZVwNG(Ba0I+jE5;?PZ^xnXlOb!Zd3IYjLj
zB1!_!(ZxN?oB>>$1;^^X`jW`LzEXMI7~V?d_5P1=NwYcquU~oV%7D~w_pQCN_Bi_w
zKzz(jg(WnwP=Yo!{>AQ`c)&0hW1>LVP2f>N4>6)zuibxkz(>%_As!j6!+U#eq2hE(
z;Igv12|ZG;!Gc1_Cg_S-Ye>t=@<*Pi*Pq-JD0r32y1+YmVuGbk6EDxj%02Snw{W*M
z>YfOWEiC{7$4)dN-~F1~^mb+2VwU<SJMy7gjeB=;lENXM#ih)9Pd+)c&*tq>fkZ{y
zSz`aUIv`y>Utri!n1<QkG389`%o}j*Jt<SR{TImcr_dDGzrdPLI-SLJGRbRf&3BCo
z6_|wS`fD5nks$KA^)|QD)%IJqI-xBC5S@!17it}1^V}OyWjVeBGX#BP8x8KL(LY(L
z4%|}?vRLA~6UmCoA_PG^f)nsMJh`X}3^=UJ@Jb;QDP}2V=*THIF%J_EZQ|R=A`p&p
z;qzERdaquX7;r7?4(+}?--d=3pZfjOFyLzS+IOaEh^_}~uQ3Xck&rJVaK{NDe$|_g
z^6{@=(IAfHu?G?hAz9Q57S0q)-N5_>Ps$)OhipA~=AL<ZHB$CMQY@PLzzc9Z)lx_M
z4vZ}1)dNDT{08j$@?KwKUCAs;u9D8a)<6_C4px9-8b%@r`@zO5erf}7voS5S2YAyh
zHHaF>nCAKs0u4_1QRom7EIkcljEp00$#s79?Bk;up6f)LV+#EQ=O?(M;2<sZ43Bs@
zY+uN=5c@qIYE>0K4dU!|?U$Uoi)tY1d5iT!?avu8DE`;0u62T=H(N(q)@o-rGwhjs
z$%vIjt+ZJRTWlm8EF9@i;tO!i^;6)vP#c~M`SRekDzu5H%j-{UjSQlIu7Ais@c+r*
z^e_2U|Cjt<_5VwLc@+o<6nY6_Sw~CfW%M7(^HO1O(f(wKMQ)+`-CEH(V$Q5n8NcZJ
z7l$5g1~i&MX&4AC<Lj611`wm7;0b%6Bn^|YpYM{rW}K`A6g2IS6b#JsmLM}~r?Nbw
zROMI_XJcWI0DoJMlbsrIE7tvdT4ZMgPE-u?7iDu*)+ulBV|RLL-1PJ^SP7Gn-c(fD
zsWeF`*8dxtF{z6yNdoTPRq!i2SJ?1&D#TXkI>8SWrj(NP_IYpK{w~RER6GdQTU7=F
zRwF*9je`-%$iWwqGnR=AmJQ0ii#s!(p9)cE_cA`%!H5J&iPG%kGUsNUs*kQsx7BFE
zoBk&#L88j3bjA>aBy5Hzdy8^-pTnQ#_8;p97g8RzJ@#g&Ew*$PW@k4RRG>4>W!w1)
zCUB>*6c_{6FbPd;4~D9&r*pghI*Z)9ewvYNiZG=zKtV$2lb{d`<t9cnGVzKM=U{}0
z;UtZzYEVR|SJlDJvAM^1U7s%;W{g56h;_XB;)}kCzQcz6MTI3<Bq98Xzf74FT3AC4
z4+F%BZYAL!|9yt5pN?M6TN<C%09LR+pW@49|8_CS*-_TWr#XD;zJasR?<5WD-AJFr
z;Qp-U35Lhd@|RE#N#$gvw&7U|xjU1sd^$WnG3Rr4cCwS}^2Qg}o;8tAta}`Yf!gYu
zD?(^=b90e2&5e>%iE17|np4NToJ4&328S!xb#9H}%%Rbpoum*`quL&$le#J|k4VgB
z=<eEtSEjrkmfvu<VQ24Hje>MfWe6IV15eF3`+*K-7Lv}g%j&x6c+?mpV%a8M_t^GP
zFu1sX;m7XM$$1q+*C5EQ-c`j|_xnFXj_pjU@?=(MLwl7ek;1(FmP}09A~PGfJd`PQ
z=h2tv)r5)f5QuSTy3?D&;Vo+<u)RvZ01UHYWlrXZet^?hjA?Quv*1<ll|O$Hz(r!W
zm4@$3`29diZ+qKH3P`$aoJ~kh?jouq<>iB~w6%!#;3GfB^iBS3b*o!Eujshw^c_3!
zjJ9k?-RNqP<zeUARkU=6N*OooefU79i6f|HnI2E&+eSI?0QafNgptERcTrBZKz_hy
zxb@uf8k+1#qJLjNAXT)lDv5T{a(jmep;kOfA*Ma{0v1Lt%DQGp9kB@ZP2Eb8aiv+{
zsXn>A^a<MPO1LJIhbl%nww=+@sl2L?IW<+p?Q0_LPo?*!w4+9B*9pX{Z4Q*bAkG^}
z__D!L;2oB@S6H8d1B%Qn!ZFWy0BAE92UMUYUogw*;`3HzA<K|9chEoy1&jRqbw+dJ
zS?{KG24(Kg65<QSO);6L;(KBzX(rT3Zr<sU;`>6S#;H=)Epw?_b-ND?Gt1vBAz0k;
z3&6<<V^6Qw>a}o%0}HLZ;K9Oa93@1$v8Oy5{$6_NwP=Ed-TRuMzv3im^g2dbambUr
z>nxY&Fb%Ve7-T?pQjwnPxZcFy2?z1`hP&eEOT1IXbKrBw>mrAP--V-Knw4ONqI|>O
z)wAX8TNiT~EV~#4ElqszAel-5W*&R`<j}y~tVKB+z+!p#cV$t$aKHU0s@aa&@TX+2
zcIjpvrX)ppw3=f*?$p%aVl5~*yRgyd53w-0#;+5kGESNw+uV9qSNW-ieZJuH3`B0O
zplLP-G4ii?1G4n%B(6-I61Bm3j&BATy(V;y8D5o=_+{;6jm<iT48jXMxCc38$3_!9
za{OFW6>Ay_u69;xMW07?8?CzTmh_GNIlkVX@>5C25#QbyLKsh{j}X!l{k^!_L7K*x
zEfS5M<9aH?x$iC~Cwj&b_f6;*GIa`H22D`Am0o_b!<O@r>;OD_wdQMtSkKkT1|_d7
z{aMh7#2YnA0LjW{@_LQr>T)?YEr@um2gW7d<34<K{q45V%;d9NYnH2QxM+Pn6nfX<
zq3dKOZeZuS7Grr+rlUVz$5YVbEB+7pNB%$goBt)h%Kwtz4eh_=ul^2hgCFe3MvR+W
z*>*QG7`jW3V6p{F-IsBy?SkL!smH+Mvdk<ENts03FGfrEU%{~my<Xeh4wRGSM{lAb
zuRkjOiM`u9FrDD&bAmqa%d__RN0Mt*O-)I6{N+~GEjDGhlhY=qYiG$@(ixf4)v7+6
zH`3&<648x)k-(P^1=I7*&ECzx8(#~_-yiR<2Z-7-;jsY<?zeA#UIiVFqSEX+tF6zC
z`h+H{B+B~J*4O5e4IALMVc*?dv!J^PV*vx9GF5@_$nf=#^MWy7)oZ7qx2k&jX$?L9
zhpE<}w~2?R<%UWoMeuQ8dhLb<;=_p@lfY&Q?p}KGpj^-xx#+V^lH@Z{&=H4K&ufNO
zIPf#C9w8x--SJ6fLB~S!gf^b0X3B*2vX=JJLhAB@#%t%8Xdvs}kj7oJCNwtT@{*9&
zOXZ*Jn2^@Gj6d2-!b*M`z6%|1ox1SyF?i&QnwEP%2F9Yud6(t2Ig`QhWydv}>e|oa
zlkd7i)hv`srO_H06Kb=OnRR-kL17E8ZL2TGH(9Un6}6mcIWcBt0|tg{mO#36d^dgl
z9E+2H=Z>t>O3=cL$~Rd=?HocP`xBzdVVV_4MQQVVlew^ku;S!o%946Aj`TDf!dRr3
znEVE8yaPPEAI9=1vYNR_h6m`*DhE|_&y~$Rpx$qf!UpNe9)Za=FSvP9Maow}LbGr}
zi9N@6kc>x%b-rz`5SaAx+PXwrxFmR4*~!^L!NzuSavBbjDnMhs<KRDK)O29w!DFN!
z3b5WMs!+C|?J+Yo6|z}b9uOaeG7r<<4#%|qEp_fHq+Cc`gS5yl;Aal&SlVa99Xs5B
z#2lG&5PEg;g(gAhUnN-j{`KJ*%^7{}`3KLsp6|XuFA}IpOPCVxFh=2l)O^{tIWBP$
z^b^vgofEv0o9H?3Fb3wKv+emFi{MF8386unEBFi^<O~fdQwjRmZ|`%VCvP+#bKXpg
zMso2Pa+ppOa!9JW#C|x75K<>4b2^AT=_t&swgIGe)n_vPemKqHV?2SvQtKIqVUG`q
z5b@M%x{QZ=>H%B9L*434`=KJTm=8uYZC<nT#VHd44~a4Wn=*V049o8-Z{I-d-4qI}
zkw*b$UE(R<{ENGVsDyv<9`i>C_k^9S4|+gjf1?+2?`)U0kK$~jdpyEop+2H;QNHDo
zB(gce*k;XaDz9#<F5Vdhv{w`tm%Sc3`pK43{{Vq1k9~Wq@LD7My+KahApMGKPxX72
zO30Y+%;}c83%Hh+XsQ!tthd+|aH8RVmKFC-egrnr+x)ollO2j@G}Z<k*UHt1?$}YN
zDYg>%;RWe-D5V9ms@AjHcKq`Dp16?8oypBUz{~Pg>`Xmb9SajHU{DBd?zfPnSeRG!
z5U>K;wje#3G>~6|<d9O;qA&->kP=ZbxGLp6RHl%Xd~TI(Z9;T_iG2>QsE;8{#FUg<
z<%xgRh=@M=d|Z-Lb#)P;_$b-vh5P&BjUC$=G%02cb*(~tNfi1mMO2kLvWFWQ*3Pq-
zxS@qhfZ43RtafR;at55GZJQDdvZ<q*p9Z3pu0eAMD`Aj!b8nS@s)Ht8`3wvrPatAi
zYt;a>i@G;G^_6>y)U3qXb7DTr3p$&wP-j9uVw$#gX@<D1s)~rgW|{W`Bj}t*L|AGi
zqdffa9$hpIq--g&sB*7v`wB-6$@tYv)gFpw_MY*}TU0~|D#DVGxHxH)h@`!bUF|}o
z=aM~tgq%!`6!Z~y(@nV_Ff2>To+29(FdaxAX1~tu*>Se{=%91n?GjFnZE^L7e&X3O
zo5UXb8L0!F<V>)akC8Vm8$>EE_t#w4r@f-9p{ux~xH!F}qPTKR{O^4Bl>8o;5ID#h
zX0zYg@=DqVW#rqLe{c#+vyC^R5cY2P&Cpzw2$1Fdk(te~@lQik#?$^bPc<Zw{tx-r
z{y+I!{w2Ti|B~N(@W14b0*kgC%Se?Rllcassq+bq`K~Bt$Nu><of?O%z}YngB2Gd`
zo^1MX$L`U54IU6y*(TlkapjRlJ~pAb%@RGgs(Er^x22Y-hIcu0woW6KUaQ{6BEZVX
z!Xs=6(c84Zjj7{0ciRNnOt+}0AQ#pM`_CVXoZog}53IciX;M~Jq@!C*G)zW-WxD;+
z@JW7$w9@^$t^7^}+@y?)i=B=y51L?NWMWKmb(pr`B#ft3_i@(Qg4wf`$VA-diG9D4
zWPm+uhHGH2b3TLUJl>Efq~33+#lvt|)s1KYM#H6;Gj>z*M5u&^AalHi;8VNYM9=oQ
zZ_L_F%a(qz5|&T$nQ4}pgpNt2el2n=%^$=@J|LyU-BcutLM3cUHtT|ra-ytYVadA<
zlMGK8uxHF#*DwN+&e`wn#y*rtvB<a1Zw!}dt9sNO0b+Y9dnBob>LMSjXfVQS)%mVw
zDX*xAidxX)e?=1-8qcxG%Z=NPK~OKKxfgG3Xrfy-h(;^(qns=mF&$4*@)WvcwkRXu
z75h2+m-jdwm15PLH<Sgw{~B60QYH}ojPT^{e*D`-n@-PCsR@+D#}EXvmQw#=)qRui
zxT5{c$My$_mWBDVNCGw<fxMg?<Aj`jY@8*3I6nc*c!f^}m79=6qehV~A(HCoKCBA^
zl_*0eJ6CVpPaqJap*Pw+Ji^%lVggOGfS6!^$=QRy-PbN|j_~%t+o76nX6^#84Ro2!
zDr}zMW+T0O)H^9jiq}#pYaoj6XcH7@TVe7*Y*s3rV|c;tW;QI7>kicicHYX-4VStl
zl=;!j2WDwhATB($pWUopJq^ptEK;271?`EAHL=l#Q+9{0<u)nlPxG<ym1lJ<``wS1
z!{A}jo}%TN?DEfRwcr1o_eslvv`16BAIOL7=BP0CqE%E<ngW3s>FE#0Edw|zY^Gg;
z6@2$VX<%7dZf>qo<Y6q}NK{Zz-`8dhEd`co(gHC>;P@<50vai9q#Q`?B--0(J(Zgh
z<au!VNFv}qHn^3Po@904SxJ;~+;RB$B{F?ZY9%p4IaP#xYC>3t;oKEX^=SmZ{OUW0
zcUYy3#J;zYi(GL#<ctlS6KHh9`zGX&jJ-lb406-vAy`NGLYBmmS2;4aa=t<9x~<<a
zkCG#ARf^|Eldq#d{aL_Ux||yG6k8|RL;X?G{?*LmyvVtBNl?ywwlIZ*W-gUL{oEMS
zu&^ps1x^TEa9N#^%sN`Z&w36nl`-Gr1X`0X>W}_au$u4(>8b7hOb~rar7yefMb`>a
ziU_$%Gfj#e4XUQT+Ob$>YOV%uX?Qs>R|CXK_8qXT@>K4lKzL@j#xiybnE~E;W%MWt
zz_RfYS@Zz3%H6mWDiHGd7%ZLgTh`WEB1*Zbsa1`;mvnTLHZ^gG^sJcJJX}{AH*jCZ
zj_V=Oh9|?)!wiqi%`w7rU+KjKMKszE)b7r@c|`;?d_GL`_)_P3N~=+e<oi|TaAq)R
zo^7aRiG~cNy%Nxdo2IX!VrqBYyW_fljVTpc<J2Lck?!Oh7*h{~3XRYwDEA_X13$F%
zm$|!swi$F?B)e~$R(oo*p`Jer2c#L*9uQCA$LD<zoTR*+uXlpyw_ZzEz#$uGb2UEg
z?Yc!ivPyp5s;}qDRH8vE8}Eez3x-_moXvl~G~ZH3wiy;(d9HhoSmwsRw9VHe-7YUh
zrv5%yQy~&WrCzE=WqbxP*sW!&tK*&hw(?t3WqVPrt2ivl<mTd<-`EHQ`y#-xZg76-
zjmx(3Rh=F?=kwROBlo6Oi$0^Q)X(7h!GB6PCxCb*Xk1ox3Ud6y!iF_k;Lh`bfdDRB
zZ9Tgw!1}b`i;sblLX0dx_~KN^^Y(B&g%%ty_}cLbPQ40v-s(6QAS=M7Aa0x%tG1Ir
zbE`MrqAnB@7l*YtpgQT-JN`rdt^ZH{)_=*b^uOc}^!hLP@xvh?>PM!-3BR*9|CzQ-
zne2d>=v}jD)Y?1wi&fz@XXt(Kt(E7Ub&hCtidoav%7`QVmii0r=u~TYDAOKj<M%u#
zkp~uW&9%pdS!dwJTziX*m$%HJ*XgE^*{`2{I?9HH4P1t2gnuR{OlMw#q_bSKN_bCo
z&hXAyWmVXst8(Qlr`w4|y+@Yl^nyTFhYX`sVQ^-q!xBfe^x_owja)9M=+mWwi{`i&
zfqaM6Hvoxp>7_3#DPn#<%CCtm(oo5+j^tFy5|1{iSV-{W-}z|IzEq%b*ajikit<-1
z{Q{=1{Xq+Ph9*Rmofnooz%aW+y}3obyG8!&9qz62V?<bzEq_G>AqAD1g#<lI&WU<`
zutRoUt%H#)M*+s;UVUCP1q2ffsG*}(Y+!6@v}a<pbF#0JQ>;NnvY(vlS)ZLv%v(R*
zQR{V9-HMxTsyAvPlU33qw+y8jrlI9)Ds1DUH}qh2UG)6Gm=Ml4HhY|O{eGb3-PJaC
zvlkc!%WbrO^)eh`TzBbj+xan8V(Qk6AfqhJtZSFZm_ZoWIdyQ>-JdcoT{}Zf+@6aw
zB=%9zc>`h3sQVFg?&NiW8>D}BuJ<#RGL$kjbWZY%iiQe<Tys$rb}54FMVQgNpE5k8
zxOfICrIgf>iSFuo$AjbY-benYL`?LD^MLn{gP{Be{^{KDU%3F;DeIn#F0QqU<BP6M
z;TqcR<wchV$A+;JVjl_gH~c`~<ekiRZd#m;eKgTm2(-T~OH1!PJzy1C|Iv5I7076C
zE~O7~4Y?8x6<L}l%=}Q-RaY)M3E0;|jLIRp>P5bCuY5c_dOrc%q`DW`J0<<HeQi6I
z>Ab`qZY(Ln7BZ?l`C}XH<!|5_4L5bui>45KB|bdk$>i6dezI2_zn7P->wM=BZf4;>
z)0>q2)?5s;5t7Pu`>H01qT<T$*evYvUU=@ta&jQBqllkaNnL&Z7d1>Dpi~WP=>v;1
zz>=pT6~3Mr@nk5(I-_pi;{^t=28)|;{m-9gt>gj2%F4=re0U(RH}*$zYFwhbhUk7T
zg)ORZ8rxsmQlOoUJvi{ODkw<S*a8*-ME*!kOFNj%IoR5wXGsHYW9?CwQf&i*Wud5p
zUE;(sx71L{w_;zBGu$!0<ZsE+YuEYt^FPSjgs3Y((%9J5J6%9Z$m=7Sb5S)?(eim}
zu?mxnNn!qN7_!i1PgdyI-#rQ+W7(3v_Jfom50MlepK?k}RW`v*KBT17#Kq!?E^>wD
z@x5-E1iPF^PZPx8)SMBPDgE71+{5-9fLB8N4+zdyxR^yLmB)<87_(!No9m-#bVZ8U
zk$Y*JO2)37oIJ90G-QId1bKubVQ{J<khWiBgPl+f!}x>?<vH&$ED)*<^u*Ej*!p$9
z<}eBf;vR!Ix6g-c@dfg0#^gDp<-`nng!skE+Wc28lomPo5{}fDKAFAOWV;tDg7b(Q
zsOlShK-W<}uV}2_0w~g^Ta#mDIB7Uh@<_4r!^z1zl|*TGC?4P@*LX#gW)B{A-_&$m
zc~GnmjDZjlk}}X%RxbZ^IZsv%q;DeUgQS2Fd8X4h{g@%UOWXyF7TMs)nOzaICla+5
zNS9zWzgCEoWJ-lCU%1E@wvS41Z1-=+i$4dS^FYGh)LrzF?cBVek?xT3&}B4^%KEmR
zyd!(ob(VEn|Ey`u^Pu913fdC#cw-oVlG(w;YnZdW26^$|T_eiOEz=>~<jKlUt1f-F
zV&qRr=SR=b*%fi4X1TLEL&hSu)V6NfJZamU=PeRlrvm@v%l+GwMbZJx@xIAObTsv_
zA|*r4XlN?~E93R;-6Rw9kV*Zlswy~gIu3~X&Sv`z_5neYJ_aL{zaMUw{LD-=(A!@H
zFp}?P@ej0dZ4T$4sT&$&OpE?}d9FpZlO@x%|IEw#izg@Ym%%T)0qlRs|M&lszwKZ0
zEB-I}!<ha{ez+<Kh@S1-+=O4|&GnIJeA4gJF1d1R@kpUL7DlMCBnN{mv0nr8*X|9S
z?*`|K{Ss33K7Mb_{mSc2WqWJZI%1v3l#eYW@0az4aojipAc89_Bf(;gJSA<hxrXs<
zY#>t~wu!Zk4POQLsuRaalBGt67bA)Y4+rPKy3>H*@BlIj3XB@Km{)8QJ2~}pF+e8m
zh#nwiR@9ing&3};rY7Kgm{?SQ1xjPeU^Nu*IyV>-3VeOU2l$k_%L~S4HeCk87pPl1
z_|Ul9N17Ar>3=JJYr{N-xo8x0Zz<?J9bhXm4r@C1grK2UoC(Ml<Vkilhbcvlbn}d$
zeNGG-dY+jQ)`NYyGhh{f@LaAot|{rA2c5H*YnZ~UQuQgiWsJ}mYda#W3m$UX@Y=&M
zZE52Rc()c!ePQB4rlLZ?@*CKQq4{B=n-#snfiEo}uP|KSVDSefnlIF<D6)@vY&(q|
zm3YI+qLM5PlQ4q-h8i*E-niSdw7*BVWr_|T2B_g5I!<98uq%8;kR)k@S`3hKRrEED
z116fpnjXR!Shc+vYG|!&`Ok7tFlEzO4gsZXPR?gmI|Wg`kGQ$Iqj-K%pCJ#)$%%{K
zY}D44F(#Ux0s(=iU`6Q625uJd05h=MNgMiywYvJ`chcYooP-`!_<Yzx#6(8*y-)2E
z8AD%8VhUJzaa^>D;5Ab}P^mSM=Z^rO!Cjr-287a%-k(tsh_k<BxgsETb(*uM?ZwTd
zaHE#+^<=IFmUR~vCJvhI9U#OG5992mEncoxI#oN_R98uil&VEHsc7^aAnC2@R~R5B
zeJ}WuqE<$66vQfzVad3=Oq9u(%k?H$$Pe%aIf&<CYQm~h8;+O}o#EE$e;CS)PTt-U
zlH^6s&h~cs`_Qrfytv#B+B*nZU0E^jD)1Y#5CU9Kn5dcLtv_`7y<9xp#^hucLCNFo
zfYcv{mBK6&ohfRQ^FA7CTxsd~v9#i*U541YC0DZ<d&1a|<XJlomFA<SL>GN8aNP^t
zs<nlwJbPQqb_4xBZ7#(Z;ZC`dJF{~orN$;UiBZSM%N>&vpMs0Yv0_Wi&A})4b-%nH
zA0OK~Izoe=&ssOd3L-`$ro_~IvdIfAW?k)e&x~mB(X3ax2HLv@_=KAD{k8EtrqLJ6
zzIQY}Kv$0TyTihc_&L!qa1@A-j&2Cot$F$I{F&U>3s$zW@;A+v_X_oue1!2c^AOvk
zf}8s4r!=|}N;<tG0>`}y+Sk#Wi69fuMt!ioMdXokS7u~8KvA&%q9%qvCan^L47*!H
z9bQsY1Stzwpk`uX693CbkPA=*p~1n)IR~~r*XtBMThlVQ!!Fe4<r!*dEX<b3fD7VB
zl+(ngV`aD*@;`?Fy$JyGpD6zk-ibW@O#%D59W}JH*1LS>e<%`tcF<{YSb-z+H?cQo
zO2?+4W+8_M>FNn&n<9i{ys@5h@$Sf$GujcM5pTf71F<ld8R~dGbN$n3pLqCtyhPB`
z)<Rt!-9=CAcV$I-T=WE!^%=)py{I|#41#i3kM38h!uiuEhLYg&>IM<=oyzp7`<XWT
znbT%jG8;1I5jOK|{cLftxFOhh;CE?R_o%GbT}PVrdR{xG9x4mYLV48zLE)1Tmqer+
z-PgPXXo(6=nj9rb<4XbPawrv$e@m8%{8SsUo}NnFhgGv;zq6Khh!Rw4t8Hb4y~B!A
zPll#szL*+=qDYqC_<_GkDqA1w%n^zA)BLnZvs;T5PVx;%=LPM&*{xp0bq5{2U}%uO
z#s~xdtW{H;<gcAc(*=k}&e=Xc)iG#kYQantnH2fq1UexE$bakJrlGmnWvCB5f+_Zz
zMXP`lAj&|lnuH_vDFz}0qg?e>ko@igBN@}#fHPlag!89DV7`u?A$0{KV=W~|CO$3h
zXvtQ)1!V?b2(YWd?Z-dlXNUT~mge?<$*=Ig<d5F`FZt`h-X3$VGDN`h$j{R?(4QE%
zZ)kIz^-~#xr)%cb>$^3=$;#fPd6%G{_n@CQa*cO#%@0Z<2Pv6}*{hqY+Pa2W6QK8A
zSv3L$nW2gS&iS!9FRnjL*&5Q*vm+E=SS>kjJ?!oeg@Y~&r}~S|bDUtIp&%&F^78{$
zTSd`O-mYd#Uf_P|z}+X%9lf2`RxB;9uW!B-J}CuQji<@qek~ifpHk=TP}6*u_e^i-
z|JMFZ4=1t?9${KENpnY{O3t~Y$`n+4_aNN0xh_0cpO0~Jbk@1Pi1AC*J*$}|WS1tE
zPmQ<@iF)sv|MGK{)7sC5hU@zqd$0)0zDi$@n3&}3>@3epNGV?kq2p*c7B4R^4-pXa
z`|vLV>vuWpAIr}~uY|?Ixn@@~pjqt|I^(_HkbsNBVgVHNlUW%Lg2F@VyLpDJzy2Tv
z>Toy6v`qi*IkWLWd;9#+ik_(TYi5I|is`aFYrH%}$yGcNVdK}K5WkPO!j}f`nQohz
z=s!J2I&)=J37rD;qE1;{YfnaO+9`w4BR8_@R`OTZLkm7?eBg924E3ICd*dvyuQ@6z
zDmXY;dWD13jfxsac?qaMi{)+S=!p872jnPAz6B=(!0)2^y@B1}hjFlN8vc_w*pWq@
ztY(p&`nghij~ym?e{TL!oHZ^=EG!hr^ZD~<9v+ypF6(Jh505*rORJ5q6FVAd9>Ip3
zp?qRJqSL?D4+2FIjUcv?j~p2?;j_}{Ogl#`F58;5mBp^jFzXMUKRUSrU)7zzAswT+
z6DMM~!BWHQ{N^K_->C8Ub$+-kpK(ZdiYyOL>FoBo(s8U9czAq)9E%nwW~{y5LGZJ|
zE*?`|a)^`jELX|q$ZkhhS4<$D<XEdE(p+sI7?^8@IHrsa<nz2=Jju6;RD>9HePF1H
z!py+1b+GzGiS5qRC&0`B?+BT>@uTz{=P*#16~cFl&9dBKMRszKq=6IK5SjiK=?==q
zQET&)X0TV37aj$JKLI;jLMETFb67fLD0$!A!?|bsmh*kGTOf_~_o9RY9xrR{$ZuM3
zQC$XyqFWxzq+dTStNMI5Rh$;T=1{4NEC1FHjp@bRgEL3yyGs9B*&c^1NOyu$l};uS
zc-c@u)R@TpLJC@T-j<%94;zUO@`x+*;mlxz6J6Px$mao+$xkb&u_pCVF|faDP+|2;
zbI5Ha!#gm4#~3V;YG{8gQ|={;?KwOT6f4ENIou|;qJ*SiaAAhE4fXPpPG-zxnWXxQ
z-Vh!tBp}E}kwKKN?#?51ny%t5(z2zX(f@Q98tWou1lUPDHRD#2G~EZ^l>rPk%uIOO
zyYzqxthbJoa)GMC5?<;&<k4}AE*PrN)XzJodFkz`y0PkiRw16P<eDxgF*9e0!+_k~
zhRp&Uo5J2R$NNisLGRE`PLC<;o*pDRjr*fxV|Wr0hA)Z)KcxR6ezuGQ3Ja%HSAk^(
z7hk0Gzi1SlNu_7QSx4e2kH)s1^je=2$H#FxNwfTkFHNXG9%H_t-Heh;Zi|RQ-8^<U
zKO!PN(!YqhyG7AxmV0Y|>H00G&cAG}0|QOHcX0K0V?8)AQNPv6OT?cZJ65>Ph-ahK
zsrQtfgChj)G=u?8==ck79>3c@I9UO{q%mAfV*re3^Lr_>{H839jDz>(%U_OzsIz<I
zxc%}hg>zkQ$LptkkyX22RD?&$9nBZ|j256JH1bodU`3*-a{*bHQW|zK%6Vt6M&GAj
zx<oJTvNsR-o%&90h_uLlWS)VLZ&78+@+f&$>wQlTAC%Aq6HN6dcO6e}r?kDs<Pg^G
zohXhyR_y9$*kV!5{a$~k#BiP`@uUI4UIPjWidbBhhNh-Z$q5e)N;C|Gjo=hLc%vVj
z*SQ3M9pm4>!>h@v(L100;n^Y_Q$q~rWZ2P`Ry(Iw1g|tuQc;10c&-1CpZoulzvEx>
z%l|L=zo-0{{KVjWeuov#=nHe|wAmE$WuU8z92Q2yQH3O8QE?Zh<IwI^p&w>6u&qsp
z9=l=1fis#pE%ox#8n%OwtbA>%=h8YL;3ZwL5+w7L*_*~a<(prKWMQT3tAYN(u7K~K
zJ~=Clqelk$$VSg=i1nKc!~MwudplF)--roU>YKH`3;Q!i@=B2jImX@R{Y*t6dInWp
z(r#rD8%BnOc6<WfC6(8Zu>oM_WR$T91fzfE<RN!<?fS+F-595UT&yMzG3hKb^ZnXZ
z-IGI8WdzCwM5jCs#r#(S4k8NTOM2!h$=@D%W&0CUkHpffzZNPP5ihssASdlX4lb(M
zWt96fj<q_k@ll*g=;xwmk(+MPKs-wf8J)zyS590RajGj00|pXVJI|p{gras|U4&^N
zB%5OX&_V=A?sy<mnXjUHC~=_3qU?tKzJ;HeoiS0+^H%T;i@0xz&*Am{)K)*NkvMlW
z1bqBO?=1uSa;wzI5BWoeLtywvxoWudc#2|Cf+P(?u6Ukwh*Ac>Ws3#}AWH{RSUZH{
z2O(_SSh{Jd1U07{V;dy&Vr_GAtOt)`@5j}FvgjMs{mpdm>+?wg4^EoL6RVfJ;gGxW
zOk>}?YA_~FUHEo<#6<#2*tT*$1q>mr1#Lux)X&VON=_HuEDZxS3f3xyS{rn2ZdoQG
zYMi^|hU4p)m_J0N#X?4En9p{>Xd$r@hYVB<cPv#V=q1tg%n0A~2li8c;+y@!7bcM6
zZb@aBwvIWPS4^9WEtjoV`;4zYAo&?UPyL+`hA`}Sjq`J77=Wo*DSkh|D@UM0E=yr9
zl-JRSoMBO{%=fJ0U~f;t(z2$qQo_?yIXmY<M^|`pImqKgt5=e<usfD@9yn8)bO#LR
z-mNL??QIQGSrA8MZMq!iMW$!()^diJ3hErsxnpC8yumsvS*A<2FX_H^cXNC!OEm^n
zAet=Dy~N(fIwr%y^^zPJeMH@%AahjB1+>8~x9zXw4rTFFsD!<KJ2I>Py*^4OBK#JX
zm-lC>CP!0ap~V60Z-@Tc0ImigakjCwwX<{F>@k$^v;if6OL3soz;T+jjU`fk7C=2a
z;;^+*&}qxxW|m`R!G#l~oA<Z{5+#22T${(svE&Yv0x$dG9>Ex2U;Mi>ilKZm$v2aP
zO5t`!CZ=R^6(MUmNn9;+dGng{yn@x;E2)A5?EoXB=Pq1S16>ubouI1tUT^<>`^uao
zsZS?jODv5|((CN?$>u-aJ)(6T&R92HgPcZ-fc%4#6ZUe<T!5ponA3XGk2va@y1MC!
z3G?xUijZb?9$QUK92*7BEM&WSsK9)6bFVTRwF(V6$|On3S>SJzaB7$&q{B~^e`aPN
za6-DkUbR%-4a0%o4h)Id(~}8+1oHWDKFo-5vjK8Q*yy*nH?aE;XCJ9PjF>QmumCef
zLf&!=$~8FiFjohHDI!S;XQx<Q!hC-4OE?Eo^e0D8cR6}?)HZ1Deon4L2q2U=p$G+s
zAYmTXx1k$s^f&RYVBOB!rY}+;%5X7h(=RvTS<H5fik=8(-{yXi)Am;ZGTX}k&JgPn
zVv;cpNz_LHPr%R3CXQ;3#F*kjtmK|+4H@Gv;t-HUj?@dKrQ(g=p186aDkaW%oM@i}
zIbbsI^Rbgd6@xp)Xcs^~fKV1m@Y@J}BIIZ0nOQ0%HnFBw<Y(|#Hjm`>SA~cGAq4?7
z61c7iC2?(22M9KbxCuJo7A8dAwKS)!3WNj}#ykQ5;}G3li5Oi4Qf#zBHO6F3+Z{F^
zQ92QES0b@|C`oM73u!)27;q)U9J1G+?BiD2$WBkIrUv?@Ky%ID%^I$xL|85Gdi)*f
zYYnig3)Iq*-_mma<A>m-hNIo_FDxw$tsk$CuijLHd_)DXlwPidvyxOw3&0dvM0}Py
zHt<-9FeS9bz2h7wH9al%!1*8Y^ZkGFcm7L$x&I}9n#_O6e;fh<(T1}(x0F7zQ9C6g
z5g_qqnAfU*Vpl0iNs%v$lAyp*kI-`%lt-Hk>8^DGfGn}l;-E^)B*rH}&&CfuFb#>g
z#Oy|ohD!i^M~u2flZZ4~X=i3|s~priA66WTk36Qh>R-84Am7JV&{cy4?lzd!O1;SZ
zkVe0`+|^GUC4c+s_CsA(pc0T}QL^r_$=rPbHh*62I>pA4wYMSvSrzs2c<XMtKLS^H
zRh@95D8^)6c_-iBJ|yU}Vg44-S(}QZZ$?NWji;}FztHs_j~-L&%;bzzsnGm6MA=GP
z*cMM<=*w968{0MJ&*ASsh4#Z%sn3V!@1)+Z6vD)b`o<qyDpt|od5wA1wzvnWD{_Iw
z;uKwzU~A|<0fKPxexIiX%VYgkSSjh^#)g@d6;l@%K@WFu`nMHqC;}^<z72q@+rVm|
z<gTu)td$a(@8COk3Fd&?Q49}*k{Ax0ZkNbS|K-#7$mvM}k(aBVA2G}QmBP;j%YwR_
zRtU#usL%>Q&0pT^BA<`=jyLI4dh^A)1ri2)v#DY&v036NuA>#y++*u}>keK;F53H4
zhJ^5L{n$<)bOYI@gm`zlW-BIOLkw#ALc^D$<&~)Y3;le;HM@F@i(;VZc;6T5#P_yG
zbIvtb2eAfZ{pT#;vU7pz`+yMjzG|>}2vED8&0F93dUXQ~?%JO<$MnHT)<CtV7qS(e
zaHkHqNp=YJkb44btRqA)e;ywMrp!nRwCriggNNtF#+%?Q9kqafK&Fr$qe#fmbWuF3
z2PA9=@~4zK9mpCuPV{~<P96Y6^e8TsA2WMmuzsk}R=TQen7<YVLi898lmZ}_nvz$W
z^eVO*J;W1nT){@YMI935YBD)1e2m8bJq`+!zBvhAzuYLw0A$#PZ1FY*gkeL3@*2e*
z7(1pE&H%sgL->XofZ$<j`W26^6)-H!jwmTnu1<PP4>KuL+bF|)8=P${NKhIfj&7oe
z)5H14&Alui!gG=t8lIqhAp!TFuddNI>p!`k_*1e6G(hG3{ga1K_&eIjctsijMeUuL
z4d*1+(hBXDD`z=PuR5CKt_BH1o#uM&am%P$eyxj-ja9O50i?x%p`s4Z=sx*w{2J)}
z)KIkT7$^c?GXMgCi`mk5b|RAJ?ps<C-n9-GPiy~HdsBWF;sT8NcttzOGJa#&QqZA1
zJU;h*y>zjy;HHMEIS5`q3+6x1ccTf-4c(q^!|W+f?a%nJ{i$cx!v2A|JH=M;6n^#e
zI++3L@5JZTJObHjvyRS!oNFsf7LrL8Lj5LB`_iqHPdHu3avilHQ%fZJUPQ;BTzos#
z3XET7&)&hIgfM*B#GhA+i+<Rbm(*7De6jrI)P{y#f)g@TYW{m=KOIh^wc;56bdGCD
z@WdyAp@=EdFr3T^gJ5M14G;&f@U*8Ro-f)VOzwdwVNJ=PYFuV{*72g>df(X|u(@>q
zwmZ6cciZ>m;^tP+`NH<&$H&~d1Um<HhTDiN;%zEH=xkBH431aWmF84^8tRoM>xZRV
zLY1r8x&o^W9i6suR85ohnq<c2_Mqj_SJDeDt%3OYB%GG4=8d!UNoZ&ZsyAYY1+<oR
z`)C}&r+tEA80|6QYwX~i(Uhh_*-uVbf9JY<Zi3^$>-QMsu6NlyQwP(2kN>C%3*5Z4
z*BdOseWFa-wFcm+RWgly;opC{`I1S%mjfE9kWKd@VH!F|KG2+<<_5v`@2{7B-$9Xy
z$N+7$ml^_8qmTI&nzK$k9vGPS%k}Th4+qM<Rh>JF6)(d~qiB)SL6>DWenA4gqNlIl
z?Uv(po0!8-%%Y%@$@kPo!}kJ2kbE(|bo|`3-!8mJjx@Co8nn@pI$NxF-8@&~jj#NT
zrSljLn0fhwx4F#6W&ClR(Ab1ymDwaaxZUD0xT!C~@S2-<Cb@+<w)+qHmH$8ayZ$9V
z;D5=V{qkS(8-0R+Anr1c_S)FBksF#t9(AYAd%~Sha?ie=PsY~GrB8_`08$IY-d{&%
zu;up#7Yww1?+v*Ado(TjW}sn^85*Bb=a#kCBhhdcahb}Hl{y=M^VeQ{kLU@cDxYV=
zb<xT`$toR_k)&ka2B^}r`h0E732KvK+Qt1zueZUuPAapzFD8TMZ(0_@;HlS=&_n&=
z5b`J%WT8@Hf~%R-n87DC$Y`J(bKn-{5`nW(&dH{cMOV21t?5djxf8;8N9@Hg5dx)B
zJ@yhC_sfD3Q%<rpIVA$9*DG}8eRr(wjoQ?-#>~tN{(MIkgbZ$LSZ%cK1^0Yid`YwP
z*uMw<YE4QNMJ?%a!QcBvNTYHsyNI&r-xJ(#(r3cQOE*74^%8u6QnmF*{_qF3w4lDL
zw#L#p#wNhBslDig1=@-DwvOYbW{ICgv1E^es@66=RqclE(JxD?>37^=-F|?j>zJhU
zbkp!A^Ga!NEQ_W1J8QS$IG?)_jc87Ky=#2(oE;4@9#temN#+PTRr=%@xL%bc26bE8
zd0ad>{XAj1_fd$TV2H__V@RU}I%1RggD_r^zI>Vv-g$ex=r$VF=;@juA`BJ<bjuJ<
zQ#wB^OTY*1c{Hps2InhI2oj@}k_=U711jp;#mu;c0nHtxmQwalXB~Cg?My}!BK2EQ
z&Ne@W26sCzFX>40H?wm-Ol`RRFK2?YebehjETI4|d!P9p5BJ})7YJK3K`98DQ&%6B
z@?zcri0T){^SW~jnv?dEa&_HtHN6q`@Sw_@gvy^V+187ON$%{OFP%kR;H&g7=<(9l
zg^P}FlTy+mYf_QiC5kJhsk{wh!wTGV3NF3a^t%x5qo;<*0H>w(f132~NX4cz8zED=
z-yJU&N`Q}dI=rvU$dAB%q|ehq@9MPxuv}43PwxkfEh#^fusi*LGoSB)bKE(*-bdES
z(#T-MgHGu3_4mic3uoUayEX={vK5`X(wm0uV4T4XV>CY&-_v$lQW6C%cKsN-{iHSw
zRNk|Flt;GXyL>jUvz9y~jlfs?eck2-6C(BRxx#^S-65DiCzaaWnpnG9XYU6UJ&{_C
zb;<+s&>PJk&x^P5me}}jG8we^Py;yuPakC9^Qv$lC!twN{T0Vy)URB3bOa4p8n_IS
z4D7T_9EqKSo)vRvht1yBes_Tg#<2aMz8Qjh*xZPs3u(1A<H19G07DALvl4ZlS?J1)
zn>5kQGYBdLz3u{^+d67JPgWm>+R`~}F9N4k#gbQ*MzK6b|HI+PaDJ_um~}$GPsHI^
z&*h-Vb#w-ly(+6T8_&kskP>YW2E<mI3$|IE4!{fgIJ5SK=jP?b!@+rbf2n$Zha({|
zL?e9%FJr#|!lgVq1O&K3#tKjX(N0$KGJu$a9kE2MWeu*(>f2lH3Q3R^hmtYi^Hu8a
zuqB_ejbA2Su}(sjJ$GGg?*!5_XE{C-pMlSb#(N=5I329R6&n4g01%TYNxjJHk#)g{
z<*=)K($fqU>ZoYe4M0PW8a*XdW=mGL2}<ru{AFPpzmVv>EJLo^=kBNm-?!sDUqPQe
zVpox*zEKxBU2@f%svFj)_Am8?nf5!rs<PsjxgUAEJNu~<pqT0CVOQ5rX$Is+Hu#tg
zQ`ma&F-QjWzTr6+QWGgM%T9VhYuoq?1&PKf)?R;bufOd;D}K+c*4Dk)vQx&zV0&(J
zoL7U3KgIG)qp?(20`A_glf<vnsM6e4Lp<av5{=nwtADO8sWDX4)>AUPM={?+ypQlu
zNQ+n4yTjK^t44RKOcep7+@m3{pPUUX!pNlOMOFNiseaY4$Wrt^s-KxFF)d9`jACpI
z`IQ;dJ6}AZJfg*yNL0dj5mkACi`Sw`pos8y1YS?wA&{x|wWaV{>AicSb4Juh^aVEL
z5zUq-`u*v}OzJ?IYWg4YtN(xUcmGR%+5aVfVcmbpzcvK{VNF?~qXxcJ=67uR-%RH6
zy9K8e3NP2_mw}a>#l;Plw<?;N>rJ*;f1x$MWU=Zs9Zs<IrrOVey-#4PSP2#tPBM3f
z45sDtd#bB9zLy!km+Q>p&#RpkxHB&!Awuu9mB-unNjyVdvdv2Wjn(HtC(+iJiAv=>
zZ+|U&K2;|^t&_+ZlJ@O`=z)qaUGM+~$osTN5i(?*nS<`a4^Z(jRRNaPE0xa?-0?A-
z*2TlJ>&TG-Xx?>V*%hl|Wmi<)>!|=IQbiusziVjh_;PmjNG@o@_v3En^<XXS(SnYc
zh?fK)&m>29k^=#7Y98qrnRB)63ENzl`NSSj#k25PLwosh`1JYD^GfC`uGlfC@;ag;
zV#T8ZpvI~ttJZGqIyAvJwEdevM+-J2M{#R!i!Tdbi`LotS6!6}*}Cox`0{;U|7;p-
zD1|@VokE@m)$i3jF33nvUNI0%86vLoPUEhmo)r38K=q`j0d*~y<`;kyL0V5coz6(k
zkV3`GU0p7gmRe|M-|KT7W?;zD=A%BhxTmjqx7TPLH#H?qiII{=lAIn<S@8u2r-uT3
zdtI2=xV{jy4*Kv21FBUtRaHgG0vDEBMZ9m-W&9o*Ib&li?uL5h)N~(N0eUoF9c+fS
zT@a!XXlQ7XcLtE&ZC`|kmiiZKRqw`g183u9(iFcV66Ke1ocqx%twv0y15@IRM`qWW
zNi?YQBQ3FKz5m16KR`*+wC%rW+nBa(d)l^bThq2N&6zf*t!mr0ZEM=*w7F}Z?|c4x
zzk8kau5(UxR%KOZW^_iZ&R<mAdB=5`<5vqIdny<pwt}gkJLe)Ct0J&jK9?Q*>^2B7
zKBxi6d6SrDEG_vR4uKe!oqraOsMAu*AlgO83VcwL@G8tvySM#@kq@HhU}ssWv-@*;
zU(TrKW*%IH-z)@mxr?z6JLrCTB}Y-5dC&E}BT2-Q+00}^zY<_Yw6D9WYcVsYkk$C=
ze2EoS1cg<Vtw=%9zllY!6BiL_naWz~fEh<iNmEzgPm<O%{F|G*AO$fD+%y(DJ3KE6
zlaRuiN$a!6$O(_FW8YKk1UMwjxK1#QQ>b*dWT%AFy?)DBO$u8{DwEBlNHL}uCY7zs
zo7gsY9Iip7YcV}UbTDv{kmfxaBB%vKivw+jXd5XO!taSmB;IfRk&yVUPQHoBGKQfO
z$YX^lvWfBp0p?I)J0^kB*GgH$Uze-&;Rn<-HJ5?T3UhO79Ntzy4?7#1G0q<CZvS`S
zT^OOvuFsEGpxF~J^$4g`I~%F2DlM~%rXqE+*s2*8YS8_A^Qu*+abTe9>0y*X0qy}{
zk$>dH__eqcaP1DOcx*o-5&Qgb5c|m6PS@G#!$kOocJzenQ^B`Ilbj%*w*UKpjGV%A
zO)C1sqsL>XXHk6f5+2UoZ$wE1!!Cen;Uwa+RIV|xVUv;kY<zX<L(32AJh-x|#0#oK
z(d~$SEeFr?v-tPfwnMIg$J<_>r=>(2RZ1uU;`U%H(OV(}S5pKD_3jNkx2inz?ClRv
ze3b7L`9H|Lo(JE2BaJN3q#;CLW3`36Y)9j7RfL1sWA&xLwc$=yv6GG>)9Nl>Vc?2o
zN=-j+<-~F$uT3SeP_}wJqLRHl$IP;KElrN2Y+T1a`~wytR%o!Z&YzOQ&n6_o$1Vi>
zkIw<eAvO6oK@w>BQA6emG`T`myHw}wtb<Z}Q@4$5Fe;F&)l697a)3G~G;E$G{W*Fm
z9lfa2lbhghX@7yrwl+-En;V~x_p7ekTUtp;pu+M&4YQhlRwh7N%nXqxR7%7np7VWW
z|8AX0Q1}^`p=r$gYhmGTZ7pLu`yC>^p`h}t^v+0om)ClZ^ACXhV<bl6ei9KV%zO+0
z0A)|h%EsE(PT~D=oD&S9?BtAHBW($n8h|YK$?R{xN>j4*dk+f@SUi{JX#%JzO>Nf6
z-`6t<i0T!ItNC*;Gi^XW9pD_3l>8>yX*a>umt$M0{#@*+ek1b>s=PI4+F%vyA^n8;
zOMaXGPX4Zc$S?Vy<S#P)m;9pZK*ct8Uo5lI#`#F#h5A%6jMGA2GTQ9a6jlThKu(fv
zAjSHX?d2&k7Tgrv)12N*i>We@zGPn?_9o0k0gC`qoi8k;Nm<?N<ksQV{(7=<f>@BA
z2IBSx>^xKP2zcikv`$Tp?yl<+lF19w>y2n>3XHLg{q%FMs%;3@w(4SS)7BW;{pax-
z99S?l;@l<yIJg{^95RP6&^0jv?4hdl>hkP!gEtTyA>uXQ$VK3f*QLue!!Mui$HxKg
z8XIQ$HMUyx!m^05xS6o8-i8TFoFx4?wz#%$s&00GBmB4<!J|!7VC*O@84*LC7*v-h
zT{nAylOuUKbqGVbGqJH}Qovx4!~i3+dt2>dk7-qgX+>swU7Bfa(6HgEv>`sb@k>rk
zN@i`cK}ayr6~;5n+}O@tRhBLjFrlNHQ<xHoKTvjQ;zo)ksZ1>On#fK<V<0gH6tbR5
zV}oXH16pJMKHTc`LB{8D1R84sWuBh|fW|gmey_Ry<0%Y4gJJOB!K?(F_L)C^$N(>X
ze}k^}YFSUi1kyb0Cvv{UZiVBAG;2+OOLOMf)7zsU5EO!_<>l;)6m6EtM0(v9#wR1!
z!xFX*@()V3Hdda0p0C!54$VAbO*j^r&<kwRBQ0z2-n?JqlTgKB=i2EuSZYU&Wa?L|
z5xv>!V&0Rw2voiB=gqicZQbW&6{C&IRQ7ACN!~iT!*?bMi&;#Yj3vHh^S#4_+rLrx
zToh|fe5No|%CziWn2PM9T7z@Y<OuDCBx_(bx-}rokJ<cOVUe>=5KEv=AouGBNSipB
z(8t|mWb=RIKbgU5qNAjKL6lMbu{4r~-6)U@JBpf@w49aGPz@@YR%@0LA$PD_(xHSa
zsAq9^DS{o1C9@MECWbbn%)`&J54|6JvO|g6qmd2h%eMN{m)G+Wu$@nLOefNA%?lw7
zd;1U|Hqnd269*6_cBXctX^wpRVkp29T^?Xt1D5@8iRS;zZrm&*UR3aK>-tpL4jZm=
z%RJ{QXP2?oZP*o85)ZT)1v&+9<lWguxf%)uZXQiv@wV-XMEtrFiK1@J0FV<#i#?RW
z>OOzH4~qhLc|qFS8)$ti(aL<gJs7skBBC8XZ4;v^yu|CM5ly(WZ4d%}F&`EKhHov*
z%y_tYf$H9v7?{ba$r~I<DoZi^@60z{F7DLLJOZEA8iRiZI^6NwU%G62#S`~kzFVt6
zq<=3`07q$)FU_G`1eZ!%!vR;%qf|k4(zu^!z)`K#3kt-CC;-oAXBJ~OU_HvtegPO#
zTI1L_qpj2!tEK-gIz(Ja_KARJ0uHfEo)i6yZ#E9tX48VRL6Fph@?d3DRH4!QX*GZK
zZg*MYji^xPsBpvHw?r5r#c7IVFkAP%Fq{R|bf{G&w^LMjKRtocKbW}YQeIHdT&Lp8
zlMK&D&8nrL6i~C0!I(>c5qTx#*GsOejG3HMq*jO*_u?0pjhfdoOcGEuhR#Bgs}%7I
z^rz><(v?iv+k5Ni=%T0F8{>HNN%$^l_$qAW4#~KVkzW4t+E5NfiikaqDm(@h-2JG(
zE9(>+l<=J*y=>7w&l|3l{5{jO3$HLI$cK8h%VwuCzGs7bikq&pgJ8Ziv!JJHs3`yF
zD%XOFZn};}<~`$U!<s-@MBZZ#bbtcdbh!eZ^~yCW!4ha`Xh1nZbBBEdfO6!Jzb=7S
zC-5=^+C)PqOl5Fh0SA_Cjyoc5Zf*(+RU!#twKshuxr`O^=~Wso{y`O{cURLnw=`3z
zXR=`M>P;s^DBiU6n=Uv=ShrRRi1&#4(}sL!r)73_viU4*gd63L?0{W<m=4f>j{@p0
zg_Ju2motvxMxALp)-+v@tJJVRf(?4O%6_JLvx||9k41cb%&q$mVpj#Kir@5EEZ%q!
zEc%ac+GDA+rZBEvRJhL29HvsMGE}DilHdNnlfU~P@=N?D`75ygB|m{42#CI=hl`AZ
z&}$btMU7Jy6K@wr-{;xU^BH4ML`FtdPFC`}{P^hD=*Y<LpR4^&Dcbh#RTXZWRJ@j+
zAJ21UDC$*ikL81Lz%e%-lO#0Lwh$OgoD?kaEI3UR2wZ=LkP9NkDs(7+&ErCCEvci(
zuMu)|NbCzTsadIWR#mxC>ejwoubGd}(lV(W+8%0SY-|GDitkP?Qc*}_GkMZwUkbpV
zUMpc)!KG-I_t)1?@j@kt#duU;JIM*k+*11^NeN_N2g$>X=5F>9VI^E;%!or#g-BXo
z?PwE1ltS<g^7m(Ie=a|m!dYRXxU+s8NSzRsk|BRpduH;dXnpwL7n!@elVj8bdWT|R
zW2>mC0pmh~$p`lYv%}(3+oCG1&w#o*YMQ35JYjS!OKbBJqTkygW{4G?xqAUhs;*+3
zqVt^y!=*CR-caQ7w7!@VRg1S}d^gO`QPyJt#59~iZXdBOXp{<$$nJ?(RBlL)5b|(8
z%Q%_jGXxeFwy>AnP0=YznWLu_cY-M)hlGWf<t)b*3>OGDjH$$eqaYQ9S*J&a94CIU
z*lQ&LA}fT_1%F>voSqmY1jEj^ag<iAg6C3krgeI~78w@3frTW;vxh_;<OUs>lZSc}
zmlkFWa!Rk2tB{E$4Ra-wm0u%Ix8QB%X9(<`ZSCT9CGdjYJl4Rb_eScp?DKX36FUcB
zZZs2?mX<j<npo=nCQM_shqBp!Dq9>padI?LVZsxTYZ}!KBdteF)jJ2Dp5m3CmWimy
z5e?%v{@}O9@Q|@csim4Qjp324f}+6tts>uv#?BBInLp;|r_e{rviY@?oVJi%Lk}HA
zT_|egfy8`ezE01}i-ZL-X<=^V$C@*_o3*H_zG#8(e&NedQD2$f)&46XEUu?NaVWoI
z#VkldU7yOl>JF=}j!s8sr@o#ZPy!8n#{(Y~6%#XTcrWreT!=U%JbcfQOA8VS=xq)3
z8)#~30@^<*X{)FtBqtwSp3xHZW(UWt4Z2(l46Ut<A6+m^7zPNni2#kL?{4;nV-DBK
z@;BbJyzLRlIAbVCys?UgG*kD1&T{<L4w9t%&5esqjjOua?KxcdKqfM>HW-34sY?wd
zfPu$eO$Z8<J>NuO{?VQcW6Nj^uvaEh4G4fc`)!s%VJfGgz|-k^^W-$n{A&<<0(SyA
z!{KsG*r(yed?+@+a_Xgc_qbSdx$nKY)!1)FfNYT5?#h?dH$lMXBZ+Aj0Y5J(+CPkY
zm%9CkO-h3Uk}L-5@ruAn>{L=ECgc!hm(_235bp^B&p4)#csL@bdYZ|zhi+*<dCLS#
zpR$msw=hO9|6^n~o;XPOYWdsxysnHY#C$b*GU7}$sq-$*+rUT=tX`OdnyXDDab&1M
z9Bis#r~v^iV*0XT;;s+NT2{YWpoJPrewYQ__j(hO-q5gw9Q3%;5=$|Bj4^QP)lQgl
zE)^)IY;JOiaIriSSEP%ta?-pFC^Uw;en8a+LI{2-abA_t@9}DVktzbz8IXy=y<(=!
zl-LuYC}dMH*iKmAVf&-FLVNN1jfCXIO_*`8qpUW_zvVJ%2gW4{-O}C~ET!fD`Pids
zFsEnY;koP&|BQ@PEK<TI(7!q>OXqo#G(BGim!|1o2Kd%>6dn~VE-p)oiT(PO_8ayo
zl_@7RC7EU$k*|V`zbrY|IuT{8H0iL>GR2Joldm7%wh`Ys)>_6#8h7BFpk4NTi5{E$
z0W1!Q*z^2c*~st<hvU+Qc01BJ7`lYaFJfBD$t=5_Z-l96baDsZWz2_Wg8(%e^FsYS
zGC35{Ae`W~ek(GnR|enQU0uUKdT?nh`m$j+t~v0Q@dccyRr){@vRi$<CstT68Dm?e
z&$n6-h0M@=$h19d%=qT{2kdqMkz-WI!v|tHEslEGfIX@x!)7mnIP^exFr3ipm?*$s
z@;m=`^7s5he)0b#f9?3c<mWvB0lD3aL61|D>pG%Ra*E{aFJ4uu%Obn&r%;bSL0s5x
zyAI*;_D18pij>s*u8>QtB6mt*?WS*M+K)zDkmnd{eP`?wZ=-B3tgIfC`1B**u^MM#
zK))`U*8$aShWs>8c|kxX%*D@7)=NIrAwR}x!9SPkmv%#)_=J;lo2iAiinW`zxt*J^
zxq=?(Jd^S=*J+^k9m=0yroW+HJ(Bg9s%gT>mKMS3ba8QY@-`M$kd|g<pnfVDs%jeQ
zYeG{kP1~H|7W_HBEcFN$`^qoOq-;_bJ_jJR-Vh>vdw<-%PI&@aUjKFASuEF_&Jnyi
zKlcSXt^4@AqTPYlfS>k`>jPbt{QU*^hV=b1U*pmJDhGWaxz@ecR@=GwuTFzEyL=v(
zbFRHUZ!X$n6?5FaayEbE_^O_oys)e$=(R?&ZU;1>0ou0f>t`jlmzQSMrdET;6D%?L
z(9ok6P}?IfYSRsCY-i7ya5RpZ=@je$B;H3A<%%$H8CV6nZ07Fle$k}*XFGwj*<2kf
z<5k(~=)XAHhaa_Yew!$sn>Xw_FPAbrw<^ZOTt(Zn3Zx-F>HhqHzXEq;=qI;UP*4E6
z+c-NrckkzYKcE5*8i2k(Cr9*>Dv+&4Jvd09p}o>;hKY59YFEt7PS90THM^DWvFpbf
zE!@<8E>>GSIUy87#(&s1FtzHB+9M<hX4xA!z!K)-M)T0gW4_2tTmsU*$2F`gd9oBp
zlPi>@KUC_!dO*ed9UKNBsam)P^yl$^*KfL7vpFysil6gwl1BL*iI2}Cn<SN7_$pSP
zai5$yLdpXj9)c^P!i7dZ=#epZg)H9?6!;ynw=f?CC`o3}j!d1lf?Y#_U_%7DK3`2M
zR#aio;e9!<T5v~Q7c6Ei3c>UeYvcMQ45?K#G#H)5;EF*gNqp}-<~p$HW$vjCr?eB)
z4Yre6TneZo#mo-N@!J{`Dlxow-;}u(TMk!eMAFu*0V6smVv4FT;h7z*mkh7Hi*5V(
z>Qi{F+@RCzvte&>cv|U6PkZz2ZBek1LovHH7RGML%cQgWJAl8k-Rcd~S;1ey$%%!L
z9i83U)%9*1OFurd1>9ypwWze%jU4x(Rm-4&x`4kPAe*@wv&UhzW|1@hQ}C7RKE!Fv
z-YpV3d)89mq`4@mj(j5ALMrC_MSFA5@p`RCJ5etct^99{Qx==M5*pRwbJeZ(qnT`d
z=%feQt3eg;pzNOc_yP$=y$)s`QK|hM%Qqg=^Oagw=qIQz?U1cCg;I{>%fv?nJ|5>A
z?WXIOm9iR)v#c#xBzbHHDnl?nIvz|0?T!bR2iqwhO~&JG#6P;Zm>vdNO>fEHz51pN
zrB9dSRfKU31qSSi<k#x4Nl0y>B(@(SiYe9V=1$Xjw#KskKmSY%-cN6lYx0fT`G(5c
z_=o(A{NhJpZ4UIy)~EYAE0oi`8PQEgyrV4cX8w(FF|d1HtR^SvR7oq|P%D0T;;uG=
z$7EpJj?j%fPiaMMJ6i?c62os!t7cfvb0(sDSWvjR3@XG_)=l1zBLT4kWo$5ca6rum
zZAU<LN5GK{^ZY(~xwN9H>{8+Mod9ZGO-((tP}hg*<O@U)ddiztf$+L#WQ8M91=iby
zL5Jtf?cg}j(GO@|T0EUSrWM%`%+3xnTekBB*y$e}5DWhN@#FS3{!3lN$k>RStn7Da
zE=Gi-eY<MvEY2Vt(f)*Yy9+y`X(9n%p&8&{Zr$VRjBXrTBK5|@UDE2jc>68u>J0`b
zXk!5)9B3^ZM5dvx-rm;w6yn2TiUIvQlv7ABv-mw_kp@pv!!T##w5DeDn@qt@2xY-2
z17+eF!=Wr;rH49yiOXI7PW<<~jB-4BOaYen`^b~nYOeZ^$BR-$0<?a;R9<iHxdQ6%
z{O(W*>;eM*!!ZQF1!!M`ha|m&40-DRc=?z7>HnSlz5kG3>_5rh9Plssuj4>KHf3aF
zSXfx#@*&6K(Vt+dDLCyn0!1tI+uh?TZ2Z`*foABTBHXUWU-0|3w*!O*UWKK{P*nZ;
zHYf=@c;?dumq{$*Jx<4dzll>mX{RFicbYMKO%Fa(0=9kUhO%eb>ew&`*nY79jMBS_
zdJ{v%baHRdw26@+BkBEB$g!cL702UQ^9T_f!SkW`AS2@w=<~3qF2afYxeA<7weTY~
zocGdP$>+c@LI|;SMJyxZSS7(C$Q{WMv^(ir?8WFKbFfLqP`RF0`qn?l*a)1OzSum$
zqSVkWgM>%xE-~rUeaXg#S<aWDmiEbTiFe`<auK@DewUf*axY)1nqgV!DE6`Jb%3wX
zCsNG%da$-hw@XjLL;{8|6~|CC3I`(d6y~f~)Wgw(Lddba_#s6f0d9>DtFa)MK=I+-
zw_9=i41W}j$C*NA?7W+1Xv`yq&~v4lw7uT=l2ZX)daNIo+Sxc(RFJR&fg|m+`hy;r
z<3+@onT9jvtA+W^m=GT~B!ql-zORq(N1tZLq-Mb4>dVeF7SWdb$9>x$amn?c#YPv3
zx;f~U=5DO+@bt?ck_n`2($=ldt=I0S2N!m>mKhltuN6S`1&+5G%&RiLS&s7aSHi-e
zj;5BVsft}jCwHur<)SkK-*uMHbp2k6@s0QN$XNd1crLttN*b~-xHi_neaj1rli#Mu
zW)K>|r{vBzQy(!g{z$|i40;m``V*BK^u`RNvZkfkTpotO9wEPkqbb`VxOt&@v|Dv`
z+S14A*;&QDevM4*fwK%<^IFyM(SlNWTe+ElVd?Z~Q8r9S=T3uAdB5=ecD*qpMZ=~d
zGCT*q`CZ@mv(Br4kc(3=0a;ZJn(Vr7Ggx0lJFk-j*E@fgj@TOTtKyQ1&j!U@dQ7g|
zD*R|GaVj;<Ji7YB_w%az6QI#Foa7Ec&Mw#kOp$HqD64B~S~YwTO6}CnY2Vb%S65N)
zn?&#$Sv470N6Qi|FDaubr?0NEHv;&axOfCAN(Ec1bIcSYWf%db*NsOufwLyec5TY=
zj2${Pl+|JFF_P7drBl2!D<wMgp*FIRYRd*O29p;#ZnOJYK)SeM&(fT!guW>l$D<I8
zU7`TK+p4r+^<k4dTs9$9Jum_VQMRfy9#Ynj8)?v;t*vSJQi2ld!rgISKzI6$nB^vb
z(o~HEdKZ}+z?-WV3>Oo?yqueOuDe6rxP=Tw1oD?v?zKiiYv}mb+XLAz#nqqQn%Oy`
zolPve=hZYGsYTnFWDRWw`pZh1hRCFv5*NT|p$Bp^NInzpog9kvvlv*8RbDklou|qW
ztK3OpE8>uBxxHdl0CVZ8ne)%ykYWqf^~%Gqx^GJsttI`=!WlQ`L$7<;&qe|s6HkvP
zcl4*z5@DQ9QA!f%UNyyILJ20dS~#MDz&Vui34Ml&r13xpLZG!!|IcAZcAB?F;m$sy
z=ev`6E_?+6{7w;h9c5*wqbUMJM4;ff?Fyix;@cDXJ(637=kW{v>+v8VY`MrS7GC(2
z`r`I+YTXcn#U)2QM)u9m_xhpiMNTm(nOGTPBCa}*JH-NdJ4C;Jenfggo0DzT<<^2K
zA6;3)&E9pW8S69q=aKWEnD~_PZg7Sl$7rYihM(C@K|`Z|M#isa*~S9*lq|kj3Asp`
zN+68V4J`JEXv!*X4oz<4{4O*Fob21edp7>5SrC0FI61e3uj7ou0azCKZU4>|>{VUf
z?{aA2#n*rDCAfwydK$&GNUhZ4u{g&z<D*R{S6lL@Ljy#-Mdf{4t$l8$fS)!Lc;AZ^
zwBKw!xV`~Tq*S~c;5o|>yzb%Q_0&G&_XqI|RSmWUUFdrbM8EI%+2Wj;`MS_>U-Pmv
zOyqvKYJX`IRRG=cv|4(yu{75XZ3UH}!;{f>xCWKZ=AYH|yZM=90ff!R6b!zY805D{
zZp~lvXa9Hd_x(eD(f=fWC)>Z|_ag-X$>|R;r@mSjND>gZB^U3J5tgJ;ijPsNL&!zf
zF1A63#hD)={o<t-9Je)`j~znIV{&UgfGtMS=>r3u6W0Gq{%rq}(6n!QI^_W?b2YI3
z8MXQH_4Kj%ZL)e5&ya<)!?@x_EM0+p?c~N#8W&}9Vr=S1WTcyu+YRzH^rDiAp5tN4
z+0;51#-H<yht?OuXOeRrrGiy+Ch{~zQEoR2(81=cTlI<h7(toWcN?&j6gjidyP-`2
zg<oVmaH{rTXSN%gR<vWnU$L8qjqDsWX_8iN;_GVLGsRNqkL{~R`<QY;FRbaMAr`J@
zTH5_YZ^v{zd?fL4h7SfD6IZ0ZkhAxI(PhKxviS5d1+tn`h|SDsmw>2VoBhCXuGdG8
zLr0W~h`Xz*HtJN^mtHR!*j*~3BFK)%QP@D0u-N;<8DOr~pi-aS37C8Yhm3b7XJDi&
zulNSSC17SZxA$g0r8-3~gK<>nwyH~5+q@>Oe}`(_GPET}Cnd)uQ;UwjY+UK`qg6%2
zK;1wYFIn7g;NzXdClSS?nJZOS!vN9e%<|x1v6X_m%Y;CGX-M*Xa;T#-AKzYEd{Std
zqyo^952!%RvEL(CM?884PRfywWAoh>Cmqu;VUmm2&WZYhPjD9d2s>m-ag*QIC-Nms
zaW=MsyScNIV2l`Jrx>PNt}5^%`W}Jwxj$?NrR8#6KAtjEol7UK;HRjq>=`ir8LzQh
ztk`bQ#W+5WxuGeeqN`%l(xnp6x^SYPZ7z?2TZ}}EBuPWZ@aOKKXZCx^k9<h?el?*!
zi7?#qOyUXLG<L+qMmLSEATMs-0LFH{Mhzd0%7+Q4&9utHKkM|EUva0)IB}N`!=LLB
z{v6;GVGE9lx#alNJT4Q??ZhX^QC90VPtDHOwzg`sNbhwephHlmj_Y@NH>Rhj1MMv^
zUvSa^X;yJ>*VotMsZ5W5G^JFY6hSvYmxyKc_4UIS0OX<MS!Z857nn>-!5tn3!|~n|
zAEmb{oqp4I95p~?fZy+ZNk|W*jF#Cs=Wc<&RC*t7J7UTS>RXGp&CT@|HGlLkj7+4|
zX-}`#>io7pLUc5d!S8qIDl~DcF5CQV8-ho{dK>9_yUT|z<^1(EW)dE25}E?WOs&%i
z<&@KIGuQckV-5r8Afn6e_M#?9l)-_g5&L93umR~(B=<T<w&FDnT8P6|Y}n;=!?Fen
zxVgRrCu2x1KeC*B##o>Z#UsoZ+N|*+$OK2U>lV-d4Eh!lp6~_nG28<7bFb<2E^YpB
zD#vAaLz!#lytUr_eCsfbc5=K~ZOKjtJoJ6cN70ZEw9R>E_jz1{5wxsoyTctg>$RD^
zD#-iYX+IVobCQVPdtp{JoS@^|@BL<4yCC@5$A;{7BSu#Kot2NYdJDM>7Prrx&SJ()
zq3@(0mI+9DKd-Et2wbyeKU3DL`Rm168=tx|M%J8t9$+C`;>|xsh`m}DWRKg+zwJi7
zAx0n>3B4wGvy~#!k65bjCA3M8QN(KvFmH#~Dx9foU;<j`<(zbWowg7!8Vi@bzp1r*
zm40=Zudu9_<K)(|fr_u)3_1%ZrLiWKUUi~x87C#vCYCCQ*ILpB6L`$`?iriUWY8=?
z-oz^BHG5&E^^|7Vt)O}XSbRpvFr?BSye7z}LgF#jG@LuLx|C<~*$H#|V@X5T3(p52
z)Ai%ZL#YnTEHJ-|ppvAsXIX|!QE@b}g*bONM)f9iBSf{}@fr;%BkKkMIQhNS5n9GH
zlnpw-3~X??Ykwqf(o<WFSA5&ET;7}0%@UV?eDl102S5UKTME@XT!RU1+wJ$EvLfyQ
zVyS%zb;OZ*3IjZdL#!M_q=-W*{ya1V#ES_5GT&P_BpjPc8ai4UNZXm`sV+armaf|3
zGxFJRl)!!PtU!7zg5|EbE}&8H*m3AO_8NNXYXEA0$)Eq<$>0AE`9=Pd{C!9Nl0W_(
z1SIbdu}?|DAxzdDljq>^o!A{Ig8fs_4-ESpW~i7x@@}tp3HO~I`CO`+tM}JO;7ACB
z8>oy6hkCMFZ^;@yS2ss2LQKLc_Z26)0;ZsDYtGRkqCP{_)Kpbd6YIRbva+%BkC(K&
zMA7IL?RRterHtFj<>B_S<Rp!rpODPx#~=u_3^ex-_oOu<?c3$h-%I1pBmc1T1&}+g
zS#7~Yx$aV*B<1W{M#~$p(3rk9@Ex2yQ&D1;MKR1{>szwrC&qYD3;?*^zWI7oCzmt0
z#a+&lNWB0jvo0*C(b1Iy(G`#gsN2s2ii|eZ)~?o?LMMeMp6~)w+TQN(?_Ud_FDXk~
zkfnQvmzFSVd|n?efH!`64HZ$OUnhe}+?p@Pq)xHh2k5M)?ApbVeVbg?+;4NL>MR+Q
z>J16vY6k>WvjM!1_C(yyX1?|l-0I|f@F}N?`ytut{E&_zgSIxBOAZFmAZ>+S1eip;
z*x=HdmHMExbECtUHWhk=;WJ>l%%9C(E{9WK>Yn#g=2{4*Cc>s7#?NKu-E!~Z@4a?L
zbjQQ(Yt3<yp2ubNsR{>6MLgc?LO2iw$%!Yu1+Res!5DlT!XWvH*!8E^7wJSQr$U6P
zBpexJ2pRjWrqQMT1d1ZE=!RM;cQ*2hy9L9{_w%N2>mjb>`us#vcR_uN?WsY(gg#dg
zJ}%#RC8MxwohNUl6Db9nIJW`~X0u*7&BDWEMI*X>orp(|7M}MUl}aGoI;>6{j1taE
z<aIekCKC>1f9J1|;+h*#ZxXi6cI8Px=am^zCm;<|cU1FUK~eBj9Mef3K$Px&3*$41
z)qqqaH$k0Sp%dG+Bjr|U4I!ydda$4r#{~5f!yILrSsYyL8-<;i8*Po{=GATS<c3lf
zmAd8b!Vud?M((7ORAEGsO3zLU8iay21{xM8ij&qBeE**6z?_z7dz$S!O?r4~8eeMJ
zhTIB)r+g_-!*Mgw_KmvL4%6;}EYE2^QKe2qBp7k>J}wuopYlXAdu(ibfSUE#3Y$E-
za1_rE1Sb!l#yCU*LbrtvDH<V+)fB`g9CkiW+Iup(ew|*1m%Q?JG^6=Su-or(M{(if
z<*7Blkd3c$R(#EUID<@aPS3Lp3$ys3D9t6tdREhlZ3(+JDSw_UH{r{bRllHRzaSbp
z>l6d^ZqcsWFI$e|@rx&{KR;z|;eG-a7r5JJYqjMP-ioA|w?5RB3=ukN`bowSQ%Xo}
zCq=xPBrO^eNOAM;+>dPgLXd?|=(6K2@5XwDW+RLlLLy-h2%z(zLnKe3&jUjw@!;nD
z(I7Y=s!9gH@7_SQ6kt@-Jc6(Ko2_jkqW0(OpKU^cOHhbyg9O?znpl_yHzyB!5ox&F
zrpm^H(fX-`j!d3qQzkpj4tJf;F=KOsnf~D2+k`sSK#n-{t{@a@>3%b8f+)a9CljD$
zhtEw-VFj40IBb+Z937FvrNgsBHM+nO2|rv^MUd70IXp)vsCM!h=fDzH!Y#Qsh9Zll
zi;C>k`(cpK<@?Oaz%V&F3j6zBKH+eGKVopVT(deoBZH2Hrgrt4*JMc?pe9m{HdG!P
zVW@}r0bCjm)j(46=zO(aNClV|EUe>k!w*7ne?o=mmXYgg+hn^d!rOaS&qJq|&lz9d
zG;^lGePj7)T-Qfu>|`{x0zVY?Py{2LxH?9K1V*X%hA-qO95jIFV^szo3hb79IV0u^
z=~Ab3xgNuKSOf593JR+Q>^HQO0>V;a<5(Uj*Mw3GEkD~FXM=s(JcJsu#Ut^@U>Y79
zfSwlTSG-LdoHN(3ZiWqJI~A+lV-epjtq|gLI=;m>uA9PBp@}7)Zb2T#e0uT0$Z6fd
zIn_GV|Kj$6Vr|^G&2wm>;{O5TJjb>IN&M3SOT3L27+C2w-W=k%R_u0Gg&a$dUFgFW
zR#Iy9|4aU+|4#maf5<QVpX49O_?P@fbs!*wPh8fw1IO%))RW2ul35*&da{cAK;JaG
z5^lSfg&VY?jC|GQ>he#}TbI$gK_SJvKF#rK9+!s+V4ULzTPU$kp2hgXWNMWmpn%N1
ziva2x&*rZERRTJSM&*v|$Zb!>Amo9hv@eXf3!y-4A$n!~`sX<`&dtw>+&uVEsbg|L
zXqiva)faMcBRDhk87U**!7w@h9XHFD52S>#x_-yVC~9vvd5rM>$&rzWA2CRMCOZl@
z_cxe>a1<s^-rf=dQt@-Ab3eioZi|8whJxqT-tuqH&olP{Vv$^oq`}7DY|0#}uxLy^
zpcCd^5?o<k4HEKi+%V#jkN}Cy5T$&;aE=FYZx=a%J>#zr#12F0vQvDo5uI-e(*gIF
zF5XU!$ed)<v{Z6Q+Y2{s7ur-5<-PnjCvJ~YDfrTCE-t;!w?C+F1RhUp*{#Q~lv9t{
zJmLxsMzv`mpOYy<5xu<3H_Yl_&t~|?P!Uh(jN;AR4f4MAS9JKUV8WHITGyrbBHT<c
zDU6R254NKfGM;d+YPUX%I?TD)4<<}lWweMI_}an!6cL6j{pNkod9tco<QU;;QSviY
z)z_D=XLr-^DiA;{l_MB1ySlnMI}5taWY7^P^QHJ|tJ5K1E(RWvrI`(UZnP+yWOe?<
z6nz`*9OmluM8{AU8CyK;aA}#7y&2QYlK-CjX3*~ht9sF}Llbl7j&-Low?r%DD<sZx
zQpVBcNleVzg{aDDV5-@E5oR3NiLf^%53Wyh#ze*rr=RaY152NEL4jp-jE+Ehryc&z
zh}p6Wd;{Z!^0M;dfEO93e={+`=`4F3fcRx$aWOhNdZ$o?Mfx>{3oJ;Q_{&rl@6qmV
zLZpHw@C*EJkWVm4$zeJ1oFMYh_u+wolG0L8Uu}AgZdYb-9ghPkT45<3|Gl75O}nDZ
z0QUQk7w4QLbzyE>r)N691k23DG^bV1qPDY<ZAIKwTzJ%9@lI;XAg^S_NSlkTz)TN-
z@9mfPXn4}+%x-6>F{2a(i{?gqJ<Zqtu|a&yO)&hJ9PZ!+-VCqsHsRjU<rKVW2tPO*
zq+A3cb`SO-Z(<s@6ce-O<B`#RCFEoqp5~7hztN$K+S}3ZT0dfa;^yO3!;KxL{2zc=
z0WFw3kM2bq!>Y;zCB5S9fJVREL4$szy8^u!O_>4aGr1m$Ji_R<82Fl9m%<O<Gq`%)
zpj-wi)Ku!mp}hqd3lirz*cx<u-s7iJGeA^<(Hc8Aa?SK9eXW}VFB1VZyKijQv@bEd
zhkxWNaE9X#|K4<oscEm@=Kjb!Vyv{PX>Z_sSJ&yQN|8j!E{65y0XG*!exa(wOzI)@
zcq~M;YL#!FK<X=&O!;YBVE@^yAyAtE*wjU#_M`M3*KjLW18j>4iS)%gg_D+6q<Q=*
z3IvD-Cr^;Yw}?q6U}u{~MoI?-tw=(7^MtJ-RUu6Q{Wg3(Ra8vW)d%OP?5Yhr->yHZ
zJp#J?wiahM7UB{UC(T$l`8J}7GB$i1r_qjjqY6EygHI?<h@}XAL1z*cXr;_~ue+JH
zsrm;b7T<dHyavZEA*V(OqaS<px-utZ*PCX$%G8*qc0Bz_WUpS+)%z}QO=-bz?R8&z
zZw<{>J;+-qx)|S!n&=~)o*oaIlAV^A9)CbH(<+)>EMef8%14xIjhS~o^4cF7FdkEI
z8`yNh=mlEAVRZT9Ip8A8_8Yz?#;|VkH7IOQ$QmUCB*_SLoRA3dO;9SFT0@D_+=9HS
zj7Zc1yZ!E3ZzLM8|MIloimgv4)72$k=ho(GR+isu?Zc2$W>KY%dV`YV9I~1)bp$B{
zgLvS8-^9e0SEa}16a4LQ_2_23rN#2t`P<=!&t>bu!po5ClTZcS@9b8m=mxD5xRz&q
zA2+)_o#)f!^tWmQ-EB|qnuS>k{x6sv6+KHRKPcIm{*r$h90ueo2*^KA5Cj_AG-Tkb
zLd^^eh&TucHE8%>@*l7Q$&c`t{-B*bTz{#b5i+Hy^aT`z#1I7JZz+rr|5g2G=%4;W
z@IU*HDaC*Lj|N5%kXG`GBmPa%)G)jLH~emQFT{Z`V)V_8jSjE9!^11i8`59E8L@j=
z+}lo7oyB%vclX4S$Sbs$b-ycTy6!v1w)VQ6-?ZF(-E&&GV7iTIK74Wb@ql*|UvdU{
z^b}(2JO|k%eSNjx;<E9Tdx#daR9&vD2fau%1dYU}$EmCQ;4YHP5{VyZPtlw~^m2G2
z*}d+1w{w)uzqYo@%EyoU<9XJhqlmHYVuFg{*s}Ncy{KEOs0R6_5J888C0#-=mED)2
z4_u^{ZqN@8S7~_*@<KZDEP~e+&8|N;q6|4)3w4j&%SXd0T}FliTm}Ni^Z`YSkELNv
ziUPC#kEz|;OY2Zla7TIQtrO-XwR}|c6G2}v810~_Jcs5EJlp68e)55sm!U&OyK<vU
z)*myFboERhVbAoe*3^<hC;DsdMGnH;qR-&w?m*~N;=ynQ{)s50Hsa)Bd+Mv@<Accb
z5*RMh48_*5Vd%tF?BCzPW|rZK$9}39=sBWQ72p8Nqjm&0gvy1UmK}u8=~bk6bR@K*
z`EeB8*KI-pmD!sH>VAW}>!OV-Zw|T50EbViO{xAvn&KF9vUaqPx`(>uP*_wiM%+cu
z*=ftfCK=<4JdTc{Tv=|SdN!Xe7-t{#<(~RY84V?+Ch>rMa-f?1h%wC|Dw6XfldqQg
zt3S?yi}<LFl1CIk9UvEymbZz<wr8o6ftT}aem01yVX`ry*4^3c0Pq+QVE;x$=oYm?
z^=*$ay#D~ZF%}^T;SS+J@7UU*-L=W5Vw~s(444V+kw#0tnA})xy|Q4kcvabJ)02ZE
zJu0l8C|V(Hv(^48g|+=#4{x&L`KY_|bL*Ap?cnOu_mPO`?Y=YM{Z;VO?-jW@WO*yC
z&HJ_1KtLj{LCv6Fr?aEBrtMrR%X+taVdTPgU%)ST)hDy-lgn@0>97m!d<$)3>u_Yb
zCI9I5;Ota+eO~5SCOW(Ppgc5Lr1>dAwq*p?mteCMDnaDe4|WV>9>1oK+3bhxKS#XN
zZV#@m_xh)oS8WUHUU}v3-+XL!hpXGdd9wWRbXeqRK8!?ERM0VU?v+%f=7j{7_*n(4
zz%?&{bKAv~5jZ&xoV|xSD%Qv4=$yX?CXtuAL02cBkbufD>xDfGzbSazaQ()=Ta^Ht
zg7qFFy01qihWVZ#MBmoo9tP0Jz>qHgCXrx&P(8j`*@GUpu!Hw;+??Ig%;XXfVDV}6
z(WA7}GqM{rTR5Hn{?XglmA9)e$o1^Iym}`i#?T<EKp>t-Cg5vK%GNHX@k~}6YOlNz
z%brh*s6GawL1PTK8_=M8Ebi7RL-NCAu^E%!8&790i{(5cp`n5XERg{u5;Xd>f&rwU
z^FIXNDo3RzN2Ee6Ww%fgSfK)U#}LGD6CgPH+w}7yow~{B17(AMnmtR!6r++LL!a+W
z1#TV^H2TDK6d>i;vGSorytJ?rFi0q|+ps_m<wG&S$+q%Hw-JaVm__~SQOmZ|;T0+$
z1`yA^ZE?R~WuFxcP96_g+$1;4RDV>xy+qSFZ0LPXuD7NJWNiC-IKMw2Gb!~Xj*kKZ
zu&HVcDPyvQ97W9haW+<H-A+1uo+=vwDjOa$ZyVY-XMUyqE}=cn)_%rbp?o%ykOEVQ
zXM|FG@&$xzZPGS@G%bBMq+xkl#9UX<=~<6KD`<zu`KdcA^zh{itj@*u^5lp?hWI)8
z(xC7?bQBOlRwM%@-CQDOOP49+gEU{b1c~r}o@I~rArB>E=PhMMe_|zs!Gw*GM`Nw7
zjx1mWEI2OrPj9=l>}88y2>BoxZn(6VPUk(u^0|XzUwt^OcOvr%91_aW-`ebW`#nQK
z2&e*<l#pk@3dlv}J<Gxiim;7z0*Ixx3`i3L%9cSEknGDo+@?iq%WTmT6w9e9Xk6}d
zN<@o;0QY*Q>dfh+kvJB~waN;A$uIWb$v^xL`33%y{0rd!k{>M_sP#<O*^XXb`z3^e
z1pd=NhcP$FVg^}{a8gaU6;f2*L`7oV!j**vGxtajD&z;BRqmp3?h`wFR79DJ&>wCC
z4Z=%M8xA(ZDDuV%i&&N)Qt9)iN!<nH>PBsDT0fxW&alZjGGM+#DXu<|z8)9$XzHp8
z;^@DY+Ep6+zL%ET4)ZZ_ycl{>-szzI@n-ux{O&g%`v?(OEHfw9B}JQINR6&h7dqJL
z%N!Tbo7K&nC3rOX=;#&Dq%?sgGg6t$YZIO{$wYbE=Xm*x$#@S!gR#$uz}e<}2?LKf
zUYU55!kQ5_hp?85{Epc=ST;1T$i-O1Lc*&Ici&XyL)=ys!Yvn}{#Gf*ASA<EQR%VB
z1NDdJcuVzDNT|^JB3L4??A%3#B5k6p0ba@v*?63x`+7^ffUP-Kgi~}Y;w%vx?^CnA
zTw7wuc6U1Q=p@phBsh%=lY%4;X?YFnXQjE?MWY=v?^AkjoO6ja9mwL-33QRCkV9&A
zD8L$<T8|Az`4YB;&7LZOyEvIyB$y;E+M<^F0RPZSbHtOHGzg`s`d~fk+*rbQy@eZi
zM<_^1HDeu=LKStQpi@!hM2>}|{Py(ZE{^f?(VrD*FiPr7WTNGjko~1uZ7qmWW#%Q~
zX0-EVT^0J#5he53;kaf34Lp`#J#947Ky?C-T%&C8Zv<D5c-O9cP)m?crE(snnAAjL
zo1Ip8(TYh+0<gF7_VURAb2^~18c9EBthEy~$gR~AQhH^L*gY>R#GH&N*AGzF)2Ky<
z`_$N_#6{KUr3OWmZisF0&@~^N_6s7y;81)v0!6Zuzkcfxnk)H|Hzq6LfSiCNC$gof
z{$+FpCY_7Q7Pb7moErVl=F2>9W8z(GvqPj;9%BL}{CzyTI=Tjl^u4;TeDfKTfuR;n
zjmj5{%l@p|WFgdzW>d(o^|<oY6P9sv0GU6(8H|I5Rav8Jv-6f4;J(|GfE$*+70^ML
zS!`5k5y!9Wg;^O>5r|b5&;3R>E|`O<^B!-)_{zBpt;V9~Bo#*YF<LW}KU#>qLoO8U
za<Dn3%2ME`U;)!!^eD~F!nzbrjVSX0gMXS2%-ns1|1Lu*Jn!tCV63Emfv8|rV@sOk
z6mlDb9X29tLTqV_%v?nw<ql@*G)DMSetb91i0pe3WfIBYSTy~(`A#+!E(eXKc&5gh
z2g|u*fr*&PIyYDh_k}?CvR9A_UQs%eb15oS@^1q=Oexx06WFI73e!NF?tn}C_VvrA
z_KUwOi?(;<o%W_~L^yMMGZ$B9;AEA5-a44rAOh{Jh?$B1dB?}cq~_&l&ZJ~)`S-=y
z+}@R#6}VA_NyXg7!Ohv!+y%IcgoC~7-xUin$KP!N0!&(pCN}1#e}5@$2RxL8jTpH6
zJ?x*4>>R|v<$v~6a&|CPHFwozQWBG3QZx5-{hwV#{%0lnKPzc{Vql^2=4RH$A`YIq
zz(bjdIk-6(*;t9W*jX64S@nsTM1dy(JUtg;cJ_b%lBBbPo8!Od|IY^|RVFoOV|y3J
zzx6QnViHwl5;J$VHZ@m~6af~mW^CdD+(p&Z+0E4Tf9eV>OhDlO(Jp^W{<mEutiQRM
zJ2OdqGj=r>GdFcGGiQ=Bx3_e)BIf4g{(IEFt?HRsskv^yE`{L7`8(j3WNFE;%W?@d
z99Qb4MG%O+Eitkk(SqlBNn@d!O4~Kng&`x2c#N6toY682UkWQZ^5_o9@VvHiVflU&
zsl&E{rF!zlRx8CbpZ@-%Ve!w+&Wx!<w{!~ibjz!)`1+qNw=R6FVYqox=uU8kD$KN8
z@#%1~aGZpj9i*$CcPg#*gP!bu)3ATZFZJKaKk^Ux`TvvrtIhwCA5s7WL^Fw|PAgh6
zllf_n95pG=o4$nP=Y{9M2yUw2P{DNXWR7MY9A+xS61T6#pYd1+si$Q658PPB-otR!
zmL4~;<eL^p=Z3GprBwY8ILXwhzw-%tMae1I`j+5<<(AJtc%dkm1)g+;Dmo*}-hVmG
zm8$0mdRJVw+!0#@D`(G)FxnHD3Ql;-((o`Y@N%))4#iND&AGDP8RK;&rSZ?i)rONb
zKNl6Cj)qd!5v}}&(z?suB--E=pSjJ(K(3yz{@H1HUp32a@e5HxJ~3JgRYD!S)qBx%
z(2FieH|oX|g`k;K50+NUa5pV6ip+*RGSE?l?~J3hLx4(EagS%boOb)g8>^2fZc>I;
zJF!S$LN(G#xKQPHULL)~GD%CGz+=aTfGf*@7oxeDF6ReqykyVU-o8jAF57Lak#aNG
zYT11qLJ8q8WLp^vJfl;Hla`?$-QX4)E$XNXH2778bpEX~!FAyXpEO{3^eV+zy^imA
z!em>)js)O`N<4<-M@|yj;`hQlN3e(X7csB*pTcwaT+V^$IoQ4UB=}VBxkcuB0f<Wt
z4Vg0a4vfFG%wp2vQ!{T{zQO@-*fP^x$0;LzweP*Xv&pC+NZlu;A|lk5E^^u5yMJDU
zH1?kohfA;Yx^rkM)r;>91j+w!#-rcbw58T54A%b$M5bKX9a!a<M!wc-Q&7?eAwmCI
zMF?^;rh_Z)w+iRAhkN%flu<(6<J9b>)t_!L>7M+GAZuO1;|RtLzXu~}*|_S(VVt=N
zo;p_up2Mmpr)eNhA$*|3wq9K8`NKr8Gb5m}e$BFlpY<0^8Aqm3H4bKT6XRXB=f?#v
z1R<n)q(>x^@KKnO_k?3V^_8wybZV46?w|axyD}Zxe47f)4R?et8vd|;k`6)b%G>_x
z<iGY&l{BiTZRTY?Z?Z8O_$yz(0*wX;c!D6$da{E)GOBTx`Jkz|%<CMAT#{+a`zUk~
zhKh-7ZNv>fqcy))IY8;J7L2YPFcbZ*fwDWUQIWOTO~pp}kRTQhL4QM3%tK_oNaY7h
zQtVdC4d}gx_09-m@9h-9UA1<R5&rIX?i`28B`57hkhYjb2#uFT_{db*Rjcs-nZ19(
z_%CDrVekL4lu6ai#Pu(W|3N5|rnMOmH7u;`EKE}7)|OVTK<uyqA^6R~S=G_l)cpTO
z8<U8&tBaDkv#5ieql5ilf^#wbFTBJ=)&3V<(m;4RJ39P@88Hxm=1i*c#xAzR>|g(3
z>HmU_m6_!$>pw*Nmu;UbpT9xA$Vf;_fPjL6f*1jRKt9(&L_uJnprD~3VW6R*VPRq5
z5YQ13;NcN)P|=Xl32=!B32^c8iOCtMh)L<m@bRfRY3P|**xA{MsJQvLSos*)*jfJ;
z0tyQY3$)?IMnuGBCBY|Q{r~y#*#m+C13n3{3JyvN0)_$#jsp5Q073);0tyK{+rKCL
zzYkC_a0o~!Xc$;Hc;F6=UqHY>!NI{Gz#$<afKoT0e!%S@5GatSBrL*EXv)UWq)zCp
zLGgJoWFob_7%H>Z<ZLF+!LV?cSlBqY6qHodG_>p-UpcwBc|^s;B_yS!WmMJFHGuPn
zbWF{Fu}3Rw8y8nMcMnf5@9!a@Vc`*xKN1p?l2cNDrKRT=01AtWOG?Y?>KhuHnp;}i
z`uYb3hlWQ+$L8i27MGS+R@ZiR_x2ACkB(1HZ*KqG-9J1&J-_^|7bpn$|5WS$)a?IN
zFBD+C{*qtrzmtFTAM*44C;7K+|0TaQB?t%@1Ozw)^xxJ21@izt!BK#LG8QOQVP$Az
zCp1#lAQ*I!_`KR)STZ)1YYY?TSvX8`_8p3wzYX+H`}}{`Ji-5ewa@=)p8vab)<6)z
zL4p4Q;3y!1Aj8*1dEZ|67`!ae=W1SGB{>>hN>4OK)9CZ`?(ih!oxAXpjb=!aUuX}T
zT-U`?mUPc@3BAyh5og7Hl=Gkxn<}11cWs6gw`N)KDkX+q6|!}8u@_3XObUW&;qg`g
zH9?0`=^|;SHO|(xw1`OZxnSy%!<81ROfTqym&+2kC_iUiIf_+OoezE33K~R96!*1P
zEB=`BqJVOh=<Gto7udQYh1)Wvj&L+y_s%il4(SJfhYwW5;i$~r++JJtJW^SxH0FGm
z!wiwe-Vx&UEHuP8FWMXTLmG4S+VjcuSgZU5IocGw+WrL5Nxab5%!_&_oAibbiYcu;
z`HI_B>H$%+(KT;}QTH49A=XCB)0Kg4ux@o-$YAbSgW(hpWKVFa-t(zwnX!90UKU|n
zHSkrx`Ryk5q^`Mx1E6zObSoX)?_i0OprO?|-00e@tgZVdeXFU!Xitx^xD&<Nx4-9v
zVJh9ZP{GupXw3iKxV=jMwgQk!c69Xo=2mfPT8-?aos7>>c*QoMs#4S9g}X*!1&)Ga
z^-Q*v^H6R-Gvpt?tbctfi+L@#Rx#`Kl9>v5iHiN5m(d&Yoc1u$&DPFtk3eEv{uZ*s
zmY#W2f|JgUs<_Z_ImtfLP3&FgrO2_{rs)$T8}<{#|M*qC*~(N<>W}_a$UUCyG?Z|a
z{`z~lQo7vcpdE|_S<U*2N$%Vg@%$U-ZnVfyuQBsxbt1-usW*63F!EBy@Sx%5ia^C{
zrsCQ~_fb@Ud~hRs#GUSlgV_S3Ndxn68?h--hd}b`q;(<FfL)y^*u;xbI?NPUL$}P}
zb=xWD+*7_Gs+LHq@@fw4*C@pD@4?Xbr70XT$jQ3G75v#1d%4}s=_n-4!Z|ONpCC(B
zKgF+~m-h^76^ow-(DuJ_2J-H<b%UR%%IBXHE4TbOT{{GWkOsRDj@`9yt@7EaN_EcW
zUvPjds7$i3GR=5WKw?REz%9gaK3?9X2(Q;%&FtUQ0sIj$4QWtN?owV*ekgZ%KEQgv
zrOh~Tv0ghEJ7b=<hFDf%Hfc3UJMC&n|7lHnLN>=p)$)^wS1v<JU~yFeV2<6qFr;K%
zpI1L;@G9QAXcV)tzTUK~QsC}a_6hPvs=50zHJjI@%{cFCR?>q#&0)Lqv)?hjFmwq4
zjD-cd3&~cuPk=PsplRufk_1qbpv^Gle`*TipWJVVp^_ynPGRPt5JiE$I=nSlpmprQ
ziK;KOmWlRDzATr!cSzj4a<f*+Hw5QCri}s7?(zetzeL&re)?+-pq+X%_@lAC#Kuwa
z#@v_J3!_3u&XK+h475$o%tef)ilLM)M$2`szP87&Y`udewhV4&mbh{8zFnR_o=kh&
z{sw!ujR;e31+SAIPog8i%0Z-|OGrE!_O*b(R#7Eb%U6A8Jfu~uzNHP4KAl3EbZ@P4
zFMkhU=aW!#!LQwKOJp|pCh1p5Z?(JlaAnmqjiGs=@%~%*KK2u&QvWfs3aTK_vr0QJ
zP~O<P)PY(F8;K|T-By7gBd33P)~0^gTRt+4z*t?J>%70Tq&QXvKFx;PxS9dyFh$YM
zBLLVD3sJ@^)x;Jl&i!BPy#-X2+t=v55fuahK^g%CB&4MqML<BLyF{8zce+6Yq)R|R
zx@*%7f^>IxNVha>Huu4EJnFd~|Kq#wc<+0^F%DyF-SIpt=A7%d)?90@XF(m}#(Nsz
zlwqR6K<G@NxnZ*-)I(;3!NwHh(~a~7lOPBgMYqn?1>gAjmvrV3{xEFW>4zeW?`I3C
zcIJbiWwPw57;CG->zCx$`91mDzmlKlXYwzSej|TGCkT|;0EiRrD0~5O@#P;fy#Vnh
zU4T9c>onI^X~N_VM>2J-l!t&;2m9g&Kf(TfZTp1CIGx+Szx*qMf9>Gkw&3FXuMGb0
z$>5Uw2EQkN$5--m|4jb1fp6r;HUxqG(Aa=h(ez}C`C>Eq-H7@?*R1VB_K*t@KlAYO
zXgjUU3y|*cNX!8&n=;wn27O&$^gJL1(&KNdxHUfTTsL$Yd5FmCaRQvpzUvgO5TC=o
zLQc9VYfP(qqiU^f(`EuS#x`zgoQveSwHx!M97M-RU~jfIobbh7Vu=Um9`dumF}78X
zO+AB~5fR*7`BlZG^oQp363j9mqU%$Y<;2&mpUS=4)_2V8D=ti-k0!S>v0)RZeUF2}
zYl$nX#Dm1v>);{lcu-~9M@C?>5K`)ICCaOGr{UpK$T(XrjfkDmZR+B2lfl1wuQs#U
zFM+K|lMbYJbEb;l=paoh_80oyr<dICEAF9x7U4r45<0s69NydyS#A<|(A&?3nQm-1
zLXZ4`2GlHK9lekCxJR;&9$GCO?NU@0USoPiH=E?M(tYFJ)M`nZfpE#FMSDWUcx((h
z+_pP!IS~EfI87HILk?iH4L`vdBbL=r9bY<B#zkaT7OBDG%XV+l)6_x@^z2tlGh8`5
zVp-WqA9wTgruALdsg!?9DFSLytuWuomaQoBweh$DEay?wt***mfa+6*Aj^IipqT-=
z=eeAWKCa96)rrMJ&G)&8S{bxo&kEV$QeG=vNF{W-ovs$vHp&I9g5!{6HowpbY*wx2
zCkAIFDvp7OL2RiH29s$k7^{czokA3iFF@q};|uSn7R)-+ugXiJb@(98sB=WYiyo4G
za6TQez5t<YYh8fiZGZtn#s$dJKJNn5Qwf<-$SJ^gG^a4k98#mSnCE$)gsC>8UgvTA
zGB_gx-of7@QeCcnujBRdGJpDTRnM`K6EMs?OFuslh0%67!(9j9r>UFyUDGQr;Z-be
zpHv6RJut?TxTlfY=*_v`lPVHXMD<>A%cB1Rl=EVl@!$Zu4aZrk0c>>j0^}+K6lzcN
zTcHj|HCMQ3?F=xmS=8>TsYT`X<UChm<yDeJ!qS@Lc+Y%~;g#j~x<<=i87Kdcl=QlG
zygY+=O;n@kox>H};WcN->E}gjNe44sB^5?9e6Ehgo^DsETzi3?JhttVBdN2spkt-z
zqpx)l%Jp)Uwo=&W#@pB<7`Cg7O_T8qu9!?79f)GQQ{eh|F{*i3=UxYf(B?nnF0+|G
z)q4Vz{bqqi%Pn6tkv04lVKHRvjL7^?pBpkYMBaRU6CCIYE(Zkfm<PF(yF8@6dZhN!
zHO$f+L7hUPH|v~(Wqa#^V=AC1J0HQgEd#8(w}`PZ>Z`Q=D(H8iX9rSY;OJ3Eq$_Mi
zHQ~IYMNSJPYq;7x+Pa^ST;lM;P&-;Vyxi1ZWINYh>lZZ^n`hcqqF{TTwF1<+9~t**
zdH6lKa*>?J%OfPkNn@}D*02tW7Pu-4)=ca#MJ6#Zm*<@DIeYAb7{`Xvt5lo0=Zk3f
zc%(AYcsU+UqWa{SQG~x*FA7y!0ayI8(tM>vm8AE9N)rz2tKdMF^@5j#87!6uPY2?7
znjhg0LK|P`ym+@j@*cYUgPMP`m`rDNMw>e&RV;6C3-#$oSUCO8mGvp82KqmkE*a^D
zLzfMLwcD)sFof1MdVXm%a)+a4D_jo_4X_GKrISl|^z7n)AuFYWN`X$FLj|5Yn(gdL
zMnBo?4^@MgiJk;IKZp%v)FYxT{^5te6n#m4*WZ)B^DFteekT8p_c!t@`+z`M{Qohd
ze=qs90{)fDzjFDjHU4W1{~E*pEn~POzx(gW-}ROJoIjKQkmnounIu4<ABGJ7_5r`_
zVgCo(H22KsDxnQ<W}k~RE2>1uc@)}ut36}X#CU4hTyyp8OKe4A^fdz*Ed=Y7YFT{<
zEE78rTC~T&x<+O5mW}bPy;E8YpYO5p_-JR9%OW|=w)$e54){t%2YSg6q`rKY@k}80
z0gPi8WZEwRb+%UNkHt4kJr3s_jL603cKuX_+wUGmbRBWzdI^+QLC+K_m96SvC9p}O
zLwo2!DM+D{`ur7<!`s^hI7$Po-_qk6OlC8<fAmI2mWMp{OfxZK#<f;1T(_LI=s}gB
zOz+E#tgT7F2^)pfm+ju0^=uhV)$&&Tl5yp7tlA&$#553f`++S<DQDNa5p_z}CcBxx
z22CL!iNT%7?5iH|AyYa9+}zH$@>zBd_g$rpoIc>?Ug;)V?lAL8E7>irMe=2|^?4gN
zuD$3-c~-@PQUnaEW*R-*u+b;`zP_#9fZMjo+C1QC%c~w{&c@LVG@O*M7%6JQs;9KG
z^>Mn(=V@88#=(y;Y)Y<F6OErlhmGfQMe33IHtgQGH*8m`J1u3kI5f1^(tp4-dEAzE
zJ(lN_h5C4_tn#M9yTk5lj<d(^^Sl`QC4fT&t{S-jeHPR@-P8I^+afweD!#YU#JUye
z+i#RjEC8d!zyzG7dBA4_WLURL3WGDA?@9IBbRf=U9NgIV%N4ONH}tI=9Y=D?yY@!H
zHgytWP>d-FS)3Q?78I}nP7sM8_TOgsT)UIcD|!JE0K7jJpq8kJjgY;=+M_Oo%04I?
zDVDMH7=>X-cLSYWR*-mGRdICl;^r2fiQk}{jK>NU4K!UV>3Bl3W_Xj{pz=BmDHz0~
zluVF%HHhs3#JwAj25Id`zW|M>9<ractg8?8ODa$MnHmdp$H1Lxm&KMlE<k)*dr*u<
z!r`nqR#&nSt-^kK*)D?_E4S^JPB%v$alED5=c8<QmEBP<PC%f$5zl#=v7aLuFu>XX
zSFK$Zjc0@%K)S2f8=^Nn>aDc+lXh>EMEFpIbA+arKeNl_k$UUoI^(m=DyQQVaMce>
zY!M4TuBzr5$WGIxc5etMBku`hIU8<EfX|r}jODlo=~05M>@5L{LwP5|NIq;lxn#6F
z<-UG0OlrZR3cNR8v1us`Lv@CyyNC6BiNGQi6;@THnWQu@8ux*dKkr`rdiMyYi<D0K
zu~UO|O}TSWaWerSHQdOxesK3VT`Y2A!ho|PAmy<rh*ABN5Hz{>$31=D1Y$SPta^W+
zsl%M7uuEWU&~zD6zMnhKWMOzkieKww?E(}_@@M%23#&!5FF@Lc)>?0-XWs}P=yPHt
z6fH}B6>M@(<fWX|BmCHFadXi==4FjdvbI%UlHc?9<nR7UevY5Xf42RN{4tdv(0BqW
zh2{tQZ14gxPD$QI2y47y_tXTx<aA7pA!5?sYLwA)-B<9NzLWn@zqG_%uN(U2RfKo~
zf-LHGk*@Q(rni+#DqhpGi=Iy<Q>qMbcCWp#|5npKH5HWW@VZ0rDai=~$}<Z>>W*s{
zAm?5MSEZ(L5r4X_!BCC~@`r+Ck`wQ2SrK|2zW{CIQlo$Bgb3>Lc)-S)o_&jxs>=6N
zFiYpLUEl>Ms02Lb5F<IraIfr5cbFuiI++B4;%JQ+aR#FKA0qtI&?-8D2v$nRB_q-)
z3S+=ygq$d85=?8%!ZZHGeneoS^fN&`+6w6>5?QDD8`Ox&e-lF1;a-!iIdLN$2@RfA
z{?-F=P}sNBIWEmO87ibc!shJidOc3sC_)!ah&HU}8Ob2R*va3j!Iyp9Alhe^Tv}~Z
zy?PH1C8VY5^Fekf*v=?1K#zAUr`?N0*6bxlLIRo$YfDPrN&la6Sohw2UW1!D>kdg(
z7x&l<P86^mSz44zweiU_>R&xl>Y%x$idBS*e>Y><7c}&@(nCd#=1Dx$J&pR$I&{$~
zfJ1AL(%DiokK>>9o6-Xho>No{#~>7m`H;Eo`@b1<R)kWpF|H+G9>=-_ikU0l&Ddt<
zYcmWi55jWrQ1EDM5ihCr7B73+aGqr|S$KQgji;91{3nZ_XA>Y2@M1OPH&wh|U0(TK
zgk)3?1>#IzTVm2NAIndV#^!;xT4Fzn{n(|>Rs0Yeq2|w4mE7}{I_mmmyBLyv1L7g{
zTMUVVqzDU-?eY%zhmv*j8ZyAXAsXC*!y>b)9k|0F(vMQ+sUVy0tf;+YMLVS4F-0uh
z7%!q=N{ToX_hkVw)D>Y{-W28v&T(*}UAHSA(A^`$V$H{@Wo{ng+gleT?)d{$L4UU1
z7wej|{rg1WWmS8hW4&C;$r<XL-Nmww^CbF`ik*x2*Gn*N$~3FAo=RT_W}?0_?%S<G
zL_ROYux}9yfke<Ta=8I$eKU@<uiP1Yc-=5o=LJ;WQ)l#$ZP{C9S0mEL+=LM(W=v0~
z9XKzFJK2hV-nab>Lu@aN>KqKWaU8g$-g?-_-TM(mv*%_D&q56sUk~}9R}rIga;8rl
z2X+YWqy_LNQ}j!)W!({}n(F4_Oh8Zn!*&IuUs~LUbmud=sH7+xu~&W=;3}yM7R3~9
zqhIxH+2wefdm!NLl$MyPE<x}%gFXQ2ZPC;3#sm4AR+sk~Z?8u8<C~@gOPZq;Cn=0u
z2C7ZUq#jp29cJSg$XN`Yq^X;JuXF*jIZ8nH_||T|il)K=W}ncOL3BUDob}lYI-L`t
zz_DDM-RmF56}nTGF-=W63nTFF23AX7ul-q;O0RV*N`2?ao>?W>QuXd<QUiARr?LHM
zm#Gl6#in<`t4Fk8n^DZp^>W5J_3L5trpE2yj-FfVmJ)h;4#R2FM3A_bNHT&XQQu6h
z`~3$;pa*&A5F`=yguCv&AM;?y9^z_{mT}u4uY^Ia1G#Ed|57*!k^WgnLGK~wrXVpS
z_A3Ow>DkI}K2|`emsKXCjWrUFy`V71sAeYcIc;h{V+e)YrT(4v1aJSP{67FUX!99V
zj+DsiW*`4&Vt-V}qVyH3)`r%tOY-Obp8P#u$<O{1`8^SmzmfmNI0)3{nyD%b(c|qK
zZ{9$-C)&~CG~nH&ILwdRe?YGin_lIvo<dXcJ}w1A{DsZDQIMF{UdlHB<IM+Xn6u_y
z-;=Dc^>uwtasT-Z;=$p73sAs553%vWvuG91#)rtC8zB#F4^X;sOZ~04dwZ)L|IX`&
z7$x*~DgK71jFp5Ne{>Nxe+p%d`%<5O>n?r2Gxw|QBqzE3o6^5>`Y%|){3}WcTGf?|
zerCChreG<g=!k^laCq{Q3sAnlR(E;=S`7sL1Q?~{vB4i#+qm}a=e^jyodUraY+du%
z0C(K6!<nClcNkv(f*wDEGbW^OtpuD8Rnnb_^oBmyX0Rr3VUwO5KX@)UkSk+E(TA?s
z!R#{-v{kmr)@s>`RB@EU>7rq4j?#o)wb<-|l1*KQBcdTYY^17UKIeF6@qOz<Nh2NF
z*yiwg9$Hg574(&S&8{U;){rfb-F&`_uoD}av4p!-<lQWHGRiv32^{b9L_NS82!_nO
z4BA9xJb`(@&#?Q&CW%ayr*=kQ{*{n(+dLfshjVaaHCLuG)!Pk%?cAX!AHwc}l=6t}
zMJAsPZ2-$LJ+@F2(Z+xklWvSAN@SQlL&B+DRJNcgE+S4-d!o;$We?R#&)n`*^91AZ
z`>8p3>04-ecifW9@X7gy5-km8!5!Y^6@<J+Pp!84Zx$RaK}V+@3?$0V_&g6|OwsL4
z0$*Hr1tVIAmhO}Sz7n#Do$Pp$Cb6z2t9H5akpWvN{Xs5Ei)#1*G`h@=Fv_2|s{Z|B
ze*@xm^D}#q3s6E$&^ZwMCQxQ$eu_E@xKIZPsLKQkA;Qw|slM73Mx6@~WH@MZiU|Jt
zP~hm?2m#~maJwn4GkE>|3l-6=&TecLbU~;@gN%fI(prbBvjIbyquJqZ6ZV`R1HbAT
z8)^`$abJp4z;u+&TdQn}EI~Ha?wL=jw(XN+>>=jd=VMsX$md4x-C#}h!EIiSxspIG
z!tG}s9TC$6b}Y9?&}1f$S!81BD_v7P!^WPM-J}Xsu`g_HS>nmA`egwP5yOH$DdE22
zF0Cm=JfnC*_$V$kqmC20^C1*0@JEd=$zSk$^7novKikjbM^gGm{uWOV=ofN3@SHyb
zOKe_|;K?4PCm7SDjH-X#Zgoxbhk|CV-9A=Qd?G2bE>Wr6EiLgNHqDJo^1*6}7NL=9
zX^PE+SdNZi^wTYc=w<RNA-puXeuD#OIXcfJg*InQr}jv!%W!&y(;d(WWR=52#BOaV
zV%_vuA1;NI*#Iku%zmV2@L~klz$L2T&<u##%FI4q!3C&xUG#7Z=vN*&U;gY?<j{Nn
z-37=f>YjUWa_cg}Bm8wuNXj}#CAQ^C=@GZ?Ff%_{HOB+?H0ywpF%4r)l8>d%;2P2A
z(MWR(j_<s3;y3cVFF<=OK&!6xfEl^_ESREd?4oVtrV}u*w&fOJgzz_E1f~xXddqvr
z4U|BxjZciVSZ91nZw)}?xa!`+Hu))gg}s;JmT|O;MKgO6U56*h>*&*T@6Q#1z&Qb2
z>2ERbc<D_h95jKf3LUf*%XTzlO|R0@pF<N5mptqcmU*ld**JM6Y;#qPU(bj=sRVP;
z>z6*nm@<RY9YN#&$*R#Gx73d(8OC9jl$Q!o#yjk3KsP+)KDZiv<k|^8%$>&`GNoUx
z@=5qYGJT^uIY@m(=e#Nz(yQ452V&GnCn`D4uWdlKPkRv($6dW26%>CVoN0T@7}`~y
zUck3@{!gt1GP0_vdwM-6D?of(aTiolTVY*^oCgvLstVCK`mU7{|5I}}-H;TAeMLJi
z{f9ThP6iMK#QSYgr!>)I=c)DH7-1L|(t2GxLG{?r8aReDN+07r8K9SGJlvWA`_kAI
z(NN(VZxpZY+mxwEK3wW)^LHtDboZXH#vVB^63#s7MT${&5K#4~D~nbWd^JLu5y_n0
zR{p+0H`LWA`k=TnGN87=CNn~Us4!I1(SVFB_R;A`nqvmK%V5vhkm7KQWI=?H>D@9f
zmB3XEP6k&=Jj9S)zC0hwVN-e&R)wlwQxF+5wa`6cmJOPZ>^n8^66-W$#fbhQwYry~
z{Wq!$StjgD>@`gwdqcn+6>lpLbDQ<bM*U_ysxmQSgJOh!-{wunP7KN~6?_vlCUP#9
z7bLy1aSQ?I`2@BKTASyU%TB0qP@EATx;s(U9&M}WQ?<-C?xTZ5CJ$RDGr#Gezhoch
z`k+}%eal|EgH#pt*>oRV6@Nu-%;<=HWMsH(-SKl1^*uqZ8*xMCjl-JMyV!OQ{Rm8@
zvva$0@DNm_^rt4BmDJK#okW5u2u*WK@}iDlP!3n)?HFLAG_V>STemj>xw#&}kFo>9
z9M7o?jC2~IH`Cho-(gX+D^<;%@taVu85o|r-`|OW4x4{=KGR$Yc_?tQ79UHZds%O8
z2Bd3q=ZGp^%L<AGrYutBr49?FMlPSKJ%Bag3s51inB#1f7Di7>3cWTjC0BKw%c5c%
z|D;mF$)yzJFT(=%02s#sVI!_G7F_h=J!<{c+SX7bZewFHdn}RNB2VT`VxJ6{LE4&A
zF|L$ea&crm?|C96vg!K+lKCpquZ1}pBKcDb3|9$l>~F1>?oNF?^Yp(#G&r9#@V^Uw
z7A84IETlekkV$@Wx1z*T+hUY%#Yz-VCQzw90q(E51XP8vT#4toy;)3pOYl^qsbq6A
z?_C~WPt;P}j5x3G?78^avz`6?Cb~#M+l1F@4tifkKUnW6B{~9h`m<_(*y%tyi9znD
zWQv1m18(r@=Cyj`gw&iu^ZP;B&O;}>EII1Oa*Z+_#v#UpDeDg=uAj(VwT#}P^6g$}
zHp3-&Ci#)Cg-31BdGMo&?s6BPG(Y!FN)H=e1xp(;<&DL@;Y;$D{GR-MU&+t<Gx^a_
zzmY#2IMcDmDlSw9$+vB1+1obT)j&k;?CIvlzUe&IP@x&iy2f@CDQsV=JLnJP;~~14
z-&pf*C}Zz1i3f+N;d#V8Q!Dy#{vaY3Oqsoq-e=Pmq498DIBvaz3p0EzeO)v9zW<#Q
zU>?g=iHO8wUX8XY%BD+8q$JQ0HJBc*(__6ZT(=Q|MWMWa{{%ta2|+^U$(gpl1gj~v
zG_iXfRR#712*`OQKKAYnhI=JKe2tmd)K=ZgpjT{5`72IgUF-#E_e)^G#-Wo!C{Iz^
zbC}yUz<msfMVFK>@iHXcZeG5Z8G);67Kz{?<%Mb}HYv-0-POpw1>?q=)NG6&hl1Kk
z-p8rW%Wl@OQK@CUw%Ij|jU!4Cmg6(V5%u_+3WW%oAI?Usmw=g6zT11rok4J?^kw0?
zIbPvJ<48h=08_nG){(>EY|`=M80|7`{~$|^w0Po1RoiNNsgHBgmzJ3R-O~R|CIvB5
zD96A#IIB9;8O7ia35SdmV1`Vyi{QVI0{l%=aEgQLJ_Hl((Y}u@QI${JuxPl%i=fE3
z!A+$GJf|Kn7#EvgOs35Qgi?9a0JZ!Gp(Z<*A9E*>i<`~+d{5O*G5S@E34M;v>uHb`
zx&N$wY~6y+PSeUxsgDjgy{2fw7;Me@u%jm2x@~H@ka43#Qm2WZX`pzWbMf{3(*0;V
zP9}c?vKrB@%le)l$Oz+nxGl;07(3$SO=x-~c}3DJKQb&vS-bn0WtPDRBF=q|OUY0z
zi~doWVDzMzA4NvBEcov?e;Lrf()e$(jXP3}c?X14=WkxZZTXarL)(W>DTmPlMCfME
zhI|pC;<$EPtKk@t>M;r*_pV}Mm+T4HAhk0GiLdMI1bOx&Bf-ckoo{0?Q}T;FK$F>R
zfrT~$-ko9XduXh{&;+pBfqwzo$9#5^YUjv9$F$I}@-fp!9pdw#22ITOw{bmETah$;
z(X7g@Ol(HK8^LX3@k=9$&u>yJ9!eY7N-ghyCyd>WDAHSWGjKkVy%ZBju%2cPa*DgZ
zeRd=YBa6ek0416~2gaec?eTc)4|19%An(kmd&BAYiZq6Dn&-Q3w0;U@`s`{nc}f1R
z-;=-pEBRS|CO=l~H}Y!-0%tlx{>;?+GE<xQ9iL+@xM!CD{5Z43)%tmF?y#!}ga+7X
zq|q3kkhy<$rlHu+Q$_P6zwPMh`iYDM4Wyn5C_f(S1?X%(==ceY@dEUCDIQpEQmnXY
zdsSNAJro&R{pL@<$N)ZFyypdIMSb7`wCy`GKH7~=LtRcF@ICWnIHmyV1*o?ISYMjK
z$rZ*!r26q2>>qP2$w->j1?2co<tPF2kN>e`f6IS3$<ICP=OPKr-QKA^M~#M@@2U>U
zSUiM${|qSU)uocGrGW7Zt*S4>b*Ue}p}qjUk*WtwgaHWKI%)#T2-mg!{1xf<TIL%6
zpVvBPExIPq&*(7ru_d-j-2z3tw&Va?4UcjWxQgaT(EDaLyXon2D&7^0-_(2r<vG)h
z*4CWHVI2szWTGS8ecw^_D5=LcnyJe%e<RUSbe8c<<IDUF%}Q=mXSg>Dwo#4BSkV5c
zmY-CvkjtV_IBYV!Rd3FIyV>$Je{zXBv0*uh3YCXVfW&-ib3Cd<s#<PPlpi}ySoF#T
zXigsZXP+5Z3_Cg=#Et)=Vph9BbPg^{Ko@}HJO?(}2$2Bcq>up8oh%#3DgFWE3<l0m
za^t)J9V>7PoZob+J%<BJr<r|#ndtyaf!n*#dSB4O&j|xRqND?zdSVbT^IY3pMV#K-
zR}8G!E!6&){jaZ*Mk4<C?x61(vyI9K-hsd##FE0j__P3Ti%{Ul1V^-mL6#Sw?<F?`
zV)x{d0dsEw21zpu8lKn)Er9rcC_E5&`a`Adu%(em|KH6$$oM}A8ig7WP~net7X49L
z8`S@;YX1Lw?w926`#t#wzLNj)xo@bz>t-D%LQRY(zV$cq>p22DpTFDd|L2DCKP*9w
z^t1FYNwbzS|J;NEo8haljM14Xfp9!TU=jGAZOtxzE51F{&;7sD;t=9qN9sUq;PUF|
zJU=znpZG*hEc_o^_RGI9tmjx^9Pb>BFdlwY$zb#x&EYU)Zf;(~K+`!^7LH(Qzt|is
z=60PL5ul-`Mk1uQ5AddEg-Lg^iy2P|*#uz7IX8GQk{>T|xyU&a<taEPAj4RI_<=Vp
zLIC$lw=Y0fMqq}BiT`vr)ER!O3j^*oQ42%W+D-oPLjt-t9LEmm$Av_IUfLZyekXhX
z&H@}OR!ZPtR|RpdD+&}~uXxx0HRZa@apWVv1}${P)Z*&Oh`Fs>H<nx~(cfQp;}Dor
zGSu2<HHI8x0tnbdg?j}^0cD~^<0l<M<=mniIe0qQ4BZ%*y&0tH_q*I7_0Znh6~jS*
zt7H}1$3m<Er$lDJ2YN_z&`+P-xJkc@RQAW)@)LI`!z|A3?y|vp{5JzXGq=ns-kuwJ
zA0l-)o%2fjQ)Dg(oL8TVGx+d0O!0*iCLiNZ(0YbB?)e%Am5>_r3j6(k1z`T9;{Uw>
zO$NdaesAvhhyT^S^gkhj$@PC4@)#T=FoL-Y(9H{wfksc}TI9w^NRD)MwOP;Ab6Pnp
zh$G~I-@MXkz-@RvGlaW95RcdV0z^?zyFSjiM4K*kV0QsJXcjoXs>HkiIk^waMr-y#
zm^HXBK-py%ASg31@E~*Jtx_s~8n2*eaiikZjYH^CPb03XlJ|aU=+@OKlWOFn4`=fg
zVzmYHgSI$B^h4?3&~}X*?QoozXlla6ejOz=D9gpbq%?QT*jw-B(}Rdh@~{4${6k;K
z&-63-NvOV&pFs}<%Aivn7NTtqy@B#XkYH6KB8XRskUpk<?%k8@khN=87odr8qq*gq
z=~*XK@%?2kj5o@9lOKB`ghVNg#?ho(Fqfp4dC&7lG9<|>p9j2-;-3xUhuP#HRmXLF
znr5sX&^NqyW_%th567Xp>bp`cmh2Fu8uyeuNHj(g?S1GX@YrUuthTv$%$Z~T?Z?%w
z4^UMwpOB3`9Tzf)H<2SC^=3ouFqM)oA`DxTZb|n`2@l*X)Y%%=aytmRW&Db~BpP`1
zqeQ@r;qA^;`NPo~VJGycq}6fW`*fz{Zz|pIY0YykC6(?>2N(b#G*VNhP^zHnl65{<
zNCi1gDxEeermLI2w3o?^VK$R$%P(ct%%dnEZ@pO%#JIia-Epv=B{1rwHTJRVkQx>w
zut~(@SYz*MEXG<z5WSmHcGFx?%_Horj$8U#2!-BjpIb#}pX{wfGY-=gbO$!cE4&u9
zuNc1kqT_NtxS!4HMxEpf`rT`x`f0D|LM*z55b4-F9s#8CeosfVM@z8s8vl)9qUTl2
zy!SPAj2(iP6I+be^Y$m`6$dA@CQ^3d#7l(1iK}+1&ZBB7EyO7v7<ke%sxK@ehes5-
z?Y&HFdN8LX&l7F3>ALQ|^e~v3FDYKP8~8|}spg|s8Hz^y$_S(9UXRmE@lLnT3v%2_
z7t6P)d&!@u!27M)_3dM}NVT^zs%$WeYuZnxk*=j5mubedj12cXygF(-<AtoGJv#G`
z(-lx1+LiGVz<01x>*udal47cz!hmr>Q|UGrY9mg_u58I;wlUht^vXMV#pq>?$Ecmz
z#38ncB%p)qMW}W;eC`*uj1oTi;(OjddQza_u&$89ddA1lXKG?PjEt8=uR?5y*u_Tw
zc=_3Jo~5ms?^-luTRu>Hxva)^_qbNrAv}7n?`@kL!F+{tz{3fJ;~G{a4i>d6qcacT
z!4F5!NH``MIsEm=OfWD`rXy?Ar0z?LB9o|%?Z(C?rz~0TVLNB%qf*4Rl%m*uNh9-_
zl<9tUABK5C3iE@sOr8lN``aQGYt@8hGLw%Z+53g=wsX%8c5&cF%sU(Ee~h^!EHt&|
z--P2M)I!cHa~_Knr5_I-a<6>Xi2iEnx|M5IQAv|maO8k7_nQK|(M)uHnf~HpzW`y@
zs>q5^GcB9z>bR)B^Y2zaed*>t{jeqDS0p@hEHnUr4Upq#%3z(4$I#Bl5k1kC_J#tA
z_}JCkzFkAMeBv}%i(8ER&E$woxA-AWg~OpemIj9bkJrGC@1Ev&Ix!t&rgJK4RR(@c
z#7*BxHatj4^4)(PLJ*E!bcgzLm_jZaEzh!U>3beVnf`c3^TR4G(<7WcJObkEHz8&=
zXT1Su+2yYm&;x1QR}`MD4PV*Y@S1bE0Br%BTaT~Um6#kurteK1xGCO}<UB-7CFLrz
zs>tN>_5*KdT+Sf!Rz|`X!xW}0r-*EWlnD?5$O0}W`B?DJN9^1HzWDY>@aLNgIPh>C
z;Qh7B&%lFr{{F`dvH-riyaMU#Pm+ILa0B@N0{Hv$<6r+d9u*-Elx1dn<T`5k_MbJ9
z(8smka>*9{w4b{ot3ai{&yvmmbc(2Jm!b8kA|Lm>Fnos(tn_?0EiB_<^OotN*%g7~
z5sqY-!0YvAYCdMmViQS+q^fO$#o$=V6BFobv1&bHKECz5(Yd8bvIDO3R70qdi4$Gr
zdD42m5i?VSqkO>wD{RFQ$4Jll0AAtrLUI~1K?z&VJV~hd{ty>+vXh*(lD07R7{$|M
zM)GSigTvPoHVZk-w=&s+b;CECS}XK|GlMB#sVl}pHx<VX%Hr6(DS69ObAic;OY(32
zp8UgK$<O#R`N=1~kso#j0u`BwoH@CKyl>$PFqLdFGhm%=ictw@N?{>^CJYW~O4#=m
z4;oPg%z7g~U6*ZOwa4@!Gi`Mqma-adSSwBFjCfectT=lGSgkaMre1*Vo(NzpKh?{l
zQ1g7t!#_mIV#_N7JXIBX0dfmkl#v5LrL=YrBE1hd3M2Z({9h0dD}ySsKT-@cvYu?@
z6d(9)a_E&7*V+oMNAH>6u8+w1GA&9xw6K^Gynl*ejCI=}chWd`!q7CEsS_1B5_CWk
z?ladzH0}^2<4nD&TNbXfcl{8Ftej7TCx#JC^{FjwRH7}q>3jG_(AKc$+QiC?PHq3J
zZ}+-!sfb-Zd1CsDinVu2d~?LFTwm4OS3Xgh4bw3>OP^E{da5mqgElmXtJq^{dG~3s
zZkWg{x8r=N`%-MZh{yc^JwuYaL7L7BC^){;g1%C_&Lfymhu5Z7komwSjI9O0y|2h9
zt^vlHBB3jz=kHrAKD`aLLdKcQw>q?6v#NgPxY>K4O53f~!u{EpIJr>oCL##kLel9$
zY+o|O@e!=aYABgoaf#jYY0n(4?}M82234aG4r&C$WCnySVg2x_08||B?Bh^0BIV+u
z3b{q~dpdXFgo|=5gzL?Dg{@`;AP<$wh-}B~=@whaq4i?3j)K2!m)*dpo|u`@#W+g#
zBYQp#VqIaI7p)EVyoDq*P3N|;+LE7^9^LFW+H#=E0k(MdB}H(}tGu+>&2QD7u2`1|
zr_wilo)le4DvYg2>Hf?y(SKenS!kv6nl+qq7ttt@ZZk@_Gx>hZF&+%;Uim>ij3W1b
z8?mO~(2yv~8f}@bwrr(G;o!l31Q%qeJqW&z_&krK;A337_WgGOH$9e+(G^-!ogxA<
z({j^<?UKPv4S7eB50336G<sJR6<8VjgmF4esMot3KSaRk&z_xmC5T2(*l{A7IW#$G
zTr17gH=!n=ILtLtIJEC$;cAG_4Pp)zz<%QSnLG6EnyU0QYL6z}E7#K=tvq?1vMc&F
zuz+WLq6!r`kl@`yC*W{Ylg|gyhdrx_q;`0%D3Ay}+Qi|1rEqj7JESKvDyqYLew&@%
zLz=W&ecRIC;KN9o9qA*9uyrwY9OE+y!^p%T6qi^tY#C{dX|>UblBUi$b%~*Z{vz=+
zLVSMqs)~{Udj1ZJ9o9$$f&nPAx_sr(hU_)&)MYACr!p6fc{E0a!UC`Q4N0;|ue<1@
z>*{(lr;7rc5Y>bHcacR$5$W-7GfvKjos?diZ9$9IdrH)KH*r1*+pqg8Nvb1xz#gTp
z+S&JMO(E-o1L`mbb#m=W2?Ns7&6mfX-S^|1yk_z8?vTi4;)u9d6FAd2Yud~5Dwte!
z=~<SF(|oRibKXHI<Y1?y+gL>xv*<2`XKUNGrrzu!jrIJIoR?a}-BaSU8h-PG{&Pu3
z$Q#IrLks*P5fEp=T33-|7_Bk$dcQ_>y@6bHkl~2n^OP5r<>$eLC;gC>7=d%x1!x_Z
zXhR_?IR+;ZNxV-m%?+b^%t2UNs{+L2l*F&gQ7f43T9(BW!J^(3NT;2so9~saX$PQ+
zU4W8+&E!X4@{C^L^qOyV;_)Nm%4|?|+qWVO<Z8|2025=HJqNkOx7Mhn1&n}r`JfK-
zP~K(E#K(nB<rD2%J68)V!WN}VfD+7p2ztE~0YTR{A`~L-EXXu#&vg?(5Zfh!i<Qir
zyHM?6&mclts~FE;^#JZ~w0)!b3FQbNkoZmoqMJj>YE|1eR*PW6_Mvae{fd2WbF!sc
z&IO@1SW^hqvv1+#6LmI2R1=+no$na#Ky_y!D>zjd$dF=SSv``c+n&~7H|>o<5ZbZ&
z1*kI~@D?DD)BU-*_{*8>KR+I5KOx;;2BydPST>zhV{@HTve6SNuD&X+Yun}bOI=aq
zW=Kso%1l%5$`HNk#ongNcS-);-;;mjEBP6ICO=KkSMuY7&c=K}pht&n{UJX20yXDg
z)aFR`&|_dE>l~wkahM}|i(mBB6xgwL1X5R<D?v~OOihv^tvv92XEMJumukmv>3?tK
znijB;Jji1o=XnF1cMG!qx%cWI7N~87I!m=UfY=?yLiYu*JWC^$DQUG8ks^xqfdIpL
zQ^BKjgC6$LAkj?V0k|k7)5zRxK(ctAb-hLIxheV@A6CCjzIDb)V<*Ci@2QfyVe|Cv
zn=J8DJX2dP@+i}-9U+U*K=1LA>}a$@&uAq7riXX1&9a<^H{UcnBkS?0fKh@!+p)f>
z2zlvCozp?9ISm|fq2pgLCvQtxs2jI7>lJPHmUK2KBa>0NBeSjQ+6!qAe_Gb#kw}`Q
z38MiiOo|)WJ76dI!SJzn%Lcm7L#G~3Bvu$P!yfKM4;6fr81(_=_*$$u6E;R}mhMKG
zv9=}pyxRA7P%QvcMP@uA!z?uqDVV9jF`~{+c(b+9HBOzB&xX=bJs97^KAeC{`bwzJ
z_<S&pNGz3DMl1(JNUQES`Puxgt;z7axz3Gei|tTa9>lYW6NMf@BGAxVTbfN2zt{KO
zKA00Ltt-T}*Dp8Nm+1?aR|OGhhb-RN$KF@CmEdx#6#=Ohr#ho~96u}YH1<lq-p%y8
z{vHx4r$PlK4(~tLFVa4)KzB>>r3NJh4s}k#p6rB&cSekG*Nd_mfRkxjSrG<glvSnt
zVSLc3^GJz7#U&R5<IGjHVuS{m_ytHN2{J0exGXnFid8#k7=MWAcQUw-$lx#o7t?`^
z6l--VJrfxGbOBNaf*X2;t@$}FK%vSr2b*|%I0G05Opp=eud8F%@fUO=0`O16uLnI~
zJXydy-=P_lMffPMwb#seHY-<YgMTU`48m4qubJm@z4|1;lx?bW#%dZNl6*MFaC`__
zmhM;1f{$bp(rTf@@8!m7m~u1sNJH&>__|wbqo>VFZnwG+K~&&i>9)Fvhtn}$#?b7H
zrW7L%RsXdvoML?ug*Czb1XLR(o`mC%Xjc0wrSY~p7Q2qSsdbA3XZ4lDt!jogble%*
zA;;2J`Xmhk&`FdB<J{jPimTue#p3aCFcBnNOA0PzoVL+AdXJLlm@&G#dV6Y07^Qul
zvxDj6{r(j<x<0|X{@Jt`3S8LI2*Us2CAcmlWqmCxSzWv!J71X2GJ-G5Y#(9STC>Kx
zY262F+_7ySU-6Ev^+@zekI$rS{{d-#h4WY^Dem%%r`_>E!^NKm)#4<nXc6M)=^ro1
z4t9Mpilo63#pl_LfA=|hI|teiZzswa%o0y@;}f>vDEqv6q+*7QIx<}4O7PgQ^lc3;
z6ZP|XMtSSnNOSU2l+dg-akXdVs3T@Z{w3h6q9VTalId2V@<&~|6Yb-2ZD}(Vw{AVV
z&5?d2saw{Ffr6(Pq0-p?nx(9idmwc;-m?V%Dpr^E16yQKwm>rP5>+!jPHVEM*eYXt
zvbn)rf2yOW4(O0-u=s9+m=WjQw;%FI4g#l{c4j^0du$3aR*)V^lVTexk?}D~8A*2b
z=lE)scX4Bri`>buc>TJNyPZZ#ReZ3QHf+~*Gnq^^0nH9wC}<X^U#q%r^!ece%QYU+
z8pqh&*y%)vdBFwxC|%>1nCXl)3UKphN|3pU37%YLtf42S_zf+Sgbme21r-DR{rGRJ
zMEJ!(%lrpEsc0fSYMw6xhBZE^qx*j>Mp!MDjVpfVMZHG*x_ZQH!*=S4s@iBHt~QYv
zHBSmBbl-JOQ!BHwV;)U)>P4udaH|FRos1UMwfbfTsTduU&6FG)Rmv);F=6c(390}Y
zbCf3k^k8NBo7~0PFxiSBsE!eO-^xcfC0d+~2qk@I+OV6;=P&KdbA@w{V-!D@-jbxC
zA^ZUI4h5%=O2zH(i|`Ngmd53*7EcLWl3(NcZ_jsmdrAI9W`O)ZpYP&H=689%OBZmO
z?`0|hzfZ;IYbuv>Mt@6%QRp(2I^#c5*#J^m1Dv(X*B__M{Bh#U<ykY=CK1QJ_Cj<(
zDnG0_FbaM1KRkfF1yTjOwmGO7>KYn!Ci3j;2}jW3>Z7@(aOR45<!b$hoD-O4>BBWB
z70d#}dCtVxuZYG!DTt>IXGIhOvuc4X%v#&d3R!J&r{gV+PbNF>snDZjle}5VXJa+p
zWZk`uTj`)NVV$rV9kvl|etuOq$C;Q>vDSU-TCY6gS-xfa=}=<AS_53O7cP&b8rSpO
zf#B8n7o8<}zSdRg!c=JTm6rM`5#@9}^4v$ZscWSXUX~BJM2Oz$Y#p(IJ{DIE@2_kc
zV7;GrJ%-=j7D;CR?gJ@i{ooFr1s%-nV8XH<L@b=!!>&Re_`bg*6$m)dMF)~t+wG3k
zMO0f0XDz;SwvwuR5b0a0Mo09_S5FMeq3cRRtY;8Hb<wPzMGE%1iAAxiWvcUYgQmbq
zW&Y7Ffg5{osI;30hNJH9%@Hfuph{$Zj<&uN6Wx(7^+^6;)0n5TzEW>e(%jQl`^YtW
zY)Wt%w1O`1;LA#hEAc*2Udfcn;Qd(t%=~2!cahmHb5AH`KjYFJv+}d_jQOg{Jw~s{
zs)MsLWmF;^yr|ZeuIT;oXNI)lyQKk+nJO)OIsP3;j7a*>EdPb*ENhF<P;B6&;T}|H
z9|T^VJGY!=9lxBqAFxe1G}NzJ)=Ce^(=9}i5d*7~c`E$K{rg?A#E%YWAJK)h<Je=d
z@AlVt`g){qVsOnZ_Ox4z*wJ|DebU?B)?6h$eP27NwWz-T3VUblMZ@!F9wBY(8n>Ez
zkp!7&dzzF2z*f0|?bxwAld8$Uz_1nN0t7GT_>w)?mMoU&kgCyFKHe~>M5ht0-=kCC
zKi4U<saGd69oZ8}&<aCyigA!=FuDLS4Z^xC`5z9L*qp026EloxM?XYi<Ou|irTTe_
zS*17*G4;P*GHLcz(Y0`wDB8J&QKOkUM@+UY)?Yf+F7ebJxu{X6zo`2DT)9o7T1Op4
zwRYV`_^3x!^g`3Tf|L~xF}@RT+}<QG^*6^Is3yJRFbGpP&$MP@uM*vI4yBb+88j^>
zW_><x8HaNs-kAJ=R>qy&H`UtoexuawfWGnuMAb7<T5FTHpT%KSMQu<svUusxd1S)r
z8x+?$Co+iF6L*&1Hox6dZqv5pDvxKzKYdwnkV~j>TN<-lYOHMvJHEg20)({kJbst0
zTK#Fmt!Bs@r*m+BF1MMlxxA&U|9R#}=43*MzyIuEYLf343_)7A-E?0LaT`BH8?6&_
zYPp_#C_EvQ=LLQ-=53F*N2{v+AG8_tp-<*N=fnmPw&M%fJPNw=GL!roDa);t-N1^&
z?57ZWCgQ7kur+hEaA0*Q`x$y-WEa;}U7I{R+2T7v4<3AZy6HkNUt5NdIvvS@EMR|6
zmLq5v+MlGHdt~-hM{d*;G*~h__)d?uN%<h*gF;NX9Hke}TTOysUNfe4XJ1$HhZ!AA
zGHcHtpz!8t^^rD|y&+p_mOHCpKEg=Mp)H6l&wDwj*dkpNI=q<VFsT!9N9jF>*H&$*
z*N6K;rXPHc&~a-_*l9S&os)a=yp5*$gm>UR0&f}K@X<@d4`l@&X%-k6T?@#u8}57K
za~*UgbJb$hC_-jjjaA&2i^rR4xL6_FOThy}+FBjocPpnluu?vpZHZn95VV@X1xO23
z@j=bV>4d=PvFb7#eHXk^D>ILAC+Kt=2p1Y@fUHo~JpS%g9slK3t?;rK;fyrUU(?%T
zLc}a^gOjf-dIbOpN@*P(K$<fg%*D$_J`xz(b<rWrO{(ZdY9m<!^V)M)E}w840XfEk
zG*@cNMX;Z1t$=Tek}WQp1JMefgcFm-PBkDifICJw)XO>nHhtQ5>jOtb!*Vd@sUq?Y
zS{dvB*#2JU0cXojaL^xkG^l!>ULsAV*ZLuT$*4WscqaQ!fqMI7-u4A(^RoZg`91l^
zzmlK!XY#WieIq|c4+s=!P<H|P!YBcV3dngyKlTTgtOt>J`c8-!u+=^!Zox4f2JGPo
zHMIw>ya7y(95AEyoZweu03Q)AK!VV?1ARE)OpWhWFPKff!s#$ZF91&?hYFS8&gum{
z`eM&Es<FD{JeDf8aj0bSdf*F0)lgUg4>5hh`apb-6z>>|8p^;%%pwUcEpLn9GC&AF
zSBi@(S<6l>7qAD`MQfK~;4YZK&Z(Lav_y>>Se>auGc~ud7n#lu>pe=l&Q|6@)?2JW
zBws<z#uM=T?n@PW<jCHeBe@)>+sAkZd6Yq)LXMrE_nAYNu-3}B{hu@!Zr@5zV>ubg
zDf@awrVjg-z{2eLHMxAiqvDA_Jz=w2fb(PYD)3+&?*UJ)$_o>`tw68H9@-dAz?|>m
z`d}03>MbW(MBi8{-yID#b>3$k;URpdzQw1TlhM~wFxRlqM7zmeB6XGKO^y=T*}2gL
z7qt0Qks7DIza3&k4UxT0Tgo=yzqDd4{x0lD{IK9@XqP=j9)<VuM0T0@nu#|1Ayea&
zytR5nu^CyRL~(FZ^B4`rebKz(;%c6G($W^<ngs+FjF6sPXHuu-Y<_!dRm(+1Zf@$N
zLRKa=L!!-4s0EdDyX(_U<->ks+_ul3GNi5=OKpuLu#ISrx7c5A;Uo{&9wcmxpz?H!
zyG<z&$dJCSfeogHD(c9_gjG_j^C$C)5FF4f1{@pqh~yGK9P{j|77D@JCK^4JH=K(%
zVR}b(oVG@bbHLL@q;5E@|Dvl3?T8rC9IKio5snhefoJD*4M(vaPAoDgdE?W{ic{u(
zwnC?wuq|eEzp}TIENxgh7FrnXEz#Cl2s&*+PRu&S3|mu$M%U4TS%9isJO%X0LTAoP
zH4O??{yZ>6j2VM6z8vYRQ2dk#<<3C6q}O9B%!)zp(isgHb_Wdcad5s!vB%H~mGULu
z!^?IBrztF$-c+E`l5>6<5HYm);!zZE==^%X&bCj?x$r{KV>RQ}g(a!H5<4xSkTqKW
zRTS!^;A@USjWb^0c_ubKN;XNsTNHv!6eP8(`)k~Ci0^i&UYqg~C+BD@Y^Q>H*tvQV
z4xvzAn*S3I&FUj}xjR4pi6rYw#Zo_GTms&}p&>{IzQDRa<P<sWii|M!*Hx+o7a@CG
zpM_i=)!J(|yN104%)x=r!Lc8w;h<f!H23+^k5ytX$QOAYB9PUHJWYyXm&CS8KhhAw
z7|sAk(-AItvWISd7GjvzA+<;1MR{TQ3e#{zc4*{Ds1Y5csNu@z_<eu7E*%&jN7wwB
zXhn62@0_1sw#A0tyEBivCa1w$LZ(<L%%b=x2%`xGhy<*DV3Q)p4)B#OAmIAy3yx($
z5@DR6kTmx4P<7X02e-N#I&Pj7`1^UHy8u;uY1L3}2<V%Ex=b9IHYYx}l<^c4>+sjA
zrsk|3ai_YMmJE_KbzISVf)=vsA$Z5z%OtI@M2%{2OTRj9S?WsvlJF99*|~-_KQ_0Y
zL;ujWIX&>8>Hd0$v5BrID+}iSs&z)xwZoBoDa-lnn2e+sE|H#s+N+xym?b4FCl??+
zkM8a#amtedgrL1Bfr9(H5h=WCtUeDXG4g3yuF*{3A7w!>1NIzJ$sJ#KHEgt-E|%LV
zi1CSVM<3A8o2I|mQxl>M^k2DwT{tl@38E_VeZhU>7P|m9XqF9)=S)X=M<HOdqw7v-
zXjF>lTNQNf5gylc)fop2sq#Vc2>F6xLafC=S<vJK=yZLwQHG(b;O;2Xd#y^o8k(E8
z-goLF`x}IMUdNadu1ijUhF0<l37L-DNxid@dgaJF9Kg<*?0H3)P{boCX%?eC_URR0
z>V&^um*n67J^3fTlK;Wa<mb-*M*c4YAkdE~{`nqVbe`W6GS7(iNjojJj1(+7^T8Cc
z#zs~6!}zOkQzJ{O5tb+Js)}pPP-*S~#IEh)<ZPH)9H!Obna%k`u$AMg8f51U^LlpA
z2}&|fBl`siAFApo%f@YopyNJVMY<^|0EfH)!ZVxha+T~*Xu4QQW=K9v>~6k8xHcc4
z?W6O^Q^s8yVhoG~_s)>c52@jUKp^V!A;#H;^tG%&2iUqJSvN-}4#r^`5XdT!|8=+I
zUul9IKhNC2T(%E9f5(E0NX#NeS|0<ffjLD1kKLi|6DR>9VNcF4_f>w+fM!yW6XRIX
zei@nrxu;}f?ky@gOg3mx!_tN~byZ34JTo2GG_pZ@G@5)SCj~qbU{qkcK)Ajsxh*N{
z0`#k5$`TkSfeqCJs$}BIaqxa!OzQkHB%W)}f}051lRVY~jWNE9g>*a`0)qq7IIg~+
z5@Ch!)tC8Rlmt|T50&&e_8fSa&@m{Hb(yu?ugfA=uH0I)6B~PUIw-e4pZ#c7@&UnB
zFZxby-KEN3=b0)irt(mo?7+~r=7U{34mY|-e~yCIFN^ou4|q(hQL=1-L+{=AfWU@S
z$?qlnL0EzWE7RnGY{EqY`N@b!Ua?EZVQ?29r25$S=$FFb@$|heg@x&%mwpSfnwV*$
zL0^1k$8m+lYD>iz{kk(s$uDyepH)qhKv5TY8RDC)bKhz32QmJjb_6>ErFVtP<{<qj
z1<0?gff`{zd0hSD$!1c>souNWl9KGr>^CEVvk`+IqyJ!vKkGtz)ybJzM-PE2R2=2k
zq5_2y@qqQ|uVOYgz6h6Qk^2XUf=Zr>h@dI{TIWbLg=J3Z*L_S)>G~hL6Y5m#P7cNY
zQZe?Z7!rEV4><AhvueLv(+^^B1M(66hiq<;jH%VghCL~b*ky>tN%c2X<nvVdWr@;a
zOM#3OG!K}7sfpZQYUL@a{6ALppKSZenPl<c!qe@0Dhfna9-~9SS2CoTKy^53-`k()
zcf*O@&sYAZW|DF(D_~9uX%bWV*R4YuDUK8bZts5+-J`?9)V6$eC;+d{sV1<($kCRq
zzzc8k69#2f?Jq^V=FpyNRdmfeEw%&2-AOJh?|X@YzTaRK6OoP4<is~zmU2HgCab;B
zo9Dfo;AV)b*00opBNOKTE;yA$Pu~Km&gqlD+NQwvo(!<QOi}<m%6|ihlipK;oM&E=
z{}$43XL}~UlAq>h@(XHxBR~Hx2=oi8X^^UCf7UrLyaU=H$ro6RO+SYluk%tRPpw2h
zizo}sB^OsWc`1lg#+Lp|UCYQ}a)&I2NGId-Bn?r8V;4Tr(?=!pCUOo@sQpz_qeYZm
zC_S<}Xv<^U5rBE}0yWiYI8ky25}&;QrF|Lz!mp%mtfFeO7uZ{8s*uf0o)p{*Hj^2M
z2C3y;H^hsSRqxV=n|NEBgugRbc|dwB2;%~tBpe2r1)?VdY>DUqSB4hYQ4hKH!&@dU
z$j{f2?zkUY*QB(pTL7`$A{_#!C}WVBPk+4;#F_KralpctrZ8mBa_?2d_`WEmBw5%4
ze_g6|w4=!AzwvSiMlmj&maK0^75h}@?s$SdE5b`PR1GN+ui-EEC>T+6ZTOIc#tR{H
zh&#)$Q^1>XM}xEVH=w21?KIn}(WMxtA9-Zpr*8lrSVC^(ISd=20|+xmn(H~)j{$-%
zNnwU0S9excjX2;}fk+6MZ+ZXqM*2E#?3@OkSk;+AY@&+WU6xiY(pZzc8Lf;=b`@Yj
zK(PZ3N0Bboc83oY0`l#7BuIoOu)Fih<3ygh1siwsj-DT{mq?G!ru3w7rDbe^E5e<d
z-Z-S+?K&7Y;~#JWDx4_VH&GB{t)Rf)Lt0k+rMjuFxb-R1C|bz--vVR82pox5a7U0!
z{XfM}Eves`RRZQ<eqoZrbtR)1k9;5ex_N<=ZRwa5C<^UYW`X|iS2jj{#c$;ck8Y~~
zcXoz@!RFxvp<p2+HQcN82N-@I3IH2ENbdA*vsR=<AIj_7AZHWIBFwC7p#5Vfd^10a
z`;I*1SB)7PK~s`jw5OZvC__mkM2-JN_RKFYQ%Bd4-f<mJkJ>-ck)y(*-6xr^j6u~g
zNS~O%V|Xc;8sudDT?Id&1*G~<;}2k%^iT5o=X;RIcWKW>e1ON9;n&7W$$uo%m{9+e
zbb^Q3Dw2%*IG=L~+IzESH_yW+ikCp(Ek!`ru@{x%!w-nzr1q&!xYpQ6@b@i%;riC?
zIv~wSc8f}I)<zHST!7?|&Mks~HEQfSV8Trh8(3IU43jSMI;5pB(~-y&S(&3+(q5yM
zeB3Q@lrQmq{0rOUj>jJL0b89zfB!t>ZKdr{bkWr4YL6v07-oVY?pMDvr3QOcJ;azy
z<7}V8)>*)@!^9^b{=&(Oy2&x#1Ev98*Ca35Bd?68UmVj_dP`@4Fn~5)Y~w1WS!oJU
zh?kktOY3<kYJ7X!^Uf7R#HuFzJl>tH5@^r7>2=yJ83uYb9!Dy}$8I_;kB$}4c$%Hy
ziSurEeb*#p>`Xtq37-{9TUOcPA`WJxzCgT%+%g>YCFMUZF#WgyCAcn(m<w`jTK2Zt
zzU`tGHz4<TrzL$``c6960ZuQZK6NJ^wgZ9PFzzV^CR#ddFF-E<3;f8J>D~#cza&5Q
z@5w*)mHgB{lV9ZaH}X$of<S*|AuuO<ECqKEfL|@KIX=9MI|lOj_t$@=0hr(aBerqH
zjVtI_{^M<6LKT=~bf*WlA!ywIIxi$(f;0jef5jgKwDdz!Np~_`sDQB&u(EMQweo+l
z_niSzc1xO#fQX1Fk|YZVC^<`PP)PzJ8OcZnNs?oOB*_8-(g-L)a;8CID;bdt4Kz9D
zoKw3m`1z?jSLg2T%<k;&{lOplq_?WhQ+2B9)N#KE{elN$1Ff5)M*>$UWG27|fa2T7
z@BK;2N2)i395tQ~ESu#$;0}q9j0_S?$~X6QE_sQ!>oIl%?=Wc%65tAI{$2lm5f<ue
zCrM5p?NI4Q@G0ag=iFewBg}r*;3S6d*Ct@GQ7;a_CH(hB`(=eN$OM}R@ZiDnQpb+b
z#`M;wMv>}8`TYm+Uj}z^at{234um|0=N5*RL`lYe{<2?4qA|7}dyNDFjPW5qoFVD;
z6qUm08+Y}4SAkW1vISO^0?s!F0pR?P3D8f;%s{olRyk*KTnJ>#?K`E4u-?FdnCRH#
z4QxUxY{N5GM1jknKhgD<*)_rI(R^{m%fz}KN+R;)A#)4J6d=S<b)X5v)bhc72d_6>
zjs}|g;oV-G@ZXT36g+WTpT46&+hbSuK*)wGDc#(3!}d1Wk-%28L{rqsREQ_VJaEU9
zkj)qH1o!}nL^6P_crmsXvIQKI*KcNP?H7c61=ZKAg#vEurlX`&Hsr+M?BdisCKi$3
z^M^d#Mgx@4j~*F6Q=>1(UF$wzCl=?6Oo<33I^SvP-N|4(R%Ycs(Lhpk>SzwdV$<jq
zMIW`Uh!XrIZ2X5>uwPi2zfZJiy)Vkme|@j=qYT%k^sohFB?<x<?(Usfw7;Lb-=oNS
z7rX`)8RR>n+G_(n`?sV9Z+`lEiu}xfM*h(=<Y)L5`DL2EBmb8PATA8hD*s4pY}xZ}
z)W2CA5Cr{uYaGD=o!~I`H2x&~Xg0i54%KwBB}yLt*XFDInFD9t`hNErB5S|wTB_a6
zzne}SYeMYZA5SpZ(hnr=6RS))QJiF;{UztW_B)$UO>gg6PT2V`=c(OG#{R>W^lfPE
z-4^%&;FB^vG8|imjB%p@`~4qk!r#*543L0}pg%-Z?VlPHu;yX%8+brU=0{|F9d+mz
z=iw9#JoBDz5lfth%+mBoPU%HY1yK_CZ+D=!2qp=^?=?4p-Xkmkfqp0ZJ>v@AqU23K
z!|JbJA@41L39|b|)_(zj{|Ba*$R3AdI%_UF^%Hdq#=nwMF*ZJ#5F%Fqtl_F#aD1;#
zZuz4N4abWOAamzRl(byOiA%#VqD=DeHF(Jv@YLt95kp#Tl>^bCQ=@nOC!=@Zc@X1*
zB71TOaOF5Llj_CPhFI_R$hr2J<QJcC>to5J@3mlfn3Z1LkAz&4%rw`bD)LTbD{d9g
zvZ4XYs%eX}bFc{AOdT+vQi2g*ZO>7ses$pT737qrQ`pUHzn}N6EcmI@vy$R-cIEN8
z+Q~1;DZR&svhhf9RdTw!yN3m8vw1fsDyPc2%Z6%6@0qt|W(`Z)kc$k=-1a@nwd#_+
zbWma;-LP-R%ht^G<gNh3sr$X0z=gH$9ofWZcd4&KVoi5<_Og`~LCL2nYyafmTZd$C
zgqKji0_nkiG5DCabY0$_S;Qe>*Q-1?pJ@_ua&8-b^cAEy582dM122<+w{P!UO!eCQ
z={L#f4KT{vRTrofm#>l>e1lSD#$6sbUFgIDr}_EK8bHN&o<=L-JBuX>hFH-qx`2T&
zPYh(ej~xo-18m#I=?1(dC$6~!kI`my)an8MJLUpp4;B7new}P_B2gE$A2X$V-Ul4Y
zqSb7G7VOXJ5`Xz$W7bpTXa6(ukDVbu{jbQc;PxH)w*YU?|4$VAFY&E!Oc5x-c(vy&
z#@&shErDZnoU2xXPbyj{NBJL%bR?u-Z!-hpXH<_o<P5YRO<$7MNM#L<mmmkbUqMY7
zTe*OpGxQZinFp!&WbCP8GL6-U?3gZWoR4x8fqh|X496<Qe9VS(%?m@=6us+vzw9@C
zJ4?Y}QfE84Vle`~$PaIJhTplW!V<c51{)kmD^jz|?}d=N1<e32UfoK(3fzOt2R2pb
z`EBulU^Wn2+49m?5OV==M-l?>hVk)b=Dgnc3c~hSlRZg*%mDXARvi!fT6W0Dq=hQu
zKRofQ)GjbXJD;AXxu7Uc-XawF09z&SnT=rYp=SzFx?!y2OjSA^?l6^W!-r~E<%V1!
z>_eDkY4<9lT~K%}GBL^WU5?Ud9l>*x&s=(8W-k_j2~%u$cyO!xs*%K{3G@n|fR+s#
zB5=3lnmFrp^_wdr$BiUiV|o~u=D7Xs$>MvvJ{&?@d#v-30}w0Zr}UA^l`y(k8~vSZ
zC39ZhPha+4*3(k+8#fMbw}CW<J>-BMed-QOIKgJD`c?i?wCx9kMcLsRVZsKo(Cfy*
zkII~rLCuTD^d6??cBd9ihezLMi$RR+%&p#51Zmo~L~Gs#lN!}zrfUzi*jjpE6x_F^
zdoidYGV8@^CGtMBZP9{$PSa~aQD-3vIpP~(K-cPvk@(ERd<2oE|D-EzW}02-!-XPV
z94d2A8L)6ZDveBsOm+3;BkgH+YmD^Q1H;1Na+lVJYl}5MN7fH#zXQ^NS!Z{6zBs=q
zEQhyvzy|?tF$0<2HD5t#_I+QR1E`+D$4!m^<vx=S-fIF1X^NZ&d<HIWA^m_Z>I}73
z#q)+wCz?|2tU|VFHG2mz75dgf{d}a7mb8|`Po~u99D;ZwY8FGF(=fq(*!velS`x`L
z@-gzvZfd-@%ZlDlM;(Ql)<GW}T}M9Mv(CNup>;RrwN)!Q!CHeW_M%1ndJVM8rL62J
z=|cOtuOJ(>`+(*&@OvaJ(nrDwlZmSwQ!K=P=%|gETu$Pyou#YAjr0s+=vI{TpROU<
z3h^GzA2N?sbUyqFdSF6j;NQsKW!wD3Ww!DX?&0m+nsj|9p_iIEpSZi$=R+gm8e~d6
zh@)i|w+mH`?$5`-Gg3Gzjr+wYNnOD5>fhVWOO#W47__z=sVf>Q`20Y;=4ql2;TPxP
zaMFD+3Jy<W7nFwdgO8dHdd#{Zd62#EtqlCdQR$Fd0^HesXw!-n=QQeKHg`8y<qN(P
ze!7a}1S869Rd?LdgD^{d;)8u)l5bZn1XPI}TM5va!A`_S4_#p{`@{Ewl_$zOG*WaH
zdAM8mYQn^rpYT7i%tLGLfazo*Jzf_TOS!_;L~>jal=+k8+#OetW?h3Wh)r8t+e%6~
z#~#HQt)ckF-QES$tXPfGcmo>Xnh?h2)^b(JPqe4VfB(<OKYoV%H-ANbHMZ}_f4>_9
zLL}H_sy}Wbk5zkFN1kMxP(Zez%GpNP?wqd`*;J=sE+AKLrL)LbAG~!gXMm@QH8+ts
zftA+OU}Bi>qNG+Q7S9GP>b|hd$!DNE>ood%fY>>wCJ)|=up(#lM-e2P+<MuUeO(bK
z;Os?B!H23g0Ax>`owe()<b^+7vHkwr1nMRvqYJ!DOT3l2h!?24_?N-uiUv(&1w>lO
z4!FN<3*pJ_LcPa3oS;HIXToV1+k9XJS!!pSg;o5N^{#X^A^&<~Fn_74+4(z4?Shl#
zZ4C8tM%LVlRZ%IBreXs+zCF$E3T-vj0I5>^=Co<M(mPG6Jat3WUm{1PEiLBoWuunw
zT)@*`G`j(<p@8msxEFufqVKjM1JjflQ9W4B4qdM)wl)qlpz$VXm$gGXmfV-GcGPCn
z)3-p~@SwMFV`AcR%NVvJzy7f)Q#c!}wn3R|Io^6AzTDuSVo5_^>%_*4_GwM>MMGo6
zWH!~+;Kx=h_`^dFXtckS^EVS>1@2(G-&;RYj6pU|D7TOVYF}_73jk`qXK72cx05+m
zSNWfhCJ5&!{1Aamvhy%8x&U2WB%u+el=#RqSHtP8r1f}hnZ61Z`%ubKm78UzBP_i;
zZqnigu@5(9Z(E%??*_$-f;g42t_F}RInpn*I%`DU<&xtn+GFj4^m%jVnJ`m?RDxls
zzsjp=(#@|RqM^n93aWrS<W*}7g$O(Ry4l-v=`Gq$UK2zp{O25YEFZVX17f(YFZGzs
zGok}`T5o}Xw3R>op#@IjUEvKu>>^6vuRSUUmwS;Lx<)NLVha-Y54VF%3L5p`R$>~C
zRN8_^gcs9;gig5XT}@uZjI6TcCY#brHL9Oq#Z=qCt@q?ur_a*wG1T)S(-(3!=AZT+
z=s`~l(CM0k$z<#ZDxvFPZJp-|nOb^`fDV^=@+Up?cb@6-dp<0o^rr9*15b;VrkTJD
z+;6<6Bv7w3=s<Oo3r*|;1Kp8Zzqq9yVho=xrW=oDz)XgmHG7lEBn{+n&RJt37op5W
zeW?p@QVTcdkbMOavL<AitJ)3eTe8%2k;lUk8_jtZ54(=FlCHwA4H5bsgHN_hj=-(A
zO;+(-3pW@fs^CeoiM6~p2ZrQJAm}#IZ*fn+4LF&L2vx`3!7w-L5^2`89m6o93N*wA
zdH)LG5nocjw(X}y+==(angp+TNg^r>5kL`NJd}*~+=&ks%1`H=j&?F<eq(lRJ>Gsy
z7<^4F-K7iCA%47&>njpul0baCt=k?hz;-YXPhh7K=V}i|xw6eke*3@Izy9$bPY;@S
zl*rpdXd|Gl!{flCJo$7l_8wX4xo-0W+i~Ard}Jhgk36KeFxmlEq+huJ`WXli;^!e0
zncCdh)?J4rPLW^Z&&WS<hWvEDBEQzucjPbC0)aMU5B-*Mb_;oz)H@*g-PQLx0#I&}
zr{!Gd>VVX(6u^?mKm!cG?L0xi2N@YRL3OwY9F%Y!M%}?%Nbu2OIj(Iq>ZbGkl=GAp
zn|Mdu)O<jnh>AT_bwBE{0etW1gh^1bCm&vB#df1RcP%A`M}@O&n5M*_<M?KOg6%F4
zyof2MfRqm{X}m&fecWMZnblxon=<rRXrq{^;kgurxMEq*oPtDo>H0}(p|#QFFKAD2
zEiBZ|HR<-`(*>#d(Kr~8u2LsPgZ)%`#N_6iHPrM-^v0pAG+<n_G6Clrw|M83;{$X$
zg*SdAIc$M8l6<@9!{W}nw%WxH5qfb~9d}6b7GL2DJmT^W!XfLxhUEoXXG+tRQI)$b
zA4I_Sid-)?Z4l<fh@dC-D3&@^%j|2oNOdIgIfA>ZakM&fclMLRW@lH?uF{d2@m||$
zFs>W7yv?Lm8aa!aWr(1w-y*8J)!YEG<8=(@4W7EbY=4lOlgDybbBI$f7Jc^PUZw;5
zaw}GyHZKLuu-KieG7i42?C3A+;N8{ag~lyQ(ot_Zv7r0rpND|jIUZJ4Y=&j8eQ0tE
z15>7w*<6kNNL$B4joVj|&LuEC+88E}$PYVA!~N+*bhDvN{A;3=GURGyVBED_+5*T;
zwkMmspJu9pNS>)3o@N$n5^fOombu#ZM+^_r@zQe---xI1$nM@FpY^J@e|!17CH9)b
z*m+I!m^Pc2>dj@BB$Rmtq2=Q(Lz3$`wmO=_w><8uKN0nf#;j5FARetG-;jxdg4*NN
z%Y1cXg2qpLy;%pgD#61$IhHQ<Q92)*@zRPx`g0M$iG4v^Ri3i1bw3zv-ivn!)do4R
zXgb*dD!H3{9NU!V#yi{tA70I!wBdC9#Xi+2ORE=*eJK#G(GC><j)$t1i8W{sxF!$J
zq}~a5OEsG3rm<cV@7eVE{3v9?xt%|k9<FYA{PEL_6`_D-mgTcnnt=9YV)`21Qhi<I
zR>NSz`uoU2i#pzLlVov%qU%PN?n${OS|}=SS<Zww*c(y3Xi)5a!xDLmLK>W4sx~k&
zWS=}!9d`X#cDxFl+c8neSjBJqUR&A;!|#dxT>}ROewO{d1s2xSjoGS=`-}8lh&!o`
zXb@2ki-KX>AlZ$efv6UD^!LM>&Urw3F)Ps`p+h8xxeEDV@m>}(2RWKHxnwp2bDj=R
zxPLol`1MwuOF|>lAPznU(hGQTgB9yWnyIbK23|cfbR=xD=)UEQ!_?}IMtH-U{eHm5
zy>oJM`&i^+fsc~rPA?B{gyGgXo=>-uWL;J8h{*ScYOzpBa6mt~<|8q4`v)QYcBO@u
zPnWHhU)E{}zM4s$pQt_&w~zd0_vXYOVMfZA41uHU;q?N1g%nHSgm+bh=c^T>)%neX
zZ0ZEsdqy4>4HpcA2;AP|VU4{|S!K};wj)x!;^78;ck@eBc?nS)Zf^iSe0^mtJlCFR
z<q~@;M+nWOi!-0P-ed_x3tU(9c{Uqi@?QRJn@bgx>IJNs$K&ppq9&7DIj5ze59{4S
z$`Piny7T0UQBgXDy)HzBPSy^SnvZuVSlwbhNE!<-Y<?ae=b+Lk&i%AY!SJ!re7D2?
zNu)gQ6+SN89;yf1;mei!d0#<KCu)YKJ(BpRjP1H3w}9u1;04uhI1(FLKZ=dxv)hS(
z-0E0f>RI1Z32WCYTHI*EAoDZ~c1nM$bbPnWQHMId){)UYK?R|ezn*_wk~gQ-X}Pl#
zXl0c*z8Oe8BvbI_u$Pq0k9*|e#45|^q|1OoTX~cl<F0T9I$INB!DM}M6~VS+Q%kG+
zHZK@Ri+_1J9xzi2PfH6G)X+hi12Q4yniYJ<UiM>$JK?7>a5Tpt#y^LPPmy2u&&WS{
zhWxa@BL9=v@5paf0|NaNaK^&>Ij;Z6{ikcBotJtyoQ@;olMc6n4|1)-cfQ{c)iK+^
zX$0zPnU;{zGA6YKvIdJjh#nv3lW(kM50L}`xjDd@bDk#toPT=ika=g0nqXsHwBa42
zL#6E%-XR$n(Qc;iqV#kbB2Vv7!Dm5~BzwYx!-1+a>yF3Jan*5rwXG)q9QOy2S9(AN
z8~#jZ-X7)Nn^jRteK%Y#%i46nusT&juhsD$67~#>K_E8ml@Eqnt0g~B!peLWB=FKe
zpa@YqS5M`$!KKjY$h)sa$$b0eCc(E+&nf%|`~y8m>&+}s?h7b}1!@sVil%pNV8u%#
z5qSlQn<6mzK9dRe<q}|0pInfwDn1E{OZy6-Qv<CbxlV8k>w`I}lPw*UZ0F}gbr2%@
ziVA--g=Jo}i$v6OovP`_EON9ccL%&<EOR|qJme6{r3nZZb?u&BAF%~|nLKl2>oD%{
zgN<JBI>l+oDl-+*5%vzK;ISe~>GO9pZjW5}+#ASVo6Fu$BZ4Q)&8W7fG9crEkFegJ
z{MCf&`<gs}_Xd@ufOJ-hdtX6l$nbp)sO0hfBGvxoUbK1eU#%p+uc<!?Qrp`No@)XU
z={`E9porc_0GU<-0Vs4B=wB=Un~VRV`I!X&OIrTNcc{lH@;~`A@=u*1Kh3YmZz}U0
z`5^`%5ce84zPLB#&h5wNNlZHXF98MgxLqg`c38CI!ld~apus<HU8<kZ1puw}Y<u0q
z3yWj>_@)5XXeI-G97$DRzemab0zHyHfeZ+!qdP*3dM;3g!hm*ldQzAojp1e)O?D9O
z-TIQdE@g~&njQdYj6Wfl%395>q4--8ahTJ@sZaQgV8$vt&2KM9P9EZd>-(eHu_<NE
z@7v%HGN8|{3RkN5OfrF_2JL`EhE(9zq%I2Pf_F?$c@sFc^Z-$4bOpdc9S{ha2lD#&
zL1Po5lvP5K1~1QPZ9alzf}4OQ`EnvRdv=L$Id}mX0*mtEcX*~D>#v<-Q9eLG$qN?+
z6sy*s)IGceM}heEA7KG5)><)xSr<1}C+n+UL0Q659Wz1UD11wB>lUxJ<z{`-;zQd6
zc%nrMc!GU{?c_WVG6Io?@5>4S;V3a6JoOQ9!Cn+~{R%p!<Gu0uX?e4w{ElQ+NK!Xc
zNIE?lw`d827LqAUJ`UMgYKH%VA=3XE0<_aJDTtO7Id_`U0K~6OKb>&{H_)b%_1R<M
z6NSY(nyLWQH9UNPOJ)G?(BQS-S8+DPTRfo5iEpg@=H7C}P$57&MOSp6{nOgt*qGsQ
zGt1>8vo4UuFs{(C7^ddGzC{=K7P4bTpkG~m(l#mN7zF60xnsHtmvGP4oTqB1gIx38
zpMB#l{)8m2^^HGpz*Bb3Xvx2E)&;(O9q3}cp7QImUQ$*FN$S~dYHbyx)RU$b01slS
z2whKY%%Fo;-q@o2{Xeoq3B4akpSe-U`E<}OVKHejT=hCt+7t8G0`v2`vzL55cxAD?
zvNt03s)e)LfrdYL5(f^dx@U{=QYJ@Gk|tVz_x!vW+L8z+7K(7z8!*%6fJ*2*6>2u0
zt`m;$dNTAcbGOQgjH%g|!Q@%lnaS?7yJSMXjRw%}Bk_Bz;<hx+wwAki8Ci3pWyZtZ
zvXF6=X{v9cqzD<u>H13&c^FWjYP${`32W#hxkIA#o5jL4g7$%Tv)0dJ0!E1r@z3pk
z>W`SFTsSjgoOS;a@ZO~TbKBp<6IU7#RyNUpu7#FK@OdE%Ak*pa1QiXK5NFbUy2L)S
zW3k-fv4PRHtl~BUws>q_+|Yq0?vHy1Vp~b!li>CgMmz-_@==ZrCP5BFYAZfus$t<T
z**K#@D%J;*D?1tr7xTsQFaO1J(kMV`biT`8CU_ll9(}lW>TTMm?R=a+v>5@+s{i#S
z-JW#lrwQ_Ds2Sk-sZF#V$P(hT>gNk{O6q<dP3#<N9v4b%|9&cctLV|k?!bGg+(#Bl
zMj0IbH^ZF<hu&N=eog5uZu46^OX~7$&;<O4DFxuo&t{XCAe71f7kK*x9al~B$bJX7
z=;g^Dtk0~jQ{;F1GxATLA^(kEk>B#`cjU)p0SZQ+*=|3ZX>b2Gto=WFR^6YR|Fc4J
zlSA?Z(y1B)gQI~4HG%E>B$rI0pbMMA;_UomWX@sxW<~q1$WO*0gALrpHkZsII;vgM
zDYYn?qE15ujmJt~K{qPbj?g86a#AdA)ITL=*q=*Qmsq16*3!ani@sV4qKszPbx1ni
ztpc24i}&cv2VAbozq^xDm-E2TKJ3#lEg>_x0|i(>E|s_tawO1!a?^o~*+Wc#y!sA{
zj-%Cgg}wUKWn0f^^oA(;tW>IR4;bl3>(%v=^5I1MXcfM^1U^^+5;#11dmmwd2N94h
z<QD2E<@<mRJOpTXe=lPm)m{u71p1TqM&!gn_f8T_0H<9(c&!3loCAc1VRI*YN(!P^
zfcm)KSMjg$&*)Q3ODo08+6MyRa-Jrl^e9#!SVWlH=!4(mN{kQaPconH>(H?<IWlM(
z+ooqYInfCE60s4pghjQ%f`ScOS+7yGza}@?Z3>6a%gP@emO!35AEA5!9SqObPMk$;
z9M2Drje-+Ewn;;jB7kIZfY%ngP70^i4zFE9p>iGF;*XlPQtTkkD0{TVpE^taJtS;!
z^>midwv#E~skG}q`cnNEvEQT|UIh{0<J$|L6aBBd9N2@V1{8a59_x6?dZhHtH;Kwq
zU$mGE?&OOO4}duqmb4&swYHOq^2dI{9vNuAp_q@GJu`&#t~xn>-NxI?Tt7GiE)@a}
zs&}6N)e`bL&M11u9<MtcE8$d-&eutMJEo|CjlC0WAn6C9TFI{d=G-aGGLPrcLw@=p
z{O{%##b?YTJLS>ur(y}2f&XtH{VDQ8{*3%HXUI?eEArbFe@Fhy93arq;eU!e+4OtT
zZd8Y+_B)AOx&NGib!C<f<d9ml!4SHG!)VP?MH!CKOv%g1_&L$Pw92Lp(83S1x2Se-
z$B-pL0_6KL_l7D_LIw-lZ!g>ZV}^c-p^*Mh+)F$=`IHhNE91QvQ|Jz|Kjw9%4x}Z@
zWeF7Xg0i65QOToMrhRbqeENZhN4PtPoLe6kgdNt^-eM_<yErR;{nMutajl;uDF0Xp
zNI-56ZCPM|?1tLMJvCto2V6eC5$H1r$UyaB$F~r3#KGs1;<h}M(VG8X2ZMh><*6?C
zzXZAe#jO8>%sNH>fj=Yv>>2V?{fhi9Cf||2zX$~C#7ffLuWLYRl}3y?E70)SUAS@3
zI}_^Izh-NY&c#`4rOfIn<|X$`=MDo3AA<c1GIiqCZ#1d9!$-Bow)OTr8H=<HDXN(l
zjkYCa*)`w<gBiZoCZDN&&#*{d&`<o4%UXlJX(D}DUwRDD5V_Z}S5g(@IkBu(i^(J0
zi<45UxWk;%6^ymZNT$~<xn$u7%uu!ym$u_<UN8PNLP)dK5$YpwES{IqX@)Q60wq~b
z%bMhqZKxglufdmbsZhSK<zQ6a80te4;LiyXKx>n~S%vFhYiABv#bzxn=w%ZN3YyvC
zmt+@atY3e4<N|~q63wS^%U7dmA72^f{Gb$KyEY0%aA}6zE0vNTk+1>`{@ewHJ7tCV
za<9hKC#yD1icHK5ndv&L#!k$Kx@=Dp8i%n-Y<Ex&(kyA-b+5LJ?6!C({3w94@{W_Z
zV96@5NRmq@kZ46YmIwE&*Q{u&{kw;o$fPPmicY%JSY&5M5+_ogq?1j}*Y&Ds-<6fh
z-c?_XqT+V*dfLmbsjWF5>-k7(l`e|?V;;8n_Iu9H<_N|6-ONo-$a$4RR07KV`3*wf
zV7)Yw%*d(cldfR%?2q_N8##c%WpJZ-h>$)`-&wEXL-nJg3n5ob;77{pI4{kK$`nf;
zwUqZ~G~RAAFcmP2>F20g*AWyaV~l9tTr&0tt{?up3EJnPSK4Za@0l3~^>c3G*efiW
z#qt#`@ZxKki<75dQa+jp6<A@_ukk-bfO)zu8FTddEXY<p-`$faf1Fzt>+WJ(M*sS<
zoN+@g!j9=S2a@j=`JsXd9}*V-yokd~BRe_5`^`?8VP$WgeQCVB=?#DDI4Y8lIxqoo
zZfM`}w54C}ebcEB^4+)CM5f4zmEKw9M_)e7<0|&%o0LIEaXf;yO!gu@`kHdZOp>K4
zU|-rGPSY29*dpRCd#-ionUifMsw5$k*QhogVZ=bpOoxYsI4!BMX^wK0!eBDeMNlMD
zrg7QPZK=A?KKw|*zAl767Svo|*cGp#oYlm8+I#u_GlA_F*Y?6;j*<J%FYLr8@U=L)
zxlxr7Q(PCus<wfyhT7%3D<;W5Hw+^#IzL{f=w0l+rcGZtk)XPyX0bxEdO@}n{N%OF
z$rrt=qIeY>y+ntO!A?Z+wu0spAy?iVyb5bftJ!dmDPtehG%e$U`bf~lAb82%VfFU%
z>RhXU>0ZQ2q(?QVT{A#w5K&~wsog`QY>-#X1*}>sPEK-=FW7UYUVi-+dk0P={!a68
z+|xvv%GA-)%G#o^0|wxA0!xiCt?uMr7D%6TM93V517U}AaV;_BO*w&un$L%R$%KZn
zB1+f#)2y7G<YJ{eCyJnCriOQ=WpsB87)nji6@M3YT-we9Pt1*M$e;Lu(;O+`52jF*
z9%BSwK?6#MN@%0pN7{|K6K%X>k3JNJZBBHXv9yzTF?O<9ZRZ-Ob~!LLR)p1}JuAb1
zHiVa}x$!VKYf;Trd^en@#7V=xjhYyJ=4ptMeLk+XL`6b-{<A1^(h!O38f+Dr^NeUv
z;xOi&k;nGirKY5hG)4wLZ7DlYUw);&-*cpRcsSZ5m1tC=b~3xpR|FWA6c&87o>(8&
zM~lfD#~$)_G2MO`x3%u-rV>wuvzR%#m7^{E>Pm(Kj@ip@^d6_Do#%~{raUCo);&&k
z(^It{i{qE`y=12#BU2kKg@LcrM>v@2Q^wnQaK|t?UZiw1fLEI|Ot5%@@ytCbkF?`@
ztoTZBeP)@stmcrVYIXhS^;gYB>^(Kiz<Nw$o*b16qC}D}Xyfa!^E5O|mS|R``21Mf
zFSKmu*{SXO*%JFjsdd|@$H<oiyF|RcievK9Lwe<5<+{W>K3{GRO2Jd)AO17)&z&JZ
z<*&#OA^VQ}A}b)!Yf?>O<7ll2^0$crgcPw}Rx9qrkYtZ!45(X|6SnNKEV-8{x+;s6
zW;Ntq(B|j8hvnt?E2YMm>S%rNG!7vr)5DL&M+CKf?>C9|z&E1aBV%x>v?}_!wKdfe
zJ3G<?RmHu?ISW2E7&VQDiaTI<=ToB^!nRhjNvNu}xRO45v6?3e2gvlnaIU2df2nX|
z{E&e6`CVnd8bL7k)h|iU?q7!A<<hDKJY%f+SV6lT_z9*AQ4y$oYps46GwjlW(y}Kw
z_wXB~Rz({?a{nEEp`$lZZPG2mcRs<RZIP&C%ct&ymLmC1?+4}HN6{ifirJ|c^O}CN
zQR=bhXT$P=d32F5myCpyg~Tx5Y2e0W0XM`7@I7aCpwJk#h)b_H64J9-#y(K*JNgQ`
zUYdlN5hY&Xw$R(M%R}o*jiOyqJC;tC$*oJ51g0Of#-H%Hd@)~NMM&=LqN{)Y<=hml
zI^4;-h?TjJ%+LxHH(Fe-^Xg{ryy61s{n%1uNW9EBPI-H(6_pd2M)+XOefbn^;h}~(
z`KPH?W%8<7dm?z%0is=&+?B6mwjR9cAd}m>9<J5nV2!)~9JRv3$hth$YXUoBSrr>l
zszHK!d)*(K8Kn)3e!_^gcIUFhfVj$QJQjL@@T3$dO?xkIh%$*O%@cEEcrOBzII2~{
zNi!{6P`gF3`|^VK%u%|qozkKJYhk{#p@w-eGA}hMFvXc`X2x^X6kSkxgVbUabK_#X
zbWUFG%8M9myf1O{7SGrYuIhgU6##LIdBO-R-yME?4;KfV3@YWm$*Yx(V8;&&n#G#1
zB;U5|0^{c$txp8-i3!k>*0)g7?V;O%2ly^`3lGx^ksCT6H!B~1N<B$wS@}RIkNCL-
z4@<kZ&?rMqpQ`dzEwlG6k9ID(oiLvB51rbFS;R~AOO^X-rwA85<G7`hCA<V(Pt3Hm
zCMup3R+Eflds6M3oG?TeX+r~4M+gPi#;QWrgRB#2PlDm?O~)l83qV}D_PWg|IlM<_
z7A#;Xp8w9a>)|utZUa2vSOU8LL83UOeQ`LPcT~6P?KTfgYtO$#_};?`c&~%Si}$^3
zj)9lJHkb=R^Jag_T>a1Z4Xti}3MB!-hV&oyn|!y-^0)x;=GvD*!GVHV1m_TC<|LU<
z-m)+9FUexBt*qqT9CRRfmVrKPxAI8bAWe)ql0~48++M#|jmvg@5}Uy!zCmE>!2t6;
zAaX^Rn-08BHwV<wLbH14$!VHuaK7Ct=|NkHT<6<P5vKW0@l0J^E@Zp<2>A-hiugHx
zI8ht9#>_xOpUnJ5*7S~GY|yU5q@X+C=md&oZeP{G+rXaCz1lFRnNz>8@uHR7#e{a2
za1HB3i|XvXEu~U#5BWQN+tnVh_)L}?A50BjMpIASK_x~j00j>&d$!rTQr5udpxcjO
z!DME#io<@ky?SqyAw!4O$0uJwQ}2r%GIPmeM_EnxgtixI7~93GJC`~SA&E?t>kVlQ
zVcr;grugnLdU*Ny)j$Lf`+OWw1T1NPA-hnHd?WCQ&HM<7k_s&gO%F!T;LFnZbQ!KT
zVQ4Fp!;^aD0u6O!F%JxSf0<pKgJCC=F^f?vsxR=^jMGDoKoQM}+`zW!y%}S&7f=K6
z-~GG%DmAJ%YKQyPqjReU$C6t><}-*9BP@VGLG+@uurydh3=xE-0UD24MRrW#wvIe}
z`R)|?$N!A{^JmCU@hkHCc6>+vxdsrZr{H=!8h>8dkrR-;@iw&V<d|><#eT$a%#0w0
zJ~6*~68>T!qGT?gP^)EP+{T^O9PeH9mWITu)VvqbQVoNNg(sD%kWPsqpco9e%s%|^
z!VpmIM(2^HC_2NZ-Er4gS9!j=r0rXSK>o>W*6uZiA<>=il@Z{zCf>2Vb%h_DHz8;3
zkdU$2G`5MI>(&=E(H0GDB@14=nNsHeX!p}3^0WI+Z`Y&WiF8-rg5c$ku6q=PyO1j^
z(^Dd`vcH0?7O1wb0=X~n=RYP?dv(6^Li4&uIpw?IZkHOsP=EKJ2ZgGptkqw6>)N!t
z8Uch|$*hm|8BrtM;CWh0zzvA$0*;^PI3zf&o}{?8j^Y9=2*1)XU5<@|u0PHdbx=bN
zOz^M=xB<vRX&nHbR|1M~z}vok({BhzRX1(ue0LyRfi^-K_&$^$6W}x6cEb)R^<JVH
zs*pUvu!OITr~J$=%n}f%JCzkyX2gQf*kwp(IuO8xK*ROfcRPhmj+}s4-#5N~-p5lY
zEDf$-6P~`BZJu<Cm4C7vkFO5Cee0C!DQ)ZH7<kx&UM|$K!%$)0y5Dlj3q@&NIe}yR
z733(%od^`T)5X?6Ut{`4j2y_H>7Fdva84fYn)d{mq6bEv>FzZ=OLQQ?^l#CT{J{gJ
z&p7)Yo_oG5u_p`UiY`AB^N;KjjjF33cb4c)5@Uj1N~FZXogh;Y@mC`_BO;KJ{Ew*!
ztcq`BJv19q`K=dLE$`dI>sqAWC;|D0GW#3}x-NoOhTdBl^i9mq2st1tT!N?mlK}nT
zTRy{<yC9(6PHSPgDx#=#t0!=PQUR`#e_q@)>L=;>TNuAd`tJx%yuSa}CbD6~o0z?$
zdjVOv{aEYY6WK%xEUa2pufyv);eT()l+!P|yw#{t6K^}dqR42SJ9-aY|6WKU)4ltB
z+d~kX`G_`%RT#6u=Qu2KwKzcRh23u&OQu76YpeqvVja^s1{6@*{dwkBb7H_=;l(>z
zeQ=K<;MGLc8PYU-+nDelLh;MSlvqK(4#b2-#wcqHCSUP-Nl5zSHt$@X{U-aGKQ;-$
zPf}U+re&hj#{H%#fMgAS+LqawOBz}gD#K<On#CouApFbD`5asB{C}~}9N23>vcylD
zO)&qQIn*P+u8okDO)vCw%VvoW*cq|+W9>{W$77fE&?W@gvBc(hF&QCv5fKwOPlWG>
ziU0XKe*jQ-EWp-N<lp@>@-LhrKl!i7ALR2L`PqRN*hKJ3(R-Ws&zOs+_K(H&RC11L
zu9RBu8QK9Usdzp<6F7RK{*rBfUhhMDs>5q~K<sn+eVmZMWjx<pv~A9R8e|n__w7)A
zg7Qbly??^J|A|cjATk95dabJOA+}C9S6zzF1e2)8r98$n6hiz^Ex&+}PzRm?c>M)(
zs=v)$(f?F^H~{Kn^v^Q(wq;`Gj`am(<~HYt)Srar54gG&N+#RskR6yTk88Hh3_L9%
zZS0PjRTemrtyxYjkE{MLyIXzMBX>Jx;PWmOENm|0cPehRlOt*WUhc+H^+Juw89ImO
z<O52l`nRaWxFsYEh;?YbFxd6D+a-~LoC<*Sc_Y_9EmxSgzfQxi>$yCh8RCth(AFI+
zWT<MZSU1nDr^f5B;1){G7OwGW<JiLJWv~UA)^^7~gwP*qA5cIGcPQ~o7&;$ppZGTX
zK_81*<7Kouiwxr_(f$wM?#~<dS0!oi8=y#PTc10*=$N#3knzv4a5EG|b!zu~bd94T
z05s!2qw(cuo$a>)E9UUQ_BVs%%w7=wvqfT=<@{`RMjvuX{UaH_%S{_BL^7wd4F}bF
z;NTl_lXlNP>(x^j`kMm3qWmB9*5CAdgrfSP|NpF1&&%VX`%I8MI^AS|jD>_>INL_w
zG}mu!G_3U_k1?zvzHUiwfBDM*=A7=*Qwau4!QYrobn6=nfJuR+c+)NjBaza;576XP
zyGC|@vL7EBuFu~QxeDZmf1dpBl-=*iAS4JR{?*<z3)khD|0jjw7ZLw1P=A7)-}C1b
z`49h${EKJEPxdSFzvTOl{5ZfXF~7xuzpRt!cV9uJ`44pKmiDS{JcX}GO@0GA-G6tV
zWZqAt6c(a2_lzw6W;7%<?Cm-w(yzZOEf0EXj*}2_nW=Jv?Jz!kFZQ56*4b4KyGmTI
zz}XmqUDZ{jK#L#HYg~P=K51jk7PScx2>jF}p=Fqs#WD=Z2aA1sX2s<YZ$?4+mF*tY
z=3{Q%!>#xORZBB1NQ+??aC_H!=5Yx+zb@%*UO0#8eP1($m-6crt!-{LM={?YaQ1gz
zd18G9wP_p@%E{>kxjuY{XVqX8Fg~;lPH!5EypXZOk*^}k^&nI4xW&g@tKP}pl+KfB
zlBqtzQZiwvf?py}b|22Mcc`jY>VG6(Q5rchVNz+$@+zWTKmo(Hj=(WqJm)3v)`w~E
zk?3AN+f{*H;_@v1MgDsRviq^}E=FM#l#d<x@3!KPM<{P!N?<NjtW2{54hDF_w{wUP
zk&7E+Z=Gq`{LsSJ)c0ueP3L&!+vVRJ951C@P6v<5PiqUpU0&^sT|>?*)jdV@jEsEY
zyIF<KDw(U<wetcNuLiwCUuI~TPf&L$V6+^lmQDY%B09HWXB%pXY`m|Q#Yq5h%rqUP
ztMvJVM7*;hJzy~$ymaIk|4PV;2l3R&`&CH5UEzBdbp&7Hy?5;o-G6d@$F160?nTZO
z7<A-r!GkZApPHxlc5_3?lzQD&g!YDvLbv02#dRc>LiA2d3n=5Fg|ACfh*D1i&fE0`
zSNpvlf71!Y2DNOri<@f!*6t{Jzqv|S=qTTjN<lPKnyeS73GYbB1KoA(*{<efoT-jc
zV3&SK7~%Td6y4%3BKKG<wIO4Owt+nEWVnj+#6px1><|qf;m;Q?wUiiiIN?&a@L;ug
z?LMD492vnl{-y^-Wv;3!@Gv>7Ic9e=oO4~OJu*oP3fjJSyBuCZjAvz{z$rdg<aG5b
z$ZbKs?1TR%QZU#B<7G2vm;ie!M#<?@Wk3BrS*oFjbs9d$Dob2kw0*rYe%+B0_He6V
zNa$9E1rg$zq;Mj-=5WXr=_VfCMvet4%i=`TuAIQkl^52^hSb}6&nzXD6!)zs9TJTz
z{OOgSufM;vC^h?<GM0Q|S#ipr{_2hU)NiKl<hiMDu&h*(%DP&n%0MzJnQcZ29=%?w
zDA<m_n(Q38S&Muef<F&7(_5Bb;{_f^4L$E?kkd4d&4ZDsR<T7JSJjA-(Jt}|ZQ)Sm
zP<QY=A5phfqkE;F_hvTrBBnOr4D8{VrNr#v7G_iF)Au6iPp*8eA;ui)|8S534|s*m
zNr%Jwg+_OqiGIS%lQf~8Ql1@oSI{!7<BEnUyTn#%l+3Lm@~f9Blgy0*0-4vi2iNip
zq8^3~d*2>$Ph+BLxF(slUnhyM>P!$I(P3~mq`mfuN3BuG%#&rEKKEua?DLR*_x<L}
zgG*}-ASZ0PXEYTuWVE1r=Sip$_ceMWo!h7GZFYVlgboLawa~pWSkR(q3-hznpKznN
zxTssKrIR(X91)0H{L+Idxu95%Z&Ge1A(G<d{9+*%-Sk`t6tuj*bA7vmCp_OdtY7pB
zb7!lq(DaM9zD8pdwpxw}4pX!nv<i=zmxVft8s;Qt69Oq+^N&>EQ+G;yZiZBZeu+_R
zs%)uNh#<~0Mb{MXr$r>c%FWp=suy)O(c+wiVQEYq<75txwPZHj?5crz_lmi<lzhR{
z{alF#<b%c6ABL{RZQPa4c}Qo$e685&dUjd&g9>ebxRYU$Dd+3Y5#H2Iinl6?M<h3%
zsKRPWi>(XXJ8U>Fbcn4fE~>>GHZ;V9?JZ3Q^0nCyGg|HM=0U+1`4?CD9`wU3brobD
z(*|jBp-NAYAN6PCUphm6(qEB3dg(jz_tAntU}jL}7<7*3rZ<mF8jQaT|0-2?rNz<(
znqpK(7c7()=Ly(_3EaWZ-(7CWAX8M)FX#Wx^QC6S)8Sj=5eu5)xnEKf8|56Xnez$6
zdgW=XL?FpNbaP%gM@+%=rZVgf8$-}_q2`Fsz`b5)M;^qG={le*X>Ii!5`^T17C4`u
zfGF^)`8CBP4x^9R(wWR+1>O&Y1Twq|<r@LCs&nsQ_M+Sq+?j^NcgEWHq^(l+?g=4`
zqnY_gwc7)E2Fga*UKd6AJ-IW7%#(;oB=26;cN?&#tGHcB&94HQ<6(Oi(^%cSfv+V|
zL6~DAt0z=+<%(pD#p{g+LwUu)4$9WdE}yG05|*rX*;Zs=HANd3s-**%`eqkj?SfP#
z%59A@_k%_ZVxN*oy-%W$cT5)aEoHaJT5n9T<4ww3=;q|faeO%McV29#&0wjNSHmg;
zf%KR|uGBuixg*?Q>8#p_0jnxcQZDvcQO&(5NvrQerSZ(H{&l)tq%Lry3ntu_K9Dc+
z*(6La6`fh~wr4b?p42Moz1Ann1juglsBrt(i1mZ)C<B>KuA!e7bqC+QL`oBcbQPgT
zl_3h4SsOy<Kd`3`N!Nm94-sEMJ}ft6HZq3Ic}q94sywwq{pmu`w{!OGrOsDV__e1$
zrG8qeB{BF&SOg}Z9h)1Gn`+^jSnSENni8f7;^I8e!_b-IX&reHb2y>L?<-Xc-m`0P
zJPh@{+kXU>LU0ecF}p7t9!wwh<1l+FcTmoF_=dK29tF`_c{A-?7bj48X*MqqJ(`du
zwyUPHm3lwwnSXP~L-Y1x0!8Q9Sz<JOw}RX-5LT{g=Tp@!#n92s(Lp_jmvQlAUc#8V
z8**=O@?~71epTz*auL&|kFhc{dtT?d$Q&jXXPF(=nIU4bn7c~p?y}zxUV`Rk4ww1!
z#7&l#h8joX%YEURiR3?5@-}f2Nw_6+&wLl;@ewW7I!&cmj;kKI(uPX&ps3;iMWm*m
z7ZosmN7N|pW(xpZKWQ!P{lKHZQa=$BJ*J53A3HRbj>XJ)hA&O2_K2sVb7<6_z%z4#
zak(Crcd}Vqu^q=Z%dY}S26Ji38V{yh1mjBkqXx8C`igzyxL_~Z!52q1UbP7w8r6Hd
z4>Bvf$(mw76fCcJjy#J&+1n6PE#17Ma@a37S$To3xHu74vE8}|nZrhI8DmWOYNY&S
z^ugnl^GU2x?=^4);|2LmLLT%JlgD)E-M&!YF-bzK7KClI`T7$lUX00#GQB?@J`&k-
zl7d^(d7s8~l?)yILw4sP)WNSUEV1XH)%sdG($&v#Ub6db(M-X{wc(1Tn21mgu`Nz7
zkZ_^ar6G|nwpdiY%iwkg;oxKOlUV2e{u*lk#i7W~9KYajS<<?$r`#i&N|l;NV}+vV
z(qyi0)^9Z+m*Xr94YCOwj26>rm$Z3vA-0+Ow;N|yB4&xh;%hO-FTYXaDY+h^@6We#
z$<;vEqToZ<1mKI2z(LDdm~}QW8^Bt;FfY8AW{F9*Xj`Hh=4WJ*v6yKIaoUx6mKx`A
zVL^qBCJbkA!e5@3?ip~F9i=Q;%MC1z72xL~%a!@4X1o&dg;*igkQ!5sf(cKi*Q%to
zH>O)OY&oMo1E`9b7t<pZfV#>QPlT}FNt`r{6Z7=C3|KsET=K*f;gQxXEA_G@Elm2F
zSg;4BX_fO@8(!!QP9GkXBW=!OiK$0-?|(*I%WBQ|l%c8Bz@dVD&Bz~1NvrS9a$wBz
zt@Y3AvQZMYG`ur++HpC9-cjV11@1Vl`@eJUX|$p#zc0BN>*X5M(#@4)-tX$45*S)V
zZ=$6qBB-odb|v43hs-$Q{+b=xZ6|66p38n2;`%PsAF!79uD(vA%}`RX&}kU6h|z86
zUoDbo!O<w7zE@x)Xs1z;SDtC6O3JO_q8ui}zKn6B$Zjd9EvoJe`EOkKV}1VRGvvSi
zEAq!DeMf%7N)U)K@}Wbpf#q`*Lb%H^hZ>BEKzm?dffs4?MS>f4PV^CnYR5w}?!;y%
z3rE!r{P<8}`CcnMb?f)f@<5F<6l8>LD)B3KmlTuQD_=G5e_Y0zP|4~px=~pGRA_m@
zl)kQ-Vn>++wK3$4%n6xqzWi`ZV;1<YQ4UikeTr>{#!wT9{VgW_FbPiKER#Zo;r8{F
zS5AkAb+>1E#%}0pS51~aJr;AwFu$rXJXCK#l+NBn`H^>b>2YbA5dY+zkyZWjP@nV8
zmqk@kuy@w)&5)Msz40pkn(E<kmly{<Mv88$cVVU>(hNLoQ%w;W{a2blwv-U*;Z<uQ
za90u|Fjvz^@8#rtti2l&y%y13oV!BPHx1ooQDM%%84*_>S_1OGmCNZMga`D?#vA~T
zQor-fa>CG+?dtWwK~Zf0*U4>J+Gf5$o|N9*^jz??HlN<XY3${>zB&x*F1(}QtpQEw
zC30n{i8i_20^cjUTs_oXkd+)W-BKMOLD1~oazScX@)47(JZ^(M-vZypuunHW#N|Ns
zlABQd7FRK?qrhYZTK<4p=vNTF1t>BsmetexbAab_)kXag4Xwvo+{6mpiuuY`$?vlH
z`u7A9hO~7a7{*n=RJRZNZcxyNUee%!S`eG(3Web#=+`<%8yH?Jr}hfj+F4q83HdoI
zcvW43LUoBA>r|H^kHOYAg3Xy+eDyBxXS=2cSu$6txj31nf3hWyU^Xfv=cBMYRCOKQ
z<?cp&I7ly%zqABZfzmdaor{SjFNvG>QH37P%1{WIX{;t#kZNRADKd`0s~;6^oPTL=
zX(SP9ZB1LxoBmq<jopa=LJl5~vu0@k#Z^TT(Q?wwVE~r-s^Bhl|5UI4yV=F3`Lr3p
zX_PRal<9Vv!&0_&!N5Yy7Fl@FDhmgS#tqNBHkY<Aet2Gp?Tf(Ji8J3;&IlR{m3oOx
zH)bJN#MMnT-}gr3^wO2Pelu=F7gI9%b4+upLd98luI%pLiRv?RFqjW3-JPo6&AlO`
zp4t;2`r=~r;Z7F9wrO&S%dAMyt<q`q1IZVUrU@B?^aO!f!Tf!xw-(BRAy4kAhs&yX
zFem_rGT+audp2dIk^GJ(UYu1I!=QwV_#>a}Cfius2Z@(Ui|H)9_d4tp_iK@4OMyF@
zcWN)pu@6h6tiE&xhw7OY(Fv^h78R&>I~W@bnB-b$F21arv=qB(bLcVsCC^PSku(e8
ziY=Hcb*%G3=;1pR(aniF=wZ*}r`Qfitsujvm;4D$>Q(2|Hhcq9@k(jvoH-6J*{K{G
zU);}Ikbjhcce2SCE*h(JzJltaBzlW8#NIj@4Tf*eGFraa*`3RhPj3(1S}sC6N@qY9
zna$F~FXP=|`U<+LsVP-a9ob^_F)PvwZLL8q;BF6#UKuH@?X#8^sJY<%U7t>9HAs%A
zdw$H~%2;Xyfs}#AabiGX^fO$mHHG3*3t^4+j?W<y8(P#I6rXZd4~dO>=alMz+#0La
zbQx;(NqL^>?Qle1o=>ul88Q@+<YCj;PIE*DA_7myT+SsvrYj3|ax{_25NYoxX%t39
z+sSoXmbB4o4`$r6<I<o=zV?z>_++8<6P^B`v!`I|omDc80<RApv9$WJOKSFCL6=1<
z8gi^NkUA+=j#6ZIkX&t#iuy`2m?wiEc$&ixvi+mqJRjXL@7L)W?_<ehDS46ee8$jp
zAo8=str~q+#hvsQR{5|CD|sxF0!Cl_Nu~zQkB(Tx^;-HRraPEd)4Y0n%#`XQ+hcz;
zkx8L(orT7lmr<q0V?>hh%jj@?>rrqryV0}#!!C+#f_zIkc^pE4H=RX3b051xLN?7C
z;C|M$noN6)ma`uQu6RuNjBVz$U7TUzS-Lf?SD5;?T$n?9n({_>Q{dVS3tv=65ZBGh
zYoDG8Dn^;jD=S(kVW=;V?gd)q=Dk0)`EULi`B%=6pX68Mf2Z^v`Pq#@phU7vk{7-Y
zc=gq)pRM1$2@e~HME^od=W0UOwXb*~Ne9*Uq1V!KGE5TF=qX3@9h#!KVr?$nQd}3z
z+UxcHQV&%mR=0bK3ljTz8P->QEVEnEq%*Y0iiQkspC3;2LWtM+&FN|*+cGqe!o|z<
zj*V++@@{tM`x|*ND!f2V4Ye&n16rtNu8e#@J!xvsLgyk!E5GUB5D3ql@Y8^0Qvgj_
znTteu`U7Q?Ct#LkrZiqYQsF8h1fQcStHI^&;b+~ETv`o{g{iIRsXFAP{&z(lqrb`A
z$=-7;aE?o^M)f`)6%C4%6f__qnT&!fWZU0fL_ovd<$f{~Vr11a_!8n?gtw;JBWFSt
z;80E9W#GJG*;_S$aSCQC?>BgAqTH-0s<1s{cE?Ou=g7(zaRut?N%^~ZB2GfBt=2Bo
zy7<P0xq1>LtQ0Wm+R=<P5F=t<4yj8L2rA#Yfle#}v(_zh%iwNXzir-+agdRc0k)6O
z5TJ~G|9HX79U2{Mu6QZOt`tM}#I+-G)&pHbPGfShLnTJ^vm#%!?s~d|$GLVS^w4_H
ze!#j!J%-<ih*R3`2IzQT952mKLrW&v*-1X8mWQwZK%bV84s8euPu`D`a;sdp*_FGJ
zu#&`T$nb?>A41w*YN2f>@%+n(q`sYLQ_B|FMS?d|+_}TT=NG$i)#?ftiyAYX2vGOa
zB!EJZb4(Dm7(|mquw-e171@`q_Yn`(oM3t?O;2u?SK0t>*$WiGmSi=^DM$VV^@94n
zYfYC7*k~~oRxQ$sN&-~Y9bm5kiAfJym^Ml%d?~KtL2Vj&FC*dM=V`Iq@MxTwaPFvi
z-inxj0DCz2NN~jojC3ByI2m1&?eh>6gT>3jt9n^=s0!O@jC3b=nyT%eS@4xzBb#?v
zx?>qXw~6GK%`eEaSh0coIjBQzdRpC!7=^W*xTB1?{motFo|{E1YG~INX<o;8NKay9
zpvdM=V}ymm$7MG(!8}w}&=Re|h7L5>xYVd^9z{24L^xEFFk;p2rh2z*;c@Q}`Bn4D
zm361Wt6f&s8s5-|bCBl&&Ku$A6GROw_lhc=u_>u3IU}a%^%dpq6E!*L>|*cW`y?}$
zE1|w7)K@#9i5D#0`3W0_7THIJtBe^{iQ3V2QjhmYHwUJhXeyG<$x)Q%yV){Z&@>pY
z!Tc>^(9e|#@z`RPKqC@WLZl7n<0}hSR9IewO?y(ll$l(*CHm1V^rNd`f39=XiFngd
z%kfgPJ6lsAP~>HisbA>P<EN{GqRi~dl)k%pPbKE(-xaeCL-Nj?q2pFOR4<C#yVGi3
z1r5|51b8c)<WGW+H@ksa#S=NWZA?F9Q0F+?$!rMEg)PHEZJ$O8YPww8!;2gw)bZk{
zqA=^x-S<unuwt=qo{6$WQM7hfx439R4yR6UJvIm#WHzN+lwGY-<ge_e^?Pt>MKCsM
zMW-)B97v!3R=Fi%n-C_HqOgI;omjC`C@Kr%4bh6#<*@7T&Khx-?uB8hR7kzP)m%G8
zxWr~)!W0|Rj%CmXWtV>c6=b{syvsKMq*-|S(MPG8%4u!R?q}!Zb-w(lB7xP?U73$D
zEax=gY-L3dXcRHxP5B-M6xPoH&(#j0PA(R_D9lh67pEYU0KGN4+Gc6}tkQ~QGEUO$
z3j2wf>IHnZn|h&77H0g&Ah#of?$HDxki$`!B^>zdvZlne-3jCh;z_sZ!fjihY8f6v
zJqXawJ$~H8pC~AWZ-5XFIe)ywr`5HC`_S}e&rVE_1`l=g3x4bR?OZ4$dQx{47*IY!
z$h=ZOL^%_c3(yV`-GfLvdV&&fePILjk4pQ>y^qj^UI)i=&~H}aSWf4scSm2P5sgSr
zW<yifyXf$5Y8s-EBX;+gN+&P8*IjKsMSg`pBme3d@)Q4x{OMTVk$<Ha1o9485-lrJ
zcaJW60aRrXs>OvzON)cJJ_kE~1>NGa9ICVy^bmP<;f8j+euxXi?xKi%dYVWO=!J$x
zAgYt)-8CRd>yeMsocz_~N~w%@Lu>5hWxYKaZ_i5;C`lMV=_2q{9Gby?bdI|l_n!of
zGENFBJi-L~0aM(gh)$)xkV_qc{^4oJB`V!q>6!G`h66SFBy3?)+ie0tAk$C`f6*X1
zTFi|W%DDG!7{u8BjlH*yin0wKKL<fjLImj+5RsJb5@`_-$srU(V(1*oL6L3{P>_-q
zW{?~jqy>>?U?}PC8Y%Yy-*Wf+zWdufXaCqe`-dLS@tOO%<GMcg_1yOrB~bHsGBwPB
z<hRH`9T|Z*qd0sm{upy3eCV$dH_vOPj~hr%bP~{C+ZZJ17r%;9edClrBe!n|cPMW^
z9z3WTwyWnI7Y?$xJke~8aZOc!spnyYa<ZOTEq&^hSZ$sIx59!b*V}#H!cU#40J>>F
z-TD66#y8?Ka+8|VRgL47M4+{LMG^Gu>B=f&D+6yyK+!%UF<2>=X?#H}Ou1mSqDD&k
zh+g9%vc7_~Ssd@4FOgnFjC9-WXjl^*$SbgzU39t+xZB_tnVjwCp6;9UdpQ}|C(rnL
zoZYbK74qdlPl~0-LfHb1TjL*!(dQlX6Pw=%0lZqlMKN7yz(eXWaX=Dg=^*p$vPt}m
z3@J}A6Y|vrqG;pc$P?2A-^-TPKyup<vs!H9z9+~si|04MY72IaJ>APn717>Q?|Dx+
zx}iTo^uU|dfKDJy+a$Y8k5{Vme84j)CM>XwCE)?<*J(T|Ip_^MN6zf6o?zx}h6MY}
zh!3%1G}M_6-`!T&FZ%QquW7=E5D(C``h4Q1ZfL5>z}ZoeHA0|;;Wo;Z_xecFk#XrV
zrH9rScVptAAJVtX+ZwMpq?I_J8bd{D_-iE9e~hG0fdMVIW(KXo7!)xSS;4+PhBXzU
ziX#r*0*)^=FltP)@m5#6hh6rV(el$w6$@+k>I7Ry8JekKp*yY<w-DdUVpmKqwNiay
z1v2|emHCgf>_lO7yfzQvGMgVwF*?;ia*Vz6t`-!=wVH4Z+=QH(%Ob<nHIkG9?Y@Pr
zD7X(NYMG2SyIuXN&EzVb9v*tp$o3{iXA+3vPEBYy9Aexms0FToq_|<59}m2KO+srA
zFbVtKKn%#GbRRBMkWv}r7RO!@xsCW_V$NxS;wNM+U!Z4#wfj@q9)_H>50KS-=slE4
zRk&;k_{R>D*jT&Z#jGsIY!wKtogM=M_U42O6{S}uv&FHJu?-7#ql(PV!Mvb$O;wfX
zydPPg0a4s+MIvc@-&bEtK$VXBM=#naDrvSCXO1aLg+DwO)LNNHU@3si^nlF7r5pek
zJYF?wG87PD@%Zetkg`16vyn3+Qt+2LwIiDKe~csY*~Mbw0gFi&1bo-j7odc!-LANf
zX7#VnRMui2I&~iF)aMk}QqD+Bkr<d%WLnZ^PoxZtsn9u8IakinT+G?-z*eb=lu0j;
z!U8z40lF|tyAI6QhMNq94e3gpbt?TpW?iM<izAh^XEwe9t6E=X>E%`X7SfFRYr|S&
zo`#AhJFBkuV*ip?jdOX0or|mL3yRgn0(2UN+)W#UY&E<ugQl7Ex4ZT>i<%W!L%&1j
znmjhOFz90VJgesF9?P$ZorP@`xB&%Nmmxq1{3BRX0ji<S8u+JPX{XWsg}c;EDd~H+
z%blg^wx!FxXTm0k!2{guY_BHlNzxOc7PrYRR;M{Fp!x@09iX^CEuab5nb*1W>a3G#
zt!FW`-46S^)ko(KQt_U@OV2JBlV;2y5+ysdS7XJTO3n7l%3@qKzn!Jr4jQ>>P%==v
zPTD!S;U)%9$d5-%Z2w{bHFy~bgr@t}@lNmo(s%^RT=2r=-88+s1}W4GunMto;?Bvh
z^WWs(ydXct@8mD6`IG!#0P^QgP>JEou@p^%T`xvC`%eLvnbw2)|1r?DeWF>TTkpHA
zX}&mKf7|yBTjYuQFLm8KpANCzbBzFg01SJ#A9Z#FU#@*RTjL8P6@^_}Zh%yU<U~;_
z*$=HIt<0eif>A_7N~Xw2g5qX5`>~zT@4WDfwmge~mG%~!I$xYez>NSL1vpt>Xl!v<
z%M0FJ=Bni8PZ44r^S9VEbL-KCsodN4`5#vtt*YtY3|ENYj(-vQtZN36lKCZtK!v8i
z1^}=Gv5ohK{`Z~;%!CLfhry-KzK*WASMoQ%4`+A{xOo4<#x{VB|J3-le>NO6{k+zz
z4!8+_saK{)KWj?5T2HN0SJuCdaBUf3i<w8S7!)^d4oBHB9q@_1+(MdSW1Z`Q%(O0K
z^xL_z*O_Y%t?#8Us4LFJ(6Fst%S!drV~~W*aO#^4?$ciqb@kMLvCYc%Si866;Fp3M
zUErY{z{5FzUA+N#*G%ZOh|f-h!HBJ|LWQ|fT{lbki8DS9pNS@YM!;*8%(#lUzl+eC
z*{v*zM_XOMJM2O;BV#Wx-0%;uttf^1nBOWoc=Lk3LfqQ)?hTnuRkv?b*=}gIA_v6M
z0XiPx^A6=mC`KRgYuNye*t`zwQ3Lw%&#Cj~iY!*_m$<AzZRU+1*nc#9h9#8U;-cuq
zFZ>Jjo_PQAL#banH*=mG>Mz~`GqyT=W_Y1@=v8T8gK;3!H&o9a6OQwCt>_!S`odB9
zo9gglun@S8r(eMQ$zdXCeT%{paREcq#q3MgoLd2Z&|Ch3PyizlEzr^y@%u6AGwL*x
z!<{NPW?)Z`c-HUFv=Oyngbhu0cTu40TL<QHyEt_xp4N$RV#5o@&BFff&*Ohi-(JJD
z)%8LpK@r`B;j{7eRO}P!*WSAGzqF;_M{t{!sGhR`nta@K^E?wCVXcAyrRRFq^Of$K
ztY<<)KI(oZ?bEB23C~_FYDbFQf2dg!4edaL8VGLULZ7~WcR4-@c7xKsKDUVN*QlBS
z+}B-f8y9v7Z2sK3F!q8*wLSVcsWd%i{-hcD^(Uxq>}(Tm+E;6Gm{f~)&$c|E#$kpc
z)9O=zbDm$ECH@<1fV#j@+fn?0CL>k`+5{%8l7@@ugDKo^o_%YrO14_u%C9Av+1vIA
z8a_=w7V4!=7*EyfJtevrq$A&n;5L2n1o=?y?VP!2IMG&n%cEkC)X|as=gumK&c5|}
zW~k`6&0V!ih5exD&d2jtL37$?l(kXc35faiV&b!m`-Nv@opFB=#!2QMLLd()kkrK<
zRe<KiYpG|UAqC5m;m#awhl20P1V>i=LjFP~pq1iMz?LC*VNG1%9s()CR7`H%EWo_L
zsfcNEC{Og}@s2UZ&6ts*RjpL>K2@EZv^>sd`JVL4dME;HhBLl}3xV@i$G~Rjg@M2Y
zgUXtqFRTp{4CO0DE;#OO^YaRRJhL|?%~3+hkeL+RAAQ{AU<2c+F3l3cQZIa<snPp8
z(_6?E5Y|Og=Op^m1~mC*Aouy{k0EY7or-?JFPjM3LoFU<dX=?bJ2H^$>rY4ktAt<E
z!g$WsbMhPfH~F_N$WQ(|`AZ!BB!BN^5a<Z;9*Syl?^XC{x<t~NsjRd~de1^f>Z-}m
zB)ErusMe+Bb7qYE9s19|wj?0qIIxWahW;N)o^-}n4+uxmgKgm&wwDlVad1ci<W0bi
zQ?Z7&p@&BZB)7|5nUl_9d$skK;QzpYi`*>BP7L4paHAR<y^UaX#vd_hio-r)5XNAh
zjDh)j<0fq3VI~nO89zjWk0aQD2S@oGmj(#y7ds^#E^K(u1R%M!7l4`Szs$LT<kosd
zgQvkO2QL>uZIYjNeK{??zSB43Wpw{~chBFLiT-6-of|fz$fCobMI*P(FgM7=y_ue7
z@n?Ez&m}C9JcZeO$qs*^mh;@ym$^`>fA0G$G`QJ$rf5|+HOAucrZHoA3yn&tRu_kD
zd=*JM^UTqatFEgdNfSi`=A`UjKpwx^QaiWHG$zljs(dBDz;g8l(mGv2Oak?Xw;xo$
zIXL2ZN%pDfm=O8shj(3jUcnjdHs|V%34IfEvhl+nT&PPl){@-DFVXmRPM^hJG<?hm
zSR5+{xo4M+pVw^@?QN2vtt%*)Hzp8|&?~d<I1f%i`vpgfp>9{oV=}F1yi83$IwW@c
z=2IO?mtE}oP3QLb(g9%K^8P(jbp*{OY-u{xRReAke3l=<&fD1WPgim)5edJr^J^12
zw^8K)l;Yh4!X7^E)xfSxP72rd5>;Mxuu25-;i=J?lh<9~C6yZx;Zl=t9)R!rIWOH#
zeu4@wHuu4v5LdZ;m?izgvGsTDakci{`gOyC>*8|s^J{m-<eBtrNi*|*i6LOx17f%+
zZ2=%o?QfMhD$*Yif(sZ#WDPiER4a&@->@Y2@B%yqUi@L!00{ZZ0@ReIfHY?Uz0g@s
zy|qpEf^lG2CwScG>!i{3Ts@nXvTb*ydHxs}ny3=kNn2V$ogN3p`{eM;G?)c)z5Q)d
zqyeq&{seJfd<}%oOEW>M9dMU4S11n5HdJ^>NvLgoSAOjkWobcP!|w{vQx6Xo*o_42
z?468ZA>V8fJ;&v}Kf0Z=S-&RJC=Z1mJ+mbLhDkh=w66~{_-1cds;r=7F7*P~2dnQ`
zQ*Q7ce@G~0uLE+TwXecZ0!C6EG#V!_kf$y}%>&qPw#y)F4R;{femU{f_^|o>@doxH
zdmt6MCJgl}gi2(lfYZC%{>P$vH*N%7Oq$|&Evm#V6#FOWf%&;h8$GCizWi$ui;B-v
z+Ioe@J!C&Y#VWwn0+0ZzK}U$pFKF!%tk(cIG#X+wi#vPO102SDv|+!*_}4>^eM2>l
z2xLx=@|)uNW9k*SS}vQYNag)cPvkZW>fJ5uRWA8eapnm0KQ-={wU@;L<fa+{Mx0&>
z*xMhaTW_CUPCGjV4oz@m{_I5FF<IIk1?+hLJTKMhA6>}&tFz}>tPbwTEOGq=9j-+E
z)mdOf|8HygocwnGP5$i*@{|2e{z{fV$!~!KU99ClM_zI)@{;-%P$+KUo$RVC!wZyn
zcTwx=J3%#ep2f4C(;0Q1MoJH(;fB{6MH}@@Hb?dOlFU?v!<2j#<^eCi7*DLSE(xdJ
z#C&$L^Ssr>>IHS0Q`L;CsiH6F%ieksbvx*JZwnFq`&rT-cI9c~<&Q>`B=R7Xlfo%`
z@GG8Py6Z^2^*&T}E&@`tD>y~8w3Ri`3bC*+ps9@rpbrx2l-r7Gc8?CW%O1=Kc2(Y_
z!UCg_uLa=_&DQBFSGk5&kf06^`Z|8=mq@bW9(=VM1#RE?OWwaC_L|w;29o9lsfaP|
z5GFSq->W|6WOqHj!UZ2JyspS1ml}$D*=hHLV{5<dgTq{+*0Bm}$mOwTmz-tyfP%zn
zGbwZ{4L4lpDr>#L!o|;SfvsbZzP;Wwfh(Q7xX{R^0ri^7%CZInij{ur2d~*5c|6<O
zL(J-KEu_J%w?`*gO4@MSb(;|qfgimXU%C3?dZbRUC0Ww?biE^dO)RSpa;&HCmsH4K
zBAv9FyrnLn@uoPir;B)=FqMEIe&9sB76{#cIIqiCI<AboK{2CbTKi*9h<mEp_|nGu
zhRgudq=%rR5t%%YLYcgdAt1N;gGy#QNKK4|uY{Kx=gID>EQPHbfz-nhqml7eCoI;h
z%yx}2n?_MBCiQf4unsfERb%2HNs%0kp0crkYDi|eE)RLK)0frmXOO9Dt}-MmKn#Z_
zWH|ArpIV^KBk}7JG@w-iP<99vU7U`skQ&h=k=UjU+Bb?L-8Ta9eTkHEtSOFkW0P#T
zIU7SCQyZ0D_f`35LcNt5H_ZtN^JSw5l?d?}#TK(I2brHI$BSXsO8epI{}ZH$ziP5T
z3+9#fd?Xr!Wohn*%bB`;+pi2pK3;f~Y+OOcn@BgW?H}zZF_7F?EsrrXCGJEyk8~c7
z`OH-vOrXfHf;{t0p$9Ix)~Zi?{mmADC7=Ja@lnEm)p#9VtD8^^zE@)wa*1gV^hA$@
zxXJX|*u76<-TAGgr-N#3AUy{=`-F;OaE4h-o~HiXcdsN+LMVGW;i>nT!n)eoIcR&;
zT_&#~LwBc5((EK&hk`FfjxJqcN*dXw4CM0BfY6s8j~800w2;2}rg+zBP)CCp%A&mW
zRiOEa{R4s93Fb*=E0n$1{eEI$-cjUGhx-(cIcdUi4h$pZxbH6&AN=qhJi{BD+3IPY
zuNg+%D~s#mh-+4>DiMzS0e_5vq~DrKRTx98{oobjI~Cq*)jyvbUUKdaHkw@}y=G*g
z_g=!VWU0L@5V<q!&!-HAo*whOvmIN5gEs}--S-gnzIqxJ4S{Xm9p=@^r;oY53!LJ4
zEeiew1<^<+!!D1D7{<g>5Pm$g?P|}1(<?R6NaxR}(Z5)sw7b`0hIdVtQELhga&Sek
zOivy4knYIL@rmpq3UmjUh6P7$?HL}2Y6bF%DKg&UOzo|wTY5o17;u()Siqxp{gAM;
zWuMhU5UUdkX`(<6EmR6Yjsu?NDK9&a<?w&hz?sbxQq!y#PO>k`=n^nBL>o7g$9Ez5
zBs{p!y1gin-y>LztB-XWD+6txrlPf}9T4I}VGdWVhS4m`cWh{ee)ukOwGXBlf_67a
zmKm7)Ps9_e+e5Uq2WHR%20xxk4$b;C!@cwl>XUP=g*_-eu8)4^U<z0Lti%#f$f*&S
zbU7QXarREQIX==m(3NrPhG8n}Rzl274HehEK8^B|Xcd}FyU%p)=|tsEI;oYJ!u^fZ
z6J(~HY=T(M<eWTyf^2GdZ%TI^I7KH5J9=VMA@~^sOc?yND3^IM52EGxX)C^f=CIe-
zW$AqnGOTk9%e(i#>TcZuePOY~mfjZ>P;$aoC-@UoP6nwrw-!=nBIx(vkA!1~M)f~d
z48(LS6zS`K&RO2lAG@Q^6n;*A=l>@E&IS2z{7(Kl)Su+{I0S)|sBVjD-et#*9xMjX
z=&t~vktnU9&YiMhd)f(bY)}57$LO?G(2Oz+GyMV#C02!$pyIMKfJE{-IMk-gxPN9~
zW3Ecytc_5B%=~4f@~SK~Bf(G5T$*+50qm3z_0$Lz=tGnReW>Tlhj>-8wln{}`sMpA
zV%24<^E#f`!9y~0MN2XV#A!bU&X_q_X}D+o55UH9w<@Jxc_l5g_1Wg4xXVLW*mfq_
zLWO&<z(wTt3uxLd4`gM;vrxG}MQR*P92lCytdA$6<sL4mAc0D3*~D}j$gMyIhSakg
z6DXI}RoJO_sR<rmvAxD;Y$QXpN9EAJ<O{D5o)17=4QD*`(mi<hVbq#*QpJ*5vG#3`
z@I&X3R?t%@SZ?t9P*M51-RxO!twL01_`JEolE7p&nmzpz0EJ7HJ)x#MH%*9-tSQgJ
z4cAuRZS%eqgpq$MS+R5d{P-MH*S{}DOY~l53@%pTeMy{fb(D(-vzGA^&^IzuFcNV0
zDynEZNYqU=E_*^;uZT<RHQFyJ^fc3&-}=+LoQmk!rWyI0V(W3}61x|)m>0vR_6ZU}
zBV)1DY}_<y7R$0%Er`~8{L9ukn)TFW9tTdcu#jKt<m=#oguYez07?4#g5^CV@%BSc
z3X31^ZN%)d%W)<_2q>=#3URr$BlXTFtk_9yY9_Clv@EEMQeS!!JCn7~bcIq1vXuCq
zh7IU@MsMxoGh#|DOod>{-5+6gpPnd%uT7zH$tR!;Gw9XN)waV4K-SNI%pc}^bBp_h
z16$3_ZQs8n_rB|i<pFmc+3g{!(P&yVS0pmRJd`g$hYF;5X`CvcHpj<P?%~N^n^+NJ
zof>Uey94&v%GJCZJE|fC4qHX$7JBz0u{jB^dy#03jmbf-hfb1(^7UysUItk}b%Z+h
zsPtMiZmbynh@hM}fPZ99zs3TjZQ3E-%4Ipb_vIwQ4dvkoZY$va>R4N)JQ}5YfUpE(
z95SH(+IIJTY(8l9&r?g#QN*U!8X10{dSl>rZ+btQK{hhz6kPkdgBY<<m3|Go)zBW9
zEfuj*Rm4-2%ia0BLy?6`<$JhWtF1h6W&qP{h-;1+wGkH4rp}7Aens_63IfDvcxNmp
z=DU7anYk|}=OPw;=KweH5eD{QCCPuX(|$JQoAJ~4ABqnz`Q1HZ6wdITX&|xjh|MbC
zO{6J<IjQbzde79+d;~nya^jySRA?4z7Fp11<R2EeVzu}HHw;ld_&_!s6PY<kHmY#%
z_>^J+_1FR|MoCH`ioJa_><}&~;54HKCb7)(4P5y)Z_k|g{7hD=fu^rw;8yZIV;O@K
zhpcB~g2}=`CqNwrTIs|YMk4DX-={OKRRimBUSr?<7qq^K=n&IaL;V{KHG-q1-~(Ss
zU*+O(1wn{At64D?>D-NP%2)Hmc2eg<VN*g4`AanJ@a&uv7rY}b`^dZ?d;IsIpw8{f
zuW3x1eN{V0-CK$LKSp7QoGbbo0@nnINyqXjTnv;hAMrl0o9^kaV>@djQhS)%Hm@cp
z`CJ4v%b`dle;Q$N8Yt*Ov3ip@=F|I=w{7g$aTv2@-sWajyK0f7={HBO+6qsA562kX
zuG1f|J>dfNX))IZg4PdEljCDP7H9ct&sw@Um;Hjt8@<GVK4Ny+LZ2(GJSg5EL`YR6
zUkGBA8!d(j8cP^}1*>Y0>DTNH`=5+h*kkq)k)=X#+-B2qecsIH_|An9<!_DwyRY47
z5)<|rsjHE<O0qJXC{V~?5YB>_^-~m|sY(%_G8#ne=StHLxQRgWS@<W$FT2V@8>KjV
zU5kQ_*y6krox+kswBH;*Xp_wyp^4Mq;)#HpoFbf@2-`PlJ;S}vDpzIc)W^jm(wf&v
zyR<764TNrmE@#9!7v75Msu_E!TWg%T<OK_@r8@GtEAMo$Mb6xKPJXxlCjagQ`AL5#
ze{<NM<j;`-fyUpi$gb`q4$nx|1&(hV(~bFCBJG<|t7(SQLTT7&tE8Sl%l_{*DRGaq
zS-#wi>w3Uw^2(0`lgdko4Bk{<NS?8_7dhF4G<4l&Z1xY=wHvB`b4ETSQ*2vaNpDE`
zW`*{Xrs!>Z2zo^<BXWi^@EI{}L}8Yr0?7FVOFhy7*M>69E@ExN_M`^d$mj#y^uleS
zkEow)CB&08hL8?nW3PsOslYf)A4B%5^*88P?Db8|`tBT<#1H#{K!jLmKe4D_KKm_`
z3{h(DXS<0j<+F(<OoJ?CmD_4YUx&rZs}1F@nwQCdzU%dR3~Sm53mA+emY&~>tWO^%
zOvTzdsU}Jd9ezDB+IcHL#CQ0cOA=^N(kWBFc?;>2@TsolZgYvEtbubURA|)3^6U;l
zJ*F6T3L1t5pWtO;GCrL3izu*!E3!m7hsrKTiw{lQZaScmj*?Eq9#^pweRAfSJ%;nd
zPoo^<n8X_>=(P1*BCs@KL%MOd@GJjHBk5i5M^p8QZr>Y-)ZkzU<-_5RI%TJ$-*7$5
z>hOv1+s2w_<s<pI?z4fCt40+0(%K4_hbfLsQXHPzWIsX5(b+t7#8U<B_)_o^L_F_B
zFQ?v7Ir&_SknG`NJSg!3h`nW;Q<M!jUgwSbevru5h$n25;am{?CXRyZ@fKhR6owrP
zH=eo>!Vk}S_`*d7ua#jnYs^SJZ*MxvNq){#P8N8$<}@LjJYmLitL~KJ^(0IG+P(vx
z!KgJ&As^b9&p~{oKv{KGdXcRzOtqh@3`|y9{91|h%yK++Z)}~WN2~r*ZRNcI{f=jT
z{^5L7GTESK(4e;K*3R4kuVHpW*;J9E#1n@Oaz>}~^~KW;1U80a&9@F3d~}{stX8%W
zgRrLTtR_!5x8@H@oeE^e%<C%6dRX<ia#Nep6+Tka62wGh-IhXgflsh~Ke({*EvLT0
zniEe97F?HUJ`#FksEa5?<Px>El!C8Y_{>*r_+Iw#BFn-|wG{uDdR|qpZ&AU|`<0AW
zQt#=<rD3nH?#s}Cgh{u`C_E~+C7XnXX>QIIJKD*td_f<sPs&=2dmZV7oO+a|6o$&I
zr0|O5xo@ijUnf$1SE~!*1kKeRL3T+5SKc~^dD0^#(p)CXt+0cOnS9KKN|a9gZvvkS
z1zFoT{ms)8ifU#)dlfDWlU1KvEg-2_eYJ80FzX50O2k()=7Zh0JDKUCS$!v$v#pX|
zO^)@zSYN8Hr_QG+OQ!>+*+!SEPl3pdn2fE1*b;HiG_-~*PAK5{emhTksDE-<%f^(%
zhZ8r4V){eBaT*@S8edu-A`}*6NO<(JhSRww*(rdHnIAT>3|5l+B;JZBm?v?AU?GG3
zn=)4TWa(b(3Rf$&I@y`ykBu2wJ8%`>7cRJKYl&Uw9M?R}D6Njx2n(|p<6JNoTkrOo
zwW`o4Vk<M3u~R0*|1tYitc~-YpJX6Q4q9V6xl7cIz)qO<hveou{a7=3qvS!i1N5ZS
zT345C*|Mf`&@A?{)~oAxSzlbLQP);09p-vgTK8IwU>^@zS!hh#n8Xv}!^;E?$u%KC
z+~T)A0!m%FW~L)pW*%`xLw)IRwF?@rNFAY^42}?C7KLG2-qcPI@o@$JaPd7sESn`P
zoA0iz&SyYPjwsrq4=63*fRCYP4`JHUus!RxXZXOX$F#CxBh*mgIP7dGJO9!_+)ofA
z958dc9rwqrWwwu|_P?Tt9}t>e{|V|a*I7J!0@%Pn(#Xnxly!ybwct$6uu9|@SG!ss
z`VzBjdh69N?mPZ*q^2ZG`bUa8ykyLZx7=)s^ptk8HU(R2a@W9@aZ@Q}^30q`{nNTa
z+gMEQ0aq-`gxCZ!m0APlwUnm#eA|a+>pd2ECfHMSHSYaFW@WD-?1o06Z#ovYzk%mD
z`4LyIfP_Jyi$5U3JCJw8z~2u)^<Duf0IvF2q37hE=LN`5cus$;x<=7+>L&+$k<q-4
z1!A)YfzDf@#Q)Ezfc=a8<NELW#}}DD_m9Fz5D2=QHj{(LorOt~Av_W3W$aYBU8$@5
zNNFVNl~?M}AjZ6f1UN4hDQ3=O4ZK4Rb|e)4epu*TgmnuQ;97SRVGfB9jU(%4(~R|o
z+hJT(EBneyAuhMdfbffCtJ?DR0idubFO|Hrk8=NtDVlNQ1K-@~>*&uli{u~cS;~4P
z$#K(p)Yt58#}jn8$F_ecUJtD+v^tvTULCil=`<)TC{dn|g0>^Gwc{Eq`Y}?16mR)d
zA{yh{<f3<DrP#4KcH7YbD1SF8C6yBY^#iT~QBr&5muF1gD81>`bv?}iQeV@DYIj2O
zWn=Akv8X534TMdIQ)P&345ijvGbsH)2cLdCby|@aZu2+)XnnwFIV5yt)8Ou>T5F^Y
zRyd;}Xz+ib{_LMwys*APcUyKaO0q%Pp*MMtRNI!k^H;%1x|s~{9Pm^tZCf1slgPUY
zY}whPD_csJ_n7rFqg6k8+0%2(_@#6BeG~<`k~Pj03ej>4%yN&TP>y4YXh*DU$Mh5+
z*!9t?qu~YA`duRhR;r%2h4^P~bLtEsylq$8YPr=b2Y!M)4n7EPOl%sWZy!9&o#{4j
zHiUEt29_JVRUFZrZ}2<P24C5j*=7in>Oh9+lzN7=wZ6TPmTjY#0!1op<pg{vyFSv&
zkbQU5<|$)6@5s?UVn8-<V@mc@;OXH+7RN2~iQ?|Nf;Is;$n2@{y7HV1JIUpgzIG-q
zK2&IfiI-~)k;p8=ds{nZq=5B+V5;G)=fq$y9!#(g+|u98+)fi-%GXH#u*;~woce*T
zVL*9H*pPWNA7i|uiS(dl<@Sqr>F_d?mLTrz+IB@BCw4gBUXFE|xxZdy|0ZxCXcI+y
z8Z+&vs~!0|>YJZLR~m`cum|qs;^VT=Cr-ulpfjCJx)3f1t1UIvGyeC0&!S+rUX!7F
zij#HG@{K8*Po-BkbjLgC>*Nm*$J4diO4GhO>I({7J*@a(r$~Xr$EWPrMIT8aUPgv~
zpW-wtz$LQRsX;!e?{$uLr-Hq7UV9}5m6MePIGE}N7&<nH(QO0a#2i3UFLq;ymvKbD
z;lv6>??VhHUF>D^G&#LzG0Y*^F-<_&AfG763x&N6R{fON%$=uVNnoNRi60mLW6;w-
z1F_kuvM!mgDQTZ<pxnU}3MzV9u#8T3dFt!nd}Gt|5pFw*+`SfXmhkdTeYefoN--?l
zH`d66WEO3s6qPFIWk3J$zLb5I|1|r9)ae{W=OVs^V|rR!ZXgu#R3#(kSxB4C;2g;c
zkvXPR?bG0il=s1^vb|&;EA*uG+d$b4Cv8)z*9mjUG24q?!P$9p#2TF@o)T}cs})au
z7f-%bB6WL0zu)MQPC>!38kOX6!P|_m;~mjUwe8IZlLU!Pokzt;@%(%C4_Z8D9%454
z;EZ_sK(@_h3Xh~D6({<#{#HU~25PLvafu|*2A5leh&C6O1AIeue<zD5suO`qG8wgY
z!k|=3w#x1}xH<3~Pn8lXGH<{m_m^F<h=wNWB1*@N)#>i$PR1%WGDh%sX_gMA@2(-t
zD#JvlZUj;vg}TkhS7g{6pd4AZWF{l!qG9+mXVhcO)|A2U^%?z)D7|-DWKY;<U&_)4
z9ORnkq<gPc+6@BfSd7kGE6^zs^Z8X3HG%q+am=C|GBi8N4m>9cGejm!7@t)KJLln<
zJ6U67Ho18{I749zB~@G5m;t+FwWP@z;XzxEbu2s`Q#i;=ry;luQuETm;iI7%pXim?
zS1^u&B9g&<(<>|D&nS|v#Yjcw3vhgP9$vUf>y@}^((|n3Rz$Vx@tppkfY*Cxt4q%<
z&M#B2SyP+x^;gB8=WQfV9vpI|K^2(H8jN&?bzGl4!T<Cbud+y{cW;cIcV?mBa=<zH
zY5$x22N&cg{+;~acK;;*TOAOnP`8hspY0Cm_Zu|`cI;j&Am3aD1itKn(ttqn!0L|g
zCg_|mHPb`$i-ZWI#Ce5xRybYH_9Dq%lsBtok61TQmF1L_g-+xQELsynA{ITgjUU3N
zBY44efs0zNd*<(G-AIc*j*+Fbb+ePuCbV^UQbmC3j24#Rs4}rTP!|OJ6dzV>l|k@E
zRqW)~W=Y7}Cq!q(id51sz2hqWOwh&oQPJN;fDR<3F8xlBZ~WfY*D%(H_$8k@So;0=
zWu|$z76eYKo<<#QG|U>hBNI@=T`mww7ug9`#mgGACJy;f?dIie4TW-JhOctB!oO|@
zw+%CGDZ|sKar(=A1r!FZ8+?YjSLA-7b-yz=+wUiSfBRa*t*KFM?J~$Kr}+@YwbMI^
z(rmqJ8#I%Px}~AdM4x%Sx&9(PwH|wG=QAnyYlt9}d0LT`)nmfQG6;Uc23*5ltF5-K
zqDc-AQSewt^9}n+siIdV53q#F`npM$mPT=NiX^sfB26hET1#IS?_H_aJH)B_QE{yI
zK@&*1tcj)kH81<EU;4ASkw+-<nXuy&2i>qHG&rV#*jM}~sEd7fKsv`yd`#k4{oW1k
zl&^Xu{$*tksVoOV)!>SqoywU&F-Xcc>k-c!3DV?NjVPO^K4Bn=+f1T?-v+eb5~eod
zFPx~DyTO+aCOHQC`qCaD!B;d+N~2(tM@gXlu&L`yXx9aTiHH4@Pxv3H+)L{i9HyyA
z`<PiCutv!dL}=zXB8@2$8?KeeZ=X#81Bd;u9}a-aYa(yn=;nBpta#-!BIxr`!rMfb
zWt9)@nKn!gu@hvV?;bdA>DSsqIg__>CfQ2sBNvsBfjfh2tQBVDVP1hinYPf`J(*y`
z=LLmCq;3#9Q=IauIYMvLQ(5v&hjqbK7bkBQ@>-@@pF%Rr6>B?Q?xOYKnSSVEK((YT
z6=RFG5RrJ#<1&c%sukkqZE2&hm>45iQ>z*bM>&T5apcB#jz~W|NliRGPdJc?qKkYX
z!_I-l)qoXWV^Q~6ZAIwVI==?Z=kOl^en!5KZXo1mS^Oa3=o=Dp&;?hVpV4OC*!iSP
zwYRJdbx^AqguB^MYI^3B_7#P;h&Xp4MWsLZNrXvxs0>>08Q2ITNr|T;HQUnDTE&UV
zHgS$x-#BNWI|kS}e2F~W^Ybz8J3DR7O-Ht9_dFCq#dP{zcF;*<9E!Q7hs5fPYQVJ%
zZt@ePRGgqGLIHirFSaC|)r%+hw7~j&Pw>9{t*35YnU>K=r*l@C9%{o)tQfn6Zg+6Y
zlSyG_YLxZjoi<JZxxC=p=I#kxw^ff18bcJ>>!R7i)~K0w)0)cnYQn}M_^Hcjb;_!r
zzPqV6e*F{@j{&Y~7*olCM6I>3j^V|y^>W%C0#mtcJ}^pSBHGbw_ec|Gu_cMA>X>iH
zw&h2A;v(VVvfh*0iYiO}+mVX$fma%5S4|9ZC!y?e<dOLq-Il%)B^q3KH|u;lON#=x
zaJC?54%#r<ynwR&8ZnncTB#i??EV*1*6)JQW?!-SPiE&B&fXk*=ka_uSYJ>vv)Ab>
zA)Ym&>P=I^Si^hVc5NsVN_w2z5eud@d*mrwJJynX4!KJrq!cCfrQk3zsy#FQE?_Sn
z^M1=S0~BIbG5<mvQ^GGkSl;TxN$W$Fd6v5P6Vw-2V+aCbXW|;kbVWk<NwP6E2eYE)
z)c0l9MX>kNiD<#AYP}1?3wK@#5ATc!6KCX@+9c4J1=iQT8U<&>H!bcKiEmLP-+p~^
zPjLB=eGpFJNL!nkSTIS|50^BS&MsW#BPcz{MMhrry#HAAyC$9;1w2;+$EDTV9>_dE
zGAt`El75(<Q-iF4_Iu7oWZC6W`*HbR_DqY~TbBULlz2A_+f~rebbNYLOf)e*r^e?Q
z8Hy?O8E)k`C&GZ6C9ofE^d&O2R@h4C<QM#J@*iH1|Jv{5AI$xe{G_%ZP@Bn}p%b10
z58QC1mvg{w?(VBMw~7ZE3|E<9{H#9a&i+P0t-L?3^EONZo`mw`!+@VudzQ?8H!L2c
zrsLp7%Pq`zYkg37$x9Fc>;^WqJuTZ|j5O-7qUBN>8qSsi`@9@ETC80QE9_odH#H)4
zHT_9B=gj<&X7il_w?!aiZ<<yDG67QxfG73i@`Eq$>`1A?4BH*(R)*dCR*^Itaollt
zEeA4Lx*y+;^akLR#2JoqTi4yyEA8F8%8aZ@9XFQTK}^$GqVq8@qiudnk9Kdl3(ilF
zMX^DK70My0W&a@k+F52Q6rN$78^aQzXz>0!{!CAZq*GiJuA<WE3%DiZ#tH-TP_0ZR
zMECh;d$fUNg^Gv$)efA<Ho(55H&-9*BA{LMj&1P1*t2R(tP4l2t8p_vtkRG-jGT1M
zmn5(nhfYUcWvTNr29cYf&-%CL)F5wjtRhiYzQ;=k7C_Liti8zRXWw6$5tUwid4zh8
zVSJd}G|5tStn&1<+^%kS(suEOCSJiXW2hu>Fnnb)&B5)!MJCyezP{HfVv)L#+Rc;%
zlc-x)v9<q|LO6k+>RDxy)bSj>EP2Z8JGU#6B+rg!6>kS=`+toQ)zzHxM*B(egwB`I
zzgTTS$4y%AC{}Z^wo!$beHBl8az`k_p;b5OP4sd-wc40Y+n4TM^{D`m8*9KLl}5U_
z$AxZifk*MP#SO^H80nqXbL&I*q5nrrkXCgpy=C)q?%3LloFnVF?_Ev;wE-^IhHw!r
zeM1G?sBBLDmP(vWz`wv>OT*=Ip_y99BUV;+OIyO!SJ?>g3{er<=az)Iw0z-Dkb15l
z*5I7E)W?X{-7h)nF4=`1v3bmbdLV&oqw7YrJ`Y|`sbu-SdqpI%&S*QalQ7nw51eAl
zVjQj&d@%hCp(By{+S^6(6C_w_=|2WoU+=kDKGUiuvvLryi=n+keKpH#V(l)`wzVf6
zG-)r#RuxI~3&H4D>&ex<XuBlbqP(ddi0#I!%rT7PgZ9NaW1?D)x&gnVvO2I*pYD-b
z)&%SGrwlzkMMC67!9JGUgDNtwAF&%WdP<MvT5UMV(kmR~Kh0tCUhUw1^UI7pmRME4
zM<SHcqTK?E6eg5W-5~(iG>||H%QsJ0+Kr(0hErWh>cxs5op$^`3k_jBz`bQ~M(w)D
zzOrSeCp?9vhm4=JHf8C{Q77Iq{Z%khK+_^neUMD+ghh3O!RsYVj>IOO2$%nhCm+`=
z+c<sP#?p%4j0gsw^;N=f=a)@@Z$z&2b`7@kYKAeGpfh=zqEo+2;AAVI&P{H|?wi0d
z5RS1&q9l6*uOBE<U6^De&~eB={zo~xH$OpZT^gH{K$SYb<ckM_j`;_U4}oHGjH3x@
zQ^1Ex{n91d^WxSVjDJ1}du|AO0hHcIzxwICHe(*Flv}336Yv4=JAG$;dJNRL^JDwG
zmx<S(arU+B>=Y<Kr*vSEd$<YIqyzo`FZpe{&dD$O-{i+!ke}#x@}t3jlAjkiGx}ec
z^k}!dhCh}G_?Ge8Aqv)U1mXHgHfX<6iwfP%^1?CfI|iM8EhJOg_1%CJ4b;jME_s<`
z7otbO^+?I5-0&OtF+5PCV?6;&Uxd=Oy#A123fBG=ZZnEUW>11Vh*BX4z;;BoPVKP(
z%J<UxaRtd&E8VlZpXz+Ib+%p(x>>URSa+|{^kS0YtlGYX3Z-r0bV?s>N$MhFyQ+WP
z9~0<3>~M0co(ISl%iwTApei%Xz3p*&Wf%6{P#YUDV7OgYpxdAWZYF&f?}gVcdII@Y
z^n5!EvoQsZYI>Po@k;H9^k9`^ck~e8^?KDItYJwh8SvKZkHV<=7y~&lC8sbHZ?IfU
z2Hfrs!X*{5!K|o0`FS<lHQYJLXkr9}&voiLrqrOUW>|2)AHF94Hj@<Zxw~;yM?T;}
z_*YM~erwxLpsZ!vGEi`H4Gg;`pVt!b$~Z*F<CWJZDTqsR5<~v<=9S5I>WF=@ByjNT
z8IC(O!Cv>{-)2eapCbmLw_NL)lbg32LYYIkHN5Th>o>-?joPCqTWKP5&2isNPrKNe
zd(!v5AHTdSyl>>bst5bmu8F4zubgcv8EkUZw?jK!upGxU>=m9tIULB<E!=%{2uX~t
zcKFGMQ=P7goRLmZ!g`}b&Ms#&ZY5x9&R%;qY;gmQf+2j+sK=kg6=O2ODvdMWj8ixH
z>6C`QARn-%352_3)U_T&+wp4NRdWy&Ub`lCh=Bb|OW2(E<Jzu60moV0s;y6vQ(D*C
zrj|J#$U(U`O;U_R{y7K#SanT2m-C9Ne|PA&nUkeuxLY|i+c)R0+z%^btx^gJO1klc
zGkkZr#0OVW!FoEYUx=ID_E{<ND&eG+6N}4;D-f321fJPEB3S_9oXRr)(OJ+lW9y`a
zOy}j>{<h5Z4vEKF?;a8#R_y1yt+TWm5(nCrnO;TTYJXP+<axeyUBkHk9h~={as~TG
zyXp8Qq-W!OS+BZ%XzViMgV4M*%f>wg3=2r1kXpl3f&SS6rk7<DjLQhjB(ao?YQ}FO
z^}DzZ+n_`eyle+X417!GmA>F^)im5N5_t*8gL^*gTK06GogK{cR^NLg+?~T~l=MeB
zQ~%m4-13HCpWD9BYT?+Vl=yMDbRSbh%osvt)u0s0YdBQ4F8`>8ulb|#xPr`RY5XPW
zU=5$)+<#jcT=%?Gu5HES(-5cW4p&T8Q{8C1J`?@mwfMT3j2XDhy@BbiLdPCA+AJ69
z;t0PdsWyrK))d}z8jDiG4w|P7s{TX81G_~+rO9n~X20xzkz}VJ2y-pxJjm_@jZOg8
z>c5M^3*JQFK-*n!>#LT^M|<Ni-ibEPQ%*HC$Z)?MSW^c)K>BXz7c^pj6QbYMuVe7m
zc6h2p`S8qEI+Xin><Do=I}g>?<WTPHvX8ZkowfD!x|kt#oQT6hfZM)~%rM|@_7CFy
z-k5(AQQ`8V&$&@}w6vBo_0=M(YZ`}9E+#MkkoR-)Oa3?ce_W9N;-&zgKVhRNR$X$y
zcj7<EUrP>LH2fb}`G2A{G?YhDYd{1^S&E_P=MrRT!W~A*K=XETk5+L42->Wj@B?in
zow~zKYW&&kr~ee|-_%8%8{D>|LLO$Nr6`AgnDgXu<f5H?29)%hx`uHLsw~-HuBzVp
zNvr~)>XR2ngK7V|aP$!=5r{N<?zQ#VS0sHbM)<}5cWFT1?IhAbSXNMHw)t3HUc0=q
z#&_p5^?Tm!<p=+<NS#}Y%{WmHwsBJmdc1}Yk<Z%S?L2t$3ZAyfuy5Kjb@im1W0Ict
z(U7HURq)&S>dueYUl_i-!v9^%2n+*yLIow>ggqF*EifzQV6wi~k#$YwHe4xVS-dTC
z#%V^%2B$QZ{lRs^0(*|!Sd~r9e}|HXP&dZEIT5|SCx2`RQI}+6V84cX4pc)j{nrVl
zMJojeMo<rfy>%e*RLA$z1cSEW)j(zHf7`*tecg98iw6wt1RfsywtdHue)1r4kqrph
z2)c`jdQk3rTdy~ukchR^H~k@%Me<E2%uw3DA_l+WVDiq^>qKFihi{S+(zpVZ8N07M
z<^J-`Yge~W(Bb-$ILn0L6?-9YfxnX{ts~=U^m#zVzwXsakIJ`Y!e3K}py|9GT;=FM
z;cBk$yq|U&5JDoBkVl)rf~(e<*ox(+Yq=grD0*C}kN*xCXAm}aHhJ?u1-c;h+V=Z;
z_L{-94c98c;}oeO)`)Ro6$aq=-{(Q{niJ;5kLe_3?sCCc(^~}bn#7{y{Xaog-Gvy(
zDXZ66B{@qzn9kkQ@52E@L-6+|7USFU3{KU$_yU-L@2RxGx?oRI<>ZZ$>vBgVvUIo^
zp0h+|ZFU?mf~Hp%JLu&cU9D6Ry8`je0N$SFZkc-}%nLJU{j1MKJ9NJYO=!tdOW!I<
z)7+}awy@2}O&Xn5xJ_+#mlJ=p2}N0tJy7_GdC1nTx2f@TRL3d&NY7FM<QWjr2LDd%
zzazEN&QOvgPviT&U*MT9q--nV8{Bi+n>NLXM2Omaf+M|=dbxdo+(pNj>ocuQgCz+|
zpu89ecO6v+er07D@a)z7SY~Nm`REsKux>e<i1#{3szWTYTBvQa-wF+W95VpTnQtR1
zLP5JB^$gv>XY=#oEE7|c@iCR+*o|375+qUh5b6`^<aXXf*9Uz>cJ72&;@Vh~puN}o
zG{cR&bYkhjvY((E&`=@{@6{{mRzk|T!qcDm+UiuKR#kW98wMoJua#!DF%Xo_Pc_$I
zkDisI`eYeAxAhE>>bS;4PpcD-mfHHbG!sng#bXAtJ%$^@^yR2-;_c+)zjBskOYp;=
z-|yNavqs0M<XXqr=sw7_m22W>I7wPzPbU@&YdXpe*;ngU(l3otGq9Z;1ZU!M*I?d8
zmM7ayhpn1Zq}E^QAI-d}_@UK3S|WZmX&-Qc3`6aum^2%gZBs<pBqoxKg;~QraK=-h
zQdNZ-*XVVRXA%(T78#2KU+zoyBjRWh+5}cj(hMLU4CH61%XjpRr7B;3ad^WdmVV9l
zguje6?VSAD|4sg*3-S~EZu8GK|4DxBIuK}m9q?<#CSuF|zS=F_rBT(#^Sr8IAj>j*
z;!9nY?r~Qo%7HFK5W;GY2<NAMD3_~=hfSXtT&q{8-wn4e$k89^U?cH-`8D=h5KFel
zpq4CMLu8rv=5?!WYvF?9uy^++L~Y5U5DG5H2BIm|%7Joq=7Y0?oi>X*<U?)qW4*Hj
zp?e?Mv0n+BFmL4)_)16RAaX5XcTzHTF9|v`<lZjl4H1m+XsIVDN7j^vtt+10vGDgG
zxNaM*@q)AVgP$0?D*+t4CCu$ZQ^P1ymb?3tC`n9TLRuk|VoZN9yDm;|DBYUx?fQl)
zQ+qlhiF&&7-d1NU`z;m4j*b-$RnWqo%$4Tp)pz#kgKnHitIpsJ1VPbvDM)Oj12r*&
zbhXdzV3QF;yW>Z5pdS-I^z!;-uVlsJgwr{5L?WM~0|R`Y`}0Z?)A+9_n11k+l&hzP
zEKX;+)806C=s|Zkoary-yoeux)(@Bhn+Fdsu{8~Qt$;!Bvo~L_-*3D&aij-R0J%uh
zB<fdh&7xP5G!A^Wnr=q;^qxJZq@K+cA`Wl`p9)ORdFc$=B)+<;nQj|iZ0mvvT?L#W
z8CAB7kS2J2dvMj2oz9uQYulF6O)9rvDH$f9rn|G@gW3@;U>Djz{KIGY?PgM(r62r6
zHCS3qZq(F-DfQpbF0P8t(PSklvz>5BEjK|m@)n_OZeZTjiqO2?{?-SsA7J=KW?AP&
zPlly44fYkimlYpz>6L~kou0^yDQ3I+h}(_QbQ`b$ROe5CfGh?PQ-!Ry@cj#yi>zP%
z7ty?bIa?UF{q2LX*EoM-nWtu6)J^B!_S7X?=|(hcD57guw>?BC;^CM{5|u-aa;#|6
z$5gydPU1G;)DD=tfcgQ6mZ{Mg&zrCaBrhJi2vcyTs22Vc<P4lw=<bm^Xw!V_C_1ex
z01hk^VL&+Y`nu`aD}nP+{WJwPXGFV*z=jpf!RGu3Bkk-c^VnMt2rUABe>h~>r^K;F
z*HcwM0Wa!_BO01ZcN@9d%C}!<BXZ}~X{YE)p`(H;16_Q^mfI}b$7+LPvnZ)VvDxhB
z%{e($`4h6pwv}CpgvAdX9IiFJaNBa=rO0xi@F)-_<*W5~kID<ne3_MoXr>W_!X)`-
zxe2zr%9C_R7>S%EStK_b@>u!yCQh5ve&)m)MWPGmKRU=bb_DFBZ-FD0!y%h-t0dP%
zuLl*}cZ(a+I+^8n3Ekkv;>}HcD_+^}Dymb~GonjNon9_)s#G4}WRK6okmW$lrT<-D
zK2FpnkC*DR=G)4Sl)OjIY7XrnT6U!uf({OVk6t-yAk^!l%wL1h^(AvgeExcz#5jg-
zIK=^?!s_$RCWio@85Wt-eVw&6d$+6My2U>tDV=EjW^-ZZ_Y|)!^?!oWWKM$9W{rlN
zpoaYO`J$}{b}agj;6l*W^4*(%H=y*7m*z^6f*)>ut$8LNNd1jS$(Uq5R^8@Zvh%~Q
zz5nwMdOoCatnpZm|LcE8>Wqk`xyb)Eoqvv^Ksr=R@5zF1H}PN6^7wBVDLi7IH}-#b
zDERkG{9`#wmonqsul+y$;(gfBRgLqc2oW&-4j{G5g}_=t&&jX%-{e2OAV2=^<X`pp
zll(1BAdrAs+0Z^v^iKKuX-cxYQ`yn5)M>45Quy%J!`mUW1WcQ%eRYL0UZ^Ux4@W8_
zLZ-z<okcPtkLat$?RmuJ?ZGp*MjzInplFR?*cy|}9?iNNL5J(9w0Hizeyq@KZ&$nu
zNFeNn#LcY_!y5S~OJDY7QXD65Y{zdPrQz0`%^p(k8C)H3EU=Gwh`?Kx!R7S!;Fh6V
zNR`aCvB&p{D33>1A88HMZnrtHE(K9HON;L3b)SCdV1_K=MD!76-rg$gwrmzQT<<qB
zR^b;PtE(ibz(uXRC|^LK>5$UwsIqk#<%A9B1Cr0M1@pCZcHjv5lbeKA0Z+nn89S@m
zX~tuQa)<L#w72E(h8%EmTFmy{U0;!#8<H@k>*9@EFMA8bTood6_*z)P1EUz=y}fwO
zajeO;Rr2eicJTL%@*3wu^4v>htr?J%nxS2#1-n)uhXSg@9e;?9Pwpe9CoFZVP(t)9
z`uZ>WAfylAR~pe1ScmCE%Wedstb9GbIFGKWs<1zj!B4m|o65&3z*U?Y84(SmnSQ}y
zC9d<8#&>O48TDx8dMj%cQwhxVSl1+MHj2e0N@c)~IqHFkx_w3Qz1B>zwwVb&S%!?b
z6`1%V)$mx^HfMF`N0>ydFk=Ve;A!!gxI<@HmsD!*2`6t;_sqJy0SaDDr1%X?Wgkw7
ze|-Z~bW*xUhBcYBt?Wd%v`F1l58Xe~eV#kxdt0$4bogjF*4n9DN6mcv2tQ0=3mzB%
zO%(3`wpP(Jc$HR$NvvnM(oV}qg)yR5Ly~{Fgp0<jV_EQ7U|30%yevZ;TY)7-2E+_S
zU0HK)i{pKe)}X&0zpuuk5&8S3&6df_?-h$ZlU(7&;=J^iwMsED9v(9mWfA1-G;?E~
zoL6~*M90B7?AZM~z)utbDOxsAwl!bgRR7%Oq<r~&`l+RJfm(Qel)yr|K08YL78?pO
zO4I()cRm@a>{!l!{*FEU|Lc#-i2*}ikfwumEY1=iZBm}Sg5=Ue-eLgfMwYa2nblg;
zqpLZ{ONT98`n<`_x=5`MyZIq=0~Y)6yHFwY$Ow8l!3k|}FB;r-HzrqsyyGGoVd~Fl
zg#2NL%mG(OO_e@J`whA@Bd4RGD>LvDx4f?Ht7R2|H#5t+ZDMB^_+Q5LWZPl<TPXW%
z9G8+<@9<=DY+Ax<@Q=zpVd(v(6BdU%Tkw7j`i>gNF4I_-^T=v{ja4}(ggE$W;rN$|
zcAer#cDA$YU0=Se%TnBG*iH?4nrE~EH+Q4cEm5QUbW<}tlZj+9%Ykxod|6zlB8ALl
zRd0Bi6C|xHN6j@kIRt4%FC>cux<N!8ZYFq?#J_6$TuCrR&l$Qk5r(<eqkwv3ZSQ(|
zZ&I+%^V)-FQE#FY$gq~ZQllUROCQDzDgxI&*gsL~s=fB%Q$2Z}M$qt;1~)@ZTrZ-9
z>MyJ+g(k{x#U-B=TzhR+r4i7u!!!zO;5`c*#2VETn&~0w$rOr+cw>b^zYY{747!p<
z7z@cpIJ8!v$>%7B(Ssi-VtPjBzu}AI0in?W`P)PB;~G9kzNe*?gb7Pp(F{L?G7B)X
za=n`h+3TYQl^yrFkt<57b3CkxO?qhWWfPV(UCMLv8~r!=PcF!R^>^}bbN)&GhL<4F
zjY17;!4HqfQkB~u=st`m4rZwto>o`7kK{L2Szt?l7o8#LGH&K4Wn*mEMs#<D-zdH8
zYQxtaszM3g;1{%mJa+5T^~{hEpS+k^3!ceQ1kXzAnl!^wjJg+cxOnC1Ms|p@Ji}~E
zl$>7eQ@4z9Xwhf0*7eCb(@QyYbV`x$HSsdk3zjQ(%Cv1LiaTogYdf!;2&g6=9QHj(
z@?Ebj#gT9qeUe+u<X$ATO_65DQ|G?9HDjz2w(EWiq_!D8-0+G!y{xLnb<2ARyNf!0
z4o6v_-;aLU*t~^zrd#_SDyK9B{v^_BuHs$;bWaR13|u~`4BBe6*0}|&7ZaP?f4rX=
z7uQ%Mn|`TwXSLlhT;_VBn!cI%y{{D|YEf@hn_1FSH#RqBi$A5VJSU)2HV9caVLYhw
zGQDc7D#_`_x?_}F-atxJD?$`m$BsR^AK~$^7yhCz&*)0@d#vz;Bdp=#u~r(r;1i(&
zdSQ1L`oiS+-b~^*2SVReV3uyP>co!*-+><{G+v=Uo9Rh)L03m8t}3Q>=^fLKeR1V7
z{c82;g>h~^o#tg?Jey%djpjP6BDT>5**yOOzT2M=A7?d7%N~n}Xf`r#{6J93q(Fay
zUiBZ|FYgtKu<PG^P>Cb~f1)#V`7C2<xPIc`aCyc+0IE~IKbNnB-38RR>BUoFD9!F-
zZfD4}+Gxiw;Ex4hoEy9k``_4m3#hoZZCkVm8Z<b;9TF@-gIn;B0)iIq7A&|E65JsW
z0zraX;e|^Q9D-XY+}#2cUi+==eRIy)=kB}Ty}!NxfBUWdl~#mW)S9y9qBF-Bee^+W
z6Tmh$<H(t%(AKJAN|53=iT29%LYp<NP+y@8B67o*(i<U7&Z_2DfoPhl?^Kz6Iw8hK
zH7`}3R%<z#2P*oqcBO{tuV&Q8EJ#k&iITu%_3X5lS~EcfsFTW=U?IQN`-))oxjTMz
zVJ<EuX!C|=g<u~{05RMl>L8tXn;Y{*+Svzp%JYWRY*=S1OO3&;l!uGSW|i}L*x<F1
zo&c=73cAx|R+Dq#aaJKe9$f)BM3U_Qm9oiOfQbGR<c!;<TOLY~*RB+eb;x0@p^Cz_
z(VP0cSITSq8toDRFW)Q*=%^nrhMhK-mfELxY{HX?<r7jYdwZ9(g}x3n>m1$AJ)V;q
zqmfw-W(sy`FBgB%Mpgq$Ur~tWW)7jXOeDdTcgA+h#;;eMJ{{D5h8(SJmWLhedF)?p
z=8OJO_b5LLVDB3rmlMc`GPtZZYmEmi-dSKLV|Qui_(-7Kha3Pr7CB&{TO{486is3H
zjSd%VvMoI~-J5&U_|Y&^95?e`=Xq|&v=OU=w2pf7xI2yzCZC?mdgkY8b~x<^o)`y~
zDQIj~;Xom?x}M^9sn0*k{7XK^PCq@)6I>vGAGel4T^w)@qMy*Q0puWzia0ULB3r^?
z>*b4;bhY}obI&dAD~@<bY*ftK8L_sH)fNIOfkgBAWz};k{ql;K6cwVGyPYD&Z`{X=
zF62-4-&ctm8rAko(X^u&X2ivEwn#4FG45)I!wm);BhX75=2=0YIP<9>);Idcv~Nnc
z5k^e*`bDt2eyIg8nP$2<%KBAF5<}a^T%j?Ps-@qex5{{{iU5$F{P3wmu&R{18EOm>
z=zW2pkq~|t-g<X4rQBoeu=C2-9uk|sbln`ao0kwUQp5dy^~-0}N+1f(X(ZV0glaSW
zbwSuYL)Alp=&1Rm?+ROU>PCHeUS`BA0m{wkIH#~N%V5kBC*?ZTaEtxJ;;25@J!(LS
ztL*f0-Y{amQP)IrTwvU5Xk!dH)T3D0cI_}Zf8&Ww+Oel)0)8GGBu?4bPQF|3Lum_0
z0ZZDo$1bR@Ug(#L@8;5=yU-EkDP|vC_wIxXc=3L72I}qZmA9|XAd?6FL%YLJybsUj
zTi!i+X`0>CW1btYd4IAbO1|me6+9CD(DSg9`Y(h$2s-2C1nY}FnCm>=s;VZwVS9C=
zw32m6Q7-vY==&$~hx|SA-~NvLSbs)-#NsdHk17Cxq(}}4`xAB{nde$uIr1dL(HR4u
z%K@2@FO&iKZuN=7B7L0dDL5m3Ik0>I8ogxQMh>O{n+gR<g4!TwCsxe)5W1s^)40pq
z_sA>K_WIXxRUbA<bO4sX*Y+{VO@#6F7T|~lwhW4Z@i!BA_(`EY$oKvSTH3U+MLB!l
zsN2W6X<&iuCK=^ND>d#aUE>FNln#TX(4KF@c6k6l$3o}l<<|<5KQ4K0Pub}RYF);D
zHmZ58Yqahw4DZHIT47(VpDgDlB6j6uFQ&q0p+8Cc7I@D{qB1R2Q%T)})BGR=c{tY0
zbD?u3d4mK1&mUWI*?61o<Qi!4!8ODT;VO*NPB=Gj3^&ALcnguZ_!R9IG@<PS6qTuv
z$VuovbZPz;6W0Ivj1(UDU(E_uK-+JP;_Fub-brM(%aIDH_w-Tjw$|<_5aRvS7dyZl
z3Cs%|-fKS}DcoP;G3Og%uTc1xletJzWCBo3x*Bj&$iz8;5PZTF7(hmfk<-;u;3-S_
zN-^BasN?CoIryAd?7(__CoO^GSh>!ofeH(!uYI*d5@%E_4cj~rFAwZ}b%Jc79IjAK
z{{peR8TJ&Ii()QxWjFm&@XsmeEST&{n-*6bRP<h6O<3#<OlG>s`AFVy+%h2p0T)Z#
zzb@_g{*v{cm3J5E77#7_wcsTGY)pNBiMHGNqq-6BVE*fJ|4VDM3n>5JXd$DEzcS^q
zD1#+jQCuPak^7(Le0+4MGAB9a$c{K7Fy|9pX1fXYll={3iUPQgrcKMXwXZgkBr@D|
zWd(V4ih5)?vX0Q-`j}r7^pjb|a>+??P29kyb(rVphf+&9s1IV6b`8lk4mPM}KR9wj
zyP6d*`d^R4`6S66<x#TioflkfAa+bh^Bb7x@#nP9NLkRWzi;2Oy(-8rdU{|vaUY_^
z7NlunR{IDntx|hM*B``ZG3t;v-Cg|+h$vihK=zR|VZ~QdtXW6bs(^Zv==Tclk2Bw_
zLRq^f*@~`o^yD51U;5D$4i*~E@Q-61I-&2qrImg2k-%=`jY56>bop6`rx3Y1Gk4)Z
zQ0rp|NjC8au_8XWGe#o62yW~2X<^VF@0)8>uP!>8&oy>sCT?Bbl<I9}uDfF>_%SrM
zCk2q|{=gKSu&?wCSLdiTDv7~cV#4wyU_9%i&{R&?*Z5hl*Jr-|@&~NR9fOXA=dbD>
zr$BGirO++F%d;vmvYM^l%tUtDIa4MC*treoP#*(2Sw&p^Ks>!!L!0xv%=xE9lnWp*
zZeh9q&POAl_etcUb&;VyL((^Uo6kSKpASzp33;tj<s}gM8wQc&zXPchVSZw(7)vE#
z9b3?9M^$SC*WJ?uh#2azeH!^mELVn9#i^W(bj(@tS%+CZ^>Xz8ol@-oS3g7IUT(hJ
za}yiz=r>ULao`qflgm^?)*XA1fUINGE;3Kg2PEfw3hNw!<g~R@OP-kzj%sNi)YJw4
zME;1sM}Fk*$dCDF<iAP!h5RCIAdr1?luq48Fv-+@s5YtH;?oc}=CO+WB(-pEnuF(%
z=dOcx?m0zIdF)Z)RN4{G&;?0)sQe$6HPL>MNNIXm=OU2CJsBPgLO`*Li*`JGR4d?4
zg}SB-#f?plY@h%)lnnEwLxSxpFipXGG$rQ{77%eGSbfl@?Y%kchubv7C@k{}U82H3
ztw*Vw8irui@^Z1w@pfJPw8%@B1Q=8wuNK$gN;8vs#NkHZ)9ki(wGy-1CIQ0$(Q_rq
z47*V&bj=C3W-iG0*~MArW4dJ*?cI!H|EYHKe1VM+1n1{C=C8YAMfX=}w(dCad_mHU
zI!cTdZpVM&IS*C3wY{o%d&=dw>?lAZcz@j}c4l~6!^`@`d&tpHM)C8=#JSJaA{A2L
ze7g~J^@15Z$-O&p$?E;tb@TNu7m?}L`!8XV1ghEF>fMz)90DC|M+Nv`foXdm<cH;1
zmgY&vlm!gu*QvxQ;+Ui#3NEfYAh5Anh@H)k#;>Ih43K6)A`puz=20;X?lt#^pU*L}
zfaK_-8<C@o)_w!ooY}nIFUj4nu(lVPBH6RC9HAzyutfOAV`g5w@|clGqA9F>^pdAJ
zpma17m-?}SoFG1yqk{xsNi0$b1=4Q6hcEd*NOKBxb6}jZx5vTy6l$U^XS{-0Bmk8I
zX;8{%^25gE$^y;g;FYWEcc8Mk&NA_xpUkCUnjWM^;?IW+pF0S!z3{~5Oq83~JQZ*Z
z!rp}OpnBQsw)xJ>Dh02sA2%rsfp-n@NKo{_<NI!<6lG<fbRAYG6sNOEt$>)81Q*V;
z(2au?QT7!3u36_LSNc<+<RJMd^JsfD6*%l#(&Lc+4p0Q4LJnlIErEN42=PX=@~MQv
z{qsEwd}v|CPK6N2{M@|s9p-c9`ycTQUcXL*$$_-$#-W@C+}8E4nNrp}zV!=xbo1Ix
zlBl86ypSJ<l{(ez2v*I>ecX3Z+oq)%<0o++=QOJWh&K4(O~^YnG$HLuBlv*5D`g*A
ziPmV-Bk@wU7e|3%XYcA%6;y(k9g+s#KDmzC;&>Ga+SqGBU5*h!a15w2Qj{|~^e%lY
zzS+%56i5+_nc#i&bHy@%TdB$fR%N%1vZbiTsg#X-N1$AocLA0e*|a^K7o_smFJ)&&
z!fNC|q_WzhZu=f1kR6YNxz7|&6t=Lo>~2X=AU0!EbPomK;h!{pPz<Ic0$00tw_p>7
zfju?19Pj_98^xI8Gk`TK14Veg?;AJwE56Qpw05o2w0Z7KcV+&&CVz{mgS$)l91Pa;
zuF96MrQ>?H(W?T`!u*FOoPrdGg1HrxNyU-X+F{1b3sEf5R|u#)z70GdEv!MmZ~l5$
z(~&1n59>AR!{|im&F$w84|-L<*CSLVk$z0TZXt%w0$_}8ewDo58j}@KE`1Zq!~(WU
ziSI@Jqn+Hnw7{DSV9VoA`R<Mnwz8DMUtK)`tXJSa+8X`mM*x}l|M3MHZNXFQq}g@4
z=^i+Dd`yn@&hm=_dzt_d)LT5O=`Y6w*Sn_*jX}t}rA`hOh^;Zb+(zmuwzQ;wj#S0z
z0ui^ZF%4gqoL}B*XX+`vQSzyltOjo0$uiyTsm(QO)^8vQLSWM-pO;h5$Mi4n<Nom}
zJ7xAe|J5}?|NTpTB7f%JBmZx|BR|HUkU#W}!Y|}MR0Zm||Hoke%Z@d$cG&Om{A2Kc
znqn?fBM5<ZmW}n7>zWt@cwYW>K4pBDiJ@>3XAn&ZFV?PdyO+NWYT8lU&D$Fw0%{7R
zY>(LIB-}J)9A}j1-`|a$9J)|I$^`HL872UsYD*xnGtFVDV)?q1>cLHVgw*%7)uRG*
zRi>^fc*Sh;K5I={Kj0%*mKGKFDhBF)d9^%CQgJdDyQgr@@-ABGw2bbq7oXY@BDZ)!
zIVE>rJD53wx{_O5Y0qvkL`<l}Rs_0!b^)tb`i$dX*ID52y)8xQvyoM9WSF}R37(bV
z$`pLD@Zwzms6t}WeNcPAaAH5JlN_f=&-;OsCFMFd#p`Ct7@w_O1N^KCFLTx7=dJ$U
zB{S`_EVB0=6OHau&>we!9PN;tQL?c^56TLgTGG&ymxErtp{_!Z*ctJTpYD?lywJ^W
zRGFGZb2&5L))a6MIX7&nJ0=L_hJNgOIh9|~`{MqNLMzu{$YIWrdrDa07i+hpQ2gnq
zL5-Ua75qlfAj7dvr-LeT^<f>;FIcWp+$gxl4=NfCHN_N4cX-M=xhr`1#ksQe$P}l!
zTF$huv@ZR)%JsLKP`}ShbLZ#tJv#Zm=g>hhXgsm+rz6<sAX#JS&4?o=gvuT>2L(w?
z>qjXcmDrJ==bQ;S#OhuRWWL!|A&Bf7sW|f;r2WxP#lKkn((zqjjo!f0hn_dYN<tin
z-h;O96*r8}HtCcbT?#MW>m3yo=kL;)s(e@>oUKJmKIf7m9gcjVZb<9u6lh8_xYC0!
z)p>b;^ES<YIBw4Y7S)Vd**IhG%(c;odTs*_%-5fA!%6?{CqM$G1Y*C#)JfL4=myj}
zOk@#2&ctS<1J?q@>5PDY5Un-A=ivb<s<_pttriD~NHK9w@md#-2&V4Ur1RfE^Q8!g
zarnw)cIKw066e&49&@<6&3C`33r)`}`9`Oe&M7x*n5C};EQ9+lh1`MoF2E^yay)+x
zUZr7E%93ksulkVzXV<6o-cuOM%|wbGVtIMk+j74(hv){+QHy|FDpxDZ`_Gjc8jl0w
zO7kMQ_CBQulVqi)P@7eLI`a5L`=;>w{ZG8JcHNh=VkBH234B0fQ!Orq+mxLtywaRG
ztarTQgDN)*>~rM_C`CS&7Mb`<S4bX{2RRB55YO8o>gsf&Jig?qG-B^Fjo`!JMeQmf
zF+?a<b)R`8AHBoJyskxg6*(LMi%F5NgB&v7*4r-O&vMAbqmuv|>i-*F*do*MN?dtO
z(^0iwUXJh7zmP-FN1ZU4A6nOOO!q+61E_nbyk@(Gdh@5eDm!0EyjVz^!`$iVd~wk(
zGs1bMP!n@neJ<y7Kyjb;tis);)Qj&cWyavy@dV_K#4wQ28Z33$P7HamCB%Dy95*DQ
zuM6$lpOFl&dbzm`p+qE*wdNRX*F4tDa7p-nMh8`k#XlBPST+=y?bH$3n=Ts4vaOBB
zi==-2<CahLqCVHq$YylsZrS{oyP0U$56!Jq2-0_TB$p|Uttx2BlcDo~nyJNXQ<aU<
z2@B4-td7dcApt;ZeRAc-8@`U8DBn}CE_^>5Tf2@t^WLZcm&`7tWzw$!H?sc8rAPE}
z<OYqOs>5>CD%o^_Yo!6~HEREl;U`xsO@q9{osih{pK420gsSB4Vr-O{3EzC27V~?s
zvh8+uv^Jd*_}%0!Z?NAg`ME#)9b{Gc4g|Ilmuve1M+t_b?#X<+8rLR%2^If|{5gM%
z{Ai%xkstlf$d3s)r{0#R-2+``&VfL5ij%dNjfsblEDabTIh_rvPvvH`N0Iw5_MGte
zVXe{>o&q>pmN4m{DbT&O#Gh!kb9_+rB2+~#CiiifU|#ZO<FF5CZU04Q6Ech^a%sAt
zj*h=lkDXRejxF@2v<NvRve}^o6I3f$1t;{<#E$FAeqG=i-)9}E9cX6A>Fwl9B;M$b
znZTbP^dM`(Yb^{VmyL;w=lXX4F!=GU&7G{E_BEMN$=y+ooN}SBP1cdM!X{$}F>jl=
zn%+gqu?^1N2-9#>12SDJWs6o-BZXv85A#Vg(>tJN8D96x=!kbQ4I`%&lREge#tfg8
z((HdlC;Ye>EIRGE(u%Qb;6OjC7=aMII4}-$H&`R^X<Shy71+mL`4X<<k~#<I;NeRH
zzwuLIS~Nqg-uVU>Ifg`B{G9ZiA!*j1*N(?(0cS1EJYCo{Jlv@kZ0~|l+<YkYE)f(E
z0OP#?clwxK8)Y^bPR{pY>~oKEv^d`f8zt8OX<Drdh07{2d^%}7wa<_yKkhx0?}*17
zi3F|P$l0&7<8G$~WVbOjG@KkVsJwH2^g2D~T1PL}PN$yk-i@p&=N=;E=<}$&4}<BT
ziv(ZIv7Jp*AYyVbYlaJk<J=}KT5ws3W7RaMBXx|P70Eg+Cd`s6ux3m1P3P(BAF)_n
zAb{2KHtpp3l$bsLkJ>u8g^L&=ZPdHIav>zKxq}l~T_$(R&S|CRSf|1OeOA+x9S+#Y
z4RJt{R|0IH=zv^z=3Jx*C-@<jnCMEg6Aw7T&BgpacD<3#VQ}n6^ZQ*Oxm8ssjX3qn
zh=cOlK}LHQ=J$2GDLRrJm)c>$2b5PFz56ZC;ILxVQjTa<D&NS_WAw1_G)30Yg4%bS
zzO)Pb0rHXySCe3DFC%0Jq-E+%)`4bz!i)($yHgou_beM<u;(k~yDXwJU%6weg2eoH
z&!<7$=V)2)uCdPsp3uUFD40KNdW}3tMxG?hO*24kBpB+B4Vuowj0V>lUz?<H<Vbxz
zWg?xPNl&uA+k(aILBOwY?&;YB1A%{LQ2#exXhQ!+YAVm!MT%!_8?^tiXRl2i&1`oG
zoF}P`Iw!v!Rnb7-XG2QrBOB9}cN@k6SI^paKa|s^QY<h4#E5QyjbsA&0Z&;f4Cr<o
zego}B1H7OL!eiL_d_g<oEc45nZS|hVt}&&J-n3`?t8eQ8$G~G?AH*0NWHGPe>HY(f
zLy=-qrnJda&f$KBnw2;jwErV=vuhS^ThB#P*<jVm<mfE#J2{Gx=d->28z>O(4xYSz
z-vQ@Z-D|BRhVvtQAI+5UsBq8M!FM&py9DoAztOA<^}UyArRaZ&6B(rpNa!d@?l%7h
z5}}~BjyX#&<spU4;Q61XYggI6mYd(`CBV6uifNAytnuT>HMS=kZ=JtRO=dJw!4Eqo
zHP&ezF}VoALlhQ$FVmiKK>hM$u77Qf+N{E;$9|=`mFQfqslEX=?j+WSI7OwwY(-^(
zO|PaKH1bk4__aPU6nIw}6e$Yq&DFMzB*tOhpCYL^I{7-szO=e*tQHyjRC#|gobxKw
znwU)LZ63$VGs%>_zSa^K>L8zbbs;_10aQcvns@Zb%nzf;Mmvg&**xYS>ky1`f2nOP
z{n&Uus5Jt4=6=?@m1Z5`b{~eLYgUsEPP64U^L$0;`wE3Nc~t%?p#erD3kv$GI)Jfm
zu}40khTi`W7G>00B=Xip!KGo{OxVCWZVV_^@KZ~p0LZYQ-9?_C3Zz3IVK=@N*NY=l
z4t{j^0^8c3`lb>rrIRfl@6(Ot7eU)s;gb0(#<p((;gztQn>gBvW0sw-k?iGf9sw==
zZ0*+z6{jl=)}53ui;$9-^c0zW`V;vJ{vP>Jen)<^KO;Y0#V_Q)kp+Qza%wzFrc#;~
z!=U9AJZE>$yvB$&?&W#~${|XT%%kZBV^b7)KMok;RZ*{=Y^&L9uh=ptUAyj8^{k~%
zn!G$@Hg_q&;Ep?{al8@Wt}5D^P8t22pDESObn_j>f4d&uHzg*$%n=SffSL)t;+_dG
ze&jIZGN<`qIgTg`bN<3etLB<s6k0%V@_4Zsmm_zQ-#&fNxI;&cq7!1Cl1iuAuzH-0
zQ{Ob1A6r$pU0r9@&dJ0OO76twnQ!hVJ#pYxf!pI^>-TczU^V7|#M+FwuS8_ABSTd4
zSUfbZN@)$#vlYVwJz~3l4Cbe@JUwwrMZ?=k9}C}jAlUy3*Up>v6b1bGDu4c_=_Ao%
zTfVJhKi8q2v*oaHf797@$L=%5Pj5+sDOSJ--JcY;!Nx5TwLu##fLY5RNe-wlDg~ZW
zZgZsn*=)(R(v<gjqJ^G%g`yf%t3`!p{cMskQ6J}fIaAzWHC^*re&v+gyoOS4WozX6
z@^2vBd$({Y!;(#KrI}JCjQNa}bfX$JZ>%+5KE@@fBIJ^8%fc-xayxNjFA+$*D<tId
z-3I=WccBNn&x7qH=QDYa&8buxh<pOQ;;6awsG14E*9?R1nw2Ohopg0mN-xfCqhE4F
z+fIGsX@Nq;MKG7hj{Q9E^iTv^xQYL0<*?Y*N{~ni2ljQR42|gXhT0gbl*@NdqrG~L
z>Aq%HO}m%IXfME56&}s@iB+{M&dXgxFM!CfoawH}yJLHZQL^1NOB1WiLQ$)n)})_Y
z35}yFn^aZk#tQnp^LQPpI0j(X735(>DrstQzUsuaxSsM8De1^%K|-rLUtf=GhVY+F
zxpj}@=hcs-6HfWv<iwK~mAzSkf}UE6z}h~~Dh&rJ*LXv1ef*sJy!~+>JYi+*IeZQ1
zI{QR^i|T}Mj(4F!J`!+tJT4NeL=;!RVuYS$Qt(um*QYq00jSj_MQ)SFiDr3Kq%r47
zG3Y`W813Gw2j3Y0G7SVQ*rojdf{@2JYC}%3u|1_@3L~KG8u@)7==Jc6Z6)8b?X;IJ
z;`^s+%%4-EvfAU6rHpb)djhSwUbn?A(~fYTu!}jI6>*)lK0NrUzw3KpQ5$ZhB)zQA
z3Np^ASq8FF(p91wcvcb@=1}>gMp3rY@{2BdWXAdV%9Q*P;f~k^5-N1kQdG6tnzSsV
z-2B}Wxf7oR?Sp=7hA>;xLF#D>O}WBmSDRzXj<cT7y(dAji(Eey54<+-PU~ugt<2e0
z>USRPZBd*-*<s!U5d~wc5$b-GM^D5W4liGzLLxVzemZt?`-3+L5ZmKt48b0fy99m{
z0Sr^Dp{pG+g$8fX_m3jwjh;rtzC#%s)nb{f-Ade$Z;3FkOB(nPu_7pra$c}#FJhHq
zMt)wU|G}9FKj4g>dsMRm<}dWDUL|VxJ9Ig)>A=e=9}=p2z@YTW`B<?zAxuWx2IW-S
zp*<WR0aaAb+Nr6yB#Obr*4&GE1Ty%ZH-}Ck5bWHn8~g!KDe|HcNNiQXHX&zI%%1jW
z{k*lfJ(bopwY?EJa=7`0X&`5&J$@p)L8OV>gx38tC^vkxf~_r5)Y73q#%nm=dY6`W
z<W!VHf1tF>#_=PwobXU!)Yb!(Rym#Ow%Q4(++@sG1N|y`#SDCr39_q&_ny8i$*@z6
z`KS4L5zm!hPo#m`<zA@jfKx<mnOY(ex4$_*5>xCbB1Ow&8f9#@R}v6)Z_s8RP3kp;
z2k~!}2sTZ9@F)2JUzFo_w&?E<*bvz$<%w*OIBtn5oh6aFAMW^ODo9`pC<Z?xk?D@s
zC|`rq@=aok7KSUbknCEhR3saSGt<p`g8HLkDu`!P4*^INlo+(OhTI4d)6eyW#f#eu
zby8mGO4Vz>SKPLJqS7#(*#fdb&B;acD4`rG#83D%4`fsSME<tFNB%p%BR}e&k)PQ7
z7xHtWfk0JxYVS4Xam-&Eybt!1lPLDJF*dHBz}vH2uXRe^58oo6UPz@`C;jFH)=$~&
zsQ0{rjjd4i<(^Ol6&1eLpAv~lDRx3c;iMigY_}4S1l9b-rs+;B?3>>cK%8~Bo9=9Z
z=N4`Hxybb6qgAAWBt_t~SNkcksw1Xn>8_9C8@qau{56ltnwJC&OIga99cr*i&fJ#j
z4_5W>ESZho>d+livTrmVwY=)CX0kgDF6Sk{ggIU$y`ZHyg3X^nOA=mwP)u+ZezGM2
zlM!OCkf<8>Q!R#c70+I@@bxx#RWqgnmi{m#k%w@{=>9b2Vkb~l*^!=C_F-JI!K*$g
zntjqQGdovv3wTpE(k{Yrei};Vw2NmpDDcG?o{kFQ9m?|PI-l9NeXkWg6?0m%N4<<e
zqD>qr7l9=UyAovj&6h1RgPncN6idRWr{x7f*z6@fu$^tV>ijCT_hY`eA`-v|KN$`)
zVwi&A3=D{SIPvPlI6{#IW`bMoA<rGp7AcJ9%ae*}cvNBWoi*K`G8JgNB;KJcs2jPL
z8ePP7kTn_Tz)QYW?<90ODhC-c;>+UCb3lf*C;U{)!^Sp#@arouY@$lqnobZn`GBS;
z#k4+cy-$GHL81l6`%#|8Cw%;<-M|n;zeX!v&bE@DUz>^9lCi&Ho1BZoM9<m&WXrx9
z25j;a19#JY13d&)6mM%ox~gXvrC1{@^zLLGKIj$jh+KkY7{8eGGnNc{2@@F8USNqI
z4uTkV<ZQ;WqqgQWI#3Q9j+Pt3#4QEzp2+JJ#-m$GhS@<0IvsfRPv6cg^w=G)=kIof
z1B~xhDVk)`kQD+_J+FW#PZI{+#eM_rK=-FzE6?r}Zv}{s3k)jnf@3+NeA9K&PRh3H
z&93NtKsz?&CO2|N;ZH=)3IZ1-mo){3$pmxBvMiUQ8uGK$Jv1APWFFqGo{^x;sv8B=
z18$+W?onuy0#=i5*V||qO7}Pv7`8A(b+UmizO=V<UCN6&VH9(j&MZ?S|D)ePo$#q#
zsDb`2pHu7(4-9gr0iIq}7bMPDYP3U^_EL#!Z5!8dMZo$AdYrVb$aKtJZThMuUjD)-
zw_IKYTiPFQ7AnP@O1_kPiK;dS3llyscEnb0uw($zv1nuDEV*0luD*|b(qsLg!^?|X
z7VypAt}b^KjBhJcVI5ei|HV0Vo+>FpifTfe`@>2Gfl-Qz1BYhligQSK^jgtbxogLd
zT_4X*l~!`Ksk{k?nD9n0@1uN*w#R_Y;#sS1uo-h$QF};mTMAC^PiBp-F_&cZrb`C7
zxueg|k&z`D8Y(gdGc?XOq3AiRIPf#c@GxAzn)T1!yKXaS7;-WANGp`2c=VCn=PYI;
zmwH1X(Z&=vq2K^DfCObLK{4rRV)vJX3EqS`N`IZu9k%h@=4dnGdkIo>9RSh%;mY_*
zL9+Nq&lI>vu6QxC62J4h8U4~hHvW&u?xtg-F!Msl4!KYCBYi{ME+(K-z4R(T2ACVB
zzPIa9!5K|TLYxSe29&duIlc)vkqs2@cs?o&|1?s@wf2~^6C+WFMqZqw?5K31AdB;T
zQwt=y0)wh5NY`^XALKayr?^OyZzAPrxG<Upp+V38$O@y5i-nB(NiEvNDwyYYGd#HA
zY4nzuJP-?CI{RS`xT58}$-|TN^(KYbpNy<BF%^D;?Y_BHZNGH}SPjx7Zm2{D18VgX
z3p-zdz)-UMR=)oy{R#C=uPEf}l=h2z_UeaR>X9v56z*uJdDs4hH#cmXQo6k#y@EH$
z!nYAsWE4aZeGd*e%=*7W^tv!!X$6??_@;sD;eo?n1Kj-E#*qQUCwXK<hJ4R|BLCOF
zM}E}bk^j!0k^esVFXUfR27wyl`y{gLIm1d@q>?Ts;vut;Pb&6a*&463nX&KQJjika
zJQ`VVZ?=Aom5jaQH_-p#leiO-tMh>i$j}<Q{q=9ePstu=eHV0onEV%3Qi-#Xz5+JK
zP~>NmU?0t2qubqolyz`)YMih-iDYioGmET1T!Sw!z(a9=+&K3UE8U#Z+duAJ?mi;x
z<R~ix^#8)Ce86ge>F*-~e-1zo6lxG{jS(bVfdw#lz+JzA5Jbke7!_V={xY*2?_X`Z
zT)uxT--Rknb8*<E{%6A?4-=CymDYSIokm)~!N)-cC)Zv)2vp0+*wYjwIu+KjRqo(a
z;jmoO5T*?Bmfs+x{&0F;ep5r6H=<jw0fcuFMy5&K#TP?bbc*fhOw$nKFW^0U7gqA>
zL0IKujkW+Um-pL`8atHvD8bnRRMsGt$%D0~qcw7&G+BePm=6x)@8!;D&j4o11B*#_
zo*F$PJ)5N2)G4a3p59@_n=p4D?l8;c3zpE&!*%j=3vT&C0R^=KWIL`>w7$!wcrswZ
z{N(k#D!r}zwgHZ~lxJ5y)1S!L8nY9n(2gDem9VGw3V=c#0^#Picy(KPIz@O3)rV}&
zNA*$eG*4~M$?JULH3Ej3Kirqcq)mpSMyhrB5V5019xE^Gz%h~ouKZ%@8;K3{UZ;57
zK3=FYR%&ek>hTfMW^gL`ds3%N$pu(Ei;niF0QX@EZ^ZNn_YFfq-e*0bfcxd`d##xQ
ztLbafr;<GVRy|IL;<_fz^F*(^JbOlp`%CeLcgY#~Vuf@*tzC^K4U7AXU?$5g&xZSn
zBq|j2)|XZ|YLIW}3c1tmtz;bE7r0f>Y_F{kc6FdOfv08@w4775hqi)UhFtfhtWZG-
za-WL}ISS&esvi(>Rbyx)5euO$vpON=6*Aj!yxYt=Rx|^J1kn98q}Gnx{(iLMlWYQ>
zV`N;>aK-GRW0RnhO=UyfTjej;A8E57jxF&s1gOj@p5(_})VaM0l0G+{K+!>l$Wvx5
zl?=hDL-m>oR+(u*%V>hE=1f4<8`1@}mBcSs%_xO_n|`^AqB=;;>EnQ)DP?;)cBa03
zNGT`KI*^|3cKyWbsg>*;I_a){tZSyf4QFSt(n`=1e+c|U?uaY{Bg(v5M{#Q3Je)7&
zb01S<x$CnLcaAvJivmDXPsu8Aof&qLgRP58q~)sv4VLZ|8_`X?%LZid(%tKjXkN|`
z@n?J1IIi7qibxF@LY3^tkogTn%2gic!q%a`YcK7~4E3ntHRxJz2EEec$@g(Yun7xi
zSFtgF9Kpm~3b&Bpn5uZ8^!|Bm8k{tSS+$V~YIxjaJae05Ft(r9*iw%{NNvts>Mk&y
z!Znd3#Z3JM=o!zkN4Ijcc93`Me!zfpoIpq39c?}RkN12u)3nozD?(dHsS!2aQ}86Q
z<@fK5Uu<!Vbr6oE2~j5jw{4x4{>_Wme&Bq$yg7qFo5dbi>Z$@A8>V)s>gqm~TDo!Q
z5mkF-YnqH)?Hz4x)Jy^})F&KR>oio-EybKA@1BS<Mp}{)Ee9A?RI^v$=m*mUX`tYJ
zlwn)&v_lSrYOB+eR&62MoZ80&3i@`JKGT*L(4RkU$A$O#O+A9xCNfv<RR2W&E&%!M
zfSvo#*B>g+e<(ix)OtoUKtunD{0l*UMt<6X-;tjJbbU+=0;#eb8NbVR)DiGp!406F
zIJ3X@ayY;xBo%DaM0ry#AK;kN%J*#C!OfS++6+idh+!RbJ$c+G;LL{-1kA)4azmu&
z74~fMkiQYefmWpmS>RvLc!paCkL#Ku_qn=&sIpGkKh>k@--DYPxS7rZg%4y&#faGF
zyf-U=QaqAmw&z!&F}ZVk5U@?kvjJCJ7bi1+nXFc|flnzHu67KyO)ZIw>g2fZAHC-O
z{OU8X_9-j)uUzFfhF-buN|Er}5BT0bcI0}=Tp3Z1;>7HWeRXWW6S7|jJ67EjagUjR
z_*M072+WBpx@I-aD^@5mCndfD9$u3~8`OTcaCerhuT4+WRQtI<6tyHhf3fyunEvX;
znIyidMAAxeciO%$cUcT7`em9}bTXpi#oYJq=j?M{oB8CZA^x-~s-B(2))u31)!c_q
z37sprg;5uZwgbpxcy1`Fw|!0ZAD|!T1btr;_mKxf?~9#G1Mt#XZSSMgQM^)H`_6zy
zM(%Oy`J=b>YOT9`%46=v7qT~&P6Dvb7}uJ;<(2Oi)YjM>Q|Hv1Z2XR9(tW+ab8{HJ
z6!#Uvnhdo?6q9xWSznCNe8CN0&V=)$I_kNWaqRCiS^=~owDVWy2l21?3?0tHPWQnt
z>L+*@z1iw1qRB2LNw@65PnO((f>p1+8(h3X&h`-#+w~Xe2s^ZxFErc|KTRChJmTLi
z2#4S(p^ulDkeWT2^S2*)@ap#k`*G>U1zBAloG*K<g5JMV4X$_kHhQopx>4JL-995?
zRN>F;^X{8+jT~2d%5zc1$ir&ak0;Vr%tX(Ba*86;YwNH1FMR_g0~X&A93<Ty+9h`H
z8P6!VRSsbJArI6;>D0AfxkQf<DfQ+3yUYE*V>x0Jc5>njW3RpbncjbOi{~!VIteRC
za&d9R0XvqS<dm;;Y-_d1E<^dc$kgFGE}}go!J6#r%9RILr4YyW4*9kTwut4y78Tgj
zXoG|UFys@h9$?xs!BWoUC)VC*qPjim;2>_VoEeAOc#U!cN!CqT-Bp-Zfmu!)7O(C)
z6Kop=H_;|0dG{5-IU9$Lu{R|Rv>LM`SHyw+GOIMagNZTdQHwsM>=GB`$;3mJs1P*~
zJXk;2T)gn@jpRxcI_pk%A6h>quZ+$H?MCZ^RV8zqHMQOjbX^NVMTThEweSgfjQP}6
zTHw!!$c29eWIOQgtYMRmzV2G4hnj?mQ08O9iZIx$G0~O>92Ot1KgYdB#Es7vo2=3q
zKw3XtD>p_2u7=!4Rg5n}nQlS~RGC|1WLV;5l-W~1%6<w|-@yh|8Gt(n(hEjR$4<}i
z0{waO6z4ENYi}-e9MoF~RT#w*az%b3PZG}Gs?10IM4okS0D1nbG9SwL+fSAGZ_qzf
z=H)oCK#>4+{e1l=t$II{=%1~u&HQC66eu7po1d3~)Q~S!Wu$(72OM`nD8Rozj-TQ*
zKaby#px@5{C2T>UpGf&{2jTDUe_i#*$mAdWo&G%<#?O(>{RWKer$WLXx;Vhx0Axk}
zjG%r1<_C1?{O=?C)iLFNeDl8>*<+CN?+t-KSifHZ?Ad-l?gC$b1CIZA`;Y&qa|sjM
zfyy84e4T0Fs9IG8$oR{$ms+a1RC+iEy<azAe&VHi7u>7rqi4kuy`k#|42?-|<AsM%
z&PW#r&|Vbj<tl+hgG@itK_U;qHSKEk9+gA6*~zHpC)oso$5Z+F7wzCNF6higwSy5w
zrd%&RmZaNM3P43C;fcTqy`&U49!#Qr3Z9pwh0XR9>d6tw(d6Bwc4#D30~JmXKvML*
ztl2FinAttK*D-AYqrCS<g9&+$YB?ce^f(LA<zCl*yiIWHYP_xs0aBCPoQM|WT#I}7
zWA1?%`?a3q%S$bt7-APa#clyTVn?wLJGNN3*EBJh75;8ki88nz_nB$U_ebR`rH0#6
zI!idsifpKbX|Jm;M=+C^S=Y}TsJ^~;U9ctAl`u@LR0@2{K@0oH7<<@pwC&j@oC+$5
zE95GPK*7vDoNo2CgeF7ZS&8a<Wy{_?&Q`zDl$@b-g13z$aGWHCPsBbopJd~+X*ARW
zK7u&6c^wV2G~4lzYB2pWop9gjN{J05KeOgo-=JY^lo`C&sn%&~_44eTbemi-WjeuI
zM@@l0a6Unnpm$oxe7UjAFVMAAmW0su&?IFmA^P5zn(?uqM|kg}s$G_b@d6jkZys_<
zJDu9kqZ&`T4fsB-@ixn(;#McUz%$BtmcqUnlbcLB+VHT0egre!?){Z@ga8ed;?d2b
zy`qyg!d5Ls6WcY|e*7V{Al=-wc`qeiy162m!T_md7X&!sBFKRX9(tT*m#u9sXrNQB
zkJC&-H_TTO70b7>I%9h;%Q)wxnN!BdtTY~>&_T|M=_AcTbw~SY`gN^=1yn`Txm#^B
z_H@XjvNxMRYy{>n`Lzkrh~NAWKH%;)eQ&P+QN{hO>}yTqdpr*A!>Iaw1vPTi@Q>_?
zCFU86UOJx)x9fzy$j#>whiq@iQ_*Ee?rFElNF%&j^5{!mQlPng21<8z+~s)#`@k<Q
zFUzm<(z3qI<wUWkqzb7e(Qd!;Kp-NmqeFydzp;DfAoVU)?2V2!GvPDMK1yNPWKO;}
z`x<JPOv~Z!&Av0nS|j{1A}IGe>t5mzZ+UGStQm119bYsG3?pFmiEz8Gbe`zvw{ut1
zMfb3P@_iH9&PRwyD(A7XdemkKnX@y1@<ktvLIa52moM%ckxZ<jav?l9&QK#~P*LwB
zyyHza!4kXYJAygLg&1A>vZ_vX+oXvcWWs#1op!oNW(RSMI{Hw%TiTG_m<6Uaco|^*
z<o@RhnQQc{8RRfR*Dv1F+ZSW*YUP7_zU_HF-ehvi#^bjqOn9}vRzZ(z@ywr3w$K-X
zTOyZaZHn1aTw!%?0uf7!W^`E7gzSq>!lw0y)b)^ksM|FM#e%4cqKSgAWz3y7XI&~Z
zEstf_dWe{HySoes`h&z)rJ}U5mb1b_Kjhh7MTHNYwmre(^(HmzAMR4|MM?iEK^sZG
z>XuMBmn)Xg13AUYiN#7`PtXupdKirY&L-d-$vqklb%Oai5n`D)r|oYLcr@y0i#ZIc
z*N?mVo2yK(9+iZj?xv?AhiV>c*#N&EP6etyu!Z-g0bk1Zpqm^c0~9X<+|4M=>LbiT
z1!4uZiXNeZG-FxoM{`0x<54T;p=JWKuU}bFa(~t@wSAoX=i0`3IPhQfjHg`yF|_}v
za{Ndbz@+(E_^#)!SSb}ar-#}!Zoy&TbA>sz9OkXdPcIGW@`7+};%+By-yLQ8vDJhq
zx(1=2f7w+29{DkUM}Fj=k)OTh7xJ4Gfj~S=3#~n6ziKEeNZrR(`_lgMah1nh*EE{|
z_bK2@@eRC2JiKoey1>WPS&S=N+W48YziS0*cFFC?KTnAh#cpMj;v`CSybv@sEs6)k
z=Oqw;hR2?ItK{awBJwu!gv)6Kx)=sy89&3jtG)d02@bbBo(~If1MI5n8)xf>VvL;%
z6qM0l4gKnkeIe`Q&<Uu&+{J&#M}zRq8%6W;!kg<^fQ?!u|La2!-kFntZvS(4mj9!(
zDEb<fg1g~4;E%7O-i%Bc+S<__AG99^%Id+6{A7_=w}b~KlEDs;>L}e4G_D_K>~{qO
ze~sW_YyFL{!fCPnzVp90b9Db|Or(vee|7qQG}Qn8WNpwg+3DX5f<%1+hg;ikuSuN1
zm*)WMqTTF+dc?92#+-7fbMrUv%iycku~g#2Uq6ib$IX24K#KWT5%V9Hg(l>^<1-g?
zD~Ol=@+sixY6MeYneOuLMLY7V%FhfTC4<Gcfop6)hTZjD9^@McEz=~i+|lj)O+syW
zRBg#e;!F`l0Y)*Pf*&k0{oV@$x#6H<RC$7Xk1I8eas2Wt?_yU|g`Zf%y`8j}w@I-1
zAyo0P;SG7<$-m)8ncP9LjMs{W1fS*MkBEPUH(ruMwI{@^^KJX=^c)>&Hy%G!aH8G7
z_U@x8b=23l55p60(WumDbRX{biOYAX^Gp#Th&?NqSP->n&=gEm`uY|XT{;`Tts6lj
z-!Izizo7Ysqrqg#e=(wVmgk<nO%i{WeWPKo%(}t^q7*^yQ7?$&ZU?HPul(GDT3o^3
z{NAwLP~}DS=yK+0IckTGWruvw$?FR>%#wY6lh<h{*IqBWBnf$^>+f2mx$%{$D{Ast
zr7u76sB2ykEiElx=>FjzOS4v_K1;KOI#QSQ!{$o`%@OjGOPN;#T>riU^i0Lp0zjf9
z23%oGx{gz5y13Cvr%&jIY&qsC@d)ddcxt+&pu6Y0azUqI5(Z!<|4EIWEev~drDN^)
z(0Mrri?RDGL37;eJ-zsn8LuRWQXyVbJ7X*Ru)75c9Ad7AQjOR7zLclzWl)DXezMW0
zUp#`Nf-wunf*#D-edT(!s1hswL$P@s0443#7~6e;Z)H}qE1qymx~8TYU9({iOx6~p
zXiuC*Yh#pVgTJ~!5{Y(!jC6FS7mycS0|G09n2(JNkNFHOCRl3fLb`^suu_$|am_P*
z0!a<0EAVzMtniet^i>}od{c3Cj;T3MT_T1@p-k;IjoZ}Nx`d;(J2sPbZXQ^;Lxb}k
z8!MkU-N&ju#J_lHLrgUpr;dSXEA;-!=EkAASI*T657vxCmRLQ;&Kh*v7Mlbyd~^bc
zakz*HCfs+lRLnuUbKs03{!p#aMBKi|9Z$kvVcC7$PDsLO#_8T?t^={pRf)V5=Zvj9
zU#H-P<?pF|<aQVI$<TU#T)q_qh>>VV8@2GW<oPc_vTKG)PC>32g;4vYP12Pni#~gA
zuC9!mcDMq>3)x%dkviblLpoxY20M7qviWu;MW>~y;m%#9HTlg%0vO1L-?f7i*i01t
zkdaCzZItn`%7eS4{b<L%@KqS|b13`bUNo1#-`wqxqVnb%F*~Gi?5cUg<qMs^_`2X5
zVIHZ_XxSL6pY>s!4aIz4iuNb+Tl_upWBrc&w|_={ZtGvje;f${eJ08D)waqi#hJYx
zc);{yv)++h(pyx(g-;bh7tzPkwQ6*?kONm846uQ2+$;_a@!!R`tnM4D#UaI!L-E#i
zN8Z^uM)cE;K&CkrjYuDl0M7h^riR4i*E8k`^0tSG!}67_zL<LDJY++<7OUpO!3srX
zVA2bZ0j-OK<@JWNZHY;ePdCNNt2V2&$x+0OM}ldIV9o`d@RodUeOCv(&x0VJ85xS#
z@N^@URh4-&F!jP0k_hbCWWhug*LC`{)r-;zlcsP5G@@ZTc=R24DQ_m~N<=mezm|J@
zwfpPD9ajBdZ6c~$Q<^ZS?te1T|J`K&-@X5Dne@|fXI$Fdc#N}(E&57_6^Zi&7K<=N
z@lp-{rx!22LjB7Z1V&-c21OKtZxHHdWyax>$Ct~-*El^lF{;NZOv?);nwG(zP$v#a
zWf;O%0uq?m(oIYBJHOxVP35auHwsjhUUVprF@(%7EEgD#_PlJK4=X~2x%g}}uM%9y
z<9aSo)`#{hrU+Z<y$vCWcAVAbx)CV0<tf-TqVy7=uTyd~PhH}Tl|_XI36ig9Cpx6P
zuq@`xUeZrD-w<jrRxYONf>PQ?aIKCDgk^GiCq&7<8-6yqPuH1fusdpdbr7FIS(8hF
z#n8dN8(QS|1boBUP8Nr700QAsRB3Y}nT0vI+msRGR`g06V$wr%*0z}WFOD!u{h?lh
zL+9$rmQ7|m2c<#Z&G_QJHc@3=oV~y8xG7D%(Ekm@i1+^b2fzq)00OJlyOfhDVOEY#
zmhe_m1<uV8{IgF6711r?zNKv$frW}$_Ty{33M6mVl9(v?L4%Sjw8{QnDZ>tdHimV%
zbD!095gSc&agb%qh%+ktQX4V7Y*~BU>bH?@E{uo!r{%1>hOlXOE@gkcv-PyQ3sjbs
zF)g)l=es=+&^aZqxcxWgWBeM)j#~yRVu+C)d2nw_6m0S?y`U&H_8Z-!wKmdY@(|Tn
zsL#~N4hmbOUX*tjO+e-Z%FZP9k8t`#jj}H!RoJ}G#W{x0cIV~A?Y0?@kr{>ER8e|n
zGNac-s&*G58wb9n39c&x;x=d$u?qq(=)|Anfeel|WB3n=77g|EWj)acOG^7_zRBSe
z$QshPi0IrT&j%t~xPAkDD2E5}!TcS^pT^D~;-EKtFp<fXe7v1y*UaCCM!@%x@qw9t
zh$|f-Bj#72$m7Y@*TCzI7R2ESS<w$WC$WgzFs?+dPdI(?K_VlVC2|3NO3RbYqX+Pb
zVPv^=9J6Vqm!zyd7M2|DE2*`s>30{+9aS?oVz5c`rsn#Vnou5|zSNQ*OFuA;U|W#r
z*f!FpcaQNoKfFQh6%`r5C|7`zu3lM(a&xy)>0g9y>a{yOr;=}o=<MXVPfxg*??&!Z
z_sM(N0sGQV-8N^y#gSH4gu^@U^*BGu7HR*^g5(%~hV)*vj;BTsvVO1f16trA;aKB7
z@3n@%GJ4VqZMs)}V|^?M9$V#?(nSK&;V{Z|E)A8a^cn5#)TIzy1&J0lO!NGml(eq5
zo^=`#4Dl9(v)?ECSH#eAXmmOel|gltiz}owAdaNC?q(m*;F!RGxcz>Xxs{|vgT1#W
zuHWu7X}*C%M|m6b&q^?hW95Fb)7<<7*h=mW4T?YVgr!qZVtFy4Aa`#P3!TVqpF~~z
zH1jQ`mHXvvAIw|G6NFMU&m4Ws>h@2C{Zv;MN%f8FbRtYqzmic{a)fex3>HztEF3j*
zT^>lERTb^LlAaO^8QUb(UzodDfFyjZ^O+>r$J0SZ1|$I+U*a1Z)RyTRaN)%(cKBZJ
z4`mnXN9CJ=Kat<&?~(uR@5q1iXXNLn`i1;MOCV5o5#YcZ6z!B(+<!YVOwNP;^`*18
zi$Qs!(e4VNZ^X)k<r`%su1yenLf`uPaRDcF0`kr*yl)J;j@%~i3?EXT8u0?QqxZj2
zX8sRxim8XAIq?pf-BvuK_O713iZ4988Te9RXZ(TdcKLTxXw3+Sdi{xX{33jRIPVWa
zaj;l!XVdNE+BAYPHlJF=$MDjOkW4T5WGX%TqHf@M<ObF|*3>a;Yp?I;wAoi$apYdC
z2aEexb3z=>%&C$yZ}lAQcrd&?Rnx)g`t3HWF%~vscN@OYDA6F3JClv=Z(sUrZoa>j
zJ%#vAAz{K!;Y3{}7tn(o9qf2|s%|{r6kzS>RS2%m!RtnRt5l`_I>yZ{RV+|#^cdZ8
zVH&Rrt1-#7yFdowbW`BNt+y2qbT8RO>s&LLWBu*BQY5I!HD>k2n+<x8>ZYDN>9)&E
zU!jV@>}XnU#Phz5a{~g4jqc`iNCD5Tc=)g<&3sC;b>XgHiI(3cbup6YVR>90+@2P%
zY0RRn&O!O;vR?kaY{t^joCj1DFCFUtys*fY%kg`d%C&8RK3cHE)~UqVKo+Sz;&9p5
zpInJ}W>M-Jk!_o|;+}pThqcO4=qHE3BBLG3>UmX9Qv|)%<4QM-h!z^3G^00US;cwe
zS0bdbp3h3HD@af#^;^auo#%vD)|MEGUxqri(-L#)^b)678WSu(vJ)xhqNF$8$^XY6
zVRThlr1<ph;g-E%EsWse-1xlxQyKh1f*wes3<y7eME6CI>kn?Rx_)3!ZJ=^W+xT7N
zA%WZ_t+?@u%47(Mx*>+?zde7LEGwan6D@KDULG9p>w-5}GxeCBn2}csU^F#ly}qII
zcgd|;NH)<bH)bV0>)X|*r9Zk!Yo49goA*yruaj*07#$=UEdCJVX#MOk%pFfidm`l9
zc`n{V?nwi;&jlF%J<$SCp=aYP6a44^VM?1lN6EFBBV%F0HVMqu*<2d6MK<M{$D~5L
z7mjp-)R2b?*tS>AYEI@fIPk8i+*d@b-&u8<f?-5tk<HsXvD<9ck`>$$CxC$R9aaq)
zH#?_Aq*`DzBo7!3ymN{80<q3Z7PxE=VNkk`<2fZKyd%#P#i6OM2#owXpzOB8if@Ll
zF5H{<X#{CQ-0h3v>y8EJMUr&7uD)+NM}mD3oX8|K`t=T0Ha6`&-zZhE-bj9?N_Z_o
zmL!q73UBCcc@<#AO$#sMJv;|jW%}!ZCb^keJuw+RZ`tSm<O!n;di^P5aby5jhmik;
ze6@TBZZt2R>jIE$8J`seltW=|zru4eFjR1;`8KEWkzGB}#zf93-*zf;1>U_t$hhYm
z5i_vmU;OfPQ1Ur0=gaImyz`d4*)+*ofQOtZM0dV7di#m)=C}c{POaj}N?;r5rbQv-
zQ_cn<*KKyzBw28vr(vqNYlIDQBo65{7r0m>MO^lP8iOLiTs2=yYAJxUkAT3d?MWJz
zn36e7;}9d+8w&B#f`5Ek0r58Qq<a;4n+CG_P#8sJ<JT2ZLH3wBsWaUZWlI#hiU!ug
zzD+`yqo^WM^x4cONj=a8$mSJulsufty_S)@Ty+5ec@QM!W-scM=g&I@A37=~d|nk7
zpLquE2%uEOGMH24o!cRIXj)m~7V^im8~>}mRSY>)tCH7iD(i!Fu7@d2>ZhQS#`^$|
zVl$@a_L~2neP-j(8aQyiYOx!>-%liLoNu}nKw2~Q6Zv2MJ@RA!j{MhuMt<SpU&#L*
z2r00%WNL<PY^-b_5LtoK#1}i#CjN4)863}B-w!rd)@MF5_lro1Q}*x9vh;jeH!T=H
z=$MN`T&@{FviO&SM~{166^UgMJ46ynHcy1UOi*;nUtwy=%qxS4uhsb28{%btsQOoZ
zD)K``;FJ3fdnS=HLq;smIOtq7^kyKoN0)-yqxy0gvy29~SL1*A*aQ)YvptL4+<#Cw
zTXxB{fksvB^KnW%EMyH#*jH{>AK~l4TX+4!CW64pRbTS2o+q>>t1NN2k%}eiJVXDt
zz7*q61wi7QZRmw@p!Mu+8Fd80Z|Q0y<DU;|+&||IipsYw_M09sb>#lOHblJ1wyVt)
z`J~?4rNmJ*-KHB{T=dstX0>7PUd>pMPZPU*McBVtj;DaYVYnBy7k_DbGm`E_aC-<9
z`sdR}_s?OY@bE*0)ZKk|aePyZo5l(hi`xdAHt)8C-;C0|qoaNc=mO>Z)eV02U5`;J
z!k!4)$c2T2EX&OE(TXhn%P9d=?f?G=037|xD*r!!OOkmslt{_$|L8$|oCd1>H{!9O
zv_>MSWA@TC&mVMTx+^C@2-6n&dG;9jzSQ_jp1~HPYTiJ1k>yLsqKPHwyws;W*>`0T
zz0Wj|V!Zr7(>oH{A}@>jzu0^0s4BO%Z*(CNN{MtMC5m)PgHj^hEz&Fj>1Gkq4FUqv
z9gC3eE|HFfiw@~p(&@Q%Z};Br=Q;cPo^!@|$9u;6{lS`!<(%`L_ciDG&3Vl$ez2Bj
z8|H<$TE(M!e4k|xXeGYz)^;<6`n8_VC4%(scgi8(?<4J_Tv6R--`dmL!AI&_pS#->
zs4ZutH~tM&$(kV^^&z(_jIx#>Blpy0<NE%@QDmhJsdt#G%SAFO|Kt~Zr069ks5<O9
zbGAhv<aLilcn&&<w!|{h+aY-euWizaKMYI(C$hlRxo6k8EE4WesfeW6d~c-W$lMT2
zAt}rBj`#!r*F1omdg7%^WEa1)|ITun5)q~D8*js)W;PC)9x+j3TNhsKah9F=&ZN!x
z>FHj2>6d~1D1qXhmO4YXwg_Qka*I0_4yP<+9%YR>-OJ;V&o;Ss#OKw<pnE%1o=xqy
zXkQsoPZWYyOB(5F=1AmNHot0F)7r4JXkPZ;H!ZoZH^L2M1=hb?H|ZGdwN>y)>0wV9
zlHa(q@X?kd=5hRq0-nNc>EY_re#{*kfX0jjrcXF*W39isC0&tZ_Sk~*jx3eEvi3T^
zQzH4A%!ld^sZW_!CGL<P5Aq*qJ1C;1YPzs?Rj1M?XhZPD=xT0954M<qI36tEJUirP
zOutR~9r;848Tm1OApiNV$S>me6ZtdzL7=&J^@G8#xeePo?~*vC203*f0aOyuwSD!3
z#bqzC@>)ESV|(hs*Wgj}bZpLU;k%QKQZJIM;;Sg)e1erVKanMdM2Vr*h-tf7M;5UL
zT35~*s6>2qH8P(x4mF)%^67HGS40yrS*);FaNJ*mI|Izrb58S$lD4N~#h3SUbN%ux
z>cgQ;K-5tNF4F+95SmhIT$2RINNiCA2R<0vmZc^2ki4jv`i^H2>Rww?Rdt3VZ(voM
zp^ejYuK&^;=S*pi)1e}&R3I0+pinM`W=eK+#F>e8NlyWHDUjN94ROlZMQU}O#Sp%v
z$-Gm_qP_MpX8f`8tSeLif(a&qJ5HnpbGwv|%0V$CaN=JY&eg*ikt53YVL_wE$oZ$S
zJA{gC#vy#woJQ%Ud)oC<fe{HySYXu)sl==7^=p0h3d^M$ARE22+<q}(0(=|xJVDWN
zELfXJ9{)Q*dh+$1Axyy276Z5}Yr)WYtBA&2;v%wRr>$pRL;Jj`QZJgHLB;0e*|}1>
zi}GrZYOMOCBcSZbB)sg!v&_7}o)`yG|NJeO{m$RKgF{PCk0CjB*FbWKNV3w*Q6ovW
zE5HHML3xyQ#^6MPS(>Oa?exm#d=(s6vMd8sngpUOO>5m=*a`F3*86p$Smi~~Cp-_Q
z#}+={CC70)p*l19X<b^<=bnLI_EDz7DtMw&HN|2{Zc<DPucrzjyqbL;3DR@EGg33U
zH^oQ1CnYMxMv;vRuM^k{tmnyiR4NEdHi`OZq{WsIsf?m=J^7tWRooj8!<Ooi0m13C
zL>YK`9=+BF9n&c4@!FJ9K9NEP7Sh{-_!Emw!H-+eMOm<UdZYl2XlR<4zESq&GXzha
z$D?h*2d~HCn1hkTe0ISeo8LfpMDJhYBK2JHYRl*t)5T29H|$UPL+nm?ljMpITIQl*
zbmQ@)gwZ+AMmOLNgdf=81EdSl8@j1!OEwgiPN9xgi>P1UMe%;bUm>T&()#N#6_ip^
z2v$jZI&JXHi2%;$Q~5;`lR3f0+MaQ>6p`*Z_6dhNZYG6W&nC-vXY{ITkne-OnwJ4S
z@vihWT`6w6t4!t|Oim_ozKo2beJ5S7Hm_L`x&Eds0QDht;Opnz7lR6AnXPUF1Rde-
zJp-03Xm4=hRa~z22ia5OhVr@;aD^5CwyfE+FV)M2-Cngo)h>cncu&NoL3*}LzKf)Z
zmheW{-X%iap@q<8TC0+X$Lmg1r#w=0J5}$<3jw`9G^z4Og0dxZTVL1fCj;sIy3pV^
z6KC?GKxnyMMrZ1?9z=J5bT+>RaF(Eo5S->Nt2d5SreXHkQxv_$<FrzzOi%ha-pt^V
zEZqc_9lAAB-0|T?#{t1{t;F@v9~xL{p2TaXYdXZlgm+VDJJw3v9Pcw^qYXt1N;X7p
zgC&fI5;v-|L^098u=kjI#E5fvy@c~ZX9?%(HuCj15LBfSp%K9fHL3G!zw2r%Kx-X^
z9Jl2&7m74LqHmCQDTR<M$oC9@wQDdekl$IzrwT6O9}2%TOqYzYq{K~BIz?rezsxVA
zjFfmyY7^3EQ>2B_uYmse%^`<0{<Y)>sZJnfwmRz=X_2Y4a`$tMMYmU_CXQNWBTNgi
z7wUi-W=VNB#bc=62#Cs!(;f3rSq|48v4#p#U#mF$=m8jqlD>{eXDQyaCFJwy>9ch`
z>*>lHl3q<r9+tpj)Vv``%?8;3Cd<h|gX9W|K)d!w0^*V<BX?|qL=G8oF0Lyzu?Itz
zMXH(sopv}~Wbb_BFV#YkK982pQE4yQ2#PKDlRdW1+xPjJsl4|=u?KnBxfp{gWR7~A
zHRC(-NBlGLWBx$?vtN;4g7+u#_uK%1Dy#Q%#uS)PL_eyU%|v$*B3J&+F}roH)Tho>
zWkWZx<BZkR24AK?`zjt$MZodo{kDK7xReegLk;4P*?DrqpmOLNNJu;Kx1zAa(aO$$
zXV)-MN<F*->8XY~47(5I6UPTn1eveKmMCHKn8@XkrSOl>wgv<_sZ(u|<F+Jvc37kH
zBQNzHB~2J0%=EFtrxRbsOfKjWUcz~Xn6F`@-U5(co>b>4)y<RS)skg#gD^=>g^WT0
z*KbRkRQ^L!)m(vfRHd0h-G#tiud^N{Q8Frvv}?Dj-##VO_I8^)a%c5j<yfQfWWJPY
z^cac~dHrQri@S|plg9%z>j^mbz7q2FO*iGNBOOCAaEK&?(+YJBJ~xG(YYvQKIui`Z
zn<M96JO}b4P5fRI#f%E-xE9Pz2Uk9T7Vpa6tDCRoaWi%*aM&Y;8=OXJjyz|^tT&Yv
zprivirDJF9Z~~gF`tL;v!`Ko5bT7chv3J`TS4W>YFJ32}ZrRa+bh6OFN?4#AOh0&L
z6lv@!xeQxpMArGGad8Ts8vj7?L9!NeW5FE72S=-xPN8s(5y$um;aP|6U?cnhzITYQ
z*PpqNnvN3z6|+d`w?a+R+G>|`MOT7{|IC^UpLwEUaG3cMGym1PUw8+Q9SH_E1GI9e
z)Nh6AYEwmxE&0jor#mCYQ4d7?ji<LbTf(cD8B|C=PisqYurKUd*8y=}Bc8dCv(51z
zpA*Wm4Vu-rtTVz|X66>G&)p_uQy?-G6EtJiHVYxUsx0}tXvpKo=~y<uOmW6sGViY5
zyTNTlq;@c?6<zpB#4cJmHpQf<c$&DoB1+3IwTsTmZ62)V?l*+&uCSJlW|H~`-wfS)
ziEkXuxZpO7GXG2E!sH@D^mjAu_k`%?c+$EPuQH6hy=JWf_|QI)r#%BT{3;=f604o8
zySfVa?6KZo*%TEf1A$v-?iksiXtLc3KBVRV??+dEd0TC=Q1_ruQ407Y5v63P$cW+s
z$5@=8omZhf^w1?-<a<NFDNmGa{x6HtK9v<%_KOrF!eivo%%5V4m2P39%5>YVKMVmU
zHI)V&1@Gp5XlN++?kAY2Kqe0yGv5dSZU1%A_Lq$t#Xc!-Zb~KAcESCe;#;yLU|Pz=
z#Ax#3quU)jERftUucWG~{I_3jW~Mj&FH5=bA>;q=s}Rvu%k*)7x#L;bVSw;zGRx<#
zoV?rpl)hOefFE}TRuoaSc8$9~5zz$1Z`~d8FmbF-r6~(IBVI1TKAc=|Ov;PQ9jn5+
zFBd8kzk8xoaUuSY2P85p99NKcn%^Ai3MrcE%WX>R9H|==4s0@=nJznR$gOXkduE}`
z_`2m`$}FdLGvDYgcO=>-p?Xo`ilVC9f?wolz9e&LCq}tYWqqojP(-5Lv|)qUP4dIu
zounLutN{WwIgifGH2Fadr?}TNd7CTq2|Fw`E&Mz3$NV$$WBow>(_fMQ+15|wucHEi
zlqN2prm_x01$pzPW=hhBh~EiHs8hVTYd==y(1N?YYwdxrJjW2Xm_(wbY8<D2a~NfZ
zNN>Wdy1o|XppqkT!v=E<ZARd5Lo*aXxW(kj;KOeo&d>&FbQqeOh7ou=Zc&k)+NhO}
zhAr8@QVf3iz_$Y#YG>~fZQXcBkTRagU>Xa(g8f~@NCdC-hA72k!%~AM4Th2p#+=@)
zx79*qk>C83iUTXIB`@sm^d|gK{j2=c7c+|!37br56ILvZj|<mHSK{~VtxSxL1^mN|
zb8QcdTAt00UaD9u#X8#Lw!MCNr;JmUM64DOMhfapUZVKyT2fp|vg_bN^(vuo!C_PU
zgkX5{B+63wc5`FRi~W8R+AO#5+*)SdPK(9)Tm6f&4H&r-MjF0cn!#GmcmcCxO-`ih
z!HyRDpShe#>Iqp1Mc}~p9S)LP0Epl#70wTzt#A45;{+Ec$d6reayheGI+dL%)3&$S
zHOcSB%_*W`AcQUO<VNoi9cXsg=J((qNHDbDSra@iaaXIU+MlS`KZSJhYMd;N(`P5>
zLy}{ATT4Qh)Iv7d%n3(z$bzWUf}SPY@f^IrQ1znQ=Seht!L5fZ9|BV;H{_Be=)QDR
z+3Eu6jSHH%Q_N3QhLh^aZ!%8o`tph4(&j2aEXxFK^Gf|qVGJ6<FKk#e73O3(!}AcO
zyfJf=%<3na6MNhP!dOag5M(s1X2kcrNe00MBM!4HuvWL=(C5ufm8tejIb)_WZXVx2
zlipn0mqt**{i?kH)0*-`UugR?s#0;$+)Xcm2EQ)eW~woV$EBsrnKE7)w~NW<t8AUd
zI_sMvFKKw;pK8P%@w8`Azs3t*&PrLrZ0_o~*e|sN<uv)4R>#1xMmzmKlD}pXGDj{S
z71XoHw;<9;V6S>#t#zTwI!VKHmo>;)Y_XwX*sNwG*E85dml8)@BcC9}EJyz|R0iRc
zg^6<mj9&CAf=yZ}Y`NMpHDiej=5dec4fGXDK=FF~Za6Lm<%~&<!;UD0dew5^SfdPf
zpjl48yQ5Gk+;D0NYmm)TxQfSbnKoa>6I^KV)uLun>1?!hr(xxKpQZxJOdq%eZ9aXU
z?e?%|)#}U{bt6sNIrjb~v!1eKwd*~8{?geq-CYqD^Ba7Eo`v&0$2$TYcC!{wV_1|8
zW3rm(s_KeeN|-r;03RkTYnDCGg;3%CCrFNK_yLe8AULZZx>4UA^RhgQH?Bnxxtm>Q
zj&)>julVwD(Waa;ZbeXNhw)UjmiLMxnp(O`p{JCRC#TvN)${Qid(wIxXa<TB4o6?E
zZ&!?13#ulZdv;er=-4<sGtVN%(aLUW<o{P@{~>DRKsv4U_Le&4I64nG@-A!wQHkk4
zu!6Q_cqj(A#>nXF(HjLYcFWd~You@Jvotk~XI74T2)XCoilB*6CT73nSJ6S=+(5ti
z!W+m2Xtt$sqHUdY!sF&qbMOEph6frrO?sh^UTBApy!~Lpe^KNvYlwqWGhqyz<N1Cg
z$NLW--jk+v>Qh(mug1e-i=@ASoETO1r00CSxxJCoy9h!T4eoR;rQzsoj_CARR}fOF
zrnyS<J-#fm^uCi>qlUK0cpKCT!g=;ZP-B@X5<^#VC}U=3D#mAb`2_(6`HPT^+{CO(
z*R0?iNAZ5*%^nKI8)Br$QK4x$50C=TZ@R<S7bA)KOE;a*ttO*wb7wyn3iNOyN6oT_
zY|y7N;(3f_gWsD>A&K5qabmEqvOmmcEzKA^JhL(B3!$5H3X2gciUOkdP83N}6)+5P
zyjNxki7~b!z9WCmKO;Z(59B}j75Np@ej@*J9&qMInvTO7M?S&_+<b@u<GL4rMRmw0
zi}=w^XI_g{iJRnioAXBVh8r~<WxLB;#`4Bky=SQ3`)a!5iV`+HLp$~`Ll!n)+vo0w
z$t}rb@&uztV`hqW@nZV;4KgK``YchMz}6$3kuLG7N4-h)>OgkB(6`EVs(8ChiNoAb
zarZ1E;b2=EGfd;0Exrc~LTK7U2|Xu7c>PzQi(3QolROV$>}+biTVY3~)$NdmvF~xP
zYTx5vr<cQ&LHI8~!f|nnfNG$98q!t5+(Fwtr#m7t7k-5W))0HA2%<nS-AbCM_RE!V
zx0AtWr@k2M$&9qugtJC$J1U^}Es-q54-%&=yX1WFd(h2@TzETug%NE-OmS9JM0<(3
z`CeUZ4S$5ctD%uyn_<IS-(m%M0rh~o<$JlCxAH9D4(B-s_um<M`&4<#a3PI<mmq#J
z(PKF0R><0+2$8nsagBnYf{CqJTBR88TqHq^2gH$`bK{z<rE#oHWW!SQCU!RR0LZCJ
zt=`)!^DPJ!)Me+E7eP}A)^W$;Usi0c4SU9%xfrKlpBl#!w@kcucY}5N{#eOQ7Kcz{
zW4VD+L?zOgm9l-M84SOw1Bc2ICvkbdBz+P&t#TJ+b=0H1<<KM#(;Uleu85MknFVZ6
z?4m@BnIWL>f9%nIa=7V_(bKOUl5KpcDo=G`hA(Lje`pUx8A>l^z3ozdDZ`UxC7d9f
z;%G>dUH-f^?VT|YVMT=v>2>cmIKHcJb)(oN^?F%$fA-64C8bAxE$;GTG`}v5{k6-$
zMiU^rDc~J3%;dg_bUt35s<uGIwV6sCp;z`<<^?%-<MW{GBWlVc$YO;AYDT`cmLx+J
zh^qR`gkmVm4C=;%?;t@Xal;$mb3*MK$Wb&Mo2Vz={xnm%k=KNfo~k)!5%%S|9jfP+
zfa+T?CFTCrn`-$;tAcFKuCfIXd&9<D6KkYcny!-1)x>2!@_@AmldymB`dzuljnPLQ
z#olHgBPoRA%p?&kiRq`Yos&tS3ivS6`1R`cPsF%kt4(N;qF$M?mXy!U6$%vPKx*R&
zim?i|IdYg9fvCKRcIoaRN#nZA*-TFBC-<b1df9Rs7Ti=Tm64-PqhFmQVfi<Dy-XN4
zL|LTbz&s+zzzNuPV5U`ms&$0Nzgx>mF~lPzXM>nQJ|ajfwlLH9K-lkTZ~Vmiz-o~A
z!t;Son*|YWUI<rj<71vIIx9w^_=61G_SDaLZHrn}1MZz1VggzplkyqF*;l0^(w@yI
z+~D9dT=F!aUJF3xo-Evv(60rV)tzu5t(>Um_P1U$1~ac{E=?-MsbN3!<q+M|56nDG
zeuhAD7|V`%a{GZTorLY#WHs7}2Iadg=^K&tAuYT4_@IT?Zb*lv0`YJ;-o^P4hdKhk
zj#Zh4@yA1`P1uE&Ne=wYagKSqgqqeWMjsrzK(60FJ}7mt#bg;@b10tNjV%{y!Kvj^
z?VhnCvYjVOgmE6nBh!@$P>Oab3^WkLvmRH!$;yTzC!1%)=L7L1H{Xgk`+%(fRypTZ
zr6O8V`3Tg*r~n|*&;UOg>$6WrW3R}UpX!k}hh;PXgb{J>uW8~ACn^GW9(sT2c4<2<
zeRfYlRowHLpA@Cv*K`~z#5i8xk^%2f#I$V8EJ}8a_|TX4_LbNHm5#F_5|s#?KyEq9
zp&ciy7s^Y^{iYnk!pfqh3P2Z6jug$?qkTi9G8D~gNl4+^a*Iqk7W#7o&~Cagir$nm
zept!|qR)PRual6FCnHnx2|1!$@e|U`7@WtYI<4L4H{Ec%h>^Vu(b9pKvx5{~6*+Jh
zf68nnXE76iQjDA#Bro`J-1<i@+09kj7>`H&o3&7O?GKRNqaK!Ow?_nJt*0yXq#rK>
zv6y{p717sJGn&MvUt<k$X<n>IlGRj+DDO{X|M2H8_-EwD`GNe$zaqc7%1`819tD9?
zIU<;}Jc`I%zI;%6e+zx3w4hY2^?LJK)plLzbW5W3z<_9z$V_awa;-Xexwb-!QYR?X
zKZ^A^c0hrc1y8|33yPR0`9OoRAzRx`#-l@m%~O>L)hkghOym=dh^cfOPQ)z;n!!-!
z`aXWB21vAMME5=KhK}Mo#1z&jWOSo?fPwQ-1SF{J2pV+BX<mP^#W}?NX=Ro1%VSN*
zEVQ)MY|@)=KG@BwIb-ocGJb65F8%hi#=GM2XDzpTYe#{+m>!-Md7s}ghrjXCHOC&c
z9b_7H*+n`J;X9;C&<1^l5KqsgFm>R(l@ofUW_FOpQh2)j@bQ3?Fn)ud{C;j6LD!ZZ
zcV_@&E^c(~nomTlhJv@`?E=a-Hy*IH%<5wMA%}o6SZWM0d1D%S?+%LLpFZiJe0Nl|
z@Z|~i8)M}Kh@&gOl=T3lB!T}Q|7Ah#sjx*>>=A)i&VXZt824C2Ro|sxtuGasOBH<*
zmvbt0$R{M5w}%uP(AL9C%r)}!(J}R>P9_@4{U_dnkx;G~@r=GCwmXY`hF`BdAHLzE
z@rz2QQhYEqr0pv(t!2V4WslLzpILkVYr#4a0fE=1&mpieIqhT#*XC*5&p-XzBaiT}
z3CymE%T7khqp~GFL<3l&v_N6F(c*=rvx>sLiS(U!-pg{C+rH;S>VeV`vFR3=GeoFS
zJYzFFS495!;PJy-M_v3Cj-KKep8QAZyNtW)XeN3KZ1?1`nc_!0v{({>7&7tkBf8Xe
zT}G{4wEer%nC8fJ=ovLABtXNmDpq`*&z4DEDVVH|_U;D{JH0j`E*I)MpnISrlAIDq
zSL%IAqVnpLSEfx#tBY1k0W?Ua)+t_b5vd~eRngcriw(0Z6Yn0>#`!&r-3kHigxn*3
zh<<{f4q^lK<UFC@DQ1jh?o=uYD{#h08_d;E7u{?vAh}7&h;)PIy}zQTXfcII#|N#`
z2F*$1L`tU9C5cd*2W2m-V2U5?#AjQj`KYD&xcQ<<J|h=6Zl-@_L}~@Gp`vinp!O=I
z=_-Dp6`-k)H)up!@wB9Gs<OEBuY1#f)w=BbMHFwrjBjl+?E93B+v|$GN?uFiOPH8K
zIv<sAv=KCwHj8*lp+$a&5$RgnOn?ZOjyvdWBm{$P%gij0yR++a9uFsnv%8HRZd=U;
z)|U8F7>lmAy$$mPGP5EnY3$}xiOGInZ@REB4>Rz>v^&Y}&X+`%-J8h$*LU5M%9n8P
zrq}g}V|8)4$DiRBK9w}E1pz^hSa7DnywkWM?Ky3&frTasYgP_w1#T}7%(T(!HN=}q
zQk3Srg7p(ZJ2|KL_StuYWD&?_K%SaH#uDYR9(8AZ!N&c(&pEQ8#yD&2WID8bfEU+@
zuCW2`VGTmQAhQoYx+DcBg}xuREK*Df((azmySD@!Lypm+?TC$RN&p8^TM0XOU^sMV
z6fS`AU~kWw_Aa#8gUvuCHBNuNhoe~IzUuHE*O{Tunrc+Q9KP`aaEoPLDpGSAS}12k
zap5AMBugYlo$Qttb<*YJrd|Lp-Y7TF>T4!J6+09H)ZEO(N4|{u;vBfLMjN{Geu7p;
z%d!u4nP0}B1w0{>xOY}71aPj8jp)*!bjJBEz(23UG!hJ~WBO>qy&v^*C<qn0+Yq}1
zfb%nB+qB<E?-FENXxs*L&PpKDlR>xmkfNuE>=+BTPOmpd4-&Ger%X;2A{$Mrp?UmO
z-q=djJ!4;eo%`vOl}IDM(ihZAC0cWhaQG5F#Y8$3ggstTN+yfqPXRKfzW<RiwaUt&
zXg2gBZINOF@}U&61|0I6{i!Lk{|NVTs;-bSED<wwSY#=AX^-#P_u~7Rzww`u|IQEO
zKl&B<b<utzzaqeSg~r{bi1KvIY(n^<md^Anv<PBS!0`=4Ozt`FwvFp3g6@(fQ=Xua
zrdm0k&Hi%z%km4(=p9{Xbx_h?7y1iuA~ZWvMkB&po<t`CJX~pTvm<x&iBi*e$&qX&
zafoatPQqbsHLfYu9ZQbW@JiVJ(TY<>Na(8JmneZ{r~{X}S5=-|;YO(i%H=UjC$1os
z%gcA<LmiL8(Uk9B`zDB-6WIB6CsF1tV?dwi*2SPZd>#G_Z+s+X?LR~n=R`@cPv)YH
z$O+URXL(`j?Cu)GI5?}brKj>)yO+$dkuEhm9SE*m#4fPNcX=db^}sp6)uXL4%%qPh
z$9W=laR>)~3YOO6AC3>#OS4Cc(Tu$UYkTtzg=hg97O4kh$OUrvqNJVm=)v`RiAL8P
znlSV03b6BWb*=7ntEjSAuZZ^esDo@cuS86{p7!pp)NE*C&|Dq4(S|6oHnGTll?Pzh
z)t{X2oy-dtWY0UTcna`{In!6(P>c1j#$R#jE0z;ktb}`2!#|wnsl_abH#;2@$7y7y
zS<WH?-|RG+WMOgauDZK)7BQTXVMPP(_skgqLka;{3my2DKJSk}MszT|rPE7mtG#5o
zG&xfJIU=-yuZSTb&dCO}(ewlfQr(;+9J;46f>EfPY1&^DI_k*JlwA_k+*ty~Yp0}g
zK!z4PV;kiglyv($q4V&nplYyO$G~kefdJ3VCq<iZSZ5?oa`@w7nqU(%pI#2kQj~Il
zk5RTwafbfGMt%6)TdU=-Z{gJ(&2ctj`_SCLM+poTrK~x`F`M=YhJX-~P6D>?A)YqV
z$`)W94r7>l*TV7q8Yo*BFE^`nV2#XHXu)&{{uy~|vp3pYbeBGED>w#k)t;SF-uum?
z^EFi)8U1R`Vw03y^j`R6N}<dbGG`GkI=>Uo+Tv2Iyim&S^;3Br^g|ndG3y%dgh6>X
z_j8y|mWw=WCwhy>8Bgz%23vL>6S~k_HE?8LNDW7GLWw26@!fLMni|83`%uqnysNo1
zAO$Vy_Y}0<mpni)XT=daBdwB7^@Tg$*F@Vs%Bhmk$61Na5;XjWAFCydH-t$)j2yaF
zURa&J=S_YfB2Z5JNCB$8@BGHfgDkr*53W0-OZ(A;S-{xWT|+FfUH`O4V%)=-6P&;?
z{dt2$8N<mxC`Nw!^<(5JBMUe*H)p{~R!cV9>)wGGiu4U0J2By@($`>FGrFqA=L*V-
zq#b4ZrU^zFa~1-a)h8-4OuNXBjZ%eE@{t94Oj;H(CY&o#8N$6fiAr`wh6oZD<}0ym
zI&WjXyevkg;=O1<g<wvG=XK=M)cfplyI*YSIALKGZ{NO0@$kB7VTwC+YHz2s#9?|u
zFTh>Jw}0In*&i{K3ZH8_zT0eeYz)39pK1yiUj4y+i%=uk{nLpB1aoWr91`niA1X6y
z%(xr%DOBx*q-y>H4V4LYdH`5;9=vZ%)9w+$#+?#BKhB1~esvX8`xUVP?92UCbrV@F
z)rg3+Trx!dXUSOjQ&AVhaM*FKwq;Uo6+%ijX1DdT7(sEvf*nSQ6d6KKxM-oPDgFW1
zmHNRm^JQE}W;K%1@XPG6OA3oTP5tf!UL03f5*Zu4iU-Rj<~JgPJXB~0;Y5My7y8-D
zV2-dJkkHg2bO_75VDakqyu9R$BBA|e=gM_e_eR>SX-OF(d4zr`D7xk`W_I~G%rR@@
zE0FtCJ=Q?MoyLrF=p=ayNY(kfg3J`WA0@J%;?gg2fWW!-(Q`binA04xq3Dd?qanE4
za}sqPvRr8ssJsrJwhUg<Q?{UwHm;Q+wtDB|Q}6xo)c*R(9000iF_3kFCQV^-zzg;y
ztYw=n?HolP#?8lNMYwssQWi{fGjHzZKD%<ad6bl*#7*3BTz%VxaC?>JaqcGW)p{eW
z{G{1ZO+w7?$lv<U$dCI2`44|Ze#3^J$WOEh0=d}<sO{aDpR3M-7!~Qy4COOo_HL7M
zQ*8sROp67dtFs;U1U<`GmPwW)wR3<wG(H+mS+CGL??iPYcvC0(FP~xdnb#{MUNsHH
ztz7M~o>pkN9mOXWxX^aQ^SpVaVkun#asSjakk;)jM7X6jR$OWYkQT+U*kCg+3mKoQ
zR@eJOw`<sSp3}K&2^M%?qaBvACo4=y1z++)pxs8PSkl_lzFvo-ufYZTZ-%9yE>-&G
z(Gj^WW}s9?<dXbd7MjYc_*Lgyn9uYjMcT6p^0@^*0|e```LA-CqHTljT?`!NQR^wl
z-q`${CHoG++?XONq&kYs10i<tnwygicErb(#C_*2k9;*hm|KltiFD3UC=_#nnppG7
z-n;pVa;eUS%7U=oDcFP|!Q!TdvcYtBPS3|_g^y%YDvolfC(`?7p{(4zHN4Iv0nyCe
zw9j#eRgm*XJ=8M66~qqHBaghzER?e&UriKQnaMXcH+-n6*Ql!mC{T$v<9g<kIrCju
zw<(pHKIuEhMjp9K+J|(@i2(N-Z)!T>5y2$!OL|YW2h$IOBIH1Bm|pisOvYAQBF;!h
zZ@sxIjdpuwnZW5nv2u)ga_QI*|M{j*q?5I8W0C-4<xpTVZH2gCtz&Js!bN+N{wlmf
zy;}PISL-b0m{-_jnEb%Gcaq;fHxEDN^K<%$$C&a`rW6tqhJ_OOGqX=_l<PR%Hs0=;
z-cSKJuPsIz)uW0TcSku&orL6GR}&HO8+4@I;j-h>_HT^kvpq>*ZcE1zr;bPuVY7Wt
zu7R{j@$8Cw%Uw2Ht%}&13*ofgBdmgS0_K5r)er$$%&&X65o3G1&*@DKzhFWf9D$(3
zO#JAmTg6k{@A44zb3x^NNpO^u?CmE`1RvXB&G!(JdF1dzxUM=8rK%I6%zz7fO~_ug
z%1Y8*B*eLTza=JtM=?7=D3j#65^3X}%sSS6GT#+zLI0uq`=zW1r@E51rGU}H?nYbi
z4M8i6!eAf?r$=gL_Qc_IKfqsb>ZOxnw<RC5rC<hOZq<B;t?INIinI~;9^NUtWHKD4
zuvS$A_ZV87es8p;=o0YN^M1QVg8H^e>Ksz}5Pc+I)Yo1X<S>iuX?_LI7&qZ(l5L83
zmfB#BJjRpuL>m3Yv#3^ba`J_9(yuM(TXVFNf=`fZ8whJy5JRi{+i&cB{Yot7eTvBx
znqaIY+!uAqAJ6rUWB59O{Ap6!phIZh@Fd{174qm+F?4stIQ2m($~!olT3?UXME9v#
z7m-HG9cHWLq_e{-G2>|UFFrsP2vY%7&UsyfQ}K3ifk%%4?wMg3+D9@UQObNpUrB!F
z;tMNfvXp159bmd)i2G?zeu<Pp^LVkKJI0)Wu2ha-VN{QG$IWxTE$w{FdA#R<(v~05
zn*DC05%|H$>cdpTeNitS)u_yfB;3UH+#nlPleyHfvRYi7$f-(sZvO~RhpnS~+tzO@
zq#dyu%MA?OgZay50#B-AU+~kX9)VOY?vvarFu4Uer@61kvfY)F%l-^eSY1!BE0H!A
zWkB8vB-y2$i0US2*HTulMdtP+!i`5>Pf)Ns9bUQvrhp1rmITuicjaAawd}~(7gKA%
zDcd^4CXo{9K;`BF1u$|?i*fItSDOE6sWe#|iM;M+T>#j5@$~hzAHfI{aEa;YE(1{;
z0472alnuO1fQ3TJk+8tgJRXKi<a?KApa-F%<1>CL(Xv#Bh>5>{#Xy53g!*y0D(}EU
z070HTP&qG|G10s?yP>yQy5LfUWl|+8q<kP(8->JPO?^ug$Z*=Fk5jP^>u9+vWjr=;
ze0En0*`tTvo39WTyKZq-p#7S-3|5(IGQMms_Wm)0XXkh1@AzlrzxxCE4}L{{Gn=2t
zUo;E?-N1pmy*I9u?kNDl@NztaYr?nl>c{u2cV4KOzgm6O9Y`5BgX9wel6(=Q6#*il
zgZa+8B#75lPgXG{=jmzc2j2^O+L^|<_}X@^Y4Cj9KvThTa3nY?!*P>?KP1Cwv5CJ&
zQjSeDM)FREv#3_Zc<h!aIYR~*Eu@+H)V72UQqi9+I4W5z>Ji;mq)vFpMQ4d(Fgd#*
z;G-V%?sHH~rs!1ffP=P%@Ae_|*~fE%#FdyqG+(y0@M8OOwUhm;iqj0oRp*1Qf~wD#
z^fH59l}KyfS^nnlxS$?%l7^N~n1yJ7V^+AH8e37OFo8S9G~4!Hc2(Vh0$KmEsg?wn
zDUVD~7OQf`Yh(xuJZ%i^(|A5IbQ-4~d7M&qRbsJ9fP)9(Q&ry#ozK|uDx#6?e|Yf7
z5gf!F7iGyQUTQw(_*H=Mgko#5h)ivNwxj@J=(#F`G7xLZ8|oLa=~-mz%|{g?zWsTf
zrY%cnXh*X#mUR|u$iT7(@!X4<ryAjsq(d~k5~sdV{5C)-_14fUSUNZfrMdnUR%gup
zsgn3FJkBQTI8{31hwI#WJnm$1pEy}2({b)K##Ke)TbApcTAt`uR+#vXKcQ9)ck;#N
zgw0jnJ<%KWBC!;)2ynlzQ;t<Hy_m`eSOX(pg7cCWFU5(4+lmdQW@uiyF4`n1T~C0u
zU9>;Wizh!zS*ee(d;a0M-C$1>$aO8;gDPv?4LjB~kMoJhH1y;{uf1(Nh3jg4I8w{f
z#%YEu)#*v~J-|)Wtjb=Pb6;uX5X|IPXfTiNh%OjpA`pMCrJAV%CP+XCEo3MF7wB!&
zB#X<?mxFq<(z%d63FmM}KoNJ32gOI*$R!2I7k!;dfCNNmT*+WysguTl@4w1YcI_rk
zm3Q6H&&qJ2l^@QTprDIizL2$e|J?2tG8I&b3P;VFr=+d`OOR*LnCisSK2lc^)hvw5
zO8FZ|Wo(bGf)pB~gOV(d<7?2Mnu^N*WRpK41sljXql+GxlK1>fF)zGhOAotY@#(}$
z0Km4or%)FxSd}ze=5(&oD6}Z+dE2#QZqt2w!&{4`1Y0*BaH0w*+h+}+KTRvv6pq8K
z3HeBJ7f}6!9}9uUcNToRNBQolg`g`w4BIbcdJk*FPiijYmeo@}c-}Nc>uME*GVXxJ
z)yz~iKGu4$0k`XScYP#cc0jxsA&HR$+Q^E345)%7dG+r@9POLY_80f_-fSP{CVq)w
z)0Q$yd-oNbnU0OOgpaFdd5u?-h}^}HRrU4+1<THhK2;B|L%Y<!RCg!BC8yl!nla4p
z3t&#AFcPhqv~g%CScx`JsJ(b<=*Hg7=2;jR+DMS+(oUw@WI^k0@iZUt+U0TEaXMxx
zE)aTn3+CH0m;4PR5fZxuxePs~I>xI8tTjbm-#{Icu=DP?0vS4AJ+8W7Dajc&d!^I7
zj@PGo(xe_RJe{35dKp7L6O+d`6;Y=)^dA>kxcSeA2x>sGBvvh}HC_u!^Ud+tRZZZ4
zHoYTHp;e_98{qU&K>^h00!t#q(4z_iS5xJ+`VvlnUm<bIMGGg`Xp~#>0rzUikTb*U
zCyAUec)fTk_x^0Ky>ME-MSNcjI*qd5eBQJ5BdS|dn{MMtDII-HJ6IW_uX$qMUxD#2
z`J(|F5pS@g)~k9lb=$H?g&dHEC;xIMp4Mqi2X8stKv(DCJ2MjX=ZGkw&D_#bFyS$O
zfd3MoRr7?SA*are)rmAl@8cB>iGoua__j`p@cEW(40@;ZF*Ne6Q<oTc|9XO^o);cI
zm*HrOEXs2KvH3&*HXO9pD6-UYCk=gLQr+uLlj+4nI_J9_XJ%iz_i~(sF^5<8PXZP{
z)H+)9SC-bKKe7{r>ai+BJ{yHPoF*m-n8(wbZi*7GmLC~VoZ3sYxRYIpK6(9aCRK;r
z3|N46C)a{3-;sa!pOGK$2l9XY75S}be<J@UCJ+d+6$_!&msqT&8*XGxcgY;UiEqeg
zk+^2;PxVTNIf9q>Ft&Ixa^agVWp?dJ^TPvVD1l6lk=WW6l;n|5#7C!TKCH^i+>E_4
zNA6jUKi=zfIxttBPA=e{j`v?(6?FAjBUq0w_jpRAL{^k?XL^tF#Z%8|_vN|#uKi?%
z$}(Sghgx%`3(MT*gDk^3tpN0MwJjTDOGP~iPM03dI3+*g*#xYJZf}zP?etJhE$IvM
zae5ZAy;np1ry8s!Tl~=LEaBurXvu(pMs<HHHYr2jS%qG8#lkyo3b85-fQd}D@%7CZ
z_<JJc$xx~r8<TLyBjA^(-|rz-Tl?;ESLz9nZ{^8r)z2~SrYnso*mdWFT9zkm3L)%z
zc<t5aul+fzxo&f=^OZPv8X&fKCq&+5cL#vsb7|>4$58q8>DJf03(@b@>C-w{Z*TJ2
z!ar}_&|2Yps`i+n9?MLwY66;9-sErMt9rXFz}>Ngv&{hW5a7I;*PV-Dx$i72%Qh6B
zwk(Z71msBZ@5?lfy$<9x$T6La8@h~_Bf4%}y;e&W<%D#=>Bqe|6z(Lxl(pGDss=*+
zTqDtF;SFikfLm-pogDWOS%Xz|`{$QFxSS7GQZh?C(=-6@%Xq4jk#wwYpdYm&f2$jM
z#?8#%?*4hD{A;@SPQYVo%t`CyQcKd@L@Nm9oktqCnx0UKo@6dKi@buIZDCRU_yoch
zZ6-w4!fV!~rjHcPmaWc4UJKy-rCT88vSu^wpnLitYv(-g5>b7*UP}=;O?B<oA@$=^
z7xJ^=@s-N8%e0q+E_TNb5QQydnDtvxBJ#84g%@Dj6SQjKXF)SO?g8GTY~;5BM)k9?
zXNxNEJ<og!5pvmu5#S7~Y5rRQj{Kvw@O&X;h|Fd%)Tg0jaP%`xLU@Y{PX8hI&{)#u
zv0?QRpBfr<#u^v=l;!uUB_LRsA1b^NtKjoA8k2G1sOUEl*e;zYg;|9#-o~ldJP2vR
z*X}H%Ygv~jH%4V>h5=LY`8(@r_jlIQip*cfg1mj+a(P(xgZ$NO0&t$q3A{Q4XReTa
z1N}v~FaDgYtUntNAwzx<Pccpf5WH|O+Hrl(^=E_31)HmKpyOgL&mRT1&#|Y$wVNhn
zUNZ8}`ntcafimHtB0yxaI2Y?9e^d|kY57IglW3ohAZHtfz^xnUU+TZ+y`BPwF-a=?
zThV$UTnbF$Bayu<sXrUApne1WW%4zt{&;)yKkG}h&i^JZ3yJBqt5@7ZSAQ(p9K!Qv
zsi7awW<eDRAoHqPCZr?ZlpVW*e{QU(9%rVjYzUIIq3+072P3y-s*MY3-~YV&4P?Qx
zlOnulxt?1aFoVqb=H`M~6DH;s6_z>NEbW--9&RctgGy~o-$s&C?BXn~I0sL%DYb?0
zh4mwaCCj1X@U+Wgs_3i>$)Rg^oZeB89{+$N;rLCA<7&NJ6&Pil&Nc21^&N>Aj|vQ*
zAsIA;TG|eo$l10Ct<>*L)6w*%rVaY7n8(Gnn6nQIjV^Jvw0QMz?|<3NV#u(~Lv4t@
z?1_3zmJGX5B~tkcn76Xaa4I+t<Y3B6(wiBZJ%Wvmv9RU$FCu^MT@=GT4{picL$N}m
z8Y1=(`E$<`)$hpv^`DU+{|E9Tenoye*iYo=!UlmZrNH?H>tErT5*C~TU;8OW?vV%_
z?x_Recz+)opC?s^FynCEfx{KAm`@~1O~oCd3cZ22@TSlq?nYUB*dzK{lWX1{ZH2#y
zBy&MMxdSfI6*v37T6*#%#uauet@*k#Nh;tl94W_&WvrLOn`(_YO1KLAyWB^vvH;I<
zp}-aM8xuxbNu-<nlu!%P0)mN49g-n&chgdc`DbAD8lI8<AwrPSa3gP?xq5jhST$my
zvp~>$%@rAKKijWe8wI+lFP2B6D|J69jQFy26UE?qqym7Bj;}zR^zZ$Ea`Ihto=(`r
zA0Kxa*D0e%v8zNM7ICh_9S1(0;Av+K2!hEY+&)D3X8)VEdHF5|5);bwO&{)}OOD_B
z7$uyUptwI5S)`*gJ+Bp<Rijvr)ky%b82#~De{_QMpxPfQ{Bgt&bs!ms)+WbnqnTvH
z!9BNbY+IS+Gp0$~{Vzg=^M6~G!zhd%teMlBS*ij3ChJ!1682$N{3<PrBqJ?VIw}{p
zLwjy=`9uz+)=@nC*QQK3x7XcFww>eEF$g+!s`*|zt(819Ot%o9V3tU7y(I!y6QUn<
z2B7utOOW9H{$RL$F$An&OxN6N!&bg2u$*HMGK$WSWS)gV*W(a=wXF0F^i!gL&J6!j
z`{eG@<dVyie#>iPOo&gDWyLzbYCMc^&oqE6(Z93*>I@C>@19s?fW1MwC^-(j`N{8g
zTS)Y2NLiA}dwcCqWlOTspA;#2R#e8_NB`Y3#p@}Psz-F7%`^cvLPWMp3fjZ>?=uws
zyQ<om|L5z!|Cs)FWTMtm<*cgZW6Fn&7Ar~^sJ-Gv_3<SlEp)$E#FJ?5T*JV(v@#5L
z9Ju|%Z-kJ#RBQ*#;P42|Ssd>?$5Htm^+{Li<D7lo9t(!F{kbXpZ4-gdK>DSBZteee
zJ2kKUAF!Jq=q3<5*BHXkk_^5h|M5Q~Kfw>=-~Sc)T|$2%KTZqiw-e!iw{yV%fO!rO
zyIG<yy*(SLZhUi+_s;{<Ur$&(xK_)rHwa?N*402XdA}cP|I@Xf&1Sio6BZ9biaj7@
zK@<DsXa^(9uuKXJdPUb*MHqZre&3|;Ead%Np(2I9o<5yq1EOz}7=k9{OOXwv1lgp0
zrpZW}ccq}fo*V}x*iWotsxaN}2rI;^`(W#%qst+=l~NM2EWFHx)H`GG4TPIl>q?|J
za)&bHRx1I~u|{X)`K|Sq#FD`f&<d9Urc0cMiCM`O4DJvN#*Fr_xo>Yxkf`sk?<q<V
z;mw(+2Wg?Y_GJo1oOHhP5OBnf&huf&q6;BUjrN74IHghn#xh6P1>!sNYuz^xsfTbm
zLL=6hSd*JrPs@a=6A7?dYIMCn<y5?1Pz89I&U42u;+)|*M4lgO!w}}QZS^65i}zGy
zADFhC>MO$r)zNmP_vg$%Nk)H?jeakYN=FkFyxx91{Yz3IIx44X*tH<D$P9Oo@Qzjf
zH;`!MH_&Ssd{JcfyE@SGT^%T|R9@bY6ppKV_x8s>-h%$)vgjmmGR*UVsz*njHfYs@
z_OFDS>tW`jQnZYwVPEVxL)L!$p90bEWSsN0wGor3Nh)vjbCYktQs-wvuTSw^cdmL{
z_I$J^>x1f}Rkp{v8s2iSAbUPsTLMD1gj(u|uJ#!ZrZ1u)^EV1~bOldp%65>Lt1o8<
zEqng8M&_l|+H;wgZ)+nYUIv0eZls{{wVD$eK-WQ`bcfinUM#2@1YK^HWH?N|mRv8~
z{#xvEe|#7PINAO3p!A05S4&AUUfZJaU8*0(M~}s*qPbZ5o1SKoC5$VgCj2^dB`?~8
ztcVqyg7jM+$JZ+cC#_jSHoFpl1?P4SK}Ua~f;s-p5ZrsOzS_f!fvW#nt7NqML$Mr9
zFu93psvOViBD0loZ7e;lUJpJJ_-9Xozx7<4&uyF}9lgUseE^xLEb^Ynh_DsCd-j_Q
zrG6V1f&Syn-zD(kkP9GAQ@q*y+siBc6o$lUB(UTY{?>VZ{=beb<bP4^JM!OV|Hu6N
zgg=mf?^opa68VYzPXV6W-^KO6df5NGYK3~6xNzy{GdnpZhY0pqQPSU+@gFm(B3qj@
zYZ`U-aG>%Q-{V8zjso{=_+RE*xw6(hu~aqxmKC+AlzMLwJ`(HiYuGcRtyi<{XzF31
z?xTbu)57kjVzlJ8ellRY1Pj{kV#3Fm#%W5TguH}yohzwwubVLdzR0nz`J+*hFM7RO
zx+1<km+D?DKq`i4fND<E>G1z4ru-MRiz8pYBDFcel8wxf;`;`Y1X6U0lGk*IoZTh6
zZU^F*`RiDN)Q39lHcn`9$zK^xO(+ByT{Ff59uZ;RK!Y{Z!#mhD!cd2srL7^H!&KTY
z?C0@bdtlkQ6N-!MW$3v<da7!!+=1Jn^pKTn#&QUXUU?78dz=%0$6z4M?Bx8>9<YHh
zBAI7~h!U(#taGo81L>ak2X^z!khM<Zm*qmFN9Kr^u;Ss52UGwHI|g88&)7V<zPvr0
z&{fY6ic(db<x(cQlF{J|0NH-I#{<9*S2O=c*gOt5SrDDC4cVNa-2-(M&<g2BWhu^Q
z3vG$q)C9ZU>XD$1xQnSh&2OMT8Ua^(p^FOVx4T3s?jJh>w0AN9V2xa*SbPJC+=a|@
z4*-trUHhe1C@-_F30eIi>r4dH{0iG!0E=7f^;y;hKR|p3Y+}t|;65Jc$pGj{>hh7n
zZQwp${UK;Wqyj3kwxn>e8u_zHiOtV`sDME*{TMlN_VpmJMWqFc>?QrtqORpsvzY*p
zVX-RY_aUTX$Nup^^FNyamn(}ePc^Q6%K<eHgQ&gbkRZhSe}9nh=1O05wamELP@|jf
zq#24&mYRt4?7_Kn*$31IBpM$gIM1S0U~LGTi>*VcI`8XS1vW-jbm)7W0km{Tnn^8h
zj+mbv4ES}OsK;-0D$-HEq0&EuA%+6EPIwZu!)%9e;p^_CHh&1^LihefqY%-G%Mm1)
zRUObS|1!TKi#H}9>ux{-nU)*Sf0eugN!(v+M4pOP8Jts=LiSpVAb$w+k9iO!_^+t^
z9r>~U8TpBRAph>K$nSUX6ZyRW3vbJf|MxFb_$49qP*0k@JY`q>Y8n4ktCx7LN|@Tp
zc0jBfEx>8QtZ^M!G=H(r_>0I}cq1FRZI~p4Gs~s(FeA`uH?gGtSVc(|n{WQ38De_~
zX-5In_TeLUAe$Zva;tW=)TM?-%gKV;pUb%jLDZfccq#XCOO)W6N~<rA3SV2!=_E!f
zKOY=O%=-1H%b`9*{FsBeJw7zdM|aP=6ngZyQO(tiI%ZB!;u+t%Bz)`k3J^`0k>L}Y
zr^mTPcsvQ~-UY4?36`i)OvP(B!I-0Rm@M~OE$FD<4vAJx-ot&MnHeH@#F&ovTs7Rl
z)t3;m$KfkMgv=e<!yEL8grzW9xVF%XBIL>IA-ZAKU0E*hJyX_Q0S&Pj!A~fZhW*hI
z7P!jP9<_$bk{BqUYX@CSA=(S>FIueG&f|%_U;CpY+cQUZ9QtJ&zP2^P8Eo!hq)G}2
zz{EqMn~wtS0*Bm(w=UNuRHJ%nf_fog`S%Yp7wo;LB3vCA^<C4$-<8Kbf79UR(NuWr
z6EmA@Hl+HhPR*#V_4&T7p7uk@u2JGAY0Ge4F9(`To<)3#ij+_3Nh~OykZVD1suL_u
zxiX$2tS=MGGc#l_@^3HDM2|vi4=`+yY8=s;m<a7|^&lftzSYInhOf_T9mixF-h@%=
zq^wk<6&@G8vDhmD+yKEJ7qT0y#%vX(pw``lG$i-lusxowG!xOb?qqFR44$4CCuKpU
zpNWCAOT4B<Vb-1%TxwFY?|xWP-YlomADks?5=5M;bvx|*0wyo7E%`7p$}j?rb~LFs
zLM(>ZfE@G@9bXp{V+%{r^86J%tRV|*wED3`Jbou+WD?U%td6aO_N$lDd&HK;tg<?)
zwBd_Jl!t60w*!tzY-n(M_@`IAH5q9s-(@bmY+bT?B5Sb2S-^|jkKsc^VWF3kv|uj%
ziOwR(Y)F9f{c08M7z=PWtyYw6M*LBSk()U_jpEIRnX0z>hA1nJvThVMc86)Xhuy1}
zEPK`2pQy#x=!{AP#sr1PM=jZ91czzaj2^naX`q~ODhVf`wWsMKO1%1-C6a<$__QnL
z=QNa{qNW-}c4B9T))_MgXoxf%(^Pwnp|)OI?l6~8sUH?(VxW5DXG&TZ<6Db_Q%l?q
zp^dcU`9e(LX^vF%$a*)Vwf=R-Xv#BG-bF<sfp=lXN$iK08$UFVvysTWHPKrVEW&9i
z#OGcP{~f=KOJd0!tLhI8jV(6`R)2saK?}85-Z&e@m+U@Wel5UvQw14AM@R2j_u!J;
zocIh#lN_sQ;Mt?Yty#;_$%*-GCgf_hzIneb9p#s5w}BWehv%4Hs)bHQ#<mRj`SA1?
zz*@5kcD(+4@yJqF-Ul}lEn>CEyr@vd)q_4{Mv{e{=`77*Idk&kWqxmls8M{6y(pOx
zV}^MAjP1<GYYwjgTl*#1oSJ5^Xmx*6oPDin?(o~5?7{GRQP5@I6(i>+^U}V?d_`Tu
zNV^AU{lwwog=<b|P$Cco_~T&<&Kx+E2O*%nHMa5c0WBtt-1O<5eqmAk&KWGxMae^l
zB?AghQjas_hF*O~ewu$qe&Qd<zw;~d2j~4n{wZ$|s7(S-p|UjI7D#Ec?_=3=D5MXd
zg^$!FwRY(h&JW<+t91DWx&}7%Ym|}WNI<<FMgtBht@WTRz*tELSc{%a>|LGW{{p=F
z7gB)zZXFqjM_ACKG6$6LE09ClB}V#fk^e4F85M#>Mw3MNWG_m}v#j4p`16f{Q_P?5
zMSvQN5Rqx9c)O+iByV1V^XWcn?{YI(_U9=I^dId{|EKo9o~r(jO#VNSiR=H}DHdb~
z_uy|SD<@QM=5C0XksjT-gVQ)GC;Q8)|94sf|JGvFm#YRHeV5U%U}su4Vl=+TCF}l*
zL2u%os@^<l?XsKyH>Y3<34;EAeL-sekb}+j!#xsn?WQHT#fk6IVjcSX_iiwOni-WF
za)j+eN~fjd8r5Ypl3b4WOhjABBV0=X*m+~rF%38y8EssYzjwvBCRn>B`38!qPdi36
zSbf+NT;ezl2@&_C6yE~px{hh%b@n$z32i{%IE(Cuno}L30`~S6jBEVJMNcHf=*+3t
zB5S_Dd0nLA{3;>nu(J7sN5PpMj;i5=LX$<`HMIF{>uNw?7G)Ak$~Tbrmh6=u0C~fB
z^4~kr9qQ~8Y{Aq<cBHRVHt39%CEK}oYb|x+orloEoo^u4kX?QN_3-dSDSD0>LV-I#
zJ%Mi^q{+x_z;(mB-uW6CYJWZ-YBu6HAR<0i*#Ti5C{4!L+loL{ID&fOs5Onh+NDw)
z3y+&<AaL=S!68{VNyiYGN@Bf2a@hNh{0#q${3Jh+fBRSDkJR~z{A!qhg%?d*q@2s(
z{Km%oDR$MM%rchxpyn<&GsZUjX$<=0)~Eg(@~9eBy!wc$<G7MJi%D(1Mp*&1`Xm(w
zwm={oJ78aXY2I>(GS;$BVSe2?0$In%gDmjFII~^8%1+l3DUC_QK_?n?b>vzEM%-cq
zl&Q!z!NlV_V$&H3J@8LyYzBK)hw0d97kI!WUHWe#minu#pj|X_nD&x(F^nd{>0>@^
z10a>__L1_mZ8-s|qc)4b489lars`%8c?sl^b9SM;-swbeb#_b6`M7Jixg~*mTE;3b
zqzPr^geT$R)3P0RlqGRUDC*T6Uv17KHq-VZSHPsrXhD#9gG`|rw0$|SC+)MOxyKBn
zuS}w0kM__X^~{XVPigaTUIpht=KYIt2*4lAg$b);NN%d=_EO8}M7=pFk?**;?S3kC
zTvCOatNC(i*{*e99)t+Fcy<4xNd(9!&;324d}=%wGx6aF*WSf`W#E&MKs_R0Ew%n%
z?7ekV)ZO<lK8T7EA_^ioDBU6{H5jxogmjBiLr6D+AfTkQfP^#xg9t;HbV&D5(%mq`
zz<A%_$LI0+-ur#lUF)~jZ>@XR{f8y^KDEz2ue0|)I~?;wHZKtwD@DvI4;E0;hjEFx
z5*kT~RSd$f%JbL0bricx)l${B{{HrYeOX@OK+++?mpA=yf)7%eo$x#7PMO=94S_Ab
zs+qqo(FINL=r}Gis}BHb{W~m!uUuc#>Gz)cF|Cr%-Xig!4ftOhUkv|i6JhKM+oJI?
zL7sLojE+=vPljIX**xtx*>+%^X4!8w+@)3hD#Uw`EW|EBIs2sdT?_huv1et#c*2>r
zuxV2(2-Kjc;>nKQ)sm{GGDi}d%R0xj8HjFzn#y#^tg$ALV>HvG0q)0RTM5eFjQvlR
z{0<303WV$vc;a>Tl6)C9c`7iuM&4Jj>ct(VsKC!*s8g9JD>z0kFle-4hHLyM8)+sz
zQz}Zo*Me`&z+gcp{e!J5Bp*iZ4B*D#p7Qf~g0yB#PguU$gn2G61-%u*Ews5x^Z?g@
zOisK7D2xEOG18Q=^<)Tk57fEqXuZ^8DlUx+IN5&-0f(6Bd`qdhWpz_gY9Av!lah3m
zbA%(eR7?yTP2-V7b+6fwu{A**!+qR8=N8SPf+#plGk35e@n%mmPp6%^l=1hj4Lv2l
zKUQLF=?0X8OQ+1Uv%NPmnU>+HPXKAqD7J8q*d5#a3F7^p|2l`r_%qGvyHo&qesN2R
zSv)Hp{Q3E*wUv1}o=y_%BQhi&G9%<jU~W=HGAhb@JC5eC%jINsLh(55&F+N6sSoi@
z>6h5RpgcMP;&#yJy5?Q%$@@$5-<Z8|<0ppR^0<8TeeW0rB>AXgi}kx33gl8^NFi&u
zPMl4xp~h~fyO6Uzl52O|8Ih|e>xy5>ruVi}94Nx3qY%Ne!OcX(@kp)l%}G`Utj*Cm
z`w*sM^`waJnrH-o`u444`8nptUKwZ?2LFdH70=s?Oy_Z=<#NXyBrAD?VfhMoWwjUP
zjUz><%NvXlY>;)T&7;#~EQbGU{0nC{gMgdgUkyhJ3n;3&u8F8kk-ESY`#IFsgO$e_
zQt2r>s>&cup#vKQMp~#v-qSQsz-R_Ia7+Oywa>Z%c(JC_YE}JMJTL$XqhPAqY4A+*
zx(pS?FQ1`sknDGOqrlR{fo@kf1fFM1KZY&@A-<W8FF=ZIY8TOP%vs5RvmQ&q2c!Aj
zB+E{>N^T8PzMyy=N;xN6>Duy0L_<(P>yt=o3)=7C1Phc50LCTwJ+4M-;(J6_L&K1?
zN`Jh2P)GI5qgsweLPK~63~uxo=r(rh;A9YdrGwIJjaE{1QSjpIm;B9Q;D5w`OQy!p
z%QoJ4dtf{Ij-s8c7;#p;(URO7-PAMWXZv^Lr#wgg)qf&?H1Tib-&zKN3XCBbeDKjp
z4RDbGmO&Qy;tmG;6BOTrc>>u*K`=|o=(q62V)#K1f_PoD1?wfVbc~=nQcgbgBR;_z
zz^8U)|N56U#4G^o4w!5_@x^<IPtal5V^X;J0%UjR;l8fmPMXO1NN2Lhe?~eu8>#ny
z8Yv9}<pE5P5yYRTYomcXeMAZHJ(xc@{R!gxn_fc!D8L^tsTbJeM`3@{3XF0MJ2`pp
zsX=s--Hojez{0s}Hv!}5Uu!J>YigdU;G=c$=^hKV|2uqf&UdBEW?l-8CWY)C0ecPa
z1phrQ|EJ$nNLvSP^lr1Cpv_Ox=p<uc^BBNt4RAKVQvKx<FzJp>4A$(gar24)nAu;%
zffVn8kB;d63mv8Z9@*@#sr^Np)2t7`xNUfYucq1o!}s4C1^H`O*yBIu_6Ko(ZJT(m
zKlT~mG4&V2_5QtY;J>E!7jgdFxBp!Z`TuF(_8o1b4I2ii`&=^(OLMrZZjoQZwm%3l
zl`2OTxhIG{T01hfPispOdx+4$Ji=h%Kv|6<{Yc>LwUuiVTULwpfpz4r9m1$|$R1e~
zRR)c3^U7V%P_{F-`)>|!O+@R?Mh6&0KDCRn1(+MCB*G1#!YqJH`hgriYlVMf15mx=
zKLe^QrM7bY-{0sA9?uC;QE<ilSnt%o@HBgsQkpXAebO_Gij&+td#P~}We6HRd;ZxH
zgrLnPKmaImJ^o!*3~R9)aHUANx#|54vM^iykgZazY*Xy12k_AGNnI!;JfCQEpwsqJ
zc`%es>V?(2vRQjKVz<ymrNSapo!qidFQ7cWCHMt7XoSWL`?w@|Kzi|OYc37d$J9?p
zuG#kUt17}yb!H;7-a5E&Y8BVlnocdSBQ`S26(fOK8*d64jIqWgkOOpvZ=*KNc#T>~
zzB$JSP9#HH-3lyr%OGG+YadLKhf?_HBlh(3<+n6xG<ZnWt&Ql+hUux>-83Op_LBB?
z;jKBlch{GQGeFMj+Rd>!B8;J*Z0uGKVwl^=oXHlFF7)i<B|I5Sep=d}PgguvajUJO
zTgqrvKUU&0OB1OIs7c@<CJr*ew_=&R@&d@M-h)TB)$+98`UH}#;FzVYD}S1HZ;In#
zDDMgk`Io?OhWroz9r>xwk$>f%$RFSE8~MANKp^2^)~#HuWd37py((OIgRN2JuK|R6
z{}eKEi<K^M|E;Tl|D$;T0$Qac=>Ij^{6B&a8pZv5V>$)G!wSWvQS_kgC!|=%MYZK^
zcs^u<au@&U%by^^pP)89C<d2%m&~|v=y(pO5&eczRPxeL++2r~^mW9B%)#eBRBZM^
zG-7>BYRy<^!S73OEwR}xeX72`=C*q&8_r^SVe0%@%*Q3isyScbxi%U1L>Ffm(+teC
zJqWCa@f}&7hWmAQB-yX)5KnUx;R*HR32$RQ>EKYqalM{d!Z!rxC8$4^bk&ksGRoZ6
zVTxL!=5EgtB^=5MG*E^TPL@RRdfYsK5AWrNgaupLw1<S9HUs(D>K)x-?x##l{j<Xx
zHbX8Ub!8m%1|LibCMy#kp{A=;XNENySeg9a29x_+I?(P<J%?_9F$<9}K;*+d!<p|h
zCy(7al<G7LCotQ6w5IWPqyTiR&Y>+8LKL_x*yG|azkflXR7<DL!+q~UbpdR5M^JpA
zEb{gUoDGz3dfUGq#i$S%&h~~`M1qFRsI5r^kPd8X*#sa5R6sH@{%v?5M}HIQ`YpFN
zzVa1L<!0+`O8B$BlhycL8)A>zsan;BSYzGZk;8B{MAY6h;GWOTIQfT7J5Yep=5QZ+
z(6YlHqDQo!9(${a?Ai}Ip}fcDc3GFN+GD2+0%oYi4DxrgOX8)G-Z|ix9iDP-(dm@c
z)yV3-=bHH$H>I+?Z##77%YK%oEi^*2j|@(?(y^d4Xzob^zGIv%CtI=DLq5-#S*#0S
z{PCdNr4MXr(o$64H+`J(u(G%ohs!j6r4=QLC?vb$M3Y4$9BM(sCbXvm`8sm9>6SC?
zea+(tSANK-HDvKk?ZLOSwNmhIy#eM&|M7y+$u4HZosA~;hr(%w<0)VX@d(VaP90XS
z8ko6VS%qKpVDXNdEh_VWF$?kX4{%W|nzlXQ<>7VI=h3Mt{d$3JkB1+V9vd3kj%|Hr
zO&gUay`E=z*9TrKO}mRU7zXzt#XEpoT9grxoQc3M0l`1%?9uCT7{UbH4XF<J`f1eb
zqITAaqQf!=x0k!?6^^v|CA$Y?qNR}v7U-_J#_gl0JSRd;g1?v0i`EG{n&v*;GW&Ba
z_Uu2ZX{@~3FD-_b+Qg#U1ZMlGa@AMmzgG3<TbjPsrh0Pq@>N3L(E$FmzuN!3Li>AI
z*V8qz=xZHYEXxAQOMciEjzh0pj!r=BYI)aW0XNr!d%&mee)_w~`PQ5vzvRCoKlM5C
zFaHzyQ=ESzKaCIwbhg3&Ang>(Kvq%w>Z1Dt!uPY@w}b8Q3_fMuEPq!=v6u6|re<Nj
zsG7~puKdti8QZHv%eUDXbUAcBS5}A^?cyUE>^Un<1nI{L5sw=uDXWGu$~Bo~Qp)43
zsV_X#P_CnGu0X1MCws`ScLABV7eiR^>dkJw@zHR3q<Txm#}B41`!yXWHPW}ZNFUg!
z!W(x8<ST=K*fI_BS9~`UwaC(peC~Zn?~Uo1h~wJ7Rk*X&TamezEH^md$j(mV+!$|N
zkiK$XlK;4yV60y5Jvoh}3bqIEn!s_a#q10oGYWscS6nJ?=P;h(U}<qsp`T;&Jhl-R
z|LRqml8MF1uZ-LJIs9RxnvK_`?h@WyK#7<{Vjcr-43~xgk-tIt^b_D$abXpHF#kDP
z^Tu*#=)gXeT0dWqg1CuO(fB$OkH1(gzOT|S0x6>AGsAA{L;N9px{Wq7<L@~Pz|CAV
z0K4DR>5+vO3TG`-z~F`fG&6xBV)6-l>36f8AD-sEjpVhX=2;aF8CXD44jn9bLYM!W
z9>j`82u7a<DGzV*i@Yd}rVAu}a24O`B4$X>5^!YyYamFmDEpb=(FS{h#4o-s%xl6=
zR`mB`vj3RgX_e&K3u9%VZW-;F%Li8}@OrKtwoZKJM?$UxC~ut7rElFSZV#w;qXPgh
z6av6IVk#!>Zz^>tug}mnOZ~S4xVr=thKET0xAUW&yz~Di@V`ZY!HL7iScxobMd=P%
z*Pq+Haw5VXj56{RM=eYe-wTOlQ!8p#B(^x(V9KR1w5%)`*t4s!3vsV$nvljmbcXLY
z{RHjZ)YsF`a_P+vX?PmCedR+%N(WgBo%=As-&~R#_GX1eCC6)NN+5GyXrwu{1pWtG
zf&b)}n$oex?bG033wF~#8RPH1veDbb#`KhdqknMT9|uFM>hVbHzYP#(a~*x3Cp$m+
zAB_1YLyk3y{hvO5#<g!0xYzT6T#e^7xn%zx`DxCPf9apdpUM6k`2igTH1gk3TN>au
z{Jmtq+8srX+SLV{Q~YwA?89fY4(EvBWI$K~4k*dwe;Kx}x~{%*d1F6XI}r9*PRZ6S
z;t)Y2H!};x-16sVL`LbdyJGd*@PM>dUm^|4w_gb7ANUOoJtiNW{Gq#XC9Zqoc-Rn!
z8D!#fMTjo2ZX_+sT)pDya0KcykuxNjYxZL;^08IQh_;r+t#J0Yj(DzIIHC~^cw{-g
zAC2SjqgQxj@P}?GEmwF}hkUt9;6T!RwXH6fG((f{$4oG_DYeoCWx0p9TUTWzE(t*Q
z@53w12Sy<SZP?|MYpT;4Cqdc)r*AT`j^i36TN#>%rb_jZz`G1<g(s|h<R@s{rakYm
zS=PDuDb<3V^?C+Ev5tW;AxFxEKS5<v(IA09r}Mx6l2D0K6My}k>g*dO-2c0plKe+A
z*uOIHPVpi5&Z@qFY;f&#@)3K^PmtkD?DJ}4dZBLqxj!@lw&8b31-FJ7yS9v*V#tz&
zMO|&v)8`v=VQ#nT#f0M*EqG`oK2tIwUluHfPieN(3a*IcY!H9S-8t6~SP0ra{J6xt
ztcX$QKERvT<!*Fc@NIDNp=#r39Nv~>=q>5XhKdf-Pb&~YXoYKk0Oqjc9=z1kuf|E_
zVHP<#tJ`MB9<c{q^d&(!BZRZe7piufljw$vC#0Vszw}u%l*l(eE7J-%HXJ*EQx?r~
z$^pj5>5@Y6jCAo2+f^>_#vd4!**AgQ?oPG0<_S!D8?_iqj{$0t=?;QO)S3V5X!U}h
ztxcv}_B*%E=2xKBb#2ttJF2Huf%PrWNR<HwJ)me@Fn5kvHf|=yvUUyo%(KJ*4QH#{
z!q!x*bW+C@n7Uir@)rj%vVTM#hVUPc%f6f*i~E6$OD%gZIF7OnUzMQsLyy8oPqNS3
ztF^*tdG)w83j6Q&n^crlmk3_>69V2IljUL`ZL3<89#DE>6POY_FSv#fhE%eiuJz!l
zoj1?%8WT*#sx?4o<9s{#WBhELGaq4IRIAsAso>eFS3wbz4bvJmy$(m*eeR|<!h!^I
z!JeCLpw-T`x*vWgIpSm77)bQ1q|3v|33<7`ncAML(95M4SBP1x7Kdr~M|&=XyNXbQ
zh^OVO7nLJYyvPC&%k*0P+T)WG+Lqsa<V{hHulvQLzkBfZX9`mb4-Vyey4vzY2!y%{
z(&4<lNUYC-+tW1ojRK!%FI}(**N1$kfM?sw@7}gz(A;W8I>}0@6?Jcm0GWjDNlo;W
zmNo$ai`B)xr+4&HWfk?R+xAlkeuAuGPm|ljN;<IJ^J+^e1mN@E6VbWBre-aDh5VSY
z5Rrz1gOc#0*z1kje9d;ScYS*uo_2lg3)_Bu7B`5RNyMAf_r@e>KcPpf$#>F!5xfN^
z&Jg(xWgSWT>E;T#pxqJG%q(+ZZanu}Ykt-Zx&gj8hfzAH;6X^)eYXW~VT1GWfAa`U
zm5rllglwjZ*UWJ}6Wf6tMw&*3W;L~9psD7yz~?WbK0<``*Tqd{vxdC+YtCu>YuZ3y
z3c>2sR>acvmD=Yq-QP_Nm<+1!xeX;Y)$2%CW4+I0e!YK3e%f>7U;HQX=T7}b{-Y}(
z(6xOswnrbS7uMd-k~6<7w=I~H<Y)rX$mRu2xVc6(;f!SY)EOpk<*g=^bLlJy>9-5x
z`_yprc4uktZ5>P3YGCEJ#exMcJ)X?T#g8Fy<pNv6_Qm`deI9z5jyb%2UmCMH44d6J
zwSZim)JNoeHq(BS%Yl9(^VJX6PVnhWQOA9@4++omHyXC#!*+#2BmD<Pxxym1Z?!C_
zslVU1gT!X&liQa{5Krr7`JDhc39j-FW#OSM(FR7b9TO}w`ZBF2xooG_C(1KHr+gNw
z=EqL)7rt+a51G=_C(B_h_*i><vShXBn?KGAb}~CTFRUnez0}17LXmB!11Gt@z55g=
z5Ar6LP#L?r+LAWtY-`2`R!MITa#FVQ*BjDTr#q6@hOKg)D@$w>t6?gNW9xQsM+lqv
zF!O=xP9FFstadA82`HS{rPIxkz4IK?!vDN$Lr<q+Yf{1=1<MvpZG8|NKD7)uPMIZ8
z><nX%(#cgKy#t|rWfWCZ_LuTX50Y4F<=?2xzbShI&dPZCI1fh4fNknysuZ}q@_->`
zh8OwqP94f~33s6Ld+s2q7ilsq5|eYJap6w#w+d{6`DwnbyG?e-+>r*fe6U&?39}Gq
z!**{ch6TWjOk>w!mFpJbGROOX5hREFe(4j{LzRSgQ7@WP;FbE$+jpl^s(a{T(Aa)x
zgw~~j5{ZpEYE#<1?kgcU`)^`e8sn?Kf4*|vfCqo-HITkJ207CKCYFd;;VzbW6-4bG
zSL3bzM)-Bol?6#X;Q77%$B*Hd)ry5PwxyQ>GIeQd5%N5}^R^x01*s9^(T}}Z6|>9`
zeq^m`FMZk{JmbyjiGXfo%`1}MBnhVs$FAGe+}zeUVdR;TJxve`8)e!ly!R8NwZT@C
z|6|p?GB;7m3a(!AIF3@t6b0n(Wx@T5c~UpqVF388ivxN+2SD5c(j7;b!9|#Mbxr<f
zc^i&pnj8~Ox*%r`c4;}lvTNe`2!}lI<lzE4E5WPp*)2Vh610Wra!5sTH24=)MP_PA
zfEP)gPc%xJ9Ud10eQvvbJjj=4PcAV>AL#2yFE%oaOlZ)5I!GbHwZBKflH$oi&MWu?
z2mrt-5bs|z?e$`AdLEy#KA7M6CbC%LhBf|JrMh#-MjDj*+vSX$l@eit5$Bvjyvt7y
zT96>O@bWmf)Uf)5UvsdfC7^^PidHyPW=~Zz5o&bVr48Wf`GGXa?ZDH}_UvWsUF0A`
znY^GDQKjYk^&emfi;{AOAzJW&&GqR|uRnrcu|vM8%bHHhODpf{vX<Mg=){9oE`9$l
zBnjD~gd$}>T0K2w@659-@GwV*sLyIwd@0?HXP3#J8@Z|)>gk#dnPwR5m$f4No~2Hn
zTBmC~U<%Py!plyG^KO#_Z&BKy=CCVXY6~bozXM<T0FBb2je=BJHSRlQk*}yih4vOI
zh)E9%up}}4pnlV8jK^zU;6+U1qa9orwBmJsV6v#*dAEhwV%P2Uxd$_QJ;V=g9q!JD
z(*-BJPVk0(sO{y4UNg_q3DU19uPV8qQ|bERySux$h!S4LFIJKMHG@`tmyQmBl4I)x
zrVLL}cHW0nRwGxsnUD^g>Q?$!i8|lJ@HUPy_&@##E^q^(FuKVT(Do?Z_6ZW`v@Rlg
zrgj~A%R-wNZMo(7#&n%aT-GaU-M-=Acw%Q(BdM#Ag^IIlm~#~%9nr57S8Mhm_y`tu
z0PB2FUcKdCJS0%@1{Gb7j4;3DG`USiK_R|ZVGv-0%)cS#Wk511?Rej{J-p+s@um+8
zZZGzH;c35MW6q(Ll&|Jug1(DF2P!~arlMVG7H}~z6Ykw6_9s`@k>#W`n`^x9IZsCo
z<dj+L2CP*8S0miDoZQ#GfYxwvw+lFWxf~MCkl*Ovkso}H{0sj?{=&%L$j=uA0_BS{
z4OPj{h<M75Rt+e9BVQ0&?<ZT5D_J(Th$*#k#&5jPNpEek+9r<tu?@z=cG8T(w`-o1
zv{(%=I5|S{9Swe+8CIL0ATSTS29hY!m;~4o-Z-oF<<%B3S7LiSlU_W2TaL@Ti%=xT
zl0l!r;yjdvKRL2fUsUmm+7yQ$Ez}-#8pGTkt==*)hK(giPzxqlVsw_1<#yL$4fj#7
zc$3JC!!WIg9cN;$qn#Uf2I7w+zl*)leJb??1{kaQsB)hD01i-<$<9JI_C}&Lk+a^g
zm1u&W{7WR!m(1R7+WjTk>tRqmo>=Ihwd0kE9sT8<6;D7C%lI!`;R|p@CtR%$n0E=b
zTWEI<%uzKP7}TO|Jn7=Jam*>T(*>h)j(`-2_q3cAXoFU<gG{za-n}f>T|nIAKMSr2
zuB@oC@gs63jG&s$WPf)vmNPVMvMiDHM8uIOb=;+((N>So;^j51XW|b4j=@<KPJU}u
z>|z{$6eBcIe|hXZaczbkdFZq2IX?G=@;IHL0cu;w&QC@hCWN_*4^a27!STcD$-8r0
zq!laQ&nJoA+!Mk^;q;uIW9WYl#wAi5$oUa@wppwI@GL;0LEEV%c(iM>pNE)h!O~ZY
z?im^dZpxLH&vxNX0)=&eSR4DR#jg{lOOzGzqMxthE&q#~7V4#Ud)Qtv+T9obsGbxz
zWA$iJ$$wa7>*Uz3%a%IhAm^k)2~P{1bA{Q$c3t)thPfsOiUKSJr7$ZQLXmy*hTi?0
zS4Z$Ite*x}+FQWwNCgp5>NikGb~U&&W!r)PqHKSi41Wc!yPl!j{(DXK`n21|E`hu1
zNWJ^+kFyFTc0w8Fg2UQB$TCFODY(Qn!$gVM-dIn;>5H!Vt0Csl!h_W&O6~M?dvvPU
zUIE^D1Y`oCLY0%hJ72>)vcsN~@Mu7#&r^|`WKtlD<o=b!LIRdWDzB)WlMR2ip4dvR
z?t(P@!v}qX7Gd&dck^2~{;zXSw$P$cy&c_^n5Cmv9n5XUg~)h2U9w0`J3iRSyPib3
zt(N)zIJorKD>c|K!eo4<V>nq39m-p+lf`^VbqB#*$L#F8<CcH{G|8~R`E7MkSHO9)
z1r1oYR)Ui)TQ-hO$sX5%cbMU0r!Ck3+1DB^lMY|ZoWk|GEn~F<o7n5dG;?Tpm6q!_
zA8p^tm_}E}uS~5GI}%0;=-s>0Y@SSF{Ue0042!bjw%WKf@YK-!*=#Vi8ZnW@vExR8
zJ>x<e|6~#TrcPRriA=AIsD0o2`l)9F2oLgU_bVF{)<|>O2VAm8-WLxLG5vB0^(gB!
zy9&RiIpw-OwsC<4!pm;QY7c+37~q?ul&T2eSvPugvw!eB$S2~KAFRsF7%rHp<ZYR^
z@^i{I$jS%VZq;ODETc366I7B+2ACydM#p&k?3?kB5T$LJN#AW=t@4T_>E4u3q3>F)
z8b-~REVNzNmE?n9unD;b#V}b>pd^~XN0NSKRLR|~an2dQ(XE<9cWi}LOOwKD`r$y&
zW%7o~YQ;sBZORpAVpgr*RCUq2_gXJhes1Y=5a{Qxe*P2GsUCXT8^I4=sSkc$!UD={
z!)8Jc6oeC)kI&vwy%%b3bl!C_Rl0)HoFQoAw$VAa;tKL2o7Tq(-E9;+F7e@K&9maP
zo_ua-^;Jf54-Zw@$(XhE6BJ~$wHF^1+pG7aui3<^Pr4MLpcy*5{uM~-eWZM@R^>*Q
zY-^xIZSAL%*GBtW!@gsT!1S-K;Vo(lcV#g}n?-zk$vD?1&^jHK3oft#js8*s+x7)Y
zN@8YIa!F<Mx`c7s5cW^DSqBi-9GiPbd}B*DJ6#woPm(7)4PoLBVm!fWFsmD`#f4|c
z@9^))Pj`;|^Z!KtQt98wKl~5`A`GYcF>ZR%A?4a}3lIZQPp~RQY$LoGQWzYV{A*<z
zjMF;Fg@C4JeNqzH`ej!XxiSJ6RJ=&HiBA}XZ>*R!>(KPwcfEf)9lD3(uD$IU8!#KP
zPeI|)@J6Pm2wbNg<rW;#7?Dk-_n0u4nsO&!LwA_Cv6Cmv?`8N5GWz+Oc8FU!X11?#
zLPtA5sxJn;d|Sl()}^_k<Y`hI<Uf?%<s^=>@`0HzgAV4!<;)bN_XVc8ONS~fK!xX@
zeU3e00D?Zpz@v91Y@9Y($WspZ?-Q1hwH&f~O~CVE_wD&gIjtf`?#y_Lyml3F0AWd~
z+FpOdhv5HkgqFBOHaWXJvbaBDer(5D7I6#6&KKUDp-Nf3>1*vsBfPM_nWFR95yp|l
z`MQO<mJeqcZc*0k1Vq%=o@<s>11`>*R`eKC><xl~bz?9}vNjHrUu|2utP?WRkLOLl
z%~KSyw07|u`K0kj;7-^3rH9wA*xe^JUe*+d@2S}Oyqa&lb-6_FGC8K>^+(D%4n76d
zMq$ID`C&x<ruD;^zDZUd+Q~YA&dYGCgum2VUB-ZrAqe4^?!*&o{#()cLsyPlS6(St
zEY;A}4A^M*EB7+>zZ|O;Ecwv@$nJu_3>F#WkvF}`cMz)T+XiTZz`afajDRb4oEIGh
zW-!pMELbi@B^EmkX)JU)V~>V6$<V-6=`qn&{fxN&wX=wW5*&Y50jf~BWv`{DxvCLc
z)G6F-Wt~2?aN(6)n1!QX$YKcc%;u+A`8BX_Iwh1q8s&nem!N%b!-RK{dtUa}ae2R$
zcmjljs`hMfHH|Hg$s|8u5R~v-F(7a$z}|3mWWaVNb*!lzX+^>F=5`=#pp}|4v&FN_
z9oqq%Lk-TEL_3B1C@OZcU4HqYo%J60HTYYM27UTUMQOkZ_e^tHbp(2)dHZ?D{DZMF
z`$NJWygbj(vlJ+vz0A{d!^>`*2fu6PQi~ofW2O6t+1(LYE<@}45@dy*Gn;EaK^Mjj
zW7qCa9AyWz25eGq$Aeb?RLYBr$7<JU?)M$En|bwKkL<9{Nop?dD4>|o>e^{b(GB4e
z964zELjKW|HVOyz%g_Uu#jX-U#vr4#h8Ua3#UppPZ>GIw{M5VIzKC8<PJQgo`s0T-
z6yIKo?dmT0<#yzGXhd&tFcg*r$c-{^**%<Co%9xC{&g-@#6K~Zb<ID@?zlOk!RbCz
zP<S}h(U3e^)P_zcMkB#@9e-e-B?%7j6G0kceH!H5r#Y*F*wg%Wq{I)ZK^A6Mw*C`Y
zM|+x})`d|SC$sjPW7_??VaYAj@$qVdy0V@*kuj;0Z~KQY;&2)lgi|C1yaBSKp^B~R
zIB8OtaT<b8TLf8Aj>p;X)iNS(dwdBwiBvi?#mcR~M=0PQ3e<P{J9h=RPK=!%G!Yn4
z&{Ay8XZiC*e??x5aPGLXN}rTIRF%9kwyX%C^O@)TE_WdNO&9H+@h5#_T%QP@e$J?Q
zx?7j$3*Sm<+gbK4055&j$h2zxrqIwE%a^1A@2-L$tik<2wv!KR*r8kKPlSqSCygAD
zH!5;1p+eandI-(Kgz3p#@hFo-b(ulmCu&7yv;q0fRCf1N>3a%DFXFzw@p|bxjs$gB
z<CRe?_{wZZobQ;CvYj+N(&(`EsgBKUqUXmL<*$YDLqczcn4=9v0{5!Z_n(G6;+0XQ
zC%SF4)DaJw!GclCZJs$mj^gZztAlEY0=KrXhpHz+A*owc(=#m1Si8quSE+LIufFz^
zNbA)gt&~~%a7?I#$LvTY*px2-<@hix|K4V-?!kVhZUaLt8Q4N#xR(ZZc77cCbl9MH
zf3zF%Ak7@RC|<VUEvho6_@&R1;SBj*{vG-6oFo6-Kasx*^Beh#V?dxjM^97zl1h~h
zwAp>*Smsisn_jhd(DbZ1I$X|ojhI@w)$YXC+jG?eu%Ew^-DkO)fr3{6ZVa=cL^D?6
zR?G@pN4%L?Hh3}HqEA2?1!C-9(>g$NPg0KG00F0!I+(1T6v7D`?LwfaSH%E>!@F-G
za(9f&d`C1`w@P&jE4L<U!YMu&JbDp68*#Txr7={&*-!9QuRm>Yc?umK`;DCaXBWIh
zXPdp)`<`#x1f-dkab`~P>XE&E`>+(@KKw~*;#)RK($#YA+r9DN20YqXr2Kr&>V+F_
zk+=EUQg-v_0tf?_RM~h+flA<Ahp=WPmjv~}Jj0?0k}UD&xKQ=SA8qwGP0aMcMO*8y
zi@!>tzU$2y?TXOO4P_2tmrt@URIjbWjK%8fOnGu_SRCONyH?UFTVi|nqx!OfG!32d
zUVSk<Engn0mNo}I&k;p-c|>&=#PCYcI&;=!%(+~3<a6bU*bZ(C{$U)9y^T0fevR0}
zbiAMw?WwZxym~vAN_HjgI5f(r_Kc{zr+7^zUX;Ctz5F7uw*~9cQQ3vJZn{y2X|Gu$
zxxX&)TI5@<&r6ux!`Y=KuH4UUzNh$94w@sOz}0`+ANEuU$ZW_zzb)W<>vN2X);o&W
zw)aN<#M-eMA#wDt?&rSu%!QiM+{Eo6R3T$9%%NY_EgNTRQi{H{4nMTl=J$*mz)%<6
zdt&;a-UmuCQ@)Ih+Q$8sX=e3mw}WnXp5*J5_q49!)$DyYE(S-0U+UK76rwYzJl~<J
zkF|6e0kOq-N6CsECtaTpm!Ii=>7{kG$<{i2tTM27>NKhP(%u%G{ZgjG-*_x=Xv<C4
zLU^cPhSkW7zJ`FBZT8}42S|ux2CnB)1H7s{1Le+zmqNCO2ke<a)4Lg1zT(AxlOoK;
z8ZC433+E=j8#^1s!2O_}tX>+vSFHn!Qzp3d^7gk2m7QhFx51LlW~^mKX@n4zE|Bt9
zZ)C!yPeDhe&_^b}=>rnUB@hP^sqi8zHJY6e)zQ)9&!}HvyTydu3B{o{6=N^Lm#BM6
zEWsl?AH3M6d%Q-GLKt=vmOGt)K~HUMu8Jg@_K7ivy((&@cihE^^X0Tlsyke?QTlrt
zMY9-8+FT3(mf+svz0sCTp%h}8*k%+wh<gMkNbcqoPT*0JYdr=y6}p5D_O7DB{JHn4
z#ZBeQI39&xTCaK`%3xbc1FPP7{}a^l3)r}0c)}QMm%kVTenA|)4rY$Yq~^mhycXn6
zF~o~hV|{ilm=wx2B={C%Sn!&MsKaOmtZAHU&`aic3p%ZLMVFB65^Z2vnhl)e=88r<
zsC^jOT72bG{LJ9O>yZElg-L@N_Rt}IdE(o8%Ug$DLsAui(=Xi9NWwZKT)`o3Ji1%J
zVi0Cm$Tu2uu`2*dmV7}>k%|i5O^ecz{bncxR@IYTf~EkqE6%Vf4F-1r+@rb<Rh!Ib
zvI`RVM)SPd1f!nhhVhQ88Qku)_d+Mp6kVg-f1RX8Eq(jo08wBqEJeOlmVvTQ{CGSY
z59+Ll;U->^7(-E{mMEo?(n#CudR5MJ5;tl;K{<v*l?uP<C=ojGNzy?-XtCJi%mUyg
zoh19g^%U_>AU>Rq72$yz{4M^F!S#=&yLI6W49dZU#*-CP?BT9iV-s(`KR0_*N%eWo
z^m3jR^Ji;XKYJ<Q+#D(4#Z9>MKLOudw+SwVnD{rXCqau!E+$ksAWF5i)qrOaP)*5u
zROfBmSA{mXVud<2z`b(?aPk<*U=8;VzPI<X6ZGo3p3Y%xbA?ITCsZ2^@)M_{ol;7;
z%(SiE(W-<(8o_O4Z2L^?FZ#%96bbvk^L$b3=0eGH7}&NYcC3H+{5CIU?CF^B0hJ3P
zjA#kYmT#4%Ju1r=Gt_bOyR*zQ&siY7{k6zEEtf|WXUOmV@5q1m9QkMeiTw2izmZ>d
z1*pTT=Y%q}+Msop*6g@SK)oFrt+ecxFj5*Q-ioyykUT8Ka;6v`X=Fzc9i*y@=Xv+7
zLndbXNpTjAYf4|vV4n3lh-d|u+B3w4_C}LLKWOXLUiMI)Dc;KIoAnfcO_d0}xg9I6
zfA2ml^^AQ!d#ZubtlgT42kj-O4?_0Z_953uOB8k=-q-z1JcF_iT-Y}t(>nB(OOWrk
z%o46iNu`S73IF2EkR((f)o{jFKKHIYkt5EQAOgAW=grntoDNicRH0%od#+X%LSV^K
z){K|$c+6CKxt1{YR-w#$b}Q*{r=z69{JRPMl=m7=Gdgi>>lD&@xL9x#`>HhKvjX=y
zFPaxg4AC>q#}aV&3_(MyoF=KugXEDu2FR|Igx4ev@1XX98v+L;-ky(kA4+)b$+Zl=
zrv&Xz;ahl7hOLw6jE}EqBfnerSM_|^z4t%~`cTte+-K6#&1$Ha>tpg^bPD^e*^y+q
z{b@?yXg|{9Hy6S<AGZ48>|f!Ppw4_}IeGQaZJo1HZs_wck@d&O$i!4+l}LWUTMx+P
zycj#}cfKSSeF=H6{Q1R6xyjF2P|{E8_HapYnmcDt2`o!cAyK`$!8xS@^QB&N&Y#7p
zk@3Td?>lgH(t-KZPkp1Jz2v;W&&)*1Jdo1)e5FeN8qW^?mP^=a$3o~@?cvnj{Mr+b
zChQ^BVe^Jdp(v15-AN&{)5#HUgdxQ4?i^uqSKQ5u(bRkDmyvK}ir91GeI;9c4dU5X
zhi>+28L(o9*`<LTh93ys%0v#U%(7U<J1Q+^Z3yFUL#h+<&NJ+L?2aCDQo#=bd3wC~
zOHcE0R;iM+N#U?>fDv=t6IAdCJ5mRj${JsJs+8`;35SI^R5L5bcc_)bTo1U);_LF>
zZHq1JO&SIs#7|_>KA6v!Gfk5EWo$v*)x!x9yi(G6kiv=GVa>n}c@tjw2$Ua9!x-ZN
zQ5M(F`>P-ix~Vt3ugB^znx6m_;;oo|xk&v?Tx@8~p_b4<dx9?&)?q4hOQ^$IXt_mh
z1n9)!-Rph)%jVZ|t-bax)lMpz{bzpQXZa_Y+;6HRU%LJn5pRry3M88a@o`e9mR<7|
zvk3VK3iS}nG4C6#e$%hln&H)M)p}Gr+2n|;Rtk2y0F<_+NW-WMKfpl5E6MrbmWJ@f
z8RF0CSk*)ySQvrFJzQmDbVf)N>jMbS4=>QrqMrl0?}RgJRH#9kR_1v3)SPRBZ~dXN
z4JTm-m5ox}D^It<*SYm&jW#V0o4{kY!AFO_E77%49m&o2BxlP+SxW3=`3kRU1J47#
zJ;SoP&518FmMfYzK8JTQPK+KUJ-w0E<E~zdu7d1#LHokigNaX09`4IcwVM^dKVj7t
z#0j@!VpCmQ_r{{ju|4wTVG(rJb}iJy?xzLBC%ch*>DU2em)CdR)k1q|bTb~-i|#nX
zW?m?uKb%izT|>X$1cDNLZWq3Tt|Pqs8A}U1{RASKM8$F}G|+@HRXR;~o*SU;^}QX<
zh&4ZkJ-S3UXf?c1r*S%X;g6}<V+E5jB05`>g$#E5iBUTgqojpOQaE*pNSPrHBnDby
zz9UknnYs8V3-b7>aPdXM#_wWRF2DXfRscKz@2UOSmB}Ft5FZpCKP%P~fbkkJ)$ed!
ztO^f5QjZ?`@HJwa2H{Fyn1<2D>AMA%#N~s-8UWs$J7rHG3vS<5n#<)I?uI^=duGd*
z%tsQ<03}!tmrHhgY0;65`kwH@Z^ZMGN!$FUxc++Wx?@3T^K^D!^wKkxu$eIZ5ZN|u
z+ak6R&C!vSDQlUM4ev2gSbbEN3r$WCVSGWT!x87&oG-MG-YRq!r{kJWzG_<djAv^T
zG#hbJE1vIP%!cVb(da(;&i=zlRdcB=w&|@X5Quo?4Ee+V9r@|ck$>i&$lq%G8~LAl
z0eO4SmSZPr%wqy4iM+wXtkXY1HyVH+SH|*6HU$$s?WFpHjaDm*2kA{NII3BCZn3u_
z1`7O&_YEJCmug*vml{~TZt7{~vH-$R<M%~%C559jszNKVxA?<XGh3%N4SRtHKgvdj
zerm812qE8qdL~@G7Y@CnITPIa4aynXFquBcQQSI7@*-BLNRA}6jQU4XYBl(!BD%0;
zof$U10-rV>1zZTlZ7?fghni^k9&rNpIB#|8vd*`e1lW}fdt*9-`zo%F+@Fz{QNGYX
z?MyI^4;|aHHNW>ncS4IYHN+kpV{eHipW*^mg&H87$1e;BXOcLo-TXYiKf%`3-q*F$
z(ItbpFB*qEo*gP=i@q)XrlLq1h{~#ODFQqhJ*Ex@!CQrZ?!N>UJl)rKm4p~yt4H^X
z5&zw7j&!4lY*-Wr(`9HB%>=K$v&tB}WgM~@s2I$_ul=&%THB|LkWF-Y?6JoxoHg{g
zQ`WS5Yg^C8cTd@VrfK*NMh7+aq*vPB$;<Ts?x%mK`MQcf+l1fdFiw8(A!5-S7w4WB
zP@O$3d(rAdJ(gCme5<wJMA`?!yYA;D^@G}UJI{b-YJAKBt)#0rp}Evea(^6^!^N;B
zgxIz5^cAmkJz2(o0f@k26!sFdYSZlYkWj~mR<_v_ItuAuCGFim7K%r6&@u!(+2S1b
zM{s0Wsb67u`{*u%?8lQ)pqjY^ldu$CudP(wxrXsD9<*@6{h+^wa(VdvqqQNlxUpo|
zhgs&^`?>mL+cyrg9w{huy!=W;&m76}?e?aQJ5=GLn{lAPY^tH#r6!PF?CPDv{8SmT
zb|P^@18Ur)xa^v{=DaHv{0WcxFBO;HY&R70OzWSlB+9~^$$<jN8_Dh7qNPttdu>kS
zGv%#5!{VdReKr?X@7xjEOhT?m=cJRoK6tJs{@Gh)-RA7$OG1XQ&@JB(LG7VpR>jd<
z_72`ZLD#)p5G`jymzw7CQ09pN)k}<~UaGErm>g)<kt(~2XO>9rKow9R^0oPi@7}S>
zkh&+4ceFOQ-87lz{t~yznC4w^iK$AB>4PP&=w-?K_s$j5419_D%-$t(Qk=!d%}zmS
zLA*x5bMsY@@0t&oW3PFtx}Rp%g35o3yWs<4Qtt+;i>KmBvsMroTkWW?+2xTjvHHby
zHv<KI*1AW}hZBCO<%FSzWVi2fDYge``DFHzAfe$fIO7n}Ezw8Uw@<~|T$uIAXY}HW
zO`5l24+^AF(vo$17vBHY$5V*!A^SEx_$mY{ZOwL?ZazIAVQCBd{-8@N_iOKoR@R}<
z;kPV?KB?UD1($X|@sC63J~xE)C(_p!PDi5Q6To|}NUlpEUjf;2{MCMw!~%cGc7!^2
zPL@kY6VIWvEV-2x=l8EXG7*fN-9Y@5uZ{g}=7EB{K5>{{f1qdtz*}0=QzT}B!o}Jp
z<=Nx97GLjOZ$g`rd`oHwMGBNc0;G_3{kkhCg=I_9BGq@N*QE2^Orw%_H)-LkK%64J
z>TPBwGC)FM@)oKMKvBnV=2+N0X1H(?lEd0@z4|sLzJIGU=w{Q66_yIip)(&3CbgEh
zZsj8lNnb#8SFvi5sXGQlx_8xEErIaqdu79Xolq$L4+d683ga8c_$^zF+SNraP5UFC
z0JkVeO(07vP<(v{^Sl~zE{t12#*a^`&2XDH=z8}FOuzJU^Cv8uP+f{j$x~h|Fp%5i
z<{qxo$3;fS%X0h0Gcd9E%bQj^%-qX5GfiB%#MS4PDg8;e=kn8dzs{*Q395yqtd5)o
ziG*Aa2&F;8?_uNw*)IBPi8?yT8axZ`j4F3klcW_T-4Xq#ePV^O^9cL7OsMJ?KqMyG
z%l~A7rQIg_exE<s?fICTvMf&_XpwY+KtsWK2HA9m{L%l8{0!&FKmAYS?;`(={5Ihr
z&_1#_$BeHt{QJ@~*<Hs13HERw@32SZq!(Lc>Q4cN?$$rd=cqD&IbD?5Nv}s|>y*30
ztbg@{{c+>NFn@kWC3z}Y5N^&)vD3j$v!~PU(V0#Fi3S-T-n)MYk<w6CzePu8<RgS&
zsut&Y2fcknY^m`<#hCjKgP>*s^H%ps^Z*b9d;cehN5ezD02Z&&Sd6)V?0iG%oaksF
z96b@zvH1w79NYH*_2w8qE5o7$@NpvBkIH4ZPv|28e!Qs;L>#G4$r&n<f2Dn!88s;<
z+>AG^d0djfm1}5aG{F4D&e?U#6Uc<dxHU7ZTJhCNM`^f#TP9uyC<+$xLA?$FRKA0j
zw4FAkt@pugVS$y~<M%9%{i9*&lLq>lU$kz}{s^8^TZc69Sh!IiM<@C<_Un|4as(XL
zO-%rvgi!P--WDg=DiRZ<uQLs&26X%QVrN>~fenrIrt87aN8uG-(ZjGLrU0oVcFnxS
z+UlqmIy$F6#1w#ZMrW<0$6jD(hOWIXcv#SICzOH{aaSm2(xw(XRKDcJh?;Qigr!b(
zlT~$+?$FJMQoq0`;la_Pkg{UW66gk}opx;q$6lgbHxxtD)Y&v&Ugq~4>;iXQRap{e
z574Pd>e8VK5#J%3?9ugHuc?&-t%#2?AKVH%TQ7oXv87~dTz1Y}uvA@Hyv^o0xbm?&
zpti9BDIbW$HsXwIJ(x?KWb?N%NkYaFG&W-|z;(ZdeU)@|TQMWgyuy;af^qNVdV|<W
z*~sGXHlp2|lc0_GiR#13D92#p`m!)E)RQJD%*x1<Gjh`6>cz;%2R`AbB4jm0drR-r
z;OsWp&?iE!i(m9+7cS0*xq<fJzjop)uoEGJRkl_c7F*`@iWQaBNrTqPcd&Hso)-IA
z@7B5aSod|_zATb=V&zaJj?)3^g`e+Xihirx-C;7L*)pz8L!V8#s{Wa>nX8MKub%9J
zGsJ;NJxY0b7!B8f&DdQcM_K_nV$GKF6k=(NL-M%xIc3V%1sjRo&7Ga$=@aHWV>^;V
z;zld%w8U@K`^F^~%>`r7_iI`=)4`PhLAuX&uJ>#+kX@@u49K1#QXas34mr+s@!Ad3
zwho%%$))I<RV?q%c<o%}OydNw3-HPTd>)<e(jmXK^mb*Kz?$*mrx6*U)&2~7==QZi
z6B9kA{k{Fj4#6K@YhdmEZF8U1y7;R0!uF6CYoX6*c?Oj5WUpnR6I>PpjGNd3q-ee^
znFF4U03&I70aaeZHDrE*3IK=CX!D*+$$t^k0?8Kqg*MZhBd853^X-I1@awhg)T&;t
zO%K)l6@fn3j#-B}PoPlh9j!Vnef-o{AYkK~xwhYAmX{-yh*@x9+sD>A$4-zV{4b6j
zCeHMDSUO1CIn&1-(Y59mx*pJ0hR!E~HN7$?udgRy50S!91>ZV-=H7z`yoCN{*ym<$
zbwlfu(60*S99D(XA3WMELL+BZ^$Z%1V|>Xn8ts>7x!J?Q0q2E*(=!GKTLUXo%f`Fx
z%}LcJ(H0C;x~_h|C&|CK-H^QuzEQj?Fof9T*!&T%?qg~7NEk=GO2IXI!X*g0wUO*(
z8S<S|G?x9q8!zP`<=V&@G^A|--ZsfcCJ?qC8W{O{x6Y7^u0pO1o9qYvkm6Z4aUqCY
zcoq8$K^#MQ<+eg+v3CT0X-f>A<$|}!-_(RfZCU3!e_nQmSh4MBkMmtnTV??_>5+l7
zF)z|zNC6(I7)yYmb~mY{bIfBayb4V7^_r-Md+N}}v|1{z`J1<40S(8pNpwjbeOHX8
z4jzNGLCfO9T)gvP?XO)~mv2M-Ton@?(W^^C#MDoZ<BTeLW3MlkwdMAmA%EPzBR}Ig
z^8ffJ^7nWAMt%ux5J)!1C7{vGFBrAE)T?z*W{3&D-?qaZ<t;`x*(#hGcz%))RQ0jL
z%LOZx90x$b4)vk!t2efGWFhs?d?!*IGkrNXsjRJE%bY#2H+5$Y*g#UzJYR)IG~>PJ
zxZN0V`gx>hF=Dj=^|JB1ww6`+M3|j4lefV6A&UZ<-;K}JqGjku@YAqCi!5S=9p1Cc
zFX+s2zwQALPQvB|-lbcy>-O+&o+Ay`9~~W?(sl8UgN@CwwmX*XKq~A}x|>=p^{A6v
z#)+xG4Z{x?CUrG;0)YCc-XgVsaXk=_?UnDCw<P7>MC+i+Co-J=8XmNre+=T@$9Qs$
zL){r(HR_ldj~}b~)jF%al)U3FU521<l;MX^nZ-Z(*hEQHU;R!saCvi`7Tc~PgGetn
zm%8Orv*XEvD+4f7YT%{0taL*xS)<Ekokc6VW{gt&;i$ofyYV*FrDRf*Vg}8^C7I8M
zvidnWtcfaGtU|h^?STrkLFiH5kf3;?@w7bS9Rz;!qE0df+E8fF#FSxL=r;zpt@d2W
z%*|NUr|6p-!h456%mpk64BrM~4b}qxfso?uP8I#@)_MY>z3hO?fkSv-rct!f#}_2Y
zP&ZJC4I_;)?pFHQwTP@+3SSX6Xw*r(>uIv8goF_nvyB_iJ)g+lhQDJ#4ysD|A90XM
zF_xFpbG&u40?M3DCA3Lv)}63mbf<Q|18#lCj052f&hU)Gcs=Xebj~i;m#JP+TaoG4
z4=WAs+2$+EKCohbIcXI=z+j3=rv(bqV$biHQd!`hfz?wcP8LoBkgUXk8NG_T33^4f
zo!<^ZqT6hfIe?dL$}!Pc7&{lvQ`>djjmleT>4)8q$^*13-L0gyS{M_IJJiN{G^{ve
z=~z}M?0beUzw|j?py^ZWcCZP^U$d~MZX&BaO$Pj#L<1IJq1(v(g@_^H#Lz4bWqEf(
zV$=DYN9nt56sNHH+QE++yVBb~LG=CDz6?OEG~ks35_s+fy;~>LmY1}7U>gVi$n9ZT
zZHJmn_<U$AFZ^kk_9)!n%H$oXY-H~%-gwCG9_W5|@H{Z632_YfzcZK*x9j~dskT}s
zAg-F6@1Q(_s^Y1Q5PzY*;vU?K&6}x>hlCyBp`*FFkB>e)Q~wD<dlsDRfaB6I;=@>1
z;_v^{H>7G|WOtV*Zw%U4kxByz4P2%W{j0v3JZ8dsZkI}OtPo;z>()hlH|qnl=owy0
znE`T;twATa<-`{w7i$V6M6h7<Ijnpt>=^uhIbu?OLP}G+eo7GU;wi7Tws@{pE`Otn
z*|30yQuB*@(8TXzfNuQH_RY$=dE#6H&=78`Fh56D&WJ$@OMgLn(^zH%k#hup9wljf
zI{Lo!e4UBAo#K8SrdIoZCXYa1a{X~q;!HjfzYdJTYR35mNoQhR;0U%G353`_-sOYm
z3KcAb&0-&(X2=&|YfLVY6*;C$I>H#Pw+?+3s{ih53w=dQ*5$&)x?%0O$|<#6pb&i!
zPKtPaZQPmQwe)dOAdol(G6zOItAwmBXs3R)%y$Hn!YEV6EEF=eHM^_^?}X@m3|)LB
z`YZ;P0~N?hVeG7mPfXFewH!c2HE@mhzjk4+tR>tWmg@qSj(sMK(G#V&EsZBtgQFkf
zK0uVzPfl(sAj{ofh4IO)#X(r<Gr%id>_=&bK*<QWxe8z;D2NM}gpIctS-;^kcBKX>
z!Y=ns%Dc3;IdV4KVs@x}NZSCi)z=pUZH2|y2gSaGw>-`afm<L_`<PP$VKwxL?}4}s
zDfJMUafv;$HpQrwwnzBu@$GVKXUPBM-;tl`9QmjIiTtDR-^lN<4g&4CT|*c*ISZ(o
zzbX;k>8ohmuElTg?=HwN`$ibQ5Jvks>8>7UwESrz{ya1-vdilOLPN1{pGdW?LLSwE
zPK_0$eG%xEI00MRu?&31)?DqXg?NXx*%P&N;#a(OU4wn8@G7^gd4@0UTpa29{LR3L
zVJ=ehAteR7;b9(Kju3~tY-GHBpO?|%9DQjHz!O|_m!=_ga&uNWlu}<uth!!itE_=*
zkb(?Nl(}i&B%AT2A}sLss-OURhkiuCp4wmk2capMb+>wnaKSsuDfQ5{jZuZ_hG5@N
zBoN40&zb)^Z0(?BKpC)Kl>h;#5(g(uw2Q9}D#@!<JueMbM?KoNLCka~yz<2fFw&iX
z!GRW`@$T5?u~-sM8|>@Nqd@Z}cHNltiM1EX+CYx=pjG%DG5q^ke>MN<Pu%Q)oTHM0
zjI;E_vjKaU&wVJlUwe#KyTH2TVyZ3wb|R0O?F+-)D;B$uQp(^;n%a8v2~l1zGMwf#
z!Cl1a`k7?gyhp{}hNXoGmS|TGB{N1(G^RWZmXS6=Y)ok+jZKdWf3K}6QxH`g#R@dN
zN-JKe`CBxgjNeV*yxAy-dg3;{&9^LCc(iJLWk+JwSAE*bxS3KiWIi<GG}&UMgSX+J
zBd3LS0B7PClCz%Qyj58G&o0J|6()&H`CPe|Fr>DSsi3gx7K;tyi-Dl8+%K4MNPEsM
zUs83&oUD$|n#gp){*lV-PqsX#LkIn~&@1TOhSCez4f*nv>Ua{qWS7rLyb?4Ys-pIS
z!S!J!@*iDc@jLE74v5SG_$zBssbkJJcDFxagk!>6e=HQ}TWDv-PFKReuFM=$bwvAd
zk8Mg)taJkPRQf{BZ^QoxPDCnV@(s6oR@7_QV%4H5!oJFVd*hw->XI8<L~k02Py1Ec
zH-W(QaVAw}?kErOgZ)(EdHJitIYOv}qpwwKh&9>Kl2ZDG1@o`dZmO3L7?$`mzuVx6
z<{bJ{Jg`9Gy_e2z_GG!xTXn9koXK7Qflu#pO3NLF9zR2M4xXl$T>imuctquFF}AIk
zZ10)Y!HCGU&yuyG>Zq8a@F4W|Jo6WR5!c+*sam{EggohQfU(JPR$4{d`eYVX(Ky?}
ze{?c!tf+D}e!*o3$fe%TYrAd^ziAaL!M4(K@0IWk-+YkMFA4r!6&$o+x$uW(p&bY+
z`dfTfPxa>bB^RFw;%eDIM#sM-^8Zf_?L`#0zk})p<#sCe4r_;!4~Sg-m;j~RA3lf3
zI(;2`6d2oh;Fb<1tLaQf#aS2d6)?z1w_TsKYfk-Bh1btPyLbUPemOnXE1hRQx|sku
zKH&H+7E|>op|7vwCPv!$0uIOb`H_Dn`FPOzSgo+vvU4Hr6<sNw_0H9~y=7g~`U&@^
z6}>tN{!9FusI1s_wud7+bi>XJ%HI>1-Z4TqDmK93nJq9Yg3Z98+sT=8!K^2MaS?k%
zLKHT872l}lf3Wu!P*rtZqyIrtLL{V1LO@cwL6Pom5RjH`kd|%`5Rj0RmN<a4lG5EF
zB^`&31Kthl`^fvf&vU<f$Nk^&ALEMS$T{q@_MUsKIe&Amz2}~51P@hAp{g`{SDbbM
z9S52%b`;f)cS$lb@=Ap&?pC?S0xsNzDN??KGP3$|koNQQeni;$ox5hUBx8J!^$WC<
zHMYT6^!Hy!lSli6<Sk5bGw|6>g4;@+vnJ$TL}&NZSb-uw9+Zf>Ynf^DRetDL%;b9(
zeKM34!kzG<lrr>UOsDxU{SIdn&Zw}`2vd=xRF6!qids#zPX74imelSfyB>;mEFS#M
z%FIX4<DS`?@r4MgDQpRXGxD#Vuk%CvkbDreAAXfbq;kF@Klq=?Pkl}P*_-5_WBo;b
zBs>rZ&pNb5|IxCVR4k%3=v%Tqp#(%zM1?!{sben}Wt!&35#z-<!Y(tRHP=B8A+G0z
zpXZ}mqQxOLn1v&b0kazE8ri&s9@)<}8YExHJ7Os>hIVwLEuWK}*o@-%8X%-X+NjP~
z$QA_-YmP?u1Wp<BoiF!AZ$sCmZNqHWfJK>r3?UuH#V3OY>@^gMzA!}b-C1|liX0CK
zrnItB%{4#AczGDYH1fpmvca^zl&Ff|?h~pCFe8hRQ2-@9ijR!QC}i^PuCo17uyH(D
zs35Q$U~?<>L`}V;Bz%<+k-}~TaaeJGM~EoQwgk#>s?{~m=09%x89EcL0a*?ko5iRO
z8D$uxFYWHkj7PS!$QrLb-Xw&CPr0_|nAvWf$s@kCXt+NF)iTRA(_}Vdf^Si*c}3Bo
z!sn;ug~=I?+~%lix&=nciM8gHCy{ZyZE1~_5Hg83efT`=mKTBh!<sk;)ZF*_QKqno
zBZn4D_%6a4fx<QC$^pdHAm6P02#Yr(d=j}E0=NB|<Hfh~YqA7Q#vcbK;9C#YGt%7m
z#(=N0g&h|4u|HL00M|%-V<@DfK5lu&xgtcQTR;t^m}MS1Og>566lkg}BE!F1z1~(y
zK32#lXOuT(#%S_jVptXz6vK?j-mn@&t3jcGeW<1#^1`MS)WR%w_aOWhu$~KOpUw-@
z?5Gias#&oOn9gn72A^{@$J@89udfVQCCtA{(oh^Tl-a91W(ZjY;+xnWjt_}~jmzP4
zDH46}((mYfnxz^9qcJv11T0=Y;5b^3nJSA?e*Y=&&>ByD^^$tX;dXkGRFRM|hg?mX
z=8Tku%My#2C9=3%O&g40_;Zo@(5H~6vt)6z7P&gn1rg+cTdEelP4e0=R!rc)6TzE{
z-|jo;6K74>fJ?wgQ8BsYyJ_aRZKT2({$*=amyZktu56D@JzI<rDHp%BgWaU#D~E`B
zEKqYt7E!%4T|(F+yVRq^E}E+KI=xw-Oa#=gDxU8R!&u-?s=aI1E3!9KsM;+F2Zz>c
zv#HkjsQIqu-3Q^(>GZ=0Ay>nu!}>_a;N|F)3lkNrkt2{6ffNS7$udr~CZ%wnNljlD
z!=)~iA4J|WJF5y|=f5-CDPCMCYLpTMAG_*4dL|mpIG&+C?1jt-kAiK!Jc_MmUDx@B
zdfgOe7$(+7?5pX@EReFM2J!Sx!*Vd2l2^D_Q~{AaCq!CF=Tj{S%O0TOz|xzMGw4n=
zYRJTl{ov-wK9WrMfD#;DO1Tt^v~rL~f@CBV^NA>khc2DW6B}l^#`tZ`SV+Z2t)=9?
zvY)J>&G8tDe-o(#vW(ioy~toNcSY-PZ(Md;iySM3Ypk39QHip6X0Ve8vS{v!0<)lG
z(6|Pt7K+lLzt?APmI~gBJA!C+HI%*<C^S>N*uFL_Zij3;C@x83tu@@kn_J&}@86Gn
z-i#JK3tsfai^`H0BOu8S0txy*6eE(Vq={$0TxWy_*^pvFg|oGqbItZ<{A&Z{1I);g
zB$N?j)u7Mmp(^tQyyuwKFUaaNrpd@^O62K^+@&<M>nfwfR|@!q(t1;)#V}oMTY^cC
z@7XlQfm|Dd4omJ>B(b?U`6GYHXQlBs2(@@($0E_HTo?M(8f(_;vkm2Af_%+K9g4}K
zuEhJg>G72V4JTV<VwZa@FwixlD&Lo`M-Zuq)aUw*DIl9!P{a)TmLvnla}rV-RN2MC
zk1KHdAv67TIwlKf7RrNLTgBuFvX*6he#p?pkXi9T0K`%Rz@qNBxBNrcjGy~sB=4}~
zpm+f04LK^$HA}@Bwk%<Msx+fn)08a1=z;Li3*Lgqsc60csgUt$pQR;{J>wt;2M^Kc
zX8f*PB+o3Z?NGPS_?dA$*L^<$nL1mOl6b(_<q?R}LJN2JjGX6RRi;=K$=6CZFX^|-
z^%l7Vst+AllDl4!fA*irPjgNFnVaNaTKPr($P5sOoiO^A3|2cnSxQd@q}41a6B8ef
zhLT^KsoRS{f-J-a$CM&Yj7;3e8@dV`c4Ap#mLPy!UJ<b2*z*>3zrDiOk8+IDeQ}Go
zHDOTwOFl83Sa2yF3umI>hocfzz|uqUiuA)iG`|Q#jeMzu<{!L~JDGNF&^RxI4HdM{
znqCE-k}wc2Q*S>9KSWycu#inAQuthZ-=AD=J7bG9Di^SRZuGm2M<(G1GMcjYqtOzr
zno4^dIh`vfEh`cd?1G9iPE((-fZiXXaSW+c;T(UsZGct{JAO9ehi!Q`I1?QY#_2-`
z1z=_8O#)N{D`PJoTi#n`on04|GNKWCQ@#EW&0Gf=&1q{)yT0FA%0PWV`gCPjErTj0
z%Zh}T*THrmh71X6D|u8oSb1uxAN?Iv2k`|SO5FFl(}V6$f7pnlm)$pE#nI;bIFX7X
z({MIV{iNV2gaN9V8w7ssJNaP7Iv4H*?093nTeApJ@bVXAKCkKL9ngHN-0|4h+{u;8
zYNiu;1hL?kT88r;m~$#gw~H-v9K~Bu`Y6aQ=&WetwbZvk4<qqnQ`0e$R0F7mB2lgU
zGRkft&dasqwG%%I0qwg$4d)jjic*bR_s)6EKEpg{`xNUuvo=~{QEGOk7OB)iP)E3#
z4OTaNUA!C?VJG6`^$fTil!l_c!o8<fvaDFA(3wmXOsThBvjn(0Ialk#lRPFUHO_Js
zIH5P5Z8GK&DOvkyDg9O*!kMs_<!M(j*MsN0ey*uawxjg{GzQ)Vcoab-8Eh!fyl@lK
zo%+Hp;Mz%@0o<ia`W?gO$&}vc-OY8)3YN4oy2ki|{Wm_RE{Cm_F78@>ElI=;MHZ-~
z!U9fNnW)URJ!bb*bqal=!tPN}kV<0Uu%i%}hwwZs2Bo9(L8?O7)cF+VJDxY(k|Nw2
zqtF+SpBf%>sEMmM(=w0WS<yVTWGRcR%S?SJR$dVuDq&=`IiryQmzLKmUYbGnG+YJL
zB%%!hl6%AF^{^&SYQ-%jduL6_HKes3;Jt`A?1suf5aKM&40ENNaQ5g<9=Q0%sK6|Z
zc}BNmZiP^WyKRXy<?v@$lr(6GQ`)z!1Yw;ffm%nP7MW|agkE<ki|n6kJvXM}b~<Ra
zIWq~a;P+ApRELm&3E(V8C*3kF!;To*H4g>LwN9Tfl{GKJMw7;K_#FUORmwN*(>Bkw
zzk|l$ft#GbLW}M;37QN!aTus)Z#$xWR*`@U3zT%&3I`8E8lzfO5+uvg<O43XY{r<;
zN(GO_J`}LLi^0G9NO4`wW}S7`o0*LXPyHlNYlN*p{egtTw<-F_WAzmxHDUEj;@z3F
zfWjr;@roGfZxY6~`@E!@<4`n^zRNh)SDhCiiE}y|czsQm9dQ!ea_~@=`xL}98i_(U
zYRX28eL4;`TSJ(39jSwzKvT12Dx=(&<8tpQOgcJS^&ne4y7b_)k!?nYjgAFl+}*HO
zsP-R5OMJj6UEx+oGmiL<It=7!_YS@UFkDP-QwGomOuUm2%L>BttSD_IqN}7)WIuR1
zDJThAU~){By91T0Zx}JQaF;4TT8J>X4ezsLtMlS4rOY&Dy&!Q*6-%&_MMr4!VRz-O
zEGX$GKcQ=%upfLPc-6)Mzew^X9n}lP#ka5J4AVTGqr?KXmMnOf7S0`cA}7m?U@L+>
z+^Z(kM;17DVMli$d-98`D^1Ak{TeX}UJ)BzI0#3$U{IZ~^}StI-F4or*Y8LSw$|zT
zQ*fTrk|PR_XxO38EBr->_$xvPk+>F1y%R3csUBl;Ae<SGHjqBOT*%zr{BWW<rv<Ux
z)4qr|Qcvi{k5S~|;NKXe1XspYby=W>U#x^-oeoXX%nCBhi$$J?B?3_jUusvYCQ}I0
z!f>5%Atla0!-fa9Ld_9VyXJvZihR|VEAlV=Gx=$+$v=IQ{OifT$iGwz0$Fk73XOk)
zBAVBnImXf%v<*KZV)nNal>8jS5!}fW)m&Qgc7e#4{1pX(Y^Pf71z)5vjO5!XyODRd
zDPv?Mw#{jCLuM)H2PthM3RiAbFjTCWG&9qrX4zS&&|9i9hg)KM6McJ%YJV~o=>3Im
zq5dp&)4hH!<3e`wWL$BOr#zvtG4yd=rH3j44ra0Rx*hgW2XO((!r7cQ<hk1Ay|BiK
zqU`-|B9k#3b5VvHx*?GEhcDtOqXla=qE8h?P?=GM;jZIiuQ-oXELh>&B$^7RhbED#
zb?dcXQUwjIzlsjN-T3@`j0lT|_)}fqGp?M~2BhktIt<%_X^W(yu)B#5aH8%wnS`M$
z={AfyMV!y}&ZM39+@;=cl~mDiD!cWjZIG*duog9vd3WcPR?8$20k|ZTy;}cmR2~gX
zz#TfomiW<0oKnNwNTPM=9oyyE07Yrquy6HX3`6<Sw)dGC`CrjLXSnl9;MK*eZf}hw
zkx2laqyt?bvZ>K@Fe2M>QAg84kG``obBE@ja0mIs#-&!mL$t4zX9<HchddT^N6hWe
zC>-M!rTKe=TMxg&9K56WF$+BW%m|Mo<kA@CZ~|o{_jzfZ#}7$jkHJxNYHN>Q>{mT(
z^xG;vNEoq%y5{ry-qL)=1#&DA1LmT7FM+V?f|KuY<TtY}I9iNgvTy@_LuDAbd66g*
zstgg6f|HQ%AQ=JP;a6tlRI&ctX%uOrwXC~?t3;%D>vP#o8%D-q`1D0_37Pa{7zYbE
zE3=_wT#t4KSNKl4R4?dIWOw7BmsE`d#Zaw05lUprK)lobgAxrWnsTgEd4f`;q6@1l
z!Ip;m;vmqj=gE-xE}}O({{s(M3Cj8ilkjClO)-k-R#O)(%|S;&m`|uoN2O*4d5*X8
z;B1GI)|Y+pAuCg@j6AMEgrw4gV%BindzK5K&a-=qC~3vCK1=0NSqxe6XKF!?w9US_
z;!nBYuBv|IG6l__n9ZXxiN>=`zRK5RR*nmMv_2<2mdTKvFK|%dqj%nQ7jZv3X7+Z3
zab<`i7lL>*u)HQB{5+ai^G<$fa=5J{n%kx&DV;vzv1$!nBhJLcN$*%Qx+Sm9bk5-$
z^cf#tS3&<5*>P`ypn(nu8m^I`h?mK78&&){F;PjkAOQ%-fl(?O*pk_P$K^YLgmxd!
z8>r+F89+idSWLgewp#qDF8<6lhCB=N)viT-49z#0n3l5p>%|{|>ljo;6><%9;uN0A
zF=Xi9Xkh!;P}0y{1h<X|HYL!8ruiD4m+oK&a1*)|CK`UU#8vnR1}E_&?8_?}qI7<W
zeB(2fbeP9bv_jTniJIlWB1(8VbVMdcFIvm<Vyb;vh(yo>@fC%X+OAE!j2WdKgPQG5
z?<Qoh9<gPX5xo1Bz(P+;j#sxj$d!Uu3zl+p+9|%2<D`fzys<7CWVVBCx7g!P*-qiM
zLMjQ8FcK$oUA8REur@xx>v5e8T-drL7p%F|^`16l509eCGCUa15jNz&4)zwl9XcGw
zr}yyTF;S{*6XM)(Phd#1LB=ixEu*s-g9zEK)@+c(r&{;%UnGrGrC7a~uaQ@w3X_Cc
zhr$1r3dt&{RF4-qaO}7+8*ggDBW8vNxz@V0H_z>YF?Y^IJbT#|VPXvpyJwEw9E)pP
z&PG$ROmUgK?CxtNyJ8agI+yAq-pf5gVQhQ`?zK;&a=TQaj1p$PbrtJACP#o>O9Cx5
z5N>EXy_-klX&YUVaI~=EJ2{F{iXCGss~!=c)(nbR9(-o7<N)95Xsh)J7RPszCV1U2
zjM3|%Z=Yn@&`PR>I^RbtLWiQ^(sUFDg%binSRr_9PlU*(ei#u_pUho0kODCO13VD+
ze`DjF&<o%;zRlR1EAlV@Gx;B0lYi<a`FG`hkv}sG1X9awy#%s2sx7){A0<Fpzk{e8
z1vgO}yVVNSV*g6ODI&#m$<!F|q-ZCukg?BhefFTnA9!@di4z&9yhV~o_ab--zlr)D
zLdyHe^~y)O8l7dIXgbT1k`^!dfutLUAy_;MMUwb6v7_#^{cUiU`I&L{`%}G%v*9GG
zCg;sC4q&C#k7<aX78rDU*m)bVq}PbM+D0$soBg>qcC_q@Kl2No11G&QLvuOlb$Tqh
z2rj`{J0r=xlV*#$r`?AU&lYT7eP>RyD$By@tmkbNb1R#G0=f7%Z5C2nF?yl3#>%uy
z4<K(j7l?Hoib<FV&GvMQYA0u!u_{MCMnA$LHB?;pWco08Xy#Dm`^~*$LE~k$64mQ7
z1ydg&ezg>Yo@bLz$$bY2tZAplEm)vw_AV^L0Z$7X<EL`BjfS~JYc#jV(=QS@y*sjV
z`MCET<Q%De)p+*b8XK1`oTK4v&yH%jCkLAZ_C3C3vUK>K?K_CrOfzm;b+_3r<JrqR
z9p+-OUB3;H3`A2tDU5mx=2DMrrS3<^C>u&%*Rt3q2?iH}!;KeO+0K)tRt;v`7WfOl
zytVOoxLsPTX&Tjbe1B${D}ts?qwhmzJekAX581_zhJeiZ8a2|alZ+|VI-E3vx{9~H
zDppEX^IIy#FRcyXyQ4nod$^TWj>S*%cV;<e48T@jPTAaMegOLNzUZYC@m9^WW|rdT
z7VnMz#Ugu75{jxokx1o$!S!wYJ9CV1U6I-$rSHsD-P*$8FViqWCbhT1iU*PSAct2{
zq}`MPKmVkmU9z4d&A6s6QFINy%xbT_Uc!E%o@K1LajI~8R6kD3^z?OX7zQwc8{a`U
zhL8ZAaBXm|)%>U`iar-(TJlYJUukhdwt%`%-UXn|``fR*UVOP4FLh1-O*f|$TX)X0
zYWZ@tN7iNwDdr=N_eN#kQl4g3K1D@7`jXvQ3$yy~(m5}{0A&K(^C=T}!u${j^*<(0
zBd5tg7$Wiv9UTdzur%|`(q9{hfK0N9N?{9ssHNbwjCH31<YtPG(Yl?S`z&Y>w@^qs
z(sl?+7y7V>Nt*|?C#I%*_qEEK`EGwS<PUWRv}F3<w1m^YPH}P?CrT=3t{J#xvi%_P
zg_Z3W#MzkRb{@ynJm;LE?B$-3OqhpH64zPNvT=fl$9{~gJbT{lrYgy0V+c+fLO@b&
zIf^S{NA>BOGnfr|GZOl;k?o%Js*mN>ZOakMP6;F#5$ZmT=n)mQ;o@r_rl;z6De+)V
z%Xmf;e(Fh@Mf@nl<@ocUh&8qyuT1@j5JS8DY|ZQeO*;FJQ;pn86kM61qjxN(H5@za
z!``SIZ6J&PJlXbCd{Nxbgo2H$xXDfKXc#d1*FRL(Mw25mZ+xSQ=Rt`L<0P-4BXJWR
z6(X<}r<er<U7}t+%XjoJJ-QMf+8BMu*4MN`=z#Qx)n@(x0A1|pO9_(<J_QNXV@}Ml
zLY$3{kc|+h<OMo@HQCg?N$x74+c7f<$KDa+S4!uocT?%&)L#mvKqU%9IHL2vnEMKn
z!v}r~rAV36TtC#q&{#c+lCvf1qx_1uwW!@;KZULNUv@y3aT3y}y|0S*ttyqN5pDzA
zbl9p;3n}skPsi_0>gpo(QpU`1J|wjVly>_^C;1eK%R$|<?Zz7JfA}y+KAcT&@EV-~
z`{lL==)HqA_QVD!(~A$<liKh5;_PZQ0^b8-TTPy9NYxJ$d>&nx)oSfseS8}5+pw%(
zk^kbK$xnAp{>hu<KZ5;5{>l3w5YFiCOX+?BJo50=NxN3;TkUhBHJ#Y<1UD@~RR{Z2
zUVHeLf<M0|s9H-+`KlXy+dCpp!*?p6qc3e<$gNdFFQx3Q5=Jj+G!g^mt*~DRO#Da7
z%6G{bYu?J8T(|8QOR$Y8K<c392?1xh_>QUjx~k%D$uyn~SL+lud;`>T_}@%}8cMC{
zT0KD=cMxSYX%)lQCP=XMIzUB#AV37L{el~|zoG8DS4Uv9H1L+shBxnk%vRetG}om-
zW%nXAAGllCQytoUw?c@~gH<Zd2^JvZ4Zy(4LS9SF&sDCA%XHg=OG7Z?qsM$zD=PFb
zCpPRQ;B5LV>`5P>_)nf3wgUEN{lj7uejGopS<hurwrqs)V8FuF-q~Cz`o8q8YsXOm
z?&X7kx#qQet%;fGtj<q3*j@Kw3(y|}pf~&_`8D5N8~yl<1WI$&A3NvjfxFWKYfVcr
zmiCh-A?P81vp}tn(WC6PrrcZD8{-l<(B!BlcD^Y<yeLg>r|-Aiqv60yoqzc~thPm!
z$^k2O9ac4WrZSO_@03xgxOX(2-AazU`~wP@r@LOnaMs=x%**b&%k#su0e^e-RB4S`
zVub)hq}1gU&j)(k9u7i;nH0ARI*~a|$i1TM*+kDIkJkf;`$F(l&UkDZPO!C?ld;zh
z7r?`WMekPep{1Z+=;MzgB9OY^N^O6_bTUUW6&)at5g{~N#_f`&+E|xDj_l>88!~+@
z%-Y-(@Tg?XuiorBab(BtXYc}>u+En4I8z{|j^xS3!8mQS?2fmU=^*Kg@;){kK2u)Q
zv=7tD<qP@h_=+Gmf^CN5aSfe%!>IBBbuRmW-sH6IM16hsqK5R6Wr`Y=AhLGB2g0-|
zMf6i=Nx{l2!M*Lc<`eS0%VW95NQGKXdoA5Mlt<b)3PT|ou^Xw>jdhm1$~>0g6#-O6
z@@-<o_DKvRO>Ue&(e}gF=z8RuYi_?Ybj`_pS_6Ljjw-I^1wY}2iX&@@i$UMH>|zV7
zyo!F!$S~RjKLSmKJ5Y#YiUl~)L5|AR>?AnkOv=>H)uHvITJ^7Ir%p2530?1slVRMV
z!0TmIhGH<5x(d7#c$d$AnObb%T?0Q8QFM?AXl_F#gkJ5#>1YA=fC=GiNK*1oQ2Oi+
zdKsT2XbcPm1u({WaH^?134v9*5k_@oq&-AQ0y=^8M<-m_b_xGzntB7IjzA!-P#^_y
zT&5XYs5O}@kAa<7No4f?kYj=WN8hhlXrs&$u#^}F*``OZ4Zq-U6=YREfXsMDooaf%
zW3T2qm$v;TSZuC`b&_yS*WBl7X5q*y2g}FOl>ADJ2<PBBzPJwPevq<S5ZR^ZuvUxa
z!BEL!%2zb1?$QNLt|h-69T9fC4}j0P8m3>KU7IPa_z({v99X;^{5GM=7dKJO79~=$
zZ@4|Ejv8~Fbweg^lG2ANL>bvemMhz699{B;m_>4Jssxr}6aGar(;+@f=PXtjz{+N?
zHGAHkQ6^Q$>P~WXhexE}$=m=yzWNgmNse|)IN-48{^-GKDN>R(x3KtGnWC@0i!h7?
zf-_4;)T4PWLv6S`R9h+8MRD8nPNDR9B#O%XDsn~Cc<lLb6KntGj@UCdP>RIpgY}(_
zDJ*NPV$B34i}V*#1Qj4u+kUsCndsZrq?kHA10lJ9MeYEO@QVB}EJ#2(KG5|Ggi0&>
zp&$6)A`u-4Bm#n;hNHhG|HMu5pI7}Nzt}hk1Pt>pcgh&@@;#%um!-s2u=FcHOm=B+
zAqXiNiSS{LSQy0OZ*60_dnfc{?6F0DJEFg(qt+=iT7DOWTMRAWAO(LKYdJOayvQ}c
zzi6Y%lM%&(v5T-4pYd7cRHx;t1%>D+BUlS*r54Dj8{f`yMi~1-`hXCm2-v{p+zk({
zijx{6mMau9b5Z(v-!{xO_0YH=4#sn(C3>Q1Xu440X}wP5t<)q)JbMh6;dA{sit1wY
z)`Fu8Ine>Rv)V+|Zhj~GkagLPp)ygwU6A6kkU8K%Zk*ifxsx=t+A)XoA|7jMQH$jY
zvXV3CA^WIHtOfyly1H6-eYMxa$@{~lfOh8p#<3ZTjs)GYEk4`@+TughbsWxMWLc~W
z&9^3z<{xvV7-oj)&|CB>1Use4$vE9YR3o49KlH--WI?Gg?fR%L7b8H><y;x4FZ5#;
zp%=CpztKF{7baya@|k&^V_$R9XrN*6#de>@yqaK8Zf7yV@lB*BhzKa--VD3Q&G?dC
zjoNk?@F5#MNed2n?0wjiK$Z5XlUM3=z|01lxSIct*;NSkZ~m$MJIGuneRbBVo-D@Z
zTwbJ0lJ}Y0(1A6UriD^{&D6A}Hd$Y+U9Ebg!d2+)b;B`|AGg&wrW^o4-uhRO%Suxv
zTGHXs)bPT|jT#p7O83j|`H&qvK_*RZ14M}%PR&l22*Mv2Vp(j(b`YmHt49kR`P2t~
zF|-`?SHy8OJB;f(2~^=>3}sk&Z^l9qMzZO0uU9)aq{4&WF*#go>tVI)W+&)<{VuSa
z)(4V=8;3BM)Mi+IjVp2dAdKe%O$Klh|C$Y4`&FY+RJZV<mqOJ;sA;Pf&&ugtR+p}#
zM5mi(sj6`Qu`wA9KIKud8PqW+dm>0nrvm1P5G*$Xd-Zkan_pMEU*J+8J5apEkc;_+
zYTA;LM80>I*TZz6PQj#T`ipt|F-O&-us2p}78vWab}e@rZ!mZX$Uz)8^Soc$zakMn
zv)V19_D~?FGUyX|8okiJqONQA^aeqk1l$&U*obBB>?bqan`~tIjcom0SOkw>k}TZ^
zlF%D{Ve5%M!eo_IKjg^Aei#bc77UjY)`9<hg7l+H2E?viz_nWbw0|JvvrGT@Z(aAl
z^u1kO@KR9?yUcqxwM4ZHv$PE$Y_u6m8D&*96uGeu5OoMU;S^Iy&Xi0ACuc&9Tr7!L
zXBu}GCs^$FLf~SXS7}e@CNXKI6Xo6QydJEIm9T`LF7YEjPm+~uXlm$$l|SOc<+tHQ
zo~{PU<hcsYuv3ZIeg}~Z0u|cRx!EoQKI#Rg?LBO~@azND{!)`i#~xn{!JYuJKUa8_
zpP7u-+~y8_zZkm!_HjT}l6KOL2y`?*3E0!27HViHufo)(>FpPQ@I5~pO-R6aEp4dB
zhV~A!53`nJi`=Q=O?C+9n9=026U2UdrT>}WZfxj?*#d(RDjCwH{wMx|j~|{|hiDeO
zh98pkv%nZy(^|`3i{75d)hu3&ZxJ#sL|VYC$Y96(@X3aoVu-DfH7bCMw9S(##ATvr
zvX|-6UAv|T+a2vI^27f#`5CUsKYoM!fiM=o$e#^d=U=MI%Qh>x2wsrmR)S$mr08P4
zTq{w;cuMICXHIDwU{m+uIDaF@tbjAM#^XaW_dcAklV^qc9b-{e7vNg3s{wM)yN>QR
z=efjmu+o#MB)h_frk8`SV<RTm*K)YRGL#4sL6f9JK0xKoXW&YtAch5`SFd&6(jH=~
z-+9C*lfl_~RooqH*)5Y>D0yDZRJ(m)A=YMNR+jxLVgHK-rIj?UI14$T{{i7y2&ilY
z%uOo-;=LZ`!~LIZNfY>J>AhwgJ93|KMWUN0gfDc^FOCdpmAi~5N0adR@|w(+uUz&H
zZ8Js0Er<;)v#_!k=A~@SkpeeL+<AGKMT!cUVaGaUKIX{etc_uwmXB*mQ6JAT%h17u
zzT5bM3zY60)uls-;xP*7Z%0Ig<a?nx>IkfSKB~0Q6`>lorl=Ewc5;$f<fRUdu4ACJ
zRwzBKd*#pxl-;$?9oH0p4lb+m>G)*2h%BCKj7X8aUP(d>!D*;z3AGx-I_<CX3zYU4
zP)|_6+C5fE$)L4%E)b)q5!=NfE&#6iz9>OXE)b`t>+kR>Rb*r4BggS4xF2?3@3mnr
zb|K;;2n+@vr@=kYZ4WD4*j)aCBCk4gT8a=O6nYDCzbL%tw|EFV&4PL$XnyOd#Eqqq
zJ3SaGXQKjf3l|U29^kQ~_?S4}LQ2ASF;I)3%kNQ1mKoYM+BYe!ikI7|dzM6xNM&1~
zsdX~grBgeDlVWSMEJB|NL&`6gEdt-7nF?O8RBf^Pz+>^0Qem&w+fJ;=X-IQ&`pNy&
zNm>J9j3FS^q*QC_)9nB}iU_PxHf>rct-1+qjtC}{6uI=hQcf*KL@r`dB924@X3!#P
z@0sqch^&PgTWl%x7z%|u9H;u8+HMAM3Yd=w($$-q<hfu6Q(o!2DCrJaA9(P5Mp>QR
zrgK#D6J&|vUdTH!=IRTp)1rO+4JByImT1vha`oNNCPOak)Pz>+qYZLVSkkr}^#w6!
z@e!R~9q&(uJ0jl8b!G%p;W#^Adg4;%5_$4>afxkJiVu02?z;2|dytD%Yl)gv#|!v~
zf5p;C&X5e?#?T@3Eo4Cxu{JR=sokuM`czx;I@w+%z+RW3I#Le88OY8XTh=?Xg!yHH
zg{#LQ-uWmgu5t2(m0`8_+uIb}_<0X}QQmZ`-OU<E%_CnT5NFuhBHt@YkHFhci7rO)
ze2w(R@!ra4l5x>{m$6o~oDJ)od>K4P41`&y!*BJlY^@QL&JN)!a|zFwwKjy+U=d|^
z7uN2s<5uBXyL++SA(?OEnsm99v5R^a$YVy#MW^DZHnvgQA#RV=q5TAh5#>UjOdy78
zz!h!yctH6XGCd-NtGi_e^eJ$;Qc)i*>nN0nwfa;cP}f}v%Eab;NjG|^#V+_P5re{p
znK)39?tL}5vQ{WT6(Z}G(UI)WgQs5=CITmcZJ0s+6`7tjx@wgEKre`d%u;sCQgMxZ
zFICw4glGu7@t*#rQRW8jb7IcT9@3Ps{8DZ-9sXAT@Ogyw-rF6kMqwNeB`mjAydSe+
zd_npux)Dd}j{_V1;bWi{WaQhs9L_}3N_1H1%w<<}S@&UGoH4d~6cI~K<v0eWcgC27
zeh7xK9f!reDDLj!&{|UpAD*pnr;rE_fzRuY8Cv7&2Jb{be9hGFsI^qxb-g4U<%=hH
zj#)0rv6~)o8=LsakS^pX&OTe5I$)6V{3+yOD7vY~aR-~_iGB>FOVB4#?a0nVYcn(B
zY)eahZ;}kksU#=ZHxQ~}9+PkfV%e>_TAKNI&esQuGpsuN*;_>y?`z7dCANBP$w}_;
z4CPi;)kJoE^ySXH+zgGD*H#yuR361~e=+*>VGdQ3^zkhp>^lAh55X45%$M9?r^zqN
z65kkEJPM4<4$$rlHP<MrPlkCr^DZVB4kr!wAR%jlTfxN%Y*kSeqhIw0)NHTFkN?l)
zXS^o=*iG^ylKvupvK|OTcCH5VKKIpD5oK*Zm{v&%_K`4AcG*n8<Uu9!y2@*o)bt26
zWf?l@5Iqilo)OAk=RzR@g6dvXYmS}PSu~F)WL5;dYSHQrFV#dAcqJI2ym`&$-r9Y)
zVP4y{RcLZ0sl;U}k=qoD(H*cs2lR>JqZd*TrXE+8$3G2m88CF`&`Wt^<8n5p{)&YT
z##@NY4Y_dADRt;{OCKl={SB{er?+rP-n$?llCh4D{~aV6`yKR{z4-*l8QI!-<uKSl
z6Hh0hzc8au`fw%3qCZGgv5+O}nJ-VsQ}G3n2sUMrc@<I6y8@qP^CZVK|3f+SUilP`
zscx(eQBSAUwj$uRyM-5qrFBI+mX?+lj~owr+#8_I_?kh$0xLFzvNZMmMwD6nQDvp6
z;^-s|_M!TaDVw?p`+Ucu00-oGHsYHH;lhS*E!T9|Ixs&ka4C~9S0iV_MwxXHiEpnF
z6f`n6J*yf`OTxtHa6#7|8f%Ux;7fR)^vXTD=*@h2jGJm?@XN=Ut4z;oz#kKfvnLQJ
zX2A6x1qu!ua39Yl$ES+g?7s!IZC;pb6crUqCWpFwqp?dhSTQ@q))>Dn-imD;HUt}g
z;*&RiRTr)DV{HUo@chN_3s+AuNz0}9S;`YvhT;T!;;y0!^I47FQ4o=bOL4?PTPGy0
zc=Kzu(Y*9~LQ+XB3n?ioql(Iq8TI8?5*1jI&0ME^8kr5R2I&hO#VXI4Cb;L`8g38G
zCrAv{F&WPHcuFvgb)fE9(eSJg2D+^Wq~r!)_S0KJFB?qaIXxYzTC<B5{A(&hY<O;C
zInu#2ow!ZOltU^|=D$3zDNEuwR}PbU)wGCeq4~lkt+flO%dAFY`Z7jhYOgqBc678y
za&k)KR%!;@RMJaZkvlsNDP`Ijz_zg>-mcti3Q4TW6!F7^=Yk9O{5Ri<Ia?p8Q0HuZ
ztI-PWvJ{}Ocjb9(^~x%`7nDC4kzkVFj;SlE{`9=x&o_6pum_d%?i-U}svvJ<@sEfb
z;&(Xbx53%nXGIli{q-$1ugk>n_-f7~%>%_6hAOCs*}|=?%c5Pz6nKf>?b$KAj~U)c
z%$bs;sv6pQ7w3XbB!qD?v<*0DBu-TuSutU9gjPD#B?lc<I`?{umIMsRO6S2W+o-y)
zs8(mHcdE?h9dEm*>vlO7+!k&Jz3xE4>V3SX`);Xu=~O_{RlPl-YPo$dJy3e6C~N=O
zhsqGSovddB^a!{iOxpyXyF|fMj%bfnv`F`QZ1+jO(WMU+-XD5FR_61h9n=3ih~RZA
zmL%1qcdt<q={iU?)nEpq%LCwuls-i033*kWv}+Czz42uzb~m!nY9Y8t2yloW2BTd*
zsg@RHu`_Q=$(c0cXq)Y2iH>Kq|3Z1pF5E&w6xbqXT&09zVRdQvDT0zB$8@yGLUWpG
z`7N%(Es8|A(9~)HFax>&Q)Q9Kd}a_aJfoRU+qz~-L>%PFZ7|CFtqe>0_pWzfcx#lH
zn8+YvK`#VaN*LnP8Z?Yymu*Cm{Wf%rdi=u|5o*hQ=M%h*!XDkDXMSu+nqZA;OMR?h
z14IgMBy26R&462G`at0;BncTt^}U|U9;Y!DZC$89wXt`rEx(`fJ-lX&p?g^lJ?uIA
z$#RvfCIb3FR(+#Iwqb^mk`gd|E@D8qz{bES8*;``7c!%;wZBgbn@X3FKVWu*v!D32
ztSZEC^l2D^V7NvP8$|>J$~r9=s9*V!W2hnHmNYK!9iD|kCcho45(5u=-2_En>goHB
zUcp6bt4TvzX@x1xm+vgmvsRpic$$77;s`G=yCfO`kFy8k%t{m!sE7GoJa?HFD|!%)
z9S!A!z!edS5r0ZGRSwffTBxN9C8VoFb2Ne5tVfLwAkUt_5ACFB(B;@{$2$NtsbjaO
z4(03CeK^|k&5n~PsBWWXA7nFtK~SRFa#rSw{KWrEex_^kkKQCd>d-IpSGR*e4Vgq`
z%$N6wWgL<62;fAJLzuBqL9~<+w2O~=2s#4ut2@}XvR?@s6^vUv{x-B@SR=w^ES!>c
z#2%OH;wRPsk-3bvuu@V4Yxhwngg0-@g13qo=;PuCC+Qpw<1rre%WyLkWu~k|%(5k3
zLPM&J&yqm#88ukR+^wazzP7#0aI@M{{00!LYq=ES89GmFKzoqF4?RiQwtBgs?YDLD
zaJt4CNX$k(vF|9aaJlcVtL2;k138v}@~XY7$qMRN$H&u;3wVr8qbwivPDS*VPt!fV
zOujS1G)&Hx87@6DCmW1s>x#5?a2iXIUgo2*n!C!7&Z<WfpU5cL?4IHX9~8fDznZiu
z(GUtRM)9+%WDOpC$=){_D$<qPsSrw{M<Df4G#X;Mt${O8EK#n(6SVO@OFsXdGQ2_)
z$cENl25GrYeoh~P;9nq!@dUV?_XLVuyKv5+CErg89+37jjrR7~@>Z(uF*7IdC@wG_
zO^Duk6=gdVJ)0YhgQrN@J1n2c_g3K<Uo(){_bRn*thv%|weqeo8q@%TXkz+g=aT)S
zYt9MyrO|^DoD@S>0`JNV`tiMbz+0M7+DcV*hwJH2*9JJHDaiFODx^Bk^PZ1ChbW)T
zrXWtJ?mKLd_MLY-z*Zj@@XTh;qx6s{m*Modb)CNk%akE*0o8GAQIU!0Y2X5x{LkBm
z&xSG9+@7<XmYN-vei?IXfyrpHpDgM=(z}xp0z8_SJuOtZjjp)W>OjC>uCW@AQ_S4o
z^xiXFQEyGv?QP|rPTO;it%gUbtm`5=GreZxqHH8IL&bbbf`Js6$*WlIZ(qJSyJRm{
zccTs{I<VN7I(j{=JJYa|7)a)HtBUnWqddkqy;aNehcROBO9X55Zq2bJDC*Sv&r0mI
z_~Vfti?|_}XC<j7vNgP@aV+?9aTJ6lEaaNqcLY94&eEIKm9m7-?hdIE<!=##(u-KG
zVzfFg5?YKwSS_$xQQlA7RRKjVuuoUW*9k~H4aa%(p`<G^Tg2MP$Rw?7QW(MQ)D)NP
zqo}O_=_uP4qQvmQj7B`~9FOWFu5Zs;7D>RlyUW8T$fH8lGW#5JkE`FRiLi&qwFGDs
zevN;YMIVVr&vjThciYUFfGLptLml!14N3#t=ztfIgRj6ad`u;4BxK;4WHBK50JT9o
zy}g`aLn{s&=jbTE%Now6fapWG&Fw>WMzeQB-$CIomK%1vgKy!w<VYMvWYK;pv@~p)
z6wQ36-EK&mpg3%Bm%V1G46B_2?2La;lb=^E#7lsV(BTbmD@G&?0lI2xEV2zY`Pz7U
zTqfVupW>-^P@C+g>H%g^Yn@V#lcdiWzl{Z{&hE4TSzT$&w&9V5+N>p{C44+-k`T~p
ze^}6+&#&%Vgw>2VTu?8B?U{2%Yqp&k_?z8<;a<~8H3#>m>ATEtZx*fCFcYXZ-=%qG
z)K{{4Rv$hSkeshIt<wWrXxla&8?t|{p7N5zp|%efT#VgL<x@qtzqN5#qUa|zWND10
zWp>oxSx>?RR4>o=;FXK_5|AQvPA+*f;5(P{pqTYF#{hL0lnMsnX{c<hew2Ot6Av`)
z+NP6&oG4~3*{Ilvx-n^kppG)U;SN9KlV!2=bij%w0V~Esj}SWO;YDg0hCa?5cS)8T
zv}Wj9=M?7Hb9J3MIV##?7H3D9(vo74qpGuJ@%Vyo*LA?oXbPh||LM3GU9x_tg04tO
za`f9djeBKnh$xlt(h|s`wnweHtgMb~M)NT@F=`MYHX9=Eyqcw$_9(bjRLi0)x<%d4
zMweAbg&mVCN{rwk*=jyBJTDs=GEEPD4vYwXCXmA;YT5&2@FcMU$vwtl{qS3?7cbI)
zwXbUqWPZI{No!I3hq5-hrHYlHbZ=2~$t&`+{4@EPugO1hll+*0zsRrN4Fb{Rz<HSj
zUb<2*i%kHP+EOJ>m0v5^P@MA#?tcLmpXx)0?#Xp#WrX^W{@ko^<l?mw<EcW0t&Mc~
zV{>HrRdu`Ay*!$XuVOzoD|@7po-U=uNr>Ry68yP2b8{ESEun<wOVU(hT>RKh`s3J&
z3L;IBKR3VsdF+@F#y_IP?)~YtKf3nELjRb-59A`NVPssBpW~m&|LB_h!#Bx~$NP)?
zn5!UAEjFV<4f3AmVOQf}!R4Y_^x!|0Q`0SdGX7WuTM3jALi6YK-|K^0*>h(j-$Awo
z9UEhe-$A1#=i$0y|F(dwL0#Hk%U-wvD_Ou}D@fl8p-KPq`tS7ta)Q@}+C^IlMTvGT
zP_e0To86W8X03t4ko`#XRc8#Bk9<$ZFvJkYamGcP<GBz8CATie=k{lrI{IIkDrkHM
zy|6yr!Cf*vH}vXrX`~Qo>dz?u`GtWa;6dk9h^J_%&pQ#5i_*rGI=$%3Eucg*{{l1|
z7xqa=-_KTJQ-qi9t)~Qx2>$odezl6M<b)oF?y+g3A=3%|YDN0<aMc9Zs$M@^3H*>}
zz=n;c5J)Kb(aPh;;WEDd5mNO3@t(Yj`P*5MKpa4V&eiKjR?m+NpR3#+5DiTD75SIx
z0rI0>(I2M1iR+5`$pI5y@^=w5?s|hjS9>vL`^UXRT<?YMzw9NDc;{*_-RM8|@&(vS
z4UlJa_4+S)Mul*!S9_Vcb<+zG?_7H!JkWV;F9`I<$^d};LBSuW{$D0PT-7hPsqF4=
zr}0hLpA7!qvIFV{Tl4#wDT7%l(|I2SR<fm(jN*#~6(H-gmb7D-01@g}+&C8r+<3c}
zTznGz!iu7-3O{8=n1f4RhK!9JpPiUhwz?r{y`vq@XdGl`!x~~7%aK=LdgK-(Wrpgk
za9e?h$lENHEwXDjH9y7HYOXVFUhfps0sU-G67=y%NA1#c(~ClE!cp(^yc8O)k>O3}
z@$2XVzc#CyrX$Z8jd-nWx9_q2Yx77F&8@0m4M~4)W;YH275!@WXSaXTw^#n4QxXXj
z0zmxg^<TWoOPI(jk}qA|L%8Wx0x9g}@eq_?rLUTS<S&(Eo(NsN1AcCUV1R!=ez1T3
z{(cF%{@azi0KxtI<8Qw(uHXM^^~1-6%lxBcQP+}PUE}&qGJnP7pOV3yT<`L4CByuA
z^#2{n@D!0id_eoF*S~u|5DgsLm1GP4fMh6F(lv3x)L%)}vF@KEe-{SSb=~Z$=~e#|
z1N-`ij9vDteNFfO-M-?!1G|9%+5CI|U+w+shw#TQ(Esc#AAxLuZ(jBP?dujYKige>
z`VRd3{P?e5q#b{(5&+|$PWaOaKV0M=P5A$ZCK#SXs@Lz1rV-DyRF=EO6iN|2TZ#uV
z@z_5@6@lui94SD#-T|*wWte`#9(B@FC+Pcg<AOEIQ{~9xyb5pYDRw<6>rNl%0vy;2
z!q|w{>keKUN*D7&xZ$bAxoD0C=s9TAzhVu!!jAqay>8$MvhuuR6kV^~#RYm#x}de=
zf^wx$KA#r9(Kp2MBgT~worpk(-OgiM2{Kc$=}F!(x}@t0-1q;P{2bTh@4HEUTIye3
zM1BAS0`i$-zGMIuVcyPlmYc$s^$RW$J6=M)&X97<lc*|l44o!pMd$q@4K<tvaAH-<
zt6W}+c;r&Fh3z(_`%Z~*=X>pzPy;#7L#n`{Ht-;;lL@~QE!BsQNlmPmrRITprP#7Q
z-$A+(+6Rqjvo5;$FOBjmtg<yE?>x@UZO+TA@}1!`$uE>Ai(p3*P$7l~Ie7&^SD|7n
z+9pss;0fDRhmpn|AF<!w3lXO+2=WMGoQ?r`T*!M~XT<E*=U;&X{p-CvqRB~QZ)A(7
zW1H9Ky0ptc8Li6`?BCwPOk7gzXF^C*Y}0-hp7i$*e*^)B^G}cb(UE@{&>yS$dyahB
zUHB$CnaVoy<_r#-x;ZovFW;q4#eir2ar&Kh05qgQ(2WSWKwK6~tTwj-!(wdtv^$K?
zd;9R$iz2dUT0u^NKdEQ;lIvp>Ca@#*J6SYM?*xdnJF;Wj-0~ELxA3rG#(!|@D(2_=
zXYzAilfU;S`5C8vk^gGul49GnyRbZ5cG9QvuwKiwDF?{+z8Y*`B7K7WXR!Z%u>UxX
zA0G9Oj{MP)|5m6~jJuEk^{Lo7yA1sfdICJ5HLnXi4=9{d^d0mP`FR@Z;zv`FosdJ`
zH<@updou{P5y`!I5YLAvM>sg1uJk1AWu3z(Ko66FHQQ@`#L}92S7jwr%RQBe1^UdU
z_&UeuOZ(6I;c5yWEbw;OJV`Wo<SQo~rpENO56)~B{lf%uVM2^O{Yu`^JzXyt9qnnp
zL6<R=*%fM}hk_?+z_S4TYXx3&x4cR1f%-(TPl2@)xEte)N52Jsb#d^z`?#>LM9-Y{
z6Ja}nbUIA6y}C;}+DE8ShN=9N<~paYbc5twq;+QQ_k#1rE^3#)6ql#$Vxqpi)*;@r
z&8Sg1VTCV8P;v2AlBP+RcB89d&td!%J<=>Wq?T5=&W9=CNl!FV?*Yp@1_1%I4C!t;
zA02Rs6a(m*q&0BY4$7+Pt^{L(wJlZq*&E9%@(cYl`MIvi-*c1vY>~gn&o~JJZN;U^
zrMI#Q4cD=j)b-~?-Ye>+u>WLl{{E}mBK9UOci-Pi)c+A;{pxFN3|l{eyG!zm1X~T-
zVDXJuErOICf3|vZVo50!Zi6%u$yTevL9B69g=ZhT0I$-$TXF#>cClv)ta+I@uXlzN
zdA>Ay<X`AwqE*i!CagtQUmH(YD<TT4Z<T%dc~Ec_*W^3M6BkPJL3{u2WjPSsWT3e8
zaq>Ez_xc?9+xt-XKEB_MGytso$@;nR0E6`SOHq-D&Td=ud-f1hL96P=i8zA;dR-)k
zZllMa)!a}vP)wdzmim3O@_GD(7bBuVozV_hdf~SL`E7)A^%o+MXZ3`w8NEk?c`XCn
zL)q1r_&->D08Rj@V{o%^=QAJ!4oa%)Z->vk#4+*rS|u0UiPbr5i+eXY^@Z=uF+_wQ
z-k6yY1TBaPY@Nl7U%pp?5Hd1lpvxZ<r2ZXLFXFq5{<kA?fRV9U=+l;Lpd9A6RE)kR
z$;M9<7S7UfL8iBx@yWi=>t9OA=Jl_Eu;>RCx~qshgP-^gngcTbkv~D;j{|_@@>Y&e
z;?@>FyJl<i!X-c%)EVvd{-y)!Gc8E)Mz%e>9t6eX!da=8Fx*2yH_x<PXhaclrk8iI
zld3kbEU|}=sW2pV1tbyt>)e6l+CF5!=$?AbJ*X`}L4#E+kJuiQD|5-hhZAa?SM|Cf
z8$B-H{@=7EwtdMxf59SkKEu&3nsU!_xI9hh(U-z09gEMLy4ayDdK04q6J04GN1en$
zTy2lWLg;as{~E*JJ48zwf*at7GQO3wyD@&6i}A(L_<gZQxMSnErr5=;|LJJz2447Q
zdG#~)T|${o6w$CmsbOWxs4uHaP5={FY5Wge2n$eRRZMtbtT^$xz=x6(wMX+EMPPKS
zllabWpIf&!iz%cWaW?kyv{PpRJv8`h?EYm$=;upg?||nT%t#MV%D;meQ7-TGo%A?t
z!8UVpR!$lPrXpt;-}_n)lbU(}4C9py4+X!G0jhV2o%Xvx8+C&7L6#0+8EK7mPPlDW
z!sptsQ<0Lxmn{S3k(*OQXRdUYfFii={5EQlzw4tL=@Cveu*ONP;Q4Ojyx7kVOjjR7
zd{<KcgXmZGU!1$3hhld2sxsOX;o!3^TYRPY2JonVRzd@2WOK6?NBo2CFkdq5*tIZ6
zKzo3v3;%_V8wMRt-6DWHe2BD}-7nBg-?;8MX8fM=Oik^#@wgg-8)y8N3b4=Ujh}c)
zm&WgHe{SP4(CKcwDvZ0l`BG_Ks%zYGxu0N=d+G%zE{=I=hx@aEXCIUQvo-6!a*)A8
zP2uQ3*Q4_K{Myuw8=t@k=#xs6>#ke*U+cQ-e*CwtyCVP7e<nZoHTk=5lAlNT7x_2d
z0@vaH>cue+`)pIE_`zwJoC$h`JY(zoF0i}ByqB0esEN0MB_Y^92txMgal6`!Jpc}8
z|L618xsz9LA|*4lRos?h>3EcO_(*H2fcFA{rXMVbwvoVKaq+5Bjm+xq%;ZB>bcI$N
zl()zKy{^#S2?h(^aWSx<q3#zMKK6g5pgBobI>}=CL3^d~FQi>-wbu`=zE_oDUc&)?
zU-V|zzvtaUt)7pi%Cfx1`7Ws=4<L-m^B1)AFG#*or%FXzg$XGg+wO??eslg?Y2Y*w
z;y+}3$<?U!he_+udvkUG6!-hh)~+n#Z->>~T=OzC*PL}C4MDfpz_Q^v2Xe>k*AcFl
z*7NvmQ|Dv5o23k)S$351l6bX5@UR~<KG`+?og}83E(s#FwE@#E4=x4SKkvlK$rq$9
zovE4pH#K}!=G_`{)_0K6#9P#_0A01)f{R@2HOF!W0t02Tr)?8$?Tz#CAGe9%puG7z
zD=9CrXdvnbXAgSK6S_~8BfTjqN@^IP#%H%~9&_UiqDp!+Z$@92jmQZ+8&JLmXfEe}
zR+k%?RMoASCEPuXoGfvel9e3}XSk*}(D?p;Zmd;90-jGXKbhcoRmrI(MX%-*;@|#0
zKOvQ7x3zvcO7p}@>M&@_wdh4$KMC~jO;sm8q=9g(P-G@P&A2P2I0qgzus_VkLhKwx
z90<a6(k@PZIL^Ny@w=a})*Rz|lsT7--7j+389pdxW?C%oJ~Bl&cYDs%&V0@2dHewE
zw?H4^`@})*n)JBbbS1$8gh`zXD3;Hsq#j~x#NDP%T_`)4!*j8h+|68#pQTFfHPSyC
zeWFKiC*$a(`*1gVW>a1woxM<rW4xG=e#Fpz3ZWL`o$1nZvv?pFD82#;Iz>6eE0CU#
z+=0*<vpWW_lW_1=BQ@m!X(*K2`YUAqTo1Dc%T-sQZc_S{bBXrvAr)N`grjPn3AxV_
z?I;oU3$H)Qy|Pm2x3{KkSb?6$pbmv{@DVkT05zXRPlBF~=}R~fe+Tg}LiOf9LdjD}
zul}AcTFT#<$GFaO={U9_K)yR0UDOcMfFFOfMy{c)IYH;Ix|TGsdvGQg#0PcJ->fV2
zYM)8U**pWDPy))*Lc9WYpmZdD)(aX%cgfrKGh((gp%$uB3!MH8MPyY3sq@$tBn!C=
zK4D1*UcUu(W$dRf+2^NJl6IuQ#?h7S*iP#@ed%}^O?F<tJF~w=jlD5_eHMSrYPRnj
zgT8pg8HsW09)7~Gt@0t@WK}!QEKDm9>eLBe3~6Z;P?|Kz;GiV_o%&C&jp~w)yfCOM
z|4<r(ulDfsm6HJfckR#XM+os9bR7|r-uU$Q@!?;laz%die<nZAHTk=4l3(!n7x@De
zK_DP5QTRVB@m(OG{w<=_N@WIziiC8@mk(`vcE{%HJhdEq%`a;^S-HJgp=J3{<}sUv
z>ww|@Es+=5Z{4rv1}*<NG#J?;Y)vH`J@nd~@<P_mDj<tcjcI+-BHq{Su4eIn_#Cb#
z1;3rcU%meSL4W;rtgA5W#<A2GiiHuv7s8pr{=tJ*``GU-$Cf<XxvqQ^)8Bc9{~UMy
zr{Ljtw|^Bf0x{$PDlmfvVn%E)ebbdo{dm2rS=2wwoJxd$#|X`h5C7+<X?++Q0z|vp
zxt6(tf#J&|EygMlqdnUGh;T`M(qk1matZ<6E-ZV~ol`F-3hya+=7hp`m;4@*lK#$w
z|DB2A|JBp|bFlw%>Eq9s0kfPd@@xMy`FXF&-+7b#A_c$5A1(+a5dFIN@&Bxv4M3Pa
zcMB1CQ|=-R>CjgNqeV_Gg@3k0t0Lt<mmIGiV0-QJ#>~l;^x%`%=Q2KFpsrW>ou=G<
z?4(=wJ-9*PEc=KTNdi-X7q@l<canyx<3?3479aW(pV=zEI5gdX_LWbwx>|x8%t5}y
zirnlp4yXF@v)>#|f{pNIaf|7~is*8kPuepOou1KuYm>EYHI_%v{jk?wvL1Px{Be5D
zqs!eMx3Eg!lFVn4qef%Db7r%1Ka-QAm26u#;tI7!Y|T+ebnF^3Ri$Yn;3hkiZcF?#
z+bD!+MFb6yG*x}3io0#QI;RpN_^WaJN(&CULxx1gfJ!>1mzV9@iOL)S+wMuAY%13%
z-Gsw=S_M+C8+BLTXpN4=r!Q{w-v+m*Wb4ayqPj!hGQA^St08?w(s|?|tUgSr)ELKC
zPM6bPu!?B@Ok|!5>+)_rBZf7sMvqy|TJR+~cgK#l-2Y(hJ)@dhyY}DE1eGF9nt%!d
zQl%phKoJm;-aASSA@mYTsL~=uKtMr?(n~-}2!twCq!S=YC-hF}()Nk_efBy3=X}`X
zjB(x%`4*DJ%DR8|yyv{;HQ$JPRGbE|<+9F@{ff0NRKBRc5GYP*V}1V=3{>pYHwV#+
zih!5Hm4HgFUywc`q`#)uj*Wcvnm-*sV+(w<{QmrGB~&cPe3i<!9Yv>n$9SNaVy^G8
zf;I3`prt}XZ4WlhigwOeDL*Ti)~KVir6}1An?+9o_`bja^YY}YuoUA4IP+37Oz+wI
zhHv}d77r`T%?#gKjU(>q2(lT~QkR{$s|}oC-AbTh=jTR&m*i$Jp`8$HZk%k@5#Uhr
z^;FvgEz}dn@8_RApPshRa;|t%Oq|$BF?Dqdp$%)|t6QK-dARzR9VmdnXh@|y4V}dC
zX~EnD5+m9I;tr<N%1^`1FBN`8sJPhP#1t;hHm2&7GO7ZYi9;WY#Jb&wvhH<iX>?Nq
zZ^m7{-}apqIaRJi4AhcnC-itz(%>T(6A|74k#AVD-c0yCY+*4dyMaqzxXQ=(6wN>r
zK($Uk8Eg03xJlZC#^8YN5u19v_p$7Q%dz2Kzd*x%_f?n89A0g1Tkb|*$k9X_K_RY=
z$-lloyi;LPRLN5ewxT(=>}Nu&Y=YAFiqfjT?2y4Ic8!~WdDbA1_=arW29r1~`e~z5
zPwuu7n~&bH1{*i{yo2)fgB3>-eg&j!ea;;y$6tUhtW^B9MxnS{o;C*46~8uM!S9Kl
zJevh#^Tvd>Gv+kEs@*=JeuR-DmLV9{=ME#M60fgcUpSv3-Z!0}4tIJz!_aWW<2*Im
zB#r|Md`R2v+yugj5w2;aADO#}*!ju#T$_2$jqnC@zv7dY{FQ?-Qz2#m?Z}krX{hh9
z`G?Mz*aOD+0RGibg4G=_iKMm$MyNKP(60V$ic*;bsNHZ<_MT{I2#2`Y87x?j9+w1z
zVTvz>*qdt+5!_ifX}1l$nYEC6o9gwW{l>{4vxsR;m!e&Qd-~#<msNpul=tJl+6>JU
zxm7_MJ<q_yayA;Gc;0qA$PDru*#LL==$fZQ7(yc^w<trHKG>ZtnrXbZngse{W&V;U
zjz##(ubLH>UmM`@?So^d8m!IGvPEiogos0H_-?1{SjJ}*WVmNJW|&it+-xgA=bCRr
zu{kIM*wr=Dlf*IFVzY65Juv{kSZ2D;TKCZ}|64_uA8^`zK=Kdyt^b|;@_&=R_rJ-n
zVf_#JYu^wYT$30GhN_js&2F7&QjP~B`IrjkTnFk3#mKPll6~5H=Z0ffU6++Ob=Sz$
zAKG-~PssazhE0UBcoosGKo<=$M>k_f`!q~CJ(TZh_IEty)(>VgsmsK1GMOSfEd2eF
z!np1vOYPB&)*)N3TUu@q#yO&;N+<0XD|$cO^|*U-EoXs-oIo`pg%WY=UO%4Ck3RnD
zrnvh$R2F_<{dSfOv)iP|Q>K`6{9%?4>yj^gGhs#!TVNy&mmtFnNAqN0K9GD*Y@)oJ
zAV1R~14E>y+7;*;uLkH+;Y^>d+X?$YhV-q}Z|9@XW}6Rfaq2!N9NwP!kfqh?MVYR^
zj;S7@GV>qOs=ZZVJEHJK?QkUY&g4&MG8n>_b9zJ@ZV+&7gO8+a)S<q9RB)y7X*%6g
z#Qp4kwfp53bV3DO6&;B`l4ofN1JCb$eB;dIbteV>KJ*DWVFV@p!YDzQL=jn=^o_pP
zLq5mFQATFkU!lpE%O%F=Jdj7nd!+LFXPW6rCa$B3ADeBHZ=_KopEpNA6DUoz6X~mN
zZ41W&%MjxAfrU3CBQvIK{pO*;1iPAI5)mA8<~cFTQk2ZjtJYY^M{2G14n-}2X6yRa
z7mI>H^dUS2Za$UZ#FB!Nep=>sGKC^`aBVKN08W=z4P&dgkw5lIUG4RogADmVT7ngb
zh&~PJLw5ANYJ2(BgzVJOO*56chJt}t-ZbfV=Mzc;X)Ve*NX8s8CWUM}>E=Ka{j37E
z%vM>_9EU`iuWV+e$9J}U<Vr^SG!yvJDDwF%;lw6MmUR(dgd?1elPvlq<PMlqQ4Aa(
zcTHt`B35(sWwWD8>e2%?t5prCE9C50Cx#`;viJu^_b+!{?O^*aJ6IGtkN~i*3IhQ9
zEQy6%=X(d)^Y8Z?MCeX4=Crl9fIPq4Bp;{0Hdk#h`L;6~j)pv)1tVl}v)B9SdRYwK
zQ@-c+sgxa6U_DKI3L=cH+Ft3O$~J`<PG9jN0n+Eh2j5U;QpIU*#ZSO4!vhS;UU}lK
zf_YN~Y9ToFqaik^%@oM*_Pe)H2OJAh&pX&f*DZnAD4%tN5Qhkz`t5=n?~~`BN`1e+
zlf@6CX?L?N&eAt%P0<~LZ_&$4G6ae^1J=vZ@!FBD$Qk9AV}g>7n2N2NTRw3L^Btr%
zSY4Cs`@=gv(D^{27v?vMuRpv`nE+D@0IaMu<C!9M%BPIR(ha|&KiW8ozVUXDxkHVN
zEIXxFNx@}*beRMH@&U{5zh0=R=ji!*Tv6Kh%@5;z%knhZ45l+xw`RNF>5TaKPIjUh
z8=bb=H6eR4$znD!Gf!(9H8UqcR7I&l`jF1inNK$*B}|*JGj`yu>Lu83fK%BjI8WT~
zZVW=1%ZcWtoA(rt?M@JG#TGA7UKYjELBoDV$9W4~<MPV3B^J}-PaM+{<~W59E>tTv
z&0dYy_6knmG<;nclf}dHy>qD*&gQyinX1zbQ>-lYW~bfKuHQ4cdV(eOtC-Sk*3@{3
zY*u<|@vIsUNGxvQzo&(Q)e-F5B~WQBWVt3!T{+$)Ag9c~u_Kz?pMJKDe_EQ*rbC+A
zNmxk_GDOZvIWJi(%ZLp^-95fl0^NwAADdJqTTeA&8fZT#o%1jD&1AJ+1^_TvdCuZF
z=!eY!qh_8=_lfqIv1fP0BC?ODqKXh}3f$Erl4b8(6E38aJWCl-e7&SMMzBGTOPrZ>
ztw0&mbxi7<X`MVrudddMYpp2;z@@@v<<8nAbGcItag9%@396TIV;UTzY0HCCPnI#s
z)+F(5*UTR6?nZbAUL*>Kr>Zr{LR8E{_AGb}6c?24tj1mJB2RsBPPXvF4Pr6d#|paS
z@|OZ^9qHM;)wRtL?URNDJMU_~zskmG3w>BxO}N177eHlqfTof{e#S689HRiWEk!X+
z5cQG%)h&p%cAClIAM*SDJNbcslmGjFlV6wqAM*c<0sv@edy9U4U%ncAMN^wy&szXc
zTqutFx#8JjtdqQj+%joPu<+&>pPCSfx{xD}cFB+B1{GypOvUDuCvKV>5Vb)$hZLu<
z1Pj0PB7<ZpVfUb~(3OUeTgB0q6WcaKF6KHl2aLhH{lNj-N7~nB>kv|Txtk&deeR0E
zUmk5-odT(}9p?inf)u?9Exw=7S<)R$OV2tU9d{A(f790ZXB(vxd-+EAGE=c^KT2DU
z)G?>6?JqxTKh8oHg>o#vG%yE|6%PnC$+pHkXu&{!O89m^YL;~cZlYBTR8*J^nE}2G
zM431$=edqa#@Q0D9R3;UJJgr0X83q>qY>92&cISD@a>dM>62RxaSAU*qsg7lZk&L&
z7toQP>ti3p*4z1fSB&)HxVK0B7O^g3&zM?}SCjX<s;z;|<W8_m7eE)ihukSaNXHy<
z(n-E+LMBLEzm;TZ{F$Z1JImN~R9@R{;nLN+>D&PFpn0@d&-aLwIu&fRhqyqAPCEtk
zt-B<}zy)8Wkc<S}2##EMC@9HQx{(pFA)7YyR$O@a?KIJ3sBFN(ks*DM@n~L_^0PEL
zb!OLWhaE-M9RZTg78Xr^n+&$}+SWSAu*Kb8>*5_gl1zM9mShOEMXmbn-2ETP{*Js3
z9SJZ(RK(?Ws_ec0?ip_WyPIhOwP(QDcr)9#6RESx<3d!aR0%Y;n#Yc!7#O;1P$7T4
zxWmg6E!8R%8IQT0_EVKD1q<3%q6?D#@pF?_<d#~=kFR0Fyv$v`$gD3;6O+{GjPb>C
zw>*2wIF=^j3Fb2@00ug8eHG6u@x81b_~)<BCBgABlY<Xzum1%w0a5{c80<I>V;Xgh
zAGdXb)AxqnR7g;H8IL^}-w~m^(p;yEUXD(7SCj>0_7tdv9ocx)w>=GMo~#X$C*;F5
zX---OID#8h>`xoj#(d_!nwq<qi^}$TFE{WjzM%=2YC?WIY=D$Io(pyZlQdAi9X}VF
z0iM~EyjOI80azTbLI^?*rHZKn_h8OF)z&YYH5+2k-026??dJ9I^&GEA?r@Bcp5~~e
zcXDu`M;DrtdslTx@vx;;d7W#`EG*sr<ufE2Fs3Ip7<+W``t~A)W6G{#LwRh_0}qiz
z9G-7{=Qe5d52?FXTc2zth{lGg0}O?%x{yGQoi5%$zighk7g;(<V}>*oYjmfM9m626
z4Z67|m(C%PS(i`4*H%<LG6d2lE(l(@P?Y+_;`olxm#XuLk`ta)d91z?nMVly<Gsr-
zMQ4jJ>LKgq0pHZVP1XljmAC;Z&{Hb@?<^EE{Rsgc+e+**=U>ulj(}b-Mw(i;1x|&6
z`nL|OUAF>^LN0g}Zu4?ZO>mwN=Db?JSxM7ogEn)g{-RsC3m<rw=jirAo=Lv?G^K0f
zKt3iTl!B$2!DS8j(1(V?avJOjHlwba474oG46TYbRh5xHH{87rRSy!J%)Hqvta;Rv
z-PObI0SBymipLFW$zp}RKwm7X<9!i`-m+<nF4zggdPil*xe+%*Y)uahfC*DQH79>p
zLf>_gPA);zpsMPT?VOfqb7qwYdVSE`G1Xc1(YoxNY(~f1c4OMpD{HzetA$)>Q03R0
zBb!B*T<VZ6ug%+Y47EkWTl0-*S(ndw*_v-r?yHihLT3e;blpfvc6zPwe$=jA!cq<2
zF#|NE-7KLDcT*GmVj>~a$BjfO#QTm|O7<ZrgB-r?!_3oyH$m5__P@JKHHIDzIRiGU
z#p4cCJSWrNRERWr6rDy&2FARq)kHWHEu~cQ9#j;D-r)Q4|NC_hO)w01JTn%@iJTr~
zZshbEYx)q5?L&tZww;lYsl89q*<M6UA2WOy{zHEMe<#1f-{kN4Z}J=U{6l_0b^ze=
zbuW?>?BO}F(dO#IBGY9L3Z}0cb$zq9QNy`=Pm8ri_`zwa#5Q+;>POZ)5Ph#<18cmO
z;u;H~z&o!gq~tT9xZt@~zkd8j05wur6hqzxVZ3+(0h1O^xQAc&Te58}V4!II<DMS-
z7r@5;>UA>%^sTCN>uc7m%1N(8fdRIf!%Fs+)^rWLR$d@cXVn@%L&C4S#<si>hY$98
z>&*2;CNSI9kg0>6?qGtiMaEC+{rxM9R_Ktw7XvNLVp2HVKB~yJ^qGBCW7LZ1H>XdJ
zDj$tFS~ELOI)jOd>S{+Pw%YyaM7cfX4iQd>Z3z)hrylhff)Z=^J2#5NIX>_1_7*5?
z(j1J|Tt4_^?kqJr!=wB(nYe=;TIMIMV@eqF(4RyY^DqdgpwYz$x+n;p2AgX<w@C&E
zrlsatFv+mPoI@C&p@$MAEU&FqRXN$AlOI7ni$Y;403UR4RpG|xgd7;zckAY585hIJ
z1IUYs4rT0xVyRQz%7B~jRgWNlCS!W`iz~);f@hZs1JTpJ0Oq5Ig@&z!<MPLrwKS#t
z@!}nujA;usF?nuRYBnxTvx6M!pX=x)bOjPId0D5{8YnY@fyNum+xVVMNN&}D)C~8U
zYxjjdj@g81?dU#O3UwkGL&!hLx3**hTfUe8^_Yw*X)l`@u4MBMd&4+8(xoR2i+;J)
zh9~emo3xYnQS7pcwiUMk9b=?tlONa~aY+z~qq`$#!i!nBv&kHkaS-aj${Lk2Gx^^=
zY1QFgMo6G6m07!nKsfH9!g2Svi_ISwy2Ym&S}64B*5O0km|@e0oyaPs%3n=GFNeuX
z=bWX?TsVA=#*FYG0Y*0-x**wrFKA?cYzV}(wz6GgTsea!Z(Kc)3c#Pcm?>m2L@72^
z%Ta5|O+>~ww?yJuyQegi$<j)k4&(u^3@Tqzj}fg&lFck5<EVhs_zt=we>Q-@(YMnm
z=A+gaUslPT)vBn0N><^)Z&l%P!{o1Cm4VJm#eZ6T^DG<dT&U8SA^1vGp>LziQp?4&
zlbS-Mmo0co7;~Z}FS+za?n))il~<_~S9Hl4yz@Q7>p`tM&ZH_A`oIHvm~G?9mfw^+
znQ@NU(Wg!%ql~FzV($#%!sSM>oO>%9pjv@4Q#%k@{8HWbe$N*rIP}3VE>zqtNI4Hw
z^IIC7g=lJ>PFA8ag}mr>q56$}V@5XZFfA3fnXxaxuG}%HvQq%U0fiyPI;JxN{q8K^
z^q?%;VU~&=ea|JS1PndlXPVQ$!w0Q1f4ua}_gzH-e9^%ruS(k;z7p1gq>K=K6yVIm
zXfxu}4@{O;iJJ;E(PP%vYwwP@(aN_b(3DGDYU%7NC9X_0KK-aqbc#+c)Z&cBOj1a7
z?geJ08SS3*tRNP68Qttp-CQ)|TsP?l_c5@~h8fMcEGX{(5Sr#J$)&Ms9T$|Se}g)4
zpHhWV2}ClS%WY~tB?4x3>URdnyD%GHJ3h|XO_b~z$4N_}UwV`qE&Dy3Zs2wE(p%e8
z{v4zx>zZ9Cz;@2%v*c}H<IzUgu`Z39T52)#;<FYiq{?OAzp0p1keGzC`{5LiUB48X
zv)!cizPnM;xtKH?DyKoE)ngFT_sWl|-!^<i=9P{%j-6v-&rG{yvd3MERFjYDw=qfS
zWoG-;-J0f+`%+(>rM%KZg~!R52<zT?DEdP5i?bC=ZQ!{w@T%md7WQR>9k*lDHXLwh
zqYQZR9Y|47p}jDEh;3oem8(HE?VCrr7U+HzD0xp$A1U)di>3hJXa!AF!R#mu`IVYI
zkv`#mPhuQ7Q)6~ntj&Vz-W7MBO0>YnuV>^$9e&t#xlqp6EZNZgv7(WW5|8ec>F~v+
zby@Ac96kIdSNO4f!>#)6UjPYRqIc1lbtR4(+lqCwPYA|@&k&FMm&<UaPNPWw9QYsd
z=l?tT75^rG_kWY$BJdybdr|@b-ZLUkYw9Ly&9$p6Os%-7s-&)y+@gkoN5__*95DdI
z`5*qz(2?>@>swAISk(!v9x}sYLgL-+i!ySY<k;|<QC-#Zk++-Q5ti@gBW(w4p?QRr
zk+LwAIUtPLLQSgnlCCwrj7}&zEhZTj@wo|<<&-^M5r7gTid<w2eN@KU<F+EN{K<YK
z6!KER_hWr-&e1~a@Tv(uj@58U4G^c@U9oWW?Tn2J7OAYuN<X*DcM|bNGCf(&(Mtl^
z%(f9q>|G4HO0)wKM#J)$=T)5%UUGK;Kuz0_cF+PLwiBJAIln?8B}6Tr?hUZ^(#My_
ziBTL%u3AYAA2LG_hY-1ERaYZp7OIi2SmNbc7nIl!15)2l+&_~mHXDok{jGZ%=6sVq
z<oQ_PqhHQaSUT#GJE2KdV4O)vjU<G;{kD;(g;|e_!|f6FFUI7|w(DkQT))gtlYdMZ
z?Dd;HIG}@M&wMl0{>+5{1ZXlC3*ok1uYSN3)kl4W^NJe<^<;kJTB&ydEL-tJ)p&>0
zFR&c<mIPDz>C1tLLjKCwAPxV5xnJuUhT(J0(n{#gp|7OuTHs{3Q1BG4HG2D~uejoP
za`1J1yp$`qr|7n!4@{sd8kd$4i(~W2&@i1OKY!Hev6{-&aFR=77MbtF1=8V;d}2>7
z1ME`xc;ow5)#`eG;?VwUVu2Yj0K=Qm>%0IT$qozW?0a|~B+P!{yx2vkoO{2ZJ{h>2
ze@L8%SJ`POg5EG3v)8UucTekfs-KQ)b3M+buBN%Qb|M`$NToHQ@y=seFc(GGSyow3
zB5O4jJER@D$G(LWDhc0SH>O;o+@CqHtPAr!x#Gm^EdK>Cl|;+Io?i=<aLV^WveeHz
zX6(;scTLvC3v76uM!(1)eMgSr;<uaBl2NE7T9=+oP5Vfb1@mESf=R#lrXsFAAu(eh
z`n4r|NyPeL$Lpq(ZeuB<Y$42%kTZD;hNtdEnv-;DN(C<Kv{-^IOT-X=^uC3?Cgo-L
z4D*Z%cd+&+ip86A3`85_j9vY=-$`KU@^wW7cihP|EJWVsv9`w53K1`4Zs~KU)8)#{
z>gOtq5lw*31~W@{&dH9N2j~85==xfX`SBX(G8<CuCo=o;-&z$uRInM>Vh(|}PsVFC
z+^S$-4o&;$c)ENZFD15@Ll<9GMR#5?w!lXj8q*DQ4)_;7K!BQn04l<R%ph`v5P!ih
zvb(+g7B(Un=4CWrAGN`lab55E2YXBECzUe8<%ipzCxrS=qjg>N9P*O~+Kr;ror1ju
zNmlVSh$#?9B|L6s@;Qyxk)DI3Z-kI|-!L#{FPwx<-kb`|+*T!wZ&c-gly)+7)8zSe
z`4Zv{)8Km(w!;zvSuYHyzZSQjCA*WafHSJ2d-Og?K6Kj-Dxq-rx*uhzeQx~%u=QsR
zOVRwjhFe<+OE^t7HLZvy%hrdg6DIv^A<~02vbm)Z&$@vzP?k*lXqQq>YHylZp%$QF
z9tgRK<M?<xl?7EZj>uXf1YRY&-)>HZ0&l<tXu70Pz5%Z@<)+LZv$ucTF(G@h88Hzm
zEg-zviGC2@i$ae>?tSp6S_WWw7jo!kXEv}coak|c<m1SaY`H!QGLk|Hc4~0SDAM}o
zy05fUz)rkEUdhuf9<+wnqj#&tu46>oq8fMbf>pBUM?b1Rg+Dy%zL11J+nY{i@%tv(
z(d!zCV$K6HTnbeG-%e<NcSPLtHwL0RWr1A_HPQOW<fS|Q8hk>(jTAdIejgI@xmtUV
z)zVBB1e=u{zLf*L+R^OMQLbI7C4^bpnkc55zGYDkB=V>Lz@f8%bO$!snd1(o^1+Ha
zVq|JV1*AiyJ0x#3T#NZ$)tx7}<xZw<!33Au3>HO=2;19XwjuFH?GJlC5OvcK_H@=i
zL1g3AHyGLAAM%&|JNcFVCV$s|lmE5IKjbfA1^|ZsCltjaIQ5hlXRfVkjHJKBRQ4y8
zb<YX4^UWu1TJ;e;V|D-YGG=$gfg3ILJ8zq1-UCw%^gp8vUP~Zv26(5Rsb-bBoWoL^
z2ZtJ0x(Rd7#}!YXHOUc<)fzN^<h;7jr)LBW*WRJ@S;WKS`Hx(a_3fN!fq+n2T3eN8
zI;D94>QKEALXzN5qTqk|rTm{`lVhhfep7l}@k2$%<`pn!-C`)Fb#cP2G(=QA{`QU{
zHYfMWkX^&$s_Bw^zqo{`$0DTHZX{%L&~4dtyujm6e}~F{`a6ax&4r|ZjyU%2tcUFu
zPOrSyJVniy<-O0WFSu5<LV4!6H>{k_vlMnmYnsIWkHOXY<`nZ47osJEL$0Fk-j=$T
z5VF25V`j=NBO;r|)ww&qU^AdKmJ5sAw5vWBW2i$K6OwTG8QV^U<R3P9yY)|JdyG+g
zot{sM%By%>L&c)zrIBu@iO<JfmoYxuViJ}{BkmJh(_%SIA1hkmfCVAKOwL=-bnEI?
ztcxuMA;{JbpRuDRn2XyP`w?>Kf6f?fY=i;Y`UcHcotV6_auIHEib<U)UZ6G*6gwaP
z^hCM2zU3p6IXcVLFq%KE)jODR%|M4d%hDX$(YdFRw-MkXB^8*yElsR*<(bgtI}pGi
zDtJqc4n}YmUn5h10}9H7&Os?uq9d;O4}Eco1s<|-S7KNfo>5o%#}L;Pk+c)dM>a%@
z?$&09vV0_=nH?F}s0tS(`whv~R3W3u4RT1KPF_Tcu{XPb$(X$A>^*F*hN*2_7sMIS
z*r$)>ZT5BtOBu@!Or$b2G$B=z4SJMj_%8vBz0f?>vF=I`j*6DfeA7o%p4$CE+(F!N
zMIGU`2p(p6b!IHdCdLRRx6h8Vyh56iB=<iuN!m7qATDed%KW_{(wb4nLtZz*DSXxs
zw2OD)hh}^vH0>GmPON;Wv?mYxD;%<Vo^DUnegA$x4GuVfDGYTf(16Q?6jh=P>(U%j
z9mU?fs$V4sdYA>XkNU)uzZ^f3MkYXBoM{7HlEO<r**Zy1jwo@s&5z+B(J{z}k~Gvk
zWEDkzt4(E|%<WQ(%)6t__lvDJrOY5R@rbd;2hHg}LT%+TS-PxqDJyBA0ezik@)-`F
zS72E`Mfaz`c6SoMLl^3MAGxb)5;a=JmhI3nXbs;N<u?0j_3Q%UPPx=<x+6!GG@H>z
zdzaO7`6GhHw@1~HpNiWcJ<X<jD@kP*V9e=T%h<bU=*0)2B$U7Uv}3a`gAS2JNUTJ>
z*_>5Grx}B~hj-O)@hLgTfqpT|wq>M_rbF*huY^zfrIgIGtq*H&=I;!X^V)s^D{xJ)
z>EjtoP1WuQQQj_I__4$MTGIgawj0eJv1VlEB5kz!9@Qcixj%gP<D@G<(zvxbLi20(
z@%r%-Vis-}M}SW*C1D_&Q$)wv9jON=y~+EiG8Fff58}RmlB^?J7)x>a&O&Q-`2Gw^
zS?oG()fjD({xEqaD6K_sFTNISm==Al#BD|VLGOoq_Y#6_0*=0Ll5AA1L42!wII2Z7
z4|Nk8*f?&`v^Vn*e!X><CSBZAnFhpB^DRM=zC`!qw$6$Jq0Tc9K*7xXKXs8elUH!a
z!aFrD`q*5rVcEk9vz57Sg$Jm&s$;c3T@ccI4GnZr2k(7J>cAs}n|*&%YvMw@bjUv!
zgx|Pj8F^p>B7S7gOwK!5xHpkhHiQ$XqyxJbAo{<)g>EOIT$H?ecfeKu$r>$7Skj$Y
zGgyPsX#T#d(!oc+_7``5V~te+p0iwk$Y1&I<bU!v`8)rc{EmzNkRJ{Q07j8~M_@>Z
zD*W-TO<eo%<DL(1RsqN5eStKz(DY7O-_HmTem!jx{PA_H9i4as^M*hZ;o_E?Ec2{q
zra_b4$z>0&KJ|}ut`aMCkUF3<_(%q~YX1T-I?vsbKzJEoa5dF+s5Ehk_oAw=u)qWJ
z^hwFBzW}t}2rCJFdpAcxJt=?6o&<s7|M`z))DL%WL2b=in})Y+#}Ja&<=5|mh#68E
zdJ#7fT>5yCH>=3;2{~{tXMgOiB~>;4>$?L!-a6!;rd1XpZrYaD4z!{suXXw{wd>5j
zrmna8RdLllD#ykwbpJ1aF(sJw640fs0<b?#)NU9Ll7rcT9*5(c;Q0}!n*Lg!=Lfv>
z_RiP8o@#5?q6rx{&^z&gaIq&_S^|^BgrcqKh))^kEz{G87fAS($@c9@4RvN=(ZMIc
zb#(B@%FPzRstF`aK}blDvF=$iIY@)jQ_XqTDVMmx?e<zm<oG~BO<t;Oe5{=AAZbiM
zMWC_13c%g>EF>mKyTa6RvyOJX&R1k5|K?rKec#87`rWa(0c9&pLe|3CDiR~y)&2r|
zFK8srmK}}F8&P7E=-t`z{^`(yyp0lWNWOJm$NBQ4%v)FK4nrCT*Iq>>OgOqot;A&Z
zyMw62XG%|wB3{JP7K$++c8=ps-H%)ou0<NDJpwG+^({whg!{){xS=3k-;6>wkIdIa
zGW%nn>de}(yAxzR@eDfGjAITB@Yf=I3gx!w`8on_c`E8!%%tun+<yeBUVj9Miv$x+
zs5ZsBsCCN$2BPlGGp#CH90Q&@lGsuUPvHvrSoa$)Yjd1Ge28$=$KS<YYj#abq;!x2
z8^WfDHq<Ky;Q)aMe0NyM99T*=3-KlZQA=Cv3EHnWe62mZI@<VykEH)Xd;zF8*KKT;
zKWSK)ZtqdVOe(b$l%O5tbA~yrm$zKdAjvaxk~&L8-~Q$8aJ`=XLg}bd{Y&WMN-`&D
zS?VM)E7{DqWl{Cs+Knu33molev;P>pHiWSB;yR-`u4qlRXZrsFtSk7+Bu+_==_)Z_
zagBs5+}*pFp#H{f!(u+tbN9;U`w&w+G9Kv7)-1~gHKAB-rHfeM4H9vIA3F1qq~e88
zG2TPhpMV!gBX@Hjvc^`$M?_4Z1?b&fga+nyy_PF8m<qSN61&R@KUGB*?_2EzAJUeD
zX{a~vnSii#+G6FVX)u3x?BY$B=L#=OVdLk|X*A_;n@>yU#xUI>QsYOp;@#D%i<E@%
zZvg+wXnCGwaE9eTQ7mHDMIy~NeB#k{l~=<V>km@8TKB%*f1ZaTRPh~qfB#$zz6ePW
zaMT?3MzAmanObL*vil*0tp%B<#DMe)LIZzch}jnC{fW+)dRWQ{!E8&*6?<6I%OswX
zhNf>!Gu_Zj0be*^*{4_DtVMX#SUq8;mLPNE>_44;ynSkHNQfegvrY+84fJ41*-y(g
z=MNv>7%ykCygkEy(N(%-I@x1yPgTxE+Zo0Xcw;q)i}$V7t|7;RgqgeaA)ozCdS7O@
z7Whc$kV`H);-3W=@U|zlowT?gkpAo*yaazn9cb2C`O42k1k1YiNIqa7`mvS_MK)QM
z2_x9iYY|uSrlL&;b9-g8!Z4V;oE#K%AEqy`92>kNKD2KBUWZKR&YV=DgU_Szi_R9P
zRv3Ozfcl}lIiX2}*dSRh<Ww~%Cn-vLx9zH-q7V)kz)tB~UOQa-5nn<v^s6(+8|5;l
zzytwZ$T`p6Gr=0%{f!f8{De<zuj9+5HrGq(%IlF0FzIm(lGnd{n90`Rg*haA%>Rl_
zH8ES|>2XMbmjVG_iKZ<j7hT?1Yy8$9@^}0@`Jetx{*M19KP3Gh@=tjE>EwE`5=4k(
zIci|~zu_;P8vYaUmYOFXt*$AisywGwSiI8Uc}p<g@e1J|KnNuM7R(U2^dGn=lM1y{
zFAaGOUD?$m;i0<zoZ~mZSZS7Zf@@T<E;^=S@az3^_0YcatY#0?y2W&c?WUDj3nq_n
zyq9|OIXE}Mk{&uap?T-0a3&#~zJBw`u`<p3;GDohIgB|)AXvIZsu5E=1^y){G}&)C
z(|Z%*dA*xxd%&cMH9D$EjXEYHA61v}Nf`2=9<t3=OqdkKm_rqpP1201tb{CObZd~+
zG&qf+(j&5!HYX5f8@Iq$Jhc;okb*?j5uqjfq&$J9)Fps_Az4Ectrt~oM&t<`$<Ux8
z++PEU)jn@YO~2NRIEDA9jsy=wge&EH(iUWR7-W8&XLQu#m!sbvky|=|x8>9#ugq0Y
zFwA)sNfFXJBl4)!$|+lTRHz_R0~x!`ep{?OM%%I|n~&J!OXHqHYoVYSviozPv)JXQ
zw;!dedpBqb0)+gFo00g0=Dex3wCakiA`4iBX|`B|--(i<*<tD562${2p^6K)kPv^5
z@)^(>4B26B-UAVCx751M+YCB&0B^4O<WM^MB};ZC(O#BHb-X9cDcOYgRF7?4F!>d)
zn;n&RPny>?)_uG$e5YzqW=#cjYNQr>w0nEwRxgBX!PtObgJRg`jt(*Onp`G(Nav&h
zVXIoYozndk*|%d)CZ-B*sub9Bi<9^m<WspVeb?Df6!sq32snMo;n5?x@t!Cew{3sO
zNo8r>O_Zc$Fm&=^K16o0B1o=mJwO8t!U;4;nsA*z+mmmIsnjDr#-WGUK=j~XhQ{hp
z2YuvNK<ZtB;8OLV+czUSQ8)`+I340PqkL@oN|Y8Qe+TvQ2H^86T;_ZHah_ihNN;X>
zZhc}jpYNNy=%9M#)4jRa`*^aZhOlkdc}U8X;%po?dp+Py@HPCvv}|PU%7{cCH2%jk
z69FO&d_$hDdTujgE+!~F3ZvuHd1I0E4f7yyjijzZpi5eMvM5&YLfqc>7{tx9f^!<=
z>?3C;NBSb$PmB78o2(si#;D{#k(x}6L_xbRDOo>rZyam*EpXDW*J+e$7lSfBi*~zm
z&u-pbtt=4lp6t4+e6SP!#S&Owi}K&u!O1)fdzX8*@+DzKg!wf3<y9vtSx8QUhJRY#
zp8P{wC_qx_RHKKLDcZ;6GeI+xY?r3~VJe0DBf0$9FuC7+S!~4xW8SpIi_w7xrA)q$
z1wF<l)@4Y~j34ezva8Y%fj}i<EI~<M`57m(!Z?uQNvT{Dq4E>mKMs26ES*uZGc%FJ
zS-G|FNy|?q--aqB-PG}KCKZy3r@)l1Zr)R2E{zI@TdD>y57RTNO8a?a!-(XjdKF`z
zh1rWFCc4|)_=M<;JmK^bb%!9s2k#?%i&49f#LPZjRMDmqy>rXGmhmS0g`1XYs+pP}
ztZIw7ZN8<u6<3;6J{%9ycEcsIoNAm)jV^C5G&-dDy(v~k?R>(P>5wZf0-Y^yc2rMK
zEe<73FvqU3BoI}+Aovy#;<AFeMw%Gc9g%GVO+V7=owz?wPDNf%z{|7NC_DJL-vDKa
zd&wm(TBbtZ01qjOk%&D+$Z6Nh4(5i>F0kHjF<Dc$?O`DLyqM`PX-$$tYwm13q5s5j
zwYzSA+lZUwfcof{Q+3lB<C|(x5XY>P1F%=uLM;I)AVPB?2e~%ikM;cdTc=!CeCICF
zRDrkE4Q#n&E6o%l<%MRgZWmv&*qcYXJrYDC*bmNU1KmmZfW@r<@AMP>b*HNKXqFDg
zl*wj=rat3|l#V$jhn7ZUR(Z}#L;q2+cJW4nYNMIF>)po0$?Kh8Tf$r4q;K!vdC$>s
zSfSXZAlJ~mSNIk0WK6CO<&G6WQHpZ0Oko+_G*CI6XX&w$nI?9B$lvqt<X8Ti{O$iu
zelLxG$S+JV?tzb9^=+lCs7zXf2D=1HzV*j_C~sl2gxc4hr;l%Mv(Dtw(otWNCW+G_
z&p&->+s;bR<rc{h{142QB1y9&GJ5w)C4%Wjb;rtXKL18)lla~!ztoE9$@u#)r8}0`
z#EPKbOBio~%x$Tex&hxf0P|+p9OH<3MO%=9WS~LdhmR!pRmIGKWj%<)GO8OagrLv_
zPlg!!a2ozI<<93=d7D72ZaG`?&9+I#iVRd*hQl_>6Sn>(u_CyZXk_i`Q3HBB590&l
zfC%H<HS3c)t}AVhqS1KZy?dEBk!WFw%^64C+Wx7cmR>`-0Llb`DL&$xQ@Vk+k|k-+
z-xM1MIZ`(4&>%b%h~X<8oxwb#c4Mx)cWcw`(Oa|}TU2OEPFY!Yy|R~_UW)nrbVsST
z?YL5OFFMXURz9#YRr;RK!-d=B6I&z;?*2W5Gp=#@X-lA{=HWKy^Gri@te;lZS6${4
z-ezZLpjEUrW}wrfR<C=CC-UmhZJPB!Gvr0|b9_`8tjsx}D-wASdoQ^ytB8d8E;SN+
zAy-vZJG%Se>$#Vjm%E*~)u*N+&cMk~IevnO;C@3rd~{MH_7gXu(c1Rs4P105TiE@X
z-rVUz_)x8N8gsWtqnm}XCQk0Uk2ckY)T28Z@>Hxjo&w#An8UEbo;+vPqF7eE!Lwtc
zgl?|kMdn<ZSJ<E@;4e;YCC{hEiuVnCk`k2!V)ou-Y=zMBXqufFpF4aKjxTXbrZZ<I
zSvOPQ+DmIFopnN)saztPq;AF6VLj5>+U9fI1-R6!@!la!TrjPTABL<UyLM4@rTTs|
zoZAkeK)n)YbXHwrp>~M(!s}QK&X8BT#^6LeK{XjdClrbinMaxX2laAg-Q<q0Q$qs0
zWPv-4ik+HlI;~9^auB`iGcI2H_xXOSbJSNPpLCxH6>Eb(JEd%VncmKL<_<3!c0_od
zu!h9b<J6+5E|=eYw#}p=CFL)?HV^y0ZhQy~m}?6^QJ=`IPxR><pj@Z*;IsYYv982^
zoKhU(463sHz;Vr^-)&sm!`L}3CFHWGunT$@`s~vij|h095{HkVaj-b{=vlf^J?3yg
z%DN^D!qW``svnjja6s+$<AA|LFHhGBNKk9_;6+yT9pPO)er=T5shrgW<fzfqTx-l#
z0eh#H#iQ{&pQb>sVbrb3oElZB?2H#|(Lu&{v#P}Gkh9k)-QKOGGVVAt2PZ+Jc3`UG
z&rWpIh1cLmcSW2Jg@g~CWep29;;!RN0cUa8EN3g>TCBJKVY8xk{nb=!ocRz-Y}B{m
z<QbVt<&mv~%rC!8=~GCrvnW1+10p&DDvvp%E0KbBQ{5&s!KodUQAg3E*N}v$i}B|K
zr8Vf5e`~`OmMu7S5?ZDK1Gk?=WpU1B-!D7bycCGBW}Pfd5TyP)NV_q0`A&IR8nf%&
z699O(={GBx`2r(U$<h4~qA>0!s78a5X#+NtWjIdB3*Z{r`8K?qSzQYeOA@=y<70LQ
z>!v!O11R0<i!nE$rHuZcmkDd#jd2z`gXC7o5bcJyUD+a|6^D%=uF={^&uTOSWxr@B
z6(B&!WA;%?OZ|B55H;w8XTp4bR9)<HIX-~UCc%mevcGfY7$cEGujYEt;ZRAr7QxMR
z<PxZJ4GQ1<COi0PZ{tKZ>LX0#*Nm&(Y#*=8-77}Ms4Uo`L5@iS)^+Q(e})_%WcjCp
zo*Gx{{bch^ZC2+=f=ecZ|EKBDaY-Tc2Vfc>aa4Sm<=gjdV&5ra`4i4ueO5#I`P*1&
zx+kRGn@a48;gaCKbAdjgC!OgTKHut+pIkuKz$F!GZAQ|%W*f3u(>&LGH1fQbr45-0
z1D(f+R<FDHEkg8l>j~F@Ioy<s0N*fI|5{V2ryWo_%QIdJl-3{Nsi)t#jp=bC>+rd+
zjn-~fhZO%h{X_n~e<%O5zsdjYzsV2%>mTy}MHtW^qB}0J?K`3G=;ez|JK(nO5WlmS
zfGg3?cUHJtGajVQo|o6>MR~j@O}WXWJs2vyVJ20upeeKY6&k*?v4RE9ev@c?SF%BT
zT&Y@9&*ZCP5f&!sJP%U^5BMa~|2oZkk*PZBB1~OW9GS2tq4LbOfqT!xD&>_cL}C;C
z+Vgd+{-38Z(Gb&JQaE7e%7dbd^ZzP^wf<Zwf_IFhP9#It<=}umM{>Q-eAis7fxQ<3
z6Iq>3gEI_vSjL4$f5LN1KMPIX=Y9T~XZD9Qb9+K%qP`M?+r2SKA?LaF*fNVJZbg&a
zsC2&5w3mm!O9$a6*{pbPRtEGN)G^auZQbb0sjL?Xo`GWlTX`J{QkmvWb;*|EI(6p$
zGYqJ7)EJGKYogd`QFoddf}qX^nb}b>=*co3+@y9Vl=TA`J%R-rTgHNvUoB*^71o|V
zQ^oneTX<tL9~#KIEf9sbNms#J<>1_EnvRp&CQ!tp$?zVzDka9d2?y;Q_b`Yr<3+6)
zpQo>sy?Bn*JwC0DBGl)>4R6xX>9I$opX_TW8}D1U*Nk3ayRz?&Y9&JWL1xNGO#jGx
zvai89R9<H}oj0u+os)mgX~GKDzSc1dHSRX_)Ze)QIOHVSNS`cxE86VwFnnPF?yfkI
zyEZ;H!5fKW=h7Lmz3MbF=L_*J9eLjkjE4*psSvWcDvbTmzHZLFm=0UsW5~eC<m$c$
zU~tGwi5<uQpGq=k{yr%1VGkP@vT%Rm2qt|lwt_vE)y#IuTTV|FYfU8xHI0FbA_P-Z
zuFve+Tl90mc-#G47T3Uuf%u^*7onY|y2QbFYg-?SxcOl+xIj9l$@cg!0NdQD8{wlw
zs(JnbARk>$9nJ^)<l!J*SF}SkGtRAcX`A15f<8p|PcOm&*e^BSRL19CPiw}mh90y|
z+S2*!!Iq9CQ$*r|Dmhga+_w5sR+LvR%V}m3#1lseO(Fbgh>*+Fe9O7tBGSKbAo<$!
zfv`_EJ}-#ShP3N1toc}1X*#ad(D1xEpuD4VZJDu;P+z<1A(Yxbhd5XaT@o6bMQ9U~
zg*^s*{uD(#uY~Z47x%Gd7K*>prE}aef6P#PPb}g+$R$`0(Tcd1d&3@Y3v)2RUXVH{
zhZ~@{)-5C5=NOjugCy<UZIkk%b;H%=k%CX7mgWs2a7B@^J(I$%dyIr6NvNEezz4iv
zoPPTx!5}vSHgIO~ytw4XMH}s>jJ56MgKb<U$a0Mhv>_%A2PDIn53QLA^MRl!!{Lw`
zVVkR=zX0j6<h>#?xQbI$r{dmQLLJF?OW(?0MJ<KmcY+oli7UJy-<fj~4J`b;)THPX
zYqvkQE3Bq$k_7GP#~-%bzUpsayLS-$Q*CF6r3;{f(`IA8*?Buakkt;0GJaQ^MDdg8
zT>vX`VTd8iVI`1libdj5m9}9!AJXGi%vD@r-IdW9z}W?1-G_3RsOIp!`?4b%KNra8
z*Kwk_mwbBcMr+!^4;nGOOtn(sw}bo|qyqSj8H*I3_M9trpM?+#qBX+y=daz)^%7@_
ztZ0@k|96Ug|6dAxOv3+D;A8wh3VhT5Pk|5l|1R+TEmSP|k5JM4N22fc+eYjiY$C{S
zZ#{(0zV#E1PvX(QnbB`Nd3?Gy>!u085X%8};7oK79<W-Z1tMfK+4#S90MtG+gwYy1
zmxis8d7yLNR=U|?wt^%n^=7S}@rX!I#{#wZMlaM6lg`O&XP329L9fN8fOStb!%kHH
zkbmjl$*=M^`P=@R{J}N<kRO;200d%4zV6>s-0xM~P12$W^NrML`GBjB@WK=8xY4nT
zvAIjbvXz4R0~`xM$<SlmUjQ}CUx2D@k`2FV3Gkg9AE{5`oHkA*XoF|x@UlbZB4fs)
z(+KO)qbZ1ZC*CZ{zmw^9Zsg1*Ci`geZ@!R9i<v*ow(skVQG`DQTso`##K$+9QY_vH
z7wDA-<94Z>twcu;5vuF?n9m2nSf;eoS%qD#CTxkhrsK5~hT*Ro5;0=*ZPybNUjV+|
zi@Ej8iDK<39A>j_B{u9+wpv})Vk*p3nktY}7%*`JV6+~nHUG@?5l}Dx=KFLAHIk#G
zWYXy@2!$PG-o~-`-q2Dcva+2Qa_h+0eT!u4wFe#fHYGvWlcMgC#QCzXkxZ~kxHZAO
zHXbV7cmyCBHhxff8f_>$>14$b#nkd^MN{ziL%QQZASg%?$8NBxw`O%WilO!Tii#l1
zb^eoX7#|5DpP%_vDA({P7KppqN-NZFgl5d=M(=>%Ce{~Wh(o2v8Lu%uO?(CS(~Ypu
ztc*Dt_#+Cr&`L`@9%yGl5Z$0)c}zZ8DiS0A3L(^8@WtGe=Og{2cwW+88Fnm3Ez#Ot
zz@uwqj7ba49`aA}dZ1MwmPqrfvWpjs5uWbXbFbAptqQ{DbTcd{ZAmy%+d3*wYdTXb
zEKYp|n7!BRoKh>ogzo7_#05?aW+FDs2Hyr!HMvi1`WE$hr$1mkr%(8qOHG&>dpV|i
z$gr{0L|fr}R^xn}F**e+(?;*#G!JKt63+%Ba)~pz;?3Pvs5ZzPp%JEUpNy=urfO_0
z-12b%l6manI9b+xN5HIztQ1hflVs+wgV*}g$GA`+S)SV6Y606qRj0q7pPVP~MIUW?
z=gBApN9qD}d)AFlQ>d%$!7bW%GCR)Ls0-!dp;8N{j4j%(lBbR1xbx&9LItKY<9qx`
zs`i+E*?T;1j1RM<IgI{k_(PwE>4EaCp4>+gMC1IC%sPNWhA6&1SH1=y-oiB<2Qk+k
zw;OHJWhAJ1S-#YxNV!8PlZHGD=sOj}$At<eBpNjyU~Z)lnt)b*<kfEv00NkqnHh{6
zqmMoyw>j8O-xpr7(-^)QGfH`6C>TJLqC_#$-6IIsE@3DzjG`b7ptYdD)4-3`D+oz1
zvSiT2j;`4f9cHm&+OR&zuxw+JQV%5SnWZuC$bvh1IV{?Xpk_?&ej8t$$NuQy_&3eU
z)5;Fjn>n;Sw!paRauoy-6^m`yCu{(<l0q%u4e=w@CtIK|%weRep$TvJ%3JBcu?v?R
z8r^Zd_wL<~^YH_cc~%nIDc54J6;zm;Dtr_my5B~T3<#`qB5Ac#JO6<=VkrRdwE<|J
zn4F!&AZjg{wzto_-w~18md6DUnQ{>0Z&y}+E9F6wKAJJL^p|@*C>j@cPEf@D2@y2+
z^JW@f?;Q0=GHy>B-4>r2^kCq#O#E7LJ?P1zc^@xUaI3uggV?&u{O`etdZ4Th`4>GK
zM;Vr*N|`ZvNco0r_eaNt-?dXtJLU0xy+PWfQa9jh7ZO)I$vC5lN{O<!kXGKGHScB*
ziAFJI&x{Qmbp}ohvb9IEEXd<UwhxCmpn4lSZv3R@sw=#S^>RAou+Zl+EbQy75+O~0
zp7kFi^4j^(SUZT=w!{7)i@QN$+qmLwX#Amu$@W&B>5)cW-6Z|y1}qZbZS(i)8H6%f
z5Sr;Cg^=t|WfmJ9ypwFtbIWLZmMz%<l1ZGqrKmB7_ke2vK)?+glI9jP!T>AmJw&PE
zOqN4GZAonGccLmcK12hJ)*0t&#kk!|m@}&(rM;laL3d0M8agNzsp{`X9g$@Ccx2OK
zCC_u{HYRzRkEPNEWtP;1o&chTEU=DBWYT^A*+s@7+B(r17*~-B>idy5k?wPQ@1VcR
zsnK;(A-{5h%;x`)f9>DNulhInTmPH<Zyf(2fA0bS@Vg7>g(;FCT66gv#Y_yO_^hk*
z%7E{fxx(CN{OIlO&2MF=4jPXr9YAEm+>9hL%)3cu3iRVe*dT!-XFtAJVE?_Dzm;w^
z&y~1HiGl0jOuTW7t9J_6wy>>c!!N#$!3~|)$oWc%o$d?ow2F0Z7ZvN{zWY^2T#{WT
zrxBg9S}1VQX|{lB!rpciZtNBz%0he1R-SfrVw~#ML50uKS&?l#6q&gIyP7}`C3Y3Y
zi1}uR%}x%wuVcHqbSvIGDv3Mc*Y5-yHY-s%ja;1xz*Ip>02=^#fd`Y-T|7rkx#h3Z
z*8<PN2kJCDyssMtZ-{DF;jJnI^DR3#GT1C?->V1$F7kk!goFQw1WCvbI88Cb#=I~x
zhxIgg9I5F5l!Yk>+b8_Iwb9aq^#Qx1jNVQ25RAyWVH5)ZjpqOo003CxluK%F%xq6s
z@J~x~+lzJAu013aci)9}5bg<;5CdTR*^@{^-7Qhg{d>UI+UH9K?{$dz`6>A$IYM8j
z{iht1Z*O$|gJw)`M2YOKq26<y>ziR3Dgdtk#0Sj+?+7WGvc8J=n;q}kuuj=_2NuM7
zj{-;%%|fE(l}mcdhCXi&cX8yg{*L8V^fWvo^thDsM@=)>oph02W4=qf1|nP}fGG44
zkc`dPcRSCo;&H*3P+}rxuKVx!bR!86Abi_BLvFg<q+#5jYs%+G#Q&g{wIf^*#gFnw
zZM17D;(yP<CWM>2NqV|U6uKrh#dm!P(iT1<;$rSdKz0!WBjukr621yRSSfA!lZ_|{
zTeHW25ChTB^l5;3;vF;ath4_u)8@u!s_KGX8FPjP%!YsfBDfhJ(Tx&Fm#SLO|CYk*
z-vhpomjnln4<nw7m;Pro%esbg10ibg^^qevn;!tKevVY~3vM%!OVaJu-TC}$j6D}=
znoL(sD_4e@MqS&8-EOMe8s;%8+SM<`;%J;pl*Hxqk!k0h8Cgv?%#4N&LV+<n%{MGV
zG!$qcFP-mpPADj$rWLM4F%@1Gt5Knfw})xpdE0-#Q1R_(%VxFII9CFB!18>zf5{AC
z3M9WKaJ46~lUQQ(_1;avDxaG}^Iab;#BTn?A$NBOCJk3HUoF`pM<L6}J1(n4>2XPx
zX^7A3=;hqHF^C>CS_#@S3{QMcFi!hy-g_;}{*GwxNsr!~9w@B$H05PPr;auuV=##O
zF@wV~FY9u0<W))zK?9Bj{**j7P`BP{NJa$$+g@p;EwpkVXEgQ>+A)@yMWcCQDW7(1
z6a{g0ZW5NV1l8izP(y9}wnrGpBl6KunO0hP<A9SW??&?ue=oA#$$WQZTIL}=f#FRy
zmA#6$3oE`DLA`4sO~1IW9O|6@jOitLgPo7Kx}6@y(7`l7)_XU1HOy>QY9i(7-qoUW
z&E*#rl!06QO+Pp1$;_8E^<$8u>o!K{IwO;Opn<f7e&yl0rryA|h>dA(NK?ELhhnJ(
zSn7&ruiSXwsTdIie_M2US-+-T5UA;uW<|O;n>~!I`^Z`=7Mu54oqw^uw;~~wb*=iL
zvCfZxC>F+!i^p*GD=vHZqrS3!q8nne9+u+<RT#m;ImIn^L2IY?1HyASud!irX6{7o
z)0|So^vW+E0h!TRJ&zv=?l31)uCZV~P^;aiY2i$JZa=z+qz1Iz8P>GiiPfsr^{caQ
ztn9<@L!`m?<2j#TB-p&JWjei6)zW&*i<clOFqxd0`BZ$Syb;yDfs^mK&t9Gfd?If&
zV86-1F^XJE1HKsHy@`2D`0G&lQOLvEKjgpqck-+KP5zeuCO@3*AM)P{0045B%{nft
zgqwx7=$;iiP)_uKen-i$tXq<YBiRJpC`{EniecHBe6kkpCRCk{#XxZ3NYleFr?8K;
zQw))r;eUR|vJDRMy`7R`7<yMTK_hOd?s@MC2?F47Ar;#l4f8gL+1Xvr7L2oJ##<(>
zd5vaLicYmBJqzO^u#g#`zedtOAE7^dHBJx|OdtsjV)nJ=yX=eXBT|3r4vq`&#q$GJ
z%KSX-;m2#wQ+nHMuF+VH4_iWMI*id_EjcgaE3WrKI*Efnc7ZL{rKAJQ*Hg?(YP^4r
zh>&nb0z5fL8&GbyPLW2q`$HucxiZ`rc?Eu{{h%D0CegeN+Bp*th^pVw6W!=@v^n5?
zNYr!j0+kkWeJ5UnLiqJZ{N=byMhOn_f3f%0VNq^h`}imVDoA%r2uMkHOGymfp>%hr
zh>`-*GDvqz3?0%S-3`*+HPrZh@Ep(iocDdNb6wx-7k|Bfa5>}5v*&sCUi)76-g~Wk
z8G%z<E>7C=9yM2{Va$FbAYmmSAhoKE=7{HtkU;(TLX-qk_cqnPf!iqWwrNo=g!$ea
zG4)%YpjV*P8@5d8qi5;4+xSQ$R<jI#&%_)qu%Ep1nuv=n+cv;yKX<%5oZ4Dnu#lpt
z<=xQ}s#xl$ZO3HvOok}rU&wS*9pN&^WLV6QmQGjhsJ>%d{cr$~*mPae-LkD_Tq3Vp
z?_j&iBRkaGw<IKICC3$KHrNW2Ouqg3+F3_t6x?=zlmv47cTPXdDT{M_q<t#}hDbgU
zr;AaPX#R=R4=&+C=*XI2uC%A{{^}QVBATdQ33y4Za)%puvtYi@BIPQiap6aV)bM9{
z^Dz82x0%S<eU9#wAITl%BD8bPX^(}U*sKM#daWvFcqN+3{RFurQP%a0H8vFR#ZvgH
zZmvjYYOW~eWrFT~!`TL%4BnfcnSq(|6DR!ymCtR(blXyyqSQxw3@U|&wGr*7rf)&u
z&3U?vc-)YHUfaRWqmQT>Dh2KgZ8QCw4M1=}yx+m<$6JSqtZ{FubSrJ2#=!Jk3C`l$
zJ|(jIsjY8$tq`161Qixl#?9VMN{3X>YI&qp=2i#`$9Yn0>Bb79-q6@_ICf+|Z?Gnm
zj;f)`_1qEp_AL#KeOXSyS(f-yR+ohz&hZbkhq;j46+Ow$jaKe_yF8Q-PQ|EMu_Ck)
zhat4M1$k6Aj0WY52HO|k+bBX?MsLuU=7G}LdlL|AhdHyS<qGIu1?doi8WQvZI$X;a
zV20O9Uq{nkRvtf`F);7_<TZW}$k#ZKUh1B0I#Oc8y-29}U8;Ku;myT?eu5g~X)pgH
z+ia-6kypOJbTFI?7;9Ug)HbRCzILzI5~=zONUmImFORIIh?H1wl<LqW`vwyHva;fs
zrkW8+7nLNUw%?7^>Pr&fPin@RE2&48xrwXsdRl}PV()dsoZ8^T^@rzicFVHvM3>Q0
z0Rx7)y{5FKWaB(l<%b91&SBsu3UV6E>iZMi3&EeS7v?4{3Sm~#ldq*+h^Z5)2t>PQ
z1j}SH-3_D;;Rn0D)NiX*qQUFt2>J~hT^nFBzC*Y3l);M23Lkh<)ko7tq6$tsbPMg3
z)~mQLZcmU77^@FA0)Pl18m{6a6*)eQcoAsKUJ7`A>)4D$9k(g7bOx5GJPs9pxXtaf
zmH~DDY#kw#NUnXVhu@|x6%;ipTOp0`rR+hpAGUV;{f9s%xW`4y^`)HvVU;Ys%>;jl
zYh_SSFP6jUmVSVm^B&jes|vjM7ez0S7%@GKzobqSD<Y@3J1kdDHppks>l5=Q9>|Yb
zODh|#q;s0JRY>LCyqt8AHCqG<Va;APx9WifCdG^0H6)G@s4QLS`DrD4kWX+eM<qsg
zojXU1i=!FTm2)`v(X~OV&iwU8M;h(#bz8-CbUw5P!~~4g&#dk>5y2D&_W5f#Vr5od
zZ!gXAlJZY#iI7}G6hCV^R4BB$A0M~GFLD*2rL=RUdFZ(<r9`GYb&0fSe+}zWsO@)c
zzgyas*u${fq?F-9e7Xka^YyL@?7!3-?yLN3HAd-Q$lv%+<c}Qujr@QJEoe)GFoisL
zEA_Eqb%RSNxJ<VFBeG(<%hh;u;HU)cTMlCxBUc@VPeqSNAQKZe+*z>D83rHaVY5)G
zTAXN*AipXf{(EQe6M@n!&Em3HM4KXM3LkR>+ZsEZR}j0%8^HoSu3pYiO(OAOy*kr+
zNMYVql_xZ5#y})SWM1t9$bNw~nxRpp4N$LGYN(5V>6M`pyeHh2c%!|oeU<`9X4K`r
z=VVCg3FyMfYcp1IdMljlDHOIOkKML^kfWJ}cB@03+BZ?3(f#owThR;PT+kkHAO|K5
zhlrn|2Xq`TO_YCvj)!b%sb-;WYC7Q2J?DCY-Q9Feo0aaD`T<|YA)u4yhdocSJL|LN
z^^^F^@){>(5t#^iNm9nlJsUrgQ6GUrp4CWKX0A!n+TxU>l4z(D!DPiJ*R)(19zZ01
za7hbi^X;@kX!e8aIIg_Gx%sG1H`(YAB6YUl6nc^e4o?z-sO)F8m6~?Qns+BNUxtuK
zM}er+?ul$gjQ6m#9w6u3-+Gwld|wje3!Uh|5`8Q|&`SA1X%i771kCvR|I=UjSt;h0
z5ScW&T4ThtE%os-%Z>b&c3eWSyPM3>V-ZMktQ&(Z+*lM);%qcWki+<fIdsgxB6svG
zs>ncJ%i^MJ(7|-pEZj4FfVWuW{##_xZ$*vlZJv^mJ|13gOi1wY!|Oco3%_hYKx?m~
z`O!o8cDdb<#<taud{UGhE+o+&<?8g3WgjU3VXaNWWT~%*z;vtlv{b3u+b*f-7Wxz)
z49E7cT=X^WNJ`cShak5Yl<Uf-K$MX8sR!-0`F#dEEDL<kz0NSiUAw&5lC9U|9#WT-
zMca_<_^@1AzdVJn+U;z|+@fm5fdA39N+24;Q_9J-uQ&PPvrfMHxT3(qReK<rDKP#1
zpcP$P=lm0pFnEl~MfRaxQI1w|j^0ssBZ22QH}JgV!PsI}Q=K_m>rBl@xI2*A+$rrX
zSB$A?v9GgY^;F@Wbf*P&OO2FZjAwNdO3Cury*iQ0C|e@<2h2adRzUW*MM*HyJxER!
z`5>iPR(!sVxzEybbhA4Oqw!vDO7Ez%Fi|vDKt{G%sj;8RV4S}83@yzvzw!;pr3p;5
zj-SYr(Hu>qEe47DEXz~LkMD65)=w=r)&B%3p}6>ETTZB51aXARYE+Kf?q<ecjo!ZO
z9~X)%6hSnxgj0`j5ZV}y9T-)4RUa>*-`H#l^Nkl38?-?b8kvgfl4IRiEaAp9KSBPD
zQfneajTKtjQb5eTt5sfQ@6<lo@J(&2AA%?Occ_=Tdel-sl^A4OkL^3ZTfHBfV`}F@
z?nxT5l`qA}4ZnGUHgwhXYklzeV!F{xrBRegxUqQbYeMP$CuUZ@<Rdo{=J9pVFK&vN
zA-LpeZx$+z!VSZXMBgjoitHkSOtsu&q{m#m8lR7x^V$^)PqsFy?5J#Cbp!_F3c_<8
z<InR%EXdOaU%l%E3@o{De!D7Osl&$&-edwucxk6<4DWKz^X_u;8`nS`Q6z8C_!J+U
zyV)B|x4BtSL_hi@V9WPH@QIQEmIeAU(vbQ&dwzjO;3DkZS-*Zo<-67aVn8v>UJM|S
z!y=o{Lt#$RU<|IhDy4Awm|kx3c8!s@oaR6*{+)u~{~LdSe<T4lhr|k{y1qAlp++^y
zIi}~=RdLIZc!YoB*?$IJr)SMfAV+nUQtVHsr@k-q=_e?h{IKv;_zIMJdn3G}CsbRk
zX&!Q({OV9g#2%r_;fuOpZlpJ>pL6^KWKISAv^8UcdgQ(!dYe8u5VdAA!9Y;#LYNWL
zO&nqfx-8S=%yyRfb;67E@5nFn3;7%ViTrT^zmb0lP-*VTu%%ueu+5#RFu(s36zI2F
zl6&i)a2a|QdSZueULCTcc7z0rAF|l7#U1R^35eR$+nC9Mp9&{)AkI9GoLRg+ggZA|
z`5m<U1o<dA;F}j1{C;y@4Zk737{|ZAhby~hcMB6fC=i+es(%E)uQGn<W#sz+#dw;L
zZ_lLe8u43H)kUdPV}Ukb`~aj`^R9uVr!V^Tc9_3wX!f5ik^gSlo_Scc>CdJz|7@BW
zxSfPQTl(Fy#J740<=-tu{%*SFe{b@Cd-DHloBRn91k&)E^6rf7*;x>hjy+h!pqS-<
zP5po8<NtGHyW8y{_;=)g^$Ypy|B3ub+`o~ZkOt80IlIG0rQi7I@7cBAYwH^cVMg5k
z{{=}O?KiJX!{hp3VQ@jytK1XZTIvHv6Vy*2FW~scaQ?tBh1e~!&)S;NS2t2y&RBaP
z!J=peY~=H}_d(vh2WBKLxE=1aOCKWNm+sqTF*xz_V&D-TkKS0GbyT+}mXJyKVB(xA
z(f?5Odjm@VremeSHO&0pr0}s8hr!iJ(xtkMh4})>k?2u&N`2{IPH^$-=od_jj2%I^
zNg@%^2bz4oab`A_?|fdltBRxNBCOkq>h4|%hi6u?^(<>)i4TkiV+a<oJeilm{|NQS
zu^A+f4XN3%+yiubtH(H#%qpMPP={LF^IrmEff)-kt+F*#l&)**n7;i4EjJcEI=xkC
z7ZR9ohH=h@^DT^UxM)uD(iWS!*Q)K=l!)WRGt}Hvsk~#GJJF*Bq90as-DBX5=~+X4
zUbkdS&o^flZ=@j$KR|M}U*1|wdOnzdxa?ir&}vjjnGwXBL{LbpjGp9|JRPTjC6of;
z1?DrZ882U4rrJ=gu0Z+K8*5YLkNUG)C5UEqUgA<Iaz!IadWC{g7Qf9v$BVczVFTC3
z-PF46?C;o~gJB|^kyoTF%?DEjWI$1y-0Y6DEr^qD=cp!i$KJ|9`&%JhvhfM?5lcu_
zNVfj`t8;Epe64@1spu&3=)_yz-crPEJVnC&1{XI}iVw_3Z`nK_2f#5y-pd0;28bh>
zjE}XdP?6yW6ZP}5@|EMe{mHxfCbcGxiCq+{8Z>!ZTvQzpg>W;pDVpSx{Yl<lK(YhS
zp#I=jgns$u0Jtfj%*=ZPO`sa|$Tj>nG*WULdb!Kl=(?kH!emX8ObLA`<kQIJlMg4D
zfCf%l7rPLjHHIlwT2(#<9lv0&dW#Rocwz((;y<`Pr}tYj*dagV(+4O@nJUKtww2@J
zlqJ?8!;HZK^mF-RcDzT#`4AE!XgqYeurL+t)%m#wwG2XDd#%1u>IaZc^`YMFQml^q
z_Pzmql}r`uadmor^Ac!6c+<HFAUcM5I(i0MLIlH0l~Fc!F7<(Ib1!~^RDG-p;w>83
zmy!~p;cpIfNtn7t2xT@wq~-|Na9ns9P_r=k;`SP+`LOgX@`~i{iGgG*boUC?+EH(L
zl1cVnu4JnXQO@=^<g_^w@=JRf`gILuW%c6|rsEvv$uutst6$UIpS)qX1)frN^z@^$
zU+cXhzo9K3fL?VNx_g|>voB3#7o%gy@V@^}RqcXoh1|J&R+90=bK4H5#W>;l`Nm6b
zg-p2TN-+pnL<1e~H?;BVV)DbcRzP<d_yN6D#5ste?Jb<z!9C+&XC_vrQ-B`3-+551
zd#GPqYAKV~<(j}&Fnd`wI@gKql)7}Kcs~_n1u}+>oT6W?KW8vNw8SqXwDERv<9HLg
zuSzPVq*l3zxvjVbS@j%0EzYN=HK|Bb`<Rjh_8bfnA5S|X540)f+;Tp0Go$Xny{9<~
zYpP9qasbn~>bga9TfEp+0+#<scb%6FbRI5ODp#Z5ik@=swSh_CXT!O4B$G==sTD1Q
zL&zXYL{WNqeO;1#L*21JKIMJRvzhsRkhx!LGca&YzXmSm4;zsMY=nVdWzt*fNmsDT
zLl=rFZM7@0s%zxFTm-^mVLZ#3fz%?+?+MB?=6z9#G#?P6Hwcl36p_#}vkbOo`aBhn
zB+FbJTVyXW?o%PB+llJrF2TPFum52j`PyOE<iROaW0R^DD**~xH^rZ^n1$4C=nh#z
z&gQLjg7s(sF;UivJLD(%cjTA-h5U8@ME<m$-^j1S00LF?VyM24@CSQ>YJsvcfQ}+C
ze+KU6kMMukYvE>HXVU`7c!P{bp2y)#<rZ$9=!uOrLaL<z=CYuZTEiFp;<+k2%afwf
zb_^>2Pnlzih>`yog8yuJaENmelil4F5OYw*p0%t7+rF7Xn!^r&j91r8+(;}7zGBcb
zyXKk&*Bm!|dYdS6FlZ!#i{IiIupndF#M{8ln&%eTOQ<IJME;+5JRYR#?(J19$}4JN
zmD|P2?`!8M@3cUA<TC#g6k+%k-%SG#KlE5?qaA~elq+TVEv`3%{Z*!g)yj2@Z(+^s
zrI9^Z<>X<*@Em9TjcAQlyeOtvz|%pAtBHwp9GN2n@hD}^s9n>!Hc&Ni9&y+i$$7mf
zW0e$CqZ99a7A1Kv4NdvF<)Y4{wx;Q5ZM=bDe1X+p#%c+rcUHJc8+N>HWsP@&d5-{h
z%Bnw?=~JpoxT*B4vqSY!a}NKwFw*8;j^-RkULK1Xy9a2^5E%x@t@K;Ku>ob0{?62u
zox;!JHY_AYpexmAcNWFaZDK6}7uRa+cZMH3*<d@NBZm(hI`D(BXkLmIbl=Ybk$*7t
z7KuJ5$8~p<7j#pgN^<3U-_<A8M0X!h@g@8Ih_((E<bb2}RmxTLgWW5RMKrFm`fKiG
z(vBX3225m}pCG(0^Myylv#&xK0-j|)LgAJn7YNF)B-qb@eUi*JvB;fIlAN|Pb|PkR
zbXa(c(u`y<r6btC7_q<P&uix1iO7ZiP+w0AW!8^uUdB@LfP<owL8t4UaZKA`e}DxO
zOy{j9PM7EUnrZc6P?%vwcXgQ3%eS<mWRifyB;F}7th$zE9Cdz?`?f|Zm6hf^96P`)
zp5Jm^2ZGDGs?`qz-t7nA+KE)ZLnpL!g{Ty973Xw*AHE%rJp;BJ+PS_jP#iW!6uzj1
z($m#Ob>c}Pypwtb%JL?6XY`%(_Hbt6+CQm!QgfD7cKBgE*P7Yd+snn_(dHIGhZ*uG
z*nNVjREnJxCDMlEc|d?CpslLy+NeXFPjz`>TAS5|61B)ULYkBgfnV`3dm!eqe4hK&
z_6)5}=&>Y-b|l$jiJ_5iOiv$nzK!C@M(y7D#Ks-|z%Hon-Q0u3mGBq)$P3+<L5+H2
zdlP=>(>B#rb@kGUv*Pws;j`vDA|&Iv0d`Onmzs*B`MJYtDe2B9;J*Ou001znrGeqB
zZ7O0@{P2yJ&5qpg?Q4xUA|xy~6hr{vB{csh;N5+HUP&75PtPX1czsUymyf&v=J-Ak
z8TG#({$F&$^NygmXLM&MZmAvBG3_My!D;upvR&0^ns2<j;Abz`ppE1b+^*bLvF~UD
z4VZ^KvK{9G`6m%_EwsBrZX`-G+(Xw}85sPDq=;5YLJu0mGt4Iws`%o+Zd1SW)<%j!
z@O59QEwTINAw+%T>UmqneyNDW0il%0OXdRypD=Cm%h3SYDGYbWPx0@_FZT=iYyXM-
zIjO&q|3V1_Qglbq6cn)d<-p%?1?5{UP#y_pCnx7l52S@N?R=5P1d%W~lkpvqKm=ZB
zO)boe`=IJu6=5PTr1{}_J_ecnX>x#%ReNI8hJQtxrNQmXHug%EO(dO?aIWiq={zh(
zrD0frqbdQ#!l{U!#ZmI5dtQSR>3aAN9oMEN8--;iF?xadG(5uV8k~EqFux*%fEC%f
zpP)%rnZK}o<kZIq$13I7nDYUk=Wk8DE@QioM=hQ34CGS}>8KwQ5HGmln<QG_-XAW0
zT&^oapplHO<UjJ33#jyb$KrSw0a^ky_csf`nVq@;XTi88bma98)<01-v>?F@XS)$<
zi}%nxpg!cX4FPJ=5+7si2i|hP+g;O82?dY~I*5B{!%NjL@Jv}FKnH3?4fIa=T1ma+
z<hpY@_eJ9{USm!)lB(&oenkX7AbYQY|AWpZFrc_~32XNHmCNe}Q02WSqowNcXVJvu
z!5a8jlJ?udZ1m3#kE+L16q1&yw>&pc9*NdKDl)}ay``#T_H2rdY-p#|hs!HyFH#rE
zy;<^ma~EkkGqY#=SPm9&>-->U);BezA3)Z6Fb2i1RnhAQUEKC97`@#`AL%X%Aa+4I
znx=YpkUq+y7|c_Wv`iTZ6M>r8N{%B7A3Xlv2rVx^(s&<{Orkg^54Bas0I}|od=lKe
zkK%{8jc=-Cx02L@%CgpT$6mAli>Gy|$}XBSZ=&_#ker;j3X?#>L1j7POy&-O(!t50
z{Y{085Xd4mmORHBIS(Exve<iEnLp-%(iygP`vPXZZ>m3bFBuYkJI$Sj(W*6-SJ#Ji
zy1{jiLNEvd?Jdf;`94C>!+`MKBRisjQO`NLZ%>23tvTaoquDU-m(Z&E+UlnGVQO%N
zBx$19Nmn+A|8G(Tz}tV&QmG7B-MPH5)C4Et+pl#Rfg+N^?&uG$oQw8kJNf3c>Bcgn
z)dG|nUd(tX?VAs|AvA(4fdKozIk93;>&1!Hq&6F@SLs@<QkFdiV-{LxSgZp}(h2&8
zUl+crLbJ+V^rDB&#!Q`OL4v#Wa2vUc=u|@+GN)ISjG>c_utuBS1qJ;L;ddNV>A&+1
z=qBE9?~@`WdG6Hbbm+{i4Of#aegNq(dijfVJo`mD-o7aD=9|#SH*q;ab1yO2Z|`Qa
z1U3*J>u#wpuP7ef_E*xr-48&@h6UJ$*l-MMYeVbVZmTw{57K#8UKcFTd1Wp)vUgVo
zUd=4ZX-zQ1w*q3?+YTal#opL?i#k$H7Ql$7#hQ>B5xh~-fxX(^+mQ7m*ZqFJ8uBi!
z&)9R)YN;3IqKDOawSf4JK7j%2BjQFH?%I`JNxn^?Rf4uE%Zo7=dM0MEpP*h2_!-D{
z+Fj^G`R$<5N^fCs01k8T!#TcCfQbJm70mpxlVpeLEi^VEv%ndq82@lhG=2_DK-$kP
zab#QQ0OSxPGMjlNvtb<eI}k|qoN0qx3zx!fNv2U!2`y>&67DYumZ3NJ_!NrV2v3M(
z0;y@)=Tf)qxZ%qT;o5DjaI$fzY-ck>cGFZkj<tee$aA7PL_j8gOP{c!F=8z{RjFo*
z3~}xa*;_Xb(7}H!Z!ux|a6R7@2?Ih)Vas=j$vwd~GoEUNU~DTz7>d%E9c7~J-nwRb
zwDZhBapy993PGfz9hnv8f~A#{>y@sTttxtgAkTRk%6~45f&yvyqDFz-%K%R#Ibx(;
zjr3^=My|sSpf06(96mZL!Ge!f&x$6z1#z?Mylhg=da-NGcIz|^E$mPG2Hf`@@^k$=
z^2`51{+fRxf04>><W~e@d;UoR4#*FxCzAe`CET$g)WIh(Q$QoZxNiK}m|5aEP(*8{
zW>tf9d2`pBe@V8cf!kGCwLvv;LV2B=7P;8d+M#knl7@%*+Vff?4mK$>>}>E*UwgB!
z7@kU4*Pb+(SmPp8`K`k3$Mw8W*IvQ`e_eI;<LoT=P9#e~{?^g$BSPncV0>=YfOo@b
z%TPGL0`7}t)O%E2E7h@f|F~AudBUPTROBsDGB0jp;>46<SPkWkV9N}=8oK|V%hL3Q
zL-lMR?RdT`yfmIb!zq=~p1ye|<>}}Rt{EW8>+3R+Gb}|o1*)FE(La;YsGDGEAYBe;
z-cUQC8NCnGXd*}k9}Ydx7K(8zx@-~9Db$f6B2?!OzF%49pWM5rQR(-1n`k`_DcfR2
zP(+l=H7M9DAT&V~KK^xbuX1Nk(V&GZa5UZgU8Nt(WAtp(uG0BUVN~aP#wJ?K>(MN1
zG;=*CWFl!#O8=f<IlVvRl?n8<ylvd0GU8oXKZ5utf&!VLjZSTjVLiEJ^%3@EbFbbC
z1oQTg-7=W9ryf7w{s}tUpgjf%D|l#B{c~IHjTB^EbYM&r0wkOKx$kqwX?ts-<rRme
z0sGb&p`<bp%<E4GeB_N^TuK$a?F1qR-tq|lc^iHQQ<;Bz4u-lLsSODV9)th>DKPIC
z>hf4v5JL+xE)yL63c^O`hLDBRV6SZ0b%M9asO!dvdrfsTbkPm1h`l@~-LhM7lV_Rw
znoKhth}p?SZxQWPzj3Cb_2$MNF~>*JM?biBsadU=5puaWFN!@f4WlNr7^4!MCs+zv
z(ofAf;4{fLX?am1_2W5qngyy1pF|XGKI>yc9zlEw;7LceQFdb8Pj%eTiBg`lMFeeW
zrw|JtIo-$!GA)<P@VsZuQj#nKG?_zR;CLxnJ=PM4e1ORqO;R6snY0bmuP#JNvardY
zw^Wjp7@sNVyS#4kRI_Lh&e0{6>$xX9V~KZ=+Jp?ww)H9S+t0l{k($YcZ~HBB6yd+%
zWO-uY2`z4H98*TDR*d3MP>YiijZ*GNpBA?>x=;9BvkK-WEi-s6)oAlyF4kn$7_iLP
zstPG=Dxea!HpWb#4bPmZgpUhfsK75X_f&xRFrc;_BR-pTWf&>n!1BlpiKqjW%=2pg
z#JX{Ls@56F4^B+|@6pP8zf_c2ql<1bq+hH41kHo5*CV0e+cDsD1$eX#rW=}!nVlyE
zZPu-uUyc{)gwk9&k+Oe;qo|LOU2PNITt2iAsC`u!waq`Nb`Ioa)umqalUt@<124Tt
zzv_05aRAXPqZ;7)0GB#c3YB-w;xmO3OY+Z{(DaCVA+q#3UX0~<*4Nm2nDsSXD1^fM
z6KV&+`$e>v{Z<6?7dj+FAu{4xk9wH;JOrK^8D(xCZn4(XH$h+E$MxE-e1!OYxS@Ho
zv?FVwjz{#?-zc#+9<=hs^D$6*?|q5i<$2_BCL9acgxQ!8{+`_BtWtdlxN#>J0mWBB
zV@2h6$j|rh$gl7V`K$kl{N>2Mk>B<b1nM-Vc_`?sA6sV-aH>bNRbrhMWoj;mnB40f
zlvn6?7&rJ6Bs2_H^=s7-zPXmVRI;xlx68CRuVdT76otP_%L}jl@nu|(rS-}*f>|Q5
zuA`M;PKNb0a&<Pqa31OY1fA@WuSwm|IQ;|-R{F)^qh#_eeyc-lP?r1(rihA5%#N+V
z;&b#;>o;oC)^GU4bgFEMMrr;flkT)T-*1T_74DOHlLvH1!LRPfSn3O5bPi+UT3%nC
z;L@^HQ#UnAZjnUZ()#31B~sNKdd}eSvP^!XQ=koMF!s0^xCOu{{=5airheT5nz0mj
z;A#He*+XjokDl*ay`t(5YBnu_6nuz6nHTQ-w!#5cK>=gdGyEKlMqu;n&))`y0<em^
zp$H3NqmGm=3sbCVlJ@g+!fK)4?dC&O6Xb5KQ;*3fzGk(LAqfvuRx~TY&;B2;Pg@t?
zt@L^#tPlgP4#F#E=g)MC?s`^W;fp&`>6LHG*wJmFn91;63nXaIua*jX1yp)ZHU9~E
zF1+;oj}EEBXQK>i^HjyVa>o4DD#)k8`E~w+<ct$3ed!6Y%2;5!fC^1FMSP%`fAASX
zF)#}M(=(7chv7BXHN9A0-oIzZj@?GF$*Of_7vL;U2}habq0#z*O3Cu{wSV2)=La`5
zcb(VZ7e{^=2aM~TLFgf~J=cRtNi|KbOw!8q-x%Y##J**nC5x+3P>?qR5@i1{7hnW{
zSkJo=kQloB)bG@G<rchWSTz<c6+yd@q7z4PE5RI>uDMyot~H%_ljv06|Eb=QwMCGA
z@i6wz^p5UKPYr0R>r%;?q`NrXT}9?_t{TfCsxRCDUfuWUEA8Zt#>OZUvkQZ~q<OFI
z43egf0BGJl&+k`ft^Bf{9KXwp$m5Jn-R^uKG!kF2B7VfnLm<Qi8&`@Uh_ox4U-Gad
zCT-wks*5$T6E#L!uWTzueYE|Azu-27H6|j?4ahFNTu+VT%sX%_$<LnN;bJlKA#~Rn
z`VpDFr=)GJZ4(jgTmu~GzI+p?&dYQr1ogT${dEQTEW6(z$4%bXzDAZdKJ{=j2P-4g
z5YlgyVgs@mK2Pu$h(^wso{_Tc)053$JTUWE5dNW-&0Nc2QUCqpNkr_yUP$u>#8*{Q
z0y}-HKhw|nv+&UQ-t^*5s)1+dV4JpHU?g*#4NeFU<CMJN0Yv(^6btVq{<_4^y8kCg
zVDvbnjol>@ZL97)0WT?!y3~s7MZucPw{JZMa!GAOdYvIiQIvf)6w3nAZjms2?a>$=
z2v4tv(ibn4zzSB-rNglx-Ph1M{Wz0MEfiUTj}8biG11_B!R<Zv|N4Yo!%9t1woL9g
zas)v-JxfzX@4QRGEs6Is692<j<@ox(VXx(qjf3G>A;7d+5dI!B>cDMyiz^QNNAul#
z|K*VBs^SKdM$p~BHA?^o4DX|N;6C{9%e!-(UoU|%<&6S*f{Z@)^c_14*x7&d5-_&|
z^0imM2k8=K!0Juu59|5+BZ(m=DzQ+&y548}vWx7yS9X6`2yc|{AD{es56t;LZ!Rot
zUGf8N>fen3n1=nwoWK|D3xCWY{MT0_VXtU`3F{6_SmuC4A{?L&&hM|1AI9EIAHb-A
z>BI3{)(>_WdAr^F*Y9VO(IxR7V~}U_0}$aYo^F9ZS;ZGoO7X-_hzUWq5`U1yjkDh!
z^A7pJ|Bn3NU&vqePvozz|Bd`_vq7N98){z`+R|C<YN+mb`qxR8-2=P5RS)aMzW0wF
zDlTNX70b%MVT|i&jFr~ickN>IkvWh}L}p{s+KPwxbgZ5a$3-85xtzZ2+a?xhSAVDs
zx81WXP5(5IXEYa~!LaFLxp+f8`WrT4fc=8I=XRo4m(YnswZPYABzjr3ch2uJi=o~|
zan2D1(~yajj+ABXr^#|c`GD1}c|eLL4=iTiLw*m1#UFMOVNB8;2u8Pvo}HU*K>l89
zGeRebo_ETL8~Fi{F;S@d8e$ebvuUUXQNARb-ckqle4Zu2ef|J~KidKxgDuFvQespg
zrP&&<6U=^psp5+f;purXiVuPUG_aG7Dw=2abLCUbGvS3Zz!CjVEiio#<6wJvIZGL5
zZEx?x0A#JiM=rtkGe?&bl{XDdqQzPo;ZQF)mc=h?j)ckF!T6n3@P2Zl%!ygDp?X>G
zRY+%ivPk6}p@T4FmX>AkXtNhM!Ltl=yH<C+XY`d^u?gz*yM-7ymPhl(d%rl6Zr&*7
z+}xQRBIhfgV?w4}Vq-;n>7rZWR)~;4Z%QY<T+KI+FSQ7>g3l)b)APFn?x#m`x5b&l
z9{|I830`Vs-L<oBl_k-r@HqKASBQUx3^m+IdGrqaIGk82%n~~0ByHjyujp&*W90_N
z>H+$FLil?mO!m&M?;Md)9c9&FQ>00*-q!h{@N`Lw)&(o$xAT6k>()BSOwwpwaoQ^^
z4|_IV<wBq^#UCvIj`KfS5bcX_(>wfl!6%;^Sec}`JRE=@@8-84=@bLh(<KDh=bZW1
zEp{>a%ICOTUod=tv{k<)#=qD=`7bt*ga6XCiD;CGBcw80E4%XZ+JptlmuqY#izdwB
z%19_Norz>!SWg^8Oa^Q;19WSv)?Yr!_z#~X4S>hY0>7+gamM^wd%A{0PgiYGSn0#f
zi@F=n)h*sJDvHdata}ktr-j1*jS4A}beHD2gQdn@So8G7sRq!b(ZsmNy~bv`f;jqJ
zd7`gqDH&~8%TyxeBE}A2uQvX2;(xH3{2(?KZJjnF8{Ee72cb{jD^02L*(O_M-Dd7e
z8(qKb^zazaJ>x|Fi#h?W_s$^#t~VeNqxnOn2S;HzYw_%E0yc37zMIgSeRRu+$yPq5
z<l@^(MQNjEQPP16>bi(8<E8)oxARcaC;6VGde|7*2+%B-nRvMj&Od)41VwEk9?2<-
z@Bd*(sj(npjcccNnlJnxEbI?b3b3%?q8rW}Een;c;0hTl-rk}Sd|`i1yu>9^VkxVH
z@<2eA%R59Xi#qlcsrWDE2w>-*WK5zh5ub@^rMxn9f^<Pw7V1Xw#S7AB@OX2lI9XSR
zdlubik=e&#2jCpPTtC1%|GrkFHYyv!!2K5)OZe-R{|S|3=l}p1fVcmHIw$_Y*TNC|
z!igC8;aGR?0mlLWwAp_EG>5v|4GsGrK*jPGRR3R~I?E09$zQG@>{JaMCUZB~cT-(>
zi54(g0DJ1tj14mK{93_(IU`_`=gv<7&WQ4t(*wNsA2;{c#eny~-z*?MjQP`NG#|#?
zA-~GMBfsJ=<cIzf`5WziBYzg~!Jk+R_#n=e@SJj1`WCm@l;pzi4K|sZSLE+mn4E*q
z<Zo<TuKPFo=J+7{YezVvl1AntDyj7yZ!FY_6v9cOW;F@%v>GlS95g#!eHjL**{0oT
zue_05#K09h^#jRk(XQwBa0SOJHL9Gnb?MDb#feJ`Ql3`>F5wp*0e$wz3!t9^`!g&q
zh}bN!TD8A(JPb)uMf)rS)t+qy^hUxQvLtMOf{bbiKC@#D2=@QeAN&GVz%z?6hrg~K
z)_)k8id#C3Suw)=xnOT8nWj?u)CmEFE`;^%lnM3fC(FU#zX^2d-(B#07G@?79Wjvm
zI8SW$N!m?L)|QkPPyh_3tgnopFqucqGjcgoW>stcZ%*Kjdn9JL(~1o<D=!Z`l1*#%
zD93*&=)a|{ym=l&e7tVG2%>F^`nFX)0$Ax^ZXoAx+e4S<n&Izep6ok$6VxqN);Z`f
zcRgMQD4RawSiCb1CHdteyGX&;k%HU~5az(-`6$QzBWoj->b{zo;EXe&+?o8<t<>hE
zTPn4h>#*C!!~5w%T$N^M{pPx;NYuuU(Zh>T--(@n`1Z|E(m@s?*t?o~+*}K(6HI((
zVVc~~n~#y;G&`k%p!Z&%iTj}(3QDP%at-+&`IX7ls657ea^mJW>f-do;#rUIr$S;#
z+E?-;W<WKmMCRs$R)=QbzNPq6HO4*=sZ0S;N|{|wKJrFF`QsIqGo4$}9*@VgCi)C9
znBlon^3$=~dCB2}!HhOCPq@~9g3KWOF`W<5r~-smC&||YSz_UFYpQ(=y-Pza6G>Cs
z%}XqPm&?L@YDWPGeW1u<#}t(-r8VJfle0PSiSNs6nG1fN20h!U6UE$7$Z+)}V~O-5
z9zys9?uM_*m9hs|N1UycJmi^nF-`4)%(9iVEfM`AVg)wdew_fViW+j7*2s$ph5<Q8
z?3ifF@nrub=kn$RR3Dwik;>f96OParqGE=WPt=UH>JL0a_4;+KvF5btA>S>eMQb|f
zu6y_NOv1k}On2F55_eIJH1hF$P?6P2>hx}(h13G4<f~Kdi@=Vq9v(yTk(J@d1NaF^
zD68u^R!xC7V^5Xi`6gIb6^dK8=Pw~E!EnrQ{&1IbssIZK{6?o|Ngbo}f-ghl81+4c
zI=Qk?MrDJ6ef$FD@QkcS$)~o+XH<(5RiRAy%}ZG1rvyM&IDm@}gMWh3TKyI&zuth2
z@Zxg(EW~{e<2QE8h5L2EH`F5lFtq_OORBqpMT2(?TH0^u4ItVgdI-s*-gyW*$6aea
zj0PB}Fgg&TtzvS7-HXyWiDmO9ATXnw5r~*_rmqC51js^b19+@aUwclNQ@oWD?=Iw1
z4Hd#EGSo;oc=LJntRTuSFY<O+h2{;1P$)g&IKI<YrEN<s1|=Dg@t4PgW2Gh))e%eh
z7bax^3q@i(&a<=o^gj?L3f$AfEQY-}Jv6_#y#m|jHv4~%iFTQ|MX9QG&=;c#zLj!N
znMAkn;QW%lVkjtOq-XQt#%*X{C5YU^Di<Xz+{Grb<FiRct8Ahb{^U)svyy}>nYk*y
z+b1oFbp;q{kdxe)Ezv|zwo?3qdzwyLNBZ+!ZVt{Hwhtq}7U@3^e_nu_oZys0z&CDQ
z7ppeEXQV(6MOiy}it<2eKYkT5lqxf}0+mrw6!W@?i*{kF=&&MwFh8)er9EQM!%T%0
zNsa2DUxnuE@M0sIRNyK_ferU?bhY5@m^D?c@oO#Sf*8%mqb4EnnhxtL;AD!ATzdmr
zcpd&sdVe<!pGugIET@i12tKGg3gplUR}An(V^2*+B`(tj6eLS)Cyge$ok;njVU~jD
z6B?&nnC_5Y<KK~A=@;??!D}EC;1Bg1&%MT^pf;-C$dB<I1fmra-R9wdmb+=ZgxVmt
zz#E02Wea6XfF^UQ_SAs}R)(p8)w#B9v02Vs$oq>RYesB3aJmpQM-q)8>Zo|HxG8@r
zHf5b|${^@z(gReND-Hd2ENNckPd=94p903O0t=1L`19WcMOGIBTnh;2@~qzF^#C{9
zGd1?xm6<9kmw4)^hsO4I*&~ik&&E!-N>W9+@xIFPkXuHpgWjK(Kt|}&%HI(XaIkjb
z61XYy<RFv?j|mF;Zr{=;kZ+TvG&}pyyC6_$95JV6$VKTD?e?*GXU*YwriyCEpLDp`
zkhU|D(c?RQ-DgNRf{t{VFut(FJ9oN#`Mo?x+Zn!`sy%(UJ_wU^USxjuLBKzFw%}R?
zLCoL`e3~73t9(mO0|edyYSx-RLE|hV35rzp^?{uOI`x6msIs-QL#ll0xmHD6pSHQ=
z`fXm&prB%ht~I#jU*h9=dY@k~nNU{7G_WQ-FxrQd9ZsC1G$ZOr-IvaopGG_Tw$mwS
z;XlDWXP0fPUhmU+r7mH{W=tbAt6V)&Y-h`C97=tnBv<bD@H|I@X{DHNL-jCx4_d^+
zk!l%ImDbZiXG^Ws42u%LSH6w3p0Kp9xYR_-FYVx6O(E!QtzT6eXqlVDL=JR0dUO89
z#`$U2+>B+=4JA>lrK`<ts-v2zvO-%IXTDjTf*O>#N)cD~9cXJL2I-Su*XfTl)U?QN
z8ebN6(2?Q_W(8M6++9pCOAbCu)mKA}$EQibQlKc22d5?E9ax;DA;l%8b!JsaFPIFI
ztmx0EY5;1DtH13CgJ`DNG4l*-&!_m&J9=(R#C<Rt0nuigF6_8^`sP~X&OLfLX@>bi
zH(%)eq;THsU_LBUvJ7&p8MTWV^U&bllw1CdhLeqz*HX7h&C6+bG}7AHkH*8V%bN4H
z)$3HrZ03?gdDKWM$VHyV1%*`ZiTx0H=T2i+SCP}d_-g&e+L&*exBL19*Yu`=z{(<S
z2nqIrRiT}ELWDLQgpip%mf~h?WXM&JY*B?B7I^XM*x}qf+JIfy%gu5a6yvY&w9Nh(
z)~peAkW~fY=b51hk7Vr<)fS={PlaRNGLN`tSrvA_Pt@`*dO^Mbk1b*#EkScwh(YG*
z;`}zNyRe;#mL9u^;_-gB=-}DNcl7!B9i>If7=Xb(F?2pnwF0m8HyI?^IW=Da545St
z+vWLc)tf6Cyfj<mA`6vupgUgR5AVPqsxGlIQVrAgz}RwQmB6B)(Q`CD@5e*X4(%H;
z8Q<_QP_2@60X>kgnHGX_o^_@_INvcdtY+nHA26_s7xdY@cNLg!lRZP6lsiknvyw0L
zuE3({X~no)m~BiK<x`)SXCoq{`6;wjWwoQ2EZMA`<$*Gw>*A?Y%bsDEM@hOVt+L&m
z1RaHS^Dk?ryXK#TnIns)Z-*C|A8wOr#I55IvwwNLT*=mM+A!L7*z*QGh=r;?Hf*-~
z!!pycP0ybESgDJLx0W-N1GcC=9$vIhsEY9X0XWu`U+e5Ah*o867e1I;rj3$3eGMP?
zl52(!1BUP2nBr|HpSYDW-e*7#%lDSqx&2goQ)t)5BZN27C^S%6^xn#jEKbDARmf&n
zqT7lR&-yCm^I6vDKFdbDgO_1dcX;q;p@SE|c^knFwJ*m+DYXjIM|P==m;5C53#W8x
zWs9?OOk*e<mMxmbNCcb|)Q5-;WVCgm8*0^|vKP?N{(K0pkxhNpZY?|x7ZBb|NnPSG
ztBHTaylxVk-ts1bU5ZZgfSb!9R7{8GKvyuaE}?a%Bg2wRWmccSD8;O0h96rkeN0aP
zopPq~`;H?OL_Nl12He-uNVkSUT2<)jJpX(f29Q2Vwrlo_#sXR1@U`&9f%zt9t7nUH
z5pivz%pB<0+AXdZt{Afcr~|X*V0}v#%z6Fn_y8-Ug9@2D<hT5H<X8TM{1yL1{_e@&
z$iE9{5SbSB(HwuXc8Je?Gj+<xz|t1!2n1$W^<c>yinDS3@ZmksPRyeCafUOJ61z=z
zpY35r)?o2dMNbDcdqN3%W%_?qAh;)gKR^UXJk`q`3C|sQTNA6iClqTV6pPrNomGfe
z<)k++Wg8agyYV&K#W^s>^OKSu15B_LE1{qd86_g8b~02tdF18OPfPjVhc&Eu4Mbxr
zV;eUy?#dhE0m-b0pqRI87R!X_hbub@@6J)&*FOZ(M)^6zQ^sRQ+(WVB+{<Re$L(_m
z(0cSBKS9Px*RgFVrD_7|ug3-Cc;=cf*0W?9M0xv)@fL1uipfZ`U3-+nm=RK9Gve2e
zXS^yy5!*uuuwMMYKFyirS0`5g^_v-=lz%DBQ2;_C_bljeDnYS8!7wHqCF#HOYw79k
zStU-yFMzS9#U1Nc+z;``CS`SRheDd3nzve8BhU(GOUOrxGmK*T(O#0GxZAa9+lSjN
zGdWRof8hOgk&hhMAnam$G9^ON)!W|oiGf`q{>P14H1UAq_c>uXqtLR<K~|W*501e$
zo(zIfns!oGwGLS`jd9Y3+uHgfSR4>NqH_s<#e;7xLXWbgg<G7(mWsK<kEUWjds_4n
zC?*c30@ksf3BAWs#hU1_1Z^N}iW)9fusstrZFHPL)&J&F_3Io{RTygj@N0urhS=z(
zeOhM6zRrq{$#biC{)&M@AvI&kLqd}JGE+gBoZDFSb|R+sU@{F&|1F4?v+R52Vd?Uf
zk%ogpRm+<kvH_i`&TG2N-HdF<qgp9MO;?UZ_JyzI6lT*B<R&;jLF@~W><eKOgy%|9
z(-Ojc7nyw*8QsXDxx_(JpXWcmwd~_c-5k-97N|BwtzF?MDCAYC)p_8C>)@jN9c!I4
zPRjSJSlDbVZ|ajc^+Wx22}5j4I^IG!3FFsZOk~1t!9wmmB8N4mH8c4B_WX$VdPs`&
zduiWo|CzeO?K9lOV&UN74o5PoPvCq;OUFE6?VZF{Dk0y^eg~|wlw+ABSQ6)G=tXo+
zUBxTNG>BLg{gpOdaVRd5u@Zc!C^cM&a?G1mD9S5GnkqSCO7r894kl_}z-_wj;vND<
z^b`D<5*n)By#`UC+I%4XCH+PC-~qLv!eUx+{iZkPlh|mjooKK<au4Ch@bNyKX(R-H
z4Gl2C=JO!Kq-{3D0clRL1MSZ*yWg)KrM?<ZX}>q5E_jxwY8#7sh2Cnd^W!#WC0Z>+
zI9x02R?crfG<Qiz2wR)>8u@a(yLqe&zL^)rMy^#IdchW_a$VL!c9x-VkE)nQVoi!j
z3Ps+Ho04YN=awOWoKPX5B4YQ{F-3FoJbKfpsCl|Kq36kkqKna<_7IF*{RlBke}2G5
zhp;-}#&Z7lV+u}Lq-ssIY`>(+d-dxwA4GOJSOC+;{{BS=#RC#%BrDWs_mc&mTV9i;
zu(0Q|cm}4JkuoO>W{*xUyfmy8|40_TPk+?LRN)b|%66sUVnOZ8UKLF$IVUBcb-baE
z4mIjEymA?wI_P9?ce>Z+V--<#-+883bklXDFI}JcgUNx8fv}kLoD5bCZ+EUL*U@K$
z+0;wpslj4-{Zj)rIoMWLyn^7zd1Vn-5x+1<8uA;-3a)<Jaj;lU1+=OL&;K=zESYp^
zavyg5v%agM@<(r0Y_n$zb)3WYM$$ibzQ80#=8V6%u-EM2^KZ@ri>fl67Pb&1GaDQF
zo|+WOJNG6seW@(#6ibauA}r19QOABFJM$`I-P7-z0O~$Z!I>TnelPj<hM?85O!hc&
zzfD=q8rbp_{hl~kCSwKK<8CSBcZlw4doA!`_o0~UK8Lf?^ajG*lE`eWORc^mWMLJR
z4$W*-<YzbiB#G*Toz;Asi5#mwO-oW26*6+MM(Q=Xt9flc7Pp0|2>oZ~PIt&}`|rrF
z@(cOP|B3tqVZV`|WFG{wGuD4fqpn+zB@VB>qx<DdaapzD7`CpjaXcZL!sTbem#5?x
z^RDf|i5d`vq`X(<3sWr)l&B2SwG>`z-#{QV5W#(b<C$#xooosp)ctjZT9;$^ARr^G
zT3KC%KcvGEqk||SsjxdHWZZnxc9!u&t$ye<?6U6yVpDlSh8q1$rZ6vz#EOVcRq2D$
z&||YimYc&{^Amt>rwAA0ql5`x1?85`lfNou?|$>z@Y`9xfDH5Sb;?4efnqJ`MB*Fo
z&5L;ZfvxWxVbM@yPywz8$R4z(bQuk-aLFek*$ggMu7>Svw*1DLN8*LgWKZ+5JW%C7
ze`THI$UA;GiD_&!5w`u{@<+rAcgoDbhc@Y&uR|z9JSkD{$^Ur|WWarQon<UJN?wPb
z7KM&j(9HNb%}!KUK9hS_*iD3QVU)PMAmZ5Ac%)8W(p`i0%`C@jES;1obXMH<t))_b
zT#w-jXJUzmLuX7&ek4bgz~=!cIBvw(nS2`c7hqi?TqZ-uZ7TJBCyhQ0R%)e7uZVS1
zr`j+wC$-g)%B>uBStEq+(lpZ^JX`AisOhoq(8c&iCXC}uMj4rzKa5S-_t>+BXgRjw
z=xxR0ugR}{VUOE1)?F?JDioub<GqX(dnY|<$i=I6N;Zx=k(j$EU9LCX#-G<(85WJG
zot5@jJ3hv&V73UK^)S^TArPFNW8o>-6#bDh+Cr;20!U&wDt=7wukORux^2g|JV0o&
zvSHG*k}b5{IkKl@Ym@nzb`Gs}_B4Mp?QvxG*0DB<RQZSE09#DlOVP6qnR8-r`EA1P
zuul@fan((898eccHSE>sk18+oqI6j|UiWcdb)lT%2oOTrk3R}=QV;@#lV2L9a7J@&
z1NEoGt#UP|3YoIA6p^l5IXf-;X+R=X>Y-7Tvyymt^B5?t<Vs3&7M?z<y`25A?5`S0
zC#luy=>0LP{IjAZKcI9ckp{0N3|*_Ngg*^83b`+t`M7ZCF(ACGDmDWe`T7At9$vX}
zaBHbecfY94=0m#-4$z-OBpKzaEF(EwhwLvqah_p+ju2Wp&!<a!e2_aWi~6a@3R{A~
zF6!~&-nP$X1Rx|}WQAKKW9!+Dzs6}83M$1*H9@S<5x2r|-D{I9JciJIt*G;VT>}l(
z)c7E!>#t5vcb|u83Hsr6b%<ez?>5CZTpGeZOYzZVd`5wY-8%<F2gHJ^Ic9vAeavex
zhru)G;_}ZW_}|`f5Bj_k+=UU7$XlbQC}(@h5Jb88jH%^4>Onzx>yg>bX#yNRd>gdf
ze7VJP3olh0w#ld+r;1n!J_HM>yF!<J_`#7X?|y&<j>u0<s>@#^@#Ag!LQi=3KF{e9
zss(6!{sbkSDi4_9+e+VdCI1AyftA8NfsG))f`Qa5So8v%up}#{TOIL)*}YV%CP`_`
zW-oJyY^G&oO5V}VCWIvNK%FM5Lf3p*tAwidQ%s$CAa3n0!>c$4RT`P^GWnd)?i3ro
zPqDm|mAm?4-06bckN2oY`_6YfY$yVy{r6f3N=Rp|EqxxA`~=Cx^bMI>18Q=9&(9XG
zPyJc}>d+l}+i}x(jWcFv{b8s<8Yr1otkmpZWMjt0*H0ZPW3490e6BNXvunbFSYAda
zMfL{QuidY{((Y>A%Dcq?h5rMhXFkbz1%9<UEhMQ?qZ}xCB@K@=YP784U09O9QNe%;
zW=S9K$J}Z=woT5Y71m&wk1Du#3#VFQ)zIWeEt{v+11TtFi;pCPDFh#$6%cV%=O?I{
zhIC!m6iYv4gGnyCl00Yacj9C8FQF9i=w5DQq~RHR9~<APmbF6j-4olA=-tddrqpP$
z1Ei|HkfWHWK`G)Vh{-kj8OO2T^m@aI;%i$iuYiTBwxz9}`i$pe(c0|dZJ6;@DeD>*
zcgXMl@5rzE3;E0biTq>2zmdQG2n2fO_FOY%yk2vG;3w#laq8LFM8C&WWt;`Ig?u&6
zRHc%HQ@m5t^CK#A#n~1s@+3d!Yf3QKvv16$6cc7*Q_89Jw7w$lT{o3{4&yir?#YpG
zn?JBAvUjkfV}J$7LA0XhndQw^pX9JRZg0DdA`T>B)I@z_&F6VQcJ_VBJwOi}%(_YR
z{%hqE^v`0?9<K28JCorsdQ)ZNUoV>JPBPHmBoH+3OkOGalfB(9%jEy6subO456bD_
zQ0b%&RE=jJ9$F=eI3HmW>-3^OSsnO5Zqd?GbnRtD{t#v}f(0=DN_D?4t0&Si?41j=
zHABwlM2>|Ehzrw%4^wiW-mH0ph3=-U@Xh=b=eadWB&+aoK=TB%*pi!jV#JcWY?a~@
zR$&Ux<4x};9@YZrx&8vShu`$2$IHJX=jBX%&=K1R<*XiduCh|YGT;%C^R3yo%=PE&
zUBrOd?Om*)!kuWpzj(pGHFMsj5~MP*e^4AyiB4K1Pw~BkZ)I#$2uF7o=pvePKOtd(
zIbKZL%iyyPydkFac~!~dabt7H`cq2Oay&w%Z3+2>hCVH(i_Wmk<j928wMl^&-+qkD
z$&f`Njzg!O%`DTu-8Qmb{<NTt9Q9=E=?Y<#+sE9=kp{TCMjJWy>5dQog?e4+&0)ZC
zz&4_2mL}j(JCc2QWnPrX=D0g_A%!7EN(JsutP$?*8^&oIu)UyA7WXl8Tw~f_itAF7
zdJuZzRfxVj7~)`l<ppg_zIn42j!rs=%M!Mmb~qVQ$uQ3(G%$&E=~&?W<`Zv5i_u6v
zeSb^N2!;m!a;-orruKJ(-dQxYK?L5Ck-~ZHY26=s9XOvisq?>hj7LrScQ7)Us1;^>
z5uzR9bYJp$)6QM?Bx9YnMOfQ;;n{Ez<2rPh6k)JEflWv=RJfeO;PM1|lLzk^_S+bk
zJkCE?6VCFK<!D{}5m#>@&eDcOU6+$_RJD1YhRTPnYE=xauB;Y|k7^H@lhTdT<2f!Q
zGiApp<6Ki?&^>*kY(ySp{Y}^dgZz3`P5wT$M^;Tt6xJ%bXM(Z{cMwzePf)x=rtiCo
zO5!n@tm>$*<t6tnN}lgA>Uvc1<laa)da$s#SanKkm8Ia2fpQuk5ix8DjG13)DaMuU
zoB_$5u`j2u*&Y_tmt@x-p7eOu*eucuT0P8VHhVTUz8LjL|6;D5O`>>f(c&XwjnV-B
zB%5X-uI)n}$|?aS)@eufZ=KIeDssW3qk~wsArbC-3YDa<Sc~Et{rYIh%=7V1=W$Dx
zuwMajzi8`4b1>%z{S6HfU5(~i(ulDl_FSj=H;bMJfoKVo^2E=T%G$q|J_zK+DMU+~
zNC`5*-Hqm$ejf1lIlMHt_(o@C*<|ZLOPi@3;+r<4kp18bmZ!$!^j)iLK|`aSUQV9~
z|5F`&I3D>c!%Z$azmK=_x+j90Cq6r4SB*@UO2a*5El=W#2<RWLx=}$YnhHIdPCc5=
zvJ5kdqGV{w&`KTFrg4xHmTSMhcs`NsavnBP;H$b^sKH?%C?yp3(i9rk8hW>|GS<{H
zwyVp+)}sw>;QT-Ay#-WN-P$(1Ra!#2LqI^fOF|l?ySuwKEg&G>EiE0Jlm-#$mTm#*
z29cEf7x?I-=bZQX{(t;qd}DmyI9s-R?X}mMYtDJ!^SZC=o+}m?@HA)mG97aDL3z`l
z%kAW%GGmy<YR3L4f-fe?z&+IPAYYqX<?RWI*N0vpaeW|iHHW>gd$Cn>v=5_U{#M)V
z)1=h<%LRrnG(tNG-rq(Y(vOV^w3<<PSlgl*u1?iYiII3HsU9Z*$>_YS#=>3N6;i4Z
zLHq#yO|^yv-<_%pF1Cjf#1@C7-P6l6uc!uX^|M{A%xhv8;<Ak-8)+p9$e@H@9V0-i
z`i@LtB$2Iz`Fbc94Kzm0b+3uJsvBCDdTqPojefn~LsU`VnWf7u|EMpc%py}m2kmOU
z)=SJa@Gy%;A)7rm#GR#Nti-zdp=Y9HJ^I?YYWkeEs~ET<CAg0U^;<;z{NU4Xz<{-z
zj7558-M*vx<QDnU{u%j|?~uRzPvoCI{E7VA;ULhP<drTJB?V`h^=zN4ZT8afMxx*>
zx>pquYi)d*VfWpWBil78hRQe!o+wg#A}N18F&J8sGK4x%utd}peLr|g^DZqFopVcD
zdb^TKn&RP`MI@eUGyQMtWy>0@-KtioK3BuC1=V3sC@Ed)eU?I<FGzLTnZFWb<f_!v
zh04_+<}h`NAC)GkjhH2K;Huz|Or~v}xO^aJGA}vB!C5hUOBC?_a~sUIhW#ATo_uJ?
zRr_3{cXWk^A^AkRrj)@Ohy03CboGh@kxqkD&X(^lD^DQ~v+bX75(K;5!@kkz%(kP7
zgQinYcp;$=Rq{~hS|rDg4_xu$<Li@k#F!R!p$0G(tj1MsPchQHs`qN7p%bENN5g}m
zT*Ia96R@$umOQfVGdz=kaB%0$lhvtZsf5ag`dyFPtESVic094h)(O3aUp06-(yF)$
z#OzQy^-Afrx#opBhqdAnYJa&RM$pIHGDw(`g8287y*-Ul{uLVF<RooqcWt-4q#Mv<
zP1*Aenvrd_c=WjDv(Uvk4wV$C<Ry~^e_!#6kDoBoUq#UriXw+>4+n_2=~PqXekt)*
zov<!D0v;AU8yBOA#=^<@&_^d1D%}dTC(KrE>ZrSjYVZK%(kJ&ka$Rd2{NXVW&{>=1
zfpLTJs&D*KEO)~iZ=t{Uo99^gLyi?1(Wh8uhVd-#L=fw7IN8=UR##8rm$fw&{Y!jX
z5RK8k7}f2e&o?1_a&*$Sc2G4>e&YEdiSX&G%^T1dFOTQ&QJ(B|X5sQ)WG?+%LrWr>
z5mx+Ym`w8SRhLy#TBc*nLUSji<5Ujk-3Ht^Zg!?<wGRx@DH4)6zTZzBiYP=SK!@il
ztMB10tufyV!Q=VgfAf&xJpWvw>$=b@4v=d_-nq2iTZx;J1-LWKLEwRheR!|?!zt&K
z6xt)TkjI@Tw(w`w_N-HRm=Ph!#~rT2b1x;$fu}h7?(f(p+3=6Y?KSVKocbYBwz9)O
z8AT$!nsZDy_o-X3{}3Oov3rUSWX4i^qExY63J0y1X^w2?+e1?18|cL>c4=OX0k_L=
z9ILz<yH+0c35mC43B~6?pzGMO94O0q^gX6M<QbxaCEH7hlkGqsYr&}cKIE*-k#UCo
zoW?gcA!IdAc=@V=R4+6x@*KNHn*3j2OVgncP8OP^xUj#+<Qbh_2-Yf>j443*8Y!TS
zCyf!&Lr}2S?56xqbz5t}$9s7Jn6NEtSUF<t3V*52KeG~`W*EKvd<xlZcLDRuMC88l
zmd6-dKGp>hq@uaOn_4i(3FdvINP_uGT#le>Yg+~CSe$mdo{&I^1NJOiCrP!vQoc`C
zI%Z)bFkliRf{B-T6TGj15HKVFH&FHEzU-n7N9H!(d+ckXWN8JrNjVcVF)|}W0_6=`
zo6`3Zj=5W>r^8w=23Jzl1;VI4-NSJ3k637%rz9e)Ys8w6NvPSa+=co&uo<#I-B!T1
zqJ!)aPSXNRh|sRZuZJk&b&Pw@ca_L4YAd$0RDSMx)?-RnnP_ed9siM%nmfcAI#Ok-
z?Mxb4d<)49Cefpq(x>!N;;PVvx8LE70_n8evl!}6{)K0O7kt-Cnt_%a@60h*-mql*
zj3JNJ3wA*;^~dl;p+pCL1q=B#4w_KZ#=kUuJ#J6VIV`zo=phJ?Zs`E?;WpJz9M35%
z%Z)#&jTuo<vufK#1o1WkQ!Ep%E?VA?G_|CxD5@BHR(GQu=9j7%_8*U06K!p~1~a8W
zV!x}#n_oY6T-0n#Q#e0*xA10(k#B+rOgU2HMYw&cs_`M;)Z0O09z=+@*g`WX=q@*;
zwp|s8y6L_XE0!-a!b8SP^HiZ4qT~3*GR63yEI2qF6NR!{5`@3DyR98QpI;zQSW?B!
zS~(lT;!q00-R`PJvY-e(Rb^72>2rE!9q{DyZiMf<=0*CUf$Hk6+2^;&pZU+ouX2a{
zWq%_7LjF(W5AOt?#<*G2Dt^&fRkqtPk>O}NCV{JQppEh(L%n8<RL|Kwx-O6~gDaCJ
zoT$)kX@C!^SyS%R#rXxEBv?oMq(qwHpjw)G{$ghzCAIN=K0#SU*^?o9`bd8siPGYL
zXXRK-q{px!)zEu|5KBJ1(dKHK$C8c8<{IoRl<DT*{3A7I<^x{k96?P+>Tacz+CG{y
zpKxK>d-qs>fkf^LQAv7z2|tD<URv65*v#ug5rd)9<El8=LloVD++M6_IF}LxADCm?
z494G&MfM+7wk-3~fN6+cO@?pN(0*WVs;hdR4jU+gPX2cB6Lyn!Y`dr};>Mwl_JU`_
zqPCJ|_ak-`71r;7>+D)B!?O8%E{X5FR5yOh2B}JvsFO^`{(4E%p99=xgWq@fdXCny
z%X{T}(E^jgvt;jJ()VBY!@%`=jp-*Fv#<+HJ-7tRo4~Zsi31!bYkd6T2)<Blln&c;
zl#RLCdd7>f!bkGJBdUS-N8px$&oO=^G#GE^FA!LOAMD&i1mD{M_q2!kk{q(aRh23h
z{aC1$sG666sESuKEp3qff->Z=J(2%(j%?O-M3~Bn@cCn$8FHKsca?<~G9r$nt)qF#
z0g1fsN$o`tnK<IUYxuQ96&>dH{+TIqV~DhkQeL)DO6L?wrJIK{A6tzo!|SC#8#JM?
zniLL&mGti$5LxU#!IRgT1rQx7VEvl+>=<)l<63-J12$gy%_9d-5j%&@Ct;cUa#iOI
zmqlOSMcgAx?rbQ*>n))=G`HSykdNn(Znc^Dyqh;%B9lm1&=@9(zAquLsXk8?@AVPm
z#XHWRJ!+3hdgJjyMc5UKr(|P$kGja(3qCW+514AWHjK@2NYfnGSMx(gV={PmS2W52
z{Y~{D-n2;sQ4mLkX;_q6;|PWKRaVH;S4~CMUiMh8qspMW+2BY}6)aTVeV(6f?|vC4
z51fVDp(KXNCV?$^_EL|B_v5#&ON4qPJnWDY67gA|<mrP46ixQXak1YevG*T1LxH=C
zfIDjzYkn#&NTfnhUTV@Jd|{tA>RyR392;X!SRCeEdG1`s*%Tt=L6e^JvGiPIEIdE)
zgyIvoNj-iUiY2xx)WEwDo?{zJ4a~<6>sdv_Uucj^EG7~gB=9(pQ`BrzL;Fd35Yo?u
zMQEp+%N}_0LR8+TD#dNTke^Nwq-T-{6~Rz}CKwET&&5|>Q(J?Kc0F*~m9az=p9E2N
z4ef}UHJ@}Qo<1r1I7r40JRV8aQ8HGfbrtt=fI&jJywWnyUoZz@irmvOz|tFyBT}_J
z<7-6EYO#)P^jg?ar=w1!s4S2vP0FwwTOTs5lSHYsc!u9w>pXYp+>^KY(A)bhwX5$8
zlM{vTkk7a1bQ)DwIWpkkHhxuok;pn7dFGEEu1N_h>8+Kx^0$56xF)KOu%udSHVe^0
z9d8N;v$|w0*9Uqm(jiOY#|Mhn941qse(}cQEG`SY#^R=kAeJu|uYM9A6bpf7o0b=8
z{lY!@rn~{Tyt>cp#1I_a(%5%>_Hn6+yS~vDQ5rUq{-vnRqYhRbwIGx?_JU9*Q)bDf
z70Xn|y9Tp6(HdczZK)Y0l9^`i;Ti3`w#s#W)@dV4PgzbO6$2Pr^!76mfd#S$&txXZ
z{MZ>=F;@nK{KO)vc!ktI46Ri74M?h=_Bw`VlQ!Z})oH14apjGSC_GYOFCev6n5Hm5
z4M0YwF{vMXBx*8NvP|f_*6`Kh*y|8)Z|E6tjitNc^uxY-LQ>ntgl!cY9;Q4^(OA(B
zMhrvixvXlMLV0Q(1zT2cNsM09d~F4rvL}Yqinm3&&wWxo3+%zSa+nuZIj<hGD;)#r
zsXo!RM8B$a&M)m?>rrJVJ1blLjvV>X<s^n?vz!dEFj#=t-%%qVg{`<#+{Y}qo2**I
za!FK^6MJWlO#ZrZc2m*2^@Xga?k(~+{4?^a-XVYKpUA(e`4jm!1VNz7;2Y3Hsgw*J
z@YMTkwp5I$4Yt_}Fr45A{twjnDYLuM<7)QPO7`M2pJ^Q?5WK&5Us*V~`WRj$2;40%
zpGT1D>}+}DdG*?g9&r;=FYI9X;9TzZDev>u^Pfp*UVD0fqXcfq3Y^LQYq^P2K#-bg
z8lODo9d`>mx5D@19-v7Jhub%xX#VrD-<HRPxEJ`c6MIvL3}CuQ>urB4<o5ytVuyVu
z;LDjL*Czp41W)5VSauCu(XoAd2Jo*ha<H1~W7sa~B9+ZA^-wg{yceI?eh1Dl=+3yZ
zDB}+bi^wdgBUtVSc2jZElpnR1v_>+Ed)?=`wlWqEbP_!56*oWwWv{D=zee4FMt>YZ
zNe}^5UhqY4=N#tkHYopT8)Y?<IksUV!SJC8j!Sa>qhHMwx&g^Fe@DLom599BD5>7H
zlo23WZS--y_u)!Y7x#1Y#Q>>-XHco+H5&1`(~pYsFFxi!-2Kr{dtJ^>3a+1y5Cw9$
zGgL?`Z5i0C%?idS)OK6C1Nc~ui@ndpWiKzh|FzEY&NP))AP`6o**5_|*hN4V<m=w~
z0dVEYuOq3T)(fN0t7}W}reswGVb+GU1Lpw-UZ?#ur#S!SByf6y_i=%$5H~!Vr*XFa
znxF%>K~V=4*=fQEOcy2ZHsx>S{Z{kwG!40;5_zqO1kzlJ&xGMY^v6_jIijp#L=TY7
zP3y)=^~|0mFwmV@A=?AzQ~lQ4xAy$i#b#A1qBaUPJ2Udt&yR3&i)GKmy?<8e_o~JR
zvu|;I30Wf}D8Q99pdtISPQTg?<fyn$Kc2*N8`U`C@-`}~U1HngA8_8U`5${I@CDi&
zp?v3(K9SnMRLErOP##kMAU%H|kIIpK4%6#!!GaBFL+{qVtt|Gp^~dEyLf(n-tUhh*
znM(nyQ2zZ3;QoK_A=5s!2_F28FylQbpp&S>lz$d#lWVnL{D~a)3OE~Gqv^plI?A~{
z;2R59;aV?(ops?hShm)c6Qz9iLv2_X$=7Nc5E0h+7a4(e5?_YjfTo6lJ`B9#1YFtn
zy0ai#ww?bQOyU-Qnxm5C2iil{Le(9$9)j<{UCLenw-tPyc%8<7H-4k=I2zbf3Z*e7
zYwQQf#i#~mN?&0L`n-Yx9ThX2NqBFL{&0rh_j!Y_cmpc1aJ|Uh)H=E*@2BPK`Qf?8
z2MoRZ!_T}2fzd?&)>_gUYE*=_f~E(af}OwBvq+=m_fmj?{<HK#pW0uVFy4nD*c-gC
zk=DGP5A;L=Kic)K_pdU|xA6E<Ak_4kri34b;umI0gb<y-7BjvTAJSI>->=|b1aKl>
z_NUY9o`Zi3FFl*u+Y{}Skd}1gZa`Viz$_zx4!ys-Q<hQp=Q73vR+0C{1?Ub#_k$zs
z@I!X~aFQa`Np9zY?#US?M^-}w^>eRyFg1{iW^+UsOA~j<H%u$9udS?6Q(1%~SSeqF
z%)g<h=Q-Plk`YCoAea<5k%ql~CGWk^c8!r?G$ecZF$=iWU*IK8^Mxp#X58U~CiyM$
zfB0wQSGz<0l0T7u8|5eRHy(mO`vYfam%J*{^fw^-Pe{X$2fb)KtEB15G!BZhIB4O_
znR;MLOf|P3P0!{wRflvTAW}n)uBdg-ehqxcKx%!?>gS_HY@8geNYPQ!(OKDu-Y1oY
zb*-?yvLynxi)qN?X>UhK!W!ZXV3m1AM1Dt6z~zbmg2HjU_(F45BvSs$ozX?zO4A;|
z^HkI8vSy!;(C%q0&9_pmTkYA8t(PbRhVc7O5H!ZdO2^vx5RTk;WP~#_ZVxQqM(kb!
z8*rp)-v8BnSnMej7ViGU+ke`<s`247_R5;7h-W6`RnP4tiiTV*MQU8kST~{?;;c-g
z+(Z1X(NO-zVc@#WpQtG}_AVJF8enMVU(2S08NYZ#_yDSPl;4a!V2C}_GMF;7R^;6(
z@C)q$9QfJvF$=r|{zanU>)w;*>7nmvd?%3vSjTxHK-a+;htRQOMCd`i@_s~Ajs4p`
z8DFEk|B63~V{F94uP^x#L&-Ii;I<raOu0%@Gc?-%hn5yvz|1LEkJ4HRw~kD33a>No
z62H8daQUt5-|H#zs-7q~x5Jn%&Y6j>xQn?R7TI$nQg~!B9e$}I*tk}^ypG`Q5hidk
z=C7y$p!~0X$v1(9%)v^GnH-kUk|yh<48o)^1cJ?1Bh;(T(w6VZ)p9<_RsDTvMgE51
zV-L%+He)_Z*guJrW({6#jP7H|6`>3St6LjX$IAG>4ZYGZ^gmYyLfo%7^n07bpC`R!
z%c85DPLz5j(A+;A!QnohR8_*awD+vOge+!>Z7POwRdocow&p*Z<zBv}skI?WtR+GR
zkz=*HNq+Hfjt^Yj^tbijA~n#U{|}y#_0f7*?Kf-P#;;#A0t<LT?rlu{j}Bdqe-{*f
zxykSK6nQn91t8epRRF^FFUO>X`N2ef9R^@4Kb=KhkA34`!{o1{hu*6dG59_9{1&ao
z)M$S+<QMPxqb1Mo)k-Gcy4>&d;8!dzSDXEEl5Ly$uSfp1aVR5u5NSv!us?8B!eH$k
zbCcr{$oT#j=K)P;Rme0){`?BW`Cle~h!3v*AGw(v*1tFR?}I{zH-wyfYFIK^+By=)
zA$z-WovWz+4`EoefSs~-c!D!jg2pp9LPL4`2r_YKQA1{3HB?8qipv)NJ1_a29x9H}
ze+s<tX!mel>muGu&UT`&^kTBNM>L#x?5E!RFU;nb$*}dEbt*@esuMq%y5;lOdS#XU
zBnY?2-}2AMuYQO8#eX9I*S4R?AIAzXzaK37Z<?V%<`D9S{eUZvehq2bf9l3p74;(e
zz>MYJW&Q3p(BZu_D8Ci;J373jwUJlz{;dlX{wU^ovGvFV@g=$L-*g!WA3y1`Z|5pz
zAkgX9fAj6=pI)v|zH?XduNAkx`inJUJ;aYw0m|k7kLCIsI>Z1&i}V+U{mzJij@W)E
zXGBEmZ={#q(@kr~J@QADmG`P?BzHXXWz^Y^`qTJdETG6MX0VW!aBxl&E}V3Rx?tR2
zVjRSS9(+UXGS0eC&RboSWlIucgt?YdRdx<lc6G(SD0)S6?Lz~cPZ4>hay^rn#8dq;
zB506co?;A<o)C)_KW@dO-eS0B+`2d_x7xQezW~kq7?N@gF!4O%vl|dVgzC2jWNgG6
z?CisnZl;kCjBSh@!4Agy)_04x1{O#Ntn4I=BzH?ZJPb;1cE${9vIZ8$hF}IoCj;>9
zcL{5KQ)32Ib0e@B2@^9b6N9+1xv3eLgo}fPLCDt1)<Mxu-_V#r*x1?J&{)ht-;F_9
z9}G6u1j+^eX_GJrnu8tXj2(n*t?g`WjBUUqoD32+U}Fb6TPuCAF^P%3m7_6(sJRue
zib3>tm9Vj)t&uT<l(CH|a7-3Pb}l|XB!r(ecTL?LyN3#T1OinoftONW9-Yk!TG75r
za3gx&hlwvo#!ez;^*mzg6+y*4E`tXS?Jz4rNZqLTQUCqnzg_Zwi8I_H|JXkxzs4Q%
zL;ghm6PKUJk3<Us{dZ{m7Zm=BlmCqn|Ba3R=g@^)<e&Oy<k!4I{-QsT|B~h>@;haK
zK>wve|D{6zmr$Yq?IdPB0%?eu-)583_CM<>j(^ota<}qHPT%2H`7i@NDljM*JK8!q
z7#ceQl1tRq27LR$M8bCWn<z8MZ3zktqU<EBTtAjLNZ43^EOC;s-Rd<3KE9ta4cPZi
zpfRzK0DreT-hE{Qw&eV4OF0KyLq%h-CWD-?D1(x*EBMDIf<Hcletbx1lK_QE8ylJH
z3);H=5N~W;Z1gP5B%G{F^jyq<kP`yx3bewJg!Qgy1~CU)C%d1r@$L(QB7>5HzKx^Z
zZF3FX7=#r6(uE3Qf<W;~`UZ}`CW>GOCqwX$E^#DbyA^kUGW{V(Z%h6uNB?I{$jrgP
z^rt2)(Xh6i6-B$Y`FP{AAVZtQb{cQ=2&#LVP2@pNILh}Z3}{1nG<*&46Y7Y4;<@Jc
zNz+dTa_d4I*0G|69ZXD}*LRaL8Pct1E!4HDhhr(R2WM*PG!jEMmOG3c54$>6=cL^Z
zO4XE8vPzN%M)QXc6B)9a2M5FSMGL5;x%?QOqEWb#v!Sb3(G3prU1C^&8kEWP@N)BV
zK1deRst^`Q>^o#3dh(S&QlSOSXb_rZc=h<ZI$Fus<&1SxVpC!-FLcQCDg=&ip{3b$
zU+3zYGvp?S-kXcx1KRTX<Po)98uKmkfBt9W*SbUg!atBd=-$Fl<Zqb*fsF4{^VC(@
zv=y41%YCja2wyEWCwdtftd|5YQ9|~pA#9*{y3>)XZTW+*cL&nTstdKjnsF1%mcvuq
zj4nqJs6OiSP<8E2o}}HZ*&^+(gu^zWZF=UGD#T44>%KX>c&Zv*B8_(#xUp{H-@4g~
zg_Cd-dSpmdQ&*>zrc#BmC!`+s#BEG9m*MiVC9lG#i?)XGhHHt!E2^w~ql93t6GHR7
zK=TsMI*fQt)AIW3(+D+Y*`#54gnN`7@+H}-wz|UDKJCZv&1cuR;~M2Isiv5Fj0_@s
zupReFH5dyq%*@ncvbW0X3wc~pOBWj6gt#Hu#5q}9Qg(9snxRYZOtPedClhg0JMPnC
z<5)_kequi}?8q`@6W$_dv-c-z4(PTz7^W9Yw+_x|bhxMvW6?u~YP+d=kjaclXbU@f
zZ3`voM)`W1z(|I0T>^a1SSgu_m-~|oboyKoPyggiBzYQDf=5i2TPxb7=P|1F$=lXC
zT=*33W%$zsE>G!(+J4U1yg`<?Y8J@f5ED}mQnCES6fD#f-Zn)e5oxvbV%wI6D)$&4
zy$kkoyoaa#zHR8`#nM0@6?~v>5nAW7EBXo<rAD6wp$LLOk9JglGnRxmsJqtwHX!|X
zf=?g8=(dm@?UYV0tNI)l!Yn@GaGj%NO8#mRTA>v2LhJB***ApNvN?Uv_K+#7nXDO*
za{VimoI-X~g?7gWiv>GqyES!!Y`tCg1~3Z{0|`E_wk&=NZW|Y5QR`iy9h6lUdX1EW
zk+U^M=Nn~d7#l5)1`E$f7_aF9v0ic`Vtp9c@o}?>tvRmS8{Np~RRS4Xsk~KXL4uLI
zFWH-wr{hluMzWIVHfvKoL5R;8jgW9adj~v~6B=>g_!GR?bN`DEqK6%aVa}S`e!-_-
zAMEqJvq5DfBGBL)!z|Lxs*{GVH4dWbW2)n2UxEwiIev3bF><ZFn*P2OcMqxrL9b61
zBZq)_8W~)NoNpy4mCLm;HF|XW)8@KwKD}Pvr_H76H}~JdAOsyi$1Mz1aSYV(su`g1
zk|*E8J4oP^uKN;oRW&Hl;+dsq{H8nd;hs60k8-4Qeb=Z^q%aEoR#DSKJ4wA~$}w^9
zquJ8C+B-D^MCjPYIU+&Citl;ku~szV&#R#QNe8WS_Ou7fos%AD<xqZP&zeS+E95im
z`e+)~9dSWArt`epuSh;@U|iKV?nPb~YCqc$d?p#PIfR66%pe2fv^}<%0mm*A<c8S@
zBiphno&IKe_q_DNxTlyaq%0HhG2&Y@&lw7+=WbLTM7tEi57#%#B;g;H6X*F;fb&Qn
zXy)_H4!?dv(iR+jtpsB}d%%-BsvciaLLs2)7a{22on-fJvmW%BV)N|zb9xG<E{V>K
z7kt_u8(zKX(?d{+A#GnkJ#(0IyQ~haovWZthxZQtW;vZWm5oZmQvQx8U7%8TQFW;H
zo<QC-l&;JD&LS<WApN)bwc@7fA=B?NJMWvz^-rJ~u1s9Sw{bbP-K$@$tu`Lj`1Vax
zpr=GMlH*anD*fCds&#0MQNo^Tm1p+?hTf3YMFXs?G9LLivs1A!xWc~dTwYMnh4TZ1
zap*ldqYsFT30;<`CLaBWY2OhIHY2RHs}|$PE5<yI#!bwlC#yyHf^3tKNM)obN7lyh
zdA{HwbJo17evOQKZ(~YA+XSIS9$s9*QTJM&>M5+;x25VNsw6jqNYG4hdzRws2F@3c
z^bnsn5BXcED!O=gseg<mm#EBNo=KH~XGTn}%6zLRaL>qoXn6f4HX?1fA#!9*-MK<Q
zYSIG(@qYV~y{<@jNwH^BJ7vVgdj<~Wu;$#ypWGPbA2XEr_DI-qUXLY8l|G<X6540&
zx1%@Qn;4*L7&XEb&d8aftRn`yn3GE$4hLx0Jh#s%oP-l0SF`RX2-C3<@)o}^4<LJi
zhllk@be7?!T(igY7Wu#ZGxBTSA%DT2$PXL)6ZyMWKp;s34pl}_*6Zx?bELZ0O9IFI
z9RiN|Q`@dP0`eeu@Y?7Jv{afLR_197Zbt1Z!p}A?ah+y%;H)`<jjveQ0}}%QGrI%5
z+#v`QZciOj8P4%r?;G8_e-OhyTeF2At}Vy31^X$7xoS$uC9&Hl+`K?ll8HNDX=8{4
zyLJk-A>pbZ6FTl|m1L-nfEIcyv^Bi>n9B{lxmiAFZUlpn=*qH|VT&8;)L)`P{VO>S
zLMvy)T%;I&l~U285VtC2e5Y{M&QmPXFL~2?>gog!7!^!8b-yN9q>!+|C6Kkyi$vuX
z(FM&{gIV_%TKCt@q#AZG8lClp0~<C7iqyRZUlg`zttmK8=0r5Dd~l-cKCZ9XsM=P-
zQnGq@3U?||E5;!7qV~}$+Q#Zfu7k&}v@4Oxa*rGYRLeo%_~ES<dl#;&0zc5CftZC;
zy%@&ftlw;*P0{5R7KzZVGF;U@eB&@Fc*69>pYphKNHqB+)p8*9vHjb(GSCQu$$Vlr
zb_c}FH);o`oZdCO7L890=;<t|WlLHMjXDt%@e>xEy5Fn&R^rJ9JA?*!VubCq>j|E!
znbmP&f0E`v9&M{0c;m+zGySv#<Lxl*sfe76&1Bu{a{b4L7c&eBc)+t3uV`7PN@>7c
zZlA4As}MXGBNN;obyy!1ve)%s_I}#wLrL*zn^QLRFiSWu`r3)bCn#B`4mXAt$ZkEI
zF|Vf<gnfVgLoFPkNynTGV#$MwJm!Rh%oW%$w%ra5_SM|hFP&Vk!}~r7F<2wlFk(6o
z>}0-YlR@SpkT@UlHapDVgKly5daLk8jmD~*cd76ril9lb@fxeTuPLY7K@hyNK>72i
zL@I`)1Z*$#^bPX|BVe`QI1^S_b4$*g==5uwB6K_-_)7@f-oF0kw~r*(yM58p99Ekq
zY3$TbWi&0cpB7j-<9%RBlANuYP_D0t4tjYtv@!L*z>(&;`&A>xiwA0Z^`G`1^5{fS
zKiL>MX63FldmuuW%B*F%F$tNuX4h$aUQ6;dG_9|)u62=ElBYrUns3>eIh+f+q0w`i
zUnc2!MwC~PNNs$LhRQ0vukonYR5lDcV=6+}g0qwAUX?qo0LJ`7x|Hii%_9ristLTp
zw^+1{aUW_ql9uXvxiFF5TFeZe$ghw+XEWpRdmu@NO5zb(`qWZLJBV7VAE~}{IL;b#
z-6l)$BB$Y5fYfOnRu;+eBwupaz!kBAzSf90LVmWH45m4#8|_8ZJrEfTgF*aSP=-8}
z4P_)q6{MK_g>~_oj`rxaPi=W&EKT;Tj7NWZxxX&y*%=KtI*dhB1fuLPR5>|ybkZIS
zyW4$Y#lA7!Vcit1$4qk{>v3|D-R;`G&=}Vy^kNbvqOX>|(rn{)^Um(XKY5balqmo`
zS2nI2O|_JVFO%eM=LdGOtoP)U-$SUITsPgH^SQ!)9gp?!KP#PEb@G#{-_0D|YMEct
zMz?Di83gqmjeo3mvo^4`Vi2(brgqG2Oc^AM03~4#cB2yq6oR86!2k7az_(ihg5Y-I
zNP$7gR@uh<b|Q#`ndvVn^S4g8+ve`znj~yYx7%xz{PyeZnx9qs*DCy+*AkKtzCGS;
zJ(+*ZeBD(PSgm9$CLt`XZ}+Q`48p1;OpJ_-48V_yZjNAMYY7_@TN1V(a_)Aw+cr3u
z+ktHzNZ5YJFjW#};5x}Wt@c~RZuj_EF<A#AV+WuwsDAdvQxZTLnwkR>U2aqYfF3fw
zMgEh2Mt+?;<j?;T`H{qaBL7-G2m}<X=wxSSWo&&bK^cFSTX%K+S)X4v{JSxC@>E9O
z+L%G{hy8&0Ia5ax7G?$su)dYKp@5C4l`#n;gTSo?!MA<H_Ln)qBy`M7><mKsc7IJ5
zvU9O82soSmm`7v>`chio^{+`qCMK4<1F8O)SY!o$RQqc$W;RAZE*e{_kgzk}Z6o-X
zI=wBOgbCP_1SlBLrng1_^rA5{;4OEu`HyDa%IAM;=HIUB;ADK)_`8;ha{TSJ0uJW-
zzd5a{xs8C0qxml<{#VQYCE?8-9Kk|n`VP1KB&GlN@?CQs0l&C&*gq<GyXU`E@ITq%
zM~(j33|xO&0dU)2R^VXf{M!nwz+~<(D=@ROv;C75q>S}%2QCQ<%U=dzW&O<{bim%X
z7H1@32F3{qaG2YC!f%fMZ_~_ogYD;7RQl5boWEH>P)JxrghmKRn3x+okTEmL7`yz9
zBL6Fc{FO@iWe~t&{<g^NmtQ8i8_Ivw_}>yae_H#l@pld*@Sm#q&lchYdhrMB0po;;
zlk+zVu>*tQKaUfRzk2-t{V<_pVrIT8pM;$m7${8tGEjhZ|B6q)r(f=d#6O=6z{c|P
zYyb|x=l<<%03hr0|9keI1DO72y*13=^Zz?(u&x;6Gq0NNw~j-6NvQM$p0@{(2E8K5
zQozUwe)~#k6Rk+eJo7auQ|J-t>qjKK&jrOF!#{n^I^wba7#{VZ&g}S&)8OEx<-0}+
zkoUoPQ{-Aw8rNakew_NJl%%=1xHw^95&r;f#D|e^p<xX;n1ookgm^@l;KeLmJv*zH
zg25zkzCZrHx{&ho^D{CIO>z?CN=ZqD)z;QlFq;mhOG`?!sECM)1|%jXRye}r6B6$3
zxjFZT45-MM*4Cd{IULv8Au+ljtJ#0H^(k3zpOd*VrI(eFpliUyz`|O)MSesjIM5a}
z=<W?dd@55u1pIHAgaQW=0YQI;(!E3eyg!j2?cyi$3%vz_R#u`EY;5)h+8>KMJD<==
zY(|pN&_LJ+a%4B6e0}eac9=1gd=M#w|En=1W6zb8l#Gm4Tsjx2jK2<qgdi9ihlGY!
z$QUZ0ot=FhovK$Y)#7qo>z^m<N|9mQZy2u})Vbly2t4A$Iq8*Yma&X*(c1nz@p<>!
zN0Gjx1AD`MXNt+xbltZhHZE?g(Pf{{^L%P*>hs4<ylk<^y~(nSYoajQ%7`Y9Q=K}y
zMHAlzkjKf+!RaZ=!-vo8zJPSxHijOH<|yXNn3$NbrQ@TcJ9ZJeq;fm;f|+KXS&S8E
z#+CiFg&-0MC(dWgWxF`$^z?L!-jAE3`Qgewut|K0Up%ZL*$8c~3%+kUYhGr|6V7-Q
zT5m_HRN=5Uj#mvtmYte0AH{A=)xF;)2`Fp6K5yLrfRB%#l8}Iv?U!ajMo&*qLqo&G
zrQReZF8+L>Dp6dk$^E#zJ}wR;xswQab!`nTWVgLtxMq2Id0IwVdZ4E#xE>kPUOY{(
zKbBIKn~SS3ks1zuYIfGJ#rFLHOuc+M=U7aE-~FVdq#~>uWudCGopq{%r-dU!ky^QG
z>5tuyx2pA8e39_ktIUS)+j?&1COYrWTbr7Sc_=$}tB1;}SXp{H94v`|kGrGEijoMF
zFM0$Z$=10L^5-a{xiF)Tpag#W)hWLY2*_f|y|rk$ymcf5vR!39YBG?_X4o0l7Kj2#
z+eoRP=FI6O;B^Pjzjq5#(AQu5l=e)uOsC`o{pIQ73zJy(stV3oeKEON=m~57>4{^z
zmnpa@8LTeWmYcIiZ`4<E-=uE4y1Me5Z)ESzRFnCzSx&H8O+Dfz?|u!B-Wi5FTJLD;
z{O;i61C;kyC$rWwRrb!#Uf)*}E5s4P2)NML@OfMr9Zt6(Wex@ze4cg<o#FWW$7724
z95(GU4d6{?v!S;x^KOA}F!pAuw+{#T`E5RPy11MY@wy`ta>t$RH{V=q+BQ|Y9j+ZL
zccBpTy$8nM`d~&^V<N4(;C;Yd7v;Jl2%lc|(v-=e&Q)8CQ=fzpK6Ab}*)4huyxQ|W
zvJCRH$#ZaU)C3~o*VxQ)1J)*u#9_+vINckA<W|@%3Odoh>wl`FqqFrSO=2+^oib+e
zopImLcu){rulKhe%H7#o@1<Z$@i4_8exvRvj)j*jBqXo+TFy7o#l*yxMlE_{i8`gn
zS)+LKWzrhf(>=szM@C{!PWBhPPj;q{5Cc-kenE<uFO!IvSjt!R2nEqfd01FjEzHvv
zj=@weLmQjYlWe8VqAyX@e(PD{XT#rC`|R83G;7TG8n;8Un>V*8GEVSi__^(!CK(Le
zIZbMl8m>1>KJ2nz@G^d;<=Ik5Ai6p~Zu`W{!ZKWiMW;bdPTt<$E|tXWe^sJUEjZ10
z`BliPv!jE}Y)EgiR2vwUqS`=(Lx8*bj@5xTM=tgn%K*=?o~_BH+t})jr-A1L1|i^0
z6*mW6#Qb(&UN!6ndGTExjpESj;Ns#++@B&CF$LT<917TPzQV98iu3ZSdQwLS{_65F
z=oS0ON}hDei0u(31OM5V2cHm7Q1T7^{QQCkpB}-JO3=X>Dk)(c?C$Q`3klA-t*5QX
zR`7b9^rvzi)~}~4@;<`Acpada?Jn^W?C|l`J;(J=9d=A+GlHx;Xl3iBqM|VQqf+lg
z7EuVfg}?edfE}Sc3V6}h-yde58Crh!!SjOMYRYajPugX{lOstH`XGhXd?Zr{*4z7r
z_OH?N=ruo182oAvBeK|2zt)1p<<9W!l5ELDdUkg9sjL~<dxpwp>-V=#<054FuUOgG
zl%Kf-4n*f|Y>Aes5NlTH+E;~YJ4|L5M#|0&>8D+wC-6xJB>9U7Z<_iW@m}myQmq#$
zLo{lvdeRTq2eSj)0+6<Ek^j*@Bfs7q^5_1E{5WMlk-ugd1e&Ta1nf7g9Ao4S7~ExN
z$|oo@svx1Hgw7&BVA;iNu8Y|FJ>b?lOZHe;SaA!rw#4~{&O2SOPj{A<d>_QHAoM&Q
zbC|8MCKHQzxg5^1Hkfg<5-S@)#G7nzak{^bLA^CyNhz9<kkHxrR=_V$He<fQ$+CTV
zX68IQlCL!aIC$S<_n1^JRHT;&9oX>xog)x*N*VG+kx;B^+XbT9T+sMIrECTt!IR_)
z{j4UO((LSIZI?L_%$;^?(}86F(ij{DbB|h^x$f{pVA!#S?2&rI_@A+=u$clzINJdl
zh|gwG<#pu_9`Ef9869?Xz+p0g+GXQ4{Rw@KY|`JpeH#@OMSdF-s8ZayjC(PveLh!Q
zO`B#ECYF|#-i{<Jq;Q3X5G3seu*5F;*~uUZo0s=N+e2h_!V`%=I=(>-F}_o`F+)e^
z>hurw#|E<(7qW;=IMI1x!oux9gyH4oJ;-A*{ZvlL#r6Gjy<<N3?EE~2g<*QIue)2k
znxBLO;KAugD@;$GJYi&vB6*L9f<lSGq)Z^Ax;h?=@xgA<x3-oe|B;X4<>e)#G~jz1
z8)ldS%?XvJgGDGlXc?^CLtS049P3ZSdJ<j<e|a?gRd^+CX1q%&SmHS|<-5SZzy$V=
za`BUL{((pB>$FAUQc^2%1qD>j3btluRNr6w`xoXFo^_rJv&Bk@D-h<IQpxJetZQiu
z5Gf@pBIZ5*2|IR>=XQ^<5dFiin*(`)XoN2#BeO;0LLv3$OQzv)mIx5MRo3tKninG=
z7c#4;sH8n}(Wx-#xW2k*1R&aahP685i;Bm|4dk@DQ)rzP|6&?F<^8Pnv28P5`2cmk
zNj4S-F5hVe!v|af_s6Tv$WU&dQn>*1%?s`5>{LM1yu9go@iS^II)fIDj*pR0P`V@%
zuZT{{GqU5j?3aY=A^_MngMQ!C)K=!_fCp)vo(59fm6es{<#MyIC`9c#<LoW98pKwY
zEg@^6k$hD<!rS9Ek;S~nLEj6-ChGXBS}VTiJD;AU;9$77wA1PR9Oh7q&4}LK-V6+7
zdbhsP6-mq?4?{pm2=IrVWWH0t+42WdJ)O_uJQkAjt{ZKK5U(3`n+O=|Z&vD2qvd}Q
zD7e-I7~^D}&cy<1$E~rahQ^;if0oJMvn~dJ4Fv(`Sz<XdGP1qBeaqv__4|H^S1#8E
zuCA#+8H_K$CfV6lc(*MPBNWz_Izn$<wD)c5@bGYFk=%lq(T)~2c4B#X`O9DR7O1-_
z!1(3x|6dl)p2=%zrRD~nbLZ{s>;M<PvLgVmhYz<gqTtk<^WVRJ{{oke&)*W4pM#^e
zpg`OkMSof%_1!yWi^76}0>$*|%$%Ip)ZGag;IVibRT~nx;Ni~HRDz`;op(*EZu4l}
z;U@EH_&z>weQH^=7wo@(TYdkYhYc&N4{04<Do4X>7sqkOBoAxaMA`2Wl4ulQS2E7V
zH@uO6-&Z0tbU2QGznTEr$$!GDy9iM(ToF=w0Daf!*UbnSo+s0U?(fgHAUl_n&DYi5
zH(u=XKyX0ezbu!zx8S-Q{>)1j;3M(O0Drn%3T2qum@HcWsK^u?0)he?UbbefO}1$G
z$injC;&6@iEWkw1&(9SkEi5e3zOf=n>MCS)0<n=5pdIF;c~=*wz^lxX0Bc0E#%goE
z>4N{}`(Wc<!*&m4Mk>Fzm$u(6qkTT^bRTzrtWYtQLK+PX&4#wM#Shkexn$tQgXx>I
z<w)R|+Ra{`qDJjOsKLR(JA>WbQ}5jz!}r|IzUos1pE%4^-6Fpifc)&hN%^<$A8h{z
z^S|Z%AgX)Ox5&Rr1t34-E&AVU`p9{U`YC~9{Bn<AX)%OBpxaVb|GAWyyHY6st&|`l
z!`o7NiGP&Bs|*Kf0QAT0```3OF_ghw6dL_A3K1FJMIoGfAm(Eb$h@rSB)KJ~rKJVn
zTBADW-@niGj~T3emPewnK912c_JctxQnbsX8onLZhV|p{6n4h}pcu83(ZO_HNqrbd
z!nkw>UlYJMW+c~|Hw&H4kIa|wFL_`6CB712v^{q!x;|-9l9Rtqo1dTG+}w=kD1xLq
ziAGYph|nB^k6Zm8%FD}J6>HX(N~f?>v}$N*@Er{aQA1v&!O*LfgW42oX$w~;=1l;d
zvklNoNrt8>>sfXe7Z>1xx?#8g2s$As$jbxF1^Fn1kH_n>E+u7lqC}HYI$3GbC>?M`
z<GzIP<6`c`t*ww4GH4@LL)2?I?YVM&p~JNSfPgxDTj>!BL>|sSMMd4=_rB&yM<XV-
zJwF0CHj8FeVj{gZ0umCNngbBkBKgh>PQFp(CjgqU0qTwTjEMeM4wTyZQiB8P?@WfB
zZ)az6wfn@Ng;oC=3-}MTJ+}(;i+0+PTU%SHy~`lc(b3Ob_Ew@wO00Es(kotV6bX<?
zii>{%A0gEbf#c->B?Ao&{Qw5h^@|Ve#KurFYMuZez+H|K=rqUrs;XE=bUwV~ntl58
zX=*MJbtgmAix}ZXPH25vI=VT4BP_`kdaR7}_HF@=zIE_vAcZ62nad|V8kG`_@lx$)
zxg+B(7;rLF)U86{b912)5ng-s>sSmr#py36U>{^zU;>^X5c*t5&UIovh21*qxtkkT
zlTZHX?yRa4vZqMoux$|!^b{^We%}c|*UGsP_S%(DWDOi=Yi-3^qLR0`%m8gJmCjQS
z@bWOH{rM(G2ZyoiP;3UYkiEG^m$KYk<LA#`%?xg2aN7HpugJ!1J(kLa<cQgNxVoCj
znw+1V?aWk%DsJquxih9IT>~-^k!E+bcxx~mxGy$A@PP776D(F_et!mk#w)Yp-XyEZ
zGF@3)BNLN%u)J2|MVPw^$E0j~dwUk=!;)f=M7fM5LLc6}dk2F|FjZ%7s5~+|tLbeq
zOm}i}0){(C@(Lq)&=P#~!0}@h&898}A{0v$`sO1TRW@~9RonrfzKX+(ZGq#QdHMOV
zFbUG*M_ks$?@J+K5d`{nJwB+z=Yf{ePWRD+mBv3+TTTW920~iNrLu7_O2vSbgYv6a
zQbg7kxUYLIFAoPTS8<s&1T;4k*p@EattAw4a~fnum6f5}q_=Sx3^`1tw=IN)U%QiK
z?QXRWPbxb)IyynCtEm;xbPGHF2pX?v3Bbp}l<7fr5gK#KZa8m5D3GV>9oJ8|iM%fl
z0QbjZQBheV6AcR*@;m0*9+}kjZUQ`?bL~ru-}X2p|Avuqd+JtJ0;ri50SE+T6ipSC
zlVLI9<NXC)F1UnY0PV0ktt?R<RB92kSzw@w$7B>_K_E1A?iahYU17M2T3Y?@zApw6
zcRnnqPB@~|sQL(pShG}8JD<#HPfDa(ctM^vfmKamN_f3fIXGfF_H83Oas(fS-*sbc
z&3V7+w6nckiT`yES|%{ugh?U*ZN2r~`*N8WJO;=+AxcNMs~nE<3qWraeQMF#U>Z@h
z-_V@d+u7+qp(%SW*q^BD^&Nn8ay}YoC|xJ$VY`N{hWw9yRDQxFgps@_I9Pcn-q+vP
z5qmxMo5WH92te1GixZ}s7NVneTY-FQC?&O5%#(6E9#@TxjiqrSE+tnsioMDa`_67X
zBUdaDOOe_kLr?_t47G$;j9&}B^N#744O2W3<Tu%PaO81okPiky(}yFH3`|{cB5GT?
zjesy5Es)QKC31c4q^F<|bHd122_0)pX`Lw&5fOpHclMSY1t7>pyog~~Ot!d|CoC4B
zSahucoQZ3Ss(|1{W%cuf4Bf^9b}cwi2ms=@?|+LbFYm?PBKgY5zsCczbvYbZiu+o(
zyMg4c6{Q8A-!1_!c+frI-;WpiU!OPEpu2Uq;Q|Ep*UH~MQ16z1?)4+a)a(9Zj?3^a
z#$^2&W60Kl7;`T7=pN{>3Mld($nIZj_Vb_we=Yp4YQ_ZI2l_|dfg=Gg>AU}LTL}W)
z0I$Ek{`vsNA83^8`AirI>Yrj_VkVaw=!Cs(7}|j7w*~0y_dAa0;X!=#+!;OMOObIH
zLEhv@6qV=3$nQj<#wo)nv~$9aKRw%5@-Iwl<)rAbD|A4jewt_MezL=5*olaaGz^Zf
z5K=14EkSmNdA8;b@Y`&TDoMYdkHw?l_(hMEXfZSF62mtM^x78XSm0_vjn0UO8RbH@
z!Z$jwb;ss|fc!}pe)NaZi85W?MqlwT%b~wVc`9{=wleW3BnwifcDgrL(E;SJRB|>D
z`{Z8_>pl0&&<1dc0n)YH6^S0=?}@2hQryw@@yq6BaCM>Bqd-JlX7GkwZhvxVmMX1*
zy~M<#D}v+!prlo{Z0f$u6nCnhzB4doij)F`;5$8J1O#R^><K>=D#|R;5;|7mGV=Qa
z!nkT7`=9G$G3#196aX(ZJh1vIuYl-VeGVj4)&^20OEfu-q~`(!RW}`J8Tj}<06@F{
z;ljqaI?zXYgF0Yue?RituA!kql0S+Z%|}xo2?oCrhzEg0?o{;j5lYdhRx<UKBg%L|
z#n4bt<!AX1rXz)8QNGKj^Wb_Yq!;ia5@2Bk;G@M_dw5&`JvHj1q0Ps~CzTF>9Tqlr
zrF6e`qw`}t#MP~F2rgehp?d(UBM_Uz2(>){j2RKx+VegR^hp}*OJvZkvwN)F#i}A*
z`i-$X4+2C(Q@?qkDT$a(?Nxm}X;pJ%y6T!53hT~@r-4mN#!^;!F5==r=L5k^tlAyv
zX3T_r{?8$su!wPc$_>3AqX)k(wrxT=p<_knm5+>nKU^P`tb*&wy@@X!k^0uck+cg`
zEEj>=pf&ZGO9WguVIn4>X5pxE(ObrMH}f9*Ol>qyjw$u|=~N~pIJDyxokL*EP+{?b
z{{ASryzQ7Ll64<(<ysXUeuvPceOf7+1Y@Ffygkse2o4K7Iyqrid)QI*KCqxrM2h13
z*}*d8J*x8XI1q(n&=M(629%hF34Vx<MfQAl7ghC(3axgt^f7_&022=NZ)$l3vtOEp
zQk*+J@B(XnyxF3Vy&+`CX=}`Utv{&%oyJ*8U^6EVQtWVRN~cQ11M`VuTrSnEoaO6_
z{nKyXNGm)qP5`<d_T-2%<K;-cEV1F>K~ekBeyM?Vaw)sT*v3bn2O280U&al4lo{<^
z;^TSN{EG@S4b_So`1=C3-1?1Id*iEeM{-JIB0rSMq;V^Uli<lvD*Ce<(Jn_4a4GPj
zi{`uR&xhg3pyJ?g+Ap;S5__rfqJ&W~p({~Fp^S8K8i;ly`-!NKM<yA-#=AGXc+UKC
z(I5LOw7Y9})ME`wGTJwMqS+mk5)O(IOMX)o6|m(JAmYaqXs3Y0h#=s4_b$2A-Q7I~
z$I-7n-E9pQx$s$YCwLrCR*m?L1|10BSo0vMf|_>9yHO2Dy>QH;#4o@4Y?c|0fSrIG
zloU~zvb20dGKHh(Q*Gm&Hy_2TwjPDZ<De@w6xmoO#>Wpkua%D|I}x^=A8(^}zL>KG
z5Qq&4C-ii|+k0auGoD-9I7~@Dx#x4in0A;J25Wf4>Jll^DDl`h7;}`|@fd>};4$C6
z0X~LU(A3m4(-W76NuIY!J^Buy*F~c+h&XyXLS3DEr3%1x)XCTQ(f<A-nA*y^2_3K1
zD@~A$rC7!O$|w&oolTEZH-u;b=`tvZ;hUYz3RzFQ%N=U=Km)Tuf_L4;S&(9JRHRYw
z5Z`PZf({^eR7Mo4e8Hxj#$ih&1~A^+nDpVFk>BVJ`7{4S{--HFk)O{N1S)zGOsKSF
zW6XClWw<f~zy{V7M750QnX}c+^%al;wl1azh>nqfr?{LCnnlA5K+&YccJp=m&44WR
zxL?6wX%_xCKgSCSFs<}k`H6`M;R&!4K-%LQP@F~x;>s2BA?K0OGD*y<$CJ9M8ZExM
zx~lee$}rXSfD=;{@*8b!2N%8SSUy&^F`1s4Qqq}JF3D+FmdbdmR8v!<##0m#zC;+`
zd{gwK3e~B#kV)>@vuD-lEQ04#%X@pJCwd%5<OszXM&aH_f$8d1X7T_S(v)pm0IHn(
z_1aJc&`*NOt!-^=+D{y>7>p)vO!N@D+uHn|+TUEAUYwnM;oB%;M`6<z0RgF*QX=6=
zIgYei+l7d8^Nb?)AZK|w9DE=TD|?(025sr03efG|fa_r(Q$?k%oY8EOj!49VBT)KH
zSrUgTHZ?q**Fz?qM_sxe5b5;#2&!9PWe-x{ZC@X`S%7O;IX)Q)!6Qx^2gj!aiC2%R
zNEVjrH<(){01PAd^z>-u_nTgoX&8KZ{rdIJbS3P95dqSK!A>QlA89_Q{FvHSSQ#8I
zP&_t(o`+>&)gba?zNvLr${HM>yAPxyKNl)e9<$X`%B1QYl+8^P`nK4@nDF+*yiulF
zkHBRKh<C))HV&SBXDoRMH!AO)-A+OqiK;M?!e*IJqd2OJRZ1HP<ZSl8e6jnsA~E)y
zH@_DF(AA5#S$Tk5s*k#RcvO~qZ)65inG};cxB?ta*L4xPDvs?Em@yb9uFj;fLvWzD
zFKI(bNlBaj0?BI*ax(C7iV0~F=ykmLYD-n62(LWDV<$|mj^&N0Tj-EbS@__&sf>+{
z%^eE`C#Y*ZRetZ8-lmP5s``{;0T8s>1*W5t3l;O1jFp+&-2fOiqiBdOAfuoNz(OM6
zjCzT<Wuc@r=7+-9E!WV{kcDrhIynxcSJ-;Zs-4BqGO|E(-9~R87wB49SpiB1c&tdD
zj2H7X;`I~4_l7_=rOH>|Sa@vRpT<eI_%$(*y$><>%gpuxZq^Sa&F8QJr_ZLH%jJ1~
zq+ec8o0B69#0fw}5i_Y4tNFZK^aBE>u|a{GI7M=)L(n1)uRCkD-ItH|z>#sq#l<*^
z^a#jI1f6RNx#^`NgJI7qQ5PsVEG@SItRXH`Y6$UR_SK3+WQtD8kW8SRuC`1Z83*!!
zqYwHL=!DFfI1L+K*dX=-vjf459w$}^klD0Oa6H%Z8@ssTu{1EcSwnJ6j9~T~2d!?Y
zNgeL2>}+#!Ak)0597D`(6y!dyGkPmfzL7JXt9u&F>d^r^_wWO$TeKl>GH!r=U}}rV
zO9c1D_O+{F{^d!!zB3yZxqG7UG(r<?NO-Juzz9{_RdpfuZy79IVxX;57vZp-f4Mo5
z3ssl}QA2Z@^E{n9!=te_oPMVREV=-pUFRxNXzON9IiZjWZA$?2tnhpu=U9)<qafM(
z=sPgGVS2AWW>!t44n+OhfahB`S!xjaZNM_FY1kL7$r<<r1j2{YIb~sU*ec#G@yed@
z&5bV#fW!t6yn;rf`8>5d+7EOaeDTITg^Cku%8~PN9z>_7N4O}098C{w<y4hpfCTxi
z%A|~;exY!67{4{aD3jBSUf2Tb`4aFJ>ZYz#0bkDc&(Cuq+dyL#A;(+eiVG7E63r|1
z%ycPaI5@rMz=#ml&p}aSKU<gCSOg?Zl8PK+TD$T%OIuJnGxIT~G5{-C=y>c_;x784
z$)!tdNAJ&R3OL{8L5@)9l$pjIKM@e}xRxge!U3zo7?#C#QK5$0YFs6xI^&APH9cr2
zNX{b(NLmqffkYP$wh1<ZRHB7$b^8~G+#ywAll0S#VZRoD&hTVf6p>lWFy%q2e7QR7
zAp2nkYY_Z{TjZblXXH1&L;kmaB0q!dPvlSA0)aZg)e5JD$}s}7(yRiRo7B}T&S89`
zulh;=)Yl5wG14-7D8XC{BtrU+yJe(R>$fsI_PCG_h`z0**s9!w_9LJ#AogEoaM-4w
zh>ihV<GeDY6v#%$!hd`UXh$|)`kw%WNF$|EUi>(%ESu=SxC25&(VjV`3R2$cfB5W+
zoQw=I#Q3;Y??_+!1r$~RtXHIhq|D%WO8^$2&vip(rAQscZ_s`5Gy=?!`&5B>ykj(>
z$9gI%3B7>?Rh&?hd_k%T3av!DYpCX5N8T8|YgcZuzxVnfYPRTQA25NO)*ITRJ1&T=
zypP}y$mCT*Lc*T!Z;`pz0d_{a$>o1Ewn;8=O^r(n&$arfrP`{xRfA=d6oHXob#-+|
zX<)@Te*gN3gmpJ(uDeH}Hrs$Y%1T5UJUo1A>5W+_mM&6mZ`7h9vGh2DlnT{jgzPKK
z_!o1;zC9yC-ezNVUq`>p@%k3<k<*+<ZT8kh<uj{nDd$62yTz;_>X{!*>t4W)ASk~f
zP`Y^}&?k0Wk{np%p`39TyJyh6<t)c^EY^#2ewZphR74Wj@QAa>vz|4&THcWVm|8nL
z;{RdnEra6Pw(o5ugai)+2p%A~LvRfQx8T;eyF+k?;O_3yxVyW%JHg!@{yXRX&b@U$
zyr*804^%-_?{4-UYt1>wcvhGJFK3P65ZEz$ah6u$VCE$Xp6(jn)T30y?NhC0n|m)$
zpL(IomC^{}Ds4T{{5a2SYPNu>dTyq;Kqw3%aM(jjz^7vP=ijL7ViTlax<=}&GVyy$
zUxadc%BJ^=N=ix^y%AcY|8K70fgaJy-3CkCv|&_?bNh+E3DS<~QwTy{TjX``JD~BV
zh&TP>9$HgV)A4SR?4`)36#H>-n-?nXnRRWLQVVWxj5wUD5*Wv;T`19QZEhkM{Cs)3
zPey);=i5IZu+F9jrampVtELN;xv{aa6>E+12Rv)4xtG_^SF>4ZTg<;64n^`9Zen%*
zwpc8G@qtCYxx9R=s;Z~>p`}`(H-PHn5v*7biE{JJ=dJM?jRU->goIxC@W@E$%Hh)x
zgI+%h0YN%1C;We#{u{mQ4oCC9Oo~-&4#q~s|DKxs_vioL-@K5QF5}jH=|?B_xccw3
z<=Y*O_ZI_0!}PZI-abAv1a+Z7L5+!QfIW)zWjy?U!-+bmDK4jroH<FL9Ngd70JhP4
z2M5kf)+wo}z$f!^^zy$8v4BTKLz7PBK>ul5Utj;HKdy(u=kof`Um2g7%9n;+!3Cxq
zn!u1y@-5_q!e5u}`)W8iG=ztXyMv<xbd-QXOHn^4C<r(&E)wXrZEkJ?#+2(SXD?uD
zjXwTnnjfI1%d`9G{n8vN<K9?~ii*;~Q;=#X&Sv?>HZe99E`fm0m<o7vB+QHIXF&Ii
zyv0PTEngl$PS!8!k?oc-N}vG>a_IqD@ex`o^3wVW%OX+fv5^s)$(Nx4is8{w@Od$I
zQ%iF*5jzPt5eE+u2MY^rMMj3m>t4fIh-dlqBAMtAoH(TsX=v`i*XEmD#Q{pPGIG{3
z`nHUMoa!Uewk0xd?&tAL0eDQ>>e||!N$}x*{7{+Rc08G3Z0>eUEC_f}5F0q-ggcwp
zb&oRYlZ|bCLqjH*73<Ac_3h`9URa;tpdj6?sIF`s;%r?x*-0mtW-p|itm-RjW*J=_
zw95;NGaFiJ>M)rBP-BN)e@+I*r{I+I^fBMB7%6o+Xbeus`8U|Fh*?3~K-sENspm%+
zN2_+TpPvr2!wvNGrfZH_5$^Ny3@&?PBO`%gLn(iZCqFkA>q)rpbFRMT4u<*&RjaDv
z`8J|H<(~(uj;{Fa<JCTs@njA#bvc8^17;}rtQN}&47&5>m6cft!7V^51n4v;-p$1+
z1o`>Fko{5q)qhuhgTItN{h!Lu4E?wAKMzAdynXu?b+D%=HwfW^?iAQ+sz{X|&|~<{
zh*(+C=W$(f088j{xi<76N{J`nbODMT6^_~ZgfS86H49?~{i8j<DKZ*OHdd~utT<lC
z_ojx1ef<4)D5@LB$1N5ss!7r~*HrqCKy$mAgM(vHnK9)8*!m}zX2A*eY!~j6)KvQf
z!5y{6z^H3zFi_@KHFzI|T+yK!KBsUTES;^~dm$-N4w`CmB8rL*oLwQz*B(d2&SbW@
z9798OUR=N(<VYnbikR)^p*b-*>_}7$CN<L7uC`JiMmJOx=IU?TPo*s{M-jN+iQcY-
z&%Hc%&6KqThf9Ocsr|1PYfOc7chFO~F*n^=+7De5EJb`RMe3!s`g7-fgAN(>jki4d
zDSme^0J|C;eiHrIV_tQ7N6k?^u$d}{t>J9m)&iuAU{9{SauP;7C@e&@!v3m?XS2dR
z{<3#vv^K2Oa8&T)M~s#Bxkq|qH#fJ(>%+Mm(P*I9bObC|BqX^v`IsM-?u25B*-|*|
zg>U+n+;Li^dB-X*N5w~4K{BRjbY%q+!_-TTMeSymqrc5xmza|ADxtGYPp~dtfpvG<
z0bPCj7zT0|&tUiz3k)laNv({6f}+K*WNvOw!JdcxVBH%|5Po_YCa<p4fcq)Fto30~
z>jhU#Lc*SN%VUtWf4A;E#s=EQ9RfQ-PR_cxmVCaSZqT&#PR3}=ovid9?`i1Dy3i#V
z-v<_!rtMxuHHa{>vopUg3KOhCXu2FTHwr#8Wj-W&5MQwZ#je$6_j{lG=*t<fQrpv{
zr$i(nhUnbb-7$>^#_L!DgYDuK))TA!V#uv<`15Zxrd8trBs}MrCnvP{t}MY|K%5<q
zAGw&hqf1AJM@1zDeuap?Z;JVdg72~JyX#w6b##2}c)X|puhu535u^6;F#6cgZ9rRL
zaA1ag6(<@GgN&m@;-YSBOr*GA1?8+13oTk!UjF9!mRC_86dEc?LtA=G7j{(!rEA4b
zs;|k7@zeY|kRT5CKJs;z{bk)@BYD^xe8D{nJc^wji09|$rnAMOVq%-SK+{SIs0D1c
z#Rv!pfGvl^MH%l9^o{Gyf*~fI#@7n@{-GfO8WqveL?&1=ePT{dwKj<Ssx)@ztAh9H
z`l15ZKs7g4+I0g=rvM9wxT}JvL_Zl9*K##qZf+iaExVCE%gg#^A#D8UJey(VHY$_N
z4`E#$od_LZ%QMv|h7S4iGKv&XQfsl?pt}@ytT+v}hZ-=O1IAL?#fDi~SrXl4QbGoW
z0ghqun%Z^}CGKTmxxL*6xjC5lwulv#HzB{Iq$NkB0}&r68)wQoLQC<SdRGRy2s`#9
zLn%S6pp%UaUh~C+TyaOh{k1r8UK|>_<PD>SLA(6%gUr%WH=wKYj~`p>cq|Le8>akB
zF=b2rNHweApA1%CvXEKx8ew)~=6c#LF2&uSfk)f@{yP8lX}9Urqw(SRwxVKyIZZ!n
zX=rdz+U35<8OHZ}pCCytC`1}AC}=z1a@?=G`_;aYsiUxCB9VDjOCKsNoFcKA#_`|;
z6=%(Il*|<~^5%Hp>~wZ99!WE~Vu^&ftz7Z8JV7KN^@;V!j?L)wcn95qmVSB{RGuon
zj$s;q47)<tlRLfd2=mbaFvS7=CTvy<*S0WVoMou5KXY-lIiy4#wi~LPUN_jP173<3
zb{)ELQD68i&tosV8bd=t$WZgp10x7U8!NGx#A)t0K-dOch&yKFLy60sqv?_OUZR^t
z;=N#=vyjK#xPr9w82lW&%S~}&qKdY=yMdXRqN}R|Kfe?|zlE%<hODf+nAkTH6Kz#h
z7105pAqzAG3RAaFPQpqx#&wtLt$~%Fot^y(;Z)x2_kRD_7#%tJI(HE;H)Lc4?1()^
zNe*!@D+*|iXL3`OQuWSGumPGOf0Tdg-<99+FXd1Br}A^u{jL1#^+0|tL`(`XRP<d-
zj1?hE#~klF=#p)|n0TeT6nN_!F3gWuL*EglMUcXR;Dg04;NJ%a0tc#7yv9qI>{!n+
z@c`dESq^kZNLU?5Ltc5z7OOP-6@{NqvR@4Yecx&Swl-cIpa$)NMNE@g%ge=j5kzA$
z8Cz{ZvM?NMZN7O%=5>2KCAbtT>($dhlBB*u7-L*JZM56wcrn+J=<4j0c*6PW_F!j8
zKmaHFMbG_yq^+&>M!?3x&rz>7RdbS~X??<$wPd9{P#&1rsAiX9kOdgHn2`svVZ=uz
z{kYH_-qtMDcs!r8q<T#y@F3}>ncb*TPS>qDs+*h~nwSvX-qyU}ao8SIl93Uu;bQQ+
zH@i5YEXDqGdp$hnp=!O!ON;rsh56{CbcNjK?XID7JCz^M7B2QI7NP*`%I;1f)b&X`
z(Sg<8VzJs7XlLWFn6+<#Kp?=XFs?8=3CxW)3-;NHPn6%jfrY&cFHTKO1!Tzj{B)MT
z_^UrMfyKjnj$H6GV2U+0HxJD%{j*IE!2-N^dN8GM)XL?aK@w!PKv!Y}XSi+*>(s#9
z{$d>;HW<D1vAC8lq19mmRD(*2Mak$k6!;mia~X1_(7j1TxZ*)w-?HkoIL*4BQh6wX
zDs}?84<Rd(Kg#PF9UPgzwo+4;FcQ^V=nTe=-wgq4FrhZgu7KFkpgSea^TY@-854MC
zt;<kvN4UozR?)S_HF&7=nhZ{?^yy(}j2Bb+CCX-v&JbT}@nLqdhchK*bmo(A`~f;A
z=dEb8;={e5z5&MeZan(Om`f(^mb1NyD!DvY419dK?4ojSjy;*Pi8!eI^|I*8))DF_
z4)EUL(Wa%XSex{~>*!*Y*>vN_*I&(xk4jQf8+3qYcx$Z9^|otFsqML9^PpyLFKO-|
zB(<Um94TXsMAqVywK)k77d%L{$yB*HS+&VniON_t3iBpDCME?@6t87|e?$~k2dzqS
z4i#I8W0cXc>M-^$#WbF=^*XHhDjYbK=uTZ|qOFCfOlm%*VT1v1pB^u#{`Uo;@au|Z
zefmx7Cs#tEuhf*x%*;eYjO1UJ>CU`sQs-!sqYL+$^|HS85g`F?PWK}Yp!W&brS1rB
zMwtpCsfTU}9Ef(h9xn_WbvbWFS{b-krVLyf7l-8?8))a$6=E_GH0C=oR&h4C{S-DN
zwZUhr#3-xp$imS-d-)<np|qAqUEuw|?2?E_b<p88Ya8d4LJ1siNofYmxcA!)PM0C~
z^@1HXcJFspf-)*SYLY8fB{k(#k#$>AE8|wlYuy+mQ@NfSJT;2O*&GNng*aGV{fQUV
zHP+Ua<KE}Gj5Cg8o02kA1;$dIo)zP!GLuz-M@B|`EN2!M4-O7E1h9;QI$3ycd;0Et
zYI@&#*7UqZ*@Sw3{_WCER!d9E&F$Hmf={V^rUQ+UfdLW(vshGE=*5KHx@`4@PxsEz
zYO~8xtN85v+>7D3etM0&sfe;kb&0RQ{E$$3g!*0lJlD$`7cWNct^{4=2nxMHl{pN9
z5XsotYP;|s`Iz<NGJQMqTGfdS?=h0cXC57==49mM*4~c(a6do@<i9V|qFXP@%_Vs<
z<3{}o@5Sfo4+Y_i$c2xb-rd_<)TyA)_>j6V6HA;RInrNbv5zXsI#=h=H?Q;bj<d?^
zAmzvYhmQie6M)%mqto|<aGf%F#2*}9=W+Jg$<^Ez)~ZI|*N=+qfK%}2BTN|n`?uyF
zL9w*r^~B66d7j+w^-ZHOIjVD6Lzc~zBJvGC@T2n6Dps!}#gVDdj0M&t>O>9_CVj_F
zPf3v*6<WXadw#AyK2~o4ean@iqfOhVg-oeZQ&S_?Y>#F+uGGtYwz*h_RI6{h7kc~Z
zMa+>gLZDZBvS4^JX|T4!J0mMjQ!_1lxJ%MLlacWm&JXHaMsRR&Rn;Hmzxj9NH~LHY
zQ~#;_e5QXZzb7z?tpeuhHYd1G1B;7U6%Dg=?U(^wnRCz+BHu(?<LfZr*wdDdUXL)B
z97~q?3b~p>x7M^`X)39xTbSv%Vu0|lu)NlP4{QlPJS@i3Y5?xJv$L~zi120|b3RP1
z?(^L_-|Y<VTw6D`9#u}_MtYp&bxyTBJT%n>NoOZkI)O5{A{#oZc&Ge~ejO@CtR8d%
z4{|ltwH6i-QezJLkvuI<PE99fV^eKuX^DqT1o->9yL)5e<Fn<V9<vUlS&W-ED^|<~
zEiTrPZelZXb*<gCO?3qbV+Z{@-Qe6xsvW}mcwrp!65-thrkZnOI~O}lxSY(NL!S_Z
zdt1ZDU&=M_<9EIjh&SDBMzLIp#bn9$(NIGL2QBvh#=@88CmM+m8Q$0^^n;n0|HMh0
zz1T(U-^EU{%Q+Hf6i|hFnEN|1)H*JPZZV?t_+9+k_znw2RkBYs4xu1_y2K9GZ4CRo
zSckRV=rGk~(V^u{x9JkpIY%U$4M0o(>cZ4oRa@esXBI^kDKa;kzr$|U>Pdo94&!~|
z^^MfFw%*IGhx~cjCqV{#k;#H<gOSB$m0N9^wRNIP87FOVp7)0c>&;{DETsBCRWkd}
zK=&`v3?l-!4!(?7k;<|&)4;96zlZ%smoafl!oX3QpjFp%oc(N5UtPw24lBLNzwG}0
z-tFnU&x2#qFx@RLHy4KNLS@ifHQ<eO=PuR5?9Sa%dx93H%S8(`jG4&nZNsMem>GVl
znNYcJT#9$x`Eb(hF#2`4C7;~5iW)c>_MJDim_sa0^b9q_FFmQ@g6`Gm0Awrl1f#nW
z&k(?=IZx!AekJ%i80;0>?WIuug`Q|$mC>3zv5o;r7dvCynj&KYutjd5F)}j)>m%N$
zPe!JuJ{(I+OOTgdJuzj<FmJN)-v{?}I);g-4wq)>oiSaCy@$?5yM&Lb0dAG<P55;Q
z19;!6;9yA_Lk_HO+-^SGh~@%U??<CV8e1Xp>@_~iJ4}B=^^+pt)a6cWAXy*&9X?9^
ztUFqayHOMytDvARAi&i6tc-`(gI+TZ8aH}=eg@h!<O>Q4b+DN@A=07ois(xmORT8Q
zadUP1)G}M^Dbivqj<@!<mrOWnCeYqbK&NJ$`wd84S$Xf|L`tOHN#~i&uwe^+XnRFY
z$U=tpWYy|uJt8#-EKdCZTBsU;yIp<qO!U`!LSVLXSP3RXwRMi%Y!X=!Q0aBTYE$bq
z&Hb$$hFsW;Hb29>I3tLSqZ`zNN)%aJ{&{|30VX*?3$i!s^p`B~2=_^MJjv?}6g>|;
zC#VX(#-xxeuf-FJoBq;5_d=XVD)vy_P_jdjX|-KkVFc9VkEA?cz2jG*vrI3Knah)M
z*CGvT)pCG5zk#fnk@UTcALC|d2xXX)6qDjFBctY;<{1ZxzcPG>53eR*dq_y;+&9Kv
z{aWRscXd?ZwGEBNsUA}CGXF_6hM9rE`eeBQFsmYla^jyz8IXPwx7`9vaPw<xr;m^E
z42sBU39BqWi=v~FyiX)-Y$~e)rE1f41<lq`BH2XqH>kwrK-4RU_(^I>cd**eP!%U9
z7JE!zys%xLU7MH9;G(!MqFbWUIa{P0%!)+bUD?`ST3KJ(*x1!vpI?_26z~=5+1o29
zILvTs(l-aLvp*_y$9{MiTus|thgewThfr#0ZYhln^~F_GVRG@MP0<G<l=hO%m#Eua
zbaxIvO@0-pXYNB|nnFK1jqm~&$1hsT>~jcd`}zI6+EHbPYePf5Xl_O|HGS;fWNrX;
z7{H(3MK-YWn2n8I*w|oK*Qhr&{vwa%GrFqO?qCemT&R;sia9#MH#_c+Q@rT`yBx>N
z<ZZ+Tt;XIZp_f=G$`Rn?rUC01YT)Fwuci5M216ceEpi;|&6`Pc7LVATSoyiHb2H30
zS67mfh0RM4P1%%9f0X~>-<99^FXd19r}7IC{H^>CHV_bt^ZZ5!M+6y+B51?!XSw*m
zR!&Z$lrY#w1i07)>Fcx?{HQo^ln>)dm<M0Z87AP%IO9wMCtE9OR^0AeB^U-4{8!$9
zu_E$VO0;yG2GAukMYcDfc`t|F2eMzsBH}TJs*fB)Yn9-Ar#xbbX6M7DEjbn&Eesth
zz)$Dk?)F<O0)vT(iBH$sJoZJx33z$ZfTOLuQ41}RhM0tvdB6Cnw}+QPs1E)Pf^N|9
zzRc6t%PlZvF8|>jn3O4zu~PFn<cxtKfF|24h-I?K$ezH;KIn1Be5e?^`)sl(QM^cP
zN6!Hr8SlKrGXg@1LPE+2{d&Bp!$@0;x%v#dadPi6Ykhq^FE4LP77-EA6HH9@rk;b9
zRrm`kurkMXFHTHAb{D1W!<`9oMwOM(x$f3a4;&pVE+!QnnE;RS9KC)7&$rYx7)oCx
zQe_Q)B+?i$aFOZQPqs!E*rKGR$APPfbK|`NP~^KHDo)D8(N9?HhjMRUY5r21)Mzzl
zQC($cidZ0H&BVk$B0*vHZj2l+UAqkLy>d-X&hOM7FVT&JR;DI6*v@{T)5P?`*yPAa
zKW#}}oIr|SE`s$|kF~WGZxJ5DB`vU2_ej=J{|FCED-JHMFSP29AM3|B<ICJ88~FGb
z_n`aFOrWEFJw}ew%B4+=_Zn{c)+xqt6<<yKP}|5%=696{n{9d|b~?U4K+<3&Qhm?K
zQP7b$^p7rbR#gk+O8ewqTYUwcMN3ykRZ?YZ=iq?vCLH5Eg+<b|D70EFBG-JN_%-tP
zq$Im^(AS6vu`Dy0%C@R-c_hkCO8rJ_SfA*FH(*th!rVAjUY8E^<(aN2CR#eiY-*xx
zYOa<y!yNPr+#I_Kf?d}Hv{))es_Z;86ztnFcxY(4a>6SKcSgTpkB-a*h`iJK1dXta
zd2A<a&l&5iI}^C3Zmz6_Rd7+?=mThO&2MbhKvM|WQJBCI*-@#_<9W`b<3VR+xMn2H
z7)QmM$v|J<=+g3AKrnNnj#ZjNXv2QXb!;k4XbvrZV?asn39%Y%azr^_8$|lA{$GAD
z)v?kU`o(6{-U852t|?C~W_WmJN5zQZOx&_)#LrJ|+|BCh+_*jhK0w{~gVJkWbS52S
zd+!OJ>5j#k_2-A&;L7S&sQ8X?Ew-0Hdodc#kq@^l`?F$!5+{^_MJa%wgyaWhlCb6+
z3OrRZ=D<#WNM7-?b!k~_p<Cw)S!<aFvv|1g=58m{+yDg;H8mYg$=h`;Q`6mbzS`<)
zs4&qlhwko$pAc?lX~4gKE0M=i<CEeVa@&vy;_+`>%r4G;>x#ItZvwIe@{@#L#w>s#
z9zpLw*@L(oW!{fvENpBng7giWo~~>=4!L%X#UymI(KD93dQ-GZs^e!}U0rGpx7uu7
zzL^i-jU6&p{BKq@P(!(TQZ{HWNKnrY4i;x;7k3N{rPqG{PQ-ZgcK1>ZBV_Bo;f|!e
zk+sRD=R+8JZSaL!{Do>fBaYu~7BVgDaT95HRRg6V!l><?@%?pTSuzz)W1v9xmjkx>
z@ptd7&__Rho-Oi68r#EO+aucS-;Wky#|^8fI0tM7U0q#>2nax8#H$(NHlwI&xYfX#
zM0#tNKN#5&vN*M}v4Tb*th$A&FPeou(9*(pz~b&a=|O&VS4Bf(zyd_y^FBlWBJ6<T
z<Re{>V`h}hj)6nfJGIX(cqBe?=OTE?ny!vRDO|4WyeK65B@mP=D=TDg;1g|IREk@v
z9oEDhJZ_#Klt-Z$0tAM)kw%N*`1$$QySZp#65iK~aS#FzaK;y-^u|VxZ3(SABovFG
zNQel?%R>30^mGEVlw#ri*zZK&2G-j|Mxgm|GwAo2Y~lF{J)Be;D=J!RNKk@JO~xK5
zars@Oo!r#u0(m$XMt<8k=`hgm9PE%zGqLd#MUOpDv(qvw?IZkA{+EAOev`kHKlz`^
zFFy6R@|!F}K<M6#V|7$8WxaYcWsH{6GMPU14__D(8vA5d1DT)RyBsA@nl%46g1`#v
zoXt%gg?hOBgWtcK(m4Xg=vJR>?}FP?fO(x2L+uUH0J}bRIO5kd&@FN;bCm+pqcnUl
z+yo#++vh*6rZZkq0=xSQ3dR#YhE%9%Y7)4L<WFt<>UzsjYV*$Pag)d)`cf}(gg?6L
z#SE1(-Fvu|FK;U%(8%{g;14L2MdV-esw_WicyC}8uB&T46i)BoJMo0b2M3FDrM)wA
zaQF~TfNN$M2Pds*2k+c!)8n5mMy(=gzUVM0ld};SfBeoXOdg3a(L89egVj`xaW-n1
zLMihVssXc*{CGi@x1%WTk1WlOsYB?aMAe{jr0wl-Pt3X%mt2a7lWpls{l5H!8tA$^
zOJeJDN^>MZNjaX^><vVxXsCw?SBHT993>@C`C8lB&P+GnPG5ZU1P4+@<VC)nUBh`M
zff57xeVT0Nd!6WdY+OVJdKmBsZ_z&B@8}nr8sD^oUdIy$i^S{<fr(qOIn6Qy@>Dsk
z%1h}$X<VVjSUJWgPVuRT&ziiN$jFZQ)z$J>M+ei>F`=mn7Vc82s@QjEKnwcQ9s%}V
zQj#Yk+|_%8_P1KxuC6VMi{qrzC1qt`;F$YXuI`!gJj8HncbzR~vttwG!s*kR?gPJe
z7So<RW*aJ)d(@_LPDCM@)WN3nkJwc?2A=fv41-#?NRpurZOgl=RHP+u(8m~2ZI8HQ
z%T{d$hKsc;*lcZ$AW?&Bv<xwUP{!qr6eJb75j$H1G`O_X0_IH)uhZsRhto85iDB^=
zvH4)s#~k*#cyT%tU%sZ8hT{w(YsG9&1~T;(t~YTMJT|Ov8;;uWBYDG6zuVi{K~uo{
zO$MC|EH<=Ms;KlPP<v4Zf5Gz&$6s&6cns*{^rz_RLV)thC_+_OP+&|<OH`VaHV6rk
zW?*0LqUgW@tg0?Uvc?vxrkQ6FhYsGCfeP@X=gq|i6?R(?_klP1aAp)X3?kYem^$<d
zUFFTay5PmgJt7sRR#@SFu)BX@6aHN4{|Ud=1$KXI>X3^_T$NK=ItuCoFk)@LhsuD9
zP|(mQ&CR`DT6?*flIG2wFv`bBPe3~qu57mPo6z^>*c@DK<uARncGS`}L=H6m0YVn0
z)fLn)p~N(dqb~arLzl4e^T)tf$H$SdVq?9~0Zy(5=B}pe>?T;oFSQ?3g)Hz`8M@pZ
zhuT$a8JiyDK<XLRO;7=i-u{g~{;{)Y2rN*uIE+LY!TbUO(mgZx_fGSB$Hxk#&tQ;*
zsIc&Ev^3BC#Sk4Y5EZv<d&XG2Os#LUiFs9sRi`O4qqa06nd~K>s=9>Q>!-r8T;(Gm
zwzIpvE^LmxaKy$*78|2IBAyE9Bh6=D7OeQ`<mTq$=%{PU#F@W-1pX2m%PRl1_IWyy
zg@3ob{S1o=vZMUy^psZwD_?TdrUA5<JHE!or7d@R)~lAOr=%1nHQ;EVlnK_Xf3de=
zL2@=THs0SDY%iU+q*HHx{4FHmSreO>*E7LfP%W=NB1U0-eTVTK@b5ZWg`~AY;xcpL
zmmLXug4uA9V3Z6^mXYeMe?bIL_kOPO>Q8{>xBo6=j*^8nY3OUWPvlDmcTs2KHR1kB
zR_z;HbnpRA5Li8LZe;WFF%u+^=I`!6(#THbxj*yPFZi#~J|tJ#e0_eaA1;rm12tjt
z^S)G|cDd}03~<bBR>s!IPOX_n&O3_uL(<QS=lwq9f+kbR9#=L0*}s?+Uh@K1wS%!E
zj~y$NEld6pLa08ktC!rky0U09tXE-0m^Ebh8V>Ga;*i}H8c9e~?y@5m9M9nY38;o{
z307Y(b8R1l>W-=H(y_Uxna8cHY6Uz%@`2zpv@CczwCHf&m;R|KG^puanMeZ;<SRR7
zJNy;;uX8TXf0Un2>tFr+rhh4a(m$17Cg5-7mwkeOz^3Vgg{r=4Z^YI?NC~lfGM6YP
zRW%4dIpAsB-8tDj4Y#+qb+EM;X(!33Vp=bnVG91W3z!i$q(-GIPAsIP!p4Zpg+4(S
zmxYJd1=IxuH^t+iaEOtR%P|}?ISJtW(k5#2aCVgVLhx}&yl;B~k1=01Q9JI4t~HrJ
z3&X?Kd=q&tfHa{9^XjwocC3RO8Jn6KCsD^F22Q{`H)NyLt?df)5$M*A29H*~=S{(Z
z>1o_gaD-5$i;Hh@upbf=-f*yW+u6(LG5Sf6t}QHB8tu(ZoI`+G?1zAfGMc_2=1<i4
zX_b<B$-3t2>k??jLq6EL_|?kNpW@tlwGzat);%7~56sX#SiiDJqL}fey-jylilSRI
zbAHmjmfZ-(6{LP0(>cdNFi=}+vPLIqYHV%>$;-;Edge<o<YOXH@Kx55Mp3u9t0%>(
z3~$+tUaS&W@w7O+xYy6KJK73;mODw82s=6<<`k~2^qb!yiuc)Ou@1qi9aOMp1G&?e
zQlluv$}LZh3sDyy(v=<tgnl^q*nReugS)AkYEQ7lP+rt!Y+sKsQe<&)@$)+Di<r2$
z3*blfI1ko*nu>(zmZISq!8jBux7(b14rc8!tvu$=iL<LWbYaZ#3o|n#9!mb@hHo>Y
z^h1;{(Z3~1mihHFNGGmYhPl3tOiqOL_vA>IGuu%AENx|L=+BRMwISwEZWb>q!}b@&
zkRTG2cQJK9-xmtBZF~P4AFd``2uF+lm#%Ji#d*hh;Ksl}Wa0kAKKg)|vht@8!oJ+~
zFEF6olySgk0;!~Zg@ccekB8^?4cQ;>4maa%!7eam!=wfM3J$)!xWLB3VyCt5Jvz9$
zG7}R5b{0a(iMr>=Yy2&Z6_Cl=8}IS(o`-Zc2C*15hK42=Ib5|Bpp9)zOuV|#1G~Xs
zokHOGVxgdj?=ldNAFDpO`aLaSBjnC|Z<(S!I_&4y<7oe3Y;Sl_4Wv+-P+ebN(5*19
zp{B;$JLAFD<ot3FuUKkOnnpWzWL~;b|1drJ+$GKPa5AgeoFZ|3{WWGTBV`%a4mq}d
zacKz*VuXKy=v|Z)Rss@lg6wNJVV^^V1o~zubZEGD1FNU_d#wcaAc`>hJs~HbKM^i}
zQ!OR7U+V|AfsALBO($Yn9>O!r$9_B|Ch2VN%;x4Pe#BrgG@PrhLzZ#DCcCs0jegZ<
zKjqyqp(jFGRP_MbOPN2J^PKzWWwcYhJXQ2Rmo~uaUN%M93)+<|uft>oa8|oS1}(GL
zJ1G3=1B;iWx9r(H#K*r}9gonxUIyRtK3uU9xIYniJpF!sdFk?aJp$jhHM}gSr&6&p
z(;4lX3JD1oHQG_?>lo<l<=DS8jae=?oTcxswpnd2=bCD2G@svdKT|ngml^GWW?35Z
zbD!(;^I`QPCj~&yyPDtHvq7$?uZj=}yJa2@ny&}9NtkJSrb5EJ!j8SLhiK@S8z;v)
zW+nx>m-7(WrX~h@1{P+!ddGVvhX)(KPqq(^ju0~82QP9^26?LL94;MdZOb96+zqrn
zCmd~StDSGAM}`JQ2YL?@8=CTQd^^Z3yS@#SF6Nw9iY!IWP}y>djQrMs#5*teVYGEK
z%5KqoD{?k;8U1?o;r{tDd(q)z3^yKjqR5D;`5``W^zLI5g{(6^(a)CY53vD5y&FZ;
z$D2IQlWc^U2?Kf+%D6H0`o^NT*hyK1`@S7ouy1=I=oiesxw~&29AH?P+S{|f-Ew(u
zG<ItlG}{@RpfW=pTu_2yVb;AppI%vU>lr`#rt&(Pd`xf|ZeG3eSaEUsd|#GK`a`Fn
zxOnajRG?U@sKt(nUWumo(i5fjW!3zM_&_o%6H5(~Ur9GRk#%!rWp-hqiUJAwsX97b
zyorgL2D*|0Yb{G{O`ZMCZ_JqAzhibcbX<t&LSuD%I^`5&p#CU7)4waf*<Z?^_)q0m
z;{03r5l$c=c5z@aEMe)MQ7Bl4BBU>n&?39BzVl)=V0kSE$u9@Vx)K!DAGM(;4Xt0u
zJ0NHNNRgX7z){-AlRHLJ!%I=d@dS^Qe9D-@($(E!*H>Sym`NL>^4S#cpRQ_s<^O^T
zX$TngTwWhbTJLvou0-#|&g0|oWasDjYiq17nk}4&G&21-xlH)h_zFMN1ZBDVodo+l
zemgq(5PR#C5k7NGvkHgtZD=_>67zNl(j}ZkSrCdUhNcQDa%}x#ZH3X))U?kq6jiCv
zGS~IANKds>TmvP?%C}Gpq`gR#K%NRqI=XH-X6_dd&;?-w5@SE~apvFI*@5^0^l<yY
zkW>Llz}L}{8GxSgOadx3Y7BUK7tjIFA>w+&t5DN5j6lU%R-aRpS(;muI6g7Y-`_tx
zHdaFJbix;O@6W94cCew$?z}InYwMz+EvP`;S`j+FIH4{NicD3HN{*TS;2tZp_gR%|
z>M;;0b>JDygg9c3g(W=teSv_3$u5sfIddBt3MxmI;^<Bkw8BRC5d;Gma|#DbHD>R6
z+czeTg_TNII9~S~kVoBI?pZzVuDOqcu^-~K=iBbr)y#*x00zTdIQi5fptR)pI5={v
z-T)_no|zeN6M93#3UG()US3{~r;b~rcWaL!O}FBT&PB8E@V~u^9EBA*L>AfVdA_*3
z*bILVTeU=C-XJm0SzdE|tI1ZgGH-UW{@L8sHIIum`TSzgdE!+jriF~o#j<3RRW4Wc
zNd-<!MZxD&^*6!SSs(K5FDlwmAqigyk?6L4rYaXdbTi^HNO644{{CCTw>Y}U{eLP2
zp;Tt7ae?4uVrEaE>ma=LJ8l9vwlt(Pael?^;G%tHZSf#6u_QILs!Gn;nPbp&T|y$X
z!un=*RMme6`^Wp<quSO1$>V%h8uhOw+*hC$Gq1bhVF_2a3i3ocIKPW?OadNP*T>OR
zQ!Q-A(&w}1ZE>YB&HI-z=eWACRBLO8!T$dB^Pfcr=T{dZVxh?J$aa@@cGgw5=k{F>
zPVKefZKgj8H0ABSTUnLI$CG_$Bp2t!+bEJ$_HBy~2dB5iv(AnzTrV)e2779yM_9G3
zmqXB5maRvu12K%0l$6|DM>0N{O7M;-C|*aj?}%3Wy(l4tce37%ALGbg>RK}OYnfVb
zTXX-@cKTl1iwQjm0Sycneg7}9qC%5T__!(i7W*4WioyM%_QnJ6t@S4+a(gi%3EcDI
zqhx762K{IU73SrQ1|Z`Nj|ezB7Z6RTDl3Qi2^uLXmWWiVYOHGOpk|bva<LcMVC)Tk
z=(d-;tAl29K0nkbV-cxpQsb;VR$tf&OQGZbSw%&6x;7oA&K#D6o0Ua_3)niAXN8K2
z&B8+@Lc+!n!bdKG`!A4&-~va3f`)>^B*n!B{phCW9KlI}h;9h_aq2=nB6wb0T!WvH
z@Ohv`GRN6c1o7jS&YlKj^YNJO;blcVzq<|=uT#YJ6M0>;IggNAGiB%nx7d}_2`uh0
zuK2P()JqNrOQzOe6Flu4HsyUU!u$xuT#F3b8~=8b(nnLiM{gSVFJL5@J0Wh`v{i}C
zA6?Xv9>0UZJX$eU%?1DF5}*_T7OSTfwdeD2kC4z%?xA3_&u>S~cb4C8;;geEYT}-F
zJ00L?4X?QQc?_`Z>_tC*K;6wb-&d(l7DS_-m|~mVN?<PNrgW={tft~jQfO|akv3Um
z5tXe)Xet!e|5I|g-g(ji`^Y`ZnWZK8dJb+LFL(qONQ{qZKaD;Fc6<;OgAYteP6_+<
z3!<N!7UnBly%;ZHy8==`HmGU;H<37>-ffuO_8|J*{`xu}X>|CXF%=X_=GV^4hH^E5
zwcM-x$o`Lex?5Y(uB{RC$|BDC)W);fq#y$%mh@x9+R6QW71Tg69@qCsp(7e7aPbGa
zf0SSR-<99|FXd18r}BeN|5kpF8wd#cPAOr<-np&?2h@o~jD?-^JNd==H8#1|pr^&}
zlR4s|^_{pJD~Y<G=cc0rQIKFF0)nPu4I};ff#WUhProD_wKX5ph`5f>fJLQ~Ll8^t
z6uqO<`i>*p(b57hzzC2K7Z*^W#<W83)n;=8SRa6k^w)Qy5a{vvb#f}Sz4c1~f>j6<
zqF-TkExb7*j2mQ~@Qj-Rzq&T9Xf+6$u9#m^72nkbQz_AjwRPn_p{5%JYmAA~NFg#+
zwk>sdc-pyn+PP=6zgo21_*C$#Z*(>#!#MK{j*ill8u#=M%c0k*yi1S^E3US@CHc0K
z;6u(kAswNXe_{n=6dn5a^xTl}S4V5pV<;H;t?pe*<^;08(Awc1Xok5-d*h*f`o1-{
zDsyKGHck;EEDR|#Gt&xEK>>Na$k2CN&Nj45454jqs;Shc!QaVYX>lvE@KRS7-VHkB
zWh&pm%gc*Sv&i)&l0O&J;@C0sn8UP|YPYiyKFa3Jgz~eX2$t<D5li>b(!$Wv%u?UX
z$joZb%xvEn4f*gKYyZ&HQdieh*V-B{H#efUvO+8$ivFP%8a~$E#{SXC$@<1VFiG6o
z-ttDYyM?nthP!sOw(roX(ALfbyo5zW71zWqm(s`r3sMa_JCz|dUO(<ccJJKrtjY4V
zX^0F5c%3GgqKt#}K{GhGpJYV0GtxAQr1!wyQKO}$6+1z*i}M+C?+feiDtE`kJG<bo
zCHUQM&!dlynDnJTLxukmnVPviyOxB9AG*8{Q&crG%WQGG@`0^oX1?2=O7lS#&mn}V
zBCVh{OZ!}JMFC4kaS~;~B2FY0Z=*`m;Rkg*zVGdC%|mcp5_x?+LQD)m6GmQMAOSD`
zj0bplxHux>9itO4dB)t<Cn66v$wR-cv5P|F64OvX#PuLo*C1uq51W~9%Y2X`^_YqF
zQAf?F;p#rF;Rdbz!m6WgwQQv?l<NF&EVENvanHX7l_{OpPVPL)6w45vgbZ~K(^>7^
zn^0X;-Tcsf#6j;0ThUm^$*_B-1Ts*NFi~-#+Yh0ugbeeHcmb$)uRzSS6@cCVlrzAB
zSFvzZ6$3Lu{R<?QI2#Bb;1WrPK&8Qvg5a7VVyWt{i8qCTNJNU=L^hG?^;~kaxhFXM
zQ~%PMIV!|p|Ba!cqvq<jC5fW=@A1J1>0?g$Or97DHN$KAN|0n&mM~wS>N&bF^X!nl
za&HjwZ^Ck}L-TH<8Qb6XCw_->aYDC3XS=GG7Z-<5*$+XhEH8(^@Er6q0tgl1fp5e6
zy3Q{4CWrwFA`mUt)YOFYvjH81EX;g#*wjDJgc6mOIJg3T@=#|_0W71hgSN(Oe2XUY
z1UKl}O-Q*|u)b~;#k;)N$M;W@nx{(RoMQdCvr8eL6?f7(r*Q9ZS;V+?iG--x#mG@R
z-%EjTMRK~^?EM#B2X&3vtgyn_?egj%bE9IjW4!>toI3~BT^m`G^CO*wvH-%4W$Cx}
zB7=Y~9-+%~w@){CxJTOa!cOQ(Hu_o^!7$n9S65%72jqF)j`E=Xr1}WAq1@Ng15Coj
zMx=iDqn)12rNt|`j<(lGOcTf0VUV347G+-MK5NeDytb4T9#LOEkr&2D9%f-KuVV28
z*tz|RdBTZ$9ZME$!>4gjQh<7H0kfA_B3Qd<l<Bwjh?pJoXi_Gl6MdL@SNq9&c+~^9
zW<^RdU-3V3@bLQ0>cj0jyNavvS{qjg1A}aBeUG)}^R(pju!hU$<Xc+T=i>%b*3xfw
zu-{+?6<Uj%hbM7#cVB)NuBe*|OEM*M?%dp_xK$UgFxN<0fEt`$nhxX3G+N*~5C)x_
zft^_2C?83l$Ki0OfMILB!xmsKKyPGv1J%LV-bL5WO+QceWq1t!aC3j_BmO=C2G;ui
zmYK=T>pUlNIeF;`a(=-d<(K_;<+u1t`Q!ho{5sixE5G~-1jIyJAOr9(sk@-!7FCxu
zZr;V~6V9*Cf<NAT%*iegk@<iUp%Ifso+0~2rqQ!~(&dA)vXyS&HdEl*>+Wj(ntvs=
zch>LbF)p5=qoY)&-O-jbM?(k4=uV`2fMbw-_tBPsj*?)C7*+zPq7iRTX1>8UA%xl^
zgw!C0)Z82t9Lvio$}bWUQ$aHe$xKhzh)*1TzfP#&yjA8q*7SIOPHn$Ec~w!kE+{|K
zaOR-n$-Fq2(II$U4#ghulY9+Ae7z?LR|{&AN>WL?zHQstx9ONz9v$pFJkv%dCN^|?
zo*Gg#cIVbg1e-GX6#&Rp9XYusM4alcU&F9IwZlmt?x)Jia#XvwBvn<F-GP1iE8)S2
z>KC<Yzj2)9anHB$uXpjUxA1QYCmm?lT-k;?gQGR&DPLqQH8k8^xu^+o(1G}Bc=|6-
zUTvoL@AnrLdOA7?CDo@fZ0(sJ6ay30mK(;^CPbY?_h0Y0=*p6kQI1j^EOuMIhfZhf
zmd@h@@=gvOa0CPkRvNH#jBX3Nf^lgt&3t~c=|SHHnPc3m*6v#mIE`q`7B|_F(Y4*h
zsAV*yw$)t1sLk;?uKi$5|G`CHb<I?FjR+T9Qed>xr}k=5R5}VwXaGQ*oSf~$)jmMq
zlu=Z~xWtgt?KqRG1jmH$lH=2H?5R5)xn8fVz5eFC>)MbFZFJk;5x_e6hNZtfvP?1J
z@iGOj$*28zTs<m2;PGSFZFrkkka)Y9>>fRwwtM<u-gZ;&qB{lpy0lbCNXVe|GcB!@
zpdbumRBWuDsAr(4yE_jWS^-@58{`Pcz1TB_h#z|<dGGoWq)?kd^GHXenh+WVxw+fG
zczu7ru&fNg7?Qfi`YI{qlZB1bDIcpB<$2iF*tMHX<PXAEbxEHV2F;Z<HS;W6shV8P
z<Y89~vqnp%=ccz{4=o3GMTx)O$}FgANQ%{KX5EH87B(g-Zqcfe2k!@OL&7&LG~1Fq
z%8J}<7aEefx*rH^$mzqVY=j*w|MXcDKkP)v&+YjhWDINUh1}cQOZrX=lNRkYFf#H(
z)a>3+4@lkb$>iX)w>q5t_5Sr6=L_qxrJNe0<^J^h=)R|~jyC|eX<SZcl@eg){((5^
z(0{PvYX{I{k}zBz$d~Ki%m7B_^ic_ENMqw-a!0<nRM_36#A^z%Vqu!&R%q!e)8T76
zS}Gg@FPCAVqCEM@Y`jptZ9Y8-*ZtM9@NVmK*;4*%&GT8}6507p8%tx!9T=R^d{7tN
zfy|2MQaQF2o{jkeC*kZsyRoow=~2Yay`XhJez^FYv}0NLCpz}44kD(5y+K8_vC^TI
z6Yp4orsN|C*D(=4^4v~lExSf&j*pXKKQAR^Ig(hoyUquyeV}W0lE333q0`t!!PK+|
zt<RAyWzp&G*KnNqP*<nG)AKVxKB3%cvBr?NS?efZTLh~p4+OudQXMmT9m)Cr%eJZw
zGhB=IEldiR)1B|N_M_ZRZLL8qiviLNMw}w)qkYXha}2jj(!B!S8)!EcCf157CP%yS
z>RO%<51JCBdX989E339GW7z2m@}TCHp6BlH1TdJ_Z1>2%*bcGKwn6sr<8T#sAG0kL
zbM4TQ>8K2|=xQk*Rm-J+SYmy8;WjTF6cra2znR%sDv#U5#Cd0-9HfK8uDRKhblO!_
z?G3lx{77eKRr!zQlH}|4a}ytLA_T;6a1s9WboCDz1|GY9T6T8zPN;CYel;268g)Le
z!9cU^t%fEucm;Df2W5RQ{_aoB(P28XUWI$_lPxR8tSp_Awbzyx))SuR%Z)BFR?EBq
zKfmBto!vZIiJzLHYOPbILDlxkW}};Uw95w`Y(Ld$=my6&^2SEZJQj2h)RMX9iw+js
z4@nMK7R35&rp@52%EkI@(P@~dTiA_N1W`3m1$!^x#ks}=Q|$gIzv90uzvW-bANNn?
zH&Xgr`B%3gAb32cXV(T-*EVBLKj3)ORmFE&e#uUV?*`sdB>^R?$BV0=prE+8I6&nc
zC<6z*jZRWGwkFk_pj6xbo>n1TSRq{DEtnUFNVccypwjSt6QQWS22zHkNmEY<F_Asa
zXIMFPBgc?6I?-84iBL?1ZrzFv5G9~_j1BcwaNM~A=>5`AQ`679(?rL{4l>gVM8U@o
z!^+SmMySrn%k$5t)ocxc@GXlvJ1E+yc}BAcnU>aQ>9mX#zu0#ki$mYm<j7UPC~;Y}
zI?1h)d|?y+X;ENsN4p{0Ut%f5(4oN!LJy{;N~WMjj~@24d9}bl?fxjVMlHprZt~jD
z7mzg;hq0qxIrW|X<-xY}E+~0WR!+|GWVw)vPg+`9)ANM)+awVYQIbh!;hK7nXnb^h
zNp9V7%!(B36M>z?oyRzSXp5=c)eUL>7b<dcK9(NeKFnbp(YsSIYBsp{bR~=?MGdUW
zSE!Og%RH0$z3zl-o5`F3tHG;trzs6O4vKkSZs+HCr#T%jqKLM_hVNFkz=oyi@(H&=
z4s(_!y5~wt=>bZQYJAH+ZYSX}(%kaZuL9@OXo5?R&S}UNRwtrd+GqectXmD@WsKXl
z*R3bW39LA(S!;H35PKO<eQ$hRl%AUtXJ}xst^zO>&IzV<^bBkqPNRh3jSPD(8iwM>
z)EjhG2hlG}q*WD_l=^ym0R)BO@Qj2uJutzf^G+m25K?s(RCFMP7aFF?;J2~01*PD{
z#yXNyP#i7gXM({crKNcV1t_RCiAqBP+kyPmg{HPy9RTh6XtkuMEWgUJ%)fFHNl?%U
z`uVxH_bt5&m&^Vn2}8O&y0ndfq$~y<NpgIOf)5Er)sBIXy$%N}VF@Kq4daQTAV>@V
z48T)@S>CY7$jbv=4OvxH4Yfx`due+~a}&h|59K^VtDVG%6sifQ!bCxI^w=m<x`1dU
znGSGqF}li6ef{OEEE^;;;fuA@;sB)|QPquovJG+#FxvwuS^gJ2;L_GTt9dc;j)7J2
zsJEtv2NywLB2;l#{!6PI$jAoPsh|w|C;|%2AKgT|DaGCizSZOXcV`8@Icivbf+Wfm
znfMnlEe5)}#AIZKIyzC&(Zu)gIB(?!wn=OT>4eaKY7VgDB-t{zekN=CxRontzBxQV
zRn$lsm6&sdVfeQ86L7&aP+VUN*(WC_ziW2dDcB(zKu8d8;&i+{S_GrWsH2BVRqt@6
z6Fjknu2HK-B<`4%k4Pxdkv0yLVOqoiD_ueSF@xj+8pdX88D}x0o<#e&H|3RPq2+xd
z1?1MDc|>~TK@OeEcO_mHq2({(8e3xR;-7Fe>8BnZoHuxbV-a7F#iXUXR052787g3S
zo2LAyt-zJhmcI4L>g5w~)f4Z^m(o$NKp^Ea8{t92bYZDx=k4`_cU$S5=JHhHNw3&n
zD@x9X8rn#9SK-_2c^R+Woi|n}16RNNP0`M(;ZrKpY)f0>0KkYD;1aVpBBkK(0dMl&
zn|m0`ko;dbJc}4oy~TP<NaOGwGIBs^ZRH2P#{b2l=>Z<9x3@Q(>Ng;orKPp*2agHF
zWmKo6sy%N;VgDPlJ{LM$vTOqw@EXQ2+S-5%(~k@P6iC>V7?Y8b=Cwrs_ZPo4e_IAJ
z7`L+>t(~{P5?x~ahR*U-;(w{>|G)Uw^I0o^2m;tO4%^;LR1}nyNCIER?-v#p?CtH3
zxrzS9(cUEw4vNJ9^LLCl6TN?48bHc!(+~m;BpRBM7U3^{UztZVU}pxfma7)uP|W|3
zQ-f>Ez+iYdIFr*4qW^b!-D?r0sDG5-<lmLw>M!Mw{ipI<!2hlMXVDN4c<6fv0NwZ{
zDq(R^byDH~lJO`4%E}3m@A9S7dj|msLr-7dmKOjwE-SOdISI3i-7DZzBFyv<LkRB!
z=Ys*IWOyJ0fH|gJ6LUmd+}ukJN8%z13JO+MXA{}N$oO1)dwU5H5uUOA=#>Cv;{_Xv
z&2}fGp}`3l@(;D(MgmawI&+c#eBiIDS65emIP-fjva+&36aC5v@bYshSLzM;BjTL3
z4-6Osng5bCynV_E8Lv`){&X=3-~;DY2T%iUyQz-AE|(ZL9C$|-&lxW4zqhx6<mYvg
zqpG|-K-$lPgnqj|-}d_QNGRYR@`(WoLsLa1a2No`z9_&(q^E~3lmP|3ySqExT<31O
zhx^mrd2MLWU!nU=O?W$d0PQ5nO*O5+#8l<}{7~cWm;?SU4Ab}kKy$bv6M*GR$o?A0
zL6;C1SrUu<0wUZ1`{?-SXuX6BpN^QgYh~rRW}njG_vYrscDyDMKG#nm|3i1%GLi%S
z&zm<F$!_E@82&T?1_OlZf({P*gYMEhK6M#ofR;(E(fkv@=)hx8TiM$S8V6jUj-|0#
z>i{_~fFsmB1fWEm0ebC3oTyS@7~IrMA1ZM}X;MOhL<$=NJ3ChRd6e~5uXcAw3H`E`
z&?kM}zOWuX06^ON76`&m&&~pv)4q9Xa&mHN>h5&jm%FXKiR?PFg{Y*Ypq9J)d+i7v
zpMhwyQ(#7$oY?`S^pJqi8W1`Ins-K^pZ4fGKhJ>eEjz%U2f(fsoa$xjP5v#!@)92s
zXyp|Ys3<8_*)jDE42U3rd60h^c@Y>$-pMK|;?wboi&K%2!BP<u5djoOR-51b6mof=
zu&}gUitVhd?f?QMklwYv0}}1#ED+6NVqzx1pC1_22>2st6a0bznAL2`023LYVgWCV
zh)Bf$1(6CEl`ud`CD3;O4k&$3;1dtE;J;9T7vao$o@@Q^p9k%HGGp)$k;$<&qq!NE
z3dqe1#OOU?HmWKp_`w3RQHDn@ydYK}p$Qz4@dTJ;04fj=>)i(mStBDONl8SpK|nOX
z1qB(aT|+WM>J2u6c7NXuSNl@|M9TnSv+f<+y<qybO+)Cx0TAEx-TJWe>l&cB0^rW}
z^mzzkYv5)DAW{A@l^cMun3RkxV8htJz(15Q^HVZ_DDE-Mv;hzc^mKb)hLJ{_ex7gU
z<m3Q&zdt-R;E@p!&;@XAt*xyQ#Q?|sc&&|~q(h>D*w+hkbn6_2J<YELU?_Jw5qjbx
z?E*&=%yV8zs;j#JNG%{J$Yp;ZPqmu`j3!Fen>5<oTQ=nQ)q9R0Q+*!@ZH}-5!lA#D
zTH7%)GA4|C{P@wz&g{WE%i(1C9(X8L>nt@}0t;j&r>0!44`8OcA+z*9k)s(NVY<8m
z41);Beu~Nu=;(eT<)}qrPg+smUjRM3r?Uf${vQqiqnRcdgi24GQEe;*(O<%USLX#)
z2E1F|){KIJUu%3y_lOp6(*QPEkPt6#8^BXc<#utH%n>axNG#>olG$Xb;ha>+%AWk8
zv_WAdfe-|I8Xa$}U&OP(fKZ`_^(lZAwYe9);6ee+oSGWWD?j?ZH>XksLkwD1Nmdq=
zd(iPclzJ?HrC9s;5ew`6tG5FTa1+DAE-fzJ>`g%1z<K$d1Ail+TELdVBOn0m=C4>x
z2JI#Qb3&`{C(YC!EL4A4W~R2iJ#(jL-XC5OaQ=XV(g$80S~|Ku-*N!NsyHh6?$5yl
z6%`eT>8J;k7Z5mt5Nx<dc=$ok!-Io1j*h}lzYuHR3F>$7De*oYF?}W9FmE9xB?ayb
z5uiP8vHkncQ4ERzk;Wqv4BX>Ju!Dj7NDjk)@cM9Af0W<i-<99`FXfN<r}Epj{jL1s
z&;Y=imR3lbP#3u8gJ=M|tX46ALKneCbzg7yif?L4_>bzXNo2D^vx31t2b$=93bzNL
zQzeuJwQYp{XAMXP5G3pA%T12RllfU$7a2ekTp`NC0UbwxKGVQ-u2kO=mO<U#)>bz>
zG&B?z3AZ0}kFq$f1@8Ed1ZN4Lzdk%Z2Kf5}Ilz$=b~Khc0PO;R_W^`3KpX*pB{cv+
z$cp<H`jo;QHi#2A!h`u2!^`vST32&IDV(K4&lwPWZTbEG7<=oethYCM5K%z7rBS-1
zySoIWQ@TUC8|f63?nb)1ySp1nN$C#faPRm2X6~9<cg;VjDDv`o&)Ls@_H)kOQy;T)
z^75W<kb~=9&yTyXq2U(T!cuUZ|9oNSF`gj^F4Tgh+$jx}ExzUPrL?n#EJg&M3h8ZU
z6Sx=&JYa#X$pNtb5=cMO*`;=ef$(Gj4bSIxhu9X!_SJY@YpmD&O-b?bK~KK(#4{Xp
zPE$;OW5@(C>9n#^2rx^erJ*svD^{<9mIYxU+2f+haR~`7k9UrFMH_AM(a#TyL91mA
zq8`Daa@}pf5%T~TV8Y_rIXL)7fC<Pds!s%X$2084#pbs`YynuHMyhs#($WYb;F=xa
z2Z&3$7l6v>LG<?Z3AciWvmO}5gs_#&ZoMIkU;{2zTCFs81SgiRwtC`u6@qQ_W1eCb
zBtsl;Y;-!ru7r13lW3LX=SRiH0&DO0pK)OVngxk$Uwfcx@!Ibogij6)(J(Wki^rs;
zc>z{F@9=9hH9IQ{<q9|*@9!1*yNeG!d%}d{Fz>v+0ec+yPz1T4Ku;;Fs;U}7pc5>D
zFf7ByM(Z`c3j>hzQES4D`B+E>G-ugYpz>EUasIEge*}+fItWl7?P^oh4@{u9iU|hp
z*9lBUgBmYD5d&A+4TPUPPs;$;Fdh0|aRm-bO=vHnER<A16vgEbJg6rXd{k6szy}iS
z7&(gK6yQia{e5r0T(9eAEdQSe`$$4w;G%!?XIl9X(xBXWtrgVFsPEr>mGr?8#cN>f
zqh~72upYSPbx%u*aR5@38lIn@AB=%cCom`j0~$e~&5n11G?0wY*YqHVfJzH&kmU*k
zm`{60M~FHGk&Nk}M6q%cbR<zoC-_8_J71NEmm5r2LkG4KQx_ZJ>5AcU*t~NJ-7^Kq
z6`ZccWK~ewX%D=h`XcaPh>R?v%sKXen=m-8I5h)uD@a}f<uGU_OWZ$QtEYm5qMtwc
zPQ($@Dy%(<<&I3{FH#m9-!(EKBPf`;`T^S%7_1OxDDVPjIh_+cbg=G0^N^1QfL2~0
zE7WgaUkc-SU4hJ({Lg?F;9_EueHIrL-3FB@i#ECx?V0oelNhh)1mNW3)(9u6aVKkN
zWK^*_IcW!M<AxE@(b3oS!PRhS)yyxrxVYGUz_nBZ{9E7-lx3O5?TkdDmkqWQIKq{i
zn~Opd?p6$p=TtQ{@eNT9KxKy`m;%@2Wn_Bbi7Y-J3U7OOdIHC{@D3y+V|EB&5C4wm
zYUFb}I3_zije%TV7J<iJ84I`wsP2c12v)$#@B6SsPfrhpY}&JbjPC+iGCg5f3lDxP
zEA_U1^forb8o_T)!Ql*pNN~j(@cemtZ79c{=5FFXJ>t)jPJ`Qa6Yn73Xoc|TZi768
zgi<jPk#}bOL`}j8d(>QzoZVjEz)^BGLipp<kFv5ss~eOI>>tpe|F^4K0l6l?R2v3?
zOve(#;6A~@o_UyV<Di#Ks7o$`R!LzYn%00rY=K4g^vn#H{#^cENnRQIU+d6(``1?|
z41uVE1~f$tjSr1?DkpZ0jlhl@tg@OX_~^eog5WtZ;Aan>v3nSlU^VZs<{)WaMuyLd
z-Ji)6UiUZI1rdSd6QsLTIgP9A2w<Zbklp7dKO?{0e<Q!$U&tT*Z{&Bi{|EW&Fd-ns
z8oVCe1Ox=Uyq=1Xqy7SVUsJq!%+RYh@V=%7E<A)=WQAm}pr8O_tGx~;{a=H&VGU#&
z=RZ%Lgn|z5!D5)ykg&3%^L&Z?PwVpcHvj+gv0JKr+b#?*8?dSt;eXmh-*->BAo2`|
z2CL@b;A*fNzrF1L-H(+80k{J!l^<l1fn%>O7r@&N2H6WZN`l6PE*=kraipcKuD(F~
zKi~h480ZiI2g)b{(KeodI)h~dt{N(8X=%yJzla81gXJ+q&x?tVA3g{T9})By`L>wZ
z0LFfW<c}h*rZx|D$RanK5I%5pvF`bS2NWQ{*vD7p|9(x)RKfe^#>P9q%a;RxbSbOI
z$jB(T?d5^FvhoaA&=RU^HgsBz7XZDkzWSnwJ2+f?`m2=x!}W#y8^KK=F1L$a5T|9b
z(H#N+US@9}ctUx4dJYW@Eu;hXkYA?lKJ86XSoGq>3vI;byYZg)_xE+G{v|nSrCC4Z
z9Pe*$GvUE2^KTKTrq62B0E}Uj*V_6Rv@sy>uC_H9?4}6lQ)`+fK?dL<V_`&MO?Byj
zsnvD&S~z6n%MqHgtu13G3Zk@<D&u1szqhsrJZM{YRiqujRn{`PkAFkYl~8^W=x%_&
zq<XW<DM)buX4OkEr5}@63INLi%lJ@MRI~>GS=&|qA2B7>w%eU#XWVh{yaBE~`?Mcn
z>d~OiC_6+0oga7yH@)6nsw)c&6my4>;1O2>p0_Q7qb(r$sSc0^5Rvq$$;lEpZA#%S
zSDQtjjOFBzvLqxV%ulw1ehy3${k==ITiig^rnSs5kdp<TL1$94GT0wLVw1hC?YCws
zMKJELKW7V}e*YeU5qu5oT=4!ru=fXDy2UANdz0-~V1_LD@nfls(BCA~CEIk*1ROsH
zF2Ei2wwqva-&lVyg<Al>2L?lnG&!}RO3zO6>nmVAQCb1y0ap=$C)y&nzy>FxBP%;Q
z)@FWr`S{$NGw2yXP1D^J75Z#x`P@j&!d#88uL-zntbK&Z$SehKdL^GmgWWdxaVcCC
zX;g|qX)=$_*C;DG03A@duAro(WOBFgU#sji?-Z?(3*`C4tN}3Wj>~EU&<5N~<@hq=
zs%mS!5YsWDMO4R9x%<qeuwTsrk0BCcPR<5!f+8USTU}ip3Mv3Ryjoi~x5n01zCmE;
zU8gTa7<pZYEXb49hzsZ~DDmy>0vA|J^o=-N2f!Dtzqz`)x}}A8h=-7ph6et*vqIDk
zgW(VWKQRyw@yQQ7K}jS<q_3-}=&-Pz2DlCEY&)gOjSh|lk4{($i?YT#1IGzmGy(et
zkziF;Glj}v<Bbdsc7Avm8s#Eg9vr0R=l2F1_&K(S6yhZ<H#Z(KNI|>xomv8?*<VJ~
zw5!a{%(%L{XR9Z~fZV^Ju8t4f+)V&K5#REq)cCENy@!y^3<FM_fcB}f=$o4MJHTc`
zBnuvZV7?Jz!Rj*Z*s^djM@(dfnD_7B^WE)|wEoPqFoYnewwR-Hb#*Nk+?inQN1Obb
z_{tR?5wXYO{_1F`5*H6I40Y@G?^eAoXws4H?wtDi1o~ame98k<H4_kAlFb>fscQQK
zL{GhA(`P@=4&z{tf$wC196`ZD2l=(UgYf^N%frL7cz|T`_s(H^)d@-ATg2yf5!^r>
zngS#sW8a8<YI9B;oJ5f0kVTHQZ*FErwVw|Rw&0YnL7yfsBKR^>zKq31(m~mUnc*u`
z?E2O~^xQM@$No3++y909-~WyL-W2~JKV=I91c(IzjXLPChZ7iIe!V)XTN_R1e+!cq
z7sm#oB4E+UGjKJ_bzdNLjEo$`_O89pY7EuD2rvZ#S3K<}5RKt{b*LVv9n+^4`5n{f
zWHMK(;!9y6wRV1HCL@Re)KlbjyWnu##~{>Ae%_$K*6I-x3#$%f0zHImg2Wx(TJbnt
z8p`hzArhleM8e~r!%7jJ;8Dwpuw?*X1w0ApWhCxWsRe>~$^=FO8@5jN=kziE&1$d+
zfYy-}A3q1|;6TJxrMwRan%W&{cew>NxNR<{`WILq<u8zQeyWd80@tl<sBpRF=8Oyo
zlVe~H9L%rI9mVRz%&`1s@(%D<{e+A#7zAtvu&-X>gF!=!E=TqVXa$}_OhoJYTi02p
zl^tG?!{lrvTek{Eo<Ir1;$U;yk$!vvt#iBbH{M~`{z-s>-zq@M31C*gS71_2h0(XV
zriRgXoTQ&NSvtxCbm*T!t@<oYo?s3hvbCY%1xPw0`n78sXRlVc)fl>t@S``x->Xm3
zH{V7C)Hbn`moP{oq(BMSWqswtfPx@2IWa+G@RvNgVM)Qq_cWZy{Pgq$$T>GXNHY5g
zUI94cc5!-Yrlgw53=(Z@1b`(_W@*-MU&>4gVOyjKP+chZ&8O|kSZ?CSmBIW*sU-Lu
z9K5v$4Jc<&5{lzHa~CD&XYT2i;n3!KPHukh)K;LTq)IfMpKi+`T?cFhvokW}6co^~
zv4a<vW@bQZ_el;j+qcE>AP!qgv?0t(+z%K-<U0bHEx-vd2Y&$H2QCf3uN>H~gIRM9
zHmeg*Oqz0kS_(9m5?4f}0t^CWT$ox}NokxL&?iAb!8On8R6oC$jj;P}!1uVg<2JlC
z-<jElSE~nBPE9S?7?h-S5s!{-M+bIN3!ploBm&uD<JAs(Jq{prqv$F8z)rdEq~kWS
zVysiQ(cHu&2=Seq9Buc58`=%7X+F5B&OzXTGTCQLo%dYG4kO-OKsKYD6ICi{Xf%R`
z9i)_ORDk8Q`#SucbjYq|_3_bBM2fqco4$%a<R%MHb$iNtUT$e>YZG$z8TY#amcR&K
zBcVFMG)i~DJ?am}C6(+`3@PlN=Y3%2sn~iAN4M=z5rl+vQGU&R)BGC?RH65)!6{sD
z5GNllsB56V-zO&{P7DeYpiX1s>Xo#r{J7OpEus+{oNitb&~-qRCZA@kWuVx}ucFx$
z@CGWCxC~R<<C7C+w|5!rJ|{kc2d8Cv*aTUQHnT?)(WahsM}#*$EKLfK5%@_pIv>-$
z?^&lx<#G%S2?6ytp&-9BYrgk%!`9fCobAm~9*t_LZiFe?2|d@fBmU8+Fc+<W5)kR5
z{^=9A3Y-u2WT$=j_M133lLerjg3zv??{*2o1y38@w)#<PS65aDvJsF$3?ZC#08nBl
z8s-yjRkIu6u!ONThxKS|>3}8kaC<wrZzwV}3pAduT8&58ERM|Ol+vnxzP|J6K>P+I
z>y37XKXTUncyNBHK9V34qxpQg%bQVCE32<pqHSOIu8x-GrEh9fP0{Vcfb0_HfZ3&f
zL*)bVnIt$;5=+5E=;B~b7MpglgK%MG=Wq6BO%F&LNF8nSxMiX)m3xt&Ay*H20L^BX
z3M#Fhm!CuQu|=7tl$8!CYvuP&U3g-oK`R4NWPQzBCV%P(sV<E1mJg<I1^^>yC8cL4
z#Qtw^815VoKr3yYyh#RR;M+XN?49nSR0l`R6%`cZDgl)RY6i*7>jb0K)zwyzZh(>k
zdH@hy3K{AjVLScj+WQYhv9<T@Hr6a3(+My=C*X1j9@-{;30f#nTqLk&GiWBrKO(q9
z<a?kZntf3H=9-d)qLA~9{E7dK{0@I1|F?f5zyH!d$gdX*0f8|f;>KtQ5}P1jzEroG
zaNaHG>=feZS+~hx2BcoR6UfvVMY|ZY#=Kgr%*+M{0gZ59gz7df+F^el9=@M`wiE~8
z0#6XMXKrLfhWjOKT~p`>&|f@(Tm+orQ3x;|yemqxbmr4ho=-d&9KMrsq4h^S3q~NJ
zl_0s-bqA+F@C4@}RwB&MmpC{%^~e{RU76ow4)nE|;&9FZWEp9wsc{7Ft|c71MSjsd
zl>;ji6Plhb{p$ii-?M0+C!DVYn<E6S?d<I2R&Ah^V1a4BP;gQsP6B<sZV*$5=X?Zx
zJ(U%Rp2+V2Vr7UgzR_)2+fyhp{w2r^?9-M%u`DVwH3xza7!S-&PcMTb8jI@Xx*as3
znnIx6u4Mwl20)sE1Cx?)&F27L?D`=0ZNo)gwFneBYU(V*9=7}_J>L8QJxTx~U@iF1
zfl6_~k#q-60~#6{+Dt#w?jL|1X1}eoT!LQjsRCgVehqadZ&qD!_o?klfBXnKT*ug-
z$c9k}J%#MhOONsI2fj7Oz@~ppLtTA6M!0sO1oZOh9%lmp-9g_BG}ao=dnXp(Eug~9
z6XckIIm`S+cL;hwV`v;u6M~|j?@6ciIAC&R=jH|o5&<zC78j^Iqq!Fs4wEx(jiER%
zNstBv;~4VzfYNw@N)9LO^DKQliK+lb%ea}z3JB3fXD})W!&?yStUr0MQ1t_V)OWCX
z>@KK!;~9Q|bmBw?JxIINz{b#2{W%arDuT^nkAg=2YMq<#e>;wf_R;t!V3XkDL}g$8
zuslMQeh7X29%`dM6T*kE?;$g~V41i$PR;=cDn);U6;f5514QHmYI_;5&V_i0Y^NRr
zN;X0mD5!PDLOJ{!@PEw{Wu$d~b8~TN&gv%<QBt)n2Xg=|FbV?N2@26?+=<F#E76rO
za~vALj>FG5`1#Z6<(}I@A#JaxTN7Y|c@YBwJ!ipGKEv6+Ng%{ZU;k_~l3!m+X?ph>
zI2MC00YtlGUj-I*ChYDPx`;Tkl9L<n!jBVR6M$0tY~HP&gGI3gW_1%GE^maspig#m
zyqJ73k-%x62T1aL7PGLh@WpG~FY8&}r#^^cpEq}R`!(QSzsBbC;Lx#&^#BV1MfN#W
zjDqc>q~toh)fXR{%(oTLzrF+C<mFKMT?Y>OUZ_#~dgf8al!q)o$aicL)^T1-1wV=y
zxItLA+tRzEeuzNK`)HZh*rxrHfd4$7lwi5>P4xFve8UEgms3(x3%%8Qr56lJimq5E
z{KUkrio+W&ToO7G65;PD=YI-{IB<-|(nbh{wM5r=eH!6{&OyOatDa|t6u^EBO*Fxt
zgZlg~PP{NJC~cJo6rLa?kFV)NvwZMA^{KIftm>MYh-2*ELcu#N&uAhoPa5#+Ig!@i
z!&?_T@R|RQ&zh;IF4XC_CfYOr&i|o%ZS_ktwT;hiFp`H4fgdQ@if>!ib@6MQU!w{B
zLi<}q@bi?Ct!f<HJRSU>>HuozhNHZ)GFeDz90<7m>xKUHPrDC@fnzF~R=~{8|K0O<
zANW27zH_())D(1;AhQ%1xV6B-Hh`sUV`C#H7Zn+a>~MK~zxT&;UjUxAdR*xL`Jv3j
z_3VV&ft8L9gj-vH6VnV+U=tw)MT7XV)KtXuh>(y5$Aj79>#3*v>9jW*rkMf%&kx#T
zXIpw4Q!{@R`555CS#J&w#DRk@e+xaIKfm9j{(pT-S6607Wl^&$-*oZU@jYQ;D{c1p
z2l2Exw3@EZ$Y1{7$nW?U@<;s}`9mZBLH-JC2#95c!h-mCj0CIbM5~NC>0!G1ZDVLR
zDb@FQ*;yBgA2yy${<yY&S2eOdOSmY+G?*(%{JBxTZMDK!{GNu36j%BL3Ujt|BOu$K
zrX*6TD)#!8LNm4YLrHqQ*=FP%2}@d8gZ=WKV&CCepaq1hs3yl_ls(QxE7GUpjM91<
z_-#vJMZ%pZ8d{`1{=y(uTH-Xhtz^`2f3szTW3cV*RmXY!Bfs2pXOb*?Yuh+bXW{Z9
z(^AoLgX(ieArB0UUDH;%jVJ9~=d4@TzVc@6fb>wk5tsw;uu7_$^&M_Y^&Li~$D&lp
z4p*F5yl>&%Vw3n&?l^^U3KJkk+%?1MG$szQfG=EInRO8yu)tN|h(1BkxEN-Q^|tq0
z>uB^zZu~x+Jxo)?!Q98`<*J|F3qRF~5@}S!SDH`z`WY_y2^aK?6q-l*N&;x&BemMB
zvZ}gvnriyGS&|ctb@l5ZO}-uDxUPSwwqH+~oE=fL9ZWrqGN7Ru8b%^etI@xmM{IlW
ziH-cN&OWn~9(hz6c&M_(iIqq{z>evy3B?JM#@_TfJi5zx{lo90Y!13`EUna@qcqon
z_#o#J&*oYwDH)9_^X7=lz(s2K;_m+M+U!&m=eMsbnRFskFm@7L>IcgizYZ4_4i9`_
z|2%SIIe~^&OwDy(4wZUOeWk4K)IF%r8;JLD;&Cx-5DuA@b-8eGSdBF7%@e=-uNNvk
zH8txPO%6Fl`92OWnta~rXToNwy%3Z?)D@QR4)sCA6r9G6U^UNbz;&0(Vq{#wkUG>q
zt`ONwPagV{R^`Y<$RR#%I^42(&db-u$J|ufGJ8F;%Dg#Cvue`S_@ZrP$orP0pK`hW
z`}w_}uSwIx)|g^K+D#nn=HiONSW~1ElF6V1#ZP&xHcWBKiQPZ8W|<GT(<+X`e{Skx
zhuqg13gBcpr??SitjO#P67H@qbsFnULUP;cxa3KekomDC?!pV?&qVZ>BZfHfABt-w
zIk`kxqtX|&Rn9ls3%4n}Yn``hM<hjN94+oc(DU~PjbQoTCKbyUg@>Su7Me0eqV(b)
zqfQ-eYIXh5>gCgEU=bww^nrrc-p<{1<Kba9EMQ8sjENEcEUO1>g|AO6A#!L7t6`%a
zHWXznfiZEoXt;-TPdOD9s$`RDl-<AX386TWq`M5VlbHl-KjS~#dnz;VI=R^O<^<<|
zz2tT*PEVfN-icK=D%pQra%DlsV#z4uuMmieiiggN?5#(Tgp2Wd^f;ze$l({yt;YPt
zK$VvHK1nPmfumGQq+UGTf2SO4pv5L5ssFm>EE)@rBfJ?VK}ELZ6%w0^u7FLHg;LOu
z^kRW8zHM-2d72|>Xd&ci`RZNsbA3;%w3yqaN);YUvvkCsGnM{mWj&0YDKgR*QPzuR
zZH|s?B0U|e_>H20PEN)F6v|8ylxCJj^Ho944t2f8GZ*4t<pvO6O<R<;h=o!*AE#k_
zlWefFhOV*23@K7AjDc)KZq)y*lxq-lC*tG}8)6#m_M44yCHWoU<Kw=DI<D89?I82D
zv`-t!N98i}o&{#^FboGxdmWfaw;9yf5zj+B)?(4+_dKy$a~&z>a+I+wEX4>1vvI!y
zm=zDEOJ}La6O9Qyhr>{s36|#AnWwUM7*~?Qv1bEC99sNZ0wU|Qj<s89ANFSpm5-`g
zva5}n9Bg@N3XheehaK7Bc#SM9KJXU!#ON7|xgQ%l@#-ftiv6}?t3H^|9H5_iosMIZ
zKptViJzHbCeoRS5jtIxVJ{1{e85mwuV%BKCB!{+C?UXqK+v2gSCneQ2pODwKGBfzV
ziGz);l$10hm?Mz&W;BwOAz#{UjKf;Yzq_f<PS|(la6e(fTApA(8Cx}0I+x>}e~pE*
z#mWcP3lY7QqtJaY{x49GLEa}O%Zr3HN;o_kMy2<5AB!iPs^r4Odq)21|3-eNzmPxj
z-^d>&{15W~0hy1g0oE6iCzlq#%dH|p>zqxGdvXHn)>`@c=9bd<Zm))_Pxth|yPL2X
z((?G=L7<sZlD;VKjd|tG^r0S03jXEJH;&djY5b>x1U}Y6^(ihF+F@vK<u<R8Z2ph$
zPlwUPnRjtC$#5xHx(U|KMze0>`F(%M%I4zgyp?bdwD4|VOHSC>llQw~QbZwddt!2)
zIa>wO`Iu3&#hj~M`3`<B_B4f)FA6+K>~-92t*5;Q*gU-L4s5IiTuu(bZp~szNh(@p
zt=|&TmsW<Q(_5(<>Z-VLag@KEz1mpasU+j&BqyA4ESKx4-)^B#OBI7^efV50h9uqP
z^XBX1b~gdRk&F!NM#|at+Gm2@;f`yaA8jq=FbiU0E-Q_NXzCpMlIWfC(xkoDrsPIV
zre5z)V@_+z8FpuL<<%s3X=u7+`Ek_qR?}Gcnv)9Bnkza76k)zvEF?8@e6l@R-EXDv
zP7{KP@_#Mt<^!$W7Nc1Et%YxCs46htM8+;(d&NcCyua(miqt~0EedMrD3yYg>K1lH
zE|R52!*sEk-N}K&B>yUJN?;v)Nl<uA`8XC6KY1f;MM8O)Dxj>#DC&Q9W|$~d=7n~)
zB&b6i*L^9AP7G&tSh+v=g#}Pg5sOJ|`l3g9Jw7Gd=16#t4(xTNUm!$p;0$(J1iWfs
z&Wob)C3vAV`C}Zju)=vPIDWwimfx$$ocu+#W&=A1N{lRf1~E3aJ-?_-C<dk6iQS3$
zpfc<n{Vxtq4e61?lRoQ0?#BL^nj$pE6xq)!*YY1Ur4^_1ks9vKGbMX_l~;9E;-hST
zJFtBz5RehleFDoi>a{x#TTV?;nB#;&gWF+wo{H}RTpY~{)*xYWuC-Q1n3Wfq)Cy&#
zX*@}%KR*&?o(!K3=gAzz^pfr8-_}S;ASg=u9j-D;%a)-@Z(iR+JuFsBre0dyqh_O~
zVaQ~nq+PA2=@I>2jFTdK;)-PRa?}miEcL3k;23PtwPIm~!J4t)l6uoaR40o+AV8VQ
zmu6;d!e$aT%W9Q_a`DpgQmNqsnKu{5)6K+yUBibEho9EhXE<NWki!|73Y*=G(%X7o
z55aADuNNE&zJ%PeiyalYVW30!pntsccz5&7<>6%OAl{hC=E7$5;-i}zrsHy!c*#_*
z<AH{R-Q{7(ds1k_`~3i%3$%dmF1O3!)XLPwE<doS>PklfYxPza&-|J3@4Py%*K*>;
zN|}DE(g9@ze3L!<CkH10Uw_^=z-{j?^&v0#k{Ou!R+Fd}En(+=MR?NpHg`z~B31ns
zDr!!{>-m0aTIqNNvqi_w5@&n*o8TG7zQ?f&-37J*x|D=c<jx6&?s8Azcy8z3{L;}u
zp+mSxRxk&pmp&MW{~pog@w-7U3t0Hs7p0XTH(;C*S0t^LLhI^uDAy)@FD~VNZT+j`
z3ssm9nYI0Ke8cqB;4RLB+ixW{g0J5;ySvL$#ImOS@#5`A(-Q{=Cat1^u6N`IT^*ZH
z=%wF$-27g~r+8a5f(K*oar<z=bonbT!Y?)Ty|Wd8kb8Vv^v^BR+oN~`$Nrh<9wiF9
zOTX)Ttb&#MsE#kctqLV<uXj=i8D%~}acy3s_zXyXS-h%#r<&NmSQtbu)G6_@M5c6*
zoihfyK0Y?`_|(p_Cv-cZ%E4eF+U{~Adg$80MeY;(@@vL#L?_n289Yo6m|~>_NWCrF
z0t03bqQ^Dy;Tt}r|8Zis9{Z~2<g`N*_hja;B;c<^peu)uKiqKDvC^D^lS+Ag^KBrU
zDFO|zy4>k&uCgkzU62I*>%gd@9GDv0hzPU6t<F(Aw(?XC?HX~5llHg~&m;O&MVYv9
zU1w6lkRM-V8uG4IT^t8z=89aZ=ZWi)H2K&GbVA)T<#=p(ulF}TzMhIoBp#KYsXdvn
z8HYPe3Gu1=&gQb*#v6am$m~VT#qf;$_5Y3h&VM2Q*MB2_?Dap$&wvO4(Xg8<6)@$$
ze###ot)LI(uSsjA;Xq*jL12@Dx|m4Sj4#zj`$*g2ebbacOCe@riBibbWStAL04jgM
zkNHMcPtLrcp4)mR{fKvj3esB|hR3coZ=>9PcC2`eb~EhCG8T7^MRjeTGb^P!S#k9>
z))@=ZQmdA}dz1{+wEMM_0xx?<97_J{L+s#K${W$@ZPkgFoq{2hnt278fSyclV#XKw
ztGYm$i#~*C5{%bDeK^uNfJT`JO^>wx!bfn!!kYOb5~%@Bl!9knC~SHt*v3!$ln<ZX
zO3i)iq_%A}4IVlCczs2lAl6@VBw?D*StY*3T}*-ywt*|(8zOe0-pfY~LwICiDcO4M
zyJi$t%S{PkXR>5_$<ZG}(ia$dXDKVb5HVZS(_u-$YSJfgC(bDhzeBXfNrl)z8FVOK
z#w@s!lZhFc89*n&WiPBTusBOep&N?3!0_-|$|H5>wr`C8cz-956jn8JSM%to>Np!d
zDjQn_sY*W@HKfcL+%It!098TXxBrBOAY)DzU!+W}nt>NK{lEjbWpGsQZT?G+lUoYQ
zJdTXn@0vX+;o*g!@8;eiSa&pI7dJ|HRxOUqaG8jipdOGcx{@NA7jVnEsG4mR`ZzOl
zH)vw+#_wK_eJ^@Ji~kKX{gBX0s`j0)rX|7dGH2n7W?M~-{6I~kjpKWcp2a~4H~gQu
znf01Al`PUyAe*GNNFi7MDn>$qZ;c(!9sB{(^!Guz{Spe=OqjzHg3R{d_R-<63f%#e
zs9}cRVq=!`s>gYRd7j(r^D0@o16}`KG37J+rucepc{)|ux5<;WHBvg4E%BYv3kffv
zCDo6*c#;2PXru&m_K2}FvJ`7(H!{ln6mqZyD4IzWd8MtNOS-{4VEMS{rJcsA=QmS?
zH<mIRf)vDJEFGS)V@gx$XkVk=sJ0!Z?S7UXZxR7uq`LTP1nz93r{~xF%z}c|USw##
zWX*sg68TTi93dBDR}q~nw=PSYc#hKfs)D6S*s6(f3yhxO=GIl9TAj?f0*ceKgD*6n
zAM>ubNP3&kPm@+5Y|2Utucyyd%A~a^i@mm_skkCrIB~IVW+G}C0fGAHo^tzFIytMA
zT9_V}Hy571PYwRl(*y~{W^bU8Oo)fIV^&m=rm1lr{qHceO=x6<*9z9bJsLKzg}!c&
z>=|2HlG0=NrKC>v%+6k1oc`dECF-l_icWkl{psuRTH;cTeRkS@FB8oizt?0?rTHua
zs%X2k4WINY@3ux4FGlt?os~L|2KKe2w-yGLTf4d)#mlXn3mvN|5+h|zwa8@J$MfGc
z^`WW<lr@7`s#v@xql&sKAC|2WxM~Wuns6V<3GJwmr~`{S;+d#&F0GJQ$SYZ>6awq?
z5_)q3aIlrErpMo?3j8w2V)-Eyz`n9lnC%guPr%Dm??gMZQJ<T;9;{a)pA^*va^(@P
zwX+)~7k5$M;a>)){Fb4@wTs2ZS}C!O|A<&ohszp{^`<-62?tjxZf>@_o_g>6Jo{)r
zA%rl2w<;`44U^JE&?R<ze<itLw>a1ad2fNzLQ2?#f@VG}BEnX~{G^4#8gGN=*YG~m
zX9*gIM5_i37iutOO4{|=A@=2-|0Gg-P5c<WLh_I_SMtkhbH{k4w&p;vCQY<2F?p|v
z<I`M$B4VUc)LYulxQ2!=g-nja?^F%?{E6)*UNgMy53H)fyeQU6fLWG~na{Dcl#RsQ
zf<SIi2FaLYLUiDm0&z)P$zH<rPwO`PPf>F#i-U5ljE9kHN@Hw7R?N)Aj{LaUM5@s+
zFq3Na{@K~N5fSpoX|22OVyv%XkVZeojUzwF%EGt&*d8tM{}o@vUN-8>#xYxSqyJ|&
z-r9c*0kHwD@7&_|NzadLPz5LJ<!Oh-?qHh&ehK75zD%iJfsKC`UvvUjk7(b$GV+Z4
z!~c!^E`K3^#J`b0x#%C{&vFH6jJ0{NPGK?cf~^-BUb`3l(q0+q;UZo>FF?+HLLOA6
z)a-(;{rE91EsZsSTd0gkb#Istwl%-udQ}DhVh&W#;6nfwqLfwcJ?bXb7qsm{@fO^$
zwa_l3kRJn1$JlX<RFHP9CVdQ~hRNWNt9irzhJMRNs<!)ePPOHxujGT5_iFo7;Za_d
zvD50^x^A%BWJX+H<U@nw)@;p!@OQ|A#bkJ5EqtNUjg6={HG`tKj~lMHTY|K_Jm#Ml
zII!V^X2~xURv=OsS>ak`5G6619%}|>j@xj=DUja+FXfLThXSK4h;)de_$=>qAKf4M
z9_BKdIkoJK9XcO3E^0j!x&vt9$Zb4ChFXm*eYz)e_4|<g6?Mus7L`M|whD{FSRK(N
zRMs8@OE-pZr)GKvo6J&M-tq#VyuJ#(b_It>VP(1ABu5pUe4>)Itx^)A+NM_29_;8_
z`dv^m8&$L=aAUF5dpSF^VAl}J{H-z<_SKZ#_G)`>Fnkpg@rq{2(DYLO%wX)0l<U>;
z0sSB4WX+yPz5EVAZ$3Ur0v?{~LG2eaWR@$~>aQWL{M@@wY|59|$Udp#1ioqlA1&3`
zeK4}tvF;U@g52Mv4ZC^E=n$zUF5(}q@;Myjk@|Dm!DfEoIuG!X>T&D6E!JFYQpmN-
zss{>3fn_`HK&`pDP$FSF&&A`bLJCN_h}_O25~U`L4>3gzRgDZJakP7q*~E*k4CeY|
zs12c1S5g-ybo3hIn>XLW-RtZCo_;?Yx?JcAtR~+zJy#VfMO(|wL>=o{YhVoGjAd?_
zQUp(9rlOQ=^M0?7BvH{H&(JKy2z9QKX%W3UkscHztdYo`Qfw%=JC`{dIF0Ieaht-C
z)+Fy#Wn>D!;!nis00^8M!GrFwx65<RD}D-jdc{$3Bjq_;{DJ4hZ2x=R#_-7HT-g!*
z*8URw=1Ekr3Qu5&q;dsYCSuQaVN1(xr?1+w*^hi^xm3J(<>X0ZuhfrZI2n72*&Of2
zUfwJ2ec2NHG9A6TQ~1kuTIvfV6xRv$&<to-MdC^|o_;YGHaR1Rc4;@UpihWg-2N`A
zI6Ds^2OU{((_P~>wVqMWq&Cvk4kmSsAII%2S38PCI%f&`NB8dW*<BKsVl|{DPfs@7
z&|RDL!|9uOV<e;<XY1`k>MAX*#4u)Nin_X5CSNO}5tP~+Wy6(P8A&Ctqb5($kZ213
zu28*j3G9yFX)tyTcR#HN-;YjCW+>#IF;2*6Y8KmEMkd{6=yu(`a5PVLJX$^}z-_44
zEIH6^1)bZy^Vw|iz8}Kcp8*L&uV49rM1ocYRDwrB2QOX+{{Eb<Si0K42~%lqoL6UO
zCZw)&dU`D+T>5*N4I@?~vokr3aHh%G@{sb=C(eg1|F{<)5%-tkb}aF5?J&t34CV0+
zA!v{H&3TRN?t`w+<ke*G=6Vs_uFrbX>bw$ixX1noHfZFyjq8%X!oC|(YnRNZ@1LnB
z99dPzN2cjQB5Md`+w$JAPM)PBAUPP)5x=sN%hEIo9Naq{DXN++JBm+4<s{-ou(xxn
zq*fSGhL(DdC{U8QfqXpjsd&e6cjV2JV^3IHPGW$ta8Z)-l=rVA7t1M`eq~aMNuP&J
zcb7kfUh!DXxQYC>9yk6MPUCxv`|6P*J#5`>gMpVXK`%iTwqeU;>L0SXI58vbT7Nf?
zt%%~sfwF`2#ABfEUoCs)nx-Wq3vU!GdOSe{eHR;b#I;2oO8625B@{VAp#L2~X3$_%
znFQROr}U5LpfAZuDzRtNY814&nz_O`_z5?%mX5X!ciwHIVL%abj~|*@7uJwkAkL1$
zbSa70XBW(*&yzOS8C%JdZiz^#C})T|)4bX`_yJ1uFtQ%rn|<xPN~MELOD!CA+~E3l
z-rovsWIpn}E(nM;k#F(Hop4a=xy7E5fBe6Z-}Nu#5C1pvXX^Ze{0|_F(JjPjVA~w@
zMNXe_e3><?D#zw0GW&@qVek6cFHj53d$?gIiI3-CdZUO?3k4sO@OdtGO7QDF;V>Nn
zdI9*MHZ=g8`10bT+F^Z#9(r#LiHA~&f?%-R7PaLxN=Vq+zWhqB%XMug(9W2Dh?*7o
zL=}0WdE{n(i+&~Y2#_JRqK1`#nL2@!+s)7hybgA2?BWuRa2T=c-)F1R-k)XN3X8f;
zRAIHPN@oKqSNcI$je6e;>~r38;n$uY#Z%wG91o^15gf?8MIWqZ_-)>B$HhlMI^Uw&
z%$_Y4?^VIC+^2>SU!<fkKS0qW&LDjT`!PuBn6fLLNnma!l1;NM#xHg2mlJ(-54BuI
zMhqYx=D!b1f$m0Q>%O%Rt$u^DmsZ=}ZM%Mg2m=FuL-8eK_i!uUu?rIwanbc~+|U>I
zGm5VWaTdL^3f4@Ozw^0m8zP?h@A>YaO$uur?+qui&*_7QYusqApT=4mT~KMN3&k8a
zq0aSlrd~f*_ssS2X+2sE{Q9C<`li6(bZ;}U4@oxAU~?;=%O8f$m4=XyQ{OcCAU^HM
z?G0i>QtHBsBl_8zknsB5qvU8kZVr>+to?8Eoo4=#x3?3GRi1=^3^9ehTP<&;&6HW9
z%T|2@_N<WI?SsQ1;)gdgnO;Dq`gXJZG|{?xHGZFt^pSF;D018G^4zmvM*6bbz-L|n
z=)L7NMOel{_e8peU+*M#_s~&GFIywp|Kw?6wtvSOjqI`3)fFmTZHk5O;<V?fx~VGq
zC2R6Y1H1Us(lwcCrAPzyFHt2z0>ngrEqB-1at8MHkD=3cjv7wlwxcSScBD?7Iea%W
zYAKkmOi6TfvlQMcmQK7syr3JtsE*9g-0jX!l5g!tt`)FdTB`9wY{M_yk99%ew`=t<
zMZ}wow8s@bR#56+l*zRMUW;yrX#opshwgq`sx^#i=cp(6{&VzT*wC%_?RV`I`vM!>
zB*@tns=^ndTfA16=lwH)^6tW)X5f!hRIn{JSoSYEqle%Mbv@m8cyOWX7aK4$B>8IJ
z0hphi6$|Fr6N^Ui#B%t(?~Td!GFtfCK4GWNjhb~6moXRHOZ0&A>9SUnZkQ`;R9wy4
z#HY{6U#vApVG*6)e$P3;ROtD}o9h=@m+BISLu+Q0NACdFl@yCwP^KEfh*>L>K@>Ar
zU<v(6_Z2WIVMSuI#+NpLKT~46Iyh=L<xO%_X`_BqlfaXoTaU7Euw{5Fg0(WVR%u%v
zA~|CaG-N}P)T>ZBUjv^V{Q4T7O=L!`zT3S>nGkw2J#I#@Um3S2=Gu*?;YNq&DSHt?
z^GPOxTdJHS&s$f@gqgWzvuCw|NN~wm_nEE@qUOGm%=_xV%92l-UiJ0}|7to=@jTdx
z@S@~K5pWUKfwhj&+lz8a(T7NhwHi;#K8{4_OUsF!eg#ReYWYdO2zO!k|7rhW6kU|9
zKzO?(KBXQ80%}lRj-b0|-K0yFY=&XNVNkjdHdorkqWqj&exXm&f~f~&6$$FevXpee
z{`QDJCr9XbJbVkh`Wh<YUwRQO8tT;~l@K%VVMiv@VcI15o!$124(wlp8_2O&MQctH
zuilQ&0eOmZj&AgDvLG{~;H?+K?r@0oDRuI$mCUlH<?lx(EdE=dJSst(1WT8yPrdqe
zJA!4_ZS=sS;W*U>z1|0EjrgGt<!UQq5WcBzRrJg}qj!a7?pa;wC~>QzE0A-$01L1h
zOTgV;DIP5}g6(;$4z$yYiELjMG}bL@+rE_<<FQe_YQO<rF*84cw$fKX2*Sw{@9yWv
zr`AXXY{*lm*Dr2Xxvec)NvcH}+#dQ3H@@|9<AE=BdjXQ<D_V8w|8SW0&s0%VmZK2k
zew*kouZ+6ou0sld2!D$gC~2XI^fEInw5>^)PIUm?6>^N?(=+l<|2Oix{e}Et|3>~F
z=>H%;p8*8K-AK;@oSU$USfFx7FlicR=^Zq>{HMl;@eWv$xAd)2<K(J+Uy(4K%eQZi
zqrfTSi-7(RXJ^ujGaz?obOmT)Qe>!spCTM9If$u5{jyT$Ryj*Ec8yB^>w&T|Z};E}
z<DFw2)$c`9VFSt>oL!;ReKn<;X>yrDoGe(i(=wOpZ|P5|l?bBJv}hH|dWBvm-*dg&
z>Jr-Txjqro%1V`eJLVzVQemju_9g;vhU?<dU#E1eSHfQt;Jn6I3zzomjnHH?JICv*
z%p0-got97bj4QJIgpy<vIpDQ6d025}+iwNI8ph85`d0l#K&4piX=S^mCrul+-iZ9`
zZ_C8=V}bwy_fL;|`5~KKc&z!3cWOJokGi6eB@B30Dcr?4xHR4al3OrVIyrw)&2Xo_
z$b1g;6ClBw&P+CZh=p6+q8>~gyt$w0sTjvIZ9E*7*qc-AW7@Mc8)y=VQ7+vGw$e_G
zWp64{XZ5ULqxOjnZ5rfiN2sY_BSs+dg+?;{GKgN+R6&M^M`CTwZ9zj)F_a2RR}nD3
zn@352^!0&5p5+bm4$D$fB;@iIEb5ihP68vedYQIkMS3DE83)8Sc4m^v`TEd@mCIfI
z71=T{GDV;6EfJTV!c#Rq0=<5A;HmNDSBrhl3?2B!nAMYWdlWlIQ#+b&?wPLDs6;S<
z4BZXUEXmNuiu2>-(^orSUv<eA&cR|<`UI6GSQ;2uze(CNs#fkM`WE!Sa!}MSEri@G
zmMk5&9~^eV?nac(chzLaaQ&cP1*cnSC2JKZ+}2@TM9CV456<;zr*$<iTY<Mu%yFX{
zN3$N^b%Pf>9*}B(9a?pa$SscnJIC{0!P?q97a|TKKZT;Wf@-GH=Q-q?vSQ6g&<TKQ
z%M%&HMAVY%*TT7qXA{L;6!z5_26GKznW>%1^(6f`Wnk>+BRS;<p5fhZg8De9L~>0|
ztdKB!4~?2FIM^$2b*S4LDQh}Y*O6;GKYj!(4pB$5H{lW9U&F}7%T42iyh`2uEn{=Y
zVN$Ptq+w_QdE&p=Y9)s&K%0+;G}WIE2SXEIpskR^#+CE+4ppOxYsPqFSL6~-)(906
z;#K&RfJl9i2=#a@CQV%QnSZ*CZ*J}jtA)wQC<DlaKP%~TG^64xc-1{FH&H6iR->Hm
zOx#(iCXRRpjlmm>wYHpO?sSzV&2<mw-f|?BS!vU8ekxx^CuQXn2OFIa<Vi7UCX`}D
z?Cm|jBL86^GEjJhg^Q<LP+H1QSsI`tBjBE2(yC3ymH0B#$LX_-lT+oEY|<3Xs`##A
z_=_Y%JuA6QTfE$OMj_5!#9O}AsCVp_<84&hn!?r$<5F1HN(*{2=+He)>I4!@(ZsZ@
zIdLTg{U~l!RzKlC%kj^VJh~ojNRJBM%f0y?u~|j&gfEv=uD_T5=@fJY!?5{yo{t~!
zgYn3t`-1GlRXXQ6P^?#6FHuo{hq&vdDVVrl`lbAF<<J3w8_I{57=$~vJKa)`t0MAL
zTZQJo472z{)F6$=>59{k8j_OGy36EjlOj_cj+S3rq$JJAyI`6%hD0V{lz~Cbn*wb$
zUf636I$DQ6tMZ^#47m0a4xO2K+eYwfPoBU;LWWD66~pc_`K4KkPfG*GCqzj&3_Hvw
zQAW<$8vmz-StZY9L(re)BgA|?8Bj_vmpYCR+-K5OQK9z6oW2^Pz~^@<YXi;VO1f{r
zIR)Zp$+R1Mr6uavomB7pyOfTXFLwnd%^;cf!Hh<zRHL9J%SR3K`&J<XX1-(kD;*-l
zH1Sd-DJxM_W$L2UcrxveWLt&HqQN6*N=x1Kg)zJNo^Mf4&hiI1ZCu;}{QzSlZTO%X
zPJkYYHA$}8(Hg0U%T|sFRb#&Aus@&v-Ee8gurTx9%*xWvQ9#F=soPqqMB|$uIQjtF
zU~Z=8^Wqu#5C0qa-Ty-V(0?O;ao<14|1}JFb<SePYQB!&QI=wX2@o3Y3};Mcr9sD0
zCv^pTYy&Dg;`1>k_D_%7W%RP|acnQK3ZUpCFst6N<fM&L^+ig*`4;b>W9_~S8InM^
zidjXPdXtv+hP=h~X9t0@$kZd8Ek4rf{K7ye&&cq_Y3YWY#)yr<7n$Vguls5`{WFUE
zvVx_H3k5E(D+mdR`7S?YX+lX;`g76=^-YlhNaYpSE=t@#rGc>%)~d@ZOG3sDkq~6Q
zzdSWCXSO&Y1#QH5E!q%qhQUh?7(LMxs+9op=uvsZZj5t9Z{T1?+Az44#s2DLPTjgv
zP;2_hjETX%`|M8*5Q*y*;spk9L)5Czv!#YSa^(hpKR0t>+7`_gd*(W8Ykoc2hqqW$
z(#`EMKm+jR)K+h}n{wWq;66i6Bzj~kep_y%J^WqN_MRVyYK>9>-`xpesrfXdkJ3i}
zW}V-@Da&ozLQim5oI7YJ8{t<}@Kjes*a*LgtRX7K$pe@JJna2^C0|;|bU>)QQ`O?F
z5?GuOu;oMQ(JaOMr>U%$?$dJBJN~5d;3$tYD<a69Ury2Qv}FW1v@71Pm)usQA4_4P
z5z<lcBg$1*Z`f=|h<yn^Kzq&d@eT5?)n+D(&ATt~J3YnTWo@Li^r^|MJ1Zh?2A6|;
zxX7nRtBej|#bX7@JhHBbJ3<OMh(Suy*^qPeBRu8&$|R?`p2ugLf`&1wpPF<1k(MhQ
zgVi?Ti5HV%Jy{khYh5r4uvl--i=}b&<a^v-c6IsS+$j&aNwIvdbh5(xpe~{DS+-R<
z+`eAr4xKGu{>81B^RU`e3M*@Tx+Fe@?Vmo9?GQV&2kMvb7_}qPCe7W&dON=tpG;ZB
zr9&;SOn$<MOu?OHRXl7MK9Tth6rFC6EPw5NX(65HXrY9JNO3X}Z>CRR*)!>XOjs6a
zAXN?7B&4Yu%90Yz|Dc<pMss_1&WIbAVVQUte^7O+tfBYf6CZxD8`Z9#Z>QqIG2L;5
zeS1xs$|sU5Sj8Tsiq#cvLQ7~m1?$)99Q@E&A8H0<TtqduS9wYDvFGpQ;aV}U1ew1@
zL%FV)O>|JK#S4YqQ1RC_d9=7+<o~>=mRp$+tcG+aWGqHJRAsVzAXM(8wz(0S7?+N)
zLY+z!k{x*S{py&Y0jQh$+M5xaGIj}MzJluVlg?ev)^Dll;m>3#Fs`>m_qXL;iG>TY
z>wBzw24wSg5JIat+z(F-=}fr7lCZp&@H*jaJ8p;8_8fOy@-$x%i4t8k&Q%UHbX!MR
zuBE&$!^}!RQhMv$*Q{J|IN**nt@vaU!Pbt0Euu->LQx1hKzMkJI|;SyUK$Ts{1Fs9
zpP2~d6$4jyJ^VbfKUPSHK@j87lW5en6|P<HfZ~<`^HFUP8k+Bs63WrF;Do9blIHRA
zaX!>}*2K<KRkr`cY9smn+b&s-+uX>vmn|M%y)ehuSl_Puk<tIi@pBTFHQ+1F3=EvX
zq#k3T<tcj@j5R1OoY{W6ZkQ($Bgm2XlD=GHNqJSZRZ?GuoWo1G=Z?4`wAhK!8&;}4
zA--AV6H~7t`ngdm+84Iwse&{n@;zPB-FV}1n<Uo5dNTdw8z2zA9OqA<+${QPTga#9
zaCL}(bzrH?%xWbk(T=tiff)@cPJMLd#*%6jt-reb`%KhunQAjDOVZ+grCy<S>=g~@
z?Jr!6whJMlKqGQf)`0~k*LIgZdKxNyVJ1J~&J6pn+Mj4qO6Ygb(LqPCT+6Bca#1BC
z4gJ?g6D)eEYr_6tec@*EJ#C`}5SJIOk~)S{f!A{vmectvX4;JMxQEMZ-9Hkw`ugww
zc%59t6H&@#2z2m6hH5Hj2mm;t$E6o9jl%?OGFF<0d{a{$IO?TQ;XPv+t|OvuJrYT)
z9p_R};;V{(ZMFU6VAI^II6oF1i1^uJuJFqDcPQmE@}K-S@_YP+{2~8F{z~_Mkbm0?
z0^<2KtwD;G0;K~mEiA-S<(MB{g?nwVSp&E(`R5IbCV@9%<`tFN{e>02syGN-H|a^H
ze?2d8Gcb>l67^1b{>s0e;s1W4jpXHS^HE*v?;jKV+rK|wh8r`|{(t`T*KdAe`V*^S
z{_pSq{;Lj}U{%FZ@++&=&bCs2Kz}yeW3Wa)CiAgUllIfLidP-icq<-mO@t@>mg&n0
zH056BM^;Y1`#^w$F+E!&D|9|~9f5XCR<FcinaB0#gdy_Qb%MPtzxB>-M<lPA32zn|
zBk@(OLmZmP$l-f5aJI<3qdDOUH7%8!b-u<jSYkL0jVcuf_wb2__x$opb@g=A?3dBw
zvfuahwC7;ofRX83ZG^>HM%;!)c-zW|x3lQ+4dH6ZC(gbewxw#lsIS-V4{K$&Z=WpW
z^xyIqs#4xlcjVennT+h><8Ba6wG7nlm$5(H3qG$lii-=&sl{BAlraD{TWc57?KM)&
z@$W;AvG-<5q)1jG?l$XgKe3Y`5~2t|d2w+Fe&8?XcLb=@9`_ON?e#4`B-W^OGIx`O
z2=^F~WXV>Gpb0cggX7+`4VW&Uu7^LShvO$LQ`eV#5~(-o09(LX{Y{^<P6PorSG6Mz
z)-BfOw@+NwBZYhy4CL3NOQ+`UYBpDfvp^pev|QnG%KtN(<wB6|^YHl83{GQQ9~{Vz
z4YiS}5+nU#5RA11DGgE{&eo&qwK*mZb>s=^$NoE@NuAI`F2fKRAz5+{2$&v9oY*^a
zojEX{ni3)*;X!_6__kS)NU#@e5JW+*jzM8e$GcV+x#p~s%YT`i2J{qb?Dy9^kiW*H
zJyDG?(}o8}56AhI(a{MQi!Vb+a2AtX*AJECqk;O2@CYU`i+r^=W1Xc(!mN#VpdjXe
z5rl9Whnpcv2;haBNY=j?`GA8%NU;e6ETr7v2^&$z@A~?oUo35&>i8Jnm|K_wLg^(o
z1ZqD^cQ!GdR-muT21BJE5zH`;Hffo*fYJN)j1DB37h@&CqC2WvKF`&8dXQ1kkstRh
zO*|P2dXs}ywWob0B@J8SUQ=XS-rcrIb^-RNp@$oH1Ru}cR8DS~d#FKHZ^jE+uNx<P
zOU|<{e?UxXEkE|^d~uGy{`z|rxY{Uko<yDTfH_T+1ixvF<D=c^uvw~tqAv^GpPwyH
zxF&Ho1ZrOp4`BMo4p)ZayTO0Z<Y-AM(f_O^cq08o#$5;<Yna^15v0{a4KKEe2OSgG
zjUPh5HrkOseieb0Z)CC9+|bpcvqRhw?5q+8ErLQiUtc|rRz`LeA&JPwI^!p0Is}f1
zsiPk8;2&s!X$~^HZC#Op(~kfCCup!Usw)_MW6(~4p+g|DrB;sdURlc(E>#xaJ-_P(
zZw;7R`C|r)obEYoaM%ul;q6(bEWOTj76-bmrL_s&D5*cM?3e&*m(ao9o^sNo+Pf}h
zPmjX`_Zj^0IsW#w3O&zHLZq7g0~6oPNdes^LqsfkuWXTsX1hMD<j&0;!#zSe&Bqkp
zbZesuZ~q8RaI|cAh#^^j%6a<P<k!;BrnB<p@l!RNL#ffHqp3)7^C73b4Hxs7e7zE`
znxZ|c>Bl8|a2;H%DZkyMa%|@I1_)$DsttDFy5R)<)I%D&B6-dAX|26&t@-o0%}Ikd
zZ=gNVlCmEyEs}oEXEnwOrZaQByt|$1Qc(#+VQbX-RBO3Z?;lu?hpUqId~P!X5&kS2
z5rH~-m41Srp}jzYw!1%0ud^1sO`pvbVi$5~#{jF*e_)_-Bg8Fe(n`(3jjBpae9Dih
zC5AfM*)b<TUwOqWJR)Bwg9rV1^r(YtC>z4USg_b)VbGgv<dc0v${Uj=*`jaONk3<N
z@3Qoa{IB)?Gn32nFXRvYH}coh|AYLR2oMlc6l-3IfrO0gb0#}Tg!7d~@Zu&EMShFc
zF^@GICuW5<xbx8G68JjzVSJ<cUvLz&lkVp?HSQ_yfPM>c(}Fg}W6R=~wud_9AffP1
zW1v6(Yzf}|;ppYvgIZ0q^X-}S2V0oe2CJ2}41M*LxHA!)D7aS<?Aqe3WaKO+nmoLP
z76&wz_3q5^5dL96P~KFVgXDg=jBjY9zrEOuA&)p1KR209G6mDhVYHsP7AcSk*AnqI
z-)c9NC+Ukd?B_iZkLp^c;nW!@EJh~>%GRWeSy|RfR!`4E*|$UQJ(WX#gkklrH}x|!
zbq-B->K><|<|rPSEfDl@f=Q`-1(;H0bFu0A_TQJEC|%{8u7l$p9E9U#qEqCKnp(v+
ztl)f*lwpUNCMUn2JvhA+;WD@Lcu}a*EiUPr7bzd`l&osUk*Bi1d)Re)glBJRe2UlU
zYTvkbp!|K#90-7mi!@e5cdX6~Oog2<&V9R+Sfx)8xN8ej*f!!PenFHS{5B>TyP9m+
z1IpsnWv#W`+8an8^pC;UuKWFe7vmorGciSI8B_kELcMR>M%G$6abO!hOUia`JaW6L
z(#P3|-|-{=I$q$!H(MZ@lnT;(yd5W1n{8V?{&WB63W_GY`DPOP51KuOKZ#RWa;e}@
zUM_;g=Dxnxg<2^gH;+0A`o>%%>*E#`HR~_kZ?UMbc$wehM|tl$-+`IlL%c)(K>Cm6
zdZr>LT1Cmy--~=ovSq}b>)=Es!+^2OL33Lpy^K%e^8dxxTSm3HH{sq$i%W5b;_gn7
zQi@yAV8vaE6?fM{afjj(v{-Pb#WlFQOL2ei?sN88@BZ?9%eohLNV1aO%v^KL{M(Y`
zJ3fnwwMm#heK+K{<A(~~-L4O;ddJbFfLj_dYis!Qc*Hcl-@vMhZveFt$L`dxqRv1R
zW%K;5-L0<^notsu(`fc^`t{3E7NQoO^h0BUmiX&}ppY1UBnBqQ$k%W1yg&u>3{<Kt
zb9myo;_oFDkLZ%M@+am@SU9C{6pvI)s=DyK;%~NF#?q<<1%ImylbAfOdOopL^<;|F
z)^d*tk2#-?o+zC>s_GTSMgP9zPMCH`>S^+_5kj8qKn2<B4|JC#5=6apYN)AYMQkpL
z`04rE^`c##u7VsVpS$PLFg~>g1TOuQON!hwEYx_|#N2oLvco|}qu1u{`cv8jy!Y%I
z!e1Lg%X}lMsN1sfr|^lv<5Q}%khGGPPSzY+sN(f46GSds&z(9WSgl*52)Tla!sOL}
z;6Ospy?fHt!iZR2=m|dO#Pe3;SJ8&29~_M`5#YB2XSrPl$0RGcSsB6LA98V%a_l)d
zwuYaQ+I@N|%v56uuZwM@v@q=2ee4!u#Y}}&cX~)=*1wU4!UxoCcv9e;tsL*CqKC|~
zDPhg_MdFq|e{JuU)Dz+-;<GR*YxebE(nn3WJvk$U4`PzXmujo#gagG=kRkpy#QfX>
zaXVV0Yxn%hPC;#CaHO6J%UgRBwaYa}fFCIShq<qvP0_4FEL--MWg+t)o>-}kjY|DY
zs+G>b95FX*?AoB?(uQh6=sb3#)PRQ>`UV$OH?CkM1)dUDaXCo13krBzldf59*(yts
zVOb6}e~qJ&f_!Fm;C=*Kvf34q@E+OR#F&N&71@9!#k_cI`lO%kybVtsgmTs)J|eo8
zG}82JyOj6e-v&l~cK}>O<J|$i{W-5*3&6JGD&@>TN9t!HPWz`QdFEEfVtgTvf>9X7
zr2@ew(!bV8MHdBbp)DcsDwT!j=08^<!u1|gLdfT=k#fJFqHQ8jYZ%by&(<h7eT)8;
zK!v_NmY<p?YK|}Hqr=ZEFTr@3hznuzRaGTrX%Y3Zj=!zt(KFLe86cDq^jF+hc7WE_
z;3Z9wltF}k<WwzSihUOQJu!hsTEw61S3;=mEtBTT`gi%sPq_ouUr<Z}NkO61531he
zym|G?IJ#8Suj(v)U&S?VU4MuB;dwSR-5#gNv&O_(`60w9c!;V`e(*2(QU5pjeg7eU
z*ni32w)rpl-vB4Gm|vajV-e*-un*?vggj*43Sz2cSIg6Bsz-x2`|Cyqj}!>wRYe`}
zR8!+8tVRX{l#_}>2)y5Xv9W12n_64SJb5#dgxbMgPCHd{s+oZ#VE-i*68%8%8b%J%
z>>(k{N{P93v5Cn2zTn(sq3p}>dhqq1%Zr*RhwVz4nqaFyrplsk_PY~v@h0mfRt;JN
zZ7ynX;@&R=J$rRk9SSZ^Jh~l1n$BvnlKPS04~<pIYCRg1+-l2y1eGYX7#N@WG=6@>
zuBF;0O1iAWI6-HbZrIiR`NM`?_dxcUdYuVAx45{?arsBn>s)RpFVc5;T8N`EP1E3j
znz*0w*Nt|YA2!OGl(08JT^f}3>?Ft_jgZ$3R>zYy5<XUets~Ye!vVcsyA2<q7w~IL
zX@0Y#C$)dPV#vtyLcyf7Cs_kKJDwS$5q>=ttPx;^$Z4YrVUda&=HXHqE3|e|*99Fs
zMx*G|CftR^w2zo)@ce+C)zHigVrulNE_@Z$avkY=GV=|2>v(e#w?L_mU<|l9+qElN
zpWWLfpQ#cqH-MGY1mT{55kE`mgkU=#3@$9xpe(2#Lf$TW{=69f_;kc*YEVQcbiCMP
zOiy$7)#_BAJc%i(v4*qXFEH63h7YYly<BUhyZh}sFf-Y6-ze^NQpPe_V-Mx+{oEv9
z!|>Sg$%bk|d?en`ycWqfIgO<oSOvgh$;(qNS6_E94x%2K9;gZcOUk8_aPmMR8Y?cL
zx$x9hwL1}yT}Pq{TiqEbTp_fA2Zd4jmVPpao?379#8?E8KISpiJhe9YVB^4H9Fb72
zTYsj%h?XUL70*3yXB&MxUh9>ACaSNTbk^?T3@1_U>5O>R;@S6JP3^P7Hne5?ZW9jJ
z)tbk!Zy3=nSrr0C+uL1Cu%0Qwn8ITep{#Im;HYolV`>TnY1qS8V!zSlal3uas7ZHB
z+A2_y7(#TzE$;Ab&bG5WdkC@D2IhL>uRxc4n+H8D9&KKHbg=k0p8*$@jg5%{N7=4k
z(4K_#*HhQZgX>_i_{`h^aoZ{)(13^D0Tk_cTYODlfIZXtT?0t(X{pgGHK)oaONj3J
znvNCzF!GTihMRxN#koSVNzyLpafy7x$-gO$T!k>bQd`2_UG6OZ;ZAU>IsVyYf63p8
zt8y)Ql*)=Si<&`AtEIs=Un&{IZk}99At#3iiX|l;$zhBLK)jCmJ+%MDyiCHF+D=vt
z6qlE}_dY9qm83Eh9E4b3UB`oj>{tp?o>(->)d!-^cO)}2rVRn<kr&fH%H*x4g$dE%
z58en=G99u|;%43NCh`VGjRm?iXRJX7?R8=rjxG-t5<g&ekUD6$ot?PeIa4VvAuU02
zX>~s^lPxrT_M9h*?}!1X&Og*jd_x0sW;~w*byysqmxuP0WWm!gnd2%OWPyG<0hfoP
zGon|&TcbLBgp_R98ak;A2<ye6D+T)D;7Yc7QN5)bun+YsIsZv*wPx=pGbYgrMP`c{
zE>ids-Py;@ZFr0mW!e_kN}K1yguqlwKV6di*8Sy1JMy2tif9-(a7otf&NiOFbcpB9
z+A|irZFHx`Es|GHv@U{B7U)@+t+~_-J}OH$;rd7p@E@aNUgW)@M+5nC6k|SgW6}2V
zcer^8iP+lep^y0wMMhexu2x*nt63>{>!22q&2eW2_0gZs^Qx~|zcA#q<rI5E7zPI?
zVMu?x<iZGFrzcGSbvBFs8^$kaL|F^O6fKTEq)-F|fd+I(Mm72%uptsWEAHhkFLL3!
zb=;pBJdHX*-><@5uaThDRhi{q*2rt=Xc_kscx&eH*f3ta59VG0o#IY>B|18xTD)RZ
zT%N&RTY`=Io`JgjuwOC|z-0BV@$Kaqh+4wSizS;vyRDfoq__MQV$NR$(0Ln{Hi_LJ
zru1`xJJNe5>5n&opZ}5{^M8}y?;rAq{+IkcDgTlm4iN^%+5Fn~zP9Kh+1m5kLG$j<
zsU4I4mY9dCG)q~@S3T$yH2(e#nV1lU9&5IEQ8GRP&aZmfpHURp4#=g6QJ-|vJ2l>d
z%G7wJTB#~EOFk*pYoLm{M`SQXfC1E^DWXtyS3U{obZaz!E=xcz<misG6Ba3dxlo9s
z<Y))BH|aE$Pd}KN0h^BGXP6J{`k`v8JrSPFqW3=gWO3nNqi9epsU)aP1Rr-Vc2|A4
z=@`akVN%TXo~{Ot@F=dqCiXft#vXhZH?^lTg_PU=?}HHPrDH6UG70x~besdYZl3Ry
zR%Rd6kk9$qlnZsZ+QJ4cX1~jcG^ZH2b6Xs2DVfF|`FOhW<7`^@p3q~O2V(QuXc{!x
zzK`3ulcBaZ7^6$axja6Ou8qupw2{XH$<oWXz*wuoseW{d$Q@vf!mRb51C}h!wG{t)
z%5mbIEe!=1SkTZsv=d6%SLq9WGUz}leZ4l-WD?{`$z~!Q_SN=O%J_YDX_F2SD8$uH
z89}I;f1Il>1ySIwkEB%CYd&jB#%zm1?J`KSi98k2{-k8wdp17Jv8Milh~t_tmC}m&
z*}b?5lYBfkaD)vJ@g;#HUQcKSVbQaXPcQMPU&zVQAgt@pV%HFf8fz{Eha{ppQzM$T
zo9&f#?8@|vLo<Z~0VCVRnTkx#hoRjUL{yr=0)h=|;}8A^K@|d|*qe?f3q=^H*BABh
zu#t(7LCn7H>3VRU>;lo-+tFUFu=(Su-Uf>sDgOd>OrQyB%WaZxU2S9)W%au9ClPvy
z+Amx^Y`0x#nYPG}5bDtcggVO;BprOl6ReY09)g1DclUFWp<Y3g>Zp}`7gf}$uT%00
zHP$c41};`G!Jl;vgwsP`j%^iD%rCJaOqtj#<vzL~VU86*gtHkT_WV*=KS$lJBb<k*
zd39A|c3Rq_8&X$U3|4DW$U>{+5+Smryso^rvx1<gd>F^TC^B0BeQ|Ybj){<<9ll?v
zM_<W#de|JoA4Q#=nlj#rOzMQJ0v}sn8&erX&LKA>WmLIekD!&}i=|dl_e|H7ael@M
z`><I!@_Qhf5@5bGxqso3<`FKW4aMaiH{g~7M@Xs0y3dgzzO(w^1p@UIsxDMTf=}BY
zDmyhuW2VFQ?zc<Vfc>*4x15wBE&L5770Qe1Ozf6K>in&-DLeI3Yt}cF=!HTWr)@rx
zdQd1-)eZ`J(D!DNnnZQPW40qZQcy^7sCT56FIBQl`aqR0ZNhA;@ii+(X*)IrlOe(G
zH}IoLE|2%jaKyU@N-Au(tz4i|skhsts;t9)CEM1^O+oXGVoFmUOa(hJ+5N*BDz~tJ
zCpmce0gJ+3e}pO~p%BMFia8~Lhy;|8w5sOFzMik0=wE5wac`=~0-O=^HQ{4}vdQ%+
zkyOmCYE=>By_AyVGo6Tp#@@gfH+=fLa4)~-NOi}0nWYOCE0j`HL02He&vSc4Aym5=
zpOj!#=tCTI6s;k07zhtyYS(-vy6ul%Th|n9F;osg$6J|=l}hkg=3_^N|NI>GYCiNS
zdM5;seJ}nTzM+SbECqKuKS$gn>MVS$adNNTrxDLa-DABm|1PqZeVkFWlBmh@>Oey#
z$j^)KVd9DC?Up<{_Y<DpYmFk)uW)RZNeivFpm5Qg7hl45xUjblNfFK$a`>NqG!Uk;
z)_AYUdotXROrbiuXg*V@#rAU#Dz@6?eo)3_cIFmw6n&+al)6#-Z39~i_GDx0W;4l_
zWaHEV(=8kfCbZBhvDgevwh@cLy1PcDb-0>~s~HTN0;&s0$ct#s5TY&#b^5`!(eb{~
zGSgg>jI8b)UJRDo!uWDGw0>q;HxdjEV9m^C%%P8N0+8vu+tAxoE71l0b%SRCN3lFq
zynWXs@~SfO9oDDa7<5a@hvpkKHXOvpHw07B1`)hzF)@G1|M7p5-~S)-hy0iP1M>fp
z-z)~m`Q3d>Vargz8c0?(5~jMp3bhg7z2ER*-5-L<63gGa=BA%Sa^5g9kQ{s`hot|M
z=iMtiL6TBi#{}Zwomd|S?9_Yc?_DNZ!|C+-fT_9;5e;`V+n&!vWqF9VMm-zDG%eMD
zX*I8yBfhqHs!X$jg`DUz((@VOzq8HEPUciy1OL<)<gu)0qnJIdQa(3d{pGvnc4RsM
z{3Z+q?hd*l2DaO*+-hi@W56%o#&tU_G_*?mmETqb8}UMUNuhn6uem+f*^qvDKd+mn
zH>G_^^VI!YN13*LvS+Qte(?6O1=40QW?%X4n2Lz%xf3$Rv$t=hx{F+SBVW<67q`6G
zkF0e@uMw3FPpvN!pnd<SdAAq41kCElV8V!?e2XqaKia*y$P$icpt6VGMh`8Z-MZK^
zPZ?D_nW#_^*(LteIWvL`%;miqQzPbP3hrIIoj9MC)zfcbN+;E?=>?m+h$g&>pN{i#
zcuT=fVrXag3hSkBRHX+h(h?d!fw%IT&NDr2KQL37Vsu#Hbh>vjR3zCuWF$@^KOyv0
z30~Ry!3o*GsM5}*;QYhJ>p1_%fVQ3#wn#3%GK9wXke}ieI#7)&aqqf<DtFtWG9cr!
zP+}mzs+y^OS%i45+ah?p^SG6cdN??+jEG{?<)d}yX^_hpe=a^ei1i9F-Oo!HOere?
z(oRZ)In(Rm6~e9d<sKl5`^oigwOOd5Ir|ziL3wo8jY$OfcI_mde;3C3yyG+a<XkT#
z-vb4LUt!BGP3Z;`cgQ~cAH(C9WY8Q^#be1!+9r-sqwZ{xWUyC8`oXww0N6N)S<JkB
zZ3Rj;aDT7S8y~@6O0ZFOP~d*;fUm?tT>-BY>e%Zn2T9j}1M!!CGt;7283D1VX_IOI
zv7Hp|dcHo&tFaP&{nN;|xD&t!=CF<C9ixo1IJC>X7y=2s{?qE}c)%WOk@G_7llCV-
z9ju8a;ADwLPLhHo04h^|-hs0C2KFrd**8?ceSxu`^j9R=V0^T6#0?orxegkgsfxgZ
zFlE`{Kn6M4G6{geV<82fr^&<^vV$ox$wBE?)m^a`3_0JbG=0=@eY58aJT$!199=Zf
zpicfpMa^Ztr;~RBNAefe`2FFqg9@kayXK>}HFjBt={cfBsr%!F6%{pARapVP8t3gy
zo?0l@J*qlPIeBlKF3(a`sC9bOU?%!%6Yjpp<I<E97ZjQR+LQIN+&MY36j8p2w*&5%
zOgdJ5LhTBj?PJ|%7>0X;3!Cn@8`YoK4Jh6nJf39KxVrXp7csM4sS38bZU<6@VizHg
zM7QjCfv`AdXZlm&v4+f|o;4t4<z<NQ1+buwg?CE}gGe_@_M5?nEl?rd4a#qS>myol
zxu=bz%WMP9yLSoSm<|bLKXgC1$1SE39!{6%^1FT|L5~e*Zz6<vaEAroieUo>5_{@u
z6RQGeXs$yh?6R42FeQ!}YWTP~C&XQj6g3%eLbI1i;-qV6Y4%n+HxlY=UVKC?9#b10
zm!?04>4mU%S^U)IS^+|qwl?vZ^Phom4twkh_(A6E$7Es_>%*J9nNOZ8n>N44evuck
zflfqzs)>dt+7AEb`%Zm@V`Q;?Rp3#eV4C}TyqYN^ccyF9lqD}7h>UOT6AyrI1PaOb
zFr1saoUvIp#dR&Dr$~7I2~PegYF)Z-t)515DM}|BTDLjwKC)&;rl!GeVXj{$a{$dt
z74Nv9-uvvPKBax3i8szi_7uL*$kx#EQ__b|QDgM&YBW9HNVNZ?E&1a{VS-m~H7aJ+
z`U_&}G<CtoAt>9o<KW_r+^j`05@UP&4;|2wTmq3!gR|1&Fy1V+w&n&xY8nyZ*X2L>
z)pOQ~#sTFtw<?eD{_ZsFX?LE~$rgc(`lD}qWa6K@d~KS}WVxt5QKLCBUF<@+wLxI1
ztMvU}^2_{h@(27w{^0+TfAr;F^3!+1z$BP|N(vynKZwjFkVg+G)2Mh{-w^xRTbV^t
z4U1S<@i`829;nxx9dP|LEA_;=xVKx}pI_Ur2P+IP;a$vr{IxRbuGwxplNbu#9%AmF
znA7^Tq(|^p)yI1zV?y3h!_kSlvPpnc854|gyv(z90AvCV6_MJuc|q@9!vINjcIJx8
zAEpn^<{{R;)A6?#kNdJ(h6iVwh&RPRebxP%ZcskJduOp-MYI9sL7iuKauTMp%PL{3
zha~_u@*U5<>Nd)CnuE5j!W8k2CtW|(u+mqh{l^Td<JJ0dE1;TA)3v_op|?EWy1_Bz
z@n!+$4vBf|5*N@$_kfM4?iy|?`;hdwqSR5HzNw~0C!x*6uP$|juYuxotM@$=(Y0+b
zKRLCj+PXp~QVRiPTlrLcpe@G<*}+%TwK!He`rCD5EiaZ^ww&r`H1D0>-XAdZYGx%U
zmM8A29&LYojlMLpoj`2LDo!=MZmwyhIQVrPbIJ+7NLk2uqn3*0h-7Xbn{n6QUV^Od
ztyhtvBONJ)fB`qBr=J^<$1BScMx37S*G)-BMD=j{(BMGl2=U0d)M5Q48%$K18*J^*
zTpEve3y?uH4OCsAFvO}2_bfxd_4eX|47!)%TML-9TKYn)=dgDfX!OjA#@*2&g9-}7
z*q>^pTsVI^9Flk`*8UBWPZTq{QQ$4|wShLVocwlYZi}hVTgeM5nKqt|QQNUf+<HlY
z$Ft5AvC1W^pZt}vx~*@GPj@9~W4!J!6dH0J_VY^YF=MdD1ZY_TOHg-1s%}eON=<M+
zUIG&Oy}1sT*hW6BPsd6QQ%J!tO!K2Tu3+Mssu;W*qd06*QI2>^C3KFch0WZ-GG6BV
z-H~JJ{Y%cizE3~k;a+17B=*wEbBRDl#zX5JC!fSk#mmOhVMw5S_-|ziCdNoNiw_Y+
zm`;v$LB$oiWIZ+IpYd3eg=O!JL4&SIqGCR_f!0}NDGhg&w3C4n#6>eO6E4gt=$}{<
zm2x|_g&v_YP;>j`#J56s7ss++cXqy=Pu@k=gN>&#G6Qf7j8q;yBtxQSs-CC%jm60_
z;`q5P!639mHgZm_7B`w&cCNG24l=Oka)RA$#U*`m)eH>OnK5ctI#X@`VvMgJ{N?U=
zHlI_tKF5AJ^Q;Oo9Qm5b)+^h%h=MJfcUaF6UPtA;fT1-GJw8gpWYF-AKWbI!imq?#
z>HdA0HS(9;=^C-m9u|YPTEz~Q0<aK;%*8HN8G?}-+L#aJ1HHI{4lJfa#X+yFIn%8r
zv=^rA$(IH;7h9Na2sjSU5jsS(e6G3^q0IS?7$mcO$TkJ=ZnlcOqE>U2cCyAz0<ykf
z!(9{U{z;gnKT{jC<7dakIcRxr##p`|^l!6V)3Wx=)zD(~AViJk$Xbv{y+XBUmc`6(
zccis>A`Yo~HdQP?xX8DBZ<=~D)|YS?V*DV<?kUK-qv9kqmO;{Q(JF*MU2h<x5Sh|$
zrzX5=cpms0&}Mo?2%_IoN|jqcoG35y`+T4)$K42JY#SR*(cAJ5M#u!}N}K_<T8u%c
zi;=bHf%l9?20YI-gFQ>_59YRp{+l7S`{@~SVL6Y!!eU`|VQ3g{*8hl&nQyM|``uq>
zY-kN=fwi&P0<4V4{YXPL=ni2g2N{GBD7Bp72??MRxJ*Qw0(CwuVWoJ+2@tvZ59s`&
z4h3bp8+nX+&qiWau(gwz%=$bE78_m$0^(<^-D|uoWhp>i#iCtR*@zGNKgz_5NC4PQ
z2V6DxsLR{<R$cf}JGspDRA#=l2F>2={(5{5fX>Ei2fr{th`KYiD^J(IH@ujgY8XML
zy`j}-XZuIsU*Q{oF#VrLsVl;jgZDXmDZgG91NOs9d)?#HiQflV*e`OTnCpId#Jrbs
zCt!uM|9fMqsa_K8U-B#bZ}JEJL;j%ul7G7PU-FMU!od9V|NjR2zYpwl_3=OyD-8Ez
zg8wL_|6Keh6*wH(o1bF-1J(HN^{WP1eKeN;Jjc(K5C6Wcf1eh()RqMyCOX;PwqhL^
zn|<DW=V67j0LH)PsS!~f#JTblNSmpzeHc$nE`+|U?mDwSeveCiGhS|$RsCs<-L>fP
zrfH+E6vSp~u5dJ-*Ca92+3X>>?AIKpxE@kVRQ7<!ZY;s`o@qFJQX6-rDJ?;)O&a)O
zUmxrBnILp5@PD}4Ww6khojplozd=)$MZ3JJ(Y;f7*)U0SKDZ73?QmN3?2`BJKqgq=
zp0hlaW5JeAF;VMfB4*G+zD!(kC!lk@?O*2kY&mm~G_h{9Qm1%T0SjVR8W`Tg9q+EO
z*+tl>IO!0{YID08AJ@-*_PuWN<XNfVRq;%*kzH<0=e5wZ1XS>>cYNdCpMbxs^;JCb
zZ*S*Wn``XoI6i;ezjVxB1g2>lCAq`897je;b8hWDR__Zh5{eb~u}RhW*@{Z7?M;i^
zY*)&afV6~UrauxS>)TE($k%LjQREV+J2NtJ;(C}~G|ND`BxY>sB#-cQe}kd)Y`#Yu
z$Y5L#v?vlXbl;TKg*EMt6%=FGhuDSHIi|g1R=?6Hv%cSUguNyunh4HjzcZKM^|=Ao
zTo_fP-_54+<`=8~KKiY2+UqS#jC~e+^9Vi^H#$LdzOVbD0k{|(ojiXXrWC2B3b8<3
zsxNBtH}`sE<?Nk-80g{rfa^us0%UM>-6UQ$N1-l`#<RmWzd7v7x2ulsJM}}T@3(7;
zh+V%Znl_N%U%b=jMYYGLn2p9nJ|8j3e@ZKWq{BXW*K|($26lyScK<=_<9YXlsc7eY
zWz!)!yEr5TEd-WKX{uAH{s?osppUkrk1n<^7_-R1@O_31vu}8N`}H5CwFSXtoo(gV
zEBjg*7`3&y(IFxT$X3Pmm0}a?@VJ>iudw?j-F+KUOTd9=Bqg2IYt_F4GKM}>DzC5h
zA8mRb-0fE0yc`}bEP@`S>#RPr+k0Z3@6IP!1sP}5R3#R?o!EU*X&*{LmYj<uT4Qe`
zMU1VplJLIyf}WPDM(@_$k<<_cC`zd2m!4O2%k0Cnd2O&QO!qcLw3l05!*|X-fpD3v
zA{7?fH@G1kqKtD8wn{+Y8fItA9e&1_XfF8^xib0D77$--WimV~bcCvO@h*;3N+sU@
z^J7)8r>`9SeavaBRSlfBL+Nn2_Z+Rkj35_6{;eW2Yq)DNzJpe)HXzri-qr52Jox3L
zVjnQ22neRrqFJxhv}M#MQC`Y<>?)yKL(9o2X1xvl#ME%IKAL@eTh@Lt`Ytj2b5KrR
zJg_F-<=~S6ZlwW^1aj%`AE`wM_Zr<F+TJIXgwx?>3ks@OyT*P&cX6pt_M3aD_oDmJ
zWb*6!3akM}TMoyDNmv6?-tF&QtZ=#l&9jX_q;uZ>HQcOZ&J%R$FLkhQ#eVy?yiTa<
zbLQXtILsk+GHQPShanf|H?53IC?<N*cfIAAe!@(8%@10D>Bh@7=|0qrBU01DQ){9v
z9rIuyh=`9*itOEVG3*(HLA^T*e)%^cZ;1g(7O(&*gQt5|(^ChLWu~c8FfCP`kb8V=
zTAiM)L0dhz5$Mja=FojYGT{=6KxW-r2U16xNa9KE-(=I!si}0XrUV99{okh541<W6
z)=D4b*T>v0Za@86!S#N-%fnHUo;2T7C*%iolq_t96>@hwUR=v}HV<a%Dd~)i^SHhD
zDCh(GV^9LR$jF8TlKonDhd88g-i>pw`?Tf)p4H4CW0uruc>>AhmaN6z#bjVd+M&v3
ze=rAXYO4b6Pw5!-Oe|0MbbfvXT`*M(0&^-Ve*M+WG5PgEz0Y6rTmNtJ2mM3-!2gne
z!Qx-?Bc#B<G&pidUp}goLS7+$BbqOADn#kT(!az5_nkQ)d27{jHG8_)k#_fAIYL$|
zGQtwCaSW61Mjbipmr1mEzL?%^V!m|Bt90=!?H@i}1AE?&r)%1`=D4|W)&9)XTX`dN
z?OE(akA3&bS;@w5QQ*vOpkxCwbNsPb2AqtS>#w83t>otB&47pm^S*luXvNz+4=n2n
z`g~}st79_Wdh|Fg)_dfLB-*n#v-<vKHBeKW%_uh;C?grZx|9-;suOg;a?iMdp;c9}
zmKE*oe7*O?SrSh^)ERFI;zM8k*&TEHV`y>R-HybAWu$-fIpCUnhWuMOk}hESvmy__
z0fLOEzNo*xHPK$Mo#90Yzq8z8R7x?g$m2mpw;k6T``>ku^nErqLq)F;$aIN0c~aAu
zQDog&SkYu)kba?xA+g(JxdR7lta$C4AC1nH=$vMg2V+wAlpW6Ywx=m2{EeLGp6?tr
zu#x@SvK*B(LC`mT9UKIjRM#Txjw`Y5jmNc=y@PC7#Fm{JKcZ>;Ht)qdMALjOtThkU
zJnyDj)GG6PI}LJh-#CO7zmo8l?1SiFe;cqJ7+077+atRhOP?fyJa0R89UsnHiw$Hi
zBxPOzUXH3|%9JtX_7^oa?XY0*Vk3=asp|e*oMR`d;CmeQjMx-(!&5-lreppg@jkvX
zYdIima*`${g~Hd%GLflr@*B)_-W}FgE+%z-%fCHNLOBwdJixZm-L<p*mA#_0?qZ>^
zw0ctBF-a=EN?#zOG7@}retl&{ie&QjXiuQuW`5H5B^)bR<Lhk&cuFQz!!e1J#Y7bm
zV|U`oTUA@3PR4^bN8fmD&!|&Px1~F4a;kPn%sk#B-bfCRsKU@Dg{^z?_Gr&z9x^~h
zT>^8RRmv7G-t=NzOYb;3YwCnTMo7hkPBa{nusXcFnv28gnSgW1_|UIT4=+x;p$O>K
zQ}&prJKT)bJfgUaj!FB1EQQ-CUZHU~a*%}|zQ<IwBNOoNPyQ78tSV4<X-rDi*w6uo
z0qob6evVAE*dnwkIsn>%n33#Rs36z-+gD#V<&q&7L&MF^%)7(q5yMr=vzU|7U@a`s
zgkV0Vya<O1e*}liqjeUR<I5W4c!_)wz(^zLV%t5!tbOj-VX?#En=*O=wEVx3=yq$y
zo@}QyQ17>a>xjT$_0n#jeI1oJ<9-#Gw{T%GSqOcLyD`WRtjCr!W{Sj+t0BNY05_I%
z=VJu3DU(yp8PdHx0fNNU(oZ>TS|}?T`>H6Nsz_KWV}?gyhNr3)<-&qyD`Gs>L17rt
z1vyoC2EXA!$WmypoDo~CH|&Nu<w&Mz)^+5kg1UwM#NM5SVF-G8Vqb`eD8lBt2XWKm
zf(lF1Fu%s}@YGsd6Z02UWMxHkYAi%-d$&`k<r<uc3;gc)rdNlSnlwAj!=Ui{aD{gt
z>xK&Z2;ju_zD!53VwpZj-6cXTtvY|wKB>mTS(SA{?J{smUTVLcAKBc6J>3Gvy;7iq
z3JfRh1Ij20!KFlVWARlP9{id85w2=~h%pITX6W{-HKu9Tr$6eU5BG(o#*jP8erh%&
z6H3D41VrvsI5bC9WB;V2T*5CCyK@K#EIV;^uU-!kNVy+8AQOz4$(U=ZK4vmHpIjCs
z46^p6^{*;|Q^JbFpz@0HoUv?-3w|flG^MbZD9(3yT_2Q{561(haio87;;SpI122TL
zReAOoXP_||E@B|E(c%_;2*1-u`f-<NYUr~&-RHW4bzq1go4*aQR<};BoZch1yQftL
zK@cmITr4#Jbh=V+q;2>9ujc%`>pA4;GSDqUFU=h<1?>iMSS=mGH>Yx6l(T1YeSEMH
z9NxoMZmckCviMzAZ!itiO4oYcT)qYG);1Q80MQZ#<tH&pi<^xW;J2ZcuFK}BdAc48
zmHA8lFaMkT!T*py;J@TwBl(y7C_^wX(P)*|QI}}~?aPs|_fcEcU5G{v4gEQGq{6(l
z+>i23h0SVI_S9~Dj3*r{tS~=<!5RD*MYNcSoN;pt(_`7MbX`nPBC>tkU1|6AHB6hz
zAcKw`JPix2oW7I6*IQyAAF0eXVDnC%ycxs+#Q-Y?!#t<;X!`KdYWc5QhlaikQpOa|
z>6Fp2?{n^#fQ^V)vSE#PEEh$<FtZb<QlM;my7Hr8;TkBSzsu_}i$uMlnon?WSv|>(
ztYtggFyFfVoxLE*QbHZ%<Wed~n~&qMkVL_~SXXv4Y1Ujl3|=ey-k9=@sS-sJ^X$QG
zohf+x)Fw=XxoZDWAE^@IwSdd<ktlT)VuB1h$j?Ks+D2Cu-MLM%%4J}mmu8*mZuglz
zbbc|7MduBy9EbFy_i=qa^T8o#e|bp4bb45hU73Wn0wp|+nOOE<g{`+<E=i8pMx6pk
z9=R*y-2wd*4kHGms5_?|$kk3-PL;+^G+UB=w+Hcb5TI>ETX5d?K8*{Ialjl|hxRp|
zjRsa6SOEjp|NJmr6G0p!->tE<v!KD*-!F8A`m5g7%3!yd7qG(Fn-`&4uUDO=*=R~F
zE)s!&{V;nrOXFND(>SQR?|~{4t6q_Cv7ud;Rdk%snvbJ|irCem!<Y!|3(8Wy?Dk-r
zjo~L=ffBY(RKE6$T|Yzhw9uk*2$Lv<AWtae!_FGTI+}T=P}6iDrli~>=Xg~&DZ6SY
z6UHYNVY*&Jl6Q@?MubvQ8dLp^1dE%m78+f)3A3_nkn|KuR!4s=;va2uJAf*5%<|@b
z4I!px97bGVx_wb{D+M{5>tk9K&n*I-3KE{`?`1wNSmI}bDWhh$5A&#cBRMNU_oqzC
zlTHFh1YFAy-#0xpgy`_sS2Y;|m1JmNOx5kai0=WW6K-xHquq2zylT4*yPz)r{;we%
zl<(e|I35m8N~$#Q_5X^A&Pbb8vxC%fy{qL^L$L1`?l!0DZmsDDBIuUF;ep;Psm-tW
zu0^B5Rn^{WN;|!1G;j?qCmVMgHDbI_Ytlly+`FMcVYqeVS9Pm^d>qP3w>)U}1hxKw
zUR|qW1Wq1xKk~=N(Bf@CUqq;LD7X-;l)Rum5K2>H{X7!K6`NXZE%xiX+&ebkjJO$b
z_r9aj&jy^{Lw`*St7VNupa?UOW`3%fmprGASf>hmW@+i#_#wJ;z@Jmv6DT{tv&l5E
zG*Y1nG&KgqcJVI((Hzc+QLNfRz%e0nWOCAf>8ST6(hOvwq)@IQ-{D9N_8jE}vi9sO
zsATWB4(}C7v+kR4o9S_R1tfQO_8ggFgEl!Ju@BD{xbxqMISZ_tvhN@V4#aJ9xj<!T
zDOc^&_=5w;o41f1K*LhbnAFzkVfm<roYLP9?UWjE0a{IK;v=lqB*DQDNQ<u4^vvme
z+qp8o)1LE2N>U*#`j03X4xS}!=F3^ftLu6zl{iHi%Dqm0``{{8UOn0r%cb8=i#wDy
zqA>`5<rUEdRf%pC%E6oi>qZJA(6S9CEBfHYS}*FeSIISv{DK~~aJ7bu782D8POQv*
zgPe`b1YEqccQ2Hc@ul%f@Tix%-g?|Mu5fzCI0pkYod%!cgTXYu3Y<1J)Ew6Ca`KLh
z*XT%kX5RC>7${>2JTz-vS*<`>3K$A-@FunZ{|u;#RO{Eu$ISlq@ITI8-ZvwJgFv5%
zM{R*z>Ni3Lf3F0E;?oiDCR3#>2xJ35JA9|W2`CXktFp2v!rq2klOZY!ciMMtDE6ig
zJT)N^Yd-;@YJwHJ^7;BJM#BgweHJ@`sRxOafX>>;2qt4q3WI_)gq=*Rh!vy4(40NJ
z4X|!N6hj1@5sXL6S9Z*si5*;e#|_`6Glu4O66-dq5}LYGuon#j^{V3)$?UIhq!W?*
zpWL~3k4k0NbM*<iDL!fcC4cDuCV$93<oEwC`M1aZCI1&x7#P5g!OIKXeiN*YtPWqf
z(wwf*?%nic@aPCH2_!0jR$w)U<v*ZIDBAC7sX9Ks^%l@TsJ69Bfg-kAKL%qOyBG)P
zN1u}H!xx=vcSE;&->#80zMsXS9!&AG?`fWsyy$_I$m`jgo{`6wT=(Xh6p9oH445Mk
z|Ms44dG9_l(0S81W8}BS_o`s<z7^S$p3U>_{L!4{3$XwA)oPbobR4ku?n5h;ZGbx9
zieiiq2mHgu9uO8~OdERoi*#P_g`L$yUY2V^|JR|vE}j`uY8fTmBIW*Q+l!0k*6ZV?
zSHVuWXq@9=6_M*jH}6dhC>Hl%pQHZ<y2V9ecKtWv=s?Ty4E_-G>u4#x?y<+$3P<j>
zt2Khs%@MKZpNDf&I5Bm-4csCq;?&O>TOEEj3l9%16BxqbZVxQdatI!%>4TxFxhK8I
zXI2#nz(`%hN-<Lr(^Yrv!x=qx8_-J$yTt@(Q}3^UX{gOoC9(_$hZm&KZ1YVNLZqDu
zf_G|bmcAdJZgEt0k0)~y49$zARWGjs;+9+ZdP#t8M9KidU)AjJbbK)y{1Fzgv?dK9
zl;8(ezRH>?wUhhew>7@^<2`+xhjqV3-T{!Z01aB1kH|5KPsc4TDta;_GKXt`#rl!n
z#hnA|I;bg9_zVy<?AwW7mjX&uA>?pyVK3JyYY~WXSg(KM0LCCr-U-^F^z7wt)u<oe
z{6=zp^|tgJu$3noYH9UQWr9+eDn$W%^~#c{DS?g-9-h{&o`ewPBVf<_+gYQe@f3BR
zx8~>7BjbX+j(B4=ITcnL9&dQtzAV9>Ir5|BnF3h;j}M)=I_JlNEkvUFfrNy_AgO|d
z+Z))1s`crkBrIxQU=4GL;p>{*xp&u*k!?|JsQ5>b@q}v85k;wEr;YD+%xizkZIDQ`
zpWZ)G<d|KbEO7(p_hzoHG`T%JmBk^s0O>+&sk~A{(GY{ZC?SaRU3m&7q|MPT$8RV<
zIT*0<X9mzv_`%Z{Q9)Zu);_Ml39{pz?Qv)Tz3MyR(xZc<T=oum$|veYdigFDJTHtk
zrWlIFWZUZW3~0m1X%pP@%Nx)t1I{zN7ed?wuq@!V9xNrKn7)wTLNG6CC+uMh2?i%`
ze=DYSr3rWiKk>A9>Zdp0C%IOZojqEB{7eI#nJJ{FW$@paY?`?D1Y-YMfFi<2ekTVG
z)cq4lK@X>eKcD{Wrow(B@+lrfL3FM%5^>T(Jr}OqmiM&ohjQlYK+h{>u1_@koW#qh
zE(5?0X}@ieTm2_3I2DoMJUthTAJ|3_uw)=|#Cmxj9e-r2>q)eP=OqF2XLAiVRj@T5
z;_PvC)jSDFQlj@3{aq!cZ_^WJOf192)EPe9->eSPtyy*g);m^l!XM;v)-%0*<DWp6
zxlL)XZN0h$tDWUvyH4OwKOfKckW{_#d^C)_Oh(WfY2yz;IvYi&dChpLLPa6y3M`|E
za(p+HZ>1x#+NctefQ@czr&zGu7Yz!7adVUi2nMqtq8|uG*887TR#X6cZgB~XznI@n
z-8f&L5F@3AKN04|-#G*JkD8zsuPc<@7f989TOeBm{M&01JiRR8uAKYx9J>svO8szd
zZtmdm^UT+!UHJHsW>H9Eq^2WnDcm){(R|38i#6RVO>yJz@9GuAca7ht5r{qgxSjFb
zZD8>6Av^y{y)@U~|4RP7AauOg_4J^0v&Yc{L1ma4pD~aS)$M)DftE(0oX5|=z2Bjj
zr}(#@R}U%F+)j^_e-|QbAOvN*>>oSBp*o*3S!(|b=5yTn7VrHI(eo?v<@XgcA&%G6
zqE07?-Sq{CQZ;murwTv3{5lTyb*a+!OPvD;Q}?8=)rRv+kPK2m3rXs~y+9Q#@?&Yx
z?TI$V@%#AKA|=OFBUpb0_Ivg+hE40qL=22;bK}3{kNn@{5B-Pye*Y!^VbH(iKLGaj
z94FNAOPnLYed2sMugS-q6(39|ae6-xztG&=$2yqARN@qmFOy*EPut(qL+6?p=r@!&
zkpm0{X<bfXI+s?YbD^r@p|U~Caw+CTqilC3ator$hc@8mhjtk?llwP}DmDlm7vtPt
zog)Gcl2wNNhavhYt@44B%&fr?wQStPY?1t^wl<>u%utISIn^F$@4&H<-?@6HeMe?)
z;njY27Cf*BctA($UXD3?ThZhyg<MDLyXY&By@B#u8>*X?`nH!t&<mZWPXZ>$vCKYa
zq;oY}ICY`nTZVydUyNwx_c|2+*NG=9nV(X37fUt{_J^^|ix4(MSvU%`ad!7)R@t2r
zqNC-C>|?f~1&ngeJdHOC5uRRpH7JEW_BY-*nbXB}YG7MoKO;8M1KYKBWQ13ThyCkb
zHs|R0;GI`eRtssAtn3XYqDe^--a;1YZH?aK*3{T>v}>!SG>c+<BN2pF9Re<X7Oo5H
zFOi2y-vz2>i$ZKVHS{KmW8lxHrl;TQwrHh{W>@)T(mQAf^*8#`wi4S<Kz)YvIFQOI
zxt#C6T|(kb<|FYGH>DawV^OSA=Fk*ckXY7pMfLSv-*U+E_QGPxAM2#xD`m3l>&Y*r
z%05--YGOemH4v{cu+4)^;6TVeU*j&%L)()=LK-W7C6x4hX-8)Q21w)^J$&C*K8K8S
z!h|TkPAHc@_0Wtj%igBN5jzj&A3T=I5}H1OUa)onX=)m6DAL>Gbt8;}q-i!#11|HA
zWKB+Z_+?Gjvf=cVv_fgy8pzi#XlEFYCv*53xq$=q;K;Dq<tD){Xy1pWva`j4)Ul1Z
zW{sqFzdticm7lHGGtH6^I{Q35g@U8ZqCS)u2rDu_{Lva^b}f@1!f)T&QvYIP&GFXU
zOyhpK#>m(-R|Q?=wO$BHUv1RQDS2-*i^J7XY22DMnZ4KjG1RTYz6<#N;7ErVGwsM?
zaC3@_->|o5zs6(xj0<P8xRAWB&A~n<gYmUYuhN5?Kr{;RSzE8o)hsinAsOg8r)<!(
zxK6f&bZH2E*Y7K(Q#>oqujV^6UOGzqjE4SIV|OBX)pzLq+JP4+ty%Os2!RJ1^`v?%
zy+-(nk>Wcb>y>v%NaBNJl@8oN08QV!OtGJ*sTX^wrBrpe|C)+avcN#(3%O<4`i;83
zyj7rdsQL0Nv*KJV6&DxJ{*8Ddo@YPtj}*PrM0K|4SV#Ju<QJ+Ya0}Nbd%eZo>yh9b
zzf=h&XieKYsPD`1QS{~B(U9XDf?_P`On1N3Ia*khh4jTqXuZ#S$z%j4WX3|H0S1k-
z-jVVfy(pG~X@{%v_AZ(^15sHN^iqjzhYOuY@Tn?x|J~hm&1!3|{j;v-SQdHVJqhy%
zYl!FNngyHE_O&_M?fN2avXZlN5U`l1N(W!gH8E}_=N|LqTW&xpW5*2#va)r%0lqtZ
z<qAXyBU*KFv?3JTXirmTbBIr>et7R!IwksZ+5wNaPo(|DeC7|W2s-+z@229y&b|@1
zN1&K&>B28Zmu8tkKfoRa%v&V1TF(~_AAP8gCa|Yf+=r<oCP^U`$)gRS$um_fTSWT}
z5|^(RLhXjas(gEET;Kgd0%^APr~*<pPF~S5#Up&Z3~dQd76%Pd7`Uwtx2w)<@k04S
zA5%TNs+w9?))svcpKxyIQhBPT!454qI#E3kHB#je?uCGjI4Vy2OP2jIraQ~cGk>ms
zwm7Suhg14>SQ9(oQNV292hY-)yB=?74^3SU1eKolYW(Qz>!T7XTfea29y5*c|M<}y
zIF@5RDNT&u-8irVT-!Gic=K82rjqIdm4Bu{6TEozmfzHU`x#uNyt|-}@vCpN$T@_k
z(gW?E;XNuKeW&0wn2Bo25#-uoMk(nv>#8^Q9SzWMl3_CAE9~ujwTKl9rRX1{DPtBU
zBxo*w$shB-$shI)`F;OO{&W6+$^T^p2IlEt5iz=_$wBW+d&Qs2ic4;z*ZX4|Ory^C
zw+=#O68<d*7>jcg6{~k|5M;%KmG`mtx)6zCo>~w$N{p-6$v&Xb*DZi}j&U@Vy(yb~
z<O}NHbhHTTZFIkxg)`b(SqWRXj@OPQ<Wu{c=Y_e^@9N2yXhNN~&hQ2L6C+>^MPm|g
zIIvcCILbww)@qqF2BoF>5?KUW{m#5{dRyFP-w(hnl{!)v^Mbn*8^NixN?(*mdcyd6
zy!uXeNEZk$t_TJUgq04UJuR&vDx>wcy9OhciwkyVKj>CPGmt$zJm+={ifIDC>MrL;
zgnjLM`l98n8`oN`dGbH#C1AMA$i=t?$7hP7|LBUp4qtA@KRr;*{*sG`Tf1|VN~W8y
z-zG!Jwb~qtI%4(;*cJf(yjb}bUI@{X$L=W8%N~UrE(4ITk&w5y-B>k5TDhCz^Ecuq
zhVyZxL)RZSHx^`0@ex3cb}@!cTbpyrGr6~;kH0?^Mbswr&3t=0`%bVrZ2Ykx>i`l~
zSvgZbWWwubA!@D;j&v<jP@q%ki!72r;D-wD{WFY&rEcn&RC2gxSb43ElgyEK|2VyN
z<174Pz6RhN@#9Oo?}+?9iX9P2l4)NKNBi>Fpbf0EIU}2N{Bc5}6O}3%N>H<VGP`|m
zoY~-Bt-rZ#EZstEtc{JGMmjZc_|gDc3fs~7#n7~YUnaj*px<j7oWYS1v>u5=xmlxk
zb#C<Aw`cNT8j?<of%wWVj{4ySGf`yFvhpTMdX1&u$;89j<V$G<g&GRpU86?f!{W{C
z@tGf`rRB>KT+-kTU6VgN?_O;ps#(gb2UqP;#Y-rO6T@UAAg87g5fdf7I)1{vkyMI1
z*e_KeC=^R!JrUQKi>PlsQ`NqaeGp8!Jo<#T38PT>Nm<zl=J0uLZbp?mq!*ztuj<@n
z(U>)&CV8f~_04Kpf;E%gPzj9{jYr~KwRD35iDW`ZfxMXE>o&@#VAwK)S#g)WeRPC$
z7T|;_G&kB^`#s(L{Y@HC0nU}x{{CR+wA4Lu9Mf!7+8-nIIgir!7yFx5k=e7eNukf#
zgUXSg+O6+SmAmX_XTHHl;yvK*u7}Kt2w1zzo0&vK^t+zwJW!mzbR$`R8djt3Q>fA#
z@Lm`0D`!LkS#c?HGigjNEmb?y$HrbCek+4Sa!o#@a89g3D%q`=qRq{%KP_m*2GF$y
z*CS%uei+UzNG?YArg6Y~Shi9BF+TY7t06rmI;5GcqOn%3iFp^#K>Is94qjRTz@X9k
zuPWhLS&VI<p{bZ~;GQbiuN-Rn8QEXdx=b&ByDe2w7DR$0Q`6S$&CGz~P*S&gV`5@<
z1S*iqY(OC<c226&TA^z*1vT8bXq9kk>R)vF{cFI7oBp~edLeEL4KAC8c{o@kiwvYf
z5TYi27uBF7jeXJes{+JYin({;O(v!Vscs~*S6Cr)r;9)0L*L<ttVDqMfA*{3O{Mwb
z2M{E}fYy-|ezMpvK~&6mBmGYElY1Se|5Tg3AzJ-0nhiG?ej(7A9S!@5##zivilAOu
zHX~r)s8jEfa`UH$gn=H}`sbOMNZRPPVjdr0!j>UIG1;b!T{_S7#;Z+te8djIuFs{Y
zc9Z6YeLdS7Pw&k~`-oE54k%~3Ca86oQdmWjEBY>4m@AB}!n;fyVbrIVcci*jHJJQj
z=T_R9d3}EiRO(|fEwlb)V+9twiqLHgM_}<<YfaUuhSHkTB08NFx%dR=scj4YtY@X>
zqxABeGc1d9YWl^Y*Y*~ktKp_tP^wUlLmNSgAJEN0Yy?|fD$s2nS}!&`S`|L?bY%EQ
zswwn^db*Hl_?6XjK;)_>9fTr@9d5~&TmO*Ls<O(4=Le-qdnzeKR{8gyD}3)q&x%eG
z;aH1hsVZCK$JS|Z*sdL}+EM(>gBI}Dis!?F_m}+n|C{{b|B&D3zvRC@{FnSS*f20a
z-jhbAtXb4>%y(+E(F|?t7`}n$ymR?8$KmLfM00y{G!QqLv+65oax)5RqZyJT%%|t6
z|E4K&<Bk&CJzI66cuzxq{%S-Vy*!lV@|AbZwC}}N1iVUZB816oF%dZ(1_M!LO1~eW
z(U+D``A%Ja$?6$z_eR@Q>?S8GcG-=}N{bxj{O5YBb%L=N{Cx(R5>LW~`uq+^2>Nn|
z2%}x!DIr`~85v79@BMKt(SsXi-na4xvB%J6<s5~@H1c{+v%MHQ6>GPWIL%T~BKSr1
zLtM<p#Qr#JtCqK+r9|)LT!CO--|aWlJit(r?&Dw|y|-l&7B-&t;EI_@-Y!m2R)5}S
zj}$9?zH5TVmA80tgAkS_B$}D4yh_S=jBHvRLqT5VFzVv-lRZ{rS$c$X;~@G?cGZ{8
z*^X0^U*9zR-r#I#im3h=X;RBqN7a~sFrZ@MwvQ-)Mv41Ed|UZ1_7+>vdJAq3qD(jZ
zEs51aDR1-Eq!S-!T@F1150dm0jIlYFOt0os`mtjOZ-O3-dnF7a_*&d95zj3#tZE@P
zr@UzKykC0KS3Yut#%tn!g}=Q5Z<gqN?50Q*b5cxnci+Wa`N?mxCTNEAv>zszCLLCx
zjVGn>E=w>|=2pt%Wvxa+B3OAcfjFB{8mG75&Al+c<Hdcu;QV>7ZfYPMH$$(H@ji)}
z0zPJ2ldFfVzk!Q`#>8ClloghGybEUxtTA~+S^IBAsxxdbcZ2k5OCh8$74H?e<U29O
zag<8i&w*CMv>%xJ_>LTThs3;J<DXe%zREwh5F@8r*GAxT0(*?dDLrDR?f1=6f37z2
zYjG~6{F)3V)Ae%`Tlg^S_r#RsR{F|9^8q*C<7z|K6WETNM*3c!h<Be^%{JeH!88~5
zv*P=H-4f09gT*{`lG}rj4MbBA%dximX<^%|u*S*<Z$684y-XF92ZJ5P<O-KTWCjsM
ztcyy$@IFKb<VS-Zg4S}&=~#BGqFaN)&^vz%R%P9Nuo&f1JkC0Ibk^;$PRy2GCQ{Ft
zmS@D&atCi*uRr-)_cG#SgIndDxZKRA&J{w^Se54;{!`Cln{9$5XTt0Oq_U?Nm|=)-
z{XJVum8i02`DjN)9}7NV=aD80a|?p+Q{N)1&_`}_T8d(l{k)WpLjJlK$+Qoi@9*z!
z-6C@losi+IeHi{)bY2o8St<wrkGC#<;bHa-<o*WP8^-13JQ<(&>FoGOu(la@hY0Bf
zf?t5JxR~*ce7=k$7VdAE0o;u8ua7RWUC8av_*sdT_RkdtiuWq{%~#T1-i?1*F>sF*
z@2K&&<@o>1cBXjZc-SC=R`>hEL+StD<$p#he@%c>JVLsl76!gKH(THSb007f?Ra?^
zMPUY*3;(`=|97vXBG<p~;{RSNrz**d0K>w52Kv~P1Iul$N~0HuH-71yK2`~IcDLLd
z99x~w^0Cf-KD)nS$(vTnwHH^~5b@Ms5`MinQ*qPN(Bu`hxV1C{9L^pW2mh(HIKhmG
zxVk($zqaP^yqsoE5i35sENv<4XVI$`S68h_4^tO#>ZMUhb-A)SO8rQY6WZQBlES(u
zC3})T`*5wlH!ez8o55?B5&!dGJt*hdY0P%zD+E-vcK{XH9sSHIw-+pdSatt^2>p6<
zKsx6P>L)@uUG@=lIe64$g}0tAf&L8fJ6M7y;;QdHd5Mi?CG70ZriG5fs|r?ydGl3j
zRy3!!iHIb`OJn-YL)Hy5_{gl}!J5ZYnr6bDx6a~F{pMQ%QD5^mPsMaTyZk1VSZ4#^
zMEFXzU*v=iYn^7L-cR>WB3@FHV^R2akEtg&0YW|pqi5?lt!+L*K|LB?CcnQsl9T^`
ze7yxw9o@DyibHUB3BetLyL)hV3lQAh-6dFX3xNP(<L(yR-QC?C{!Y&M?!Bj8y|b#=
z?A^esZmN6CF~=NhE*Jd2e*U8Wj{FgSk>C42k^ed8ALOUH1H3(&4fb0>Pvz9Q^{#e6
z*IM|a=?fxu%fTN}3T&#)Hb<4?<FAPO!)ZeWBB3tYlU))q+7HtfT%<;>*^~9Gacjp@
zRDceYF{&Vy3bfm;hn{&j?;I;Gwt{#L+JC@Et7ogX8as7T)u}FY6M3dr5*fjuDqyCl
zEU{UVkHWE;TnDO%BN??SS<}=Xjj4AuK;8nr%g!V@68ic#c;y6h?b$r0*_a`Vuuyhu
zz6p3QEOK&L%@Vlr9(-YfC?tc*)r2f`X<}i>roaZseN$6mXla~wW%+3%FYfi0Gx)$}
z-A~r%^VQ~OZ$7TC8qP0^Kw)g{B_3aljSOPyFaT2WZHwVCqsQBz>2s;JQT@6=7fEWe
zUkOLMYgQsUPRkX8I-QdFOv!0a;{63H$W-uqi#UQGycSWDE7Dr)5xp#A2pXCw3=%$>
zK)-T7xFoXq)#H6-Mt*`vvDMoJ=&!d&>x~CXP8Yfs1|=4ws<L?hWM%y{>uf`e?EB>B
z-U+4dfpaZ>@PX$X3ca{!LQ7*~_)2V5L20E#$}(Ct$C!OisQaqAIxMwHD4mr0)499q
zas3H1vz;!Hr#+hWyG6g(D-xMte)^GobOr{7XtWSIjpKe5&@sQ~HJx75Cq+d~pmN#-
z6QTsi%f;JV`Abq9X-~JM*?AzPeVLUUQ8mBZj?4EMQ3*m7qGWsW>(_344r^hV_^g|q
z2dB8q%o4-j9pK-YC&$OBX)KI{UG!Vd=U3Z4s>-s)ku;OSpRK)BDt%Ac-QDTxf)SFQ
zm>{EGZoI<mp2!tu4b7EKoJ~mqny?8dE7n$<m37c6#PML!&Rf_{ukbRR91||q9R!0f
z)#t<y4pc7HBGD`5Z%-Fr2^2p0<Vr-RO4SYLZq+N35(Y>Hc&#+w<gKX}nJUgVDA7q!
z(OTkWtAjEr%1M^rDswIIVrR>ElW0xZJg+g8AUK7;hlc*3?n?wWg16i81~%L_k%XmE
zmgGbAgA7I}VLdwhhDE1tIa9*V?|0sTHF9D($B0VB!b(Sg#r-Mic+G8Krq=WB)W@OP
zOl}DuH|Y^|?KM><JZGQ==@?U_+rdnqDYgBz^Cd^S4)HyHaL7%OAfCW{d_6AL>mD;9
zuoJuV4MB38F|DX|F!<(Dbrg=H_%JEh;sQ_jTo3i8^3EVgkz-j76GD}Hesr|bx0N!;
zWYaSYrKX~yOF`hH)tgofF?(-k+hy2vh54P9lT(yDkylSo52Jp~0g2tj8u_lvWlgVT
z2&*}LH{M_}onY=;zo1%1RQ1w0>DJl<Hd+MtWSbB3%R;SHYGq{vnDQn}6xyhIyYCeI
ztSiARiQ!IfCy(<!rGWdvrilP`%FxiaOXg@PiZ<nc-L6%yNs*Kw8RN9-T9<GV!7GQ;
za#GT-E=L@pY`r&PHa08QHhnX(=DnYElF^oH-7+|`fTl8vW`>3hJT^E3I_k43{Z`Kn
z2T4Z<coo^Z0*@i=O@7x>l9GEZYxXyQD56cVewZ&<D9Y=W*|T`DWwzY>bUD#&z?>{H
z>tJJJBM`eVSC!*21A?vg77F7Fko@(_nnD-Y<C;Xs?YjS_ud#eA$7}!KfR)LG!Mxr1
zVxYCTd>?ffjLq981IL*q{WbyeY|T#^OXGkL%u-%vu^U$KI{+hj_MVsM%EIR<CAj#w
ztgoD`mk7M&`VSu%IWAfoBERB{3I;aM*e3_?-In2;PyA`)r2Cd05PG5JFw@iHJiJd6
zjbKfT&5`S52p6KkxVO@FLzE?rqL9U7prLW6eX9YD;zO(_lR~|5Sghh^n6kPN<Y+6<
zm)NU@k}IK650x!FkhQc13muZ6hOJ7~r`r(kwQcWeWS^YQtu&HeOQ9QbRuMVS1vi-j
zgOpy20_S^qzhbKn1#}ZK!q0ZPI+@v1EB$E50|D19JoefA59cra@5mqd7x}&Z1NkE$
zRQ^GJPF*lCL9hFDs>x$oHOp<9dY1M4f}<<tIqyGiH#*sj=be?N8;j+i$!xJ%ymx_x
z)gXZ#cCxN0J_^w9Sm|Mv<EVR&%WYMDejg+qUO3FYSpBv3v(3C9ja1J~PdqZO(_=`u
zEavcXnIc}VTLHAKt_NM?*apUSKN3Fy9`F6b5rVbNG*t>qLwFKi*PtM7<&KY7*?b-u
zwtHfPaT<FxOutW7oJi?w+G~@Mm{2FazgNLSpy#W2yW9}fN@ckHy?)|tdAZ$~<9#{s
z8wvLAl-qB2xHZtSBQcJoJz_*MPQOoNM6^STIdqnY&t6MRMBGj9?QuM>bQpgXT_8@a
zCNQY@7N8B28Va8X3+LNfam4u>8zbd&i6@p|QS?clBW>QX1?%(tJU+?H+%sPPg8AZo
zZx8f7*!x9RB)^(R&^cov9VMULAV;OxZfRW(fFM4|_+3s{$?z7pv7*?<g$ZY64zf2B
z2&C1@t8me}dAG3vxw5=`mDIpvHmpjo<a@W&B$pA}!U(4kLeD_g|L^r3uYr+VpwaZk
z<%!NT_N+OT!h)v8na>X9;Cjq{{D%GMAXh%NxfU&6^khao5%zUj5_)}Iube7vON4V2
zc-2kFUpV;qa*K&sH^XD))$M+Yt9A|eXe{Jriu9;dJ6`LShDGr})GHd+r>I+`q++V8
ztu?6qXmVc>+%QjGS()P8wYccIP-T-D9vc5Bub}>>{ya9gxG3K>Q&WRTk47L+xxCcu
z`{`5WVJ9XGlru&0Ov}5pBxNj(Fho3s#cIdi*i>N?^i6YkOo$j^)dcUwgzW5t_4OL>
z2iK9pSQ5^c)&^R!!lKYp5g>-W>NU_#H{ZQi(`C?7w%Z-v@fgf>ov(lr7Ai?+F*zv8
z!6xgQ(k*NCF@2{oRZqmpMqlf_a9imxB@vt2V0RY6XNrG(sO{4e9^rQOY=3&(9ook5
zcteoiD6f3f1z5Yn!s>%dOS&Kl*ew^TOgq|51?}|(bWf(dP{DrIxoLOJJl*Lt7}SmQ
z6bvWCc|kWaH$1MtD(npDC}eU;p5O+Q3Zd$wp`#nw>euB?3=9tka1AE0(5ZhyFmQ1z
zZ}qq`>aF*)z#AP^b8&W-{l;;Ehb~R!Z`KhN6-7Xr^i#Q9Ke0(5<}!&`e`-b6V6DRI
zu1zeW%5=zX#WQ;Jc!70t_!m8_M%iJT*$D9=BJ!zTYm<2#@ymU9Tbr=+HJp(3W^mHm
z^92d%bylG=BqY#|UQ$xBuOnA=DCKo;lplBoQv^ZkqEEM-&^MNIAS2Tu?JpKsoGdIz
zNGD7nT^#Zcnwpw#>Fh`QhbgF|IUdhu&8`8s3K4ceW|FbgbuE8ld0!ElN|pP?<~SiK
zJ_q?O25fYUENe3olFUWA6apW5;!qL`mGjiQnG%m*I?ZveWd`-_0Iiy~u(n3W#B@D7
zEtSQ|8AqiAc4m;sYt6?q^~@GW)jgSP)Chscs;zbL_QtQ;mYyxypanPI?w97^xJ3*I
z2{8rYmuARj-xxDzJ+)H)XW(LnbTnIWG<tDx;*0C+?SPw>Hdb0jSIE4o?SCE&WGqwN
zk;aD>xeR%mC0BF<xS(KRJ&~bgIs=fk2SG+;6t?ZK&vn${#jm06Fa>`S5`lXyz-Ols
z&kO9Jj^Zny%G?}Ss~3eG+3M8%adf(5r+Y9;N(8F;Yg$J}JiQj(&UXnp>^V3f-0)d?
zijI>53|)L>@WFO@ep~rRv`($%*@hCV?agJ$*kkP1tKG64!(m2^(FF3Cq%%k_2`r5~
z!~|tW4Q1i?z0=dWH-&ml$lFvD8C)Cu9)b9v(2(2uiVEAs8o815Ra^z)gshvS;Lpzu
zc-YwLH6g>Wv~v|6YEr+|NDbD^?#CjrmQ?mYt}ex(MXK$9Fced@l5L>p>YCSIKY#as
zNB*e4$nW`|$PWkm5AwI7f`N$w-Dn)5u;?Tfb%&<<CMME&io+H;Y`Ofswo<}B>t8Wc
zdb}a&_Ky6H%aM=GdUPn~^UVd!5!pcZ+<S*plDeV5(m}p8nLNjo6UZjZhQm9zpUe%O
zZ>w?d(N}-CB7W^0ABP*-Kr`NLaG2^1>3=rPPESuE;<tn!t#;TF)-+q1H30%fx$=)k
zfAH_IgrnKtny^LE1pV|}Z@*<{yPVHJJ~1(9wWJAAZCJLq1wGwHOiWDy6di#i*#Gx$
z3JuV4ld%Vn8Z>kW`ls;2by_f9i_J^`c)3_fqdL5vW}~k5h;QSFEv!t&5XeDIyEq8o
zJ*w^c7*h5#C5Vf-MC^PD@6^3%DNM0UJTH3~^bMNT*Y%;hxcHDc7<HOra<kfxRC|Z>
zv49MW$8$T~-8G=y0Eej@SW=R+)cTZJ@8%QEr0`%$GjqD+cCj6?#LOiIY}(!pd+xw&
zGqg)~G<!n8ZTtaYaGK^Se4u5u!uPE(29`?x(?Z2-M{#2P#%y>v={1LWUcHK0Ic5Vs
z4)4gCVE^o_(ZXaIA_ZyIU<4I!T}}^-#vHJY*d_j#TK5cl>D{<^BIU?VOLSFM79{rR
zyl>#5vGH$vP^C$tu=PkoWUVp${E`Ox*k{Gw8LXlDEnk$=p?_iuHt^_BaJ~;pAhr=R
zURSR*t6yIQs3DLT^TLLPBiSX~o^r3{3ag-F>0A9)b9Wj@U`Qs^tEqL-+&`MOfWuS~
zaNc*XFF7TXl>Z><;^2Uh<h*wq_433R@#4boDdrDK+NP;{&2IAA3j?TDY+O!679p8(
zTMPj*1kvZNj)P|pt8(3k7L&fy7=rr97&-VuboJJzJ>q1$uD5hm2dv;sZj&@|?oxCL
z87SB=UT!rsl$Ze(TXNZ~=0b0eBSt+>tfVJtpp<)l9)OHIiicNZaeujU@Y%Vbyhwh<
zX0gWRPnI2(WAF{;CPStVhaBjTRA<AxyQ4<pN0xRxT^!arh~)WnXW-~|S8{Obv%mfn
zpoFC{SH4#M;|H`bz(C>ex=kDmy_xdY%)#jQ(I)KRLZWc&W_9;q0Sls~<E1fJ0U!~C
zp}ewxQ@^_0u<S!#d0BK(Z+?}celHtVCWN?u?AZx*%~@=(q2U*djl-bo_W>_+GCxG{
zw}Py84L?6d3Bx|U4hIR05Iuv9f9~T=h9h5h6OYX|knOvC$?|L^Aj4tdtlwYr>q%q1
z<C-gs3A;>6CB()3utDq2?sY4pzYZfHfb?`tJUw3T@k0hg%KvzCj3+Hr$gxS<Ak&Yf
zbp89rPT=KQg-bqFDb-8EZuMThyx=vVH<EybnE&~Q+gSjR4JWSZRhyxhJg%1eOir<;
z(F35}>~>cALrwQ;j$VwJeT{>IcI5bUhK`n;ylbVkE+|MPJMg=~2I<5^w*|e!Wuk&W
z=QKrBeQH{Y=?s{72Ac(B{~o~cD-CbJ*Gd}H%MIEGwxykLg`1LINx7&!o4pKLKyLR!
z0j1+R=0SZt+-kirbVKln)Bp>*#=O`O6?y*Tbmf>}W7&YuN?rG>5&DR7#`OeWzop@J
zFqwC+pdc+h9l`v!)bU(&Y0a0(0&aS?9=r>NN?H(*4;70=B>WPiM*^BKq5Kmk1a!sm
zG^F)3F@D%+gC&*QRWH@+S4eah{E9m`@Ds`qhU~*+(qI0WRQXlOqQQUe_isvQwO6h?
z4LIa^KF{m)3>~=yaQFv9<;^atIKL5}>nq^2xp_6zo~Elzmz<rQoood(82FqX8TURw
zrtzBB0(sX8Z)8m8-Dw;7np7rF4mp$xQ>I_=LcL@5)3gOH9{2U%@Q`fdAvY+e^ZtvZ
zB-KT9A8&m-2?6KG@50TWUlZM5R(WRZ*%>+B;bY+_446k^O=&lqjs4OZvPf#sik|wq
z-E#Mb^Y{IC<d6P~{2u>_{7B9JAU_<?r5P>hBM5%NWOFE{R3nGOcDczk%AapXuNx58
z++2!bD6$0aDst%zN|bwNqO*#C=sz^7d^|;|VXfG%_2tX;44nZkE-pyBF>#T2*>C2%
zWP2!*&KJ;?sC}|D+n4n(yu4upiMy8WkIoZG_@LjtazQksnQcX$(KUGYIm$-%SdrlA
zfKu?YG2Z#?(2L@<dAVVuqd?jT5~3+k&`SO6ca*b>%h8P0B%mLVroLPsH1qIK^f*Cs
z*(oZf2A38)X%vm>btAm~(y3R{{NkrMJUEyl^<l>TWpQrZa_je`%Z3Ibc%}HWmXt2^
zkvg@VXur>OlR^6!AOGRs`s;?LdJ6W)i;qtRtMtas-6m~Yp0@E9&B28QIZIX89gs<3
zOQ}_Dq1=*US95AWG1MNAyj!d{R1N?+T6Im0fctr*dn~wYchbPsI<J!xf_e&oaa9fX
z_iPCzF>yIG_AYZE)(&=;U79>5QX}jJnGoX!DuryF!sy1&1lg!W?7El1;E)my_CCqN
z<i87t^`-Yw*Nj%%ZhR;t_qvvwOK8<}PuBd%owg^sb9h~jiPuTUZ3|3^E8(MfF@ygs
z<^H3#`pE&d5-kepXs?^-gu0A`6jji%Or*RzpUES-k53R0uY9rZXFzmgHKWG@Hr~!I
zwYo`TO_4cE*d9wuq<m?l+hRL901_}UaipoKDV+8<V@u0f?g}b4c(O!o|4PhJSv{}K
z9tL~=Uu~ucemLJO$JZiv4#JT2d+TIzNF>D&YwPOx9m$^n-S#u)A134<g1{-_D*MfP
zrRo9hCXv|iHui*yh$w4-M4-ZH+TNx6@r7LQb4C_VNW8i6$%_{g__=oNA)`SX{~JRo
zx!`7TZwUbIHac<KTwFyzP9Ulh60p<L(#?<g*r`mhq(=v_mMn&vT%PFZ>5D!|CtFHo
z*GWA_U`U_!0Jk6r+7(`DN$S~;Ktmy`rPXch0eIp+Dd<DUM;3V|IBuCZI7mN~F9=sT
zEBOYi_Rb*ek<9!$h@nzs*cON2=CH+Yu>7pb!{Z4RLZz?_$gnsHDFX7h)V5RVYQhbR
ztvYK&51{~IN~8ITCJK&$o0kjgfn{2}aTqbILw@Vyi846qDRaic<GkArp<#s4lJD(N
zN+DZ^>J2BeNn;<<r`GhrMh(XI9>^?&=(r^MKjdzxR+}-lJG@wJf;l;zEVcrg=jpa8
zMT3=HM`DFmV?rs6ZcIc3Ks4j#IzK8BIAp}m_?KR6nWM@A*Y|y+lmK7K8U+rn%U^Ub
z=cZHXhZ{mrX?N&vUM?=QkS{n>lCrW#tqnZ#5A*`kNIn@sX*F<$V|>0U&vn3ZDuI(l
z7fQ?=!Mpyk@~DoP-Y8DHCC|*XKxulUK_(7`f+F*(Kzs7m5eOsYMK%^-wYQ;~@+O2t
z09eLX2eX;MEPQ)l!7D6eRaN%KJ~fge7^d&XznFS+0Pg)$w-G+b3*dmMm0u<#0{Omt
z;?IoQNKH(T=()FQfIkGuFR67d+K%V4Y=XRTaO(A%N0n`KtrL=yk+R5q#D4#)UBJ!U
zA8*6W#OSE7OEP(wgIl>?Ns>bZI)!lRKCteVqhWUq@px;Bncmv}dJhl_M@9yd>GRB0
z@{Fym^XJ!lF69Cxo1hKVOSY?YJrd=^kUI+tcQdB}KFWhCI62s)TW9SN3&r2hvd(3h
z>us&8{BSv&lqi3V7}1b?6&U@)ZmlyPrV0XB$A3AJgWd@AOB<!i@fL~fMYxzQ><sF|
zC&<`Op6*W28tgeZPJ7CseY3DS3il(AA<xWDfJT^AVVv>U@MeVlVr7+>@`X-N2wP02
zf60Q(%!Kb9G2XP=&Tq4H38RBa$}%0d7Vm?*rw_btr!>9-qSV|TENVtnvzPgnSZ)Vp
zNJl94j0fpVp)^S2e~^FmzaxLlU*vcHPvpn2`v>_AqrkxOD%>4Hz#*~-iLz7)c-=-1
z<Bo&<<N)chqE55Y_*#&u$7X^pt>Bw4D<>1q#94I)XIoypK%Ptfz-G=h(0HBXS<EgT
zUS_7L*{k^WchW$yhr+8lKv?VQkQ?YgKU$n`upXRrt@CS>8TPuk2Z*QYO=Xhl0XB_a
zAP9&@$)WnGd5>F)kDfpm)NAuC2?lO|i3v7+L=pi90IFn|=qMYtfW(%>*XmX>5g)X9
z<+N82AoBPa`uGTwOqj(QxA#nE&#vGwa*+}4D@srQ3r;{RXtoTClNFm-!+cC%_}X9D
zA>*Uzuy(zrLJPFedwQkVxQ&iP%2AKZC;W!$%F4Zd{26|J{-bG)s!3i4cHSecCw~x-
zG*gpFq*>asJ17CB3iGi>%Nf3(!jh71&m`}Z(7S_|fNW#X2p5K&Si>m4YyB|b<=e`#
zCGFhTDrfxHH**K9c)RJJ;ua<tEZ=o%&WlhxfIP22>_SH>?*$qZOUPX;5)$dII*<@a
z*6fO8J~@(8AA1u59TJ4q-Z)#skbS#-Q4TQ8e7&TprCD_jlRiqo2>QEUxp7vtSlK6P
z5GArqs}&Z~*+rJR@amwsF-~7n{FTXT4RFfWhGg^*ds)NfYsMo7!qJLjLP1-6$eo84
zhK9zfGz4dNMMc0Dr-7gqFSw&5Dv&)3<QkA;`Atqax7~I(cI<vS@SY6kOwHTw>V;%&
zINj$~%j=|ePW!Fciv=p7tl-D?_k2eoJtDUT<GFJupO+oQUpUTK0dSsOI~=w(eyRhl
zEU<)Wce=$a^El327dxi6oysyAG}OTG3=@#mK)B3MEWJWgMr~csy(i#2%^S70M8Ccb
z=m`$<E^q9l+*ay<Lb@62?w+(;jh6aEZ)Qnwd9J^ff#&P`73E{;09iKeAa`C~@w~-)
zndWYVActhwJYR<(4?|fXcWp4pINymB<()KXQgC<c;vv;B0>7bHFA7O}l$Ii}<1+SO
zZbfcdw-0153UgG>*-P}b<TeZ)s*o!ym~({3j<K{f>=Q?Q%C5l!eqt#P0YUb6_$H4n
zeRp>rrz~^18#hw7L|~z3s`pr?uv~AQhp;efvjV2lu);hl`mVH=VzdJIrSoiVE>~TA
zo}&+8Ds<hV($@vT)!q#U2WVz9F)_;Ssk2q-T>`Ev3_f^+4X;o2q;4wn3<La&)DE3^
zEI0OLRg>-6w8Q-D7#iU|EAZjM6k`Hs5ghX=50NFcK&LBusJiAZym^L7p>=of43i4)
zINHM@FbDt9;|#Tp$b|(L@K>d9Fua50dm7eic;q+mWO8S$$crrdo)(NbV}Fl6h@M}a
zcrvm)?}atpk5+cd`8Oz}2nk_qG4K<*=xvVK_+#k8;yR1_Nz40e+MS4w&BS!AUn8-s
zVq!EL-8q@NbRtRW66>=Zw`?5o!tV5`Y=5>mpj4Jt<U+6Z&l0W%(iooJzh|Q9ZhJpG
z06LS`368zKmN8g+3Lk(&upY{#vwl*i8Xo@HwVOv;>{2_{kbafTuuK#Pu_Z+H5d1!&
zg7sb8=d2Gt@#`c6iD3qLF!{j$+uQqVyC3FH>SLh<h+i>At4&xzLXj>b^iHcPa}AFB
zq4E_rRztGakg;#;!tA6sxQ_a^WN==-`WPwXg}ij7DK9*F1q=m(*TeMY!`dR=UzwP6
zO!<G3VpbJjKwsiN27q^7RA#PmxuS>D(s6lTuCGJ&=b5Xja`1k6-({HJ*oLOjVXqdA
zfUn#nBMgiQ-fOLYy#sHO(I0}~dFV_g<#IVZe00&_8-18xI3?tDeI99V_e~EBL@B1(
z=?SCJ`;iNbeQ4^xZ}zLHX|0hEqoG$H?a%H)Q&XQq5We~Ul#%LhXv#J|{g|8UPKJM&
zgF)i^jlk&7lSBR54*jDP^Plkt`8WSN^2h!~ez*Tbemt^&ke?g)!JpZDQ27f=$8z4D
zFX!Gw|6JVvj0@lMO=$k+zgPUv!HGQ~CYZuMSMtx;56X2;4*WkOA0^*zQcYCU>D@a#
z7)M7L;8EsXeDheH(ok`#+@#0iZPxQ<dihMo`rR@wWwlTad4=75@uB<|EW5h;tfOP~
zH%69s$dP`F13sLl!oG<?FZ$3S+|}k|E)Lx4`m+NV9M#E<w=;T^5j8b@WXng6i0I{4
zZO19f%8mj8M)4YIK2|0tTvoG$Dv8M~6CP*AY4ObiR_aTGQgpgam{R0f3a_7}8QI4<
zgOXD+w8bTN9No*6`F)S`V`BrNhv{u>UJ&$ON90xnTC2-$DA){|rZIV{bC$yccu%>&
ztgINu$;$KkFqa#%eioUNQ<XNjUwrgym%2=!<IFE8cp1-Qb=tEuW`sg1xf&q(#<=>C
zL;oGLvdR!1_ipdtpoEOf>tk*F-GT2}_;O~bUNbTs-B^9i^0}QAX8qZ`gOISkmY&T7
z*4dIx+49{y%xWY%s}3Y7{+WY-w(@eP$7A_v6B3H7LGvs!#^HfSB3d2Wo8xAWDH0M<
zGPk89a?aMd_mi;MO(@bW{AIP#b9dP2?CkTnUQXPS@7?7kCo^-<PIH@90!k&z0|Dpa
z(9oEx+ZB02(;~@otUJACE<#z#KAu6VW0=R3F-c#(xa@)~Rz>wn??&6F>Z{x%3oI-b
ziXV;kujz+pMyu`l@xSsnK3;`~!xELR;XM1U`*4R-3$2Q#e|-&CaC*;1ek0vSLPPVz
zp1TKc7!Df~-{d3_Mn<NDx9+Sj@^w80C%Q!PZGR)mxLMR{Xb3^ymlmkr)&_O2q6p-_
zp)q%W&QP>#9Wl~QO(a`izpo-*f6EbYxrq@p5>FJMpfE*KKqlgg;SMAmfEM`->vZKJ
zWl4@Uzj(TQT5)!x>Kg>p-+P~#r6$R9(MI^(DJS{o9=@2!vzwf`+Vep<78GW-NpEO+
z{E)PhM@sWu(hum^xUuby%3d9Fb32=2&}<v!=yRmLS7}1!ujVr62Y~<LqHJf-I2LvG
z&!3tAxNOfu<tP=}E>wASL2bkkGzR1J+yXL4K=3}KtrX9}TKn7OPH6-xIdVe7JcPsv
zh3qFvxpYEc-;Tvc$1Afw8kIu3r8?LHVrc^~A9uQ%8s~3J_4oqb+Y@up(n>}MmP(lO
zyl%vkGweypX(5jJH3g7}#xIX$j9#(n3<ms;+do;0+7CfvRaK*DtftY349uSj)uF;>
zCMPk_(HH7mP>$ba*f#`I*bOFG@GQbKyAgr6X0chwxVuZZt>`y7BWRCgG=pWp5o7K;
z{6>_<#enbWdCnLGEGJ;rr&nWP+1yiQmp-Vl$eGjHxpY*eY<_LnWV$w{kS4ZkZDXEO
zu4rEegaay3120WnJ8X=M(2OQbVa%Al+*a}h*x2>hEvNT`U==XlxhFP1d3*vD571Ic
z&h_#DTU&8F7l7Inl|^O;4%S0&mVQU$)%(3goId^nJ*w;KF3!)Rrzj|tV)8L!BqrM@
zyu+a6nSbkrm{cCZ!c4OH<<>ExcoB;$a2cv_4_oi2VE=fnMnB133V7UrYy54#mT^Z?
z{{pN(q2%ycQa7JhQBi^I@w+=E6A|h9;%~-GPsq;x<JhOf^Lf7aE19GyxT8O)<(MXd
zIWm%#wNN%;%&_Xh0Vtx&SpBp*bLMGS_^o8%$BnO$!GY03h-_%rj#G+dh5hR`h`<00
zxhWevhxCDwpPUjihC~o;$mXq$3G(^7;C=Y3<o#w;Wi~PAL$F4RT{m8Eh`4maDfj0B
ztcu{Zdkk#o*?yU!n2Nnnq@@Z2NlA_VB86}MR-FqqwKrecL{AIfUoq;`8TUrke(t`k
zlDAGxJx9&iXj1%x{Hi8!U>smzf4{&GX{^#vfLHm7aX2t>FfeNHq(8{NLjeFh;ve(}
zZ|&gvgZdfai{^@`Ft12AU|@e{LHPV%XG#7$3;F+NmI&gxKeG%3|7#XQV3sCmu)kmb
zI*Wgu(VugH{sk5PHwyjua~^+Y>fi!z%>ZWj8-;Me!RjM{gI^=t-2R4;e4PCZ=VWl@
z?9_S0?S`T(zeQVDWepuwwHuqgL_ze;C`C?Je&jf_dWihFvZX+HT`;}g(C$zq$xv|(
zcJ{Trov&oX@hC(*&)d>=s?H~Iez1w+6k{H88dr`FWBdW2)qO|r46tW}n}pjBFS9A%
zP>836W}<K)coq%5CR`rQ@V0Wm-HSV2jpgU7;5Fepa(bMvlX^7905K!DQB{pyvBnVY
zec4YoMUm+_e#jB63LzY%)p;uX@0n7vrG`^#=fx2i;^le>A&X!hds`j~21%#MScJ|Y
zuS$p{C$G%DPE%vG>}w?4-lt{GSTgGBzIw{bqmmkxQ2^ik9f$MSux}~aef8KxVq;CX
z;Oug}Uui4JXK0D4%-g(zy?fM9t@T0#1836Jm7UEAi-fPLcaxP{Z1;$#_CZwR>MDJE
z8?)YK1(KT&k2j>EYSZdID94VReBXN{eFPt$XXPeB&*ZSW+R{rz!>Xj+%GNXQ7hhan
z=}Fw%yRr&R=Aaq1H=&27<>?Y$&ZD64hHnu8oYQYoZL9F%XlQBC75)e73s+i_PlCc4
zJKIU&Wim265^=;%H!^2)c1&PRv^>(kO1)3Cd5LTwFY$a$ZQJzaY>aG1P{uJ>l{JR=
zDMPV5@5i<DgMgGw_wD&A4?^D0gcc2Ia}z!RJt~T%&g7VIb&<Z`PF~7AHAQ<u@hx*f
z&(~MQ+k2xszpg6~JKhrxZ8;KNCoxf`;!rqeL%sm^FSTTokQGUpAk{_2H<tXOa2)ru
zi{GccQ{Q<K6X*&x+^m9Ct@3=%QYGZ*NRtnhM9$l#-WR8Le?6sewk#hRGa#yZ3<_&n
zG{?h>%VqV_T_L4ttZ8|sk$}AnQR_%W7!*}jdQH0Ld(}vC8pmDP-JNC)%N`u$QBfJ(
zG)8E6N#duF5E4AFz`EeG>W<z%CWlehoDURGQ5o9sC0relLxe}FV8G`36oVSG0A+K{
zwU?NzhCr5-EMUaMLqVY?&;&16RehAJW@d)v#E%$^cMw;>R4`pXspiOs?J+WH`>ln~
zjr%<+5sx#>Q^-vUBg@2`L9By|q{cfSmWUkCLIXpbX}s^CWX{7cB5l&51wjm`UgVdR
zt<63X2;gAXArtY?bA-NiX%|TG>wQn!u2L)g1wF3DJRSfEn{ZWNW7D3NuC1kQU%r&d
ztKrlQ^Hlg7M=h?6{bLm~t4=rY@Nn9>iX;=e)9pGe8Qc)>)8bn%)%6{<kgR#=Pn#Gn
z02y}Q9>4(<v2>%m>3&X6V}JcVbrv{~Sj57|!o@|L9=`}vW4hV`-Rw$a#u<tV8LWFA
zlK#_t-g#zWK~LJk*58j!!sq^+d)f>&G^8*O3>iTdXe6;ZhK}<Mz6Fa;bLRW$-kOZY
zJ4M&a3AMnBEh=AK=j4uASE>w9AdPOr`q;)y4I^V89HjA9OVOEm&JBiQKE`k=>A?8R
z&;Cp_G6}<2U6f2mS68xRQa)jQ-`myJz792|9ZQRYg{AhL1gZ1z>~Xa~Zl_(|mSWLk
z9OoG!KW<VQ66pK=k`ps3qAb&44Tw-se#>1e9*fzqrr_GsnaTk0Cr}hX$V;RuKd&Wq
z#v+GXwqN1lCC!Ui89~NwdsSA61{t*biiUcFa+#_4_=pIAtc8q}l=sWH;kom1W!cRf
z0B|tSz0xv+NVv?3;^KOGdOD(d8QoX*;^H$#-J#|Bty-U~AA{d@!TA`5%v&DMUqHej
z#(z!gZ9dsFu$rA8O=pLFt0b$DgoEDUzS!AOczu;*v^|5rMkP++(6Kn}2nY&AA;~MX
zx<B7ALAK*QzY&7CCor;T1P_4ziUGu=N1NO<h(a(l>#0BSK*;jH?)3QeFOoa|Cz6xv
z{7*hn1Oy~-F#A^(IT0b??Vs@uIPlLP`uCf+*FV1o1_p!-FfgcpAN)VxSitOoPk(*`
zXf**0xxcS}<^ltI1IE8U{?9i`*dEb&qorAX!qb_uS{N8J(J*8ZwlCqKp&X6dwKd!C
zy69C8*ZexBi#NyHzrSEnmz9(}{#5#2*>sUu66vX~F6XOHb~%*FvK3ytVYnWIi}O0v
zPi@HbUBbu6sFK(M8XO!F9FmB|c>D22he|$^oPq-OBSI|$!>mF!A65h+uW7Z2K$8pv
zvNB8!IyyRV7vXz@6<{59LIlC0XjK|#Ra5{Ah-jxp`Lt@JNNA$3(m@Fvd!rAAO<xWE
zl?&$H8{{%g%{)GmD50mO{vr?i-r5@UI|gI1dhchBT|sj4jd_j_c4u>50{G=+HvcI#
z)7Mz&DYa>^$Vex}^n9ST6Q7uP5u=_Zgom>7J9uVQhz=13eoQRF)3WfJslv$8Vg@lh
zX5SXn@D7aC5v%tFS9=yTbYnQ^==#mGDL&z=TbU^EkRnQeE)iO?jtqO7BX$s;;JYR9
z<W_^20W$l{2N5ECvvWp*6dN&!Di&c8;W^N~^&7_^8qJ=C8Jt9~wr(|G67I))E}Rl}
ze*P`V<h9&-rZ@w!uaHk2n80-Ibewt4$wHEn1~M|MeN@XsLk1Gs0X7)-HkLBnlxV%#
z{!sz%=AGHMZ9fj`0f{4KJhid77-i89wcHXY1OPC52xIVA^$q+yOnc`7pS<0g;5mg(
zBJr2@$Qp4|{o{bOpE@9BovDXyyKh4uvi+w!5={E!JM#4{8UqNMJnZ)0>DgGlAbD3D
zRg#U*<cWrnQbrSSf<qnlL=0_<eb#7b_W02BL1-n;9ThLl=W%)_b-x8jM<*vQ;Yy$%
z<l5TM&Rgj;Y)$TgEL5*<m@tWfnb~!b%^?)T!*v{Dw+{KGIPm$HfAlmAIXhr!tu+yf
zM5o?1DnDPwXC>}^iRLr_kxah#xDJSQF>!QI?4_R9BcQA>RO<_Hp<(auCGn*tmha<5
z0xHJYzSO#uvWB^VNObg?u>-lqk9+rihuSJ+G&Oqs?#1>uTt${AWHDA1^3NR#t<(mR
zpw4ALPW$@tJ&Udxate@m!F9lPO#mXs>FJ(P&16EXUURG=w-7j#vbFDJu$!~0yqH+w
z5?Wl#vP3EluszHTCLc5H$EB@h7jJ*UmYInOcENI*4nh2_ru7|#eOm7h?_Qqa^^<id
zdZ+%%CV+k?Cd%gd2ew=$P*6tKc{{UHGZWjcA2>jMzM3AOGd7;8#7gQ6^YMx^G7}~>
z0`GLjLRuFOe*nldENrjCtGtFCbWg_%alO*N<dX|QVS~a_K-5$E@DXR3gS}0&)sxi{
z%*aT|+`Jx$Px-%$>m|*mCnw3`Fwj0}bowdfNJ$SO;j{Jk_lxN1E%o;&bkoTxK{gOw
zEZ3jO;^BoPQnhloR3}ouTO@gl<*}J6Jju^D9+6{uuOLG&5us*qcii*NPBmzl$i|RF
z5pqUcmh~>l>Wh@++bg6Zx+uS@>AgjD%oeY9sGLUL{En>fhpxmh#0S86&p^#|Qr{S#
zBlLmM06w@;ktCti0~)yZ78iL&GHHTX@^#<AM-p&5I&Z%mKR;8d_7_r?#*(y$SBZ)0
z!Pcg&+tTP!gah6M4IL;y74_`;NyqQ^h%~!JN!!Z3TC}uI(*xqkft`h=fUvntH|f(Q
z>?q7(YHA*!WzWP>x5DiPqNI-lcDB;)-1AIb7g+lW>JlBzZVjdIC-oC6Qs>s&FKK+>
z!PrXn#vy%A86N)Wg3GNN2-5e4dMDL)zdnzRf?heUuk!Tbu>6bsH9g#y8=NoHy}e2Q
zAiwy3NB)Gr$nW%@$WM#%5Aw^ofPtmE)PMWgPv3z36BQyneKCKks7+*RJvX>BC@eLt
zOn5zHDzMCYt*!m%PnZ7qJZ7SWv%zEnyr#%6P7jXn1v-$XXK*@Ea2RzzFfy9f4tfIC
zPPpA%;UGG?b_uRc{#gGE6;wgNr{n7Qc+7kWg;PD~jb6rQZ!)fyZin-x#uEJDa<@}*
zBl$JY`MuYdUs>|7bD+xJhKg{gwcG$WGn3Y!7ftR0QY@?+b}J4YEv+$S#q7>0yo2?}
z8%02m`dpFY`$(gDa~Bu5(lNdL8OsQXUSgk+AOqz!s-K>LqMXAIux;WjYWp?gWP@9g
zH93~GI&Sque5lLFg3}YfwqHGg*+d}{qml!EfY#&p-bduV@8Aul?%Dq>so};$Bm!4k
zqZwzrv9a8ZAK<Y1EvUk90BZ{n##kf+4`|uIH(EV+IFw1bwTB8zIlWIwpA0u}@zbjh
zXz7Li#qfHYzXK8C<*7{!ufrFD8Qn+ris>i(Xx3F4pNA#P89F^oY%FMdkrtEnr_i~_
z{<zVKORQL20!(W_;lKdR$p*y{K!dXGu6q@-6!aS#2t~y^>#;0RRCT@Yc(AbQa$&+F
zMkx%GB0pu(j@k!9t$r7TL!hIvkYoTSzKBgRno?WUd<~Xk#vV5UN~Wqsgv8Bm{PxP$
zgKQON_1JcqjLtJ7BPvz_jKy|J&NoMMZ>L!WfQm+4sc6(CR?si}gS<gUM#EriqMf+@
zC6>FS>><Ew;#Vg;@>q@?ER~c@fBx^%pQz5<A0RpO<ieRmMx<@s#LIrx3XLs#^3EbG
zXY01WZv2k9)wc8cc-1_v)({ZXia@wJwMFTa_1p&`&~$j}tFQ0N@vGCeTNm*;Zyciu
zUb3sjdU?OY?J}v+?WSyfW&73SlXGlX-$*hYXJ>g}&}I<CmT<1KGorIg44lvs0)h@{
z^d=E)a8N)wi!+w<?qM?Ty?;4A{$j2>0``7n#K`yz`)5xuaR@!}oX_oWa;XqK*q60o
z&cOXly6wH67%Nz3y-@a1GV7t1%K2td!!0lQ>(`L%Y&7*gfRcLA>A85luvrHJg2TWN
z9cz$w?I3=a90Ad1Q><?ctU*w*Q0%$1flf2u?KUim<UN^m%#hJ#7z4go-_ua?oV66?
z0M*d`!g4z?cTFC|sPztKuge0?yizIPfsy?21B;7q((U<Pd|Zu_6XoN|m(T}e=L~+Y
zRo5_|Xeusl;y-fqX75m{?baqd0AKjLt`O3n`!NAnzS~|^;{d35r%`!e;K$7IF7MWZ
zqvp9NcpV_Y?BPp`7yWmRVK-rZV5xItC)GTgQCF?tdjBNO!PyGNq8hKk!OToHmSPm2
zqCHyrtszy=j}#u}R#fTsgx~i<1ndfMuaLOVq|VJUjQ%V~$A}^oo8;s)2(zUd<c`82
z_(NhvKHp|$dj3?3Un?lGBBv^Xo7~v*5@e`_kV#1vsH|QJ@eIv07b_I7Uk^@7B6Py|
zATXR&YEe7b)O5InLB(i-a|}7!3Q3|TUKuvpsWLn~`ze(f%`>nS*mNiS1qPPN*=O#P
zt~Iz5VkW>=VqyogSVU==nL&*Q-v9+oL>P-i1CTCpljGVAFdrqsSsgaXZ`ps}f6CVE
z{Y`LSX(o{zF+l4`@G<DE{=gEbEbI~`Z!}iVg&`4~x~#@^UzvL}F7(Cf?R$=%O83#F
zQpenAlR$9jF)(<1G>^r%j<r=f3d{gVMpyKA$+*h3-O2g$4@~t&KuUCs0G)^)B`2qG
zakD_Ar)SZ~!b2OT&|g@pNuzV@YGKI;<U&v3*%duNpxNDH4}gBZdk!M=31HXPy10=P
z*65T&CJ~^c=NsswB1A(MK3LRPb`!kG1R28sadukOFH8*&KmDU|Pyf(2h^Z;sbvr<g
zva)KE9FK||l=y@E(*GU#6aON=<9{MQQ};i}ABYA9#wVQlH6;aBxU~3HKmeo|c*kWd
z&*?nlQJ+y#BB8t~Dwa2yfXpT6tp;c{+NfAr={a-rE8;_ht2>N<*dG(aU}f2+pioX8
zCuHt>@=kB%$dPbM1oOjK;L+UKiMhtgn{Tv|jt)u7ubKj)t-;Zf8^Gy@O2*DsBSg*U
zJ8%2ti~RoK%~9SR8S(lb6&c`ZSIE}8;;UnUZg~{_>#gUA?kfw`a}y|Ewu%!qm=WMA
zDl4IZ8X3fXN!6uy>h;8TyWNo~-3p;^6G*|%m7^aooAB0mW4zGOt5S96p)CDNOeE)N
z9)){st-T!%Hp`UAB=2HD#vG7#y^)cTMrrRMj+gEz97$RrE=6G#fSiE++fBI0|E+fh
z1#K3|VW2c-3}XihBIC2U&sU&PcMX)9H;K+g1<cIgEL4EH#66hJh8tdAV8bIugoLGR
z<675u1WiJrf+1m%6H*ewkWsZ$%SB(-$_)gQjHsm)y>gQl+uxwV&EJ5(K_UJ?O6v5Y
zP2ISIRGXQf55LxJBXU{@pn0qabb;O8XwaE4wzRa?ZME3wMfPq@-vSZhmk$4caVRV@
za+IjW`)r<kKnrTbLBzs@>A%(jN)2<kYN*@Dw~UIowaY+mgwm8PLKO7~9||l0Wc$V9
zxJ`XdbK7_ZU};qv8vXF8ii~pX0}VYJ5_(eBHXY`c%6o>|!0uLFcOD)0hnrHfC$3CF
zy#>p}K|)b%tSktVu7cQD*nT~is*lz8FrzJZbuSlZ_ny350S76W<wmda-X3Y)tt<?&
zd)km;C?w#QfsU9rS3n3>qy`)WD!PjNAF}`e@_9Tc8rJwkk^^z9;e<@Uv;5?UdgT(Z
zYwSA2?-d*9e`V9=eo>X3Ie134{=HOlj?=r#$Q%lf9_WV+RA1r(L5}Wm4o=G(JW5hf
z4ltvJpTBfIDD0QiyTt?4j0-V^qbn=oVlcmp19y9O1kS+$L?{5G?g%6ZK;|BZ*$wpB
zs5YY+%PM`>x9%*eab%gJrEM$pQ>;F>BRr;-J#Z9MSdc_RQ*3N-t_&Wh9k>+q(WGF0
z?)gFcfxZa1*P)fvlvO)-aSs5PPCa@{0txj0nw?<}&Z^AsizTu%G=$mE&^Uufi0Y#M
z@FDT!*wv@&d+EBfX7o9AzY%~w$7td{pfFN(468W&n~;DuEn!~_kBa1^0{XE<NXm#$
z0-n>dV0!EvRjBCb5_QUoie{jbjdKwsOo_4O9o_M0TY#DbB11l+2-O9y<bQWUqsVk?
zjv?m9HVM1jF9K@%j>Adu@!?q~qd>ifv}fDW^3X7!Mf3P#IL+!f=tmL=m{L*k8rdfW
zly57!Xk+Q!i4CCCYFic@_l63De^r>?4@jwfK+{Ss|9P7Kp<3y-pfHKG-kIO_iOA+X
zBC>q{0O;t;-fBTm!Ye@AI&>=6N5#c$hGj9vjT8;(FS%rJcBj!(amagH!suB#DCcDr
z6?H#36R(B8ssx7>1vxN-G3=b5zQH5NK{t+iDvH_?2jd@`32nd7?<Pl?nr78Q7^e#8
z==knfeIj;Vp1xPH{zMEzjFsG-<VP*_;loGL7B{BvC5I$_)gF#o-p}ne$Sd<ct0t{^
zSkMII(E|4!MPQ9G3~c1d4BkftcW9r@XR2mmqZrol9!!;$S&m^yzSuq<HGuD<uXUt}
z!k<%no01^;FDx(&u$QhQ7Z>lOK2}t)?H&}S{@N}`=;+X_@PBThy!BA1xwwlnZtJ>w
zz%+E;I&WZJ+8xha`AF4F9NSm#p{v^|>6~6$_{h6I+_r`dO8vGJP7w{)p(9rgNQM1A
z=_K&ErHNvN@i@elI~K(|J+-(sb!}qf-9TNxe})JSVcWyO4%!>W0TCGzr<LTw-y;*#
z80Twu-@0m#;Kp#oJCr}jZ~otr|8EUp+2KEtpWW>r<X2q<1Dp6r+GhW7Ia64uj@q>*
zBbyBt(BcNqdVwt;IQAuaJ|wlnrvg{jX>)J5SjanMp_0kH*dH=Mfk!_N?*px|qqGC>
zlj`wz$v2@eJD0BGUp&^aUpc1V;8tX0bKt%Z0&WC>Xi-J23m11y{C`;j$a`=|X*#&>
zlN+$<Q!;fUYoNK0g+36>>Zz-rtnd!Z6CR~&?cz#tC?KzlzpLwQ$<1kMGUw*LArCh0
z*L<oE!T{9c3UZc}#zv&$xq~hXK*Jqpb>n_xH)t;;|CUcd$jez2pxD1#nDcdR90f5v
z`;RB!78DQ;riFW%n|puX5NI|lT8V1Z)ji3g8O*yoNbMY0>EEmJZ&v`q|GEMO+qQF=
z)~Ac<O3SR}v(M{RxBtNV-Ln}<WE}GUk0F4@76nNfeD$I$`t8H!RuoW)ML>ue9H41z
z&at!cxFRs8riNQ@>Isv5^<6>xqx(XOEBre@`1|S40TMBkgTt#m!S?5yw?7Z(|Be=t
z7I)#Xe?7AQ9KGfqj|%u}%=v3E0A3#7|67y#-|{|ClDSdZ;q=N}!NS^;k{JZ)Sba-V
z5?=+@lchI_jcICYuL3Ons-z7B6hTr24XjSIn@{m`>!Yt_SgYBAFdBu;cykv;es(Z4
zP+Y%q3<zjcR7LyS&J_izPm=?{1Hn>>hX`_Cqs-##|5aDH5b!%aJ&Np1@O{@(JqA4k
zM|hNM7Oz*<f*zp$Sk2jfO-PuV<7_4Qdc&CV4l$aQ(}2??wBXw}!LLGB!S^D7T#JtW
z5zqnA?mluYyB)qb0#ye&IifH5c_5$LVRrC1EE^jS51?jfW8)JIs#squ#~B_eUaK;#
zuc_&J_Ru!UD~_)be0@<Ds!2&%9Zs9Xy#e?IP(VKeErp5Oc<IH`(3X@GGhp)lq$2Wj
z&%DwCECTT4RNv5zJhgX#Y91!0S$7xZ?^2*%HGhVEJk;;0Xkyo{A#ZyNl!Nh%l#Gs2
z7)BEk9G#M8T3Vj_yH$PcB!F~Jl$uF!$svqx(LVdNwAmJ@PLP9KQg*ac)$7TKOK9=o
z;Rm1Yd<HfiTs^fzfNWqEIlA5M?BcNGtm){=Vad*XR9C0P9gjXIQIE=9*Iv)I9=!?>
zq>O?!GhAJpEA`dO7Oy)Q)||e4`BII;ZrEzU8+M1Q|BYV~3v;)Bkhbf=sL7;{F&^gJ
zW2H9~@a7!f)!d>P;(dgamhtYtvl8hN?I$?&J8m*E?d80Wco8{_Bcd7jF)V8mFr&^P
z9}8MxS65YS^kujXI(k-rpOP@Z@AODlx7=mi8gU`BOE)WE+#h=ai>ly%g8YO}kbSn|
zMVJ=L=5LDlEv>nMuy+qIAxPzfA!nhr+;s(}*y!B7KcS^5=HYFgne~1<C8K3JT5f*}
zE{S~n<Z$pqR_^)v!$6hDq=U1w_&g`GW+xj!l}(rc=}s3;RyL;s$h_JD?{JB;1?*M>
zo81ziY62R^u^i<TLMuFLk#xX&!UCTuqc;zemktl3;_FaBK*l4rwHbDjl0u*eiHoO2
zPHF$t=jqIEFJtp666{<C-2@cf298FXH!pv@X9M!G2=89wHRJjvpb+s8$!~myhKAzF
zf?!j|RPN(~)2S#S(K+f$RgHkmMC0YTEHq}6XL0YjC!bJxA#)EV!mqu%!(L_Jnwg~e
z(G65sTTAu;&zmdLX(;ze{YPPvOa0w#pYF)noy=9e$DGPG8FhvALL?wdzIna@o}Dui
zpF|Ll+;G`0LoJQ)e$`YWE-kgHXM2lQrK98^!W<sB$emBJ(5dGln|EEoR+=8QoojFq
z@$~%5`7QrD^8c;-F5CYn^7GRDgZwpnU|=gZ1}ZNrT_K(yKSol^F$~W|$)_iLTY}?0
zyroGj;^u8Wn{P9alKKpo6$pu+?za;a-a9y5f%Pw;eAO}=%ci5Ht+SfjuvyYY23#1P
zFg9Yj#QcW{g$0tb@khnRn~DTIa>j+9<Xq0CUb;eL74xHUSq}G=m_C4as%HKO6pOAB
z^D8cnu7T+HwU7?W%uI-h+3E}``pPC5OXzdCoqYO8Pj>`mqHSv#V)QZdNA1mz(9qGI
zh(txc<9P?LZKAII{bj&>!8pOX+I|M*o)X^wIbmouT=pA8UUJi7KJcS=#F(Fgb>kd_
z15#7l6A%!8mRdnwb-}9c{v^FADDoi`uRRJ#Tz_4UyV|p2=~4p}g;c<L0P`+z#TL3p
z=x32t@WKM1NA?lH0yIo`;a1`srDn@~{E_ze_Kr++Y017)vam5D#}SQRK~zi=tQ+>F
zxxiNROz{BGU*TBdiY4MDj-AlU(NqE8^QW27!*z{J=hjE|+Q39ZJ+ApP)8NtO6=xSD
z)6ZrM+BMffI&FJgXC4?<9^IifxLjWZ1WY6Vt!iq5C6&ho#+&%IN82l2tJUic?Gqt>
z?m{4R6ks)w^6(M+aRydP!M5CdhZ_pC2^+byvKYX4ew3J_r90`NjELwZ@rHY2Fbr_d
zx-)4z{6g?c&tyq&YpMw3i>XR<3^w(-eI#V0fH}{kFPebEnv1m>u=BC8<B;{f59qS{
zN+%o1%VFoLtfCWaP)h6r`8&85$XeOMa9lR9q>PY}y`YcrL8hNSb6ZSeUN-_MNz1#a
z%@s-KJ=YIakdFDKM>GXxKsmi1O=+8*fnjAq#wj^z_hSqsL_Ui*fQaPKID+1YMoLNq
z!PJo9%rwPf9jDo@uO9d33xIG;ikl!hWhdsd!g{?R3bAwKm2-@r%5H^x2#(9aLo2DN
zscPWY7&XMArX~mV$-d)H$X|)yVqWETn%<=z>yC}Lti-a!>TzNdm2Y<^U60{y^5w@|
z`dFN%(Mm5YEYjvGumSQ}%^Q8QhF7HdBh`yo9iU^7BYe&Qyc)Z6!_g%GL>a|^y?yc4
zYxBMV?2~s*gh2$Kaww6Z4=w!+9~WvSz$0LMyEce~**WTx5|X+Nlao|uX0T`HS~rC7
z!upyg-cHto-Q1`+wA1~xnq7ykEm-rwq-rvM83RT2w-r4gh`0D%%Qcmhlo+*Iz*aGT
z974)D?+g-@w7$N)ge-;7A@6%Ji<I5loxZXO|F!MKYP<#Gg^{QRv2W?BelngX3OH;h
z{Pb2>gH5{_!;pzwcds>2U2EQ)=0Iedo64DU&g@L}0V~}|In1P_8|%4H<WaG=8sYI`
zv24?em*{y3d8KJ-YEy+H*SE-_i_#IjK->kiO)nd~Yn19w*?h@)rEX{BfLPy9k&9(X
zruRX>pbfL1NaLjXw(m`h*23C779HC3lbZ$p<>DgA<P=He|KsbegWBr4_J5>Bi@UoN
z*Fte9?w;aW+}$be?ykiNRtmx0-QC^Y<(J;?d;h-k%scb^K_-(h=bR*Gf7V*pUi;dI
zbn%!|Op);QkZc{-*=@Mavjx7nT9l)Q)277E_eb(-sJe<YGq|?D$`304?0I6&S~Z39
zlMi>dD58Me9xmcG+RvxqJ&{VH60ME4!72)P4$uCi1Sj~q@w5R<n~@RqYm;k<5$a5A
z>^3_x{f!R46O3;<#o5Q2(^R-k=_$*!6b02r&ycFw)#zXSkV$a)+*k&1C}XR%OpEjK
zrgd^wN~<0r6V@=AmK5J9cvRK1`-{rKlM5_soR(ICOij|L_RJX2rt-W`kK*|ZF^wsH
zhopC2Q<n%o+A}lJL-v2|{!ozk+cPnAdS65~_t9T`=e6RXWMw52h8rbhm{gaHR!rQ4
zhMLcq<hiW$F*^qMh4U?t6`fR;)uB<tOB=FLL0-NUqAA>Dp_;TEo~Pq=qOCgj7wFLx
zj`c8eULM>xF}A6Lj7E^q@3;qGos^_iTSXdLeSPtRrum!mr~G&FC;y}N*#0N^h1UNi
z|Iir(L@tB~#xtQDK;KVaFE#Y{Z-hvC!K$zUcgM-FR)|#0DJd&i0eln^0jRe@A_r0G
z5DCD1#oDKO118)kRuQlS$0{TCsAA$;k`t##er`%blf+`0&N2mV5I!O5z)kaW{kT#@
z+Ky-O^Sr|ls~SO}W^3#2;XwqhW;%Y$g`@lZp;3gJSQeisOXi^f0<~$VAESWW5%ux;
z_P9S&quH)ACzEjJ>jeoe)Jp1v+R5;gVQY5w<@=9wz75Z&xA%AJ@-nB%<orL%WoDM@
zmGKLn<r)^rWon+bVy9RICc#)DsOTc7i=KnTIi%#g<azD;tu&xkfx&%@%D3eQL16#!
zX57lkIB36R+_Ob@KigB#gKLq1^J%G3yLWfZs}A!AD>JQf>bmy+C&?Yn)Z@8I#UIBq
zK+DCoK4;ddr{LAPQ4=Mi2Tba#+t!%53_ka0dHHAUt$q^I-IQ_<Ao)(&cYY>J@G=FP
zSMU<-xf&ydUMP-GBSrh4&04?DG(ght3fWG9bhxfcS-<fZ+JpnDz}*NVb|&MxN>yt(
z0&A`{vz1x~v*o@Hb9+UnU-vC$1s2=K(=jS4tLC2y$J$zH9@B<9Im~hlSARL$8XNg>
z;?snD`L4O}_3OuF9VZ%;neus5p27r|7Huq>ij^xLpLs(I&4w?B3wbn`z0SK98J^A_
zoK_1DM7$$dpdsThx^E3AFFsGV^AXcXS=z!br@sj~E!Zff2h=|B76`aa1hXIFQikUs
zJ^myE(SedHPc*q4brAPyd{`OM6hBQ&G%_u^t5<45uMNO{ty8ZY*9|Aa#OE+$iO&BF
z=#PAST>g`#twS!ACn%SFJqs9pG+1dgw_bL_w1T{RnA5UdURarV&JFR5ES2JtUdR<L
zh#XM6BAyaD;f)F%IGMFne1GeH#PepgTHqd{3a_x7Z+m@0n%*5$qr6BZ@d=(l=;Jo%
zimb|LSTu4WRI9b?)cl>%^qS6TLGOUYq*S}3wRJpcj<<J_pq--kA&DLU*g4wl{!`Wd
z#&auAV;QnHss-+2g1Q|f6m4<jqnq03)3KAAV+hyI60k<YG<<JUG4e?jfydUWLVJ)@
zMMUHkO)dfZQDw2O%~C~hVbTFUHU??}%OHv9)Q&1|k4N4(QM~Lox-G!J^T*EIw(-mw
zOz8sGw<l*$UGG~?PIo3$PD`J%0ksGA9k2JcX|T&rXDRI{PueDz)q>m8jhH9`Te}*4
zf|UF5MKFY^Coza_qVaOx0z@Y?^WsYi@WtitE%XM2racjg0fR$+oUQ%1eS0Q3S#~{I
zKO~->FCLG*Uw=nU*U1+R1FymBYK|paZXl^tYW<?5*W{GOr1KQGHmE~C%nU%2dmnx-
zUP1E9ayePpK5ba{K5v}@uK?#D2i%|WKeoTO`ty1}7=XyW_1XD=f5Y4YubuF3Kz#5z
ze}`e)rOR&rkCwxUj~ffD&jGMjLy3=eyWy3=ePUGuba20HR-Y<$nx_X^Q5Lx8yISd0
zOGNvC_Zr<=SJMasgI_A;;*@OLG{8+vcXpb{4rA}C?-TYs8o)2sS8`w{DHa@%<^7qF
ze*&OPRW0)m6LY!HWD4Wz_qLb*-tg8jH>s0Ck4%HDo;0w}Q*aKnPb#ZXSl-$eagO&~
zweg^GRofF?(L<BFWzk+sCF1Szs_XhTDQ83u*&5<r)$2h4!gilrf8mJLI5Bh_pEzHh
z5J)<#RJ9a;QEgFRvi&_Yn;-TF-eSih046GI(N@z-rtr94yF~k!g`y41Hf#Ct(Xz2|
zS(|rA%e^k%$ZW1K1^uwh01!Oyf0KKn`9s|My<kW44>%SteInvfM^TCc@gA|VA*&RK
zTRVG5H0`C7C(w)%3;H}=8X+5w3J-vL8Tz(lz6+4Q#KkF*I+m%H3X1@>LFtM`H*+rs
zVjg2&e$;Ypf61Tz-^riy5BY8Wll<Zd|B}Cf4XpN*?$8~bH=m1de=5mtT%ajbY<&Z-
z>6S1jR9CFGkjr34Cm_2-XEt<BaibI|&3nGrN@03!`yNiY%waX*w$@_$MSt65pwH!$
z2j?LdvQE8tY(L}6+ghvVyMm>!%gE4XK@1&&ToeG2OCXcx39j2=_syx2xYly>>tpdx
zA?k*T?``gz{(7txkCTW)hGU!G_Mh(XhMedf)R-AJMgY6Fv^XhnP2Qud)vo8~f!eE}
z?pkfol|R}?7y<B_U;zWQjY8b`a@}m6dP|KVpcwFHH|pn4M_I0G&xggJhsV4C)9V;S
zS3?nR?=$IOBzXf9(~<91JzN}S6Bo+4W<zSs<8EcdQejWX0L&o$iw&hLp1a7fG4s`-
zoq^43O4%A8AO!K%_4qZo440ncWC9F^nAOZx%DJ9Zr?Q*w_LBfM9eCVzfKmzA+L%}q
zf8<~<NsFg%^_}qAMLY!_a=}&vh=%!fu*kR?rOH?s2|x~!kKor*G;7Ls={Vzn%I&D1
z9rr5&XJc?#H$R>hB$un^Yv#<Hu6kYob&_{3?$?<S1(n7MUn+I$vqtnv=B5+C>5p7K
zb$Yr>0Jd_(;h%;S<n3;e^%R#}@Kjj_muph(lnop+6JT}KaAW88*mu_rylt{m7fxWd
zb}vC3fmQ>tZk>r~mV%%uOp@Sc1L^}focLMb)95sr?v@3Cb~JH|<uZ^D^x&#j#a!ul
z{XZ^65?~0w%nqomL8WVBwcj1E=IX8IRjb^79Z(BIfrso>0^6~uE`v9Ic$ZoDb34F$
z-U4=ja<DhD>34CYrAoLxEWQ<wewm!5vKY_a1`kjT5E}p&eA9nmkj14dPc9!$u@<j5
zUG|K}ZX<atum^<)<f%*`7g4X~o_%;DuG{`NG#eY6s8m3m!mJn9!fNpHiNcl4Sy^{T
zobww)UP@0dD)h5+kTwyo3EdD;mI$#4Pggga{lnSnQ-QMmlF6thd6V<iDme_Ij9$G1
zfnewlSSR(_GEPNVAX8ibY*ZPbDlepE`%*sCiA_p2uKatdET`w316PBYD2G_*$O*Sb
zjqzXuxZ}>&z`*saf_=s#K)Uz<k|#=av8Fo{Y>Vfb%H;}HGyCq>6+~#`0?prV%!|Q>
z923?%bekZzOBj^<1tMOC37lpZ4LnwW4+!6bCTW70MgK#d1RgpU>++w&fxx3xq(VZ{
z-%`jd?^;~v2Y=~;RU6F~Vt=q7x{0AkOPIsr^Ms=Z-V@t(xtqU8uiYRDpR*WyBRt$P
z>d7ZQ7QCG&k?`aJWU0s+Ma7y=!~orE_dyOOWce@+!2Y?(`6$7lWJxy7jrqg0C|eH(
z*oaa}C;Mibf#SF(5lbWtT?$i6W6`l^@oUA~zTWK_=R<e^3Y1I0%RzZ;xmE+Azd7m;
zb@i0qEpc${y?qk&ebby|!}Hweh-1|HgTV!friex7C403Fn)Vlo$?PF<Ib&f4N56&C
z%rFd-Er>{wS3XW?y~YcG#m(KR1mX!_%FmB-X>2iZTl!!l0{87Gbhl{vIZ%l{KS;A|
zW;p_9Q<HUqV9$GAemDYW<x0U1^eDzg&=Wjpy>ejrffEv#pgV`=uU0iQtF8bXViv!k
z4&`w<@vCG(rpPB|brA#FyjTl<5^ky#e4;T4m*yDmn5GThIqHFD$DHrFYQ#Q-0%;y@
z(?!A&LzzBbbjQHKG9>$IH@j-EGF7}@C%Q*q11%@>PaA7gqTCw6ZjZVMm~tTL)`tok
z=o_M4lvl}4syd~VJlO;0tBinFW~zsoItBB^Y)9(R@DT3EVYS-hyl<w*bJjvj=ZlVt
z<;kaFMOkb=Y`S5hXlXGE#sw_Fx({_$3qO3G=;y$qDGakuqQ}jh1!#)M$O29yBPY1^
zdtE_-pK~;Unwq-#CLcdiFD|-Ea(!HKB8_U#{Y(Dr|4#nYf5>nBpX8U7_?P^D!0ngb
zGY(0HuraTVhDl%-S`ov;yPh!i-kfTz`U0=Vm^>|U-FnJg8gRmvCekYY#&S_0F-GAf
zpXJoDi8=Mhy130dI3H9p$=GJ&IeU>T2zL4|w>!z^hf&T*b>b&d>dB)47*tnkfsMx>
z*vB5FMtO#ECd$A(TC6ZHw~U4i`T`#Ljp{XqRo{>|*#|<#1>X(9$xf_0X3zYn*0-f%
z1ufME8}Ene%P*WDI-k>ZTimfC36Dt$mW$C06q{w24@*`DUn|~ms@qRys|_&VXxJ*H
zwz1iZn8n|;TQ;I`;OlYGvL{Pb&i$Yr^&FD)fC!m<hb777;CZq0sb5uY8*x&Aow9Nn
z(RG1uA4Ho_9k76K@RZw~M~_KXD!JOTgZI^CYR`c!ng<AB@<nZ5Ol`p32MJblVCCSE
zY^MxWgYq<*$P*d=hW|Qf&T_2+>w30$9Ce1tSnE;p%@ja3Wr%gK@^v5VaHH+`a-C#&
zVIc<WnjLiLk`7&jxg~gIbNsBC8({8wrEq&x-}VAdjRDD2gH~PYLlhwq*l*!BW!fNo
zsm5<1#9P4>@hw)1F?6aWfg4?l-%&it0fXUPmnEbxSp1ef>W{l%b3Ip7sP?xeg7FHS
z<~7c*wyrFvtWE>pZ-KU13;@fyihzTX?|D;Tccz;jt2_tJ`T7_1l0W6@)&<L3RDy2Q
zAM<V3^C0ll@_RBq8F&1Q)8V-vbY}FlB?ClpLu5%zI-RezPXb0~mpyKG=m4fI0|p8)
z+}iiU%o#&tIbj$MlMwH)V6&pGVDYujA;h8wO8%e;=5~hJL9PD7x-}$AGJxf5*|)*9
zE3fhFjcd`8D+@SsOr0<SmP2+^Cb3^zfM!=MvXMg;^hg6~+lur*l9>wc^T1UNptgI_
z;6Mao+v^|42<-Lr-{=09o_B?$$%x2fs~<$#rV`3OB-$~)sn!@$f&E6mw6<<V;4lkV
z&N<*l7fVz~Jp)&pq^cUyd7R$@FWCd1<`T;1fginY)f~&PO2ZBdzBgD;EAdHJ45*#-
zT~JUEXVrra_0Q!PMlzbqI*`GMg_&A!J#9p-CBF#J<!nVO6)swWoG0fz%K-`&B|C`F
zfjVgREFV^l+qV<!VA3rU0{$5@xNP}-RydSgP>6mDhjx<hjq820#)=5X#&#)TY28<+
zR!DyxqOWSX(`3B}e?eih-Jz>t{i-TNQ>=f~wxA#;x7cXk{xE%_K~E~;L9*Dsjt|5o
zOdQeUbvYnQWn_p(%=+V^EUz-G7H<J^zycS6$AuxO<WjvdNGDP5J|(+l^1$aSjH1Ph
znsiRfh@h?5jYO~+h-#@e(QTz}<ChQoAOt+i=_S<@ui$(m<whR9YLTEAa2E4uPWt_3
ziYh2_S8S&&pjBZw`Bbx>%|JUyKuC243<BpX9o0QaAH$Mw;6m2<%A?C~UBOrRTIEAU
zPL43}SFk2<DcjKx6Fxqe{*U>p!Ayx%Eb3Me1lp<N2WWg-m4xyw02Ibx6(8y6Tq~G2
zg^u64wbu)vZo`?9!4dGvMo(s4JJ0PXF2X8l4gzVIAOdc?LT)^e^pugJN7TXK?AvRw
z>**4JmK*jl%$W>8=C|5(hk?q<v{NSU5ulv{E=t_okGS2R?+OSp&olBpX}QIKJUS>o
z_gPcBL&-SJj!2MEEZ$2Z@m|d?S=fx)A^rFs6}kgzqJa<fGARP!5;9@;h!<@8qU^zI
z(DiAT;+IT&yYOxN_Z_-;^&M8N<z>Zn%Xx(4@@6W~6R=VJAZrE&i4s(n@Z$=pSYPsa
zTyVTfyYwivrIp^;%^p0r<Z#{)Ul7~SUvV;-z5e?lnIY<EpY#^$Xw1CT(;M)|3MAu_
zJur*UY4Leg$O3PXw~}5GO#21aWPqMG(gk#WY5>^IrAV}?xwk~Hyv4%&dJp>iFZt{K
zJNeW8A-~msl3(fhU-A?5LqN1W6Ps&i$>gX25%j}LRd8lXRrFHm0fPN;i5j`OGQe4?
z@p?k9K<%vCVK$}2S;h8`T%t=giz43LN(w-_T(Cz@W!3kZ+BN$rBIm^k$Mh=?8JaYL
zmcDmzFc?PD04CeDJdGga#g>;m2P5Iv+gNYq+zXlQ4$a;?#l)lgf`x@uwX&H;A4bVl
zDWzz%G7?|ypef&zRPV>Dq@HdGE?Y@vLR6-38ignOzlquf()Kw4$#wU5Z$!IaP6EQk
zMPHN_EzAfrpd9c%T~DW8@&U3s)~4`Cp_8}{L;ES!t11n7_+vSzU_lVPojo$+HARg=
zp!9v?@f=NhkBtS3%ZMs}ANUHE!7FR4R7=Y?OeVsX>IIi;cNP5t*q8u0&XxTGvu*Co
zjdwSp+W}_2zg^z!H8i!Kz?ni15B%3kpVz8S@Gf8pv_+IQ-2uyGrbVN?9Pm>5R?wCs
z`j)77v&q13QDaEISSxW4S*ewARJo~Vf3a%hqP>w}y9Ab6+{UvphV=5Xj`ro`we*_z
za5qkg1U+tc8rD3t660e8$|lO^^-0c~nHng1<|wjWe8@aKZ67kW)!xB{Rs@ZTd{zr}
zyTXRm&-Z|@j_S%ny#&-~!HNa=vzDW2t^On>P<DJr6wWK%{3e%Mw{~L@;_C)xgfrCX
zm8zvnT|w<v(6yR0wn8Gk%^>mH16ByE^AkdG6dL)5U*^-vH>gLwX%@X6d%sm&XHP#3
z(bI(X+QE9-`Xt+WtrS`qbwIrL{22aXfLGRiXDuNJu5o}_$$pS1o3`3AuipIh>Q-sx
zni5!5Semqqcj^he7yEMbiE%B;Py2lUdDJRR9{a7b1Bf|s)4Xk3cS5wj7Zi%!M@Xf-
zh66-gPC+>0E?V$ca(^%Lldt9VjyHpgXkrkhdG@(tGoGq_)4?zjA)ydWw$KOO8fZCN
z!Vj)A43MZ>HKvmrNk)}#%GJt2R)^I7{w#i;q()((;5ylFhdzoW3>?wsGCVHJej)Db
z%o0IVTi(jB;la^xSj<>~y^DvOLOXr#S5d5&oD^Z6YlRem<jYc=-62sF-TM5gWS!3>
zL$i*iSzOjHS!1~#`bm^{#>mna2?|Hx1qVrC0$v9UBZ?Yt<WfEt!e4o0A0q59t}V^o
z(+ouRf-JO}b{go^%1FLC5LZ2KhU6fueyZ?P2d1YHQG}6cNkU=oxo{W8mJb*_Q1T_5
zArbRwo}=k=nv82QWhYU%<Ld>}DFQ`iv>Mo6<$e6nr9+&;jTHs_g@lw0Sy{jDSkznO
zke=b5Tx@P{F7FuV=#n$4>;=r0yAFii45m$UvFzoG9n<oF?eaGEvv?Wt*!ILWrJ1#x
zPJ(1voG5TR!YdVYx{-S*@GnNWWDEnXm!nCs8$A^Dr~20KD0mttB8Js^*xa#jIN5o1
z>n(26t}yCTnB3!YY8cb}=*ck-BFO;({=|2OuR35~s8Sng-k>41!(Y>g^Y-Qp`mU4E
zh`-IPhc0W3ihZs}8*ty{CGqbxYTfuv!+WJ1(8dPgMS#ktNlg_$(W`%43(I$lM*4?;
z(bEkoKr1rZ>d|X^$S+m?L;JKtyO%hJ&+$-Z)KARgK7F`5tji5?>UuPjL5js}HxRQt
zhIV_z87OI|gHFM8<VByzU8dF0`SXopBF4uDo_8mzQ3QClV&L<V3Qg|xN44h{x1p%V
zYeQ0dWH2$fl0IKHE%7*RUOd~5JgyjJJYuH$<m%uY_Hs2`L?JHQagTcb3HuK!dZw(Y
z=5I64n*n#IIk&6A4>I&(%hB;uGAT^cb^D~7YcDA5ac6#SKAK}|3J8hi+~3|l=K`v;
z{Gi3Rc2Z9G6c4(0&fj?5I>f(*B-6;Hk1}9X-X3{h4l~Pq)%Xk!L=M!w$m<L3=QGy(
zESOs;1;s22<|;T-c;6H*;r^1p;lGnV{U7pM{wMhXRsWK|Bo+b!<RNqh`Z=Hp*1J6C
z>c1%d0AJ?ErsQ%<;{<BPHUhqMWK?Q!C1<rW?DSV5sr{>vAb5afFX=?LI<RX{Nmsq4
z3%rf&Uf}1}HxGNdvC@RTwhoSW6MggzvstE<+v7XM#R#l~wRT7~)Ke89aMm|0EZMt%
z+lIP6`NeGF{^EUJ*Rv8_Pq)1_F$Rh%GDxCjxu4b>mi)mQ=8BM&nN)2*`xYB(q@H3q
zS0dK{HhUHHe#*zG`2-DUV4fkzLj9=P;$}av0L+>iQ^0xT#60o^7s3Ety%x(9DrnUu
zC&#EcUJZtvHx73ux+KW1O&q4!8CF7{gNYh&JdfdA^Q@9xZ~Hb&4+9MwjTr-h2+o&f
zR!zWi2;j|_>e}>I&opZ*vUb}J=Z_)2)_}xS-)Z>wFGVjLfK}@f0oWgJDnv$G(9=as
zsN?B*YPWqQUL=0s*#T92-H=yW&}AxhCZ}6fIKI!PuDsG!ud>n6L%JYC8E_B_C4##K
z*Y96#pNnz9>its^Kv&5psPDj8$XoBEQrXs4jWM#p=10DON{ge(%7Xb(fKKxr<BWh9
ztcOEV<66T#B{s!1Dyj34mrwWS9l^x%0YWCZCA3Ww!zrvO`67{Eu-8|@qxb#lz5cK?
zA?xk+eifN!+EzNJ;4J@h8Pz39yZ>E-?Ysux(kJ29b-l!L8hP!YptgHmbJ>}*WqGhm
z7@C9gT?N*UA+ON<uhyr5pBS9hd#`haz!^@v_U*DQZ`=)w2&i^<R<8!BfVw6^%lxlA
zYcrE?zg_heqaZJ`2R-Ksd?H(L1{V6!32$>Sjq+u)n?_XJxT#5$!+Zs5yZ!0N^7~(b
z0sk>MVY9n$nEA(+-esAZ#Ykq2s)ggE2k^O%fXWQqaDO#J+H(>yJe$n8j6}pH&ZMOv
z5uGVX<6Jwp+_p-n(Yf1Un!|Z>6R85u{+8ZL3qrgUHK=G+foy>$a$1I{3_t08z&ZY9
zeKGepuwWtR*3RHkL{2)|b3HJE7~I7!5sCXQ*qz~LJ+?xb7nl3MeLY*y4^bl%s9BVa
zQ}#!`Z1r^Kvs)5FNVi@q`Ctwj1@+$SuCiQ)&o_V0-#31wh6sTs!qh4eyEwG`;AJ6%
zY{~k?1Y0J+r_m0Ax%1Ab`!e;G>+Yw-8|)Qu!)iH7evx^#>SwFjkxl{E;i2<qg@kwe
zPYYdJV#m%`M@_m`e=HW)CID3;Vk~Xbx1>d>6GhwzT<YNZ`)%?XYPT%!E#h3JSM7j>
zz2yEDmS@&PzeuR6!K3_a$V5M@<&zf3f%DR$R*fEs=TB_;kuNzdf<vYMIS}6h&yjWe
zieedSe?-IF7>4uT5v^QvUCDwF`zt6bpf%>Z<jmmtZ%PRbO<jkUBU>+xwa(7{tvbCJ
zGfU59rCTdfxh&pe+2^fC9D7tI*HPA=0e^*{ZZ@9B(HB!|8xf*Sb6VcrCR$`3BLf>6
z8=0^GIBU#6sLSuLB%5?j8B5kLNR&Zazi*wLpG5#&4QS`;$tjtc{=LW+W!X<0c5{2l
z4zB1^hBiJ*=IrErD(A+Rfp9v%x<8?QD{WsoA4wzl4n38BFJNpU?aehY%BZ=zXYS7X
z`)B()bTsYjCTuIRzLs?Hny|r0K1yqLL~S%Av))}-YAOc<2gSHn=1pJ8L=srmekps?
zB^c4Iw$!=&aRd%|-#qCs5a{cwt9gA^AYaSZ%m=@EsXt<k&maGs;>v2-L^aHPkshBl
z4VSBfqrL4+u_WT{(7XC}Tj$eAp0>Zh>dE$V+WB+3%^KWeRhyXr-PL8KR$d_ynoVFO
zw|vzFl}SkI)UpBj6n+4@LNyF5)$wSR8^p>o{o9U|#K0Gl{oFj>yzqvN?nXR~XuSZa
zgpR{$`P6|?&Y??-pRtrL%uL}(QWEb24bw0Wf63qc-^rix5BV+rll(eH|B^q|1_FYn
zjAmeLtXm-FeLGG2Bh7x(kbr4cW-=8bVXK|0u2tdw4wak0UX$0Lj5&f~)t3l23NGkG
zw(KAxcs&L~#W21VBRdFmYHY_gEQ`W3NoLx{0~>SuFjWPJ@b7!RPhKNK*~kk^O`*<o
z`ByWgf+<=GgzbiWAb604<6dxl$ZpjwJX%(#6eb#@tq$_0gAkL!S5*$qntswxfha?I
zB*_ca1_>fu&_)(RAs}r?9c}U;#i_yipWE?{*`PeHAH_SGG=!Cv;E4%hGf^P95F7{0
zSpRrd>n|^q;mVA>BX=||)-<S>DCAHE8u8QfcOmU8acvt3+%z1N`|ma860)o|+sXG1
z`VO2N--Z$zy2Xs`l`hMUswbSTeqP=`vo2ut6N&iez>~P%<Ki2Or>gt{P#S1M^>@5&
z8cb25mwD8LRbnphxiUU|76|pEw{;UwDb>o|kGIV7(w)!u%#10YFaXS#ynNxKJMD~R
zi#)9x6!e`UrO=6QpOALxIvGyk`vvwc;JUgJvdW(?LdSg6K0c)4RoJ!1iVKbON<o6Q
zuTH5z;!;sR{5wjO3&3#~Twa(>fEUX#DFCl*&jek|C0mq|eaGKVj`X1Dx<j?W^GpF?
zX)>E6{okkI3}E3Ktk5OeAU27=t5}Om@MBxkp^(1RU0g<wzw?Ox&mlK$g%ZmD_u$|I
z{5?w^+}79Kqt)j@1N*f9d`GyuJs`EYbesY(z7lF9I4}42od0uS|2%nct)3$P{(p{F
zBK&_|g3C7>nth{hjpjZOamHhXPupKb@3Xn&ii@e@#XH=|abo^#*|(-oL9*}FUc#X@
z|KS@=>WCvjL+^W;f}vFxMa)DZl|(mp*QFA{tNeNsj<+EDmQB%a{X?gvH#fIeD>Fc~
zdWue)gUzI_ef0D>^Mojy$4J4(caNyW=sXEG<>7$qSkm6O!{WRf;M7@jXpd5>EuyTh
z5#*}9@z%gtw_#Tj0LW)zwOkEbxs%%mz5ZsOIF&~*0^y}{sQi&_=q2_%HEgAr+Cs1M
zBA@z_6L!?r)2*1HgY9lrALfE0XW;a0{*kV~ef_}oXs)%yGwn^uyzVZ<u5cRaUQ9xy
zwM*HMgwJq>p0S&kk%K!qul<SGDYO|Q<%}TC!b`E}di6_Iv;(qq5%hM$N80|h6ncRv
zeb7Yvp$~KDWX4Mj?`m(*L5qXk0?)b%*SR>2F-&ivEjQMpa}5X4@JP4K2TFSuKHV#>
z`pavIc1yoA8NPe%NTf)4#E5ZjeUf?IhdXs&-Wb>(<UT<&l6lvll)Nvz%r^@T)JvSA
z=}&P4FOe}3xdj?4R^vh6?F;W6s-RQ0?NC-Cxix+1YU>PqX_XHel#kp~nJBJwspSP^
z|Ga3VJQJo>Gyb%4-0I`E>Qc24#9@RY8OHc=jlAL>_wXvy!Qb->9<m`ead*!^ysJ`C
zmK`zw^LCb=9c|*`i@WQ@HCM#^X7Y>O7-#2a($Z}&SFeokeLsT*9BwRHaB;HFcTzaq
zP4z<_nM0OwLuBk~o0K8C61JOqB#r_EZBQtoL(Ol)Bv;J|ru*#z@u9@uMtQ;^XfC)k
zC7jta*RWn1`AJE6MxWHrS|S%VTzh%ro}5R|Hv?NLmTiCCmu4uB(a>xho$l_moLX^U
z;NNeck*pgK$j!X-KP&2f7Qf2|Y1mI#<j7>B96)?kY$OCllzA-Dvr=!y0o;z*B3L$Y
zXNV9`@q)K;R?uOpE?KuUaaNG#USAGCBaTBrQl(e$NX`}h7AH2DSS|rPATBh?(2H7k
z7J!*N!b_iWj#G_3KVXYZ@O`=L*9OI7!zH+%g$BWXjzRkqJeIf71XKLsFZrkcJNYyJ
zA;0;5lHUmDU-HBJhJffVJa0pF9J_s64bh-52A&Zn29|I%qdq_HHhK=mC>0RCym1Kv
z;Xq=_ev=u6>~U^>lZO{bs$>>U_m8-fY)Lq2nVH#j^ydSrb)@H^GthTU)?bvOeNae>
zevGrPJc>YCbMHF{a<aoBkVWU(D+(oE>HJ}ZvwQfGXtZH*-jV8r*zd-K0Ix7QAY6lQ
z;n+cE8|gL4?`IG_FwKyK<L(w%v?k-x@*Zy-6>!IcEWd~ack6KD-FU72iSX7&d2XbY
z3`S>|EmId1EXmjZkc%p}d5ISpf!v{!v`uTqlM{FQ!R6kzX&uq<KIr=jDJk73JA>F)
zxMBa?vsPTsn=<6)Q9;}xVeLf7E<lalOLqkUBudmkE8qN(x;7$H!}1quDvFS8H@533
zUF_<I<*dd}Ug)rrvOi$9Kh-aqf^bw6)~jDoGG3x$5N*N|RuqQFS$feLf9V<HPljjc
zT*=A~k7(GS-Q_I5yW1@YOHdl-5bYb1o+2Vklfm1LyI(ntUWV!pw|Y@bRSz~+LVggq
z7Td7pC2;PQAfFnD@-0qi&kpT)+?A1-ZV*X1j5NA?Llrj`1*VTVn$nT%^X-O@D{LsN
zG#>j%Tsb;8C~MwTc$3MDc1yNTk9=}TYLRYn#L}K&|D-2J(zdoBGCB<9f2OV<Pm2MS
zWo&8tJ9@<eBj_?NoRD%I{R%~e#I`1^%i{y)$KxuX9|Ip|dVHMs$&-#(DoHXSBjp)w
zL~+(RRnZS#HyMkXXLOYCk3?&>IQuwh(nUw0nS?dsR&<468lu(Ml%VITn<67HMYZ8*
zemBVr3}O!(`eHeCtgycMTp2Z>4r<XJP`(U!raAp&6ISqGye>q+jg1uj!n^I2lPDQ%
z&RqHX!?mylNofqGF(rgOqo&)NE*AdZE+KF*qWxQT=7i2*$h-0~Ui{=_<aXMh+@@(w
zmZEQ3O?D&w+YmHXY?ssGeqOr|P2u3YW9yR^lk?J|rKx^e(*vDtOTErAG~!WvCi(%E
zcf>VdM@4pde^8BIq<)0&#HW^Wj(gFmt=VC|;MfqwLT~0(w!UbCRJFR5A)&QfMQO#?
z^DE#tNy>v{TzUHm;^2@Ek69Fo^_|AqAy#tJk~BV)Y4|U5pT><h2<gvHin)_bjCZ)L
zlX{E*R$e-vwNBom>q3G?5%EfX;<(rsTwMdUc_fQYmL!`U*jLdRTR|Kh@Z>K0vTssD
zw)QDC3ii>n!=Ty>7q`zgP!m{WvIB?J5vo|R6`YtVhq2g2&(K}xn2iq_k3ZJD2lq~F
z5_okx;lZA6+X-TrM;B6M`Ovr45eueWdxmmDeZ#is8kpH$28U~dR8-BIQgVP?knOO|
zoKY!_|57LYWNZf3XQ41gU@to%hI!ix@6b0P^ge1n5nfqNME_ZEgH#ifK+rf%@qWca
z!`Uqb0PW|NsXr6Bz&Ba`y1qm?F2w9w`jYh_?T}6`ajT20HX7W>l?@uh9Cp~MOTW|Z
zi+z$7qs+8~EN%Y;w3C!p;!wBq=BbDq{}9;~V#&IpRbPCP)<Kff5iEtZk)-m*kV;FD
z?_MxW7N3{rCW0{Kgzww5jst|Una<_&Yz3|Ea%yPYrlN&@a7o5cWn(mav|}8@YwpcS
z?3y(_Md=*Jo8hR-^(*%l<=K4~p3)ECb{wb@=tAkYMZ&G0wB4|<9l4zz6KYZA7)JA<
z@^gHvc5drp@CxJ@=pPi}PjP>neT<*U@%u$q;dg0zKCZL!4Jf`oj+tDjuVjW>>u|L&
z`W6JUt+p=O!7<r|buKDW)!GsiFlNLm%j%=mu|woH)M%$kNkh!ELs!pCO_nf7buGJy
zB?-Gn)EF??waxBZ7rjNw<V3^dy=`tDSEr@>Igh*`I?2w>XCfyk<eO6NAK*Q>Z=s<#
zr-|iVpLRaInvs-G0K72<?qBlH|9A3d{X>4U|0KWJ@W13w06{>E3Bj8<i0L-%JPI)+
z#4~=|nv&uq?2j)BKJVSu921rbn19+};h+zWDVJR(qC9h&hBG3mUdnjf74c;5L*VHg
z@7n8%7=YjoE-C9`XN8ln!)>wYpgV6Tn)zp(Zrc7Gr{%}4Wb&BI;SnIC7F*Hu1-?aH
zlL7IaqYlnBF6abt+p7R>ytr~&MeeDGN@e%_ExkKwOx{pF5tXsEwiqY>Vx4Q5rj6tY
z0R`Yv<BEg{lK?th;%9INc;k-bg89CuCsW_iX^ir)8s`)6;wnOx|JY&O=?!sFf)TKP
zf-*Shz9d5pNObd{l5T;Lg%!I*P~dC}mi?+etoFT0PjxB3J1_F-UIs)UT{{0MYA71n
zA4hCuIP<l+v$-7V=GuLSPN?*7P|Ytz9*98b=pha?;q$1yYov6{jechC?P|Lj)AME9
z8k{bEMWhh10EKHx`6dQ@`nr?bP4;m+C>B=qSDrzd>rIfS+0Z6E&$hLQN{$2&;h}7&
z48Jwm18nQ!a^t;l`D0<hotGAGuJu6@*I}IUoYZ*jt0X>@eDgRHxPQS#`#|7)Bg<1N
z#`KiAXaD^(tpirg&)QHax4?s+g73A=sZ2k92pZgx?XT{va69V3DPP)yr@rjD97{n?
z%~843WXAkHS1gRn>TMx5l<)%z{Cvp`+9n7#F+Je^L6j~*)>~Higi;!sj1fl~##mTM
zUdTyvO6(u}A8>}o+|v`Y10?Y9Qpf?5+2s{o81W<pmALb^b8$Nenv(M4eK~_8g+#|%
z_r!$)dzwz9Zw7PGj;#DC9&E9WOz^mWx$O23t4Bp7w?wnW-Ss!=6@`Tb#ac?TSs*+9
zGTA}J(N6SfT9w+Hr%`y@@G{<0bw6|n65|%%+y0FAmC~!`?fT_`zya$<Ym+D?wZ7|W
ze7OMNjeg2UjN7h0(;BI>ZxnRA1#A-i+%M0GXp--$7usnnHP)YX=9276#cKHgf9<(=
z?H5}PPJ+>ui6g}HPw>iy7Ys4@P3i=RIZYgYrludip_JMTVf|o?2~t5k)$&nPFt^_N
z^Ans$!-K+6OpSMMG{}DOW{%R3CslA8SE8&%cwu9A8&wUBtMmxCIZX)nvmBxvwMA^Y
zch=jzX$ebl%ld0`lYW{>Ja~=~6-90NPRtr%_PV|3i?eG_=5T4+0<|IEz4PPfmWIMS
znY+v2g2(WP1m5nS%IPBW@0`)Dh;u@y#NBl4!cAD&K3>#-T20#Mi3r2VSflo7!_+ch
z4YGcT4vNj?-XJ-l{dXKX{x(KhpIBXOPJT*~DPYqNl{l1;@902{=rqSwW<!MwDnYSd
zk>L%njzg~qbcsK2q$)B|Siin^y@4;;rL*AS6M&9xonl+*V$C*0kWm^7%(AHo^G~h(
zifzy$#}D$j+T$O39fdIeIpfg~Yn+%^D*JiUA(fVq-898I(%hgS4BUqC6Eht2ZgzSZ
z%4nM3b#8KmUY96n&`r_+E2MGCM}qlem#+yNTOoMaIVAZ#Lin+_a9eW=@An`tRJRjt
zO0j5cfvsWHZqN#i2e`>A<JIRY6DNEB0Mje^$9$Nz=r3d(z-N9;1zDp(#54F0pN%l@
z$%C}TY7Jy#A0Oa7dIr3^eX$4Bo=BOZtnYOrd&dIiA3pRKCIm?uCb)bc=WxkPQ0{!F
zge)1>9p?KQoeLK#y-jK!`|{Xr^6qEZqO{ewOZQD)YFyWe5_6QzC1U3j$AE<5S*S-X
z_TG{?!K!NzS5ss%IIqbz!6tM*k0S>tc?s7XE=)f(PGBlr$x1shb7M-YOXy5tHs#(s
zD0p<$?-6~<YGFT6y2EgkAi}|Km?a6(^Wcyjn6+$^f(CeQUr_F2a1}<Hg3C|bgs~B1
z&Fz4)t3=L^4xD?P1z%xB9%kAiY7Wi}j=k=edh_GZ%zB9alK=d_lRx_(@|*rA`E7jv
zCBMuc2nd&NY%!}R<JuV7#=`=`t*D$kb~DF%>C7YX*E^-SINyD*#uF_?foylpQX1{0
z%7o%;7AlgRy*9`4;)Wb$=&v*c5k+6Jqm3ge6EYxCdMk~QiJN_JXz~Q;9Gpil;Q}iM
z`R-L3&aA7WTMC9dnyIaj^mSo?cZ&uD-ZvI6RO7IQ7;w3$13xYYPjh$tf=P%NQFplV
zgSorzF+oF^M)W*CX^fD>4V+JzuJEW12;!QazJGWX4rmUhbYv?i&|L>}6JDz5=>&vp
z*;AjYLCH9~^V6G<C*`+ztILIS%U+78S!SDaj-|6M?RtsM0aI7YGJ1^smAAzV|Cra}
zF(gpz^9`KL*KG!VR7`B<);z<vJjIre84;n=|A;2<_~Av`I^GPKP)*NXp8})Ugrihw
z^U**EGOqCQcuiyTs>um(vfrA6X;;7rpx^BelU<=x?QhDWXvN~NqQ&3R^buXRrW%Ih
ztB1*B&<F}w4Z+!jrfx)trjyo*``oUNqU=&hln-Hu%`X#Um4U>&>)}~o1V3%9)Zt<?
zb5GlYja0q%FX)JvKyrApG&nWdX{CN`PQS@q+57lf`IW}vmF&NL8sSU+u+fVr3eW6!
zAHLxhogsH2UxZu(;X~K!8qPg~eqol`bAad|u$+)($3~t6@5Vkb6`#Csv-h=OEV_~}
z-V4vwCJYGF%G`O6#`A|$9^>}uvm~>A>T8Q!C6yLaQbkX48Jv3eKA&{vchAN*c^NtO
zZEa(&D!yLv1aA*^ts{`*nY_;_%}Z;$q}+xNnoCiF7QK}@uBM2%KRhaoa@A||*{<#-
zsrV?}PJoU=-J|W>d=t2IK_rX3*2GfzT9_jVSRRychK%<WAbKL<VJ|M&M#4pC+a@3k
zQQJ=P2aYY<lN7NVMpcOb?76;A<?BI3ufV~M-f6w1ebHp|=jJpv9v+<NAJ?@?nYGzJ
zOGv$WI$AxLZXh3blP1vYtw4=*m_0{{(M_Q)gxbLZVLtIoZ|Gjin{P5h1|J?pv*&R^
z8-^LJ?EcZa;y$2z5o3t>VQdT2g9_2EbtDGev+|4M;~k(;1OQugA@6ZZO?URoZL(Nl
z1CtL*+Tozg$>wLZ!lXtC)2kur7P?+1p@F!YoSQ8ANs<B24Zy7!L=64}@vgqpbY{q3
z{l`(VDZA`@j^t8W{ro$H0WrlbAIY_+iQaH#9?Vsh^%t&}QMOi)`F8xjE}u<SU9Txa
zk9qJ1fNba551#}4aU7Y8$VI&!(jl9c491XPQefUIO~YPidPc$oS9aG-KS%UUqFB4(
zXBApq6xJD*qAy<TjD}8U$9Z*>*e(32v+cN78sPuBywohyJwLx_`SaL%<Y%VajYnXK
z@yfj`_DM_ottu_P))QC85C!m2Vwox7s`fWmCvz|gyU&%3$1VPnWVrA}<7qL8QOOSe
zd5HbakL<C9FtM@8OXeCpW!#qdmhBu1^YEqL!1V}o=JC(2dQOPpjJn9YFFOiUFYg<#
zNDMrl0N&ASNl7p7XJG~f!PCb`zB9)5J3pI*U}CX0(o8zoZ|3=7)ahndi#x-G<sC74
zV*=R5j!Pzjih<xe6+-7DBTeyB%3hsh0j1?-*B4=!5bP_C&R_~Ml&<V!Z9dD0_lUxI
z^=rN_gh*e{iKrx<6llf)RqK%&_e?>D6SGW+HpJ~{Qu#S;i{~VZi^WCd7I>gO8p-Ug
zx>%ebo3B_;v|AswnfWP2LV&<Gez;f)ePXrA&eDvRl1Hf<#7-~24|YHfQ%H`cG77Wv
z^!Md?iVjL4wr?&QR|#X+Q}qCOIY6f$8Y^@25aMJh!r1L`FN+x>HC=R>$;!PhTyv4{
zd0DJNUisWL|DBE(R7Pt1_M5NayoE*HF0)>%Fu)%e-lZ!8p5xF7(&#`GShiOlGSu%v
z%OT@T__7xCm;B(qIEbT<5dZxBAJ^rT4>|vk-{e2Z@5KHu`PaZYKTyE;@+s4G=8^zS
zM4i}e;NTlX)k;+UD-9nx9H&2U>Z<aylXIMKlQhUyF%$iZ(nka|Cp8d^XJ6Sz9irli
zSxehPI!MUc5sdQ?s*^Z*VoA?)i(`#>*KF@k9}mtwGLZYITX@{rl@I4{M&I(!UsK%W
z)=wIC3!V066=+D{n|M5r`6Do!j_^qB!(k1=2x2}v-TH|Ddc)kYujb@!0<)wTbG%o_
zRx|SYJ;>NpzC0?Csfw-sbT`k^E2JQ4z;(M>;_XzxD7Jd?l(7NdYQazS$y`Yr+e3%P
z{Fyew9W|(VB!M*(gJGZ6XGmT}C@@ZU0wPI^Ar0UWU14tY&ThG{dKn)3&LV8%f+mZf
z@+jA>i$&hg)@J4UiGPg^e|K<`oeG^*{(XMDC6xs{hjo9bH*PI1jQS)XY(K2r<}7$|
zAvJ^OJ?;?$WC{khVLK(U?7osl2ljsJow6tM2mVo;oPF4@sy6L~`IF_*oY3Xr*B^-F
zn*90%Q6CssOkeQ7ceuh}iWI=WU)RsRd&OI_?U`ASsyEbGZmRtD5xq36`Bfmt`8%#T
z4nF-3b2~10xLK$prm59sU#_ncHBB|&E04dX<Um;Uzz25Zv1iATs=4E{it9t1`Qr#7
z1cN-gH*5qWDF~u<X$(GX5Pn4qMaO?MoIogr8Gu7VMD}evbb}*-@LR=M<?-N$nh{+q
z{DAfxCLk~Rnm3MaFrDv%U}|#<{sumt3mo4voGeDH$?$c~Hjf9n!}Nh&wryKCr~zfB
zfPP?mf$nFdj&1+VaxcY-SGpYeD=8uh_2<|XKgZv`r+FJRN>a22Ythf+h6x?5tJtgQ
z&97_I2bBB#=c;rrFQ0v<zLe!>ZIEZdKqM%JK4EGzJ&cKw!zFM@X`(|k7pyD}EKo|;
zOf53&33dI(W(j+HB(0tnnqO9wJaHe*(?5|Lp}l->o%nDwH+`5~jkNoT$%+80wD@E_
zeNH9GoU!d=z{8~*-0axW5ea%6tz08RBOYGD2e{%1pZf9BkeZ|QX*|#zz}uk+_leAA
zDg)usE5j8@Xv{-ECFfjPqOpUQ)@K~VA}}E*v~ix2BNQUs9t-!YPOmNZdh*z-nW-hL
zSnnck?z&-00gy-LR5=WV(uF(&Q}xalrAksi<KEWq{KyDvg}8wf9_+Qq(8TG}O;o(<
zw_)A57R?^hJc#J@DzXJO4kT3&GZ5>6HB14+-S^QN4s#Zr-M1BYkAP4C_mNab%-mIE
z%b-Y`<wt?u#B@W1pG4&)l@HSbUiFobqN3ZD{;RFvOn(EqUyeAHu$V;EEs|TNP<1a3
zi%u6JWJ2nnJ;jL*thKo-l;{nH#-!ZxeOrmi&oGy7+aGFPHy5Jd;Koq7Y=<^6C$JIu
zot*cueaQ&|L)*CDyqGt8kHOIhEs=EW4A$QaJ-e3^S+I4v@RP#h*Gm44rvtja0Kk=5
zHu=YfwE4Vpvd!^BIC<Ae8id|5Uu%o*IDHY|rl~bIzKE>&zOmH7@*c*NBP;X+k?&S~
zVY}{Cna)#rp%`(X$%dJCCck&UmJ)SSzTWrYpS!vX3t!J^m!@sg=EJ>F3NUo1_zoW~
z1w|(4ysT$<^vYVjXf(}Xk_tAXVN%W%Go~QuBxJk}Kt0zcLMJ5iUC%?7by8Ye&Wowe
zZN}u9W2xvgy*@9ero^5rF+Uzk!co50LQX?53bpp0_Zv)Yor=<j919Y{yFVU{9%{uM
zk-T>H=?)}f{}k302d>18Rp4$M^~PR0)r{z`l5{p=&H39CH{lbfJRDt%LdbDUiektG
zdZjrfaR_V5%6hyW-Dbcl<UlX?$R0<e*v{CRA-$-J9JQ9`;?(p?4aD>Nq18w+m%a~P
z?>-ZUhvj{o2<eBX<WyeB+HkuhC^GIawPyw!NJE!F!a&6KK;pE&JpLvB-G3*4?my)J
z@t@>(-~X5V+6NF2+<ZJ?*icjIFL#O?LKpE(K@%aRSI=6v?MCwy0_pC4qcdud`3%Nx
z-%J!dZu`!a_zs3ed^jtwC%}mbCLQFFyvL(>sS2s%tzdj@kk``GbP0|V3pq8s8}nqs
zN3MGv4|FVMbLf@m_~x>)R4C6-#tsp)j3#+apw~zH0#UN+)7|Op+4r7h=!cXh#mC-d
zW^JL!BNIep<VrYX1<^Ex0zE69H%TGt*bMpp=faA7tLrzX5m>olk)^gH9Nas?h$!#3
zql$U<OXPm%b?D2AedfX->u&W{3S{;MY0vsZLF*kn>s!HFgucL@`6Cs(_p1nXJ$N>f
zwk3&umyLsU{@guZ@>C{hzwisE$B|#2$)7y|jH>cv2W1ENJxIf_o4!3&#y*)PhjeT<
zuS9R!wY+xV%!m(q8%`pUmz#t^?qP}6dc;d=@HE8UPD&W?>(%w%@PI;(sKw%-<d<0c
z2YpFs9V#mnJvYKfk#xHkRGoUKMgefR>!R+&IL`MG2B5s(CT>XO_Wj9&KO(x}$uBBT
zMxL@|!jP1xxb$;{4dgGbhubuqoAb0oI>7oP$8NZb6zOs%z$3wkme4yWug!ow7$+Zu
z5J}W}cB&*(dPo-+_;iVUMD@oJ@<cpS7m*@)T-NRN;?Qw-KU-<3vs?j1Pi7mI|8`QX
z^tR0R6Nyt2itQRDhL}Bljmr198^U_gP=PZvVH~s5!HhWnH2LRA5)7*PTj#qbFnKa~
zTi%}}7n{R7vcByER1yn%l3j%cWx9I@Z2#i#t&!p#<4Z;!%yG^l!^UF~xa7>4m5}1L
zx<rwAbYHv)t#zFh8G{m5_yyBZr4&l5UCq8>{yQ;+H81IzB;0Yi&GC+B`!RAX-Ubrp
zC`h(cj()=)N-5OhS3{{M2`zztAFv$*KkeY<P1<Az&QC04@UsMCoCnhbA4Sek4Ug1|
zETi70*;L;Sz!oY8mj^`;<L@v`@cq^%+q5(!>~W0DN?C{U-A7BKygNrxRqRtm&JI)7
z{Id|$ZOmjxQZVQ_GU3i>O`VjG#45!d60yIc9r^=$UBle9?NU`dkTU81yO&Iw&(Xnw
za8_c%Mj|%U#w;TxfkSiC2S^N`8<fRJw{{=<d;v3q9elkhR$8&&ctg3@ia#417|<zy
zv{>BBEvw>0aCQh0HHpJ2B|3bFo#jJ$k|cXSewpirn7?<DU!HL;6GrAz&L@nK?RLT^
z)t!&gJ}zfE`E$^Ic@6oK-np)~!f!#Bu0kwLcfJN&bkifbR=#I4>q%BdI~bDvhGOo4
zt_nHPbW?c9mKE->cBANt3I(QW83L<~h~`y(h&OB6;WmlI@{_{83s1)0p_ZP%zF*fL
zzqa*XZb);y9k(vw$W+A#-17n4q)lIR|G1amR4%?r6h3chSs0I1Z;2X$e9oz|11b85
zf+FS>iFSWd`$MdUS4MnleTiUnwew}YEMva9ak?UmyXq#nAsQx=78>a<uL!cEL6#QN
zfi{K?fVk5;qnb<1&-A;J#f}k5xRCaK%||>++Bb}kvlFflG}DZ@5Plm({~W2mOq)Xt
zuS|V#v?J#e_+#mFYLOcgj*36JBuN*tdu(kdq*xv#xnO#sPn=$fD4vQ%b&{!7sqhf*
z=dn-+rUy|ZX9c5rKKz60Jh|qps{EE~G-8_fjWL}eP_N0PT$Zq(B8rooCjsx9fJY^B
zlk!@Q{vd~L3rr#UZi+T$o+j%uEsT=Y_K)hs7crTqCO4%}#?OvL-;p)(bLgNo2P~84
zh>@k+hYMUT>6G~p>9;hFVh3=;Dx_7`>!rsu47GRU8a<9pD@vm-$z2u)VVP;i9UeJR
z5%@M<qxKVrb@%A6YH5u{S-va@A$5I$!@)(T;(!QHxEA93pV;xH@yK>q2CjPkmOh2p
z!T`a2doKQ+`p)+}qrc=wu>7w%f8IajH~vrZ`)2%0{wwgVFFgVo3=4SrulK&Wch?cq
zHs%7aGou5(&%*z6&KH9GNwxpI7Wyf3poFC8Rw$>3sV(QEsD%7#c*`CMyX<>p`~O^`
zUagsv+CSs%|2-ryD^5uP6m(Dsk6h&c-^>5|Od!U~cY&VYiIb_1;;VVq|9;YcKJGsc
zUc^$7f<^yc!awo!pNBS%$%B8tm;e92^>V?XmXmVAyo-A{91AgpA*~${<Ke55{<hb<
zG~G|*^rsBG-n5hLSCm!LO#a2}H75_(98hhlQJ;y-yWLWM11%3FC9>L9y-3zi9BKHy
z*8AYNryldIX;~LU1adII4;sx-Q^iSU(jlcb6kB0$0M+r%mgwfYU3w*BCn*pUyt8fU
z7<qyBb(mpZuJPs+fQ4nq7N}<gVAH2JxT_?{t>1g1H5?Ui)?M%C(dL;=wj8Vb(nu>p
zrL)><w~1c9Bs0pPoRNqbSnY(TO)t-vs|1J4RjPQDCdjEamj8czy;F4L?H2VLb!^+V
z*&W;H*h!~jSCWp+j&0kvZQHi(oO<8y>~D;H#u@u27rCh#RsZ@ubI$dwwK{qC^3-@4
zPFI_iT-}b2*z{?-oIDq!g$~Wy)Fx1&9wXw*DV!G`EBw2x6%+NAs?>k)J$+;jHJ_C|
zRz9sup=qV4(d#rh)AVHsJ2A?%HCX9|Lh5vI>!RQ8v~51n{bXiToh{Z~qrF$E*kRJN
z(Q(4&tTzw59n7e(pbd1fnIhmVwl9f&DNDxCK3QesoQ>#ZNP}!_ESDw0io%^)U$SI$
zuB=-9!FSOLs2uRA)R|GC`K56*ey&lWWgiC{SSW8J0+Z-*@;-mb>2ysnCoM*)VD`an
zR?^9f(@F8Sjgy5-=x(#=5c_gz2RyHBZGLe4aN;B%eK!ajMsKA~V&kjjaE>X8kUOU`
zj506;#2<>YbB`mb7qk(9rp3b$H_yO!2|Z&Q>{x=EKXqvA@v`;{{p&-!*6A*rH1Lkz
z<&rU1rH&FqHxbb0H6TO~8G!$8y$@x%J(#xi8x;nJSY?iMZ%Cuvt#YaRGtr=X=nLDl
z`(rMiXmM?^R1?)y>WcyVjRV(wi=Je4qf{lrt8uGSR^wxPlN9XPuO;JQW46uoM-J((
zMpI>jeS~`Gmp`)~$wp^NkhiCzo!-o+@L&rJ0b5}s0-Qak$5_JOxp&X4K>J|xe?F}j
zlqgK$dFzeQadX3@`z=(0PCv*j0XEH|bnMMsR|?rwTY&)w_~8|mxK^ztT6K9am_;>?
z;q4NkUMLfTFY#?(1zV6C(C+NTE@Xi$*KpwzWpQh*lnfpoDfA#nP~p@u;{0?l;l~SC
zqyQa$frwsAumJ2M;3g?zxrb-VLSNY!d6KIshvVt&ObAqqCEA1fVwqpd4x>})>De~j
zF<V2&Wj%&&e3l=D80gi@?e^c+?^JMIZ<FV-g)g%~BZ84EORs9#Xy>Fu?2+#Ef6X;;
zuG*L=r7#bCLwd)$Nr=kCU&_&4sMNLa)PeJL4Xe~@EY81T^_0I6dfD5?9tj`A?2mn0
z<0N-8z!T-Eo{qE@>7P!bF{yVsVm`pMRTy%%F2iI>j4E31<XN-(a26R)m|{qkDO4?u
zSF)601F2qRS!#ajVQ#l+udsd?-7Ha2__bX73+HaWR4F$4lg79rlrrc5m>H>1Hj>;T
z!zZ-?f{!`OjZm=;I1S59yw_|&ttRC;A5IfX)SK=*_}~CG<bn^UN>6VMo-ujBgQsO#
z$4AT^o+q>7cSl+e$7)5AG2frAq*YO1SxsKW*CW3pCfa>&>h{H>s?7CTYo+bXq;cMJ
zjb`~n938IKC72wPs)oH3A^-3j2{*skCPo(g{O)K3CS<kaamI1kv7;Xdcl7DG6%w@w
zj{-v*&t&VYo^+WD;RhqtRL`tiQx4@>WuXR7i6{{yFC6De-OZ=}5BU-QH~Dk_CBN~1
zlRr@5Kje2826l4ck3N)8?Dxc`a>&5rE<cx5b>1e}^MO%XS=b0OVNNvZaaY})rw~wo
zcXuGg6*oq%?DWKqr;hm=Ch2IgIy>~OFSWL;t2KeezC@oYRcpY$$Opxmlt&4a$!K-1
zD?!i%sRRcZr^UK?<{N(Wrv8iNOcE+`n#NI4jQ)6`LiE`@KLQ!h4Rs3^2z;7P8rE(J
z&6;ITz%JHQIed1@dDWWmX7dGo)3;%jz+(F=Z;z&gUL1~W!ewe@4L}8uK|P@O=ykZK
ztb!k3Pd#3TzkT7dO5(aX<nDMGc3{K!^P4DJ7EIf#Q3aLAXUtl!{d~!?<o^Iu|Mr$c
z^n~%l{i(FcyJ|mnTWZ}Kh{;}&B#!q+eBKr>6UfA=KRa*amdy$;4uguBQ**-zXI5RG
zuV;_eWvsIAniUo|u8!rI-yKkDip|l`+QmH(ueG0ha4)ws6^oo{&V7?Z$+YX4<-+to
zqUtXe8#Irpwl9OT(h3b)!CyJX(|PtP37k*5;Gj+4biu*S4<o>(6NizwNTiWt+8@}2
z>X-W4!DxlSozCKImb1%!o4CF*0X3B?RaZ?!_Ir6yGSh59tzL3lFnjd&U*GQT9UMtW
zZ|S@v2^LUm?`9ah?~Djgnk^D?tJ46R!fs+aQG|>$G)-pa((*b7i)prB1uju@lub1k
zbKS0?2;9EV@XL>PnMs*=)~)lb?_PWvsD!7=9a{FYm8tTB;;j!Ssz|mJ9PG9hV1Q6)
z?a0L6lV(v5lP(@e0q5^8p2(zWbV{kuQ&|vS(h0EIz_VcXy}vLhkb4f5lqAM_{`&Cc
z&Q!m)nC@Wc6Z`K-sG%^i+p7gOU#p4Zk3zAh3`}PdtyDGITbhV~=9%RFWz~(=MM}_<
zHu(IRVkMrL->lm}zR;#&imfH%TOfI#3zO#)P9Ys|v!}3`Vv^;h6BQ}TwmQ+V<<P|}
z3Q#L4=$dz*?4ix79Bm67cDG|N{zznOB=PC%@AJzjQZP>=>07E+2Ss%_9KO9%@Q>Ht
zzRjLCk!hO=4;dP}Ux5GZoW3#BpFh36l3}A01EM;COTp_@j_7v2lE-NEw50pk3(%)5
zr`$rx6?2eH+-eE60h=^@+I2K4pHJ3ZyI?gPm6ZId8mBS4)sJV2t3(AIjH&_A+~MYy
zX|zfq?Mv(k(T{*q@_TmU^}3S_GQM?ZYe0Sn{W4!9Lf;Os>|@ubs{Cdjvy~$@!m4|q
z`FgoKs$3Ax>18VeNyNL{F4ATJGeh@se#IvslNj!2s<hMjqc0edm53v^CA%y>I$3WF
z1t?3t?PL&t-Rxnsh53Mh{ye6-NiXuZFq7JkJD5mQTd&U{qTQ9gX-pJH71v^~D!%$r
z=TX!4RKa7>+UkD9+<Z#Z6?Le6DkUAQc!_jo{TE|GX8S;MW`~YemA+j^0Io0tkp7%P
zsVkRQ^djt^2=v1W=#V}EkPH(Ue010kj<`D#a1-K!p%$&FR0@q8Wv|m%R?CKNZI`SK
zvf<hfw=cNyp+Pkr;W%vHUGrT|Md5$&svpz(o2a!=yGlF<8jyCUm20vR@NfskV%e8T
zEOW74k0wb7L^%!l%!#Pu$l-!Ssm!U)Xg=S1|E&a$iLx5a=ajlBn+8dw)B$g`Q11CN
zUYtl36>+tYS1GK%^SR4twK+^Z)Hneypg@*Wwo+#bi5&t1CZwKVJHw+hZii5Z&pThN
zr-O)SY2yBekLmsTb5{gP{D=Fl+v#$E%u%6{7CL2rvwjEn$M&a^cV;SjQm>rgD%MxJ
z^v(_09t6!{+14YXi}ohk2Z;JJy$7b;ZMJdn5FtPF=$2{cj%J16mzbc5K?`ev)7Pc&
zC54~wF*Kj=r)?;+VHV~r$muU1D-(I4GQle+iv)Vj*<sh32+;6=u#g3ZyG1>IE{yww
zy_4arn;E()on%U<$NPWCkNUsKpZ72MjsBbbf5HDlet8lQ5b|$@xuBol-`|ddpD;6i
z@XWj=lA)v_(#lTkRi*qS<;BC_2Ha0;q{4!EFib7)28k-cBAw&8zV-(|Jz?G`%7)-(
z%Nxk^6YsqC{IUR+0Lt%3q}SFstY>5$Ow%tbpT4iBGfva`8cbzn2!9wTRd@WsWB`s1
zZ<gt6{v3IWs|$BZ9iyH0=-@5zj-MTMKTxb=qoVx$TpPAj{|!wrtAC?Yl9t0bnm`p5
zS=7JG{j?1l(chFTA-Y^!S42tpZaohah%>Rd`zk|&a~xU}2>l-exphE=Dz<=qF=1I3
z&@$`56tyB+A@WurYzQtz8x0}?N{%0!gy*R^U%0T)T9{qN9&Udmq+vY$F#vn!aXb8N
zEWeJclDAl&b{4z!?tH|d;MYlR<-=K`*W>+$L*ZX<c^dV`?2wUWje}7!=Zk7MOyXaz
zNH77<3|5L&;n3&P3+0+lLePK(do_uiosKT}JwNIeujp`Wu=<?uF_a%p=8yzKLB^!&
zA;LE87c57^IV{P(f5zg$P{})H$l6E_i7{K5j!P%kU_5lnkp*?l1h+wj)N?v|>*HO$
z&jV1G53GU_VRZw=a-nP_nv$jzA|iBzhLkcKu=4D7i_woEXu+4KOTfD#6_07-iP*9s
z*M(d!C}qo{?JtFB3J01@r11>Z0nvqO9CWQ0MM8d+pHAkyTeBchWr)%~yq`nMww*7K
z3A8%O?A!e@_E6q<t}ngpz*%FpzR0G85-)R#SOo{v*0TX>yn6$AEb{b;gn^?>_z=1j
zvHETF2nb(rSiheo=XM!olMLXBFiS8wl#!&zQYpwdVRRYvzBBdfjE7SLfIok8_QKx}
zs28hhpdPn8ye2dR){0X{yOgTqVL%^NYZmi8fXopmTUh;Q{FM5j=Xn7r@*AzpX+3Zv
zVxFOA&;~V6?<eb(cLuJQnux<4DM&WD#}MS$Uqpc}nfB6lW|n>X5)5ph|E9vOtl8A&
z6s|HoD-lS2?|iL7Fx`Ve&<{L@^d-#<CICb_(nkyZR4j6_`(yFiR-<99ta=VSSuhtA
z26DU}WjhyIjm?4!cbkS;jlE|V?n0P;2RlIk_-}uX=NCy^`#zB*-x6pPfY7w67_@ZP
z1r8#iURG`7Q=XWd`p82Hs|otpA4yQTak}yJ&rK`bz#pv(=8OIP*ZpBtNqMQ2ezU$B
zZ7!=Z-+s$lQ&FZ);b$q%<RgcI6vRx7h?3Lv$?0CM{{Wg|&0g?Hi`LS_HvT(@!|~g`
z)~{LRIQu+?c>ss$WI0~fRT6!XFmOz&FA?vOF@{gsbg;SXNAbyNRuSdlXaYuF>i3$5
z;~0j?j6_s4^BSR#+PR{}zn+JXNY<P6yW=Mp@Jp^=mwxxtswBJs)#2)#FP7HTN;!-_
z>yg&}hEK52Lyk087P^)zvo?1G6@X*fX!9+?x7~p|9F4}CDOdo8bNg&V5(qpIaO()U
z;OKm0m+PJnJ`d|$L%VA&216>A1qh=SbCY8z>WdJ;H`x7sIw9CUMlrpvAz>P+u6eMT
zT)#t;fCHp=Jwv7#Bv!$@Cev}&mBs0e=Bb)n?0a<jExKc=?e%BMe3THi(wJ-?=`~rE
zRqe9Tq8&a`ufj0K(r8p5GyNc~R0_MXzolxe)KdpccKf5Z!rJJwSFx3Y7KS5Drq5*N
zjK{Nx^nkTsPBuXj<x&&{>ORL6X=^V~tB#tj#y0}r#$1m(jU`_&JnPl8{4CGp?CNaz
zqyx((Wg@%nn|XGLISTBE+{>*=m3|exd6{h%B=4!8X#N%?dh002jiOPlhA8NIg<b_W
zHr_-$ow{N^c#!syrlR?AX^Q5ImuFXjp^gI9d>m6PUlYqZ<UEIcyNPKTZVat5CVq2s
zn_R~Giz9M_bP}hZ7UkF<ZP$7?(oor)IcA?$>n+=ea0eqTO;*!?$WQmb$)Eo(`3?V@
z{LxMSAwL)|2nfAyYq!PI=B`ofxsMmZ*#cdJ4HSZz?8rc!N~s#dU{?4apy9V%e^U&h
z)#9uYB`%0Amc*XdB!c^EO6;}vw$mV+j2WuUQgN#K_bGwuG6&UTFvxL#IG6q`P`=mn
z?r=ihbS#ku+EnS(H+-6)p@B^{IptNC*IGo$uS+7hs#v>-JrVK_EI^0%2{YjSR7qjH
zOGMo@41}Z_4^$Y46XhT7t?7!kzqQ!a#6=C@=_Af=G^xR(vf&tIS`%n#cxshC(}6Zl
zKHRCuZp-Fvv{0<pWGnzDnQK-z`)^J!qY{lC@$u=k;Y1L;ML4JEz2Jfzu6p)?5w!DF
zbsz1uT6ENCJuci_Sd<=2q2HO11%z&aM}X&CZ{VFBpK`gGUM#Wvkbl4du?&_A2MbL<
zRIz4W&_PMG{KMO&c3>rtQLumdfJ?jgx9&x}d$>;GBh5cr*D|*$)$;pATW2(nlYv_p
zC>t4lmrP%SKwGbmwDVb9oQrM`!f7<yyS3uKBRW^Aw4tLQ?a}MeZvovPHgN#w{zyi|
zt)WOkf`RuigDLds0v))lk&hpEdaOyMo57YOyZ^x9WC8{z4%PuM1%0kbguuiFQ9gJ?
zumt`TM-j`T1*zWccix-EsEUK{*_|Bl0MFN(M!=n{#7k`qNzULjfQ3?HCjx}^c21Rf
zW}EPD-3mAd9c|}0G&)h(VBaZ&$cv^`?Rz3CM8YE+4Rc3sXFd7RlyT>o@{AdPb%aML
z=A&0Q)47IKO*A=vVPJ}m`}rrOK~>J^TcvuQR;XoCQCU}qr{iSP!&sw@Ng{4>y_p)y
z(ZzBOZZq7IR0p9{NYaoMDh|ZlLIISk;dS?*T84#Ur}q^!DW_0LiEE%vORZ1*CI<}w
z$1pgX+=2893CBuav>;F{Y#*gO0)*e&#&nr<{AX|_YIAe!nd^Gd6|d5qD)jG$(g9xQ
z;!eX3h7%D%{sU>P-S&L#%<n6WC5sUrih$$OViX3S60_RBP7}buC@nP&Sw<@9Z0Vjt
z$C2WF#w1iO)$;|=3j5P+ZZ$kPWzs}fKje5?H5~Q_NPQx&6GdMl&4)Zy^27^UoK%lb
zJ^Pbb>B;F#pE297VS|N|R;Qy>gWtswAOb#Xw7&-wDb3akWf&gPzK}-0L|Uas6P?AA
zxFF+qmy&+f!{}a^zA;?-*AOgo3Fnl-!VjnOkg=;BF)VgbO)vO;b9j9lZ!$B)1#F#=
z9hYhzkQy*&NY(sGsRT>;%?J2{x*Oi`9l?nQU=T0$ZI56rs9&sNy~&h2`SckD#`bE(
zT%sO=ao3ZWF4){w-!oqiUbf$6qm=cT_Pqu!)oN{UT(D2A<pFFBgdTJa=~9YmKc|eR
z*7WczIRrxjDH2rm^I63E54(<4qR87ZwE8p?u})4Iu_MS%G0FsjB?tyh-;iAv4~tSN
zXuLk&<q8kHPRCJ_A%)DLfV%@KzlOA4x(K+}CM$Nal}{yV%s+;yyr7F<O&u*w1m+p2
zpmKymW`S|nV)K();SRq&3-ed!=c}bKBl_}QX@HpTR-5y(m_+$D3fhonEYOoFGeI)y
zP;=b~khmRGUO3xTqR}>TjOBo5$kpKlgyf3dmg>t#*4suRPNgSbfB%g^nXeaBVY@-r
z*EIWZ(fQ{8CJ~E<HQpe6!BsWE>->ivle*Kd(r>Ee2j{FDvPkj<FsFHD<F_~{j$t4U
z2O2GkQJ^^E{aI|A_1a*O_!Ekkh)E(S&tyzm==R;p;-=*w#C#%shM#x+0cZf~5n81`
zn8A!V2z>+9tJJ_IhX?jQfX-LM&JLpaZe#6=6{Wh%^r`i;l#M84XBuL;gH;HKOXvQV
z88R(;?bQqo1aPoH5MgN1$}zX_>LfvE%z*(YF9Oi^7(q!iG{F$=d@$bZWENRz{t1y%
zO|5cwTa@sB$j|h@$zSj<`3?S?{E3$TA^)Q~2*~a64ofy%?a__Epjxp(yVIQ@_Hoaa
zcnsi}z)N)3XA1HgeI%^QM#bt~GW`^5TgxK^xz#FhhvLWGyr@};+|nv>u?|liv=NxD
ziDIz;s}+x)AT>0cJ>^f#-g-`?aCO<UVeZzG%SFra;Y663OIY0w`vns1MOk2`n$E)m
zT<H3P14gYfs`9bvqfx#>xid3Tlqy{&r|dp3KG;bvbGkHFisS*(aK&*e6_XnAld;R#
zyuqx~>FzhiP*ejlAR!g#;jh*+B{0!GLpWC(D|3AWJ@m1eQDW)LNoeqH@o?+!gC81y
zS({(78U_AIp*gmAvT@?AucC}pHB5#MWiKz)RLUlP00!O!e;U^d+U#I0%W#2l|M&JT
z><tGjo+c01J<qmaG}GqW^^*~1x0rs=ETiVJcotqKSqF+^+RBK!dUKP<`<S{(BLiB9
zx)badg)~UP!32TO{pHQtf(>A*iH={baqY>WJFp?R(Ho_cxQfn{=&}@<6BzDz#vOyG
zI{<cfG}WoV{~Xx;iJ}B7hRl-bQ|bn~?uatiG6*1A&9ujEAUocaW+6uuaam|=)*Ho~
zspBg<7Vzmg!o=o>g1?Dl(np_N`_2%RZvj19%k14Cy&ZH&d^ZKAY3#G#FD9@1?$B$q
z&1OG`u?RZEZ{ZHKG!OGNH`x-g1TCFFrBS)q5F!kLZ$uU&q2<TXN<k8XL|PH;@3q1Y
z7|tGSu!u+BIaU#sQ;$Q<m(s>o?D1;}nSzkD-<Pj_pG-Ukb<E=4WSz*6-~}W=D@c=e
z#=r_8wm6!CpTs;!YTLzKXhVXdPv9je+~vmuud)?Kvd^@rAY7B9XqQ`mR)rt}p9v?*
z5?b$1{0e%yxXT?B8c&_KqY|lQWnhl$t-sN+Tmsb3B<RtI;pyelu)w48z8r@Dq#zkb
z0ko!>z6R9ZdUJWpF5?U7#G)2BY4;S%wz&FqDbx}|ccWu&ayFM08py6~WF6UO+q*)H
zoA{|YVIg%GiN1?euta{pN?<L;Vln)&Wa$8GP_WmJ3fA8F6m~UVc)db*t#qZ<gz|CM
zp8I*31(Q?P!WR#yynOlw9!gFufQq$LjRw-H?o@+dP$^fG9~|LqqmIzyaW_k)=1AX*
zFqM98!AR^5wpnt#L@@`s8kSKc8}n~8%sIPkPFcY2cnVu;Dkh{0&L89-M(j6%pdYxY
z$=G9#c4vn?T05Z^YaJKm%ffB$!2}_?<u&2%ji|52K9z?PaTRV4y8z5EP-3nU;-2#b
zI`<^{m@caoFu+!A!O5q-1U1PS+DU0$90E6vd@!wOM)WuKAlwSxMPhZ<)KTE!Z2?p-
zqVH6SKKl=H+_=cMwpD~qZ%@|6`#QN3^HSD&Kfb!l(tz^+7@QrHtVE-R8GdH7GPKqY
z<pQC}HnG^v9_!WaB<uh<D5+S+^af1P9_W$`adtOmW<-o@O{eG^U0FLxeC6fRep2gC
zKCd3&yy_Ka3h;fKYh}W-6ApKOYh1`Kt0!@9l*N{+W&dbR^`Mo9Wi8VIG>QZRGFJoA
z`PgvEeBwg|U}(q{N!eI1^`=00CNGcoXnc{SFE>&Y_}(6@mp2MIu_OW*{0WAMe@Str
ztr}6r*Kg)&6Oi(JsaGi9$Cs}qO)Xh%@%}oFrcAa!Q~M1Zsv$WzmBDApw-UqRRg4+%
zv|n?hS@#RJ{mC~lHT-;4)l)iwozyTip^utm+BQd{Vq>e3WSUg7und{E#wsB|%%d9}
zBbrQ>&Un!F@dD@agrzOC1;*ar0ly+w%8;L#{XTGK5cn)nk0|mZ=oUs*?z$n)ZHY7R
z7Eh}xCU*NCBQKz&Z>1!LRSM7Em=VId-P|UFpFyF(w7RMB@53VDvb5t6(w4GvFx1|-
zYo{k&JE?n75aOMPw_j{kkvuLoE4=_miqrl>ezE^e{=$FBum9iVPbc~h`L6;%K=yl3
zn;XUcHo=*&NCs9qz)j^EDn85>gnPZ`2!JqYH_9?-C$mBXO!NjiAQ8@MaDN;B$*E-S
z1hoN?GXm3L+0}^vO%E(+OeN5zO`B$a^?JIWlZ^dJ?*YdJ#$>d|r(+N_3IwYHv_Al<
z5{f4imTWa0um^BXr-~W#gLU(OhizLj$HQ?_BjVM@)1L$~l|O5yH+3IR-GF`)G+hsQ
z9OgtczY9;BeTF>a)?`-o&u;!rg=l*(OK5~q4V_YxS_G=6+rrb`;ty8^iR(+CTD)9z
zjD(5-PI~d{UFq{nLJcF>)EA_ih~w4T@t6Lm#!{+EM~L$1jDw+p;*I5K2!UDS;&ft^
zR;B!*Vk4C}wQISOiz<7K_K*j><VzwSiwK=Oa;v>%9=Ddrq<$Uj)Oa#d#|v;8s3lY+
zj3H2@OgSFzVG(`U9k>k*T)7V{Hra-tBFPd~m)a$V1M3`GNGUN5>9m{4DGST~aW0ph
z2S*<a!SZXHF+M%hVgc}QI&kujlr76-9#~9FkchIn;U32E<{?pth*_nsiN31^efg47
z$5`pKhQ1c>201RJhG6kZu(-1Dh}ZT7<MG~%9TX1qmWBX^t~VsxIijKO-bt0KYaAx`
zc`6yOh`NDxB{A(|u{OX{#(x?T!Hj%={X`0wP%77(>CyTYJzdOY8}#UCG&Ji?FT9oZ
zT>^bGu*Tr$(B@0<DvFU@!fFo9MItEFx$QQ}fkBJiHxmM>S@#=tjv4|VIx@Qq82(m2
z9!}6EGU+R3Udg*((IOhHHT3}1elHm2_?b?=q@I&0Q&tva(Qq178}~6QWiJ9cly1V(
z&M#z@;3;D@&_M{@z>8bJfwRdSt|Ss+fZI+lfQr&&Nqb2lugvJGREz%L(ir@Eht~$H
zkL&?mXr;V)*?WoOJSyx~(U%}LI9P>`+q$%-sYaCz&hk2xI&OY&CFNN5#?su)^yf_7
ze&EWajFqS>hWYPNY0o^@z1!%&IU?gwkG4O7^%&sQ#f6=|)X;*`V5IP%B$!rMlQP}5
zpHr7k2|ABLE!Ra>TKu+hWx8p!ewE5oo4T|6WV&Q3X<V^-nj*jO3!7vFbPFu=8QyZ_
z0!%V_IdepBJk*(_{`Oz4XTt4$+KYS%0%d8$wIRu5bsEmx=2`;@5hUD39CmuG3&vJW
zJ+l~|y%Jp#!v!S8(2p9>UH|N|vJH2%yzG=P`%G?LLbo&qOUgermy&^PlMcs<l{!LZ
zGha0>ga(@UmUxY%A%GY?26j4wo-pV~zcAezy4(;AWWF$?9#}t0mH|S!+?nOJnn6^V
z@YLcO%Ew4bN}k}aO#+Q2B!1B!5)&^;XC3W}AHPjaH(kf>&L=1Lk42;PbF3XON3s4G
zEIsCk{l(RZJt=i7DFFL+TlHDHMMdN^5$U%Lm|f}@PyiDnrwjmtvBSB!-ai`;2EP*@
z<Uj=^kQ{25xsUV`!s=S%Xq}XN*WC#=-rM#!D#(_dQ=U=H#WYuHM{l-Mdj)ay(xS>J
zNJKBvXromg_t-<i2rVFcdxGo#kg_mCvc8KGRfqbP2hl@OrJG&~OwtH9GDK*hxa}>C
z_ecp=Rn>xgBrEsO(FQrH6gOkQ%PWPzv$9(WBk&Te7iPKmeiM()Y2IAWR%VcNu?^h(
zMW=Z$1*oE|KCUI0AM?06yL0G@U8uh6N;*=vH><Kxhz?20j0$ieap)#w7K%eCi=$Ik
zf88{yO)l+!rL|`P8WPxBW)P~nuIKVIH!M+4L(AM<2GokT(Frg_as5__dA(|Wt9lD>
zCBVgbf9JQc1K6D?Q_O2-u9wRGB(4USsee0^yv?8re%iQw68$wo1|{*~W=>nOGNk?L
zM_J~<D#T=?0ZzderwLtg)=6l0^1k06kQi`(g%lCgWV698DY?chFv|!v6cs6z@(=l?
z{x|uH{w2TOf0I9F?my($Ap`+g$h7mknEgrGQucR&&KfqGY}%PueiJI+o|rPN2Uy<6
z_dZ?b#%2%Q9vz^Gx}tiDf-YC;AcrMkRJ#4F(1hJv>+q!RRw#+9m-PK`H=<~4Hsu~l
z=W(#hPYPyeKAUYB$>uXPl^Nc{8hi6I5A6WP(v(r$yvg3J+b?Nt`6U%2o}=F8c&ZfP
zwnCOX$Vm7B(Pn=B?eQrN?BQUhUeV9DK@CdyalA986}Sb^4?~gRD19G?mL#17Qe9cX
zmSk>Al}a7xP)2Yhtmi?txss`IRE_LhOsz(mw(?$&_FUue^F6LJ5)?Gqpg;3Dx80la
zbB0QXB5g?P?LS7@t*})fAj@?YgLAS3n$XS@;%A!F8BQTC{Au}$3IAMf5tRL|GCIbw
zggLb$Dzy;|Y8UNFMxhM|kntV;tW^3qb09|LI!`m!AY|AP^mx4e9IGFxaJIsMKjpRu
zz)NB{hz<eoPHt1^lF`$DmP6H$CLIuc)#Xkvv~m6Bw9vrRcqj!py&Yn^^WCxJrM|x#
zgOPyApzYBem$s6J;L7p~G@yNYeV*q>9lH2BTWb*^T;_H?^NE6QsUM%7#NE6Hylpin
zl4lOOoS{ww7k?<xc*&Egp<z5Uz*h8Hn^HDVeBa$R+8Dz>Ic;Hs5ml<D7;OJ#r~n28
z_E!02R0B8`2@3n$=(i3g4UE>XX-;#Z;+2ags}RPsJz}*VfpAkY7Z8-+>un*niLgVt
zd~GY}3r4z$J<y@U^78kME*F8#3YL2c)fD7L7+aUvysCQ29Olwz50?4if(YPH5Gkp+
zv`DaS&SjuU!S6<rrwXAt<8=E;W3Qq_x)1mD7xOu^T%<B;NYo{TW#PhRcVS2JRM0My
z8I`m0_t99uzPz*GKgKeCOYlUC(-RA)WeF(UDBwA=bvuQ-XTO!B@JF&-)a2BqK&4cA
zL&5;awNe@?nb>T*yk$fp;==>*J(&c3g6FWnm#Pl@6a=|h_W^M^kA6QmJDU}#Wn3Xg
zBmeG&h)PT>=xI+cOUGNf8Aw0p$Bq2ca)ExMS&8S*{bYrI$M=h%(X0r6Ug=hCV<++(
zCrik8yYm-u5*OP^QpLXyZS%JSN1hq!^aHGX#l^oPlmR>Uq0cBa2r>z^g<dcL^;KXB
zBoHV~6v(x@yR32K$gHSstK|OCHV&f7#}+~36V_I;Qm-uFXD@01-fAkuZnPiSnb~D;
z&O@kG%13~1&SP9cSoHyH5atX%Rg+``JGgxm?^ot;erSpdo)1_b*~ZF|i9)@=r><)a
zO9K4y9AB-(Pv!3Std|Ef#~^e!cq}MijGE0C=MRZiX;oO*(}g@r`3cY+quGFIGAMCB
zac66yUF{j1p&=Bz;z)v0op+v?XK+t6fRo@aVtF}<ZL<ge4vf~*U8}%416|Lzd2y0a
z3o9I^S=Cu1#cZlg-^QT`o3Mo)7vNR?$8d}h#~CPLPBfFgz6KG$4jOpq9bm44`flEB
z3fHQH5d$oQco6O7P!tEYpC78>`;&tir0<*H+P(Dt8a$i(ru#6nFuxxuE)K~u^H50H
z$jQQjuCm83d)96}mrd6tYxwK!p=9saphuAw@Niyo<J&NneUUV~;OfYSfOGGWL%y4U
zzk{aTSS*=@qgYK1;BYnrm*2(3=IM^j?vY$sO&0!*!zav0a?ogTz|H~mnby3kzu9Sc
z9Nn~`+~FRyZGlB1q|rAi^^r-AvLsecPHLUz?5L&<;g`Bso1FzG!j+0dQ#I<^<GRZN
zX)Qc#baqx+*>wHZ;v!sk@Gwc<QSX5?zCO}GYwPjdd=6o@CA8|;rO4`9+Qk}AjDwAy
zrP(HV&eNfRB}RD?m$WoI4BDSQKI!ZnvZjp{w-={3WX9aY$VwFz6`Dnls(R)ok_0GQ
z<h0&IlX16`^)$1h{L@w@-dLbwAzA;BU+#aCzxZGB>;5<Si-P|{epGxA5Z+c&FIonj
zmUg7T1m16~>R-AEM@tm_TrP>~Rv>#58FQbSZnPyS?>5%f!c|gL+ueLiSx*J-O{Y1x
zRNcbyQB3_rFp@7Y=o2_5FZ8&Db0DnTf<KSQeIBiGcP!ytr8mwgSvx7JT;pqmQVg)M
z%QUPMKg436Rh-FP6B!w_ax*6`kIvF{@$4AU$IP^}u$yepkRZThg&hU!*2|LZQKpmJ
zdLL7(NP&4s(K}XZ_M8t~DUzRT7*6cpgs-rp@zJbj>L9CPew@eFwxte}lZ`q|8|`LA
zA+o++RoXVc+RqQGPX1Qf)}Sw=mu~lli7$1roU*T1V}AZgpH5ocfiO(Z*$xjLD3QKi
z=2R^XX_(3wAbURQTL=bjiMy%1y|K1=6(PDuyjk+SJkR3k&WeHBxas%K=kG%C<Twor
z7{P@GN1uWMmY$x?N%|zuKc;fF+5-ZP2qOgA!OLrD{!@<mWf0dCaPESCkNLi%3?n$d
ze$1>F%8hc_{8ZEHc8qOH<B(L?>X-*45J!R8_n}D)O=iwau8mE0XDcd^feR8ZC+o+V
zHjs(t(N!}JBPhb=2UAYdoab97d;7m`0wYU#-xUYbf@|O?a#;Ygx)K!_WKc)x5>r9O
zJ!zIjNr8k*91d=v-~sjP@u}a-ju8)m8_O@dkkm@A&U!9;JjaQohIwU1;JQ8;h7ya*
zfeTTsb}uJfY}I|RpREjzyb@ZSSYPp;^=x|iWx<Hy0bOY+I8rN%z$yQIwWDAID<`Mx
z`-t+9%BC>M1`dIhoaI-0S4YBwP%pO6;#x46MbqZpVFgoJkj47shFUUMj{rvoM%l5d
z*g6dh^PxlRb6*s46D~{T&seJha?zmX=5}Uu+~vBv7bDG;BrWAhk%L0naSyXPDK9R$
zhDt^?bDEUD(o)3vh4qEV^9Ide!hY?wf+6-p&MCyeG-_ww9}+SSF+1hpKs6^FpMlu_
z<yWgT7XM2zos_QysBi);@85$Dt|}tv7$&WG5EUWYSaaQ!!aO<weJlrHAkewEIA8{n
zC-Oa*#bkII8X~Y^IC|XcqExbGUfH>|RL$@9g4S6wUeNa^oJFZp$Nr4}?DvcLUngij
zq>zEbD%(&(>Lg1(biIg^*d$2B*}yr`t$ljtf+evOYV>CxObd{s!22#F0v`U#Io7g>
zhzTSL{8LG2x`7pFvm__WBBEKVxqNAhVj>6d`xq&M;a0H<g=GN*wf=#DEHRFfvL7C-
zx&x=o>PD1Lx7X2>X`vXNIs3#KvLSce{J*QBDhb!|hC<Gld9mdqdez6~Y|yA0174IF
zKoVYehL?kc)p-ghxNl`nN+*?NpdR~u#RkF*F)_uoo9+Wq_RwGQO>puTvWUlwYRXIE
zwD<JEplo!wre|h^f4oS`sYl`Co7kE%c2*`Vx<9#OaC}g(U9!*YKkR?xmx=aTCKdV_
zcCKN$e4dM<027sz=C8FK3#F;LiD><!4}b+&=-#w1O14dg0)h8;l&a5J=~wv2UUUNx
zlyiGb+g5uH80S!xyDGO0NM)pC{iBP`3H>5(Z!`9ppj2<~a=tInUh2#qRLD>#a!Tn>
zJF9c>k28!TF|%YX@NFsi*-v19b|F&|lPsoP{B>m>olONbM0>@j7ban;iiWHMWGN^K
z;^kkmXj&N%p^)uZ9k2Ie?2Jxk<<l2+u1boMv;2cmg<0ck+hDqrpr8|WpM2MY-d`DU
zOIrg$p;aVF`c^G}t|P&Go2gZ56D3kcMdNrqe{Oz@9(}1=g?56~pL$oc<S(3@HqLsg
zUH5g*h`XZrQPA~W?gBbqNug=54uG4znFp$l$`-*^`(093nZC>JL?`!kU!g_5+ua)i
z?z<-`A)A^z!eSZyEOk2RhZif1E+C@18#yG3ZYvU4jr+LvMcI9Re87R|D=WQX|A+kg
z|C{_J|B_$lzsX<0_aE|axq^TQ`IyRgzSC*#B2k<i#$1WhSk6h&(VKuTWBXTAPzPyr
zQHXfei~+gl&SjdxOIWqJosiY}Wi$WzqtAO>>o*jzndiGWB4F=wV_xQzq%;6M$I*}W
z!|jg?;v>CUDY~%PhpG(&e29&7l{=$C0u;3`p{KW5{GTRaiuDiEkH6LS6|XSx){y!e
zF`a2LWO{}>_lPo>OrT$q3Ka6Wp!X^jrEAcx(hOu?vXPY#9;M2gc{#|FbDFQD@Ao$y
z`*jXr!e&LU9fUQJS$0zJCx(eIzDgtyr{+{EfzA%0wFyC_KjrNbZ}(C{xldf)^g@o5
z*Ei`l{`QM5zTG_EIYk3*DajI^I;e)D49;IlQs|KR+v8H;rn@AONi9kaYAmF@2cO&)
zcZ0n@_>o%sxur|?hm+HmGHt8+ya!;*!oGX5Cn*(1Y1Hnbcc1L^;p#*~-Sn<V?athP
zbCnL&nny}9t8kl1J}PvgnXB)Y%t1cQZ%FoKHPoxUAX7F~YIYO)jv`!#6kWeNeg0St
zUW0}7MM0^;;PUgEt2qOr>{&i;fQ~z&aC||slU5|nZY+D~r!v)O4rrM94tno_68eoM
zH|x``#&hj3!Bp+HFEj~?Xdj+XLleL?77GnrD{r;8t`&?E3VGliDuNz!#gEo#cyubl
zL}dnWs#l7Z$Aa;jZ^qmF{iOHZBUcB#MrXXKu$*};tUr^#=AzKNK3PC1ra>TOOiyc9
z>qSk?$y0k!L>n<eBwdZFxW8f14vOQ6T9%}*+4FGqHkgQ#pF|tOPJ3wqs~?HPMuq#g
zMQHPAR3QsL8EHw%jIw4yOeXkq$-q!%$lattZD<GCMf9{%xJ4SEAO23F#$ilKT79oJ
zZI*Zbq*!BIhMz9kn=%DcL{f@Z3xsf=L#g@M(2dc{iV;E=aUS~I^(#xdE33E40`6$l
zQj;uXgoSih`1HtmRgW|EJ?S4B{hxjmv)f8h;7R`jMFC~YRpE|N@RFm9bYK<wN+-K)
zG}rH{sQZDEBH-|r{(y*ldf^z<^@IJ^TaUQwrPj0URRN{h<E_!HsM9QW#GMXTcLCU)
z`A;`V1JJy?E{-k6%<U6M4?U{>mbbl|OuP9Kbpw>KybR#1eq|kKx}`QH{Zl>Mbd}Ll
zsK?4qeMb|^`_H@jcQV00f7*j%)mvYm-3GfRE&uO7|KA3ck+m2BuddRL|NFZCr>_Qx
zTTe7=*6ROn@5@!r|4%c`lj5dAtJ^^m4LIppYb$0`4U08~*2(rJxB1s4gTHo=nuBvA
zpqk5erhM1sO+2Jxab9_HsAqg$Qj+m)-gKDH4|uVCZgX>eYs%@QH`B;=v<OKhk?G_>
zdt_yCkiER2YMJHYNy71H;^O$i<Y?cFg|soJc4@)oZI`#c%*xVItHy8dwLxijzjmM_
zm7P|7y>vM}<%0Fi!SFUZ8JS5zTVAc|5NK}ah*mhwC)$A4SRyaTq@p}Lp<+;}cTvv2
z^rtg}p|x_`?~|&ou<__8V8`NYwy^8auG-+i7>|4^a_MG|ip1;{l|qQE(#jS_L5cdt
z*XQ){_2k0&#kfcNMgQeOvC$6I#!OU0gVX@5{M{Vy$+=irBAY-s5jXMhM8%&#hsYL}
zQ{X5PRI0{u%?@$|#jB>z8;Ko+(>Dz*T<=?@r6zMPTWVk)c)r=tS{G*$H+T>qSEMlL
za-oCJMyp%e51d(K^fnnK0AHn21W!e?UZh?@q|i^d_HKejuadlYo-&0+-{E4p7_ux*
zNZ828sKzqWgL8}M;_foEOZ<#D8bzq6uwu>D#+(har~R{HH}WuHgY98tRrMo{tIQ`Q
z0&nhTdW$QA`E<9NUZ!*MKjb(5-{dd-m;BoQP5#=e|B%1`1_UG}t7`1N#PH8F-;%f9
z{^|gYf1batZg~iZF0U#YUb6G0MgkkuzL|)fAQe?)q*OXK?Jf+kQ3fbs?kGRsq-&4o
zF0sGrX)443rG$zOtNV)*U3din++v-Y8v;YPpP!!m2WyQtj(}=A7p6@CQfBvYj~_ig
zOI4w6aXX*H6?IWf9d1<%Nw8!KO)l0(@^ga+eDziDM{)HsN2oB{FgFtqy0e81S&At3
z@MjxsbdLfBzAkjljjJH%7Za@e7u-(pd%G?D&4vg(#3tFr{Q=WU%g=9<4=Kjt?9L9g
z*Z0+Oa+lAd-s3~|!#>TS9T~1o*QcY0;cZPw2&HF+rlyO{hCDR{u0ib*7IlRO7giIe
z^Ryl2p7q?WAJV95r`rZfCAn-Z;->BsNu$}tZoIh5ojivbNQ?RkbDUmm)owm~J#$-2
zCck6rvsrLR+Q_Oj7WqUr#~N(1C4k9XK~O4(^hvzc#w?cp@oY;fb$7Lc!`9`p>4~`v
z<|BDp61AanMJXTec!6P;ZVD!bCYJSHsJSCsOlVtM0|1U~!~_VFoN%mf@oiLc<`XH+
z%R#&qT2BukGuWi617Y&_O*XnwKlp-uDQaC317eNK-rsdb;~P=l#%<Q{MWiV9r5Duf
zlppysIa?CsVCKZK9=or9lQ)oPF@Dy+wQ?x&a^dpJUIj^TBYJ-A)%=>(`KxU*{5C(m
zQp^8n21)#y)}CkSJm=ulI9fC5xrMkyvr?pf0q-iYLE<kAJ&@fKzj7gVz0W8rY)`Vv
z#>F%$w8r`QEBC`apJ3MB(1P2O)T?*-5Pw<%WI5pZ@Dw4CV`l%$AG+1;db@|ia?vXG
zi?i#w$?f6Pcqp>Nq?Omo4qW&kz<z?n<e9PtSDFK0_YuP1prXQCIDUexF_dS4(WLK{
zneRx#zgeKNFp%{q=xjrfTlHyrQbM+e+tPvw1?zmO_^s1!r~KzaD+f5pi(!RFi|th=
z$3WpYgm$#WmzVFp+c3>{^!wyb;=pRn)?YB6e6GqeC>=4=hZs<zkXl$=B$Z)ozfNCC
zHs^{OeAA+PT9$BAlsYrnt#ueny@4a_Z_dl*Fo}~BXnDA-w!u*fuS_~FygS%0RtHMR
zCCt8Y1+r;rU{A@y&Z$!Y2DhfZZ5)mzU7eS}?C!@w(ExJ<2dA2Jo(cr^U+>Gm)7Kk3
zL;lub;Jz_eu!W9~%&;a^3?<T^3zemE(i|}s`RG8rhq9VeAuNAg*d2IChNuI6Mu&!y
z=(?vJJ_WII)TpL03xs3RsmkZFV;`hzUQkBbg7SP=m_SfzH<XK38Ge{yM^9H9uIL<l
zo58Krm&*Yg>L@0C{D{-`nI?-UU5=MKVX27LQwS6%I%>1%IPnD<aggorLk3?@+Z{b2
zKQVBWpeE?FqtDQW!NhlWjd(mX!0iwFXKH{~&r{e*(Amyb@(Np8lrE2tKVp_i9&YY$
zjMKcis~rC%`82R@SYl|E*zNe;A3WN!Z3i9izlr48k><kQ1l;XpfCD2mIP@FLUp-Je
zFLy^!J6o|tF$qjZ$;exNBxpAb)YE8HC`0Ou`|T_}FLiO)TdNJyR8tngWL(fUO18hg
zC>?H(HSQf*)&}og(ScWpLmJf?ui~D{e2#ZA%0T6?JQu;KRvSF2J0W|~74RJ5DI-RG
z-$CnX>Q?<X%T(?CkvlSW-m0W;b_d)ZifP1&G&}RvgWm5$jUiKWQqqw}Z}!|rx~*)P
z+7$RtaeokpoQw1ezPNUwtWq|{S2K!l<FZ$0CaBgBXhWXSc|7c*+X&s0Whc;^6Y$l8
z4u4%nr2J7axL{=~Y9g6o4vD&)B*}4sL!v&~>y{d?)zJ)ITQW6BC&v{}G(1p;UXsbm
zIe~_kw}&NZ`CjgBDV%<PQ#*tXJWwIR%*gJh-<nMSV#ZPc)5rcApMN#K>Hj8w*}vr1
z`fu_#=lzHL#~~mfPd1aRtgLo`dILc*1Y{hqZzwFa<S3CjJI}&E^PAiKp<VZE{uG(h
zjq#ndyn%>3<hH|YadwH8#<O2$1R5QEMFETf=p5}c(M6btOt4)P6tsyWsF9@5BLEKd
z-Pqh@Kg#ZFRV?2|nN$QN;(q0$vr#|iz3ApcB(0uIMx>-Dl~tMs-bU^|*Jc(U>=?@Y
z(r7KF8cJJ~m}3%BXF<X>Hc&Jh3mOl`10Di!=+w+scAl*Y-$}Gk3xGxLSa7E@L?Y}G
z1(<;_3>uy0=}K!<wSBGiFn@pdy=mY$V`6H=k8Xq+3@S0}Z*Yf2D){9ZiH_&5&PU9v
zvQ-I?!wMsZD!@gWJSTV^_IVlF6ao(RjRCD;aO&PGRf4|n`0Uoood!K%@cKdTKZ94j
zxH)b1uf>05DPREt?_w7v;BD`-U=M+FrJ|4nD>vI+@3y`^pSHZeKF(L_iWIU6i;4vP
zT>E6nXMTTqJfT(eHj@qcQ`_n_0RqgTfFC?LJndCx$SEY`x2JRbQb&?*RD;LaSD4b<
zz5d8AFUpP&_+mAO(fq`8+xcoMgACT)8@{Jqbwtv)Mf2Ha{F~^nK?F;UhFZLz^1U*X
ziNJJtltSQHU9C@)?8oRbEg<1*l&WBl3MsbWqA^d;yUkij075aR3~vd6+-K`m6|5fV
zY7!Cl{`uM8F7oTsI8zZTr_=N))v4|^A@3S(L{d)OH^y$kI?c$eWnSpz1Mz0Pr|13V
z$H@fopT4<1=S4t=Hd<Ju%60)jm3{lLN(y)n9MChlc%CJue!_vu#;hTyE++>+vXNVK
zW1Jc^!YsmK&i;N7*7>VgyGwq`^LVC3SY7C3JADLAJ8TB!YqL4^XTIc)bsD6}a8*U#
zE0iy?!_s?T7Uf}JWf-K-cZ^nAc(SoZ6|EpOu+R^(O}zvLONB?QW?h_b$E6ZDc<hkq
z0dI5wj6tf(-b0{jOrk%(amIzw<=|ulyIrpp!j%KI?&u30f^4r_V)Nv(L|};*{9$o8
z(b-+ne+0*{-9+v%U8>$PVSm2g(P_5@#^{Z<IPcG1wbU?m&(1^Bs`~e9*Av}$rc@3=
zS<r~rDED!x>oI#9Yr!F}z#?R;%>>9csUf)wTk{{rn%b^1p&h@E*F_Z5$&8fY21PvH
zw%@Ac#B%B0iJ7oqMXK{7Ac135aRD{H?gRw%A<Ql7a2O9K38BkT_}Eg5+@8utf+tAI
zA)7zpUfg0IBA*Yd=9;V{H5*v{AVKU~#{Bu}PKe`!)vPt}#CDMv8Nn!jeEfFuUYDSD
z9vc*zE@PwG<56fpy86{Q^xfU!z0e8V{`$c(&x@Bs$VWCA8U)*Clz?c|kwH(&r%iMZ
z-}_Z;dyU>Ds4^CvwZCjitYcVCp!j=+^Wo)le{`wpMh+nW-`H%kTzKk|gWQA=zr|VA
z`={s@S5?$zjT7@j-;c8AHr8fzy=%kfq#}lh7vRz3k#akG(TE6a40l_4Bq?4RSh1*k
zS5ANwRLAmO1phGJXN&D^es7|i14^wQ&VV>|<-hzz1|c{@cuTRJ8$9u8MlZYXOZwuw
zaKVpJ*-T4Sl%b!%oQM7hs2W=V{7Sy~TST}BIPVX$KcxwIo;{>N_9Q2ktr;tFeL_Qb
zCai3z$thn0Wql32_Q4oeIzGMy_#@(I9%ML00-PSlouhGQGS8os;iS9$V}Z#b_5mIj
zE!E)>@ZEVtn`;qGo>`fjmphX97fdg-`V#VX5%PUsT^sw1i)szi9^*cB#Up*4hcr3h
z51C#Fdhpb0x|i$90uEjg1tB7GPd*=R7SAOIER0IK+4$4lFbOK<l)18FAJg)b$rP1#
z2}r9R)4FwsO~a%L37AQ-VCO65fbE*s@dNvzJf(v0Yu{;k`UFevdM;M3FFQT+)hl0*
zOS`fxC4Vp(0aIGFe>8u@|0aL=zvS2aZ}NAl|A+jH%pf2YyOcj$9bEP6@1<2#fJQQl
zkr(g)T!-s%yFbzwjC2LurM@>9VYyUEzzaCOm|H;U!}|v18hdcHp3Gxrz`TNKIu-3p
z;R~l2&)oT~TNwnYK~Q}sjezeb=&#LAei8kT{vRqTBC+Vjd%$o8@q*R`0cpFvq5=oh
z4k&qmzJkoXP#~Ha&&+!`8(9&Jd2ej$O-lov!V)PIW=H%l*5kHb07`~LGcX=4Il7;h
zc#7@P*bM&doeTAQUw0nhq(Z5ipiHt2TPWbR4`(|U^2e~^ecJGHYInL3*d&8is_LW-
zJj#zERf7=`g^qA;|Ni!Y!jAgW<~891l(pJioxe&|2~TJp&YDjCX<!kEtb`qjsf;aU
z<^jk+&eLQi&iabd6RR)+ztn4J;)&9PkKDY|hYMY}M4=COmx|N^<6utWwM>2#1-!v1
z%S88#uJ`XWOaN8j7gYL>&=L0Qkou_N^}foG1l}hE(S;MZaDI9JRnSvSq6o_j6B3(@
zTsplVjgbM(_va(bq(fJyywTcCW)2QCqS~0+P!`Y;zLZ<$BbBZ0Jf#0D<zj5?KSP!V
z0<63<K<6h@{BUw^q}Q6y7KK3r$@x<!!W@9=5ZkQYp*3PGAr77uhE4<AxGf+`7>UPu
zokLDuEELj|l7fQ1wlyX8eRPfrcs)T2i)k=0jBGq(&UX?KANgnRYJYPv=pPK5=cT#&
z`F+Gl#6$LMy=c>wTErdAI-(}q$em00-3T3BNDQGWZ2sAvfSQSr@gycmGD57i=@qHd
zayb|k{QamQ#}jo8Oa049sW_vcYFd2EcuB4{mkQ9JBFp2u$aJ+v8{D5Iv1~sEK*38}
z;MO&2{Lm<Wl4X-)C*Q_V1~`ymi@w}O8hBOLx40^ergQT?UTqyIWMWG<8lh85ak{=9
zFBGb>*%9SC73vGmmjjE&6VX(&)7uqzP&9!iE{lAstRh}I28M?1fSCIZcuFCQO1%#9
zBXv&{-;C)X2E5#w=#n@s-`tuJwVX}`qRD~%NFu_%4tab6k<wm3&b~Ll9GUd;O3IGJ
zG%|3Ez^m*}z*k~?V>NsF%>2CBQX`3m@vDD4p{`{yRsW%wnP48I2}T2TYER<y$T3Pp
z&Eu}xK)e(&=AoD|<RYE!YEa=WBEWD$J?6jz-wdx$j`-tbXgq+MxR%jATl)_P#aMi!
z(xqfSu(gege#K<%5L;VY#VRf2V_ygu%hS%JeTO?sXQ_yI_0T&$J(6)>TS-C7MY<w-
zxi^$%)K3a2+1m{T-CO9=*F{la9)2lFUR+OGid}7dEK|*^pA58U)hcqvA+WB}!r3vf
z&0$xTxRq4j8{)KFFFpt6QS$(dVq;@tt*S~>ph(RnHv{hJM7`!eM;>G6q66NlaVm3=
zl4?GMy5nV={?jU~J|hCOPNY`3MD#m@4M$NicmEGxZyA?Ww{;KGt#o&HcXvuFT!?gc
zcc*}Kx1@xGbW4k*ba#h{q=dw~^gj3df6kZV7yKb^_O<t#W6n9oSaT^rqF!V^Q%EOL
zyW`;J4@s~XjF)-)yqY}&C~QP)f=~xnSLtBq*eu#@f!o;@o$Zw$EMT^tk_)9Fn;)-#
zu6OzW{&n?z{*%GyyXpfb7TyML*<P3cl=qnE7Th~HnQD*qjK+1w_9<QyRcQ%62KKtY
zG5aK8CPod})y8TcUjls^?^~{7hG-F~br~c+i*<*P-H2m~Ki$>SB*km@X#czNsffRe
zh<KIWS}CaG5*knRE0T+(-@FPtO6q7~uhlOX7uJWLnY069-wIngT9Q229&*meMAcOK
z!7b*<FkMd>OG62U56I43{M=O0y9TAt^<$67;k@xlY22~KjVl>)I*d#-!;)w&4`22f
zEaAsiqgc;3aq$USS_pe3G^c;g{_dKauoX<W!Ek)~`tC(%^sDJvR$@e42K69LoAo9a
z;9rsWE#<rZgIr^7namuI?G@B{>WJlt)LKq;QcAE+MkWz**SO2$asSEc$3MuQ_`i|A
z>M!!^{5SIVqyCHh>HAPnMarWDNsVfA#Ck=xUfmm#J^3N-hUn@CHl3B?H<SI4oENur
zF#6%s&=6p`sn*LlCvuzp3J&N@6IF$oN5y9oFxGQbAbA!22TY;17Vz_~{m(gevp@YF
zsnjDH<~6*czBEqTA6Kr_>2ZEF*MEMT94wu!MT4>mbc>U*OyjBtqM7TV55|nHORyWz
zX=!)^>E9GxVG1e+WTQv3myz|F?O(<u7wwj!wmo`Lt*w3*a7#)CWo!SR?RjUEY{5*f
z^H5BhZ$Bv$W&_#-vkofQEiJI;qM>JK2!;$A?gKP7eV8V~$8g%83tT#Y$}RJ`b{ya9
zh=>>~4paXaUfA2{_`nD2pi}kn%`(RmT4ptsJbJ9pIR!j(T{E|@o1?0k45=5QaWczW
zLDn}b7sKI0UJjX4v|@%+(MgxlNKuc5Lwwz{x32<iHnLFlzqk#3JaR;+-Cx-^-Cimd
zsrvz8rc#K0N!NJ(t7#+w`P-$naWV12Ges4@NO=kvQ}Isz2!^w<qeq(8KBCT2s4R$$
z&1hBqpDUxY{o3-gy@C}EV4GiBt_qP!BZN=5sP;N>hOUX)CWam%`gSGhI=%B_e?%6d
zJFwBQT?hQw<WqU2;J}2IxMBLsuiNBnnf0C!mcGq5Lzz0U@;O3$)ta*Vk!y{zig!A_
zOFMnuxzj)C9oO&ugf2l5+3ta?P6xZga9}f8x@!B1U6HN6ku#cnnn%?3my{e|o6pa=
z%6y6Og@UU|vv$76_@Cl|af$eC?<zu`fedS@M?%WF_s#m#PuS$|kP=P_#A_w&AY{zG
z2tKg;?bTal2<{JWpQU$%y*41ONbRLt#D2FBYrI$wix8R8+Q4pgxtVzTeNKkajn~-E
zRnH4J1K|+Q?n&BEZhCYh7Ytc`GMA8SObS)?241bAwzauws3pyh7W1L#%cAFC8e=~g
zB_Ca5dKXuKGmWL-!*lcPITPP!ZGYu~)v-7ztymD}EO;65k!tE_LJR2=s0v?5f+<n=
z>`~A4f6RZ%+cNJ1$A3fIaDAlaGWeUfht2(uBD}5-wDm=fx|~_9r`v*~#SYgh6}_#>
zZ{Q4A^VOBG^7yNw>5?7p>Gs)~p^e_Y4e#Ek`2+;|B!{KO)Ki3oRE{sZ`P99#sl%F1
z6c<<wWNVo!8!($VtTqxh-={0^7<Tukk<F-1VALUj<iJ<pu!x}&f}p4MaYIJePa5pM
zWkP~u0c0cgrFZ|S9LedY8^#C8^U*_ly__n!FT6g7g$%%6e43B(QOMQhK2L4>*D;ZW
zjY*5`vbu={!0<^8$qH>bv?%0qOm$6BRwj8c>M9|5J>GVGZvERgwCOKi!*>hO7f?+<
zvQ3BY1f0a!4PibWGL<32z*h(SqIt##cyss5K{|?RU~Q2+H1u0Ttn8&=;%>hjBA(LH
zgS~{|35j~5wtzvE)Tk*?`Ceo@&!k`4#G_>}p~WE$$Z#ji@ai<C*C92bPtPOKD)sB#
zekqbZ(PFx#zLk}odvFR!cQH52tky0+7P2r)J`RP^2b(2b0CBRbJe4vBEEGLg9YnmR
z$j{Gtcvw1a>dEwORy#2hF@p){ofmow%QDz95`jD(;N!g%B1=4X-J`S_)XIZq0Gk(1
z<C9YRx>E*5e?kk<_u}g{4S||EtNs!KRI8&W3tqrshZ{bO@B=8l;i@7fDIJP`q6$#z
z!F=k+?;hfi5y0<2PO)_`;GwCgUxBH7agtw?ZR<=Sq#;zOM#>PBU$M2zC?jEl;Zg#%
z3p2uP_LR#*nG$C?2<$`(um$!Vnj#A;t?o#N-K(ohUzgu+D!fR<YbdDCAKRdqgkpDj
zSGS@>2Cp}!W0WT4@KKCvFuXdcH6{kdQK!PQC-_+ElQr4R{lF~E!PHIdn7=>w{y=Cq
z?DrJL*HgM^7*ys{e1DL??0+MF^<U(N{5SFsb^VL{*wIi>k1;dBpPh>ll8$TpiWI}0
z-iecqKRixYEm@eFwwW1^U)dId$}uNEJUm7^tp`!D4u71Mh=?e`(m3U7d`vJCpQG+$
z>P*PXd^1_r$P6>ugCi#I9tlwR)A#d3-tS`!PmC{Vfs^WDwrhH>hMc$P512?et`)ml
zk+c!VL>dC&<^X$m3pjvbHPCF_Y;qEy#k?1YmwhO7;nZ(iqLomA09#LlbX3~3p`WFh
zo@vsjEWHYNp78AG+W|c(?jv}`yjTec;xn|h7KaT`4{4Qel?2?e0;31v>&7NWgX~T}
zXZAP5Fa4Q)c5|zN9-ZaXU}6n6nLG33e6S}D6hVE6gqMKRmt~c77gZ&VhaA{E-rvqv
zX{K2WvjG=3edp8UJ@`u@Vgn@!;R697VVR}qZen%7t+%1G=UKN*%bJ{b75W_)SG9%&
zuV);n+JQ|cKQU1j0#Zuo!6kt8#X}~j+1_4(YYU(iK4pN7p>chEeb3O)?tcC7-5pN#
zl!X8@p-KtHCJdWg%fu~4P=|K0LIKERhZUP^Rj)Uo-8I!w4^wGgOpPXldZ_D<a~2gl
znj!f|?^sLGq%%fU_2-ad*e!E($#caiDO)L4(haGq*v%HchUXmHJ`ZOMN5y}o7BHd;
z2@gt;rTGghA9bG}6B@L=Lgt)CeuhRo6~qQraV|yWc3^W}=>avfzKeTN_EEhcL}pb@
z3?%|5n!fK6J|WGNdj^c~BZW?wuiB<elMS&*S|OxH*?0b;%BxSSvb>xb?Y)sdeAlxE
zY@MquLZpG1-;E!y+{i4C;JtSZ_OmCnCX7Cj@qYe%tl0Q;w@u!sH4CF3Qj^at3HdTq
z!PPl?>v1&{YIZtW_eFGFwGU2z*J!<3X9)q?Ppb`Onr6d{pH(WXH8au225x0yZZ1Zs
zRR-xj@R8^U3v){_isWiEF&e)scy|tFQWW}>?;Kc3QfRTolV<hBI8z3x9czo=!0Y@<
zo@ajBBPjfu$y_O&jnm(Tz#d8?PdJ$(1>FGGEtSmpNB-+~Dg^WQ<MixL9#`Y^<*V)5
zpL7?0%#TcCVM~#cu*~G*VtWN8!bwo<-Z)R;SQ!-qG<Y`iGhS1;p<+tXz=_Nz?~3v6
z9&p~bgKBvc_$KZtXx>^vY&cneOqu76F5Y>Mn86F^a;a%kwV+{hhjr`J^egWeXs#F>
zXw-11)|N*<()XrozrUra@)P{(Y??JBoglTLnYQwD_!YVTm&q5jR2dOaD!4Rz;a&l2
z>FUb6JmK6LI}P@-J8N&j%05JS7nhL%D>*!349Amixw$&!h0_riZF*fvG8{PXKD+wM
z_1%d{n@AZbvfkxLP0Svz-+_UUZzfc3+1+LrS|W|014UJ+Urv*rVS_1%3(UV|!XdaZ
z1$ABD7baCwxk0dAe9#oYT7&Lc{Jh<2d@wOP7%5c1%JfJ}f4yF<%+146oGdytqZ*fX
zS4Th7u1rXL#%#t^nQCZwt5x@{xq{&19aBzoWjyQ+z4Ul<#qZA8FU(hCFUN%Szbv$Q
zARo*(1NZSIybS$}X1>HD5V(qo0b7SU>&6@3M|r>$uvF;%1vu+b+TM}%>fRP6qutI%
zfpU&?*7V){Zx7swgI#NWS07^M81g9fx3+`zGsRpZ>6cu*yu*Wq6~)Dq)I`@m@iTI(
zdp~`UeX0wl1)ffD^jw#|ii(PV^LllY^$*D6cq&@JotdB4J`_HF1)`@#;JwEDtf5@e
zV;ni5sFym2z|q3y<WYroRg6w;B|7||671dV6@#g(Olo>j(Gg?zNVll4XQg(jM`qt|
zd8Z_TM$hIHC({TX3TJiJn_?yN=3n+7I+W3B8#&)Jwah=R*7oBip&EywzEJExeOeGk
zKPdZH6>nPb0vSUn49jO03YoN+|L`>75As+3Z{+{<7x}gS8~Mjw|3&_mPf$>73@}QV
zQppBnpOsMYbR{I)f-r;%lHoKd!V;tii$CH>`d7#QOkdpV95J)de04hX_z7&}`6hau
z<Ns^TGVh_Q5%DngI^k`Cj9`f8#ZqMj=X4|udA!wdJfb)Y#kbL{IkwBug|f(@7x*3?
z%o(`{DJEkpEkel_L*EDD?R(IT;}jxCgXzT_rphYY+nGlQVg0Uivp7)QU>ZyJR7O~+
zg;%@wi}=4kdZtoBibHlFh}X|{`DuA{KFXYcF<WwBDm13_Lj`8rZP%{*!^+j}XDc*w
z;rF+7S$S~6?n>V^&gebzbmo<^sKzCA12P;rrDw8cS7X1DQ4!#NLx_`vnj;Drv8Og;
zzyEfa6_s{NdCmUxAig7_5dB!;gS#6+vWEVg1hoJaoiKj0uGK6BmXXGS#kk(Gp&dgg
zG0X1}JJ2W?jRaTmJqx)r>vdsuksMEyYt>Kul@`8w<It%V!xe5~NXN?-^*FV3x6l6m
z9>Fk+YljB0od9;X&fdP6|7IXZE&tqWzH-yyo>sh+Q3pB85<UjI+btVCc0@X0M|$K{
z+0Le1R)4&&=YC&`aMurH#aj#4CuWV8<~4!$y4RMcnIZ+Wl{81aV0MvQQg|9m=CVLL
z6Yi*6qu!z)+B3XU!TU+x={Xg~z&g)5F$8_uS{h`v<h|6Lso7B92#NN$zWgB_9D$kg
zE;~vGA6xe}AEZZ8N7OjXI`dEo(Y?b$kJkh_rfm=Bs=TkaTBA;1TNHw{DOe|;_eGyg
zUL_R~|N7*0(PQ?9I8q`q(zBob?TGQ@+oy5Xy<D1;@ZO|{%#`UHM(NcCZ5&Z<ID8S@
z>`x88ogJ^M)DV6x))lbJAjg~YVJ4eWlNzKM1<XukPMZ#{5e}~Dht?hz-sVP{?uUFG
z&z?T(pTzunAEA~#l{JCm?>szk<&V;8F0T*v%w;2QoJLB)2L`5)Gd8C~Fkkt2b$Kpw
zd4E7{cT06k_Y*ii7QmxR(ps1pDx!`jC;Qft0LNQ5pkbM}9_ScJcHzujU+^Q~cxrY%
zATD~R@}=8n{s19qNCkv-n5kPA3@a;kEoDlI7(o=O=|Aj|kP5q&kJV8IHpiyT3b9rf
zbBkGD6HybWhfnIA5})~BaE0zDKa_75xtIk$>oYbPewr=7>fzw>)6AUm&gYXXmE-RE
z2yyMQ(0@)e!#rE-|AD(yE}mqrMZMs-ECgx2!t&~)fvh^FP|xicKfV#KhjTR^o$Ti}
zTH3T>dF@Q*F17thzN>-?X7ML>eSbGc<JBcvB0dIe5)O;`U(hi=HxuiQ$Bk23!Vo%c
ze&m^bQt|A&sH+f7J5nqjJ}y75$Iy#xwUXrttw*V~OrmyAw6KnPp$z)C%xbnbD_=fa
zsk*#BortRJ03%7#LRop@y7ZB9gT#~RXhlj{$a$uJ=MuH_A8r>pY1j;Zl!?q1tRf|%
ze%>)#2*Zp63XFT(@#>zzajCwU1Zj_j6q3G5dz_n%-?zC!+U1%bIGoQlZ+2LT?=sn4
zUI^*$B0g%@1VvA1^<s8Lj2C5o%N5DyXT5$H6I2C5D?XBwkfY$WF%7%9`>Px<Jru_B
zGW!+~mfW^~wjpR8PEMK9!gJeNApV4J_NBmID)Z;N7WrSbLXZk=9P}PhB7P?7=3Nwh
zf0Jh$yCb{Y2TXB2GHXrc;%tZosy#2tFN^Y?R>#*bG+u<6x6m;A9?g78fZSBaw6nxg
zjGia5=^r&%zr@Z&W(U2kdl9*D#OZswv5Ld#Qj54xZ+=(bR&Hghi6^BihYm{EdS954
ziq@5{#N**|hQp@>SZ|IA(S|?A#zwdd<o0cfA)G3;UOjT(9xJB7-GM0RwA6gZ&-1{4
zD=WaY-c(~HNnfa*yYz+IQuTV6nSFmOJ9TvbWGtnNqrxuJZ|_$+Ym_j?nC8J&5@w^9
zH(nb5ALOt3-^gF{7x}gR8~JDH|3!X(Whf|)0fW2du^+@cPzbAUo_2k$r#o#L7&BW5
zlYEtPSF%__p!ddqN}ZpM^vSNTX9=4*tq@B@F0j~y8D4zR5cPe<P3H5|?_)H#Lg&H5
zmpG<rveFf5#0LY17+26?r2%o>Ji;A6h^h=cy*L{zv8dhsQ6c}_C!Hx3(Y&qIoSrbD
zHhFysO@vPD>~VL~<S`51C!YVk3+vQx`neaWOxlC-hi7W7wlQ$-x0a%Vn}^YjEe^R@
z;7E$ZD(4s8Oxx@@3vxjW-=__CVYL#OF?OUiZK@S5*dU`>Jwmnyi%(5?oj>O(52a*B
z-AV?U#vY6p;|@Ne#ok8m2lA9jzGFvHKKYtoq5c-kM5eTNIb@OqTYL>@1P`Y_yw%5w
z+;NhTY8yTUdn|Q3^#Y_!-lADY(zMK}jM({Xvd3K-ceUB^9xxFab%`}v!+9pzB01}~
zAlQX(B(R^@H@%N5rZUhf*V8fRlom_lSHpwp)NfOQdKzx_oTRFb`D`AIk}9&2Um>6~
zO=o__Gb2?h8@)%PDR?xZ44E8AiK=>sKZ5KSUV)W}6iUclOt~v|B7WcUgmjrq`@#oJ
zWoxNvj2Ht90e}_rN_MV|l2Y_9Xl7w>ZnsqKgX=O9)jkZW9{6m4M>;U}5VELaTZx`&
z*k<F6ezY9`)?u|?c|y;~)*91tWe0X0J9)d?)j(rr)3l%oikntPdTO=*8}tj@4L>aZ
znJMh=tbE5-{wvyYI@vp$FYr7-j<o)H(u28AXObUGK9@{iSkGeO-%%#V>lsQGaQ500
zWWX@Smho>lo+;#O;y7dKIxXtYw|xdDxJ{$DTbNz#!#qtdu*OZY4wyS~*W0rg^uMqP
z&>WME)R{Fqyq;{CS;5p-87@i#)Vo1Zn=p1lc`z=<)Tp`L0aLwQe~mzN&Bm{z*L}(-
z;2Y6MoO$5{^GpUJ_}{6mN8{|twa*!7T3-g=vw<wkNuFDC8wM9^yO7T_(EC~Z*bwsm
z)^Vj>iAh%M;tJwSqHVw-lMQN_gSFWgYhsSqYqJ9O@+#Ev!<pQw9LJB1hkFNRld}=x
zYz%wvxl>cC<H(l_wZ}}>U;lhsx_37WYsKK}!PIX|WSaDa<msRfSd2dk1Nte0I5(g0
z5}SzUTgQvxgCp$k$@j*KHy(WHF<?7XnxztkF%du83xb~ANb!hYUvv36514AJHA1<{
zw+=tLQ+1^Xd#3SK8S;Ocxtko1KE-S!A|WBc!7)p(zPr866%Tyu`Rv;D(D5tN|M9{q
zcK3XW8=4zdO(nkbW@sE;`{m8S<Htc%)DYEiBq82Va&d7z`}%pcYi-%L>_+%UGV*Nq
zSCd2+bEh@lwHndNw6@g)ECqY539Z*%hQ>H+ZI6r(nsHEasNyS+R6C=`+@+Q)Els0V
zn?2~vR@@sqmyxa)vQlEkJ+7*xc@};SdKb65^y}XtX$XkliuZ04T6wPId9Zyvnpz*S
z(*(Q|#CJwnW?X13I9H>pM`v#)8aZ=>`NgCOipIX8YcIbFup|A}M-DL%;AcPGxjda{
zjo(J}`g!6qFn9v2cgr!fM_csx<Kz5~RN1X6H2i$E)U;h<=c!#t7SvE}A4CMK(ppdF
zJoCg}&?}$q+l-pjFJNlt=6AoqL{;AlukqH|_jD8#{%Wx?Q1T=aH$8OSEXJSJ=v?))
z`c{Egk92xF&(kr$fq;i;3;Rxpm;-ygC~gwTU6nk~;@%uf5Gx4%<zbWJzCdW}UgH9-
z0N8zmHn+06{woymog?@3r-AXT!PDEDngZ#wzKYrxW>(PjC8jX<PnpO=XjFTHj%dMx
z6RowpbS}nW)@_1!_jk$cyo7s;-2#>gQiUX9rZ2HABb(-mUs6TEEwuBCZ?ngRF=L&u
zWlJ#_hY|YR_4DX0P1qb{E;<LZxm9n*B8x)`@v$}kAph|HM*iBr$p7lUk$-9VU*t!n
zhk}yX7hiod)DqB9PZB66Rivsg!IJnZJ)#p%=jb&3G{h8}|KQr?a;v3E{C4X12UJv&
ztMGRODQD@M6R1hpwXa{psEr9=bHG+jjr<H2vcfyZuB2JwF!S{EEH>Bc39gShJgsmK
zM|rpGPZu3>BQm|nF%j>%B}HP-RgjQrV0QAt4136QtI=Q3C$Tn%Gp$*8_UYtfylZ`3
z5nLcKDqYUEN}sLIEYR!p94O(C$}Ht~%qBS0d)y3ev?kMotqFo%uT#6BYQ?rPv(5R8
zg&W2WVrtYLS~%Qo<oa8^_iC_97pA$fzBL-J{h0R`oN3J|n~{U1s^QGFpY^gqaNR7w
zJs-p$N<<NlTE-zCGht_?GNC!vaC1<iJoY<fBiXj|dmiMN(acra+xNK4Mdq$w`Q-I1
zDId`^x&MtR>t0`_8RbCZpr4u4<^qobHS}D#@Mc2ZornST(!l3uBPLcp#+gP_oHm@C
z`qVU}o3P4x>+UA*tQQftxZ;yy=_1hW$r+i?`rSMnWahZ2H8)@IjNB(VU01lr2q4sP
z@-z@x3^SW)PBg~8Qlk%0^N-<;V>{qy5L;7XNESJ5E`{(=t>xYrFFo9QdA5!|z-7;I
ze6miC3y3saJWPkeN_Tyq<^1CuOL1ycBbr0jmc|rP=`GtGWxXG=zv9jm6mWSFe=p*5
zfUf`9{rlY6_E%4^-MxAJWTn;hYaHovv*XiVwxepE7|`E-{KQ2Gmnu+a!1?p#=FQeX
zEV0J_`Hp%qPWt<|$yxK&`Y)&;p93D+^77UReNV5i*IQjnS5^M+j|PEpFO}ewq2=j?
z7U%6aQsLvd^+sEWot+)n*Q%hPAS2U{?c3sgVd3Od^Pm6OA<*La^L^z<2oM4PQ3D-U
zT6&nQYjwcQUUYnT`RBg21YzY`9oIX%OE-W1BnLRz{P^(u`ub!w8>h|Z*YRRTM#fWr
z=oioF5|#7pU4phd^1q+R!0Z0kvZHF}-w)`Oh)G5ku+a^j{jy9xo-Dk2Sc(u255brB
zNZjYr3S3LEv?9JT2*=mU%gfhyWStpOEde1H54czO^K9PX6M&ueZElBCp6mW!-+BL7
zY8=r%4ei1ab3FX};Jm&C#gd75aokvw2z#KlF}b;bM@z_UA>wyaGt=ey)1dC)2;B20
z!!83*AipZtd`8H%(}|lhJratDe!~3c8fPZkn|%>1k>U@R$$l?Q9<~2|bXkN3OeUf`
z9@QKHXnk|&5503$Z;Z3xQE&vDHlPAG3x*0S&X?!s=f8Y02Zq{nelD)0fWZ5+uf+{T
zf8OaAaa>5X9x^(5d~EDzuQL-jH@8=>a9+>^Qd3baT>ii3tBa!l%$JB>?R~M{!A^-v
zc76r5d|Zd?{<rJ7`6{~H>bmo_cM<XN<KQ6E9sUXqw^Rg2#{b;($!hyRb7lRW<3A7G
z3=R&CM9^jDep<l)j>k<a?Hd?K(`GsTe%=2%ccv@g!Kd!v;}<fc{t2z6hIXxgo-SNs
zVq!r-0Y19{S~C?DRS0cTZ$d&sSy|aWYwq90IZj9qo`BEgL3k;21aRB6I8z%xjHI*E
zCsx-jfuy<U?`@laTU%Qj_(j<4?+d>nhe5S<bGuAshU{cxT{Qo_3_I8T!^4mF`tTly
zJ75jL!ons?L7okK{Lk|L^F<b=W`vAH>p2RF5*0-2&pVJZ9*DxG54hQkkm>s4ivbQ9
z5JHG>a4TSyg9%M|(X;{rH%GG-;1hs5*dNb}kBf_ojErp9>J3M||B#^aDxWBIF`RTU
zSI*(}&#-?k`cKI9vKbYjlZ);A?g>Q{f4upF{NMgJ^4I-E{+Iua{2THABEL~46x23Y
zX=CfxSluNs>&I3+z5Moc4{!br@jsujUEywV_GPK+qG&r29-hbT`R?hd)AsSvhZpH=
zdMy~(*ru)?S9e$62Nt!meAc8Pf1bjYBO=~(-#_8L<$QnR92gjQE9P;W;YTj$BGVbK
zODP^BRg_grz0Lz)t1|b`^M3LQ3kxH#<Kf~uj}-0J46krlZu(L9GAtq@?{8%P2Y9y7
z`^LxFd3av69CiBtKGAjF|CS3L@p_y4_Yz!TkK@RwC}b2AA^*Ee>{9R=$lo8@`u=$_
z|M^U3=<qw2%Z^<SYd)~gM=zfqe?A2~T+QbN+#Q0~W!L7sJ<w=7ubM05zBfwvq2mAj
z#{w@4Cm9H3sS@P>fZ$mNpfMa)S|(Rl{g<2U8A~dvtE(4P7~V7;bCacabp-;jSY25`
z!C{yHR|Vm#NkB>}YB5T{&dx5Al(Yk*?+&m_y+Eo;w=pTH0`ken*B4T*N$YvC0-i4!
zpIt@=DZ2aTr^nynRRmmS3OYI&lSoWgS68xq;9?##n7A%GgNZDQAkgu#u#!R~Me%Xi
z4epcG#BN=eWolofu@H*-G-z;npYI5{9~qqh2L*9BL2bapoq!yWG{N23))Luv2SIx=
z%2jGtEde*Gsfh^#K>N1E*i0lG)hwQJxma)v#}1=z1A}j_i1$>YNGQTHo2lZcqN+g-
zw*z(8Az;Sl+}a&UPv%+x7xurJg`f#CrrOt7Pt%bQJnOh#^VP({#N>3^=zfRGTnOFy
zHI~?Ovlo6io>X|QNIw4l_5z<-+wT76Op~Ge0)(|PHCS%$Gm|-jt{FIr_-Ktq&|!)_
z`Hz|yXt@M;=q5L(n;=uU8z4%5(rZ00iWlQjI@Q#RRA{$b<SI(2nQL)2jX4KN3xIGc
z78SbhXK<{7PLs>-@XHcqN;J(*w?oZ(FwwI9t4SjSfb+%f2&7mc5rFmeU?O$gPLK3Q
z?W!Xy+jfs13#)oqgoIJ%MTLbq=r1K?9=4*{HTRbPSrm`P3JQ>+U@)mOfl2El7&f0Y
zR}xd*d4E1))>^+Msrx(T>uj65t;=z|_+v)HyB!rBX)7x$FtvFjJH}zX)1T1_FJKZl
zfl+Xo5}qk3g3Q<IvTIaA^8@5IcW39r^{%d&Fh?ncMCbt_<6b!G-&B^iV2!1*yhf`_
zz%a9A|9q)gXI3QU`@u+k9NuXbIPsoZ?M)1i>rB5sFM@OJy7(rXL43zfyScg9Xfu0$
zdfLr)T8HqANTTP|mEa%}lbVC7Bp9X=*s6vxc(}a#V%ZHk6ewT&fb^>HJK`DffcBAa
zQbY{t`FAU3{R~-nVtxmiS2W7QMg_$7OAVMuiF$6|=c=S5o=<>!A>fTt#?k@YuULeI
zcdh__6VKW7+jfRiZ7&Zd(eUu<ttP38Fkz%d(paZU)x<rHb>vAOey=~hou}95SdxJi
z_B>Jk^NRDCFN_n!@yP*#5<7Nmc09*<KWN&*d3t#XmZoJEk9AC+m}aTnV%-hjn~GQE
zE|2%#FuCdJ_?t*0CMV$AiahVd1I3!S{jyt4YssW29n{{75F*6367$;Z9Bd#zs(*aN
zC_fc&yPH1B=sE;oz4o})^lMTf#vBEe2Nr$EUzm6o$cHsG3t}ZXB?)FMo8NIPix-4;
zUf`p5?}-t^&JHCdB@Iox=g&@`E2eO0XlR^j-9{TQmpG}AMAXL(tf_#20GetymEG;H
z@rLyw$Ef9hrjZIp9U|@MnoTy0vvHtWg@5sR8*=%6;K$VLYz2fm%GLdguH<va39aa>
z;vXOpnc0H;2LeVe4$|r89q>}B6wEjC22e$N_6PZ={x|a1|3!Yy|3>~j>3@;`rvUKw
z(9NWpeF9+-HKpY;2qKD8N0II@QUnaJH3WbvFG~fmexw|Ibp!D(QLeYQSAl4;4OA!8
zKV*`5T3mLOvZQcTzwJ)KclMkR^Vua_G`%W$sJ9$HS!#@S=`1((G^~6}fRNdX!Jwyl
z%~80kJvgKUZIhU0?DR^&^Cahs4LisRO9eC>92}GNtTY$J4|Si6v&zaCxB&||V+vME
z!$1qrn5DKO@v*U~e<WW>>-%1x*w;>J@$>U%8<a8bS$qO;Z9bebl!%pI;k2AguQtUf
zI!yTHbc}yJ5+Ua0eT!(|=13$;_C~XM6UbM_CLWd^`Jxw#t|eH0o87^%-`q{`kzyDN
zju7<Ck0a?Xz!^pLV55;)hM?=7S&W@IHqKl9VzG8~A|51!umG$N6#}r|21wGA>-|h$
zdjF(Bkm8PbPKq_3CG5#YlrJA(N@^XJsjA+)UPhON|Fzqxg)=(?Q_}%|%lA@&fHFjp
z(tz@vEC&x`iD9h?JSLQP8CortJq2Iy&bM6R+{oDpvf7c28LC!2F-$_jAxDevP4>$P
zh6A?zHnsTmntK*cj}O=%DwKbLca~Wi6Gpl+o?p>FE)|YafalZy6-g!x^US`lP9>W!
z6_#aU7E~L{msFjsiD@@aM-`uhgr-&Cm|xe?9GU1{j&y&>$)M0pngG-A@KIvSEk`qY
z9HU?d#}_!E<z)7^&|&6?w&=%%=A-@z2z+Qpz{6L)X;yejdI3R1Cqt7w0P%Qtc?fn|
zP?T1Ph>F%*jNJ`0e=-|Ms{%DMO@Qe@OaV+o$goNl&rkxTbTl5Tg0EF_FOT(9La~Nw
zRFU)NtGPEIxJnth2EZ8`yf!m~3vh<@FCg3&qb*LGy~PYwz)@_`W)o!g3A}dj=N_b0
zmfH@q$(`iab!M1NU^e7?koA)qrOa}swZe+2i>WH?R@-<NNo7VyMk?MkJG=^l8?wep
z6iG!cOO#^bcEZQUcTr9Gby%8bqBKa+Px!-_f=91JnNZ%cF2QfE@-@h0mY!jb3pJF4
zVwLZHVP>Dtl)p5U3?*6)$`N#2>)5G2Pq%AI#l2_KsmUJ%Yecz7tfbg%qdT~U_^q@{
zbOVpnTo#|bE(sJ0W6mlvMkRo9K70}>wo$j#Fv8NLBC0YZV}+5i)J>K$Tk!Dkn8C7J
z!1<*V$12!GNbY|*Y5VE(-T@B18}6NYSAf4;s;IArZgMCrC?4>hU4EZev*AK~DH>}r
zmNiLw0gt?xySRCDWTO}2P)iowov5DTnkx{TS)BzfZQQ2y$$-=vOikxBAI6DJb&Vwx
zC7M+vEraVvgvVpkTM*R$;=9~noy?{$v?qXKjE7-kWN=E#B%w3$D+C@jqm+**p&}Al
zES8vm!1PR-ge<*AXS}l~^%Q%B;9;A_1&y8(BYQC-VM`Wa^(}t1NhUn4Qc6&=W@OSC
z`CH|%v(wXr@1}<{ay7uD@iKPv#Y-;6;&9L=ocbP26ioPuSPmu8A{oW$#=t{L6OdK&
zjnvVw*Hu%hpOcH_kd5J+qK*P1;n#?OU8iT7ljmW`*fCi;*q?FP4fIs8r6H5Z1sMsb
z@v4K@^eS0lQUsOy-W-P2dab9LM3jRZm^=B;*qC&WX3CRi`g!<JQeHeqI$wZqG?KB1
z5G<@?+X$9^i{@O7{ZCEE4x_0IQ504b0SE3KMOJ5BB(uJ0QV=}kKV(+K@x~WSG834<
z)7`sHHw;kJZMR?M<I42AJ?|;bm!)}iO82WU2Ttwe<8M%IC~)Pj@O*W$nX9~=dci&^
z+&|%mokrcZR3MEgt-4?H0y2a!)Ru^i%sPj9uRvOmZ1%gjlP16_h7-(~)T}O3{$o{h
zLd>A+$IuRE4YMZ|@p1xt&32yl>RI{lVUs122BZo8ApgPtM*fDs$glC=$p8KNU*zv6
zfPxx&z(8<M{QB!~I-+F51mrO~V){u@pUX0R=;x$DaI+!eg+D+}s>g>-9PLm{rrScZ
zS{Qt?4>H1K*6yEhIU;dUv0a!fgJJ{)koCm+I=N+X{Sg>Obg<maj(h=<s`26;@%3>b
zz^R#9%2Yl#-0%4kM+p#9_7yZG+H8f6@+icl?vX=2n#=QZo3#$X&(hI5D8|r-qBF>K
zK}w`Uu)?9HQdAsNIjVX~ELD;ac<=zI1!K_cr!gCzKjn$~HhJqk-OYCyg?w}0g7Y|J
z8ryPjsnz2eE*{M0XJ_h7;gD&~BPv-b)1Yo870_ryA@5(GfI>?=?C`sFaYMZgspV2!
z#K$H4nu}$C7891Su~2K;Fi~qNpEGQ-D>K11y1&045mAIEKd+0i;v~{>0E!QRBxkhP
zjXtyZckc@2b)Mchel`c0D1%yslHgtg<<A`omsX5Ale`z`6EP<PPb$V(X+|pIAWYw=
z$9}oVT#1S@JZft8?K9$EVEF!KBZftrQe=?e)-oJ}1+)Gi9-&0U`<#McB|-H=qWMVL
zX7G(iDwEc!{e>j4?m~k#wp{~gvEx+V07LY)lfkhR$w1xSa$n+Henm(aJ}l^h+5wFA
z`}q-%DQEMIEy$EASIGR_|EGaGqv}?MfDX2RuULyl1C%eP@GS`5_{as+ZAt@mfMscS
z!+qBvLN;)fIiZ!ruPHAL#f6Qv4N5p3(A|J;s6nxW261gsCQZO)M?q7PD6CPE!DhZ%
zMTP4Jcs9vhf<*Y<L}rKqGDHLM=wdhB3p<h3bfn0KOoSAfZ+b%D2_w<){D(7%GE_kl
z+a$F@)0+8YNY0y-=j-Fs2@2J?_o7tzup{Nq%2}lIU*jO{hkQxk$R1}0qGSrA8g|I*
zS07(RDdRSd?0(uwGy82eSR6Tk`;jk*q!zWUPUlmOjGY{7X6q%)ApwsSMseTCNe$U3
zTwbrA8{Fhb0wwHwi&r23DYxZ@0BvF{q>jtUUtA8T{$D>Z(Rrv#v+Zd(r)P(f>5GC7
z4y?k0_428tV?Yfi#kwiKbGtL1lFvDa8h}*(^(>!KGr87ODJL1rB9_`azrxDEF6`)Z
zO{+qi@D0e#HE#jK!R@psbvX55GBoEWx7op5RrYHAy&_PL-W3!GULtj2*BTRYWL3Vd
z*9Ha=kiyDFO#ESRD-p-k5xF9xNOKL}X6=q<zGP#dZOXp|(f7I%QQAoQlm#6fo%@rb
z0;IqN<igm>?nNhL6ysc{z%WLQLb#Wq9whqHswzmiW7LB?x+W$XAmL_E@PI5J8l74_
z3=Pf1!Endxp@^r?`zDjnGETQew4Tg+>cb0q2pxqWEvNzCT5q$$aO>;0I8ka~Qg6|N
zbMi8|isWLGR6rj7(u|y8rR-&HWyMe(?TEdDOb5y&o)p;hQlgh@lY+M3cW|xl5E-SR
zK_C#A{916(LTb?4(oOLXN~wkHtx^l!pxTPc`Q~2ump<8&4a%%e%K6$)y#z;4LEVOe
z`QqeDH|Qbx*Tax5s7xu(=sr`z@*I5B^H3N-f(BEwQFp<@)H>f$J>#HP;0sD5RO6>=
z=My)-Rx7R8**uq^$65-r=H{Z{wie7*h_|nfHa+%e$7r)z!GM5UfQCgFED`g+;}8NR
zKsNn%&GkxG8k*S%4x%G0GMdHXB%q^R9zZ_}PFunaa+$IdyhdTB%!?4p<aUj|%79|5
zrDipj@ggsdsU{Q%8}YNP(QmukO*bT>ozM~xV>2FPM}Kk-0mV91(nWoR7v@ap&Z5a@
z4q`ehF-xYTgtq0Jn*oo6MnL<#sYFS^4tEmTS33)@Ht}rTdH_5tM@sR8R`v*cX6h-b
z7rEK9Ia563I%_f547~+#RK$qe0OkJZALKv&-^kzi7x~ry8~M*F{zd+VUtoGe@@Wo{
zP36nd=R7hr&CaHPhG^GE(#QQ8I+O3cePo^?=1Ri<R*~>3ygDmSB79lm&8P#*t`)8}
zs-*37$uoU{HiaN>xB~8VeCt{<2uk}Oq7$GJ*!Sh+>Y99rrk@H+=TcOS-S$po!g3M|
zXY_4#mLo%n2uQd{)`Q}XYa$0s;eh67()lr{tegU7rN6=VRI<Y7);GV~NCTOuNe3NC
zLeT!ifg*$7agC(fo~>A=w@%L|HWd&9G3b{ktIM|+nc>w+q#}6O8GVV=Z8oNKTf{S7
zpn6lro`WwUdEn+nL#X=CDwBK1jzBj=`N8{iLlOm8S;9z^RV@;?C-bq}l(60aC-@Cg
zCIM9sSI&x!5<6&;g}hEFkZE2;kB*s)g(%?cib?uxHVZyb`|=x(Ti|oZ|Dsx_PTfKz
zY%$YD>-qW>QAm!mAMQgzH6UvWwURi?2#fNa0PSb^CG@@qzzg3#4%*<C?lM#t*6W0+
zPCF^cr_aBLZtKTP`8MCXOco`qfaX(bT_Gwl49%lI60_zlJSv{Vt4ZXN98q6BxOZ-o
z)lf8P3{`;fMv|b);&(LAQLY1LuBax{JwtopP#&tI=)$~zQg1%O7jW+tFc>8W=HY)?
z$W@vBs3i@BrC)5GeCs0FZUuJcWp>^AIa^tkaZt#qgqm%~ppI=@-yp#0Ir#P$(WzwZ
z0J5Bb011~>J-@q5qbLFIZJpz~*r?KT^qxd&1ROkegB%+HO8cqsB1?(Q<=)}RO~CFt
zS$jXC*_g@e5a48x4=}p0WP=bJ7yFGyy`?KaFY2&R6HG~gkfOvEj;me(kc{uA6jrsp
z7_u!sT5JHP3LrCXohMNmG(doY(C1!clu-~w9g>ljC13`<ZcNtdX4G5aKZy+h(B8$K
zg#_e`vxJ){KO9u3MDjF|=xBKFO~gb=Nl0QG<B9oIt5+L!(7(N^(sc*DID;`@)m<b7
z#<(P{E_Q~JLGf8kD*y9?$-w5ogeFepp=`jtp@U-gCp=c&F!N_^M~8=s6ed9ee9CiH
zh^CT`ldxHmtbp7whmmTSjF(~M*5^g-qxoVplU~*cnqLd-rqFX!F%Nml(@vQ~rp~b1
z7<!`Dm3rvL>hqv!xD8(BCRsABL6Tsg@R}0KEmT7Yf1e4D))e^kD8mW^V;n3cBLx*>
zRlBwr+eWAMo`o77`R6>I1Z0wuw-!dF$B8y2%67K=CE{DQYTB#a18h#jk>O2LJ^Uw0
zs4yC=En>NC4Gj&3yw+nq`hVys1GwUh>XPH3Zjf}X&46&AS*rSsl1R+21*~<SCWlp_
zbGa!pFAVSW+a(R+o4dPS`*OLFO9d>4TDm?y%ka?{cE)&JDsR4@V0*f&;E3H@Fkw=W
zh*diJfVB5~&G#p*pR&5<iT($v66MT|0{u2OP91`xAZ>{;JDn*2?)v)rhCYY1-ZNN?
zoO<Y0Nn!0REi+{rq4(r_FNBnQ{<NUrw6N$+0iOU&y(nceW)3)_6weZx=xVB<4s>``
z$<hfF%muHRB#Dz96$QxdVMzizPY@c0$4Xy;ab?h}LamG6><g1C=?c#cDcbSylR}{q
zh+0F@^?NGcG}?sM7qFoW4SlEqlR;cmtbx!oW?wiOhTe@S!AZd@fb3sjzoPX#o*-Tq
zi@?$FOWlv<=5$2M#O{}bM5**@WN`WTD+~8;Rji~ys<Bs%E3&yC^Xg5dZm?UNVu1=s
zI`tMfWsLblthJ!6!LWW=L6*-t_*`+*4VdIyN@;}4x6wpu8gCalCB<$wVC#wdUSc3b
ze2v}pBR58T3^yI=E7_35!NNWrZLppmzUYi(LSU^67CDSWg0&s!bm1bJLNqVJ*R@(|
zuwHF*f7bS{Y$59$WQ!3-FX*N}$S-F1KTlw9`iuN(|Bd|DhW{e}i3SuDwsdjb`$xH3
z;41H{1jJ7AzMybn1yT*rSagap8%xykR5!DDZ8L-i(KA0>gB4wwCS=veAgNmaS?u>Q
zcl6cffYsZ$40D$XfkH0E8kk<w5KziujXJZU#3HUphV8O>ZB@k*FXUwKLFvm<9!Hwg
zMmrlvot4q{H5QB2W66!$_12x2(eA-7Nki#M;DP|>B(kIeW!;b;<9}#3e7rzRecEWg
zF13CrR*7eJD2ioGj_ZGfI2Toqn8?Tk>=3*2iwjgVwBj%q#R#ilyBwCK_4W0k7xY74
zF|utMM$s43f7+|{t-$bN`~PBb>+TTd$|uj}+l3cJ3R1F8KFb=9BA_5F;gu&X5X}l9
z<<LnnDnaH^C}CPGC$v%|8#G<Hlkc+9TJw}fU|?qsmVX&61y{qI@j3!6A<OsIG3IlH
zC<R(v7#NtGoIz>iGMF`bM=VYU9Sa!?_o#2>eLuq-b^FiC;?V#r<Z@171sx}oW*bn6
z7d8);Z5%O)n4gZ`pjSHvo4ovt{3}dp)kJPMMjpA?U!(R^*+pL`H=r0^uYK!7-ySwT
zh-ro2CbIUCAs&@?W{ti=Bf^t`LUA^Al?R+_sOF+xt>QOydDT}MJPvqJg3f5f{BlMy
zRQp9=-W;p)Uz+Zz^BEm0d}Fw2%0wFcxwS=gjg$>d*sqV-?ZoPAXLHWF22){<v^5YV
zgrNI{vn<9xHe08b?z0g-jhWm;<QFA~zn@<XZz^HRZ9kPMzBEOK4)ljw;Sw`onbwG1
zM|M<DBWSde*?ONtt$MizM-yR`#h#2O&Pj2Gmw6WWadXqfEC_3W!661FwnmwfD1Rbj
z70<S#(HT~r-MZJhJm%E_%I356d{5$eE{_7+{(N<|w1EjL^k)+=v!nB~FUO{*r=tx2
ziiQPV&Zqd3T3-yq0Q)po0U2LiUA=E%3Wq}Ba99zbr~mz^==Jn)jnAfM<@(ki4EKmr
zjd-Z4@%W*8qX4*elG=iOm;;;MB8fokZXwIDtki?P+9$%(U%%e-*=H4fPxwd7=}=d1
zyXy)EUOu4d-rU>>2o+t20NJy5sL1C@F=79OxFe%xq;cO{tt#DFprB6Lca6i-zDVOS
zjC=HyHZv=}H8y`T;!u`{c>dLA3%n+cN-BWBXC|Yry6qi*|LoZ_t+xLo9lo<fYqx|1
zKHlyFZfmtGFfR!(;550_kLM%o@&8AzD!AzjN<LcD`v3K-0`>dV)BX4Q|9v%ac-0gA
zXXxnrjzA%r`oBLdV!9yOes=?g(`c*z(V4+P1uTF);{qo<V9CV;-c}&szU8bLkfVUM
z_Dz#s1B@Ezk+7@&$S4;WK>U&241$Io4F`y+racdm&f40VRp0DvBPjiVBA~p8krV>x
z|8@Yp=RspYcq-PZH8D0e4%GJ?`T}(QiN3$Bawn2IfF3{+0F6Z+lqd6*uP@|v2Rbw8
zHktM8Yd{OCrltmpbEai~`5ITf&pz(MDU3iWNbdrgbf&PU0{~`FX|5K@qi^#{cXoCf
z7#IKo&TghGaq$N>6$M2;$koRNwI*M_MB~$6C$@qrvs%C1!+{wPa-c?4^|n0%j41e=
zu~0YJ9U}{Zg+)b~@dq>l0t+Vo(zd0lxeKdfV?Vaz#Z_NbeADRky9Gk7&?jsxtf_iS
zHMvCa%YZpTxLgo43ZP0W-f*W^4n$D+4ditrH@I$@#<5rK4r21%7~mgQ8g22rG^~NB
zHxNUZ9OCilwgDn?Z-3v??vF13unn~WOg5`+jjO8~o!*{%lc4`#kk6B&WEH>+GT#kF
z7Xy={IqLr)ztsOm{^q~PulnD}|A753@~5IhL9H>E;bmm!@>pvY!WNLi<eoj!;W3(h
zOJz=vi1-Q)HZ11g;YsN{-y3_=;pMz%*NeYR)SVldCcs3dfTVKLZWu)av{Xj0W&lqG
z-br6dqG=bvHxm!;cmnpeMsNMPXMl-yu-aJlT<3M9vcXiNv004WSI$#b3mr7A6{=}<
z0`FTDE`!gWs3%NT&yL9osE4(}cbvn>m<LZl{!`RU_)9YnMS$*UhqbbcF~5Sn>)r)a
z()j&-_k4X+vhOn1V-y`$K-X+3xWm8ZwcUp<uH3K$G4v1LF~bK^&Hh&)-!jTT?!g{@
zA)Fxcq1|k-|9BLnG!S1P?q#*5htqpGX`sz~c3zzCMFVPs110A7yn8xJ_w%qM9;=C<
zF2v^~3|b#?x)hUvoFmJ2DZj?lZarNB92m4&V!U<>HJTrkY6Oo7u(6X@3^Le{9n9*{
zf-AFQQs8(EJN-ahI5{PmVa)@jRigbyQgeS04ru}?(}1Ao<kfAklGM#!fuwaOw!42v
z2pu@V2y}6`U>;(PsRWEYP&`4EPe$ZXjdy(h1>f*hwH_h-JLJIy&S^k?n&}BR)fLxC
zP8P~yU){<^<4tY@`EGAKuPg8=fS%WQoo1HNDHSNfToN>d{0@2m2G2xUuD;SXqu#^0
zBK=tE^cOzcK_`p7tq<}6LFE``#eGdV*V@*Gm0wnG+=tNK{&Tr`e4!Z-RV{3_i7tEW
z(AvWw1>_*rfWi?(=259i_8fy*RSyr48PoAHw4<KG<ylrG;@|X2`+~z~utLoXAV4NY
ze*XMz@K$#WQYqE31WmKuZQ!qOa7-VWmw(rqPN_P_)N7cMPz}-ycq3R!s%OH>z+r0O
zz+=+O^h0BA2VsXsGK7SLP=w@1)*H#hTIFzQC8<v3Hn1N)Cb@N9Ka@=iuKUYs8Dk|^
z&i*`U#Q#3GiT3;W^LXo1;Od)eGX9xm&_<LaZ|b+Y(Av@ipM|CUbC4Jg*1N<<#M#*5
zu8_7()rv^)-H&FXc)Ahh5_cwjc0n6Ipt=d|B6rK)LcjbC_*rh|fox~n{6T#Ho?gQ4
z3w~8*W~P9)ohMRuC?+h>PvKPP*k)3~k4=Gsjy?8LQ`1b4A~^X5Fh6<VJiW5QcT6A4
z&g(yXtN5cB-m(`}C@LxnnUae65kO5h*}wVb;M)K*fZ>Mg)Crn_hK2?pR74HucwC&H
zAHcnG{kbN(I0T#x9HD_9N=jg4%jCo*v^509#mTesCt)1XN~BRnhKKv#C>f`}Lf{NB
z3xjs&5~%3`Lb4l*sHiB=ULH_8#>{$%O(x<SsfH^mDmW2F(F9U1cDrO{Wm|SZsV)TZ
z2s(SkEr#b##A}n1osAmyeYRpAKtYgwczF1Pla8{pGbd)L>tnAvQmviN>(`3NabHxk
zwk1}|I>=%Zc}n3XU_`LP&5#6ghAEUWVWdL{p~!%kM^8^L35hE2&<SGh_EpmD*HIcp
z^D(nQi%rD9gQh#g#!tj*3Fmn^rS%x@xcdb^_E$8LQczuxW+H-HNb_N=LuPng9VIm9
zb3!he06joM5yZc}gq`5!<)syr{H;#e(|Uk+$xQJ%p|X<Yj5JaXHR+E8Yd(UPg^ekI
z1NG)U+71lSqDcNw*S#Y(h-ciIQ=&{SG5{muyaktr;ghI3V~J$G1htg<3yE8Y2t!U0
z5`41d!;l;5yV+594ty}261M@$+MEycbaY$B-aT11I7!yZG7*=!I5<Yd_g;rnv_dq@
z1UQ!?wSz*Lx?Y-@x}(v%QI<zYTCA9E;N+%gBGxVnoyo~bBG%IZN;d_mBp0e@GEFtM
zJpwz`w0Ax9LgiX-kP_<aFZ!df1%rA!?v5(Fl#g}8qEf^27Ski)qe)dMh4+J8LjEAX
z-2X=YmcPia@?XgR4(98>$j@Q|1@(==3juvYN4t6jZIS6POr#XIl?Em_Z~-<mgbU6m
ze8+C7p<K0KArff2r{jBL*@9`%g_dH&53f<qfYakVh4H0~Rem1HcTx?@c@qN~*5GOt
zNNT!IEUGJsfK$H6d;*7)7FLGo)-sr21|YZ|x-K7tF9D`!Vjlp*I>fp1bKbe*<gE%a
zrs=d@>I~A{ZW2PE|40iNI+$5nGXH#&z??`2pl?@Ma=#^uRJ!Q%GgBZ8?SxjwD-z`U
zMR2(_@=bqr$MHCrfJPtDe{mn}n)kc{SBkWyb<kB3a@9GOR#0Bv;Vh*bEc!a4n(3hg
z=VL4puab9`wk)pJD-GGyeFmRT)$fvtEXk=M5aYTU*n=v{Hl}Z-Qg8^c+)h;0kWXvT
z?437t+5)n@8w`l2Jd?wqN?_c{d2V+wQ;r=5rm$;+Rwc37G1z_&7>&R=gsLUoOlaFI
z$NT&8iU0wusW32G;BzJ_Uvr~Cvvv!{{tBxwmB{745jAWh0>uMR6)=P;UaQk+Ja;n3
zyKe?H36$;xT@dsHeEk5uL@p>Q8Gpa7F$zviO+BlHN&`9!R7B`QJ~GU#sUQ@>nwf)x
zYMub1#{{TCXruCx6VMe9OtC1tp|G*BjcUrE#7M*gM8-fRhSol56@}1W?|rf7rl7Jt
zAFn|F=FJ<1(DwHB{E7`HMF_Mb9v+^I;atQ*FWj!Y6!Kd$E3`iGEsvG+a~G=cPewu$
zD75;t*EdMp$)Zs5?o&ZSFxh8Vt6Zp+Q_<g3qz01G&Wmz$b1N#CdBQepFyi$=kp>hh
z$In-IwkR}e0tb4Bgparc1PpP;wD;*<W@6Hz7C=}on8XrN;Itk!iz+#P0gLqfV#-&V
zA}qIDLsAjKnGbRw%n+(^R+vNp4Y9PeG}!+vJFe8mlmRc<vsu?k;eY-cB`k%)mzc+@
zI}7*PatlM7nH>2U+m=M8^{GIjxK#H=Kg<YnY$WQhdZ}k0@R*VEe&5^>#J{rFn9}0I
zJHVZ@X;>EoMHf7T8~&!eB|0g*B$<_~5sCRhLNFG+88iw_0(?5!d4pztFQl!w9D@Bh
z@LD6DSy))G&`!QHm#P>XRQM&WEd%)UQ>fptBa$@qVOgq3gq&1$r<f*ieJ1o~C@ikP
zkwA+)g?Yf_3Z&0`A_LqvJj9scz@mdC8a<S>Untg)B2}Bnv<t)%CkF3%hG}EA<0If4
zp{1oA&g$vu8C584HE2`%C~>(l;vSG2DQfrA+}wPN+85`0<Z6(6SkEyxsCiqWaT|aG
z<6gSubrZ<;X`<cV2{nY?<<OA#OTC4~qQE2lY%H=&7e|YstYY1Fy4iO{N9iqf)EhU1
z%?IbfG>55Q%L*veH`<{`CPC*e^bVz|MMc}d<w1*R7FhAwHY(8A>4$F<;mF$B`zzX$
zRB#U0m6R35>M(Qt@vHmjiSL){+0}JWi~53;OpwoV*?h;`cG``(`F}DVNPArdM;&eN
z4n9;E$$oPN77~6Lh@m<XiAtQ#Zwn&<4J9QM`UxPe2EC~L|2TUKsH)bmYm{#3?v!q6
z3F($DNu|4$?nXj7r9rx+OS-#3x<Ls6Y5o__Isf?1{l-1xj=LNP;@F$T-fPXL=9~{a
z!mF==fiOxipj-Xi#|pY`AB+xtVMqa$2N(hDju#g*6hNS2Tp>-vgac;hn(@dNPry=h
z>^5s5(CYt{Uy}7CI`yj%fg(=?z#Son33ge~u;F7r!_UeC-9izs=Lm0=S3H9tS^;0`
zttZo+Ovnc6n_j3mgdrmt5aeJGHbiJe6nG=9Y>C&NaR)PEVB3Gs77NL0f=Pt|2}65Q
zQqmql6Ov6f#}vk#;H#Doq^6J@#!BN~DN01Fd<D%B;6IfoCMJre0FpEj7S`sEAJ6In
zqlcceG0}LyrhY=9hRanYz@*)Qoh~G+hB_(8D?x#wNt$ENcRpSrc|jMo&T44A$F~5r
z;q_~TXRhpx*>Wp&+1>h|ZH(Igjr@&&kYE1a$dBOh5AtVMK|pZ4?M9#+BBU@fTy4Nx
zq3~sIz#xS;C^u+tJ5yN$L!WIDXG+RaR(~imiqC$jTBw>mzl;UeA?z6{Y+|X0<w7(f
zth%Z3)glHL78aNUV}z$DSVVLalS_v^x1|V09U<#^(c@Y68Oj#x?a(YbHH~A>%!1`{
zq2qsVJdy6yDDs`0oU{w^<&oBl8X9<yu#<kpJ9BY!*Ih<qfnK)4&QSE=^oG`TF5kSA
zmX?+coLV8>J_A-rb*u;B57wXBbJo09F|88&jIBJ-M6%2z6wF5P4Nxq^q@?B7VdWd;
zDV$~;+Bs-A{%0piCOuN0&?$p=7f@tew4iT^V8WrL8HqA>Xq)&wF0G-yMV`F01=5k|
z=swLmytIT>#l3!zU9F97!STWMs48k4^H3O*$0c+tA=w)FBqnIXg5=L^D5%}A{mj)?
z61y3fRPjMZYyXL$NyeTFOibCSU)YxzcXgU}ilozbON}z6zv5-As;>;yN?_9{dJ%L)
zVSO7PGg(kjPz_JnsrA%0A_Mi3EXUD&RX~fs=48y*E@Ew|_$f~6R2wM^XvX+BMVlq_
zQFn}l{b%KUm{~k;#m7y!5+UH&9JKw#0^#w!Ci7&j6doc5Hn1}M$UkkBDN<N;tk5Z#
z+)P$!f#ihRs`@2;WK`7bel|$p{rvpSsCJbWpaoF$6COMDwp;<7-iG$CyfjBPLuHrs
z>U?qrP+)P(2iu>Tdu!<!O@k?nw6s#JdV00y$~Uib?mn8?G$G}n8(czFg5*#tBz-FF
zg#}c9h-6rV?}j47$Ha05huo}^@i!lF-8zpU(1-)FM6A-g_aPZz&SDiFM4E~x^fCSW
zeYd`Ok5l@+gw<1bN1R4#Eb;<7ZIM?(!^8bG7Z(;FC%eDfYDJ0hdY|^-t+zlVBr?B&
zQiCAs5WPZBLlzGV`2wwZ@#`0K-UM+V)#p%HJy;|L*5&a)KS_%q84Ol24R)zD2N@Z}
z+E7$T9byrCd=g&x=hQZ#crUt@&`y4ah9ZRG*kq?~q@nZjX5%?6gL<jv&Q)DT^V{VX
zPA$T13X>3|3z6LeATH4zYxT-q;le!|@iTv_2Kzsm8os1Nz3s3@dM3CIqlsmUPuGI7
z+tDC{wkHF|qP`8i%(0@~+03{)d>)rfWCZ-rpTqee)%CP=EV(afXo7IV#<`9@mp1xY
z__fm>VijD&hK*-uHOCA7*$s5i>8LW@_X|R+J08ytSew3s&7ZqQRw8LCmS;Z0B0B)<
zeNMb2K?ob}o!NL$@8H8S4!~^Z)mSOIi|}b?2<||9cz8In*kEYSDyft^UE?}Sbbvj6
zQ)BuJIZ>-}vuck#?8*k1GM>o3>~QTyrDwu(R+mXMvSAWLz~c%*BU21VaxK+Fc#%dc
zR#Vkg7yrJFsL|fQ!*X_ZHpbQsjnj?AmKNRMHk3?Jmhb(~mZULat6MGP<`3%s_i$>y
z+Ryyv@tcOo?ZZw*UJ0nSJug?wkszNjeE#^wa~cynK&YmshR1q-9BfKGY5)D2@(XdT
z=yikWE6r`M;#aR;b<naSmCAB!3K^V6=a;BtL4zC;FB%2MSzSq!Lc}Y^&BSE8f&l8Z
z=!-q691ROTXB<;PGO|@LooL`pUhVCL6Mr_|;}WT_ql1K%*A^We-P|nDH;y}j7?oe(
zNUo}?ijaHGeKHdxgN)1cAv=-o^N?&7dvAY$!0_-e=*vL6oSmKdC%uBnli5(Y0GQy-
z0=ABaW~Zg4rHf{aVFP*tiLShNI;R<G6b=Ge4rDV0Ctpnc`%bSX)DxRnA`-_brX=m?
z6b;w{-2`kTh)t!ax4K!P==`SHcQn=5%bn=KndxFbzXdpNP_|P|nuj5xm;;(~uq5F8
zKeq=|$zG2QZ|iD=2RUDHCc~$kU+=$>zv&P1%l#YqQCa^%ey3Roh;A^Lxo&h$n11{0
zK!JHOxVyKjSD=(xwn;}>`PJju**)mv$$(W!ymc6-JxMVJVwxCIQhh+kBevT8W7)qv
z^QGG-I@O{H?^ZbFul4n21frKxk@$WkJ*+`8%;{@~hePMtRg;duazmKU_#LPq_5t%b
zuQ^f}LIWYv1vDt0KYw1m1&nRpz<*O&v0&W>&BVN_mhXDGUi?!^Avkpu37mDF2kpCG
zivKwdhJP3=mKD`G0uqeqTN_@AExajp5!9DI)9l*V#WnpFaD>CoET}6bl(gO4__j~X
zTfxF9R<tV^duB#P=r@3%f}u-&AflO|+l#IjG>Ss{5`Sx;rMkM>KOn#a%RH#8jM*6l
zdJBu&61gJ*X=i6AOUOaBN)ow|5AGux0Y@M-O-{f)Jy}+^=4^$*=k)a9<*{@=v3hbh
z2d50+-{P%D5g(uo`hz-3O1|*jn>6_yRNZz&ACY%1_9g<fq^m2E$}u&}QMsat`6$b~
z*I)DoF|wo2<JYhQoJkN~67Pq}q90*3XdBiN{}v;2p8hMYgP)?2*t~X3zL&O}L@|(k
zFwhU4zQRSc!^rqVU><z}cwk{<e~w?15o!BW-f6T>a$fo_417f=BljtAM;v}J)GYEA
zR}r#5i3|urmcjjniGwPtxnULn^YiPRewwh4x3Y3<Mh1y0mR$&jDAbykgS@^%3P+HT
zb|erhSx@A^!k3~Z!maf8_md-mNKkj?@Xgm}hsI|y7*gCGND=@q1t&srxeDSJ<;-bh
zem+gMrjU0?kqnxWc5jgOT1R|5c8&<?#xrRRadB}#{fuunq0(a)Ne%oB-1&R>O{()k
zvPw!#_T;s+@b5)_XIaZm!Y`<;Tri7=l!s4uLVs07hWoL(*+n?952=`xnrcby>R%pC
zyH!cqPj?El=<DlSTl)eoC!I;<p(92w2za7~>d9eOd+aHcEsAD=h!kS9AzDMxL`Xoe
zko5}sWtbTuw>3T?Vey2D-pdYLDX%D(z2dWLZeu&3Wyo3)CsqYig;eV`J~es2qmhvj
zlj`mynu@!Ne2{btacXaK2Av2`eB<Q!!bZ-(5Uy1dir@|syKSlftzZns9LX!Z2HTtd
zcfV+hG>^Jc9HPDIvR->`d_H-<li0W75dD%z@Fev9J;^`dcoD7sdp`OH70V)wDZWZb
z!rYhK_8+Dr(=$9ayCwvd0`#Tvbw8_85#{U@9Fbm}4~HAbYaV)XRA#T1i@v+2V+fUE
zo+&6nLE;UmfL!sl0cBg3gYqr`a9_g|{S5}GokNRXt!T;cb0!{6urOcoJ=+dYuteSx
z<%2yfVf5?D@3-~yA%DG%_3}KtK_H2~1!xjtBIf6{PM!M}opI27FGq%llfC1fD>#Rq
z)V#EmL7)yD7%ZuE-)HEB&U>|)W!?#CkrOz6b$i>Th3E$gKIs_*JsPB#3T~Ulab}+$
zR+U5S>m_v<;}zhD(CgnZsD(V?Ha!VWD!b^Z<|$QD^8R><$m~1=7<iH)OKpbd%5tLd
z&Nz0^4?SI}2+#IfN3BvT8Mbj;_w)@74Z%n&1uBKgr#j^8)n_3i8tS@g`0d=p7mJ@O
zR77oS0TY3mTHKy86z3)0*f?~FNJ=?>y1ym=oMaFY#b}K94wrF1dWM1a0r*wI&+1EH
zVPRv&fh6f24zcWYn{<X0^DC851P2OAHe0Y`jh;6pE2cNH$1hfjS*DL+zc_Z<|0Win
zzn&+;sv+1sb<**QD)Za!5pCyEX*Hm}vB%6i#owZoe%6z-CKUdyEJyg`kYgcYi}`0T
z5d4dxs_Lt#_&=kxuo%+!d*^^W)D8GF#}phqJcU@81Kr)?*Kq9lBDLB(%sRD(lK49t
z8#$iS(fUm~x5{!yRc!7B<Z@5QZ};EG-~0#pW&e%*SeySKe~TOhL_h8&O(F#16qu8N
z5y%iN-@BTD(6y=vyZMTy5Y&qy-AW1y7A{61LE4{6`bX<6$pMWeD%E1|NiwUrjbdK=
z7Zv;i$PZQgwi63g-)LXH_q33f8WZF&8jxtUp$*cEOn2%R)PGm>BXE3!{nu+{C&%vQ
zMAbOoH|`D*pUVATLWU?2bqJGv>)qbo&QdxR&jk+e$d83|WEhB*W?7)~tcq&spF7a^
z>nv8(0n-0na6q45)i(*u%W);Q&$QbwV%u}OKU|-y-F*9SpqgV1<pU{z2p!p?ibj>7
ziavK+DXvY&>~p>so12@vlC}}wxqNC_rEyZ3jy<xkaGi?z5!Z7AvLO1mvwnsMQ#@K2
z7bSiq)|QC4hM`^oS|xmJIJ_t(Y%f%;s(~UBHOh}1sFhr$l@g}%$U_wB))9kEyYU!*
z_D?<&x{*E8&Oi0cm?Y!LPASMD!o%s>T@DkanLUFdPH=MHl}R%zfA%@8x|G8m%@i#8
zHK-U|z+-J#?b2qA0lfx0XiN6;L&x3=O;<T#-gMEIr7gSKxvfOHyQX$R;X}=5eDj1q
z>`;QtoNeI@dADCwX`4+TTFU&wEK^fg-^cg;b+N+D<c`bNWx!-st(Cut1(jXnU#T>W
zea)0E#<eVJUMb$Ud#-zXOL;Wy_PscJI>!b`MV#HG6%<@tT+}BI7AcwVZZTga2^mX-
zmdPCP$=Y!$Y?sp@J<HdyF$#FA;)oLg0JWy1BZF(PkDcA2IBX7w9R?nBGWaUb?U^`D
z^e1=kG%X_0s{$?LI?;7Am?h{-NjfQ7iZ@v@rauV|jc7M12dXEsvBq|3$%!(M2{Y~;
z^j|00;Oa{WEU|DHWC(Fpb<=$HbYC<HsV%|68j`XR5d2`3ZQ<;Ch@qd8>fjRH#AVa-
zapIe1q$UxT%6iSiXdsQIjeiBfmz|cTLAM!!T)gRtCDy5w!((}*W>YNBgiU&k;}4Rn
zq^)aboOLc!ic^BcgAQ&c8F7Du?#yn9m{+u-wp)+Ml$aR5g~h)8W1Ra^6bchTJ=>V{
zlEp+lyhmZ!AZ}Ec%cOcGx;YHOv+_0kO2}lG6ND2dF~%`P&BuDg4kmi~fqpBhhk8VD
zLkH&A-)#@@2>qVxok1=uoTY<yv_O3dMvJpX>Yy~<KqgQR6qk~k(+~5fdd#HUvlOn#
zsc(sxxa<m84E%XaoH6%qh%b%=ubFjeb--+-B<`L+glw;6=R?UvTTbfq$o}!Qc;<U8
z-6p<!eV?&SE6n3z?f0jW7kDx$Nh8E@E)0iz{k|%r3Yl_~Wx6$yY64!{H7%0@1((ei
zm*|bhqbpdi>r8}_>$Zl=kNUn<X_g8)7BcaDj{n`}G*9sGe5b9Q`IlhQiOL}X?dloJ
z<o-HXNw=ESpPR@c#k*pkbu-19d70TTv&d;sLE{lEoI>i}3zmvKzR|v~-zsIS|7qb$
z%EXh_WT3I+a31Rsh(9`i{`bp$F=sCP`$hBiw&G!l*T$+G<F)7)TcQ&B&-gmiV^m^3
zZ^ky?;Sv|3rh4A|it&o(v)4CJSaL%|<I5y;$^C4VQ)JC;GFAhuK;=P}|D>@3#1}B0
z1}ePzrluRfAt!&9P+ojiv$gguz{@i1Eb-_O!pLGz_d;X)cRT<p{?(x`gJ7&}RUv*#
zcd@DpqsR4r1Z&Z?e;IXX(qPrT>37{PJEoN>FYgvNPnkXf48ghG_aEuaEjZuIVy9|e
z(ovKdUnlyvd)<$~9M@N@-q?>;W7l7M^tzRj9mZ`Dd#`vaf612{?Y=fkPfT1GWv;d7
z6M9}5`tHGm$UfXjwZHhgs(-cQ4Nl}4Yu>n<#X{h9kA`huVNm8KRUa&#(91;4%bh)w
zsE9Gtv(enj$4IOl7Fv8So3}IHe+xNe5DD8!ES|ePA-~gqBY(>u<d^w3@)IQegZwU%
zfX~0`dHemA%!j?-;*I-*o_i)<tlBRg&)fA)yivWzRj*-F&fQIopR}~FNz?dPO7Bpd
zT`qdDn>)J1yc87?hA*DU?Q_5FN%r+DtgLqU70#p^jdn8n8Pl<@xAFumDmi&KJQ~N{
zCN-Sygnxh2Z19|Vx8bU+-sKHXhuiP-N~fH~)%JTKq0`zjyWkY3x~OIVV^7D0+n0RR
zv%HfU)j18=A1%Mv3s()APp@=LK6+nGs20xP5mPeuu?m^&rx(<h1r1>=UH6$stax8V
zM+@B>4Ya`*mU~}J^t}$)WaSgrkk@vZ8MLS`TJE#0m(^5Pe(LXEi;0h`BhSU*+Hx(r
znj40MihX}O=4{~BP_o+eDunD@_{0`(wP@wdkp8NDal(kTvcf@i8J;5&%TEC<=bsxR
zE~onm^`xm$C{2!=-+tC|))xzV{(iU};x=|?8EMnGP*&+}luLO196oQg;Wi0N0_V_m
zYXLsb(U#xo=U}6p`nB0HKQnKGgTcb(bdCB9VKj}@!_9>-gY62MmN#2PZPU4DPx-We
zssG@>1N{p?em6fz9^FIcj&J{c6*s(@Z^TZZ;aatNx7mCqhZB^az!x-Ev{P>n?Gv3z
z=e;`{VB-<(N=j_`GkufHYyaj)^i))WLEEWN@7+lS*;t}Mmv7`<T1kD9_gPX!!SIUf
zbp~1-#~{n<ha>Ft*cfG(s<YDqJ=!^1?1w`GVN+s(?HcOFdM}P#gZ5h!(a9>J`k!_R
zFB4RqYtA<^E(Ctf9`oP-5N;nE5ZG*g(O9pS^FQCn1gF8k@wXxUhki>x^U`nTyG=6}
zuF%grs^r8na(jceqV<x^_8pb%-pI|#r*+6L=6Ijh+X`Oo>`y%c^)1==d&-;0H@p<J
z{kGR&2TRdi^Tf<?+wD)XzsIFH=!$gy<vL9>d+qxN1vyciR0^}Zm%``z?eWE<Lb0uz
zqt1GuRF&WY^QxZ0A=?a=);7xL`;s#r1Pf;TXu2QD4gyGI7I^H0m#a5LXsz1Iz9h9j
z-13+WGO+5k9}3yMS*(g^3`%lR)Jx^?fZr|H*O!~MR`j|1R;cR56K~+7<ajzN{CKS=
zE`N~Z<I(iNZQ1I6clWc$v7N#FeQO9AN+z)-2aBn<ad1xqP66tdNZZXMfl&`B!|t|r
z&r_H2;&Z#Ud*N4dvnIsCJYKGmc_k~5jHt%AN%5<D{M6H(G-kgiJmzfG-Yme}UD&<8
z7kmG3($$U|SZ46m=uzskCq|oX`_2@rDAjwx`wBa`(bWd~AGRV_D;{XV3!h>pTtp1t
zr(LXiJ$9A4l{BHC9&RT0?g96ZnGpd_ZtJ0!>MF4wH{k(x%LeT?6>IrKO(?p?2lgU;
zdVi;MH!avr{6cvh-aYw^r^nQIp1i|m$KcL1ALSdNJ1%<{5FM=@^KRQw$>+`7@PrfE
z6s}7|n~wJ{5Z5&g9(gAz%p2@DbQ8R9_<!IgWS0Q0(sTr6rjS>$zMlG@N!xZkmV?X8
z<b7U(l+dE>-ZHn5MFv&P5^vDC_ieh#h5)Wdxy!lEb#Lm?-0W5@@ejsg8Im23v*GQ&
zAhYsFdxZOkTe40K8=rUL#yuIYU8zZ1-EO}X*jRj*EOpe=(Q>^W&CV@U<p?hvUQBmC
ze>>3#BF5_b<gZ~)aRIy4dnB;Y!dJ$#{vV@-@8t9ydW0XYzgK^4Zo502`?mhZJ!(Pi
z!~W*RWW>^M;z7oy9o}OR1*~=(uL4rTa~#Bk1&R07XB7rzAKs@sUHN$3j`2mzz9*<H
z8tWcW`!zQ?6BlGMXS=+V@CjP)tFz!w0%hmMvxk8VtDap3xYtO*<ts(S<t-O<6nq~0
zi`07u2)D33COjNbMmDiaEjG$;YFG_?evgM)*&1E*tlY0H2NB8f;5{M#wG9FUHw46=
z4+s=`s}wZww_@cu0)zwv1RZ4J6Y_6U0pv${LVw8C4&Eo!PYYXIQbLFSh;j-6@$@XU
zw*UDoNq?S&@_#)`IGNnjv-JD^^(=SbS(;!W{(Ss(7Jr@5)49Nw!nFN~Lht__g~;Uo
zL?L`g2<CgBEqFa<cpl#DbI+sq-GR<^cfx=2{m&JTjjj6YyMzN|O}ny19c%9UnEwGQ
z76wW2RmiX9^<8Zhm%rx4y$&8(9AZz^D<Ig%F(ZmM!HS=m<I?kSsxOUoLJhx>&=d|S
z2`-Clcl_~?;qkdSDE~EzpddwUQN=G(<;Lh%ch1Vc22nnd2u(UpvuVn{bw73&oFg@B
z5Zi3bB-$}N3g(u!TkA3p@$pwDZEb799u#gPF=nvc&zR@bRKb7scAq;fPdat0Owr3g
z>;6ugFJ~ibZ>k@0j2mdaY1%!{XzH?j8~^qDjZoYsT*J{mkBRE>gpr`6l+Kdf5uat_
z_H?U8+&lM39SbhEfS!4iop+t?C}>sbl?8J}p+Zsg&@WM^e8!Y9rrA>(8b5dKWaet5
z2#~xzuYVcU%4OrRIxwNO$L{{|tC)3#@{sxD996~RIf<YYb4@C?gx$_&;%`En6_3fN
zHd5L$wqA$k?ZBB<Db~ZV5mbkrccLS`fhmiU##`#~dhUg)24u*$%o=gCI!ist3Q?Rj
zuPdvgzoz0Zn5m@ad$nwL&+K63SOq65vvvINO*dVo$H$%P<4)JsnzyM+$F~sjF8d;;
z!u<a4Hr>H5WvjXScROTh_&QsSm!1O`?Zm82PC0pmf-dFm<L6wtyQYzu9`lRL;O+XI
zOLeDW5rJ!PKm2~ZK)=f?q_Ipu)!Q!hF<9AYvX7PD;zx^=n#O+d-|trZ-MR6as+}8N
z&X15$FBfmoLz-KG(!m4Fj5)3ywYiHz{RsXE?}hAH3K{0$5%igO%O5Fb`>6|ag3T4T
z?5J1ff>d*ZT&hJEkyv(apL4n=w?l)bUdbhOVe9Z0zTqXy5n?#dYBbSqB-ze|eRPz?
znkf~x%XH)Fvz7Xqs-DZWO-s=9SyLzoS8+d)tJO%P&b%{p1K(sk6;&@<%VS4nrJ^@^
zGm(V=Wnzvh#4>RaWA&_Gw<&+V*G1v=5}o44G~Vpx1+OC4O$A?h%35q{)k{aq=jF)-
zt|}pwfpxQ_eF-!Fq(t@O-ao(O?vfDTePW$<w^TC-nJLQue)h_iOH)&7ly81)v+`jl
zvoHAe`A}WJ%N5d}X}qT2svvEv&N=zXz2r|$y~{l$OgL{>ZwER6bM(GORNv>`Wz%p6
zC>)Yc(=k3lKJgQQH2dS6+wG6~plu-F^?sT#mg|*x;_TGOxw|)ce%!A}0&PI)q`~^E
z2PPw2Ahq|{{Kx}{l9o0$UO>&fYx2g%4X|p(L`8>3Myj}lg$=NU+|H;uII00z3AiBu
z-e~fNLo03Vl$shRV3eWnwvB^~{M2IFCL(ePv`*);(f~6rz-OmI76y#?9S*||h@F{s
zAD>B?TrbCCAbNUoe5lvZ&`^sx{#?ckC{|A^q(Eab5&yHMghUT8|JX}(8xSRKwqF+o
zy?mquI|6P>rXs+{8{qj&D(t<yveE{~8Gv@0;BqpSClhyq(^aNbCE9Yq!N5=q9H544
zfv173t!-}{U_^`n1ro(a;B8{Oo+0qw)6)}>^a9cD@9()5=ZH5UDMjnATz7_3_*wJS
zkxZF@y8Hd{ihSK@eeV%yY5`?VAUSZH!6g-Njdc5Jz3_>ik+Eid4eRXNhtKXo##qR8
zV5$kG_%1@V*MJ5V78WMSG135>YknWjMPq1h<^%@zEdgQ&xjyhtq0A!u(QG34@+Cho
zt1-%hAFwl~RW3;Ml=&$|<`o|s>xZ_VI1`_ckU!Bzh~rZoWnT&$ZEnkAd0-C}m|Oj)
z08yv!!55M`j80xghJe@JP_Ar#etv6b=b+`~Q#`nTj{p%4qRP|9|B5P}kjYO-zBTf{
z;{o-U5<Yy$eaq9sAe0_d6+}gzz5)j#1SI(L*Ma-@=f?+#Ki>l(0|El(?{EH(PZ)o`
z{^wDD#TYh^|2(slKW8@l?=uTlObh?(%<jzpJmvrEnc@BY)BpdR*(Y#j2jEwE`uJbb
zZyBcjPxO-nXNLTAb{)Kstxspwe-Nywgbwj&(+C~~31R>Le9itoAqdj{k7vdXVgKie
zz>oOz2!+2NhX_7Dg5&Rh{@+hUb(QC#xx>SqouY|2&R^Td_Wjx<_K4nTa(yP8Ty}c4
z*vVMDJ-nB=qRiZCDa8FA@tBQ6N$nPGTD!39J10|N;rXxOovY}2slVzq^^cZ5V`55*
zOIf*(vu-Jm1_9OM*_^+hoeWMcxpoX=1+>0jf-`xTekoUSMsAh&==VVSCFkt;k&?*r
z=Su6+&=7J=?<-5oVuuf$4jbZt47ll%nFMhGJg)3oM!{egxVQLk16l~4JOeZH54=d&
zGtJ3B1A0R>c|f<FL1t|^8Pa0ABAy0HtVS@$2K0I+o!ULO1&ueAxIYnzI(5F00q%Iz
z8kRIJqJ@=}05HYTg5GC09Zm+K-BL$;d-J8bG7M4$ldM}nT?1-47G%iY7*<{=HN4_a
z@$upmee$@yV1kII6e1O$ltgsEO->G>1DT!7?^1l~2KfMNE#x)WShW%ALNLZM1=Bh?
z%|>5F_<)}G){h^|`zl&m^XL0hMj~MNi%D~WJqsIe3@|H(>UjfT;eNcFp_aD<jcmX^
z30hQIMR;bm!A9;WVWJFG;%_Y~xCes==(Z~TpF)tn{SHG;M2DK}Qu=&^$wZ038rKST
z-kw_U^Yd>cUjA4Tqcx$J&UBDL!xYgbAQis?#srovuUk9w0MuWQ2)I@@4ODe>h?rXD
zdB1uEd0A6-?_Y)9NrH_nj^=3Q+vftfPN}^=U#+b@9OW1f0lq!p+6Nf1u&^{_&{!9}
zHnEgxLJBd_2kaGUlx&Kh*w3k{Yi++T&dnu7GZFL#VG<tT`W)mXQW%k39IyI-Nhv=0
z{sB{248s<MgW1NJ0It}RHgJPwRcwTm*YnDL?;vZTN9=A4fy*V7C#6X}n!o$m`9R!1
zF;9I)Smj<3EjjkZIP+)>>WMtbhNf|r&8bMmxu5MR+>-kd>5(QKLz=+Ry_hW=T-{gm
z2~qFB0N*V+Sy>2c5JhsFkX{2vI~te<sJJ?-{NmzpM?+6V#Zf@-M<snpXNk1X=(G#`
z3a;@&_cGqExSj7|C{!{F2&4_3KhF{{L`zOePnV~l3Lk<bARtf!_B4$6`jIp&nlrde
z@LJ*T%;&(Iu@QJjg?0Pxom2o{LbgE3h^iF4IDeE4My+5;4;lZ5o*91jM7q8%bQYuH
zz^P&X=yM3NSk13b)6$d_M3x?Caq-1oXK!{r*j4`!t1&{uu%N3r4EERL>Ok_N+wz)m
zE4W&SEM=`Gvfmj{VF2S^3mF<8Hd$dU{^A-elqsiJZ_@YkW7uc72*YSopM`Yk^6ycn
zRr#Htq~AHvTlTf4rX;Q$$>;`9<AAFY<CwIjwl2(Dz>w$P21<xesxhR`h`6cOxfY27
zqFzBdABg$ud!9<*emPywYWh_Emh?O%S{ALQ;Nfmp82Pc%-#+8x$B(B%1Ab=NC8A&+
z9`CG<ASV`5PI-i4PifLAoV!Mr9M5Y?Bl?RXkI)9L+FwhGNeiE5=o+x>jRn4h-UF5^
zaolA!nX4#OqzXN+tc>P<c&kMB1_*zx9=~U=qaxJdLR{Xz$9v;PVT7eLIrF6OOag8o
zjE5ov3v4~_Ng}0>x-|(T#Zz>8VP{M8N@VGoneV4QKTxv}6Jah30H?)QCHbLgej%{&
zQ7HU{{|qOJi*wsy_3n>q#vqn}3*KhUl)9?w6z~D^t0pG|EFGveB*SHp4uJVj*Yi|!
z2_?mjE#RsG^uaYiZ9JCBg&afA51D*@dmHc+EffD6`8)m~zr??hpCRBM<fl@EfT+)o
z19BHOrWhO?It!5TfVp8$t6N7g29+cmk|6M#1hTJW(SGE6=wk!#YZLaw>^GJ{+ruQn
zzNY)GAT!x80ASZ+T1i)ffPgS=o`S3!=4TEy$-=-eX@1IgKUboO7SN-0@?3<8dV5CG
zphwNL9&kp{YB7n4ho$(9s{u+)n>RARGy-PnM&=mM*~&y+TkTl_??x{UVo44G#IP_X
zFF06OBe*U|u2<8(mzjbd9Q3-+g48Z+EN6=O?M`sPmOVs*Oo|HpRO2p-4cQ`W%1I!!
zVPZ$!cL8q1!MBDpfUykpP%sOAdl&mtw2X|%M22SLTl^W9%@gX<{PcOhXnYHB^=y_K
z*sD4;iN`VoG$+|9;=4?wO}BsZxl71sa&mC&;fhKT0$J!uthd$?$b|f1s)mi+m?pu!
zOLY8;C#S?(T>JoUc{nSt1VkiiX7-$VAi1fxm<o0ge;!xM#9u^qSf!jRIUmi)Yw9)N
z?W{5s3igX6Cxd;dOlUrz9ItfE=4jTd#({k7YNVFmdFI<UNLDZpL!~;+ZXiwvqkUJT
zXJ!TX@+>oM$Tt;*CCS}C2lZ{z%fW=TI<Uv<K?O#SgyUEL;CwBorm)iAVNqQjCpFf9
zub*$W^YnU3{R%q<PUm;c9z)Ru2nW%mf>0g-6x-?)8EJk-NuZ0p1c)6#B*6!!=rt`F
z_?KojHqWGkZ?<=Lk(*@SSOd?n13-ZW_L=fr9v&W*1XF(7fCT&Oidn#?H_gvreDL$b
zIqiHtP~WbgKl+z*An%b1LNEE2D)Ak`e>cLhk6$+y=I4Q~0KRQ*Bp|5-cjU&3gy+z-
zNFA6>U{8h_&dPtRQ$mr1blHTI$IQ4RY+~?!8wR}|2B;x2($X<_Wcygvu0ZY;9*)G}
z*XYZ)KH3?=KWEGK$ve|ToTLfKEs#}!pP$1Z2kyKFPCF&}j1`4SCh~nr7d<&Io0UHh
zc{|?}n(e?gU7nnf8?iy4viQ6+7x(6ALPDeg9AA8TSw%=A+LY5?091I)I@7Hl?<py*
zMBNNiH*TM8PV4^?-e<_BE?F1)fEX_8zPr6`QTv;(<+PV*{<YFcKsFIt-kqd#0ya%5
zFvxIEv`xs#E8&I5l(ht8S)jtP2Mlp)QkjI5lz{^*7nJWPkz{vwcYn@2oCpy&il!b&
zkqPjkzNF(VA)F45jBu@#q3V(FIZ`tvhoZAO2A4^CPGIBX&ja3oW!u>xBS_aDqg#JP
zMHMeTG(cj8onykV*N(%A>!3>%`}&4T<DkdjriNovWU1vBiyKq;XT8|ZMmUC~h(Y&3
z=v1AJD?*s$5GRl9_t>ks+xo5j{*m|agV~Phr1S^ARpDye(R7c|l_#0X!zlBnCyzfP
zSUeyA%SU{3e5cEn{c5rPI(mHOxtB&Ioh@)^c{&2#_;zz0v2h>nF_hBs^Dp`|$%fHr
z;y$rcfCYeydcUM5{V(7tiB3xT&`%Y8l2mLxn$CBIaU{lS5>(ESI&^bJhRZY@-xNg{
z{fD+EHr;a)SFQr1vSGW@a((Rc*zA3Q)P$s}3Ii!Xp1CY2O;wu%%wvjcK9=WD!HDC(
z)z#HiQbMPBVVnn2GkbMCUtop;2L~rh6~rQm&*zxu8IRF)P+h)I6*avDDywheon?XL
zECy}5F1ba$)2L`3H;6=f67O;GUU$f%7XfEeRf{1hCKJHL5ET;xmqa|nWA((77mm=y
zv??$2BDev{KAdhOqk8M)N<JHoV9!PaMB(_fdJ_AkJqCT{I&1CMTsG;H+}yYiQ40LP
z9uvURhxA%3aRdmz{O_*FwVHciJ717hRa+%<4k;xc(1s2NL1ydN=L4Q_m5A27+b~m3
z$vg~~pg<u~M)?!+r~WtcfBS>{;{Qf|HlBZwKPnUgA_w)SpH&s*7VaH!K{ThKSWhR%
z)lu<KK>3CT&`Fxh@@~2SV+alHq)0*xjBnu}rxZ|Mt(%wu8D*{I3=$u~BS=?XRe+pU
zr0H<_3n%b!@bmyQXX++3JW48OoRm{bHLLNgSDv0NoLu@XAJ`X`3JS7Iz#H*&=*P}D
zy8uq9MN?Dp$|}^eEoTYnZJp=?8D&~lOaf2jn77vms1kg6?nrv-teHVmGvM+GsI066
zRi;{o5FiM<gnxEc7i_kKc202DzmFh6!ex>s*sqp`fud7f2gbYJL9mn4<$3~cTzddx
z)*AtnHHF^=L=1Hsw8Jv}RzijRQ_yx8ufj9%R2K3thl7DJPM7BR0Q>_0p?SASLi3{j
zs|Z^_K)}7HRSdMXvpRfjt!|^EV^tUukSpx~rG~#$p?gOEHrO7M31Zp+4+Zu~GV0vH
zQhkNHYr<)Ozkj;jTj%eRP2mCA&AW1My&S>;p~5o@RNE|vRkqV1{_ED6b7rlgg(dhc
zK&E%5fFQ<YyZiw-gl3MF1J8p+@V2)$@w=TF`vlKqPt5=;&IaJ#wV~61CAzVTMXN|n
z3WROXy#mW`#4f$QNou+<8MF~YQa2z#($y>{Win{GxQ)+Hhy_>vJWIa?YF7JAATxCn
zYEC^kJmL`5BxnI>4uc&=IWzUt=6I{xY9_M=>~`>;|9Okx;2NKe4=;&merYZe24>ak
z3FV!Y`1XL#D-n*p?)!FrTUwJoFe^oE$hkm2$Xn&RvVP}2x$~3k^^LI}uHKA6;6_Bb
z%4SeVh?9n==gVm{mR!Yb)I#fkRQ99_&0_v3_4(Qxyzp-G_^AF4@p0p86Ld%&=by`b
z+}w$cMZyGiK==T1u2qndagMzd(~gp%M`hF~od=B=LIQEpPeE~D2McV@M_AzLpaO2P
zi%42A_Woq{cZQ`mUn$}xOe#1S**<_w;$8I~N)*c(KVf#s4Rb?n7Is}uZ$bNyonbJr
zO+s3BV|fXqOkYXh27Hf*<p!Slm{IBgBeVq|e))hE{=#Y&Wyc?BqpRUF!`wPvLkOWp
zqXw9$Cs=*+q%ZvPi=YwQ{}%@{aRxWOm}eNhfkPb=TUBo%hp|<Qd`{gYt$_9yn1%3-
zw+oWHp1&tv|LmL$Sefn)<VlSV&`~`l>qDsJG$K>r(wtEE+JSnN6t)&k+)q@067qZ1
zhpY-DF2I{7IADU;<v?vYGE0P&J;@yxGfJu6R`1>lepZ>-6u6WUqmM=|13nX_zllV|
zI3T2G69~aE=U`k1rR_}~)K4J~X*Ii+Ezf5mLm-G;SK&a?2cgp4-u)VLBBvO;ag0Q+
z`bpfsG!x&^9rS}nZ62~U-N!kYrZ+eAH>hOE#Q=fOo>>JcwsRGbFGDeF^;$WfDF9|_
zC@gtR9tIccG|DZnJhh1RPA61Dh%qxE!N>kiU-aERQjbXNaQ+X#2eU;qUcF60lw7!o
zz2_?sBMns=>p7GGA0{9cbpt}221uEJ_)dgUp~Ig2D-mO3<1kRB3UVoeBEf7l{ma9}
zfeuusl273*pwB<_xldt3WrZ3ux0C}_D=!LEC=xe=Wfv$vWz27yvoW!-8~}v(m}%iH
zSfTuNIO5Q0;Jh2*Z#uX$HKhN5T~w+Y<%}~Z2}_EPFTDv0{GwPx0-&uN_$=&WZ_jol
zX8YUaT0v781_~c|69YRR4wJz>E{c{4a0k{Re?PIrecUe|YT7ylF|404VNLhOrYXKc
ztslrpjaXz~4NibsLiJ6K1;7c7QZ2|ru>}Acuh4<SEQ{I^BU}enHZ=X*xEH84idWT*
zV}N~E5|j2P_7u$#8lDCB1Z_zFUh(AkMml;R|D`dhqt%lr-rIXZ{?Y$N{?0$hFZOTb
z=Q{ic`Rz&|Aj}WmxZx>)<o&|o&TR&><*d9NYEjVxbXf_|t7V?C&V_z4v=Pka4*&V;
z5qQ}eag~mI{n>mhl;rYj7YHzWDo+R*Jh%FI43U7CcO;3GtYzkMvr!3xx8kNAC^&B_
zvF{FYLGD|lbzq>YeC#$R_`89r&Pw%Lk`<yM@w|plGlyL1XBO7S1#rOvmpG+jATmZr
zk0l$haiRx?HD?v>FR_3Tj`}gZK`^@4S;-e(w<jXxCE#^>fxhtmux=0%&f7+pCP+<6
z%$atnDB>!_EFT;HuN1EiR)N8HYoRVT4floQy~8o6D=Yo$mg-K?@0it_+><UU`A(rU
z6Y7gV28sMrJ5L&8BO}J`Y=CyAsUsUyT_I#35CG#8m5-adC5fTrday<jycDxttto14
zFMRixtY`A&@NkAITF#J8i+XDtaUDP=;R|@I#QD?~F>TVQS45KUt}9&ul$;vhYfk_R
z0*CM$9!g44GL6TaFqDq{0|SIF3Oc5J=5<eA-TYc`t|;nBJUYnF71Kj&7WNK=%PN>`
zhZH3L#$Y~Vdr1ZwzEPGYB(KmJ@>213b8wZ?FV2)X5VP?@jnf%?SN+8PPFI)Mgp-o~
zOqA@N{q-WB#00vQ@7oCM^&D*GI#u9H$>el>V<IW5U2u7WaaJ_PLccx{@lZ4ncGFrq
zogY7P`}^38#iFpdJ9Aj^Rr$0O^@B+ukT|(`(Bh)=39_1Hu?Db}KA3I-fz1AkZ;a!b
z&);fEhg26QPsE`bj(tF``(57ek)OUR+C1Mb+S@0N5?U5dV6y^cm^v6)+E!kmIp?T7
z#2nmXGu<P!BdSPPm1k3C@mP4-i~rJqOk>x8iG`}fCq??0-tM=FWE#?_@J*O2)^mAZ
z)grJf_1?MhP=)kGVvh<mWupxXSLnQMyBPk!MJB$usg%L8?`xb93|eCrd4`Jm8JqI<
zZhRR}#I<VgX4OX{l3B%LdTukX3rPvZSYZwhN05-z5p`z!0o`BXFTIT`1~K+#UGYT8
zSy;Vsglpy5OC*!V>M{Bow6MuO&7;GZER7fh6MeYu)<?I)ONg}k&}vx>AKf7n6FC`^
z^b${^^`7+syYNSbw8JE&)}};X{OR^2a#5Q}N``xzkE0dq8`xU*;M$E>(|QLc55eVx
z_<s%rN3amM;r?nZ0PW86(*!v!SXu?#wA5A~;!DWwJSUGAa6N(ld)@n3f-Pg}=g)zY
zj6Q8ANDBy?ECJ=z&@jfzXs_7s)o6%r{Cn?iuKHKj8+SE%aC~Gyu6;y)!?n6BuL-;Z
zZhwslo7H3UVRzqxu}aMwBxvY%5t%z+c3@JEZ6Tto3(Owos-M1n%;r4P0S@wAa-OLf
z;DoUSJVOU;=^g2c7~6n_`%z+NM+d7X@JC<u{H5S37Yldvy?Jh2J%BjEI<KT1@Fd3m
zx?&0Em5BE&-@e_@Kn7tiA}mY>%f~_6?f^8z28R`1s8Tp{(a^y1z0TmzUz|7x`qh5P
zZ;nvTAS2he2QL9C6D}FqXR-1oV1?~n!n5^>^$m(MT~lgIOqNPwi!ph##4l6{O+?1;
z9<M(OePmI&i+j1v^HBXpD?k^%!ug5AuU`^+I9CzTN6PPP4*a*krJbY+2dTw?cwI9l
zwAAWR-}u*S7$d}Mpy&1b`}^&Tt|yOp<s5O4<htnWqPUe@1LD8xk46C56S-1_Zek;B
zf#rbnfY#sWuqiq70N%Ez+RK8_5^P2Q<D`CT$QrEha#2Ol@Y4Y<9^iG%%E|(obV+gX
zJeL>CSzw~`<P9G}4g5gXb%|$Y6(yXLcz^>rGf55p@`RG}S1=0NfIC~lI_vc?Fw4)&
zThn1%UZUH76q}d<=(zuc{FDEU{9S*LU-aL|FYx&v<bUA-+%%pXAwa(o)5Mn1(j4rr
z=>LH?MxI3FrKy>n&uf#zBcj)SwSg?A3AXs6piKIy?OTH1=F_K7phBwwf$#RX-3Rz#
zdjEX?Ff{`LacA&k(`QrS6lqN$HNIT5sxYbcTtLb$K_A}D^k89PIszp^_7*P~zHvo9
z3T0J#-MU74g4Tkwv?I`?k6zqyLzKrlBY&XJk0%B#_riC$0Rn{ldOv2%h-~eF1un3(
z0rl27=s2{EHi4h7H)|KaDk<|w#;^A=JX|Hyb9)dc&rus27;Od|i8k#s?B9$DKi&aH
zcc80qxW93!Pw3E_jduL|u89%KlhusCV`b@!R{@#F)5V+(O$L^T06RE$FpmUFR7&1R
z@;QJ$SgZR*DzC!^a8Yq?dNK(FU8ljQI*>1ebo%_q65ec=BpgOLP=AA$<8xJ|=?J0M
zROH8x`KN%@2j0r3z3Vseuk=5x!_L@%q6iEgw++EB4mO1FZ?HcA#}s_BR^Xvr^R@?R
zjAVhV3F%cDI3sX@3V^Ky48tY3uE0vcdY<itJ8*lCwFmAqU>RY#dP!oDJ#dX57X2d6
z(?BYy{%znJaM-|qwm!o}a>NGA#6d1f@e7o!v2Gyk?2o(~rttzk+`YUn+CYZ_*h!qU
zA4u~AmiKmdgNg(8OHqyuNz4xr)TtyRJ5V`Ihkb{e%7~n+Ab!-6GZzows9%3vE6j8c
ze_ch(yy|`XWS7d`1EjgXe=NcO&WoLxE!T_KNJqZMgW>=}^XAge9J|YY(D3dFxU3S=
zrqPj+f!Yz@ubP3)LHfr=5DPCRq{yDEvw432!+{wWeL^s{80J_%&=M*swTS5%-)Eqg
zCX^8Zc{vz!zEqaK!`vKX2Of9g)R;TmbDiwK$*uJPx1XC$il4I+3<pk~Iur9^>7fpt
z69_J%x$RaWUpGC<YJ&SX;$0kNCh)wk_Uoo{3y_o{*~$T~EGm-Z5HiX0Mj&H8XoUO3
z=^P+0ZMK~GLXj8U+*po_Ya%3juS1HuSAJr8O;NmHd<Lx62#dC-4u@anEpz4qe*AR;
zX6K*F+HJ^<fsqymhbZU-&M$Jvk&4U!q=*JyFG{>$fzL8Y`@6G?IRjO~{9_)geza<0
z>NmTYN9_lfE#Mydyu5MuE~2dxc$XA^aZcYu1~`NBt^dP5Z$_~TC_q6+7MOWg=zL|M
zQ7DkU*vpNk#2j@6X%z4uH@?5QIFNF=ho2Z6<bO1@GW8<~w^X>7yP^`_PM;f{)=NI*
zmQJ82&j!0WwC_XNxcEu}?vC0gMF${{i@>f9Lql?(C#$>b1Y*}qkTAo;!-oV00vVL#
zW30v<7@M!Ye^}S7FpQo(cDSI$)xy*0Yef56B@St#0*V~Ip3A9{2Z+~QtJ8KyW*FUH
zW2S%=Dw;Mu62rkA$dF@rz)<6=0~#&n%NjXoy95U)2`JMC1qVOb#e%y9aAiZd5cGoL
zl?f+C72(qi6~Opj&i@Cv!-4IK5n~ae9x!nf!9(V58f-_ItTvG&&H~->N=!?>MWYd5
zv##`AHh}?FY%2@gQN&LjbP!c@Io0WQRiY>xPqaz+^&~1y>XpFKf$WkGI-sG+s9qdc
zz(L+)1Qr5;-Wvv74|wE9G%?LDz-}@J%2EYpqa@v*%RV54)E%LB#MgX;J{=eqs|E+5
zOd@E$6<K^!YyJ%`5Q%skQlgT(S=eO<gbXQoYeie@x$^He9}tVj)n`ej*1IxE5?Kut
zj||^92TpDvf+ap8Y>@*$mkSh#V0xLxU4Jt-$-V|vMPHv%9%x@CL)pEW0t|qOvTE4G
z$Oo`yg!SHmSwfR<E~VU2B;}()Pfw3S<UFVzo{)d{zmdQD5AwhIH}bzy{RjCeK0!cW
zo^>)*mWBo%18?W2Z6!=tG%&$9cGT;@mp!_-l=I80*;j=n*5~5vf$=6FH!gYE-oc^@
z{CD{t&Zl0V&I8vXG2MuV23!(*d}7SU^={hC4^XQeuYp&gYLl~tZff+2W#>y(nA!aU
z0H)Nx#`o&loN7RObDkPTG`OKd5Aj)GA@qYhhBVAX)ckqu@Ck^fR18qLgl?bIUQ;of
zi`!D0u>0q+x__!)NL}AY*Wbw}I*7}d$93vgJ%FnxBgiWO`*E(oqZX*ZOmQ$VL#U~#
z6Ut8pgR&2V__4{Hen#}PFPt1uTw>2<y>HGfF1ak(FkzeZK^nA8asL8R@s%wf09Sq(
zas?xFm5|TQ2^?p@tO~3zGE6fKQ0$95dH}WrihW^izD}aVlM0$Vw#(9s-DmM5@n+$j
z#^}bTXPnA4hTotPlQ%d?n0)QUSTkr$Nal@=W)BR^n%s}(*&8}+Vi;6?n-w!(YAX)`
z9=O=gBE=b<u1}y5$@Q)mh1dd^N@7=857rLpqmZrV0*~=^3QPGtl$l%LLYAgs6j<K*
z8&o+8u%a|^2XjKD$R(T0@E@~GyEz0Uj+{N|0}CmL^pj?>reI{rx6*m+GCB30fx!zZ
zYC%EHTGF;i3&@~4Vd$;t&K6|nvw=0LxL$Xr%k`OwIcflcUOtJ2Xth61Z(kqQCL6iD
z0@-X-F{0_ZJ!d7@o~xqpEtJgj<Qur%8cFso0nDVNE+%jV{l++suU2y(eoLfVSTcUO
z_NG6MHhNsW-vWr^kp29RFaRYb_=9LE5*|w=r;`Z8AZJ2dnqPJa2xlN5_7Kj)jIFbJ
z@HhR!m?3Wrl~k!;$|*?>mF{D*hRkESlqw?osP#IKmL>;d`-KU_odZ~HMo=oL5;U&P
z)IsRhdK7B&CEWoIpGIZieWa+SLo`t8+VdMj{@lN8Aou_ry-HD=NzY?obKU^{{dZiw
z9$wH89|o<G=^Tj&{pz&~Q$v#Q^0$<-wn%pME?+`j3tZngCw%mc9S|-h!TPb>7?*ig
zvKKl?>Sr`!mHJa@&-uv>3$wp_AE0xn?xIl!@Ed31=?lam2+-?t<zzz@Yx%|cAmZK)
zJs<}L=2SgZZybIC=$Cn$LRqP(3A%pbhNcc4xg|%cylfJzcNp(U*x$nJ_t;F#0G(<a
zzfz#_sFHN@r%$39K9>t-M$47f981706P!CueT>8a^A;mz)Y`TIf}NV0ny9EKaJyWn
zqvop-eoM)rRX}HD-$xMuq-Y>L>-M;o)5?!7N1CUJz+o(?C&%AU9Z701WQ=E2vhIGN
z0@oo<C#;K0mHVl?D|=Xt<3mGw6o32(8&n<22Y5GML(u3Dy6AXHMG`YIifCtfGwoh!
zrVAoN&JSWl#?l*Z;gRyK84w~;R)5qjBtJI}1S7gH82AKLh)uxZ-RN1;g<R}8#R@&Q
zxfFwob|2QB==UD%I@b-t?-R(^+tu{kQjV^zAO=(?$T5ev4fl|a9EeLwI?DSHKz>Ok
zlzU5nksS2ywYYX(r_jx@hYIA4j3$QfyBBYfpR*1~g?9V0v$GFNWMWVmij{^G)kdhx
zh)ef--_O5`4x=%7k*F2l)5-K%hp^7$D4@eUyHsIE+*<=afNmj%_PetSNUe<JV!Pp9
zo`A@bj3IGCRz=}XftiZ=9JL)@)|(VK01?|Q)qR|gJ;sV66IK+-W=g1ZL_w{Ddk6?S
zadN}pVFpt$Db_)~sD+{Fwf-zs+KQ~fPIxT`Yq~0`A6m)Ll@#1bR-sy-P63f^WQXQZ
z6obwgXJCObOd(NZk5p8aEHZcJY+L84`rsASS?*YOC%f5bN{{M7ucXBP`4Oo$)Go$J
zcQ!~bIDacQLvnu~V$>gJ1DH$z4=?w7ODGCN_$TB){BPv%`Gfo-|3-c(_<xYUYzP9P
zPA%#SF16m;7_f#2`CM#^|FM`<jBo5GVs?od2g~6QWw=dt&e2*m%LdU^*w7$aa;l4w
z3-210L6@ke5wT;W0<T0{5|xJ`jiPbmmr^w!4H(w9UZ=*+v86Pt*PAZHhe?YLq&mcB
z$q-~6Z|qTCQ0|6C&11QsL%79bHBCBlRzBrvUyR8&wV+4+i;k3-aP!34P1N=ndN7w?
zU7?mdO@;amePJ7a_<fZF-RF!P-*_&7)4vV&89ee8H7ODthYUco3jP@(b>Gzr80Fdo
z6uNVs>`mmZC&c?tDxxc^U}}KWRRq(x0HRmi*3LOWN4daMfxrjcpT@-iW4SCQ^8l(Q
zqgEu!QID%L$m~aU#f@zze=z_ogF3cByR?ZDq}3qF9g#hT1z*eAL+Jh(fdfmvUhyI}
zK>f=uQE7s>6h~-V3MdDS9av`Pe6}orV(3o$UE!ft`C;X6`Rg!egGgewK(G3JqoM5A
zXy{NQ0;D*Vr4Q~@Tq36UV{5Kmzf283!7Z18pnt?_d-!Aaik7{njwVUL0ggy715gf0
zkq2pb3sA`GW8{m~zWArnKMs=<+rnMul~7Zr8E&c9OK2K3Y|MPJqsK=eKBGWH5{NOg
zccj=Cr~4ww4+ibgwM>1~G}yGFg1;hnN$BAkVF=m@k})HgF(0<=IoZf!>wQ3a_hLf5
z6SCUZE(xgqLGRQt8#3v+rEDUTjB`!9(v}kS3G4Uy&Tw4jMPLa9g~UE@yx%1ih=>Vx
zsUd!|{}3JsGTcgskl^4+MfKnlur`HU^dik~;WXtOq~-~Yq#xEGwGajA#bZMrJjER-
zlZd3HYSFb1ObzF;E}&IIA&jXRSOz&^MAVR!Z#Yp+Pu16A$3sn)wsDG`k=SCxr|9Fd
z@Q)m%Nii@WTYG|~B`&)V<oybUL$!G&O$fHY?i*kO;|;28^hju(jm=GVrbiAY9aa32
zCDr@F66_Qv_;Yx6>6SBPz-^Klb;L`VzQ!jes(#OjcgvMu9U2&jUJooAlPX2NMOK3?
zc`AcZgk0eaNeBM2n0<yY;aG6H&V*0#H&?6qRREkQg&sj}3CK|2?cZJ;_N}~f-ebxf
z9)<!IJQSoCXqm4u<Ycr5q1-W`+Jf`neuKwnqoBwJrT!K3WOc;=30KY$7)As_Rc=$X
zx4>a}?GC4OW%_%8Kq)WqCSjSk7>;(psi{U^?E-K;6ZY-#53~?4NRbJQ(mE<5A+igG
z#prtrLwmj%>pj(x;C5Y;j;ckWaZXbs&j2qv8tKa-U1X;)E9JEH{9)1D?pRjG5Q0-k
zQK4?A@}RF_RF}LM2^hQ`K6{Zbb5flPTHe<|w=pEOTK~v&z5ut8w5X3bcnuhsyRp4P
zS>~UO<yEU^Xv^yA1^GULLd-AvGaCnFRDFz0e0B9QHiK50%eOURL&_&y2t&C0n9c?U
zQ*abk>`Vk=%#cRqEbyDA*f?7<8Xuh;JbL@4VxCoOCR-XjQ#=)E9(5J00!1_!nHD$p
zdy5PH6a*vA8R>FW1J=BN@=q$E7~&@H{0R{X@qrGWdrOxdDlRTA-_u|CElW;X@Au~S
zoQq)QMpxATE{)s9zw_PQoPke9sA{QF$hi7NMNY|Zge5Pn1U-g=F@00GkE|Jkyc^7L
zhJMpvU8kw|1f%Q#OIURSB^-5JO}sd<;OPu-#kwe>H)2Ub{!XZ8QbB8ZVk2oN?;=HZ
zD&ZY7njQo{ST(MGGv(A7hzP?W*_Ba=h?*$-HP#40PeQTu6(!|48y8ae&0CsbkJAka
z!i7kCk4~jM24v;{x+d9C3eRb)`~mOUnv@(=+3eKi&1ZTEX(8Wz@=Mev>YBT4l$>X5
zaITr&gV!E`rAK`JdH>@X1JSTz1G`WdZ2d&5a(VX?@*n><^7sBhe&K&3zkKsQ$nT>C
z0YR|raB_3RkgWi-UUYU02xt8gN7`FXgWUBOT*&1#cw~^Zu?WC22V>M%ZVew4XrFk<
zW2+Y2C|aERvHhmRH3wq)<#}*eDLI{SVz-ziGzawZ%vIPIV+TN%gRPg}_G#3Zd61M3
z7c5MG!N|`bMK#Z$A0%9M=#Mu8jGSFF&7gwy|HIc?M^(LcUBh&@v~+iilyrAWHz;8M
z0s@lKB_$=@DXny;fJzGzk_spa2#Dmn_IaN3e&7B6ai1~HIOB|S+-&x~e)C#u&bj8=
zcP^<ae&nCJ9+IO(H(eBL>o!VaK{1M;g0{JoW*`iI^E1&R$1&c|_hpC4Xb!MY)T;SW
z&V-Tl9wc9uVAacJe9V)vE^WNi{u$(4?;FyNIQpZ&9&qlw6Mk?Twj$cf{!pGQsrlJ@
z1;6ax%eit{H)1C@+0%x3<j+1!D95r872rSXGl3jKvv|Xe1rsH+fhwy`lZEI++S?=|
z2ZCLnFmj29$;+QT>!ixC6;CRt%eV+5UkY;o9VzsMAsdHw0ACKk%i%Ib?CI%7LRGtY
zLDhplGi&4MdL`lO>{3!RGK`ti2K)gJZ=*JTGKemq9hIN9d7-H&9*NE&t{U(Iy-&ei
zw4CS|gV%#_evH4HC)6RVX5C|aj9O21)!64%TVL!`y^zLH6Ff|ND^goWZ2U^xrH^Z(
z+P>aoiA}_*>u5nk*Lo+gEplB^oni@3%d&Z!i`iZfN5HGOwKgl{U_9N*@0}^X7%hRC
z;z)^kA)bt_%L7$X2AS_lP8>zP@O$w_FGN3wK-pcwti@bQP}BCYq=*tyzf1B6+WV1_
zF$+*z$vH+nz7f}8+dJvTf<nZlNYB*gIB7)A%E%bvSV%As@xj~X34)crQ;X*}Wn^di
zlhJp#qAW}s+F7G6LU#6iQiG}wV3=j^-~MEN8K!N_*$v_L=&lSe!R{d|Y7?Sp>XRlh
z_%SPF@C(GYMQY^>knR_&rv=kI@3y_OEr82@xuanDK6z3rAb$1xJsS_)w;q8Kbk7Od
z9j&y7ZB2T?q3>zSWI>Cpi~r5ILX6gvES>FF@0E=p4OUrHY^?nXFh#4*EgXtEqh+X=
z1d08o($5Ku<*q<lg+@9CC9WZ6_6r!CAVaKRDvZP^W$#4T+B20GJ04a8!ic~o0j<O;
zuc@5zJ5-LSFNG-Xie0Syw)*-5V8I*WQ;-scmL}JSK@EF(LBZC|YKN<YKQlgtICCLk
zMD+@2fG9K#0=Zz|MH?C%Jbb5wH3|YpFcKUcv57p>hehVgoS@dBTZqd>1xPosTN<LU
zWK9>s$}zR;L)KAdChd)D!5IrfUY6eGGP*4uGD`D=Q`;pJKE^~7{ttu5GhV)j7=lsv
zla<}x!sW!s6&>rnMERKJ_9L1s^q;T1*lvwTY<s?eEv8|NEAk_t-{^9v)6<}S8WeOQ
z9)_KVF&?kMU>Z3Pt0TYVhGBs+Y?EN`3enW8g0a6h#?OSYsN`O4bCK~RCq`ifq4md4
zPVR-)C@U!?-H+lFqD$@{zAUIBwFzUtm8|{&?M<6jA44-^tkoMud|BH}58P~x1?Jk%
z1~y?1_@pd&HO;UdI*vDDop<48IrhSW+AmF&+ca6qXseV;93dQ!IE}IRluH}4pHupK
z9&PKz2uc{FO_*Y^@CxKp=Ots0?NbPfh41Amztsqnf>=~$&_L9SP!{ReIEQ~!9u?Po
zHF*@2db^MTsW?>mgCo&{bt6e)r1???B?j>y5%weeBuo*iAL8tgvnczH9x@BpuBe9d
zH+y<$zHl_Dr?hGRW?(Ikvw4p8chGwvG@(3U-epVLWmbMKGKJ$=gVipx-(k`jg#u%l
zKKZjk&cE~rZUUA_#}y{Q=!GYV2?Jjnh<1X<+Nx+W_2RqLiDMq#QfhcJpvuaf#ieWT
zAUswmDlVFH=Cqocp7UFQaE;wf#Rq&EX?N@9MtVksDB6e|%cI|v=&h^1X2u*T(jI=2
zVJ2NtCYEsa(i;PT{Fwg#)z3ft5AsX@C-Un*{ulY5-a<k$y!P|rozZh2s9ealz{Gt&
z<C8=;5;wG?s=?IvwYtlbEqjNpXwo!&fg9_F@=3O3q0wVo2UDTHeq0M4+E*odfg!I5
zDuq$khw#>=+SyIq3nGP7fse&$VB&~<?526TXh%hR?DiWcENNfS@F<md<Yskv#tS0m
z2UHekjYsNQ=nweb3BOinH8<5ryBRw6$EJ{{Ph-x`R4<Vz@oJL>v#rf;Fa~B*U>{vI
zepO*z!AX(G^8f{odB^ha475OhlIo50-0M}*43i+0sXGLRyeP2=p_egmgcU6uxN1To
z`pj}P9NDXrXBOsfAJ`HdKL+)hT{C0#?W4WWPd(&RyAZLhs4B+4M@&pCK)i$J6`nOB
z$n*}^*$d0k@reTtUd?C51bLPP7iSpf5f+J2_X3H7hlyGbL->{^c^6N*vxzm1B?qMf
z@hWLsqAnHwvGYrt;$THBhX_<rrwLg~aw%Fr?i_JkgOLMRSd6{rVgAv+55M4Ko}B9r
zY#BR#`>{F{JX@I0qqnNef(fcET9dt{d_gTRoK#gR>hLC8*1MY|U0%Mg%Y=KrfeHrW
zGOo14h;=Gg8}n@$jDnjIqn`*KeScovLY|Y(Z%vTCX;CqCCj@mu<#MbQrgg+3Tx^+e
zd|DTAhIk)$F%6g`f$-e{o$l1)J^^=Vb#P%7WJ?mhVOT+V@9@cB*{u(*+R>^=v=)3T
zmHVw)&q-eTu*^q0o>C)^{1gVivIT`q(AiFz@a6lSeORHYQ*75U`EW45Soek6PTdR;
zSd1o6BCuou3#>smjgkB~DX)%IZtWXTy4Ib3x9rB+gWLm;f6pmqpIMayiFBxl`XQmq
z&tp#Oeqz;XY>nS*3DwiXyDnUCx0zHfeikdQo<DX|wSd)+&x}uRy8e%>Ne)iup^zHb
zOR((%BBMgV_AV`^muuTT1+pi|HP-KyEASdfV`?OV*IU6H2Y&Z)Y?;YIgceE=X55C@
zHC$^Hc81Q{JZM7b6YBc`R7(&wm&IUzH<-_ITNHL&)Ya92H6DA(DI9d=@5NrXI5B(e
z4a$(r`Hx1(lr}8awFTmMm+JR}F!&?lR8~7+M>afBcl<|qm9+hzcjg`m3-nYS95z91
zfok>m<n|Z;X{o3`)^UbATzSwhIRlMq6_mPj(hurXHs1e=Y90jsld~GFNT5u%!#+R6
z@0j%Rr6)LG{zqYLv8a(8v)p>Wi-94Ih?{)R)aD0D7$w45i5l8u0|qv$on7&N{uMQJ
zDH2BEe5Pi>ZBf=fmDoJrYeXf=${HT}_#Xui?*jEa%DBxB7MT6>G5leKe2|nHgcg*`
zIso>*8q?E*VfwXJ_B(FCn4a!{R+L|UeL5_2dXs{p89E`K|M@}Jh$Qt|&*Q4vuCp@8
zXoSDy`1&EK=gy7`ERc8|80>@CocqD^{Oo(Jef5{QCgj6su(nF#x*rAaDNu93rJh><
z?`ydoZmPj+mHzMR{Os?(I_B4DYjb!<@{wd61T^b_<J85og9G6AL({B-F3CjCrgdZ>
zvG+KVK2R*^>ViGbzX8Tp{%7OF!s|lBEA`Tb!chK)38Vk{DX1aFZ8%cTM&nI9&lkU3
z4Ry;KUtj(TvTpb01t+e!_yUFHC5Ypo=pe>*;2eRsPYHk9qtzQ^I#BR{XDnBah>4Ca
z_zlg*`{=0=9?+_mV8O(<yr2&q&a+AGAPU9`s1m%syGK(bx%VaLy7Sc-_ryB9Ri$89
zB=rL*U5zRvCu;a4VMD}^ev3ksAP}v!a7PhCjUP~KX5*WKsUChtxO*ie5Xg`F-;sah
zALPIDpU7{*{4erXq9P%^O2`=bz5_#zpHGb^PKW7(wt1_&LXqI(7xO#fXsm0fJb>2k
z4C^$s9}8dwtdY%2+%+#Rp|d8S5ev3O$iMe-_c;xwZ)jL`2QC+sT@#hKAw`r>UVRL@
zV&04EhW-}Ztt>1o6T^80CUQJ(00>!Ww(h5U<R*6aJN3htYF3vbIRQ>XA11BAwg_ix
z`XFh~?L-sVfYz`%MH+GjhbY=_#8Ck>c#dGTFQZl?g<T_f8Y}z5D3tg*3^bcxG~IbE
z2I)VIO01F%JbSCT7Yv&(7P1vPj6)uzC>f-zJdBQt+g*77f4^(cYK%ss!JHyzNW0Bd
zG6{vUS)ENU39C9n-XIps8AU8m2HPU1Vfh5WwOWAu1_;Gcu+=>=kx1gU%S;s4S*cMB
zm=ca5*nt})D7b2<gkMYOpGkwrq-h9?#z6vR+SRJMw~;~q8KEJ$bZM&u!*_gsb^c2w
z7z$cg=q~hnmcNl1VIVt;h>XPj5|&V84_-myVCC()ek=s)WZnL?OinH0lpmy+L{CnR
zQ1$kcDo-AkTXmi-Hxm&N>DE|?8}@vDy6k0aW0T*c0~?6tf<d-7f<+D-98Ta4t#k+8
zJFZkYE%g{jdKdhb03N2Mo*{BeO?c<9f(57@>V76$P0hGaBzSG3s;Nd;h6s$v7%2*3
z7gho3$^H3>i3w2GuNV7(qHvSfRNnvzP(SB8oS1=3!LML{`1=PQk6P<)>HdZmj;y;^
zP72U_E5D%GS;Ewwfwiy?#<=3BZ;f8}>OF+d>NM2E27b{d8)T*$*ko=JjMOVmOIbCx
z#e_=AYepKd_{KHT_)8N9f{)cm<r=IbymLe}e%nY*EGd<BbkiDb!cwCPb05c@*CV#f
zRWQG04vyw!vl<%;c>*m~(}T=qijl}-i|r1VOrWim+4`g2!^NKohhYl)##EG<>D-4#
z^P!zxgqmN4ZlQM_VeonSAa&#6(68?6ny`!I=QPY0K~fCXUni_DHG)##h}9jZPYQ&;
z&LRI;F`FTxj)`gG(iXk-FsH<3{{h8_>8`ay8u{Yk4()@!*silv5x?B3YFL}%=IDkl
z7`{^IulZ?2&ZCw*zuSfQyYGkfiqdZuXC76o`!n*T(~Gmo3m6AdpYF+KW$jEXkBdsi
ztBXd)&sIH5MLy1*a*B0oz5K}5`1@(DDSk=&qi@;R)!(uij|uF8YTaKx+74V#Xl1#%
z=~hMUK(kX?<?{pDHjWWanbiz1_dwT?>i?xHpr8uW{NRKht^8-%1h~Oxf^4ax4{%ZB
zH(*YP(;aqUcmp+|{sp>zc#JQBEPXi*eog2CaJ-(uQOFz#LO)mo?F*_f1CM^@@<^(f
z6R`8SYhn*L!4rK`$RVn>lkzp=ErewOr32h9uo-o=!k}!*!6Bvwxa1pt<LF*Wln4bM
z&(hIN6Ajb<Yv%oY>@MYeg0c&+nTf6$TsFKx#oC4TODk9EZ|U(ClIyqotlf}Wu8MhM
zVVkS;_qQV`d=%#G?d{z|L9IIa^@UzdKzgjxb4Ncc=x6IUj^tz4FA~WqDUg^U4OFZj
zpJ_u_V~5pCHSYW#uyps9xC_r=eHiQxLlwCXZ<}Wr28>;2E5k7*@Z{S9zrSuq43a4s
zn~s7N^#@G6Bv#+g3n0J#^XB**HE5eF1oh2KE$>-0EMK3iFu1=y5KWnuIB<JaX#YD9
zojg_@ry$y(c|bXU(9ErwJN|yn3S(zu>H?xO1ZJcrqNrfdvlaG`kskqsM$oKn64=$D
ziOGU()vFEX<FN|*_S>IkAf_4ADA6hKo6%TsYxK6s9F8z23p^oE^-SDueS$!K!vBu^
z@BTr4ssBWN%TNCz|LG4Tq;H=)!rc(;Xqq;!=P|UnAC`qwjTc6+5VbZs1_q2s97DXO
zeO6IUF~X_<6w3LI*+LXzNXcb(7x0TFg;$O9@EC>IFC7#9byx+lXD$fgz=mNHkMv^N
zANRiN=ojV;xVqj?D9W)h{$e~~Al;WdaIe;?bAFvx^*bChwG0Ty4Z8*rc+-44YwnWJ
zVFVx+C*nhnWQzAuW7HDp_r!yT{2M8Orp%-T#LX}VUazGnwiuSaNa>)EBn`RpEXs?~
z#gdEBXMaR*zkbdrA#oN?VKs4cM?t-;@k~9<bGWe1F`sjiWe5G8@oTdZ7WQb)cbt*H
zE=IsUBMw<<!`p>6IJ<ekstPiM<J=dFmG&|;e98B^@(u?(tPfZ9xK{(iJt+?!n>~}*
zHL#g50b>N{*-X;XR_u=eRuDUB-`%}(++ddAGA!>&)|*e%2%jc?1Vm(dd3^zx{i8x2
z!ejsdVw>wHzMI_lzmV#gx-YgqXn}bxHUaT;Lxq5Cwb(kDn?!Hum$7CM?x8y}V4TCJ
z8$6q;kznRM>9t&7?Y=nFaCXr2&#=?+DtaVGSG`&BVGmi|_Aiw3bK!A{;xAM3lED{5
z?kLLISxZp4&&<cccEEALc%vJCzWK2=`0GpqF2WF-_fmeZ&RAC0T0{z+@+*T8>ThOp
zFir|>{7d<+V|8P9#s;*KUs~L^lTjIIX;N&#iNku%NuxW;a%c_{e~v0P{go#5OgE{>
zaPvlwX(Phb6GJYI6KRX#e}oCW4(H`*+{T}<Qet>hVHBx#Ul1(Wpjn=)GpOn}-qTuO
zt3%R%r=%I<o56ofsGKjlZ$Q_;{WtANg>qf+gG+aJcf9YqgGrCqcxEo<b&YUMBJxXP
z7$TeBByvUDd%;l6JB-_pCyhisBOGH7B6kGB<7*m*-Os?9nBD!tKB#ymX)i%5E$%&M
zMvmPToZH*4T?c;5csP&W_+efBOkN&k*g?<a9Wca?%zoS)+lZ|G3O1o{-{RY?LZlun
zK!t44crTu3LTgNMa}T6T@ob;3<5W^Od4`^;Xd3toSz=!YuW4&)^)%N{;(DyccSqJq
zZjlBObwd2aTc^pskQzF1k1(YICopLzoFaX7+`YE{Wfl6m{6j|wI|q(OH#!k=QWhl{
znIaKdT+|;*qL*=$L~;T#SRP4POw_ueh2`OCg$yw`DD_z5Sn^c8w`0WYrNd0pC`bl9
zR86UV_hzb>-s|rEtTQ>g6L4}5l}@fPkFf0Q=%-cs{X6N`-Opanez1Q5c1-cR`dB9<
zYX!mU@H9Q~T^;yfTx}Ba?74*YP}bdt+y_Hx{fH^+1GnQ3lD`H_W?x)`1M2Sq7W#=R
z9F=HxDVL<KwSGYPk{vD^s!}5fqrK@SF^cKW-@<lXNctr}CL__Hl)l(kC`voMLM4=v
zjh|iS%9o(ZSL^}~n0D23Da{wP2GQ|>=Y#LsLE&VLG*ZTr?6%lFo{7X4;-z96J|MbX
zr%?pnuUn_Y9ogF9I;aKococ0UDrY>I8MMgVeZKt5!?%rV;?i6_!>%T{M*U8`!`CDg
zIyoKPn{<{urWQVH;Y^LOaJ_NZjn%bE1;~b>hk$G9OTH=<h_X7l@6Wuzc0zd<CRo(q
z^orlgI0IJpd(@N=9jT|$l@>L<;9HtDF1zAqIlgJ-G*TjWqBUldV||h*j27f3rUl+l
zV=$NC_K_N?j5)H(Ak$5HtPyM3r~FvZ@o);Wu&X2TkJkBlFEfw})*gsCKV)HZ6uL(p
zaUU<TfcPN$3wVRzxu<M3+ibAv^s`OJ9*l6?Bz?;2nd&?_4@Hz!;NLBv0C!bovD5{W
z<wArDWogk+E=NUM^do*@S}OV4m1>!h^O!JDO6MVvpY6XR|L8x+FZrLyZy)<F@{6q_
zAyK^Lx=V4-U-7ECLx3zjo>GuW(-E%th6~t*JLO46nZMtIl*DSvma5L`EX%}yvsOXX
z7!pDrT5wn!uucPK`hz0sG6FH4`w$9?=)ZyMPZaHY@QfXw{a8av+abH*OT!^_<`k}5
zD!8v1{hizMI8U+i*<NLw@6n`+<X@;LvBiLg-+{rWMaMgg=(+H?;qwqPVhNBNiM&&5
zZb`C^DrqQQZG;}u5gdc<0+^{pr`>QN6%N2WSFvwl`H$5O3wlDC*)8Kwq#LAm)#je$
zT={6GMx{u_TkG&YVlNYnW=og3np9%xJX7V%;1bi2op1V(=9A6JKl9q$_=|7N5@~@C
z*d!aWvZHpdr1(od<?Z&hxNk7vD5NcF7{iL0>R(t4;lG4eNvCF^pehtStZ*P6yvqsu
z;W9x3*eH0oQ9cCQbmaByh?`c6)9hn2lv10S8@Yr`3e!0J-m#{y+C3`1z2LpS+N+8z
zmSiQ_YF$_k(=obANWzYGM*<jbSdN2@FSrJSE6pq%udyvtqi$j6A3_bX;^LsO?-UU7
zBIAw`gcbN9B5O{5xKGt#G^G)!PZ(jS#Sfud;@_O0tWfkY#1fc>MLppZjSr=g@V{61
zF=9I0C>D8fVfe@^PN|{u%k|ZtLF(1CXFpppkp-hFMH{M}=Id-HURX(12r9n~bHpJo
zzi~l+gKnMWi>Bt7NxA@UFQdKLk1)E`zXH5^8hV=LCfKuFV1vaN)abAZ0t2+Ewq4u)
zyiVX@%I+gF7Uw15>6vc9wox0pW$w(>Q$|cR<8UVi84faL((GvigP$G0KlJC-G^{}i
z&47V!=$2UM<Noi{_rr3)d^A*lG4?g|2D&A0c3|k7dre=Zu;+1QRgHQe$;3VivTYtA
z4O$2|kVo&fUi3FlYfEZ<jn5N(Fdr;7(5S-1DeTk4S5Spj8<sUbYyw*hsqSYd`QC$g
zko|)P;-1Gf?LWCDJ!}PpLvY&DMe+hp7Q$+}z_y!VsW0aFx)<8s(Iy((O<l7`G!+uL
zBxUGg#O*A@EYd~s;htnBqf6y{O_QpQxg-jYn1ULbQBQD$2Mi>Q58HuBk~77&bQC@`
zmU?hxT$&-~Zg+u}`i>zy#JE#Xk~=-foa^m<P3~=%osv5PmOptd76-LgGsn;WD3VlD
zt~W3zNa_0}--ljq$>J*fxxb#+Z6iL(Fwa?r7;#&}`Aaa^-Y~v{7oH{jDGVK}7)9u|
zKa89d@SosCAm_apG_rsHL&<|N))irBToq(+z-l3>{R>vNbY62drq)So<`IRG4J4)U
zsm{^#iUQ*Pbh&~UbX3E1=i;%r_BJt!kLuf8zhdu6{aJeQj)~2vzgZyngeIb0&9GRr
z;!)dfu@BR22p7QF?b>_0D8Ss@Uy>hHN0|5o&4MSLF!%P7Tc{yNVcVzpz9gR)Yn23o
zq=6wp5tf0Nj%ZsWC~eWkht)T9q$YhivGGIDM1uKSN-4`)z_GZ+fKN0Iyz64267D@h
z)P1KM4~hitNRCMoawOIvZ597YxNHx_I`GY0W&Oq~;+%Fh_&d?!?UA4RzMAW8Zqt3i
zHGnoE{#E|lA)l0OUl?pqfVps#PbnhIwW*1CmH}(w6k+J0LiR&(V2T-%JmM+=MhfZ?
z(iRaT70)!$?dfh(*A_C50b&)>#SQe#!z!_E@aHi{EkvKJ>%-LmtG#|oNd*6(pZ6ps
z?<-{Bep|+|HNtjPazhN~Dx^JTSp(G=(w~B^{{)roaLo;=B9SrUe(Q;6E%klEz0s#N
zaB}bcD?wfwDtGdbg;eW>6=`-<gNm8F3rXNpEP>k?hJG1OU9i!PkdBpsBMGDU*(%PT
z4&b3U3=A=!T@*79l@F}k-L8`h*|sR%P@W5h^>7Z5$i##|ey;zH{A2$hzr=qczq8E0
z$j@_zgcO?OXfwo@SphP?)~J07m)7(wjI$op57TLAYE*N~1;Y*1s!TA2l&OJ=#8_Ig
z+vF@*FeOpVMl6WdOp@lSy3O^4SXEf!@6fgjk3NCgaEc;9a!tcEbpG_|wqyqqI(1rs
zmv<+Oeonv;CNzIv52F>9Ui@W=HdHfq#8gw%SCCjr4s0J)kXhiaC!ulLG|ek!S?WNu
ze7{Ad3%V<gb+)6T87VSf+cwj%t{?P4Dd<1iZd3@TKMkVek{qMOwj{&f+@4R-#X~z@
z&doe0^}LlE$<F&RRmIqG&9hc`-=s}tI{9`oHNyp;SyNOai>Hw$YJq*FH{VCMOI&GZ
zUm!b@)6Sbg5Hr&*@jy0FVgwUs#O>#K)L336-)i7}q7#{s7;^GPQ7*zxcgDrE#xOrh
zwJ;TK7KVGFujH%+G8l<8<;Cmfe81(WJT|s)SCTirlmP2}jz?`b135R$8LK?tU-Ch=
z?1biT2j3K_TrrO8OHEp7RpqnG<4=Pjea1e91Dht2zwdpVxOZl19Z{q1CiK#Ra}{{Z
z*_sZ(r%R1`*!HI_Q+%h%(+j-kGjw~CBWM`(Zy{MM_<Kz|U+(GTeF$SPYkq`JB8&B_
z^N*D#Mi=}C26FrNPm~T_Yg&hH5qy685VuJ{rYAUcbc~^DlMfAh5RPBRSll4sPRf{0
zt0Btodk;p}a(5_xQU^<NGztWOxN*bho;+9$?1tow!)Z^dkzfBtnHGA+$NbebRQPI0
zKPtxm<`&X+<qSWQpztu0=nH0V?8*Ae#}PFs*L6=F@H2Q<{5B6wQPE>H87Tw=Fi{Ay
z5(bKC+|}y4PY3xKrm&))^PYdHePfd^mgfg@u*YB7kY&Yu*g|!U*jrD6@~wvR1S6*C
zplih7Z0u|AA=28`N9oieblVzrGQl<BxAHl{_q9756Yq~@j^|Td_yLRbF7t2)(U3aV
zjy`RH%q2`~jUTtkk_)P$DTOkXnE1SlSU7etorXDkSZI-lia%!zVdwX;)VJO(P<7dt
z9XGP~v8xD9NVR#6siqJnRP+T_OklH8X=Q2`-x2|?xfcJ<knvWh9jD2l)7D*6{T?)_
zd?8u%@*7jce5)#oy!XshM}ZY{Kz>X5Jzyf}YU|5BiZY7*4}ME8-156H;vZz6qgTJR
z0<*|A9}j#iV$$PQm7{|T_{`sGHV&elvfq1U#CgELq)F{>H<WEw7F;#KjyAZP{O&PT
z5)Nwx+<sGQ&>!bZV(xgAo;#Yk&Q;r*N%S=lr3vslWggH}1~_ICVOX+RI_iD0dbW34
z))?JQG|jj1Z%!s2k8T)lc@@yR>;8U+yUovQJPIK*r2wO~)751E)e*YU)T~1|^KA#8
zBr8IXJr@`_qdu|lqfW@DPRO-O6JlW?XB8G1zzO@4c|X^k;rNTsMm&nrtC~YBBGPVQ
z{g*a%^Db;*_vUJp$DUXZe>Qp<PdH>gmSHO4xjoT+vBh7%#B38R#=OE-<snu}Zs$FD
z*cEV&<D@o*Pk(C^W&P$dPTYFIOyXE1TLt^&X=h?hOg{>kXm0Rz?8|eKoQ!Oh-5lH{
zOcE_^wentYTv88pOq|yX%k~)M6pYn>+Js#5MDA4$m)6Ma7K}t7lX%DhceT#mdjkmw
zS4-uPdhc6`uM&fVh5N?}syta|whh-pExvhS?&Na|THKsca@^*sN(|tbOFcLa!=(35
zJf9{Df<4;mLM@SLHA0LdqNH2D!2eb9Sz$KABTPXr9SMc;w_;T6Mx(>NvY*ymO=-?^
z18dJoB@&5=pZp@Yih_d<1$?)A-Exj7iXX#l*&}{S$B-Cw5|eb3bP?44JKw7tfgmz&
ziF<Xh&ret8O>oom)=7NWb{InwwPy&8NJK%OK$7~&-<58r$k#NmTVDPef&6#=JMxeJ
zgZ$$EiTsa#|BL)S5VU4ZY})GK7*QkNSAF?4>oLYW9Em}7<Yy&=MW3$EYOn3y71jr*
zj75_6j>hwmhcnn7xq%!787gZO@;{$^yc1bX_RPSbWM3>>wc4gfJtYeD0%EETmY#fc
zT>H@IePx2DKiX;%-Ax_r;vAgoVg55Zb>OQPt2f{Kt>3rwQx^X8SSH&n#rEOWWp-rJ
zF&no{4kib}jayQ@`AKM}a&eZ)h;=$rz)6hp?%YTQG}0^Ignx@z8W98xT}7Ve^x2o_
zr`m~}AMJ#SRNzYQz|J};N0Iny|4O13Qb8V3^eB|@r=8wg5N@@@=bOffqs1h1V=6-T
ztMqXq`MaMXm~==sl>TOa)n5cKgv7w_PG)|uP=9EGlOH%M3V}EG0Y!c~&QmM&`|;Y4
zo6lE$Qa1Q2whS?C3~#@0JP!PQ)8{KpiQRoZ&dv4<zSEB~R|g5c>yVK^gm%$PX}$9H
zVHO{fm)Um1yrQxFOLF@7LLBedF^a0Qh?|e1j1p(ii3RO<C{K%xh(n*M`e(PzD?aTl
zo3=u}#b}F3BPIA6^dCHu8+<XhY#_UdYI>bt^LufMHqP`^21%(GQlBT414c2GCp#{C
z0WV}WJmRl!FxLfZXqr!9V-pJz^ydm(7AIq?vqmkyD^nb$WzRQLbn?5#tKuPKORQji
zT&<s4PvS{#GOqQ20_Qu=-YL)2`a$N3(Bdk)mrK2sM#C3zkmmh8#k!l!^HzG$%dm~Q
zptKVxDRKRrJ7Kj?_*1@wT6c$KJXgFnoW{;ZV>_zqv4M-H`XnDUG^S^xv{{AFaf@Le
z<U95}JY3rzFx0EjDdEgWUBZ6n&97xS-meBm(;#$mqc{}nD?>>gX9SjG^RhQA@p@nB
z-ySnsVxG$l-gMI)tNRxmr9R<L4aANLW$|z5&u|ovkRnhRh=Qz+5XWo@EVKJ&(hon2
z@Dc`x^beUE@2qso-{qsfY_Xm9S7o#$LuNYHXi$HVb2}^+gq>Hrc7F^*xu0Tvef0@w
zOeji5IT0s**KQ<61LdAiIpYMen`)R^*Pu-XUUNv4Z(qoOhp)drGzUJ|x#VH;61tO6
zuiL%cYL7$Fm^Pw7jT|A6Fx@J}0cKeAkm>4s!$j}M^aZPe@sq!;Z;omuM+kJwG{2T5
zXbVLQ>=N)=-dd-0J!QrZRxp__aM2X+6M~ICnDws0i!UPoDU3i8|MbSySS+6R&e4Rz
zI?_GAK5TXt9TqgfYZNK{3#iVXLB+axGBvwz@G4U}z|U!@{*)n3fz+sLIAmoq#^(!K
z6PhJiJIjQuqy=Rg>N~p#e?d>nq{m4#;|?~Iakd<cUs1;xh~SQHn9X>>(HRp~EizKd
zt>l6B4dmCyKnE%+`QkU-7+!sXDafx^4aF<30jXPY^5vNTS`pd$48)9xy#rD5t6&Pb
zA>@{ZTm0xq0V138ZGd9+t<_v=B-GdviIQ#tH!7_hAx9iV%R+p8vPY6Y5Q+Qt)}bNq
z%A+}m{1s$VAv2fY(reS7gDg1@7_@oA65lyiTon<j9`da?3uM$m6i7IfD?!vL^&Iu`
zL~RouXX&qL9xS!!CGX8vQRHyQ{l>G49==;|Od>LfS56xmH4x9O_d;GoHktP=tweR<
zuO`~YN`~9sBNq-Pl___W#9fwZd5fO-_RImVWY2yvG%*k%1$xA7lNqKjgP|`1$WwFi
z9(ZmBFvku<GGj~yg)ncZHgDxbJB)71GHh2C&fi>@WjuIYa#>QvV_{{pcof>pSvimC
zEB-6h*ot#dx0;9fmMZ-O&&`xu88qo3+NL)3m4DkATVUaF<_&&(o7M{gN|G?E2?u|?
z@@$<*mXr|T(vo?SbK~I?S6edzqU?dD4D}3h!b|F>pN9kDyzYr}p=>*>MIex0?!P1d
z`+tyM>_3s;v+Q5wf3t^#qzwi(3<3=)Rrey~!iS>c^g!)pl~&2Suc7pFsnPrFcQ)KU
z`&t<xxzIv3;dqe|_~1VE6FvEiyP!S_H#fR@k#z|Ux8pY7C+<v1a8Me<AI|P9yx1Id
z$Xt<|GP;*&+Wx9~WGvv>HrG1m#2SC=#iGdY4wAXw9+z=p*u4IZt3|tdCbVR7Z(_92
zlB);x2VG=Ijs$)hXp5tJ#|LF{yh7cEHTGxE(34jt0DAPQ1W7E|f(^fXHe#fZ!TB{b
zifbOl9QzyZmM;cLJD20!K#BPaS@&IszPOBhs@6^&_vw#qxH~RPP8BwE+;Atfyqe*N
zh`I(|{#~_YYH4fnDu248A7kbHQOtb@d@Px(RB8)@t;Jafc!yJQnxA>Kj5i86SSifU
zjvDhWf6SRb#=o3igP~Q&q0LY7ZPZL(aoIFuXM0ieOP>)JI<T!2lvKGyF4=X&X+Pk0
zFQ+zmQRi=R+sZ%`9uhWG7JXLB5??E4tVi9K-pyFn7IflTKS|KgI6_8j<bq)$ab&Ng
z3R%Es6tU@k&q7)ugcTYPzPBF;?y8;mShRaToG?nn&ei<f&mzKL)tWX>Rm${*yyEAZ
zD)}ZZ;NAveY)&0mQH0H5?Yk5qGlT#$QI-ptN^ZWhbD!PxjhafV03}rTt5ElRGPxT0
zO_(gE-{uZtwXR5^9>D*0+&r+`XR+d2;*6ijpS;>}|0A8-=RH&mypfhC%AVhjUY;6z
znGJq-<fe)*RPS-#rtNvMwQxT#zLm06<Z><9S>UcFn9IW<hNRS>QWrJ;=*Plu;CDc7
zvuYqIQ%{ncvh>;S#T?88M*S1k^P+k6HS$>JgOtq|ltQ5@biOQ^pOMvDjXwz#1q6Oq
z<Pky}v3#y?g7w~2VVs7$exO0!w8d?0=bB^PitpNqm{g=;rs3mp2ct#Lo?w=l3S~qo
z&f6cYXa@GEpYzXq@ak+CWW_?qp5n!?k<Zq4o_sdh(vu(XE=s(>CFaEcBiI5qSI%t{
zyG8#Uq>M?kUYV7mK~%Tq4P6W6o9dM8kIjJRUy`#tls~jFppgyp!WZK?pk(3Ac;Vsk
zmvrdz#`GwU^{8q_+I+Gg?>N>B=Wx@BF$68SR14!7mU;{Qo{OeCDnI%#H7e+jl5~P<
zZ<e(}5p@TPKhs<h$;<JcC#4<x*xw$5%>(c^vG!N4G*N&A&edwNXs7OCHXk>J^QYS8
zakx3VyU9lKBVV(l+pYRcQJl3vpgC7VwCZy%vk*=Q&*EAae*Uq}i^k>!p3%LKNJUEC
zyjRizZA~2CCujMC{*JL6rk7St)o-s^_p)zS2JioR#_HSt8Db%WbksEaK2FTSi1k@C
z8)#pw`N)CQCG#mpy}KFqFOm{`^4je-NEzk%A!V!s>_tZ^)kAD{>F0k=)H^J_h?3L=
zhF#}#n_?Bn0(Ckx+hY7#J5g<bjaT=Adz!{{oI;by&dGPGZ{8)EPEpu5@?MzA-}S%W
z@*=Ce#O3o|6r0n%ByU%I4CbY(-scW*rLuS)Q(GspAz?psit{AW>0GbqiouISQq61V
zfqSmX*Y+kQeKF}5JB95!MysN>jTe&Ig>kgS=y~A6FwM`eDQ3nX-Hc*i2~4hpR_B(<
zNPc5I+KR3*1P%%55PDpz8qaQ%7faISX-pVtO-b!~5RE1<eDxj<>2<h48rnZa7F;lf
ztm3tB3$F-_ueN4t^$#@9<GqSMxBu!gr+<?t$Rf8fF=a$l15}hxllvq(eo@Fj#s96t
z=U5EcpQGxo5u>eQWOpiyt8~NaHyHX1$4f^hW`Q}Oq6ksdSFoJ+B)hPA2b`_za@(!j
z3mv|~^pNg?J4`5vJ^whL7IR!U|3P$PV^HZ$&)N9GJ9$Ds)t?}%q<H$=IcgW=KUXv$
z6GtGw(tk((5C0(l?f*o6Kl6W)zYS8FA8g&sulnMX$EBYXW4JkiE6<*SAt~ms*wVFK
z7^@ycy*e=p2rf%8R|$*ZK~Px$Hy5b8!>BjJxGtY#D_0Il`_qy<E5oElYo7WN#HnTM
z_zi~pD+A6?;0`%A>uOg|fjw_6M^hSkz%G+~d|{EsNAxKQ1H|m}w(m8rkf{JlI3^yY
zZp+cFPVZDr7z!#L_HXz4ezG3RPcD7Hol;YJ^TxUTk0*P(P)ln|?ltvMojN<@j_C;G
z2Z_$XLOnBe6RY~P?>4|2Lf^XpQ%3y=<s63q$yX=^xm%+dXZ7RO8kIH-d_0L!@*&IB
z%wKMO!oG;$xS@l2cC@|b9jd(utTp`$w;4SZPQ<_s)`N(IvQIVZ!SW$iu>KY)vgG5Y
z?+Ap3ZItz41~|7>I$TK5U9nKS%&*eqF7kh~c}V=uy;{pnQoh%7rxG#~K>sJW0Uk%A
zvmpnAE{m%zA$lEeDWb>rd%Hm2zmnnv;wJU(@k?Y%iVZ|)3*ETNpDwCapmyvD-MWJ7
zBTB>@;Q{B`ae44&K$rM8SZjh{DKJ&r*^~x9)Xo*4VU*<sw%Gzh2bmJ<WjrUawU?B8
zDYrhw<SI?{H5kzLB}+B()N$KJ(GC5k)Yt`cf%IJQoYtb@?J8b^xw5@)0WcgZDT4EQ
zL{1~T=58?)S%s=s6j~=txXA{~27a$($xJ$re+MUD5<GIX2g1JA?KCWwC2ky8KSJz#
zU$bC}|1Ep@<H>ND0w04!9Bu87iuFjD3tOQonG<nMYY5l97H2eQy|^erbT3?KrPoIZ
zBrjEde#j<Vk0@YaZ5IkGRO8G=(a4G)n?iSaC?C|M_$(Wl5{E*ihj9lT7h&7mmDS2`
z9;GH`-J+<;y{p={E!-LFD}-z~mCPyAC6Z(HBYRu;iJ(`7cKuF;>7dz%OU{%)3;JKS
z;B<_yVKe{LFy&cgSHq(;8HduJEZk_(H&RriSW;gW_B|&-sW$V4ld_OtzvU!uVN)?t
zJe9bIgWJ0}oA8|lp|kZBk#SsYVskpjpR>7fhYDWQR9S>9mJ_Cyy2c*KmkyfToO8$O
z+BZ|BcLU|I8O_JHh^A&OR_ywbJYQ#*2u51GeXuYEPmE6`)rTw-(yZu6ROd3c_!MG}
zJ~|UaKM!gOn@pT&OM`W6orzgEGJ3Isj(bB%A&x&-*tGt>bGLgCH_ZFUA?(AjJyjbS
z_VkOiv73}x#$IO*N?l(11y%56DRJp9GucS%rxtT6E6D@X8h9V=XL4-lU5#2DsRPB#
z-@8@j#pgG1S?>M}T100F+$l+a)Vh_nTZ6TPNR?Upn}$CR#+;EWz8Y-oHgz`5jD4@>
z??@$J`uP0BX=k@tJFaW>Nza!C{_eD2Tj^YeuDoP_AF2L(R+I?nD<)?9ErRDm&<}I|
z$`2r<q&~v?7Y5k)FIV0dg{_`jZ*J||u0zsq$%%ibB&Fe|YZ5p<)wkzs69No3^X_ta
zzCoNiB`%NC|L<i1j}*I*+s+U)I%0wx`cBA8%f6aQGdJu6vxEcHbM72}ph_XiJ0<tH
zI1Lcj9)RQ*6dK4pt@=OcuTNF*=Ud$E8?4m+y6QK;lSIP0J@`22+#KHr0>4t?*+{GI
zXuB**(<|*3<?37d3CTPJms$8!Pov!z2~Gn<JW@-vbpb+E={}pSy=r=D9fjblpoVyb
z@dL7KJyFX8fS!=R6=BoST0Vqh-@Avyd8h0E@urXU{$vgWT?_}Y;ObwUed-1yp;0|T
zr&hn+QwwB%4LA6y(sGMQB|LKje*SuDyzu)~&`SZOB4>wNw>mFv{>qaf@}$_P4j{2F
zD9Ai@QD>TqH1v2ak{*HlX8#@eKmLRKqW_8f!G!-JzxW~&k_VrquJ(?Kau8TqDHGaO
z{C~f9u%MYJOVa8xH<p*azW5C?MtBgb_g0OA)?A3%-%=yZj5ELw5ThM2o}5a3t5p^M
zzh@9`50<3I!8L{Kfc$s9X4r%2S;S?gJR=!d6ZDB<xcUIHT4C?1z0noe4tzg|e-nAU
za`EiTd2V}h<uAAj>=W+11xN!x=3YXz&3hhe>DG%*4dGg$L4VVOqLtQ9lgwVsb0b<x
zy*`-4e<Ar(3?CBiA0FbX`-!cE-N=ToZwuCBs4rcC0hy3mL{$g)fM<hb#seNm*|DP3
zw;w_6ya#E$G%Ow6yOmXT-NPh@AW<)SjPXL%9mTi03@fibf;*-Z`F^&$va<-*3Bvp*
zu?U7oNKYA7tKJ+J{^<D(F!OQCS_Dax>RRQ*B@hU05Q3R-=fotjh0~z43G&+OffnQJ
z3`9QOhRq&Ml7CMJ0jeuMc~Y|e_*M3%R6FMtB@)=gtYxJ81tH~TK64*>isf1qg__P2
zGw(t*<qlvcP4=&(V{Oc+iE=uj$T?|7eoz6E;RO%bM*TE??Crx_X>y)cwgi7rAgJaW
zn_y$vnSOW56@a~V+8=>mByr^h7sl|g9H_8)x_wuolDsWXGE0q0u=qhWah<PQ(^H`(
zlaLy}{|7r5T0lAoPX-GP;Ww?sE-HAeV+{Yf50to)RlTN-HjiGp*6b{|KkfJ-s{}sZ
z+%aKY2GbDwfFokX__v#f&tmWF_n_7nJ%btV$Fc~{9R%rCu!X}vOn;zG8{w29{mg~O
z3BH5RT>+ABk0%rew}7$m=n^d0fEfRd^Plavka~AMzxfVCYcSQ$45(o_ikNjf@E=LJ
zZ6SESWd%$dI_y#7K(ytK1!0jHEY{hE7M}h2mEcV~E}8GKy$fH}qqZG3Qnqa_mk3;^
zi28nYJ}^bu#Y*mfhhH#`UdHM^_%{Pl?|XK^aqJDnwC4cTmr6O}B+Vz;4K(?SZ55g4
z?-mw8Yp@(oth2<7)2fdfKp#BWoss9FhOl35y=D4~RZMt3$#FzsvqOA=!jkn<0v~#k
zCDSTHVtf;TeXvZLeh!(O1u=huFrwtmC(EZf<Uc>%^8|9<Xf%;g0Um&C5Ihs!QkjFO
z6%%lWoL>yGe<y>ymO(Xw0E`t-?D?)epJ#0poEKO92ziE3r7sYapPfx>Xla$L8HJ^%
zo}F1Zy%i6y-%&sPRbt5G1vtgywbFmTI@OKtiM1I1L?-FA`_ljO)&CD?q10p1U-q2+
z3!`bWw5=EC1JJ4s-QIS;F(S$~w;l{%u@0B~iz!bpFaZOm#=dJScZFINT=U0=l2OsJ
zlk@I;GG)elKBmB3UxEX^*68}T%(cP#<tIp+stP+@LBnry{iJ={mVHLjCk!Lc_iHAh
z%!OM$34~q2;5>_w?q_Iib+OqGh%=-p=RgUT)5s*eQM?7wZ9TXXn0q=a^7@iO9`NWo
z6%?vZ8=*!HI(fre39Zr2lfHzA(S%?8U=XBE;9K&Q-UJI`(TNGcH3UKB1fK06GHtCk
zR>6$z|L9jbjYeWS^foK-jAOB}*2RGR%=u#{eDaW#F??ZuZyFBF5%+PE0DCol`1sZW
zO#q)s9a4qd8^cj7e7iLj{85V1*z9#zXW{L|=3mk~m2?H~Fv4wR&bEs(Uz6hBHi9wv
z+JVq0_;J~EHDGELv>zI{kLI3ss1<w3@JZ%!M+g5W_?~)}vmMsJLW5fs2ty}`eL*WH
zGQ0p#k^o&kA@&4|FgpQBIxOAmpW*w4uCyX;m}g!5$ybJGzxWy}(EW4}$Zz%Ek$>VJ
z<iGWw$RFPSFY>G1LqfW9OuDh@_wMP9O49y6@C??kz!nh<-di+VS!tEf06Jo|1Y^|M
zc6wi;Q&`CE)f45z(&q!c?tWdg5+KigA?oKj<9!+tr^NcIu3fZDfII;pCqKm?5oZ$K
z{(o`fpWHu)oAN${9H_`_MpmAlz13~N@1^4^>q{4Cdrmd<^&)CMWC)^m_v1pQcWojV
zh}%mp2nwr!Y?B`bx4b<sB#T@DZ=4Ojn=BD$k8#1_p3T81lHRzb!bb2;q5L=~1%x%z
zL+}Su7XYT<JEA>DP>A&;b%bH0j`@kek>VXcAu&?4bmv?4-AXlfs+hO9%W%>##;1@X
z=f{JDKC+dbV^<4wfA`l{t`jLhr9gGhaOc)8)=}=nY*kI$XeXi|#Rz_`LhEH%U-Amt
zjRMy27QFb~<@P@?W)v3=nXk61jX)wR>jO~_C_EGZ#xf2vI>E;)QmALY^R6wr^F8r(
z-%JJm&iZ2L+kObI@os$P#d}MScdSsw6a`WB&r}$|V;e@Iud#zZ!m5aQ6FzI(?^_c_
zQnA=OgK*r()Kl<(nhXNq*Ox(MvFtuf`_AuMT-`M^tPp|i4vzi^{;ri=!Pmb(NY*L}
zBkE94+reGzBnwFgi7M<+O;sN#Bi8sL)P1<5Vzo*KIbgQd(ZP9MmnjQTbsV~id(QHL
z0R+Z0z6DV$qNUWLTW+yk2?^xZSPynZGvscc!%wD|6LVXYWzQsknm;bU>nTPjXvBGO
zHe;Yua_9A(%cJS~XI=*ee9;)x42ro$v~Rz}MmJ9}eUtpv(QgKnf<<2ffxaRMY9$Wy
zdOpk~T$I1sm7x58PmvM3?Jt<Ad2P{3a;Fs>Cm*EGA2g$u=VOTw*zkke5vk5KIx!1>
zymzG%)d@yZu!fl^ww@AM&IV^JVG&**rguvn4BU9)`!aSXzXzfyS-Ox2Da^k-1zo(b
ziW-TqidxV!_NMDh`C1w@J2yEg1#D!a`QO-zQ1Y?j!E6QOd;!_{<PbiL91&*{2_00Z
zC}&6PQnDf1`x7K`1tk%TGo^J=^YCQcjYl#11HNT6%kU#Rmy!*b%YF)(=8Dg5_4LrX
z4-jK%q&9a$N9=^9wVstAedYvdo~1f@HTun~=zfYRKyl;O7?w<kem)NEK>9X>;@$;O
zm=!s8%T5ldLq3%qw46l`XRctVM3`pVc0AQ9Hqdzms;9ZP56xNHOi<Nv`#~xXiZJ|{
zQsdIvwT(`z{{fPNQ`EXo#U$l0iONY*knt2@fa-XeVd(yP4&Jm!gtP6R1Ct^X>`GCW
z1HDu58tOmh>#n6(q4+$cWujfbl?crQnpMRCB!oj#L-kXw|6MJd$1Q%7I@z0eOl_la
zp*2juw!5u(EZdrZ7ol`YZ61z2heZ|!Ik6idsMGoc(|x6xbKsuiYu!w?!_U7x8DX$}
zYglTxyl9<!6CRWeCx1muuf4iUq4q~}RmM6_j>2$cOZRt+svdV7U}QNwZYof=eJyXy
zjo>N}mC1-L->jB#!8XXH!{@r6?5pKmw8ghbouqV+0AD8Riwp5AF9-PpC##J44O!Fk
z#228Lyfj-xk5PE-2ESkH1b8c7rnP<r_7YLE#_$R#POP^1NdAVlwH2)1Hh*C_%?x-W
zhTzW;pI^?CltG=x5I|#ZPSh0&l>^u-B<|^f1tcU5{w$t$(vQ#7hcFpNZW?QT<UW$f
z$hys?jkynFT$kH~T{5s5C|h+8ULxMA8v+X<NB9D6ZQZRsz7yARBhe*j*t200MQGi@
zO)%U70AJO*9s?1hcQX!w{I>rc`6vHDev$t~{@ADgB7buQ5)#j|{>lj^^(>HI?vg!Q
zMJi_{r+mJ^5YTaX@!k45rWab!_*tlgIZ6|#O~bgYmVVVvFdj2?WMZ#vO&}bOOk;zA
zO8JQk!XLz#g}tL!Bd{LdqlO@ztg+j#0Y~bgYlM&O^6F3bN7uNhl<hr)0mgDE<viPG
zJ$mqKCSpg&o#DV`o~0HTgb@4thNjJL&J^OPZ*hx$=p!fI%&(F;U-;P99{(Vkoe_|+
z0s^AGZavPp+u`!Zz<FBU$CUUFHa?N|84xD9aMu?mE*2$3?xim~mBPgiwP=#wO~}`Q
zc%Z6;ni%0BrlyA@hJSL3tDxvKgTG;fmnTW@u~Y=feY#VXHOW^0yLLB8!bCR510Tle
z1~7H2z9Ob7*5l;&JAjNj8C{0zWt}#fYiSs+fU7z-E^}<SdHi^sA>DdDS)3nt^N;|p
zsLGa4sRuW<q<)VJL;tD0bBjXiDGZMAk>k9~TOqadFl}&%7I38z*7@iepHiw9$@3c~
zs=kjvmTP6U@Qp=_V%D@-4w+2mCbzXdn22F`vH?aF;oIaVQA5Fn<7#RXgKEXeJmnf$
zMP=s?TKR^HEZKN-SgGWqyh&OL!=RM;Xz8N%sY=-;68XZg9J9e=OC3ii&$gc-M%3wv
z9mXovZ|@RORAXChvl4ygbGY$2zqsS!i!}q|%th}(&B<GAzSRxWIN|2=mwS(ca0khy
z{k;YI11}DSZMp7RvaX*26*pCs!a|^&E3L!mPFJ2UJCvv05Ul8DPQvA(5!|D|>K40}
zFH)3vB|Bux0X^CD$du&$zVX%$iVg_+9eRF;G!WSqn&ow)H=?(A$Gg;@){Hz=uFR@=
z{sPRhKuDNd@YEgsT!vm@0V+}+G<6;_2cqU9hi*Jebf<RDod&P(caiTB!N7n)baZ=o
zVUF%X6fv`5vEU26uNHw?7XA*y)=~uHe9Fc<n5$r@PQi$Z87cKtATvWiw)l=Uucp3#
z!D_NZxxX5@IX#qLDUcqcl-+CiN^Z%ibY5Ep38{k@<@yf4I~8m2wi&CsKTIyGYGJp1
z?hd*>d4?{E*c9^q_7@(HT<_1$9_1H8k5@Y2?j_5L=dtwuF|RjnEJ;$(m_GxvoPjX4
zv;s%}QTo@!2F+ZpF{t&0LHb$#WR^svkd(@R>7b=)z>^WeJ=oO{Ug&Qe6H~L)70_<4
zW^hr~19jk#@v=%hwHKHb$z5dyZIP-kL94%ak(oDIPz4QgJKTU7iS|P@wfh;F^>-VB
z$X+}nH*e<((dWU}jkQ8s$C*wh$WEeA&mwothJa6~+MF#S2<hoOkDuf6_4sWoR-M{_
zdow1Ur&<5G>kOGU-81IMmkP%44aM>vvR#E6OU${4jfG_7TlXO3_c)u>W(9tLhgqLC
z5BGWRj5+ADvmHoy8pE8inQ3AOcgLU=eO_Z{izRupC<MBfw2b?KNOmH<tK<FnIGzpr
zt!SA1*;oMRKhf%=s(1#hFC9JXz$GM9*|)bkpVcO`&(KA2*Ux}ovlv0TKduuQEZyPq
zB1^tS+~ua$?yhIdC=k^-BgDR7wYI(mNI4+!y{Yb6_7sE=rJGjMFg^J5U5EV>8RgW0
z9@r;B<GYyzisHMiq`iu=+|i9}gbx<ciH^8;`6eZQkoaCbfl+mD{9s@Q(N6FUSS`6%
z9|X3YuE*xY2}7wtD--A+hu-OqW2w<5<Gwy%amBe!tU@y>&03#m+Hf_Q5J>ty(O?&1
zg}Y-6U-|+SHSCRPgcD1mApe_SU5{>T27_*I6WcclWy&z>F%Ak;pARm^@a%}?47q&C
z0*l@|?HVHTafTvyMmMmN{sLxNw>%m#8Os9MgeT2)2?A@O^!lgf_x$h3KlKmt3;!qb
zCvpFa{C#{#NN2^AeT6fWI<Id@-@Uw%vkN`;_uB57EHgeVc3v6yIrg|HG6i9k-nkyd
zSz&8JGG^fwiPk$Ng~l3fE*Zn|^5qvM<@@lKj72HdQiPLl-JBC3Q+v7lek<KrtfC^i
zcc6?24Q;S(UM+|gb2w~^ul+{@7d<KEFk&p|9^0kkdT>+$uClNwp4u3M1{lf-yYs8+
zsxFm(-jfokRFxi()o@qlhYcC;h&_A_k~~eSU#44d)-Ad9<L~TI2cAvmi8@b($>X&D
zey`e5f!)7v+{YCc7?~jTcQZw^-emN{)+bqX0UJhngQF_9tK>D&x!J|Jmjae)DN=bA
zBTsbzY1(YSY=u~&bB9q-j>qcBgZVl+w1`M_@(LWX(Jkw#We8yf&i<a4+e>>fm3Sr=
zyXTSufsBv3PfSxe;jVG^;?yM}T@2s02$ZDG`~&n;a5DtC7EIaU;w^N~a}c*H*O9q+
zs^3J=56Ba0nki4yO=u$BzZb>KY$F8|222e>`5~Z!X(XMCL+o=)c31BcpqYI*b57`+
zGVrUxC}B=g>7Q0%H&r1jlfZNuJ*mkR<THy0eJuXckftE6jq3MxFdy^Xou4fmK-2~c
zaUcuv-`#-#W&Du(IWu4Ds3HYR-Fx6~i>syyYovIFi=Ef5EIo^qNJnHxIfFj)&dyW5
z{*d^C`3sDx=k)bx5lKHK!+K88Y?;63Q%>8OiP*?;s$k-)1QSK)+6wc&Do7*wJ&qXN
z*Jo=&P1+6oQJ*5n+YOe&o@CqcZ1L&NIDze5FuysYQs)WUW8fCl+v&)+T*EwWFS}Qc
z`w&%fpj#Eth)Tn#{t~b(<Y7Gqf@0mP?>Xhr&u6Y&HQ*2yuy3ht+pV<A5=C7DmHX?b
zxQW4fKFNn>&;dI;Pp{vNi}Z~W@PUyAW~`SUvtX+iSBo6H$4nnwZQX6fo9Wh@l}-9b
zh$7S*#<AaLJN!nlDfSOuCOiAUJrvR7RJv2C%j4kq2-AHwbwN2RMWPkj1QOnBSeU1n
z40W+EUdyW(@H!1rAB^)-V!CCBt7Y!SXcbSRhz@g)HG#D@G~k~0-M=hoIP0DW;^i~L
zc^#8x=4D;aIQn)%7hD74=_+3_UWTgPPo}t}-+%SIRxgo&H}0~R#ey$wQuOJ@>m68e
zWj(URy9N}+L!dP0{U>JSUqsK5y}Aq2N**f~E3Bq1cKC@t<~+Ixzxu*c!AM#NlpM$z
z!=%ck{C$V=HBS$Votg%p4j)S|v~l2B_FJFC&|^7rebASt_Cn6s{&8CqAULkGp_v2u
zd+i$zjCx_;IALNW2^?|4P}98+onN5LbCd@m=0V$*iGGvCebhYxRhhN7@7x9yHe|NK
zYop1i+Hm-zhXh$Urwy@5OA9}S)woDu622PGwT+us=7031&8w=QKmtEjg~smj_0^>%
z^Q*t#mF<(piX<mZ8u<Ks)x~KPf2Q=>V%&Y@OG)-myaw+K@3T396Kn(QNhpdmWN7iR
z+sv3OaP5@EtrqLcf!PPO&2m4%r_h@>!58H^uk#7vhn-#O({I%78mjV!&lQO)63aCd
zqYNz$m7SIr(TE4`?2;>$6k_RfRfcjF@F{7S<*D7%Wn;`~Be-&Ml`!hyot<)a{XcxY
zWmJ@j|2|B&ba!`)lt@Z<4CRml0)o=1l9GyacSw(<4v5mN5`u)Nw16ljiU|6AW`F;E
zvCoUI=j<Mju4i$$@9R@n)a`ZM{eArFp8vaf|FAblg-Yp^U&G&V<YgQcj)SfIiyx;&
ztrH)^xDYk!$ic(!BY6Iv9OJ1JmtQxRP?nKQP8RX;)S845Mz_AL)$>NSSNUy7H9XgA
ziyzeKiee^Dm3eeNAkxP(x(?!_SXJT^w!fm&wN$HENtjV<=(+8e0d<pf>ZxwZQ83jL
zq`<{?;l8-dWY@~8NpHoO{)j_`9e;#yhDSS$HJbM_n0*lE(pQ^9$Xrd7OcuGFmW|^-
zUY#NT8~NY<gZ$F}MgHth|04er8!Rjw9CsQzx~zhNn;*tTuysB-{eZZgyysabs%F}^
zb$&L3&HSlo>M+~Q(k47^l&T*or_Ta(Af4RIR699%iT>C$SsDH$qW#+e?@&YJiH;(S
zB&4NcT0HD}cX%FTj7EC(<R70kpD^k~;{>#OW?S944STv7Q7e#$-&NqI`@qf5$1%A#
zkQ*joQJ<EN|LM)d#Ag!0xN|<@-mkvIdPx)4t&@pMC2?LST}^natE^!9!@uak1F~Rb
za%XCIn#*(wx<Z5HU9x^^d{apaddKi;51(U6c-r0Csbwgi)7N_X+FhLOMODST;KK5e
zXRUrqLplZriFErC7>Mtu;z|G7BT@L!r1e%O{VDDyZ%<_=EI`z+Ev556^?1uq?Zzxm
z9(Td+3aM~>s<$75|DRVzM?PU=e2=QXt4o%Rj>}FFk6-62$BX0ksx$alHpPAHE`JW~
z`O^5Ly`c2v#<?$L^zLCW-B)%JhYi?YLA7YlUzLa@;#_Q^xzLgGt5Jm0i(QlWR&MoE
zf`<n_{YLVd1UeS)p4DgOWY)r<9CyC{o_0*thxLJoGtC#xHjYP=DI=pBzgP;lzI@T2
zs8Z>{u{towCllq2K?vhpX`-d?k^ae1sAap5y(tl^>8wguBQ&gg(YDQ<>t6J0IC)-y
zJ(F`oA0pb=+B%mxO+6$k?Ly?)mQU6@y@FW^?XnAxD=Q&@(|X0z*SER5yL*Q)@jY0b
zSYPXVJYC3&8>Z=h$YG%NOp{wJfm2misdAL&`3Sa!<jOY!BpvXBtC*~aeFrYsKI}s@
zEOrLoq}5{jc0Y^P&&*}@;y1DW(QHwh=;Gb#z0#ya-rXFVy)F9<GfhoR7yeUgUT*YG
zh-56}B9HIK%|K$#$jFV`w{IUgMc30_ebQ~e<qCU0fwXMZm6a7WrNS%WPrGgpMuuc6
zELw@7#O=GR8{cYIWjr0d9wlI2!zSqu77?pem54SWzrZ?s<-YRv6h^6NlgMy$8}L^?
zw7&<`0&r?VUm(|V;`;#(EE%PG0T8sD6-Cc#aH;w8MvlYd$5<qtyhgCfG=bpYulNi}
zj~;!#no=DhU<u)5Q)RCB0b8fqExe8{k?X{u6RlPtLXAZeoygAd>Wr=N#AgrD$O_?a
zCk@hsTr0K?B}1RikGmv`J)J+yNdryMB<UWk1*Ikk@!$Lv>$XFvvy-c_&=ZvRb3f$T
zc-PG#&^`9*6&|Zjo~ZqXiY!;M29vaSe6~0^=+8-Jm6#)|kl+}zu0yS4rp+|XiB^Pp
z_&$XT=qbrBSOGuunTdcjC47!-ixt$y#>Q6uBO*}`Otjp_a}?HR1(YiBCZ9dnFDnQ5
z$L&b<6h_|tTogRwXKMDsZX=*SRk#;1Rx`J>!jAg!?ZY((Ph28gW!?#1*~2}!Cs9*V
zgQF2xj@SBRjjJc<@##gytt*vx-1#YR+iF2#{Bs)bbzK9(Pri3UXZi<0hl1h=*;PiR
z-&&zt%6u<`tlGVI?;d;t1LRA|>FV!X_U4{A#6KbcBm{dTET%iD)f^zZ;tSL^E-dLr
znp|N!2a+i+4vvdpzWutCXlayo;MOFzip+Y*JG5SJbEuXU!SNf-R}(e(n9aFPnX|KV
zQ`a9;fnUP2Qee*{rL09xK~X(3Ng~F4Rh{FP9)tQ^#Ikui`m~%MXX=obu)SW7DL6J8
zU-C~0|9Fl>b+7YLLxX4^58d~j`X|&*VAot+Tx{e@rF39Sl*2zEb*4WN%@b8`u?niC
zZuco}#%$%3MHO(nsit(Qx!YCrlHw6xrkGtPE#8lV1FF<a+sEGD=9_sWB~3PMGZUF4
zkm%Cym4l(-;r_g3{Gy@;K6IkTKYtGQqBlVV0(VHVU#oN{V#BIStV%Fi)U`B<ZP2q=
zc{dNzU#l}osKRV}lKwaH&-{b@QvXH%!i;~B|Ftm|R#jCMSQs;^-0M32GBuXfEr&{H
z?!^aRoVZ6#E`P9X25g8E?>@Wr0Te=p_7*AFN?GESTkwn#lav2}`&y5u*=4lWUzvU(
z6wFgH($eYE818F|_2HdfMAMbSs8lmWnYLQ+9<DTUnd!WQ8p~OR@7A1(%LrwceyIWf
zspYP!(8#^uuZx<Ss+LfUgU%ct)mzBXX{RvL(&E|S*o4W_QX%nkzUN<F>PMg&B-**n
zsbmPZVntoB<zH#iZTZqM9PaO%eDcDaOsvxjhf719ow@TfaGbOz_kcvxM@LFR0um;X
zy<Vq?EkrkOTLD^cQ5G)Euv;5JQj%DCNI=hly9CC>vGG5@%o%SEq&oFu;TwIdH5cen
z^GUDcs)z35%5Mz~jg6@&WYRQ*LVoHZ!9`=ZLS1R~zN<jHxxjOy!S@*Y+<DgdUOk`G
z-V^dhHz5XcnEIRHq^SDtw65Aj#_SRq@dS2+Ds>_K4P4`z$9;W$TU%QoKs>U#5(e_!
zDk_NJ87Xjn)eZqI=-RqWUu~d<5NwPFoWoRt><VelFO7N1iQbtcV6N5bWxsO|{Epz&
z;@6uD>OnAHdLJV6+9A%G2$h|gsY6pS$Fm3k7nA&{!(aPxs8htPTjKnuU>l@nTF$YO
zeC@`K8^Z$wTPnZ#ww$cFiEVu^_afS|gox0O@tEG=cpVhN_G6Sx67|xkWdkUn|M%?u
zA-&)5es<avAwoAid;8_DIMIaI_*?qjC4Yz}dBo(5BUQ<H-hN<wyihAFBrF{5i%0fz
zcL6tcr{n#sqhq?$uUoWZ8GDz7eI=VTexo=VYdEbu{eva3YfN$17S=w0uGRuml+*#7
zbY7IQvhr48S{fA#3+at!t_tG_@BoGG-|TlG#MlxuU3uEuLrhEz3UDes4gZLUzu+!X
z!I&r$d=(QWT&^(M#Y|;qYfBP2ZdJanu6G2-`3eP(X_%lg($g!6T((_)x13xS3P`3G
z`!0fmPOO&~4mQx&*JwUDIRR!uQ&ew<qmNIM-ry8X`o?JwbBb7pVsTGmi?VuHn4<kv
z?{c~bLUPuckBT5?=nQ;)^l{wLaax61sg#Z)wB}hocV*FfQpo*dvJh+PbA)eACKPgP
zHn)*L_Y$#@GnQPO&%^hXu3X7tMkLn*3K|#~WIoE;C(P^Y#(dX_m}kgQDQ`iw{(k>T
zvN`ff#2=+XMh1rA#Q72;G8Je4(2*erpFkiPMAz35crXAF-D<C>6%0WC;IUSKDiMM}
zwia3i#FG2B8aZtiAK$Ye^DKSPW@%fv?CI%=2~*z4Kf5}+cJb^2F>&+f3xD*JAJ#ve
zcZSNOq+q6o+!(2;5zL)Yia&#^9Wd0Y92&QQ5bP6gU~qwAOnWQKB86lWNE*7*{B_g6
zaO8K6jN><+)u#}W?vCNbWkuH?I^W-IgK?`eXLA&#nUtK|%j9S?Zy38169Y&3egfit
zII3c#+}Oy*JzTDg@B90X8ZV!L+1d_R|LE0W&Q7JJoJWN!kH|5!%>49pZsUuNH>$X7
zWP%|BOzxNLA0{fQw4x%z)9-7KRMOS!C1{E~UxG2pK4qaxLBGp<qXvtg0w^k9NPQTX
zg)c>D(B}bg7h16&n(fi<!(5$Su(7!b={<#)qtD=bnDNtaO9`$`ze>Yl{&JKbW%>PU
zT-Lr)l&r3x*8J}Cok`1BEAwoj<{kuP95O9V%U0(DTrVchYA-(>d^<_lAFTo|GGoex
zv!G6c&t~C{Ya2fCh7F-1E^0+oNzZV@q8&}*38pw>eik9hRo2bUnh2q_6bwfx)+Apz
zifWjrX)?sLn3v;cP*OdHalkTz$!FtSnw~cE$@(!8_sThb9E1ER{~P&d|3QAq{~~|6
z_P@xlQ-*~Fqob-1!WX+YJC!tSnGWwWtkgy`%i1a+?UtB^e|es@3x4I~BxE(t;0P7F
ziOam!>3;t@5o+36K7F(2(yv6^{T;A+gdiUVdirTu1@x;Yd)}cqgF}dGUYH_P%v#F{
zLL6X=+$`r`Z{GR9I-pIBa*)&~BF&9v)7c(<@;&Bay~&n64K=k6?I`2677q`P6UVVz
zFSFHlju3f|(Vi%pB--!}Cr-fG@%QhAH8gqA6Or}nA!m5y(O69s9(AFwCHP>~iA&w_
z1nC0-M%Kj^PLRQr%XUFmqS?pNGJEBs_qn5^&^YY+U2(4MOr1&386x?9BdRj0DJNOK
zl}WU(T=@+MJCgbux9>Plp}i^W*b{Q#Dl2&t9u;hU{yhGkHQlpyQ{`+Q_h%J>xw$!4
zun~|Vf5Kn9zrWwfp3Ar8Zl;>kx4t;hXP+mtPgg%d839sL!i9^QTZFjgdo#4VC544#
z;bZB97QH~hymR-in%li9lCBpoT%{_YjRF&brij0Pc0b>SNT<x>QnJ*guKYxHt7ffq
z{?oxoQ6IWjy&eaz0NmDuo4QSKtIcI>R7pyP-%8TP4VnOWnJF9h$EFA+ue7w$_UIj&
zxd2NVcAuhxg3I)tKAN+u!n+1v%_RnyWP1=tZ9B%9lS-y^4BUt78yhQ1GvmOYF=fwC
z9Gu0Zw<4HnXf#S8?N=JD7u#EPpq0z;GbZ{1T2HcUg(ig0ekyaF7?*zSoBR&!c3niJ
za#kIfGhfY!eZ=|OlHnr-8w5&(58W=9Kn{d=@Y{<W%}kYh%w4^>$WJ)lhV}HUeO+o9
z<CW%nyo30r?p#`OHHG~%d<EJmtfnze`)vT+es}X2jP48JTxK&jHJt*hN3l(!Kt939
zTT5GD(by7Jv^8-TGW|?iUQyv>;tZNBgAXR^-ScMpZ-Evx=RM(JQeNs#ugB$?*FpS~
z`AFKt+H0ian>#A@ogPIr)hm4wKeZp%hK*lo7CA=&?$-P%dbt}B=qzRWK&h*W=yb5R
z_VwTMR_lhXYLq`jp6&MZ)(NxOI!M&>+mzfAi>KgtobN*yV@Xe%ipX}PQ7T&sZ3&T2
ziG3PCbEdz>{b||ZNHLcnEr)+blwG`t$a~2V`+S{%ptqKc&_7sw<Im~{e0$74*Tt_O
zW3ki)Rpq`Y)E9MTYlNp8JIB;xh=dgF-?PNH89A!!P687?T42)wKg&UIuDo$&AC--Z
z;zXsV^6tbgS-WbR5D<6YV{<v<$mN#fd6@I)PlLw68g2SMAb0aLoa=R8%*@E_v*}j+
zaqQ7niC0+3uS`ij1X{ho9~&JWwnb+|-1(s_y`w29g>U7V41`}`kw~``tN(@nWX>Tq
zz*N+@Z}cl{5wR}q%{TXVk(0j}>fLe3Kgtv`kK9;VLRMcKqM<>*3@y5~V`_M$9J25D
zLVD@Lfur?fd$MF_8iSGW*DJ}fu`vkws#aVD-Q~B_(>`vO=o&>{!|2ouCn)Lt@81KI
zN<^bG3A|R23RuH$Z(f3s?FHlOQ+sj}`1c@j)aI{#tjj&P9|}g+`g%31h#Ru3BX_8Z
z;9z=Jh^VUP5aPY?WlRdZw+9sNL2Ave+>OhJzU8M3g#9?D_+1U3P@C)PM52?_FsC+_
zUDV8&TKj$}FE5XgWUp#B%xZLE!lB7AYJr2uT)xqBZL14*9ZQLKjN3Qr1`)$CE#{42
zL?%G3te`fO<v0xnS?W^aY6a06#FeGk#YYfNJND}Ksg|0wO85^iRxikZ;l=tsj$xyM
zY=Sd-W@d)zq8pLpbc?(uAF4$@y1_~A<~z}J?5veFH*}Q2k3pxafdQ$r53`>6uzicJ
zUt_d*=J{sb3kZxW`6rUa60b8@8K3l@^BWg?+3$>CkU#x@BmcX9kYD1z$Y1^YU*sP}
zU}0qoII!cQ(p8}M3xOZu;WW|f`gqKH0Fp2<e%{_rj2~w>KqFOERRLTT<Yi>OL!M%q
zyKZ3w2<_)NSXmp2%Q_^`x9;4z0}6j2KBxxsQy4w5drr^B_5rx|>h<h*3Q0U71>eE>
z62MZq0S9Kg>J^h|urZ~6!b?1G*yc)G+62G#RA(=7qD=xI7efZUwUo;p85lrg6d$5M
zx2#EjXP5{;aazJtOXJP>xQ1Lc>})6N3GnfqqTrtVmSM!`u<Gwrq9#9&$W;?Oa&!MR
znmgaC*Vs3!Hwd_bOz|NLYDPjzcZV7pC-%hn4SGFom6W;dcIWC)rW8E}Zm}UL37gf&
z%Z?gxWW8x7xhDqU0~KdyXD4%AZAtbCUn@D5I)QE)a>8=EYb8W7%tYdQ6AGo8F~gA<
zK3SI9Zq{*2*!ak*x*}$`vir-&7nk|e<-!!Lz9=dF*|qhIrC8yUm3<0KWEm!CPoe)q
z?3)fnlu_oplhSpQJI;a#VNuixY571CS|P3QVf|x{Z$h;Vc~O6N%*@On@SJ9w8Qf7-
z1$3Sv1{KdgXe!^ckYM5{@`3~*-r+9hnGDWKR+m5TZq{^A_s&A}CCaQ^yNc*Qg`2zF
z)Av|HAQtK1@JYbm5BJ)i%NwR^!rdT_kQEkAasW~Ss5Q+)Wu8I0B~X}rwEHfxX6EH>
zPr9*3_Q7_NPz45yjF?fC4hu)eW!Ska=n9MTkSs}Xjvm1kuQ+s*DdFT*-o@`HFl+m`
z+lc2rg(4>Hn-z_rEGG;*t$&3L4aNIGIN>vn^l?UBtjexlUCPIyr>8e#oqoE$?qanU
ziRF@>4O9ng1`GOk^YE-_tn9!Of`uK%@qm(=y4>L)RgvwIC+(zDR6Uj(Orb!4Nx}E?
z_ZRAe?ISD2OZ4BhC~LvU;?hYl=&cz>#9Lk-iTHC=0(G`;>fNJnR7~Pk#bb(XyQ>)b
zUy=x^RhDIle9+?^k&p%H4Gf0|nEbFS8Gl%Rq6H1$?8R%$Y+tKtYHAFSRrhgn;TFh6
zzW)r!HfF7LMjb@+&R3{vScy$nZK3W86QWXB<c#*zA^GzNlc`9~s>5>yOyi3l52kN~
z&6%M)eOA=X)Ue|DHEfBVDZgO~{>yG=gHEz~i$7wn*E<Ui6L9z56EH6371dvtOL$nX
z_ucn+G?eEEgejI6N5O2Z-uB5D6^>Af)vPU$eX!)b7cE}4*KHGN-8@`h_6!P=J!Q;}
zZmBW|^}|UKdn(TktHo}(z)I^RiUt6`OPW7^o%Jj&r&<!Dd%5uJ^4(LJE6Y$*f!Rey
zGits8*w$aLuJDZ^HC2C=#7nVF>V=1g$NKb+RcM;a!}`htq}oRvXYOU&^c#KBTy_@-
zThKUd$^dm-oF-KAuAiY0KuRlba{sdRXcluNHfNn^1lf4Tnm6cdeU72S<~#$2Y;&Tf
zm#%>UT$$6m%E!jWNJvRDVrrFVFqANO5=DL5(P+ljagBSCn80c!JS6_dGB2_(Msoxt
zOg@OK{B%)GqDiW07{||m7^|2|R84(iD{OhRC{|=*1%?wyq6}R-+^X@cG&zgl^5Nr~
zeDK+`&_GWwsln&#q}C5-volsAyLQj4;{?55WS-#H1qW+0^jM%zI4qIrqlDa*p^;~3
zt?_Vik91vyi|sXFc=J!_p6H8h5r!$WQ7r7!2Wu^_CC#Kf*sMx)qC5+NNIeAwg?AO9
z%}uYoxy?5&xAoe!N#|L|%~Nx5NRZ0gCZMzXW`Ucj`W$H<r`vxByB1gaUiudn^r)aO
z?+h=9(;>4C#M&g5X1A|jV6iIk0rPd2bUh};TbT7AOk!@KGw4%D^9&CO!65&$|Bd`}
z{~*8kf04iO$-l^75sZb^ltH!*Hq5CW1_or+87Z3^8y{ZYE%3SnC;dvT({SI7SFc`S
z*!w`lhdU^YV$r0N8Ob4GVfod+TPY=z%zFsUY({XzC!d6DkfSh+Gd9Hl)hZZ1F`06a
z?_nz`bV;f22fPg!|5Kq%kptLhRl=Ja?cYn8XI>5%K}kZHgl|G7(s7zj%Hl_QsF-?T
zXFa9o`LgiLgz^0F`}glx=@`)$<V+2|;p00}hUOhZJZ^P$bt|^XwPj&Wtv-p?U#6|l
z;AW1}_sjw^$$8CFu15{K76*~~-mm}l>(@+s{c7?uFQbxm25~-yp|RxqDp%?R_l*rX
za!|8_d0R#{Hjz{L3d+925C2(P&{J?wzbGk5DVh~3R;m*JgUcH}4+xaUgas*8!%yh1
z+vqOS(9qN}lL?|deZ)f1D|+s&(&6l5$u=`Hq2HE;H#W3V`I!$f(srQyA-bLI``NA3
zzvP0!o4A+@3ChpL5$_z7#EEQ3L%y9!pLP`gj3#VjaxknJck&R@?5iSo?EfZ=)-w9g
zMI=0Yc)#648nSUmMn-&2@e9T1&3uu3O_a|Qo_XG5?41P)Xv~O4dst{FlUo>Vv+peZ
z|BYN;re?}WzMr@jY8J9DPj^IQbwo$$UZY9+!3?6ctt|kc4%Q`6iJUwrdP+)FVLvcZ
zh&Ws0a1n(Sl$9K}zg83!1D6{&T3>*lm2{9aM}lh8o34QN`;qm6K3kJz<>lpo+=nY*
zt$JL48BMZ<&9<!269SIwWz>h_vZ^Y(s?m*>6+yzVyP*_Mlp{Wa;R*`sysqMv8*f;5
zaRu*!s#kE^Gxg%!#OUb3@$vDL3k>?Xnm%;+Cv;8G9dH|1)r*2Zg~JBP)dPz_2HCKm
z&oIL*=F(MfBJqEGnW>H8gWn@7)zsFmh|%~>uPh<)NDq_e2Gr^Cvya0<sPe>Di7RhL
zG8pVbu*ovLJ@MiU4Gr&CsLlB;?|@%xjm@j*3mA4bG##)&OiuH-c1JW0r;yyuERi)X
zeB==C=iaB!`GAtJk(5Q_O+7#LN#~i0fYu$Ux3UB4K3|M-4!vf}Z9y3<wHrWa<<UCh
z2HdgzAs8KnP4DK4=G=uR??YZD)_8n;yhzi1@ea|;Qz|Md909Wt;@*^ZSV%FMHb6g#
zO7U28H?lLSmXSdwqtjAT9UCLDt$;^wh16Um9pdfFydBr}*R56_1qI<5tmHs8Vrm{p
zj4~54%$G?_NB}88o>Mss)&E=2VTNzMjef+N=-h7~U+8O{10m@Q_$$1OrS(i!kiTnf
z$&_s+nI1aE6U_9R@Df(F9>;zv*%6e;jD>#r26*5PH=(h8d31OfR<n>DDY~CpxKMVX
z3)$wLCYma?N{&)zHA(D}g?wrwi1i(?vbNUI`YJOgO{&m6w%&`qJXQ9>!VEV+&7)yG
z;2l-G>`iAMpM4l$b^D|wsx=VN^?oF7tWwScF!<RCVZFjcnoHX=)C_PoIk~yHft>@;
zW#i8w>`B$CU)6+<_TBsU*BUTXJ54REXvR}qtRZ*^^<2COtI;Hta_*Ck@La$9oV4Ye
z#oS99LVIf7h*S^}89yiXpdw<cqi$XH+If$Nm%S{ml6L!=aquf42s5a+f1wy*s><&l
zc}I$W;pOfb$A|KH0_?Yf>hM}>VllpN^XMm7-h6p8F_XoLjk$Sxz~>QMclsOazE)g(
z%&vR~efjMU&Rj@B*hd`H>ci>IL^9gXaPxDu$D2#97KbC-hNtu<$DH2Oz$p?J1yCC`
zVM0B&HXF+jOxvU>K{t%><Wg2<$87excBd!^o>Kn*zJE0jy?#KKi$VV9{~P(||3QAS
z{~~|u^?#9{)ej4ca|iZOzhGm3_yzWPuh3&@@cb5Dyg}~q7vxOFl&UYUbN_`K7shX`
z2hV0_u56>85^wu8$nUGuUCa((Ij}`GztkO}vVE?>MXcbDff94`4yrpBv<-?B5$8MP
zD6@~Lsi{y4DzKIe^&D(%^~5hY(laoOpB^3(*NK!xf{QrsN7|(HvA!=03k#;ErY-8{
z!1IZ8w<<a5T?Bq-Mthej9cfQ)bbTsSFrh6RrLIfey%`pE3O<Ilq7NcBq;SwAqR;Md
zva_?>+uMV`uaU99*Z9gBB2i3gJ5(PATG}Qt5$*97q0I5<98LIpc4St;fJlG))A#aW
zL=p%&M5g`%*(=?{!&M$t&;mYt@K%}QGtz$mVo|NnF$_Vll(Ed9xJ>tk1oCaaxm?Hx
zLi5N0m@KkB?lIXdxpXrdAN3NrxpgGWvR>BJMr^X{3;170*ygBfiBNywO<U4b9(X)b
zBlcU0s47Ndyz6pMh&|1v%U9lmKSC-~V5y^ngM*dlBrItDdf-&`<w6@#s6z>_F%x}{
z)O>c8oajJgJ^1Ta&%P~1i#{8YhvW!X`T;}V&JlS&*XmFwq3GgJF|NgyP)n(^yl9pn
zKUC->e%9a%GKb{1ne*G5igU44N21=j`hN#r;aJr&5F_KxWxQY1S5V)*3bhR$PO<O?
zUplKy2^=qEJM8NIS=eP}QdsSM>Na*Bl4Ws`uVkvsH~NH1e*t?UwQCYDzE8tPvp_j7
zDk}Q@=qM%^{8d)g)^Ot$+wObmEJ6lO>X9m1KA6kle(1%E7rENOv{+>(S-_0n=TW$;
zi^~HRITSdCNner^qM0MK(=7r2L%OGSFSL1z;?^dykKqy$Y50KPSBqL0MWTP_@w31l
zHrI7~C|6v8Il-^z&0iYBwO5wKq@aEwsdTNhv=oA-U<!zS0f%Xmx@Avbn)LpK-p~38
zPX7Tdt6PbJKmTLN8)ffeqH3=S;~OzF02*G-6T8ID#%5U6^8xaDGxfznZqN%;k(%Rg
zz0#b|9;T{%-NW|#18aTlFyck#ZOMIbiSN}QdkzU9o=va>kFFQgs8VgA|5T_bGsjIq
zxPIV0uUAYg-`4&YL;l(&u6GtEMb0KOlbxBM_?&xYp?W#3fbp8&P4T{`gEt0YUw;kl
z!}XeyLRVkkyhpRu8^*9a|4WzK5@q1D=_7opkfrGS{Jewt4HGl7UVrehAc5>~e5*`v
zktDxqLN*%CLT9WSuJ^=}JJ3a)?*OGq4+R7S-nziGlapVrBp%H(ApXsD-?}ut==7LS
zGx8<q;uwR<sWmU|R+0dZ=El6P;A48S%SGxOrl#GU8SRu>2?TLPptjw?=(6Std&<?D
zMg4fAr8;s#t2SXlufsc+O!l>D5=ksR2d_{3zh?sIP>sgo>(^Nh=SybtXYgy*k=3`Y
z{vJPxNE7ac)==_IBsMPRr84y&pyP)d)yMTCn0Od)iooP_t3>lLg(55|3vnc)!#5cy
zzh$Pi2}nyz%gX)$-4zXi+LitnqV@)*Lzwj>mZ$kAYBNtiBk}jZ(x(<9#UClr-Q>DO
zeF)5N;@Y%t&Lyy?p6-A%qfOV<erHDdIuZ(s&mpNKk0Vc~^1i}0Uj0tx0KNZ_**Zv1
zP4BdQXmL%>E5`JwAq(Y1Q0EJkLZ#`Kb(j{l+xy&S9O2#oR9GV$(V^GCQTgELy~24G
zD-!vU{@J^6@cVxCrSfvyZGn!>ej`I65u3H_Wewm4nD7idlym+HtyE4Zeot!t!{p=&
zPmDW!u!77S9CTURlAoEV32wd#vAq-7>cTQto-6ZE+D?BRWFRxqr#Z6DO+O&l<IBzx
z=E`;F8wUBi|2Oh4{Db_W|3&@|hJTUYkrfL|(|gAO6?G9Nz2F;tp8?)+vN+=wFPhWX
zd?w;Cxr|aac<H;Q<>tn3$jQy^47x2CQ~Y>C3W|ze{}~v#ijy)pGl1;fwQbt~H??V*
z8iqo1F<N^eSWxuYkulH~6cDG--zaWOPO_9>%@TEZS%~F6pZIqfH?9aQGFR>6Mk@qc
z8a}KUQI-A%2XLmKu{Mja*T<H8k@Y2&3I!!xCW)I8m*h=9jMr}JB|OC0l|?OLj!>BS
zM-LvaO06bhps*MhYfY2aE5Z$Cb6Mv9;OfskSnK4Zr?0-r4dVO%{V7OC5laYzcJML`
zh8=zzFwenP<98f%e84dF58P!7sC@(zLW~aus1ZChm!+$s(fK7MD&RN>KY+9iIwG^i
z)MJQE#8_!Uxdc7;5q$Gq{(|_+-_I`$8Wni5;MO*Z{6gU{rk4%MJdAWSZgL{;q5uz%
zM%)0z!0dTsfX?wv*+awhh|2+6`_S+gE8n#p;+<q*NhtwHgQ(_Dx91<Vvn^ix1G>Nj
zW>z5;r^5O9`Q6=J;2~Ti3xw53vh_>o%Q`wbJZI!QhCs|xQC?mQKE(K>^o&|DnE2nG
zNbDAuNDY?neuwL$rWIPIskyni@P6dQ<EDi$X66`oVJH}J70*204k^hhb8+?hl>d5r
z2;)1j92Wk7@XnN<kFN@L9Z*+Y<Xa-(O1DFz=N}tgbMDzjhPn)wY{>1{-`@uqPt!}h
z@b_emBE9B5DZ^@wdrIi60D-*HQ|`vjuw&uhzb-+f!4qB;C>r`mnop8ecsEQPPAPQn
zLB|U&?%LYg@%QgT!PkFv3|-x*XvEBIkT=cK=Tvx1`b;LBw*<vJ(ESa9!1=v^N|Kza
zk@-UDY4j@%iG5b7<b2C!pk9wzW|{`^^YicAB;=5^nzRDV9T4`QLCo(i_HmC{fWKFz
z=}0#wMa1wo_-mQwl%Jf{zf3FRUJu%o63F7V_z6P>yyPi&p#iA=aov0IzKrJ)?iHLV
zh$cTte1-hs7)tGBEB9_w)MkUV<QG`I!<Ayx=z)ss7_G0Qk%XWiqf&_E*Jd~@BFBml
z1gsQs3%LSvCh0jjazJm0ce^&Gsc9m9wA={|MQ1+whA9!%gopprjoUoXoipQj<2eu7
zb^rYnu4Z+w<=+vGuW1N`wji`O47R*V4F@!wN=(gY_oQpv`21Nwqha(Dm=1i~+bbz9
zCg&VEd>vpsI5^1q7sMj|N>?XAIt5K?&XdY4K`1?N*-dNS;Egv)ytA!J_0BW;4exr3
zSP5MWohtX=^id#P(7j7F#&S{Yh23Q1T~5dsCihM{A-KTYFq>#WN%<XA5sA#aLoKRw
zLs7oVq-|!c&3Tx13MkN<%P<9nhlY;Ev#ig9xDvXj1=#mM=?A_uwo|PKb`8V#ob5vw
zio78(M0xu>_%=x&T}>^f9KGa6!&r4+ov*6P<u}YQre81&k=IJ(96PK)Xni>oS4|_B
zou6NqO7hbk%x`8MV3$c=GUnOBHX5Ug3<&I0`ks0YxA)Yd5T310*kHm&s{$)fpiM`}
zB+i1P6>G$?;?xUo0u!-!N6oi}ydlc)dsz7cC8kJoGS`91CPo6QlJe_UJO_q{3CH5(
zdad(<*;4vf;5=dZ#NN=~@v@v;&iSs#Vw=#jQsIu|Cr|c3Y`#3XnXl?p?QaKQ!cbE^
zL&<@tHL)Z9sF?*MAB$cqAdw6|;*fZ%c<&6oi}w&QyL?+U@0U5Vtr~}+OB((Q6SI4R
zm9UY{yn<vB!CvGnsH5t+1J}w^LWw1E(gKy?8rt4rAF?wN(k%?~zy06HzxWUGi~JY)
zUylEa{2D1(SOpYB#&3sm=5H7CM<W##74u7CeT0}@J!b3Z?r|Gx6k8xW19XdJm&+xE
zCKsWwB9jM-ld%5Q`mSD6RmGy+d*c_?qSdp|dc%%QRVVGZWvb-b<a%@QFD`<Qnwn_u
z$|RD_K1=$y0rQ7eIfpBC22TRuTmXQ3=g+UtP*QoL7jFL_WyGtt)Pm9qOcJyYHK;HC
zL4m+a>2=u)9qtNTxn-(67xqI;kb**7iA$XSNy-_eeR!;^zwt}3J%)yb)M`4fFN<J4
zK9YcpvGfxhF60ztY`OS;?C+;;qw%d?@98ab9*NqM)1bzbelUK93R;mIzoi>#clWM=
zp_4uN<4>RqemRNv04T2bzemi!f$}8XuD<=Dp1%IdWfP+n;gC1jOUcnb<|8=P7rUNQ
zAummcZ;_+YcP=CBW4rLTUP6Sa#u3v9xoQPb`Gc@vT<4nL$uKqlqZ`{$0{S_TQJKYI
z4d&G;4Ob1O1TP^YZB7yk_1vQ)93VdXfkZuV6UT2xpRAjI;3Z|f-h)7ySXjsaSKnG|
zMfl#Eha+Dq?R?7TGs=5SXp@T0?wbwP;^5+T@C-Nog+=^iXII*1hb7z}Qr&vER`CB5
z8GE~B`_#)r9<KK)$v9|X+Fc9Iut_htkh%3y7dYOyi0ZpVy8=VM1-jGwy(~8t{vOz6
zASPzr*_OK$E)6zwP@(+H^T}N0mg_{H_^b{PUqr2jpIG0!_p%RxQq>2ia3XJ;y@z0c
z@G>Wdfl7n50oJpG5K=f%YGuthxAAQ$!CFtpm(Z$1`KwN(#X2;h6^&CCptT>XaxZ9e
zc-nliv7xjyvS8KX>NY?HwU2ycKc1E8GI(#TgyfaRIr~X+<*VyP_GQ#wGFoR0?U?9T
zB5&|<fAr`?m;K$S3E}xXS&~Mt?`^Dgm^nzSObH5C9GP>ZMd>T-%t??_MGCy$q0^Oj
z(0VV{Owo9T?4Pnda(18nKl+M=iSWjIM7o@G9$a41))ZuVOj}#VyCELvH1k!Nt1DFU
zwxPUXp6^YOj~=A*e!56e^|S|Zx&d=>dinT#w_Y!T5397hTcs#G@6?}-iBI45J$S?%
zpYFno4@HY-Fwi|Pv#=0DR@1BY34~uN&CAy>R9p?v;6B*$IR?_%4j9YkCO5DkV8^AA
z)bC(+Q-Lfq(lbiFG_ikXdxp8%UvkphC~=_`qA60+np;Bn=|943JscCl88?ZyVBzAz
z8)PDYLUv3?)^l3}>A}$m8ZHPZ1x`cXY+)hmQ{9QpiIS4MJl!Gjij*86)b`_&o{c*^
zb*0{e0^&!NPjP$#LIU3}@U)Lr1?_!gV`K9!Ub^N(cP_;y>?_odZRATQ48tt_RSzRt
z*wBvMb!{=MP6rP7&@5<s)pY@2P0&ewO&1#oQHL}v*6(X^RTPnQEAN2h8&&rTO;Q74
zle(4_G)UKi$IqaGK!0e4m;Zn)osb}r0_<zV|N2oaT~<;m?Cd8Bu{AZN8qmJ`knOT%
zHoK3uPdD(l547sAv_Kh)G1xlzCDDCm#&22($nkf}1zaUypWn9&luLP*8&2LTD&5c<
z%>dbEcv#!=@nxV{5{^f63JD3#{D!gvzJYHNSqt;?_0SqCU|Hd#bPy#=e%HK_+#4Y;
zj^8ABg&4XT-=(ym{OoLg^q7r20xmdcw+gL??mRMrW6^`KNY)ktQbtMajr6BV4KNC`
z*=ir{Mf@!wP!H(}|0!-t<lvW7e?ok41|vzE`MJ4`?Ihfph~k8!%gCfMcou%a)x3TR
zAG$fX1&iK;TeNF%F}VVr(ZI6~`LwQAAK!7htMh1z=vAMdLkb4HGUb<J9{HjzQzWvX
zM3&}xkxE3dItKaY{x|Z!{|EVn|BL(s5&t6pr7<ilUz_i~H#W`4jJ|QLq^x<wc$wcF
z5UJ}qMMh(d`AdYlRRt_ZZ$;v~i_6N=RY)JHCHU+^lE~)@9o?hGYO}Hk(X-YON>R^3
zp8;2u^Y7-Q_<}_%0e28rtow2B?sRQA-Nog&h_pmfMXa4dPb6jh-IMZ8u011u4U$ZR
zWO>~>@ols0t?O5=UwpPKNj}8%Jx&w*RrLGk9bPnz6z8t^PDa{NUC~$GmG}WWvELEf
z^aOA|Gr@0#-L*4Y#yCke*~Eqr5!1cG0uf3=t@b7{F}m)vOK;GGsQa#hnt86DALFq$
zuV^&-A^6m>sHz8bmuyzHOi2w3bks>T`BsTJP2BF9R@3%|<q7byda&I-klVP2BLpkA
zp4a2!_0X{c!F4*xcLdhIf<0U+0wrlrE@`^o<y8Pu_@-tcN4JTPi?5WF6uF_4wD^fm
zM5H;AkEUXVH{0YrTu||J@vIiMk5zdE2)|${N)(Ok3<0MV@vaV`|L}8wFmKhQ;E7O4
znjeXy`XA2ja=JX>6AdOHLGrxy+4iLqAR{4JeF>HV?7wyI*2?!MnDoxVU;oRcV03)F
zOZTan2o4=rJ%`+_!T{qFg=gR3a_(SQ%6=G>*gT)Q7-hhPU!!-o?$;77F&SB<mc^|Y
zp#d%-=6mA(CcPxzSH>WJoQ#x|$D=wU(7m5o!S1i}2Sa35+U)v|ST(o~#@}I&U(t$m
zfu?d$uT3;EZI|umvc&uJvb(@CVSVs)x4Na&@7PpK>M00+PeYeAcRaaW$u3;DH1Xs1
z&@8xTFuw;XILn8o>U)d=Nlu<SeXANCxG3s&c<FdK>{joQSZz-MGko9k+x<_grdXoN
zvcL)vPT)bH!~J}YfvaP}7?n_|z9PIJ@loeRf*kcrLD3f%4>E%AM$K#(Ij#;ytUug=
z6gel=g-6f*@Z}KqulVXbn9zi#6tB>%41j9!*=>#pe5>ssU3b?G|9r`N(M3X}2S0$K
zz_sugF|7{EW9`4i85uF3D{_~GXR&D~YXDOW`azc@B9{M-WZ&;*Jbh0G^EuCVL$XIn
zN$O0(DVC*shWiHGvT}5f=#cl9nulO)NAoigiP0+ZmjKt9pxN|6jKbscS&#ASIm40l
zNcxD1NA7R|3=8YT<I7)x3I6}66S~@>69T>#$i@Etm>3VyHZ|gOP@r(9zhzhpIn@@S
z;M>yZT3v0K+|ek~r%6soP(|3jQ2OlaZr2gkvi{}EO<zT-V&!Q6<K*kplQ=jyTc<)^
zu!~5*b)^=WE2~K3(@!9laWc@ut9Zo!^ttWgbXnjx7koigs+oMAd08Hw8232C&Y-WJ
z=dMgwL?5!9PuXk`sOmvAsW!iJ{#nNjoK%wksIm55jXr{J#lmLGRjyz8L$z4ar*C!d
z)u^#j)Kl{|W7&yiiCouTV(4E}+vOo$pnSNkyS-N^o?j8mjy?RiUK2YEFN~6DH7h$i
z?zvg3bwM;utlh@nb;$s6)}da;Y<1#p%ImN{kFiNuhXGcim9r3I=##|ho$({VIRrnv
z!5eP<^e^yzG#8aovyIo}^saXJP_Pco&a1@Jt4cD2Ig2wtQF_+<X^XX4;H6r(n`tY#
z_iJQV!o7!HpZ_jAe_JY2SMRW#sKIK2HzTj9X`xC>*Na_f5~U+UQX_v=)3=YRmza?D
z#(+&}Y|=88kzkFcn%yudv+zLKB!y>^pUzkruh6)j^7`@S$FYv?@OQ3O)e{QmtRW$k
zM?X&YEmZDy27~s?_HX+i@HrYcX~rDnH$Q(@SWneR`c3Y%9HS@gB_I54X>~2aT8-@3
zv`dn~8+-+(IBYBas#uv5d!knoD?hFNOwLLhvZb0f_<cu6I901JJcDrPL*l!)h+P&3
z^BqC=+n{OJyR_z04fD$|2KjgYH}Wt2gZx7OMgFmi|04g478Vw^FrRXUwB3xRyt)BI
zYrDV@--JIl__K)1CEI$os@^(X-PFx=49Fc9sX;E8eaE@#YVU(4P6lHa-eMQJw+KoB
zqd_m8c8_GYu^ECZ-?D_rS5zIZSA_+W)(J9nFl8n%aJ2>?oXuXAD-B_2@twHIJIZ$V
zm26&%yq=n+F_Pzc|7EGm(v1}YtvQ2y{D-XCd~)Fo*PAdv=Dm?xmUhU=&Y|ycrJo2G
z{a1iFL2iiyei1D<2la>L-Il(`J%r`gj|_2<JeQRd){EBf(nK|Gr=#lHAJ{FGj7}pK
zY|0bk>sCMH>KSD1Fsv*rXet!A+_=0?L(_H_Ec@O^fK^1<Y^{<bjjCxlPma~T?r^<~
z%f#aQ2kilfoZ~d6YJ<G;ZX4+;o<iQ&_iIEHI+L^#6G9S7s_L^mlT00iN|2`0a;gdJ
z-O`@BsXN($u_)ojS}OCg)_^R-5T2ryNX}Kq2Sewy6JshKu5fj@x8azCJ?p3>&d|s0
z44fUMZpQf5zS#?c60WRMga$3$1a_}IP`jq%ql;UOjM&N~njYLcX2U(#eAxmnZKUMB
zW|zyON`mW{_7H<87B&^TtQTW-dRYL?7a6Su0iGX6?@Nj6YD??kGc0Q&*)JOc7Ua*x
zn-a=H*GS$y5_bKN^Yn53J^bKwa)Ti5r}twm>-Otq6Z+BLVHdD#;W*&m32P~2;4H%P
zp1oL+?#sRltQgb0vx|-2(R$^+R#rs1#`w>6JqI^Jo|hNZwYcc1Qn~*PucB?kdJohT
zGJ}=?#5#_6bA!X@LjRO`(La@<4H-m{W|N30(b{H;o_H*HM<kY)!3?N-(VAfD99Cz8
zSBZL3zPv8Ja#?Q+x>4CMbx#*65>8dbOpniqsN~TAjd3RD7M7sJa(fBV07s@z&nNL>
zBwGb%MDI1XDbefXjFOzUkaK!V!eqpmn-A|mGx@Ex>@}?W`zCg+cnZ?cp*oH&qK|`;
zxFlu3_$5yIxn?Ixs^&v3$pOYyP*4lcBBV1D95bBq5;~ag2G3G%r6l{|;uqZeWfi9g
z=J*|Wty`SKl>CEiy<xPxi7006(OZAceu+Vf33fl%TOrc{p}A>%mKpjf;R&LNPVT~~
z>3H_Agb2STbYWYK&@7dUqcxo)Pu~|Tt&Fk<rC+bgMp0KQ!qa@MvcA&*yYk~U86ub|
zHSj7rR`AQGZk3-{U9Z~Rr^-2OYyW;0iz~*3G>6K%+TUjO)IpXC{*Bf-Et*un#a6{A
z*1z6NMa7{}MCsb;i_Pf<RklhZb&yGDU8}qor$TA=_1R);@H=z@(J|tx%;4n1fp(Gm
z8Bu}QQ>lnG{8yLcndE(_>pe50oeqJfRY`{wy3iTJS0t0iBszJaha~8MUrb%YvyWk!
zZB%=0JL;8WRu)MVuykpB@mx5OlQeCzO7>Ea?HJ;0$Cg%7m%CyXB`DHBiCXgVKTmI>
z4$WaJWDKVJE@SiF;aKa(0RMKKOa3JfuU3_OGB=uyN5O91H9Nlyl=OZu7*kZIw-!?K
zxEnlD+^Go(Za3RlgEqguNFwc{T_9a7{@BJXhq>ul-c>fL@f3db%I-m$aK8Y$psJTV
zGb=_^%Un_yLV(VhwG(4kDljh3@A?^D#ltJtt4XIAR2JMQEzK@gCthInYJDwBa}|zr
zNRVt!Z{G&D^seV)6KMzNVLA~LCN%%S!<?4J>==}AaclRxs`@4QZ=;3aH5XEUl{Mf}
zogST0Hj3X$30(C;!^xr;Kf9$JbmUoEt_t_J`9Mo#oGYnzKie{uoGOe`s66YbnpKCC
z<b%t9+oCl|Lg>)!?ed6*%s`vPe3YI@p$p_=X9+L%-v|t;I+ao;mRk~)cKl&`ps0j(
z2HqT%-PYU__Y!em(Ki@aTe<v#@f0I=ro|xt{{Ke)5C0&);D3>S;`6`Aj|a$4Q9ovG
ze1*>*Y}N6t#q5{uvGECrdJMy6KUv@5{Gl&yc5T-y?r+j#QM=bkb#&8Ofu>e%5+AN#
zh~(b#w0wY5iFhxkc*RG4TDyU*nn7OEIU(Q+P>8>-9&wT7>SSF1@gdlOFKXo*v}WtK
z+9zSOygQ4qqPtdV#-?_o>Kb~IU-S`Lh~c`hMRN}~QFb`>>$IU1w)Yrql7Qf5EIF7-
zUe6QF<p`R08VtBp9r^ZVyc;m~wVqO4m`KvGxH48I9OTaN<<Kcbou{ulO$Tob_Xb}l
zGxd`fGQS3F%xD;#xjv8XCORD)Ew*1$FD$3TA#G04V>H39N=e#^V@db=y53CL-Zo97
z`_}<6YFDJ)u4Ba~y~{p4A#75ce+v?pXWr^0KO(&*<QW6PZhFooFkHeHq1o{&*Qpm6
z6T8GE;Per=x|MkooTkQ1Hl5wzH$ze!$5P933%vs517HbbOX{}YCBlu~h@ntMbEY8m
zYjAEHYb*-+{i1-2@Tuq5VQ-E=^=0p;eR5{tFi@`26$U0R(+SCGmo%;DG__cTF$-|v
zuR7vk1BfO%$^p3<3r~e8<5{@8g@a#90g%OhB7|Q4M8Au5UY6pw!n#&kRMd%7wGu&O
zW(QqJ^&#pU+x_$;bE~w>it=7b8rCeU9o_GH(MAtONBMA&Xe#Ct;<AkD)eeJwPJ2ba
zb)5>%7!!j);Tk$Ji~Q$i@*2=fdR^TfcQVl&<}~a{t)H`FLIZMIo9(GHk@tu$*nhU2
z)JEvh{&LRySseJzhSd!Ow9V0})I~yV28a)sgt_HwlV*dD6xB3cx+<+k+#a2iTOymw
zf}rRPu6f`JyDsnDOBZs{O0B9!`GJ@;PMP3-dJTq6<;6Qrn8R?~W_W$9YqXN!7Pwuu
zN0F8$!TRWOU%3O84bFyGN<41*ChXtwlDnTiM4u<|)rga6NPXo^d4j}jU&3zk=$6+@
z30W~rYe%U21t3OyIktF=g^bWQ%X?_)3#h~1y)IvVwHTWiAiTi)EhtWvi*`b*leJMk
zi(8m1a5;*Q`89mTBOQr~?Lu}{H$>Y9G@KP$CdYyd*w?049tJ&5@o`fDH`@MB?t(-2
z<6@}fwCF#i-l=bVY9??r1jhv1mv4oz5=s@8!47O==pc8x+i)7e6pPD<vuU;{#c*0X
z9RjFf*C}onsK7JgG&2iN57(2F(VjYnd2s`aTufV;f>P9%HBB`?1a&bz&JfDXkY?Hh
z&e!o|OwLQLB!4C-5b{oKTO(CD_MJfL70!NnvPvq>7C`4p?`&|RfEk%Q#mE$#UGN|}
z<}LG7)mcJi<F@edynDsNU0P+GJd>oKz9Dbm5f#K2{0Qme%`mbKAuQ%pk0HiVokQyp
z`-Ru=GsO+}u8Kyg8fzuZO3USaFiNWYV<@}eauu;0x&H}X5!KE<T~0KzV&dy)E{-83
zh;5zX*@7tVMhQn2NduGv{d!?_?v#0IHW!CW=*B1E*NI`k1nVt{_|su4GoHvx)NW%i
zSNr;dZh#4UtXsncrg^od5{TRa+uS%fu?nZ%dYFAFQl*pFsRw5!37;uj!r>dOYaLe%
zu@Czbp{H0|=47k^lWM+?^at<XV6q|E7jLASU~X*a>b?T%&82(UQ8iehS;Yl6E~A0M
zu&!g65kQAi|M<H;my2kN$^i{Rs>I{qn&Y9wPm`Nbt_MV4HQ$9JOm8#PIGtqXn9)gi
zUa&g{i!gNXSA+2O7pqt2W%c~)+`kQ50^7S;SWf;vFSpx5#sn4(&-*P`x$Q@Cb*$?Q
zAFRe*9hAM}P<=G`1s0mvrmRoC>TD%&J!7Z@y~&;4w=3_GQ9`)9mQ_60YG1LuNMp{R
zv^{c?Ppwja%VXz;`tD9ZzRy&21q?kO{Il)({=bp`<3GqR@L%MgE%+DtugPLzRcOCj
zebZq}`CCeWDQ29#RP|wcyD4k4*pj6zV?eg?EAb>s0h}oCHytv+o{Q^c$9I|dLI5jx
z44UNdJ1dwrUDB~q=m$5<M*D|yPp36>1+lrEQxv-&CVpuycCj4r;!%8>y;11@#%ThL
z?YHDRTsFI{Ya(U0LARsI)k71Fa^n-!wdk{<ipyf|WL6m@We}_$>)?Dl*k8(v_8y4F
z-ni{K7jmTea-=A?hzwb)EQ2=^mspK40&chRN=Lb6CANE(1)%0Se(PiGtSNOIYBHB$
z*{|w<P(_v+cA|97hrB!GaQXVwnqHRcus*BIvoebWtPb!yc9vqYCd{l%lrO&S0M?iz
znq5J?i#^!4p56YW+-ShJ)UxQD-^|fF@$EB<g1L(Tu2r2}{MrSET2^dgRZA-@ah~TN
z!@fwNzb;Sp+2mV(oHuU%J|u1$g|_@kjh%?HtmAvwlhe^6BE7LCteuooRye|!>9S4#
z9b~>X6piCgOT<cg)SvE+1RCWnxh(4iQa_i;XY~NG<to1I$DsG#+nwIpRtOx0C&|NK
z{%rpE{H+AOhT(&u1UYGZx8Yf#CprXm2Y;xB``=v6C@wD~>Dm{6ImYCCx0Qbbe3YYb
z&EhCc?)b4VWJM16*>&zXnsD6C93dxQwrdx#KLsA-TbKpjn&~H^aAX9lPXo&XIQQ2q
zt9dr~V+7Cm*m5Q>rPQ^i330PwNU&t(!M2g_sor=|kIUhEUf@thUMZzAlwua~4fK6R
zFw~yeF5+!y^>zK?GFv9>QbOxat;HzKdRe!%Fmke|SP$yaGPeom_Vu`Whxe}zHeE=3
z&u;WwPc6p<L@#=)-z8pG`ISWtOkL%bwXM{g(&WfG0%80UQfl|BN#`LXt~fL#kNe_g
zs_Ogb=Nune%f0-Tm_mi5u9AE;g&<Doh^;iRGSO6(th^Rs0~=24AF;Cse5bIg)1{;~
zuaG+kWaUJ6u7q!u#Y++$M~IekJ!fhGWn>EEpja-8rUEoCZr$YlljXCamU0!Fr@kG{
zV8==F$1Z4rPfj8G_cjrWo4|Nux;)#9u`39VbQH#9dZoF=|Hpw$a3|34I|{o8c@>qF
zngMa^szTR*n3mh;ZUpV$!?F{OD`5c@{%Nl5gbBC!>=3nw^}DPwC#ZNMsgR)U@j@Rl
zAp@TS5n9y?%U5j-ig(^tQ*6v)QI@9NtThX%SiBZcb6S}zv+#17)ed1frDi%TclzV2
zh(}-BNrHV>{l=%o8`w8Z1QR2+OJ#tQ`iS{J>*jHdTZi7w8cK5tCh4nGL^M8#6^=7-
zisU?g;=p34>;P_otNuWo?b4*`yK2+P?C%^5Z)P-$11k9ui}{tnurPOaO(MC-`c*0Y
zQU5(uQX2S~4zyb*hF9)gM5%R>%(iRrMN)nW9{J-UAf9UZtYY-<NpPa;Qht|ZLDCub
z<5k)Gfd2ID`&2yzN%N^->Ln+3!=hH1W6C_0bj6?Tf#Vqv8T@|ZzU0(8T`%WZ6Bwd3
zJh+>LbH6v_sai-e8q07iCWdjz_9$sm^yJ7X)jjut<_8f!$FFlQUzDGpRC-jMvPz2h
zlJaHKj_aZBdaM8O5}qoJ;A%`wTt2pvsQC$|3yXQegi}sLtlI)CwXSMT0jv#=7@dD4
zm9jj#Zm-7R+C4(O=~0&@IqF&Pk$CoAP{h|pH)b~t0t!Dew)tM`%Ia_;DsvY3h_{|m
z&5P{bU#qS2b>HlcHQgu<eH?@rsMfmu$+|%zd`%oej7hYH+()eDd7n-5_^IVB8LEs5
zT4vW+yx@EPbJ4XZR##CTkDPb7#=?gBuDpgH*HDh``vg>UY2n<UA$5fR@0&N|HqMZr
z`dJ3u{CGbQ6Os<=SCtyw4^B)zAuv2r>;}g;YLTDh0#f<n&}yb5^)Wp^<y|7I9ek{R
z{=p&>GHRNHf8WfbAi~nb!e7Gs^bhj${}=h+8~=;^QSDe*zh{z5B~_z352#J5!opMQ
zeq5eo)HK^SM-_xIh}3#syeu(-Xfdj~N!3U7`#`TDC?xr#M{k-?Ve_K(NT#&So~z7@
zWxEai1{E!jo1G+l7VZa1GY54Q)`pt&mR#{~!P_Gg68H2NsM#h7xXj28RF%kw6SuMl
zG3*@rL?^q^Da4yc&!@yb#CTt|suj4)8#1MHD~k3q-K<o6nX2cu@Y<)aFOAGykSI$s
z!vCd=OxWiE9pAvXSEZ|*BYy7AR7HH!3scgaLWqme-q;`Ec_e7V#3Wr3Fs*C4KoS(^
z-9{;nbDwJX9MS)f6P|Cj$%!|)xokJB=(`UsYhSu;32&<vC~}xSY^daY58(vKB4(TE
zB6fn$cZVQUkACk+y=*qTZEWEw@PR-fB%c#qP(nt=g?I!+%!Fb3tU7&8hbb?qD+l!l
zUm;p&k%e;X;`{cS48dg&4<SV1-r7SsSw%Z{Oit+8N?APnYX7PTo$c$l2!-f)Wcb(i
zg#h|5F;eQM>dtlxFiza=+<x4o)Y&%5Uoh{c>*=0)T?PDvK_cf_NieWXomPp*IXCt)
z`U9CA-Qd<8MkcEFz(DGq0tanQvv+SAjFv9M4HP(&eY;(8-{<p0iG!+J0hMaN(QCQ*
ziloOOBo4LHi0s?G2$vr=zz*lRQ;Pk_FyNA<<q{0Ns|NuU^z%=F^uaCuO{}MFo+F_B
zTY;KQXZ|-{#>c95A6Zly)jCf(cu02PjuzXWPzvCQ;z49n<=OJ!OSGOP#2#VX59g5n
z{~ur99nR$*|80|%O$Zs;q!6;RDf4T8Das~$rR=@3i|oB+WF&iw>``Qwl@Owg=l$*X
zJJ<D`=ee%)N9SDUT-;yX?)&w5kJlKwoZklO-bDK79g(xDeMtEPwb!fCLZcCcR(<p7
z!|tq52m9YUo3W~_j~BJ8iVQjP%O1n?!}Y$0y<;*V{s-JB+DI~{tG!n}UYFWpS!?Yh
zN_03ReR79gDS>F4%iPhOC?N3A8M1VqIIX>Eiq9=YIdU%|YpqD#Nd_kbxsF^*fG?OB
z%P+aeG~jI0i<_~0Gz{UJMOOT}Op1C2TKBid3qL~FWOVBG3EbY!%<^mD#MhNZ*}lJu
zytjP!3-qT4;I27cgv}%l8wfo?eD88KH>!YKvFOi_p*aH|0KKClb6t|;c{r${6XmOa
z)E_T#G{f=*|6%gyC#@1YZ@U$T@V%EJVD3fyJk^1+1V3>BEbhncc(4tOcOgXN4){~M
z7)G-vm(#$`{9E?YrUZ%86qxZ&e5|V+627Y^<J~;W6S$%aENYMZ0bkN0;EO>qAK7i3
zL@fcXgs_Tk2AfW;Yg~k)US$-#-M1pYEASo*(PMfXE4u}69_%)GH4Stk1tjJj=YiNj
zr{2{f1&esIP89d6#EN*k42;!Xw`T;_xpM69`q3SDBFc9*dJ=6fx!{6FoUF(rYFX=$
z3R;#F$7{T(A&1O!Y?kD_S+oS9KksSMhZOK_qSo6>Jw34ws<|6b4l0-QCE*MLn?q{T
z6<&(*`&2G4dwXYiQ}*ZfErPw9&{L*A{tj#y$29x5;Z%@Fb9=s4eu!uf9+Tlo%mIBm
zWOU{Ahgq_mJNeYLOxRr?xcNYO_6|yF0f&IK0?)^6s(RQ@VOC>Rx)aR4%dV=|&LVp?
zvzKdQvxx_`1sC$sr@hU@RQx*UBZg&>%u0HH9Oz1043ZQY7ekXqc&W^|@)NbDWZ;3@
z^uuNFL{ry6l&INZ&AR4|dBZ}cXgS%);R<%+81=UfKj6uQlB3+T4c+Byl_pDwe?ayp
zrtXjN2pIeFbB|7Hg8rhN2Y<a}^L9&=JG^P7s&NDb(#`^vV1ZCnfuiOCdl!SO{A(-R
zg^waDQ6R@!z{$`rZeh-=ZQ1Q0_+i31G$*Q_;J*OBWN;3q|J8~L8xvW=5)_tn*3(0I
z@&h5j5b-1D1H)GH6@C=*Q~WpbFaAY-wtpl466Qb1Z_kE?M*nTbJhnU4<C8V}GwZH$
z!W`yCc=!1{KwVQRl{7`HQ0+eFr1*LnHoDU~xk;(AySAOTz4liR2z7ilDc=fJqat~)
zb=N+F!N}&StL-lcy-C|d5(ro)FSeG7jcY0Dz|P~j_mP}i%2ZKThp^2;E&eEJMt>fZ
zhJ{Y6J>b~*IRE#n%Vk67g4NL`dY~nUS(2`I<Bf^BTy6qU#;+6VG%Y9^j$D4$#itW)
zJEt~5j^%d&v9~S@R3FmAYJeKa|6V9?Y4Z<gAV1dM<!*jAs+Vl+1T%vvgAc*fmzMM|
zp`VfRv!}bp6ZdcnyQvq_xP&|4x|r`!OqoFavlUSW)m^uOcZ42y>&4j*dB)+e9Ec4$
zgi+g9dB*3**#*QB2O4|>7<-%vLTm(7JP&3L){`+lV5`e9r`0?XCh?Rt)Q#&z>pZ3r
zOEfRtjtW!dYkaiW=HF=Rzr4L)PH$ofa|@yd*B8^lw9w|y89>(0wOeLgVUTrj#rxq*
zuHxlUdpxrSu&J8oh$&Ee72wosi6?zqJj$BgZG%f^npOfi(E}5+#$<F#ryltc`_{9g
z@QQsbkq_Qx{@+qu>k_q8IN@<txnw}FfOPZ2mwPA$$?TvalfM?^%0wMOj@X0DSh83t
z2&t=s@g72S^?}<2U>n7Rf=tm)-32i8h9qtE*);Dw&Ya+Qt@E<MZ;W(Qd!5RWZQkid
zh6q5P9O64FJeMPIquB2tAszdcCWxozgjn8atyveQPaQ7gzq<1jNPW?4JF~{!k;B`K
z-!h5>6*Q_|7FM7@s>CBj7aixREH@ROG0lRX0u6yKdAW}1S(`f%y4Z^^cFqIPg{-VN
zg|v9`?Wpp<&ubWJff~8R1`Gv8KuXB@%;?dU57QmR!ATdKu2em@3^M-5oyUnL@%lwK
zlyeQH2*aM;%DUFJOu71|8mk~#o9ErKoG!=^lkaHpbUpGsjjRJ>`L0jYE}Icm&faAR
z%0VZ~d?uTqLZ^N{u_iDJo!ba_Gy2F42gPPF;TNkq^c<uN?GTacg)q8T$hNl?ZPAXr
zd0#>HfqzapILsct*0qJ--NkQ5I%xI0`HEstUK{wM7Oq=4U8+RH14~(xlhl!pNyoT>
z>N(L?^=(`^<0Ir#>Dv&()3CLccpv~8Rv|U#>9IP`St+bf#?MdI%Gy5xlqmmLjcECV
zD7Ix|$ipX}Qh2?T9k)i;xCC+`PnH{kT@-i?8NfxOTE6P9?<asO1C^-7TZ1pdsN6eI
z%e`ozRK`L>^Nb18o96mrh=>RHiRYD~9+1CJNuOa>sqK69zyE#VA5hV=Uv4W0i}6IG
zE1p;5oNqe*{VMoJeBS?lmlQtdhRr|!cYooYN|Pb#Qv10tfZ|iYZ%}Ij3PAD&2ITZV
z-+{V#e0)Xn-;b=`QBu}Z{pb5x*^s<{Kl|}~+&^CdU#2{TfjpaTJwGgzI_p1&ESpDC
z{d*~`r;mZd10<W@a56Yg{{|7~)e8vc=xRlI#eM;>oHq4M$0*(Ny4Q5JblKMv&K^{;
zh$8IPNq=8B+wtH#fB~8CIFC@G8p<-A<6^&6wH=qwIzwVV`u3M1oz~6{mFGEaAiAP^
zw!soqH|ywxh;K9&_-q$BP_qOREQ`byh5+H3Lh4G@50X8<fD$KY@&Qp?;j~$Hz16C?
z25cH+T#ry`IK#9<KwuJb5%cXcxKrQZm~XgTu_><1muj1A-wHxXZ{b-CkAaK~NzTvB
zH@cy=?BTIXL(;v9Yvi^qoHX6SXZ$K3l4LHz#yflpOlmr-KSbW`9nBYzZHJuCU+LSn
zibxGZAwTthBmdH0<Y)ai@_()W2l<0U(9no+DLAqQ4G7A<bj*uR<3A({yQUvy*Pb(u
zBXK*-k+bFTU9UoynuF0-!eoJXW#^WN_^0&>L1{5vIq!!0xGS5<h(}n(Zz}nH1Qh8q
zHqa@al#^Shezu&j*I)Mq&iz$GS}Z2o)mwYkX|On?8CT$Tvz=<N%5%6qO@R!4^(nT>
zS$_CRxS#39lj@|Ngr9<pf9$!`?EN~P__GFvYPSca*mkY!m1GJ>`WhU<y--iS05PF+
zukFw|f6Fm*y_96zL9f)gfU|M_Z=&^M&ZwS@?(9b#UcrGx&!}R!5Jk1O#=M7B-Ryy@
z&>{6b+oz4zqvV~Lc;OHy<Jsi%-`A_t>r|_^<afG0F|-Tv#qo9VxT<a~QCsl|>hnu}
zy?-HyC7joKyM)>0aVuH39N{vBKwoqJ%`E+2D}hdNzv*~M)!zu_XTCLbaSXEj?MEx_
zitNdzS?J>;S$n08v1#6?-?r!0&bnkjVP3bu@*qKk2_ffu@n_+xa{t_IqjWl^wvgG$
ziNkc<uX7^o&9XdIg{&FfM#Zcp1Nym=U2fKC<&HE1`89*{p~H1<-Kk`E+i+b6JcWK&
z&5JP;%J;9b?n*61jq;xd$t5t~Fm)(?bdSuMS^2lLk8NJ}0M{kl1R+D;ZY@K8TmK5N
zt)kqRPtYR(_g(~o(l{)F+5ocO&RV3|SNC6slTnMxC@&WEE}esYyXX-FV{TBl9(R9y
zepEB>u^^%4@>BLB6eT`Ttf6`a(BG&h9D8D=gTL=KXe>H{V?@8w7!-6DFn!TAvUh`c
zaGerHr(<OW!RK4$^}=GKh-%y)APjXkaq6bLv(u1!|BV{(JW<tW02g%zqhlL7OoGkd
zpt2s^O}sbqi-$7L4+^nU=^ppY!MIp>&ao2=k?<~5ghDOqP~mDa1OtWOD`gMtURRN$
z8FTK*k{*MhnR2Z&xfL)3&#5VU57QV_!`u^$nuw2m*x<=TxV=A|dIy>!mtMFa(Oz)Y
z*EPto{2*NFVYUQ0Za=`zEP?j}?3+J#*tDg-SqFQtnuaFy==6cZyO$*r-+|qB0rY$v
zBF{j?+-wy{Bz%JpESzFvlkq>G3Oi{!hd>5Kp$hJ{g-OvQmSCDp!X7RLFdU#CUGl@g
zb``Zn$1y+<JWvyzF43{Iu0j)#>xH`5Xm?&eFasf-*I5K|H$dy?eLDME(h<;o8|Gf#
zt2Oc5haH+hcu56EvUdAis_-FppP*NB*aK8Nq0p-UQ@CSjnGk42<9D|kdf;h^eTdPi
zv2cr)97($Z1l)6^$Gp%t!$n*00vlz@M2$SRH61aU6okU73!&hn9p!oK+*(1}#5MXF
zk}fvPyU<LTk54}O5|^G#!X8}f1QngZc0uY|>Y5}>=J;&pVQBXdqd6<z@_qiwbLD6}
zU#YWAz19d{12-tVT44AUpi*VD<N0d(eBu14zVYl$#5ADr^VK-T5Zaii%nmE(5qPqY
zBr0W1po+OelUL>5<QsN(BY=jQsYA54nW+sX$=|z<_0m7kofO9SEko5JWW*2z-T7_N
zwUvt0y~#=uh5LzC&g?s&^lBu}Wl|2vm4KdO+T^MI>0qb4AU#fB-Pw@!IV|0NKrKRC
zAbJKn{vM|59`kP0f>d&gMWC@qWrYz&M@fN`?Z^_v-e9w}aB4H!ixgg?f`W*N$~8l5
zRB{_MSN8|^Dg$3lx07as-1PnyQ89STTni%V>boP-A}nIWlE)7Uu_k)ovt&ELfMN3N
zi${l13R=10@ZPg4ti&`h_}gA;BMH>=i`kBY+>HlJm*`A@Owr)=nlEWfr$JzR@{78k
zbF*wwHT#RvEkXJm1=E>?3@4+IaL|@Wf|n7)%a*^$&-LHPzx)^ZS^kau+qVB8zw{~^
zS~(v59e2B?&lV$hzqx#rsDC?HPVG(=tHP8XpY5qPyfwuszz0DY$};Tq9U|3H7&Jv4
zW4b2G!PF)rh6%WIBX({3$+{-#VKLjifACjfzDC7V-fG5K{+B><Rn&PE)nQ|3KD&f?
zv2y^_R#|g4A_gp}%6B_WuGf^9Rh<j7O5vH5oN#VF^6$SEN+16WYdmK}`{V!sz5{m=
znjlQvPnEGuq?dCFDR49+Gs90o4H*1_MrH&tbUv-}3hFcamC?J%xU^-ZXc01u&!X`2
zLcJxB4j%etqwDCQXUlA1Z!x|Cl{WTlCc25aSTpMso*?YcjGl|={p-+41#BiIxw^Fn
zU^{uY+q<YR0PV^(tdI<9v*I#lWH<E<&SCOEyn0cEpRPi-_Ii2=a@Pk2Y(@~s7~#e@
zt8C*=D+tJ4ugWvpOR=;KX8-x#JVrF+=S;|wd-WJV$wyRm+-%kzfl;jt52%SuS3PAA
zD$=tP<8;7rFdRpfmFk66ei@$+6fAr;cf${X%(57wMb?cHv=VoE;Zxu>MN9-?>mIh7
zHBdFBy76XsjmlFO2Q%SdXF$9$#;+L5;-F8ULv%Cq35ScAx>X3X-%IU!$kfKgIo0d~
zi7GE1fnkNh$Xb@nR?SJt7{YBD;Jw&$P%?*$WM$9@%Un((9rS3go*t3P;?|j}^|!Gc
zKPtC<i2vX_G(S@q>S3Fj)FYp@?~CT|l;h;{h-XXB7a6d)QnqEd42#0LfSxkf9gAQA
zXp4$XKSC=a8g_F6D)lPwkrF#Ueo4*KN4&4YmY~Adu!s@PLvX&%WfjeH3p{k?k!tGr
zO#`Ci?R#@r<>b^CNpX%L^hgPqa-DTq;rjt+^omuP@E=b;ZfFxN+ejDu<VotZ-0ov8
znVv+dG+=I~#HY8P4Ly0@c^-Z+lzvCA#}_90U2!HZ6VQ9H;_}Goo%m=;GGN2-1T{^w
zt8~HLP3Uvot31U++b~ttvlYU9SwT~E3p7{*K^V)bi#|a5qBkiv_Z5FHB>36kUHKP*
z$PbcGi@S3B6+>in7AI*mzcD1a0sZSyf3_^oC_-7c#nDZ&jhG@~xFgTiT-_n-bOw_D
zR(c9l+Wb(nuI+7}MMm-<{WLm`*EWn*w2Dn{(&k)eAE%5;{c7M{-vsKUwtV*PNMySE
zCr(v8WE1QmXe7$@FI^sc_GiyyQ}grl*&%^OW$o1W%Msk*Xw>7qUEDkeWux85DP%J)
zH?^s(bjX-Zh6QK`7kda6D(8E%sQz%itaaG82b0v`z#Q4dkzTZo2Tr<Y59QMd9mmoY
zb}T7oa1Fv{u*%DuyWp8Pe}Um1E$ynT=NmOP<w~i7Mpay>B_EDr;GxNsyob>Q=7`@%
zbX<B8J<Z|_-}4hD0xWDKB`w@9)44k+u3Y1ljymu3{GYt_bJZ}R-S_HFa%OX=^pAUg
z^r@5yf7u^ppBr%v2YC-;h9yPlE+SER@xA*n*NqgTT&7~maGX|iqiN@)L>Z32&aduM
zlyWH7Oa(6Dm~<IEe=T=QWOkKtpwMY%NmpG!#qyt<oH1F>R`F%>=sdm3b<i(Vp4l=H
z$|U@vLzb#%N@~8RX@N1|qpmR0^(y+N5?7&cR^m7k6C`F7=smIBJEc$&5DI~0Wbj@m
zs~qZ<KhPXw!FGzw8r_h7T0igp6sEP+fkj2;-`O*LZcf|15kU$t4bBt@zvX5yqMt3R
zx`1VPHYrkp5@>C6Q5Z5{s?^AWT_zw@&GjvyFxm}C@Ju)D(gmU#?Va1kn7nr5naBiG
zQn$`$)mTcefeFAPdqLiM)Be1hz0JpysHRu>RhD+|zK?n0^+A7XA;Jeb4O}dTw^jA(
za=BW7DxuZgf~xuX{u}vM{vto~zmb2R@gL+@d4h)KbK=bV%_2iFX=YWW6%4bwN5@)6
zjMS7D479nyG#C=KHu2rE?6IrnkXwdkRZtjssthkoB<uxoJhkqQEr?1q^!7x&RzepI
zP?7Cv;Epg<)@zTnS;%5<N~N^hf=v!i#$M$XDunk66VjHM1`0(+7fMOs{xc<{>0;sR
zHEc5+iW1X(HuL`&8i<W7PuH>)6j=VG`fa^L?$z^n=4=T)((LZvHLRQXb6g15H3roA
zeA?BSU*pLVQm4u4+P}^|#-8O3pq1ehz7CGas|*`BNSH!d?=%gKOa^#qU{xk6I@dcK
zh$-r^Xs-%>jM#nj#ZZ^|_3hb5<k(t*Koj{>tv>wgVBShansZg4*RYA}86ll;6goL_
z2%j32Rs%v1mp`wD_XIYOHFn%d(_$Ae$Hr3nZfDbjZuO?zbq**J&J~o>6t^0xnOAFE
zDYLA(7?$?9*&>!l-r8(7ti%vF2EGE41C2_Wy<&ffNTTkt=_|wFehR|DO0x4v>Q~*B
zr!u2Ofqb||uHzYy)>9@thG2m=cD50yumXp{&kiU?>birc!f1%8p294yQ;y^vj8-7{
zOI|~*^Cg^r>KePT^rBi5cnX0pX&W~R(mXBlX*mPVAYf9v5EU;YP%Wb;K>P<LPgm6$
zyBfIk$aI7qlXOI~OY58-VKu6VH<6XQhM6CKkoYy1i(Sm6AGmK0w9_M023$orAwpH}
z<nk%uMRtug3Aq<5pdCKJNQ|w_SGSXsW8acmA><kt8m~#D^eswj*l;wAqenW1-If+L
z0bhvRdwg9;F9Mp&P2Tfv)BP0qglODO=3;dTy{Qx_C>kU713l34U(49hkalAY6!ccj
z(Mpdb7=Tjf+d7vx^&t3Z+U;#hOV3^^c8;Zcsad0Clv~(Ci|XrxTU$Td*QeVt{0bUH
zcqy`BCPSzHJ3!R1uL0kn_iANCBoCvj+aPa!?YMeLs=|cAn5FxRt<6nzmgTvu(h!B7
zL~SwGb&}h5beDc$m`Y1eE#lPX$4`M>yw7qt`#vt4)BLQW0Xiu~3`H5XXNQB$5A#?F
zU14MUrjkGoE{lgoq}A;>bo5Xy)Gi0n7`G3mX{c(-u@Mt)1*BvX)@pr2F;h;<7x#)1
z=V9b)ThZ9Ff&cVunU!9v_{#X@s0K-@W*@_1$*}Ai+7BG6xJMc$J(g4~PutLO@m^z$
z*>D`1!5&=P1;&TcfUOHuHMDtY6{tlz_7e_V<h)I3`6@+{{Re@zLJt1Q*}GSQZF9#B
zOxB%v*-V{zF=bp3_){M$CxYA-Ob79MzRd*^i*a1F<~i7cqD;e8IWf9`uh!%^{1iLu
z;F&vuISyNI88a*JVf!|$X4$iUa#RdUP(*l_w1Vb+<^8rgBKgr+R_Sg6Kj-0DA{(Aa
zi>XUeo;xA>y2GA4QY0jHwWVQz(t!W-R~Y4^RR+CnTE2}ymlK`VO4LG#L{d0nu^oSa
z{R*A>!Z9x`-p3kh42)FSN1jT81YWNzYAvX~nqm1((Kc;1@riluKN{6ZsTjD2I$3@P
z@HP!xy8YR%20E9d%D3~)doUU4P&h&4tN66>B=#|Aq*T!A?u60=T<xS#KMAb(B>FTT
zON0B9|CjBkE|yk|Cc|Q~hq-gh+|N5S?u!DYmK!1H$G%5=KVMAj0k4g!$x!<ju>Ra+
z8&ecmYWqnPl>JTb{znNMq9(3DOQA|ZMLlf0x6_U6-P_xK#xWK7rEWr%I*g4yBvwJU
z3h%hZhn+Q)<7wsecIi=AfJI);9Sq!Mc~WLQ=EB)7O;tSueJ<Sd4qjEghjj$)=o&6i
zjTLTGQoQvAZs#Ii9xk;Agg`bB`C(sOCM5|rOWORygxUgq&qY_()yU;C``Lzhd7{_Y
z+XjXFGXIVItACOI+P{(i*Z4okFL?tEExv*|<N<3`<(GGGLZg|_tb)ir8pyL0mv~;;
zhlb<`VGH&8y@*gQ;&@U}e@!mhH%_;03oQgiL8#PDWo9~6%s^CHSa#H2MFu;Eu)Hvs
z)_DuQZZ?qw<(vX#3ZkQknLaN&KNYzrKqg4C(Lf_Ptg6^cK;_eQ65Uqg4I|Ev+(RTd
z@@C+CIl1AR@OT8VbjeagYWLeIJ>?c^YAO-HY>_U%)GpeN#GiSPh@s;3fMZr$TDc&s
zgzQtunW3W?w)FcC%!rLRPtErIP!)+Ll}Xq=YJCMYXnSR2>A8*gC_*Cs<pBn(3S%9E
ziHeb`(KzA`Ob4Hx2v|&@F+1uMdlM*y-Y^cs#Sc}X)WjvCrLd)CZ5l8-4sY{+?*!tW
zX0OswZSVaa`}%p|8HYI*t%q7@i`vzsoPMDLA&&EgO%a?N@3oqENN_01ML%;D<>@Vz
z)kF`l7PeU$7@apkt;81BAXLtfaGr(L*%AF|;<eoA^353%Z34^H7zrfpF-;2OL7}UU
zj27j2Tq1OUJrf1ZEsLl(X;Qw=M-bKl&!nT5S>Jmb=&j~@N|7?7-^TBggFW5l%JDtm
z8)kVH=UKD9z<(3nnaBHiTLB$`{^{K(*U4kqyuRx=I(sDDWXmI95}<Q2f#25zV-D~c
zQzepP`BH>fapKA<{Q77tpg7xZtmWBLhyE(pMI~l4=zs76B9>uCqk!dU_og$q|DirM
zqDr2xWH$qB7TYKJ?<PdNFeGhs9l<d31Xvw;Mcg67|620-splD&C(9u?rYG}65t#Kw
zKjvd8-C5Rz5i4;*lWY6-vx32<<c?Tde`5SFk7>$0dX@r9iZGLP>$iEK^1re5X+{vb
zZW-=BnN!y*r+G-8%yto;WR+SmMXh0q@H~n8k*Iu*1S=y!KYuet3yKwdrC^Eb9>#!*
zFEF|3(R}{#$_wQ~K3r<GXn$wDL&x^&Cy*?6`ELJWqjjfi0nWnU)l6>LEUY9QCZClT
zcZn~-62)5(1LHG#u^4(s*A~tmmP*vLq<4%Z$D4Aw-kW~nCCAY7I7?C66Co*^F<zLd
z>8R?>8f?TrW0Hj2^_jj<Fa9U7X4|1jc+3oDclo8caZ;Z#0ASG;drG;&j+!v4yezNu
zsNR$_%CxvzmeTxBRM$|2SreBqGXDq}RYt=f-6tY|xxk6WD_|Vc1himD=y%9o_`yud
zh%&-p%+fe9#W|UHEGVtfY{$YG-jL+UW)#;)_R-UH^MXFoKdU<@tLru_L)?ghD^)9?
z{ri&EP&K0D$U2Knuc?5K>4Y{w;sIXA99)EIE{%7A*jiI@A2)S%y+nt`bBF)nK8Jrp
zFa}sBP$Z4Y-0w!vE1;J<o$GYoYFM#lBvPs-q;Uwrp<SLcAGp4;iHf{Dzm&WZ?MbJ!
z2J2Z0``=GNk<Xrmw}h;|n<$;M8GY5}MjdlPT0Wga3C2alv$n_(7gmnw(IWPIx7-2)
z9x|JJ#Tj6(WiMZ`d>tqDSkN3j!A*C<?IltqeC)Pgz&A9PMv(wb4H|8WSeY_ay(`9I
zi%VMiJXr$^td&`%co?`QO|He}IyJ<L5l)dt$3G_<PU!h{3;if>CUHff*^^?`pFP`t
z(_18CKfDW}E(9b_XVCEvX769Uf9)z>5e&z=)Bd=zW8P&b9H+u~FtoSql~W2#*3hzc
z7Y?3IstKL^+Bj4xlmA*=`r{sc3H0y<TF<`pa(8?b<zlSRF}2dVaO{9}%4bZ8taX3|
zhzxJ-<E+BtH;Q%+@UGIt)8OReN_F%PQxqc0ayW2x1Ja(4{);gcfnugwQtL3?rq24b
zSNAJToi&conOANFoFaTwGcii$!iWns6o_6+wB5I15{WhpqaeAe$DU>0NWp@Z->i`L
zx$5Rq6!OdeH}bFjMSiA#BmY_GKgch;fQB~0mv^2ONQ?n}$_fRqDz|m|YlY=1@M%(+
znn4jh-qYQs@5j*Um+5};W#f8noZ0gII~<*^RQx8!#RYzo8H8o~nosgxy%4w}(v$KO
zVpH$%o*<aKouIPwA5uBIKNxh0JatJC47N0bx;jOCi?0bO9pG?`@!6JgtOiq6o&&@A
zjnweY!nM00i&aaSV@;bm-QB)e)hf#EOtH<7D0@?0gP~x`aH5_!0z_q_PH(Q?x&4#D
z_Qk+!+lP+sJzM79q%J~{pWD%+KS7o8;`2vk3fXF#TelN+)fHms!@t5?woNcEqgRt0
zdh4|@>EU=%K>Wxny2AAPSHxVcMi6(rFal<yXv?C1xUfG=Vkn*%fEsr<)pPE}{N?u7
z6+wd%Jp+{2T*)_<46`JS2Vd-sHIO@STxImAS}}Dy2mfv7;TQR(%fxw^Fd8kv$Pde=
z9xTr;g~<ydK`l*~X!YjG;}m2v1KAZ?ni%xSXObK^Zb4U5n>ErRbg)U5A7f=rfG5DV
zV5~xd|CI#AU~FdViuV4tq)k`6OQjF4coionaC{%*{@F}Qs;bIY`T)@Z9t?p;5eiG3
znX-o<h@A;5d>#|Ga-#wIS~={`P*xg;*uU#<6Ck*q!sy~!SMk+=z$H%~pXuGiOW_Ot
zrydNh@@`)*`}AB*YLLU$kxOJVBZ<ywU>!ia#1%oHpr%H_8%~?_;EF&6OLauGP4QaG
zqU=Z)vsJcLw%HYPo_MK5&bj5Au!el4HY5@^!2j!4@gIu9m}d*0=cv6#`wxENx^2||
zIdI81{PTUS_8F{Lryzu$gS02=jz*pLp|<dflZtkXQM59?D<b@h+cc7Bt@(FL)K3<E
zp?Ffx<a^fnktD^e{9Op1b8#SoVDZ{*ncmIMim!@LU)ueY8tQ*0G^G`}Hobq<Fz>Hk
z&4KcoP3<7xJ3{K+J0^%2fmy84NK3+awAYS0JpNjxrq8s7M6NpNij4&)q85JVX_d^S
zX?Nf5-K=~&?7hggn8Ib!JBlF955_)Qa=0HGO4wSJ^PuDVsQS-Pf0sB4eCrNTuR@Yd
z89mdd--YOY?tC@H?CES<di?w$k(II8fGLeS{U-6or5s^KoQlcHB9TaDoU<N{W9*VN
zQ(KIP*8+M>8fIy(lg83FCzS*8lG@0TNr$Nu&;NX<-fHD^&Ft<-DhqTKL?YB`?=w)#
z?wzWYH5OjxN+M2arZsb%f#I14k|luN;{5CF*5XaB3EG6zf@W0SMftBqeCEdo6dc%f
z%KiDQw8nq3UdD5qrjqtRHNaZVIt&Y(uZlVhO45oPjpeW8&M{<9YR<Mp7MUDwzF8Gr
zHB5I}C-|W1<=&G*>SM!wxYrUMZGoF4M7LBseqUScfaOo1BYs@2T6^Nz4T?<JKThg-
znrN5huIn~_(>ST9!nzqMW+x|%Fc)cjh4INljM^~q3lg!zM9#8X$vlE5<vbd@n0(+I
zK}vCZ_w&*l{B^Mr1lK&!>p-NV`eer1Qf6v-MF#dG{Ec<J;TDfb;s}l9J12v?Kckoj
z^;N2Tay*8$N()i^lE->+C@Ap#nYMsea_k-X!7Rt;TD1c9qZi~S9$-YZw^K3|%d6li
z4g>xs_Zp9(BE_E<dekv!;n{M9#I@GB1}};2=G4%W)$y5hn_6?tNN?<NzD?mt%;Thx
zwFPpDpv;LT4c(Be0mp-{0V0t&?AT-2>Io5(dKA&9(9q$Y$I&q)q(#!48MO#j0#~6{
z@$Px!vhq&nkw370-YB?V!fyBtN=?pj#EK`+!kfj?>%)@!%)KAgxYh`!?@o|-*}txn
zBqZGA_E<D~c!xavs6({{y9vLTN>+953yj%u;4xnv0LI5!<wyj+fU(sMcGGW7Bv#a?
z=g@fG?6b@+<$6>y^P!K2{5lHxmH!+0zy3vj#(yDyB<7ueklzu!I@RzP*m=73TXv|-
zOM*0&CTBdU-gJ|@6@{_QaWUAvxNgSNI*B;nDM>z9<M$P<`t6-v8rQd(T_b%sBx#ZD
zx=5`vWS!b931a1CY?AgXDZX)6_cG^LUr4J+>9iVNP40TS)nNg4VM=mos=RJkNQw7+
z*zU$zrH=P=zvieCE6kGKH@j4t3Z-qiNsQK?NbXMmhgCFuw`Lzy6VgrCfy4v*i%wSQ
zN2v=RE$Ib8ZK*bEoAGND8b1Z(cHilKdv;E7cq3zoSgcsPjdir-bZ~y7gNd5^YxL!@
zZ$BzfwD==VV^+JkifT0&Cgcuw$(MUd_^SYyYY}L7_V3DWZ*^?dUl#%P$Zp&QljQ#V
z9D)I94&8O>R*tKPu<vkJ7v*~;tn`?hhEY>5M)Uw8BxFC_?M7e9!xWz)Wj8e4@1c9*
zSMczJtSOZ}*qD5#Nt!~-+BW92XblOIVAV}VM+(Z+MWZM0DM8zcHQ-!PtX(MEcO%>8
z<1-N@QKTDHxebgmaj0*MGW+B1730fSTzYyEY{yJY>rgx0z`t-EnG_DzA+op{m<VQ@
z`#Gh)6$FDtog{XLH+Dl(VhT##HK^ox3b{ifY<O-mSy75%+kmkit!<NTGOGk(nH|1`
zxL#c1{-*LtsSkEGy8>EI<mxLoP4oOfjp<L1Li5J!P||Q+s#y+k!qdu&-<5beCne3-
z1`6KBd#IDwW7}plDx^vXmBeNpsT{yTcdD`4&U-dYg^xPcvPZ6{wuqJR{8}HqTmJUK
z;obLwiL`A|Hz!Z&<p=uq48-XjMJnXj((B+Z#BbUnzRva1M$IDVlIo849sHIt6=|7o
z7_}m!n#Mm&la~B2iEqFr_Nud!h<g6lj_m*$@;tN>2a_#nJ^4x;`<;#Aa!(IRi-JiI
z1P*-~a`<qG_f+SBHsOaGDI9)4xzhL||L(hB)Zz2b6mN*G$ojo3*zi3pHFe|Ty!2tq
zs*Ffg=~evY=>AC99CTNsnK4a$j5F(ShRn2rtjCZOvo|DpP(bj2$UWDOY$)WnBtfJL
z!<#bz!IfFpnlep=D4K_sx7IK&v84r3@u<97>I{wKbCR?ier*w2f5i|#l7S+!-1>Hu
zK}$@|bKEx~s%DO_nJXTMuY}=KGWk|JoZ++MW1gGc{i-#!%%{(S41Tj#Szu@4j<XHJ
zDesCnTEU?4mjpkA*J>x?+l4fa`dc+v#?dEatCfn}dFv)Tos>NaGE!fgA7UVpkmZEW
zyJSPpkax*a`AWjgJ0#4lm+{^xopjizzOERXTN>t$%9Y$k89c7ND?RCKE3t(TW)15B
z#rKo0(y6d{y}x-$YLqz*_61X4sfBMhD|I%E%PHGau#$fWuS*)A)Sn!o!o@+ZRZdvt
zXym$qu}{V;<+;neBZ!t=_KG*}pCDC|#qu6CZ_s06kZp3M!vf`cNd8Z#^IUUK8HH`Q
z1hEq_3=+S`fTgurQc76#2RC#mU%sh?r*L-TPn{TYZO3OScraWx<{|kzONl>LziFcx
zqklYJO%43T<;OD>Pkd+l#w9YH`$U3|<!@%R#j!Y@X@tMH=iHuotcr_Xl8@QibyKL$
zTfoC4U5RBk_YK+C%a{u=pi;v<ak<TIWAc#sH`>xLh8*YiCPLg#M&jo(zwbUj_Socu
z_K{ZKi=I#t=O(Vb+06-U^`Xl8+hYiq?8f#wL#bt)q9#k9TuxdQ`XDN_o-45XvTk`h
zsJKU^*Ysj&o#i(HOI3)LGP%nH8z<Af53(<<!?I!+Ez(~PmYDHB)6jqLvkyu~iqcwj
zz>3Gld!omSf%jCRCoM5?d>_ht<Fke&wepT3%Co^4x1>q7q|P2x#Wya!D6rw&C@T-y
z4a>n|LYEH+N@;h#*!<%xzW7=aFK!c06p2ly)d6OGLv<+RH~nwq|MnO88UBs@ct8F@
zew>$RXx`Y4?nQUK_NJlcwj!4<4vP17^+ONBE!y4|AKWL?4vx~xCPxO_n<?L2`H+5x
z+64cr8Q(eU3>h*>gKU<k_CAimH%e1(1It;o1tk2u_`i!)xI;EZQ-Hd`l1f@K(~wL+
z^Loby<-5TC+A(1H`u(Y<>knnHmNGJ_gl_N&4`)i5KCtbTHjf<ikr68Ku6V>Xzh)Mr
zb=~yIE_B&^9J<wb_GQE+XZ<R#DsHMi^1@o{QQ_IR_Dxt`K+lEArk`U4Lyga%S}t2d
z{;(3Y(%T7!ss;8)vcV00<cD(j>mIIC;TT!Yy8Yy%P2!iu-rYcZszdp0OwyI;jSOx>
z{j5iS!b^*#H~Qr0{)DB}cQJ4{MVs$EbgARGFvCM!ivY5Vo}(=1Uige~Y(DQAsXOmv
z1`mDNi@Iw|&^CStu8N^oe`HYIZ(j4b2lz+6a7JUqv_Oe+gU~h-VLi58Lt5u;d`VWI
zEnG?C1?`{SrkD`y8IF+;RUpkw9p;ND;*ylte7yzCrD?oc!k$-PD<6&_%{0WBMGa<s
zcla8sXcG2435}kQ8*Al_m>o5U9y4C-F}{qn@-G8fWm9}zhRtDRSgPH*WcsaY@iQWB
zCleqD9zB0p=oTKF)t&7k5bSr!r8|11<M(@J-4)$~bsPum)TBWl_Hfn)i;|$5S>`Jz
z%8eiKHoi9-o_$B#)AjsTf#k+?Au^tCNN212b9yTU_Ivj)*3!jm*Qv4(fhRF28D5t6
z($m5Iu}oC>ShFOD$QxqysA6xCk?^25>3hY8vU;KcS5|t&JhhAJqomog8PprY5O_mA
zcXoun9pQJ6ZI<O=e^P&jkN08P9ZF@iJc};QPfbB!H22EH_@$@#_o%NFZ*iZGuZ&ga
zA4N$yMUU<(7FBmi!v4M=SBHH0Q*}pCRG8yD6_tH6Pce0G4%M}Yj4^ga*V6`U?HR^&
z!RIW|h}t3U=a{d9TTDy&`E*{oEoo)M7o8V=94ody8IGp*avn-zdhvNlFjlCGnRH~#
z%9pEL_L{Ak!W#;%q^>W!OP#1#rG^(V7X_(aARb=B7d&bJ=aj*B$K~m$LA&NJtQrim
zHHu#oHc8Y+x3RrL%+4oWb2K6a=f#mvQ{rVX2?}$iy{VO7@)|d2@Tv$_O;I7cHTF64
z*zyh}1=PG=>wU?mb}WiMoN>UfGS#6Gl1T~2#HOrSzh@Egy1<+5&Mt*OR+KSNp}f8$
zXh5qtMWMv3_yQ$YDacGU2W%+}OMawPwv@-ldq}{n;nckNv3tOLg&0;qLz&(YKYHJs
zf|dCizb*sg;#chC%OYJu8r<uB7-Qq-)ns^~DGe6jOpim6e@graKgo~$?dl%62U}Ee
zM%Nm}lI05UZia>fa1Gomz*A#WB?Q^x)40sZo%_D$JLUrs2IKI{M#tCI*0N@({5woM
zRw|{=Hq^mI{Pu(LmXHrXg)Ju2(l4mpsxV;Nk{3op&M&%@<i)FSorF?;ck7R5J7L3{
zJO;AJI;_zmKZ>uEh&@?hPu|5V%X`H3&5c}xNXIHpWqNAdL+=6|tEkg>S&Y!I7RXb#
z`3w>Lzmrf4-M#FHkE;Ht^qtP{?|E9Ev+WEQPDg)clhKP?KK0+_ZvlcDC&QON&6FoO
zeU-jvTfhx-ox@$^D$aYaH9DyR|Bk<q-v@RmWyS+J9DsQ*5X`6WR3{P$et`ig$R{wY
zPuvk_a4UEX`n~2Kfq?>z)s`x!uB(vTFBBzXg*fH@_g~aYEO%B>RQ-1{wSPVuRUWc1
z6Iq@%51#|q{9?zWb*rIJ#xO34Th9bkqvbqIvm70DzDS4{YWYIB#dPv#;etV|@MEKH
zjup4akO>RiCnA0*d4L)cm5I{u!;^?^ms{JR)VF~`e)IoE{`J4efA!zUPn`P?^82}=
zp#d>-zb5mnET=R{M@yNFP79jzkl7^hLnMjD>Nl|HhpeU6mmbnwO~0|J=Y3TIUFViR
z|NYXWQ^pjxtWuGU9QnxSdy%G#<*}e*f$^>bR@Jv~_KXJDn{qW7Dzm{?_lv2@>v6+P
z{(Glc;ctXWOS<?y-KwC3YT-n>j-aVpTR8u|usgoFV}tr0WwuQDf4(0s!a9rQDkRx?
z0B(@y`zfs-Oih39c3w{5H$4X`dcGS5oS^Ro6ApxeVx`VK!93uj_)j&%uxhtA7h~$G
zZ5iNVb8X=m&iABd-eq-og{Tmq7e6`ZZ$v#mU;$WtGFI-BR0V9@wQmt?8u}R<rxvdu
z?<9A18|J1a5ApXL2LJqM{g|gNbtdSsx-e*!h+^lQEN$)jn_J|CY`7S-;CC@z94m@-
zQ4Ani$ht0Tcm3M1al-^R#dt(#jqRBUYn|87x%K<Ml1RLsJcLim+xI^s*kU*ztk%9@
zI$ZCp0naWj(YFG%GljYryDuiPC=r7TvSd2Jq%^No&hypt#tf&+sGef94Xcq>z7?>$
zW|(^QvxU{#9i`oU?AtU$k^-}H*cgHPI6OSjMkEQa)%D1Kw5r+i$)3TGEyFFWVOa*h
z%2GcKmo3HIUN3!$)-V&<@ilnT+lX{0*Q@5Tfx@03fr-@-Z${CF?-D<7NVFrxxvVM{
z37&ijXOmbN90fc6crA-RFjiyw@qhhtg6z<mY(n82M5RPSGj#^^Il5iCNik6Vfa%K?
zFg^C+7$<%~n02mweQzFd6Noa<20Q^uDImG^Gp~M<-NQ^t-o5f7AZf1AL88g028*X;
z(yp-A1R>k+v6PmBT*k8^UByCx;PhND3`l@YU)?Funf=?@>r#3?Kc033T>_rdH{g9c
z%)l{v0k4ZgNIygce?4^!btDP&U7=feFa{Lvm$cACaV=p#@RgMHdDo1@aAyE}5U6Xv
zz_xS@mz<QSB^UGC4wTGnPu2)9zi!Ufd@D$E_yj|%<MVBz+jF}~l|J1ELq)KBhrga}
zzbrF+N&$zN@}FMzOP<0lE%s`LSH0J>_r4#xU%J<FR9C6l*4G~nA~&LEghuDQKaNE#
z%&kzKlnr99OCV~_u+~cR7Be_JC!RVs?vC8Otjy<<9Xs*~lw`e8SF}6yHCJGqRR)&N
z_j@V!`juD(8Q(tYk2G><%qKB?o7Xy^Xny`v>cS<Qw5T4S@y?yKdl&Ey7ESWA5Hd>o
zq#)e|EHsWS0s`rs`>u@*Jo=8xO~PHd6%4ba!V#`)e~8amfW<Wh?vy0x<3Yow`5aY&
zz)MAMs{rQh$ue7S?Uc5dsny)CwiHmCMuUU6dz$YvD12hX_mygHh$z-Ke&j5C-JuH)
zj&};|Cbbp58S%BAI#Z@ux(sPf<i<*R!zO;M5|daYOSdu~?6$rDsW|cG=hnmWCldR8
zER@Ld|3wHDS+UfLWet!iT&DpSbrswW*1bty5-~|ad#qD7Ng8Tb%4=tpO;}zh-=Fx}
zh5`q+Qxx1CaFpi02z|M*jV?2+D>15fK<|qipRrPa8}b88sZ!^$U7FA_anPc5P%Naq
z0mHMq7DZi<P;|Z<D)my+41WzD4tm@hUOwy?K_*avbZWYBTurh)t&r;j+1`rdFltAJ
z^1x!EdX{#_qvFan9z0TSgzT%p3Nh9m>mNe}sH0EusvCvI8Q@fP59VcYjnZ2qjPL;s
zX!QYe!pY*t?;+ITbPHI-t|EnzjC3fnEf_eU*!%UQ@IzYokeg!mjZ)e5o$n=~$GG&t
zBk*n8IPhMkW5=cMsnkz;Qc%e6_20<9@fZ2&|Bd_<djBB5q&6Db_DfAy?C^@o*3<iM
zfIpc$K56*XfI&Gs*t-wo3o02n_Rfw-hP^u*s~6SPchI&SE%^F!^<U>muTgV^rLCaa
zLZdCk)0;d6AMwaUsX~aFeghJBFS2ENl3$9>ru6;&<Kp~@+Af@F&qa|*7@)CBX}tdo
z>f#*shQ?d_LeHjD^d?CZ5-`lv7_Mb-#7ZwuiPx&|vCRYV9MJm%utcm#4%_i=nt?-B
ze8APJKJJPJ+1dV9!WmMtsSgdrzkXe{8i1FFY$n?GJ@m0nt{XYK&Kfn5qNXHGVvsIB
zn(;({KfD!4=d4XORG=s}1h*5$r`rM<LhlUEmV01=A)?gAO<bMDSiJtfhYp-Ps6h%I
z?e$>&$<2>M%oLXCZpjM^r(bV7)h^zHb7V;d_o|N3UA^pu)8-ML3^EaVWw~GYcWU`y
z?9djsGT5QqmIvC-?=YFLcTZG?N?{AurNg%aj6jU&G^ZX^5lTcy<-(H!wqh8W(G6Rm
z4?;x`OsRCn(MBzz+MO&j{3v?S>eYmYz)Q@jy4sNmDfcK{+>p?8qR)GbknPdjUUlE!
z<323*&|*BHZ%pc~c@qni^V+?wUFDHlkeoEnDz;!TjD;qy(a8@2$)2+QClIS!vy&ln
z(xCKu;~aD}>q)b9C(}=SR_JW=OO<I9t%M{KPCyNv^>m0&j#VH9<{E=x0hUfZEHNU>
zIgxxe?pe9O+<)0|7@Ae;bT3Puv>%Z4H(WNIBJ86*M5CUqxe8Hlo5SK)jV0>^T(vRl
zDV!EJ+^=K@x7PpazktFSwQ+3W&A=iO#NMt$-W9^v8{?IbZ4&~^W-8gYud5ZtaJOvT
zFd-$Q`}iDAlC2pLjUbfR>81k=XqI1v+xeh4<NHaKH{2vm5yL1sX4U{npcELax$8GN
zKaRQqt9cRe^^zOs?U$e5fYtMz#18>Ns1!%T^L0fjt&{Pi%+pnN0%|^;Yn%lk)0?+<
zP)eT*A#7`glogJws+vI3+HlWH9S*J_ca+GJE=pZ^EF3JSr&n$`3D#0DO&9!Gw)m!o
zQ_r>Te~KCvu1gzMO}|l$WQGO?Cfo*$FDRPRXw~H`>?mJ|*Ue4`c23LNkcyqEPGV_(
z$w(zxp^-t9ehC!8{6=rL;dgdWNM>WeEHV$P)U2{o32hNZwrs5$kKR5gDb<Y}W8%T`
zE*6*Io(t$I1S-K<;Sp3ira+`u6_F3iy)SX76C@$=`I3G|5ip{H#(Jaa^v*Ht%Ae<Y
zfy-0mk1rv9?Pxy@EYs`Yl}OwT$SQ^Yd<A&(XX!tDz5ye+d@?(C<KV{vqq<D}-jqe?
zPmvmRIDO%6E7bc>LS;3xBu>!Vky&dtgK@7fIM|8t$OG?5PQJfha4%pTn&;)KVia5s
ztP|JZ1tz?yie5I$)1k|wo`4b)ZWoG+&6%hyJJzmu5b$r$HP*zPFt_?oiXo#%I+*Yo
z1Zit-d@__Wu?Xnc0NtRP5d)wxu<z3DWu3*}34FI*JqU{R8<5>dECvD&c_mo9Kjxr|
z1>G<R1-#0e)tSF#vkgV}+;g@scSTfx%#^wS)(VvD&mP-~=|#Fy-X+D1X!B_OgS?-3
z57l*x$ml`V6L~gebJ;5n86S4_%VO(He1n;Pk`_5WzWwa*S<Keqy7Rr-yhyZ&jIvfJ
zXho=v9#xz^e9)rZ3k)!xZEzvJVw$hhjuj|6&;Ye>#`LlbL5G98!p!)_2%_^-D5t_S
zHd5Xn>KU6<1(M9Y*O=Z7a2~lF!08-zL`*BFWGIw|y|XQclAB_1%Pz}cSA%JQ=&sSi
z?_><NO`AjRh|Nw|kyzrxdy7K;Xa9}-n}3m??%&8yOYjf!n><286EL9bj#qQCdAC$3
zb-HvJTWUd5Jx)&V?xck)f;Eje^@-(Cd*x5g>CIRLy1Bmp=TvS1`8i5dU4}>PpRUAc
zqg&d!odz-&XyE+PPp!eRs$??rB<SP}Y)TtpuhS`4)%RCu;_okj;Ye%mPdELr!1W8L
z<jBMc{I?!RwKc3t>u{JD1ox}o`CbdU&4<1h=RYoD9{P{NNjf3WOOF}cbElk*?3n8F
zJtK>c8POVTPblu{PYrNd1t7obQ)CEYkVW97h%ZNGVkFa$D5)c&CL2G{wo1p*_m#7e
zc)(eeW>?)0?%4)EK&F4Y1NJjsuPw6=U}%Ec^uVW%Ls2+mhowYQnl50DLjy<hAM@V!
zZ8^NNJ8qj;K?E5VAGLs#I*t<AP(-Jpl!WdT4U^n6%is0(Fp>2qB9Ft>Ufx(5G(F#!
zr$%<wpqRk?Vc!m>r#5VYsOI;hABYFOoIcnXpZ-1MAv4T#BKwF&aPasSi21qqc+N!k
zKs??Eq7lbrCfdGvU_U(60$~AZ4w+^7mXM~FqXOZGJ18dg#lKABBlCTN1RRonCQ@y1
zX)y{ssP=hSt)h6X7N1|93TuM^`;p>vF&VzLqd6D#TB~v@{nBQrT3&tvV;Lxp84Swo
za-LQ*of~?3xB<1y_@l=uvw@u@QLrswis;V|x3F=#?bJNX^Os<NpKMx*ry23ibtC>f
za+LcebSKL!ANY1Y<(8WM`856f&*z1k^W^H{*|dps`lgM}`KhOw7blq%x)ENYZ*xmM
zYd0Jf%UGG5yYj;ESak#{UKxV{C`bAHImi<u#ZCpwKTjRsa8$alhq#}SWNTMM9rguU
zEUEAPiohnkW$N^2c7yB3tz+=wU!e??I^T<Bk>X7;@wVRXe>o>sz(;Ig`_=(%lwSTh
zg)(?!^~k@3wVB7GKzf+ppFg@d{!!n0_8n@&!otTQrB$tb58i2T+QsH@nXSyfHayd^
zKeYxvRlqE<SF}wcln=vi+^JSOB;PaSRNa{ekj$61Mh~X$2X_i{r@mwBNRsy;B)`|?
z)2(K1nx!Cf(lB9t>iH#PW__l^AEUwX!3x6cyB1c@6Fj+TOw}OUmRQ2E;k*px{<W|x
z*9r$COB3#kaW)~EUHPZCPv8G|rv5Em$X2&H+jzXACzeq?+Gpd^(MdP|^QF8VJ??$m
z4W6>;!9>*i84<XEk|<TY{N5}D=?(Jg3xwmEYUf-N#^(Am3@PC{hTRFeJxjlISZ9N-
zd=&lm8n2v{9$)^Y;dUlpr{w8wr#&B62j{~_Nis@dnLR>S$$UuKKV9b6?5gc%Z>CQt
z`z#k^b%o<<589gr+@I&EmBpHYsaF5FyZP?v38Tii-w0_hHrg%DVpr%HE<m)U@<NSl
z9+uS`t<5B2;P#NS=Ni2%txvt|97dl1o$GD(j6soY`=!83bcpFFtoXLTH_>g!FdTS^
z-yc5m6=bvHa`ZIhONpn=zatZ9=dgr=sTL5VyD7%b%7*+MmyPs4iYTZ`#3<hjRa{0~
z{h3q6JNit7BVT`2w&u3?D)CAY+I4P`q?QAk494@)EoCekCS1<|QJm>}iNzBkU0&DP
zf3Ath!oe1!Gvz0(`}-;K<tP>r-Zxu`p`8q!eJ^Fjal}0rI1qp4>hjA~e+B2GBRXMS
z9hPUP)I)d5`-Nk&RZPoJ91?@^a^KZm!Y>Im-_r}o+mSCV9!fB~2s}8!sG7*N*Kxi;
z<>_WjZ5HR{+bl;&DHU`jZ84oMeeNJ@amM=DjSe~x4QG#P-PWZw9veOX<|?ksIjRRd
zdQ3qs=!V~tN>ntsXVkVH<!h*?bxKq=EaO+SF9%*7kqMwSG~#Q>yGh5dNlR4IcZakd
zh5Y`2{7vB7gZlIT`Sz4yZU04n<$ohTW9wh!r$M_o%0@#o0VSK2yh*={<}1=M>Cp(`
zwh!ArZ=e_`Dm6O>3<Nuou<C^f?09fv5h8hdVEk3yYiz5uE_tJ5WNeQho6VT>x{gTx
z>g4DP{n0+AV27NaV};NJm)O>r|C%wstRWon9k`h=6aCf!sU==X;u}aKazl!kk@(S<
zl|G|?<gPbuDjG&N-pdvZDju$}d<w}>>yK|-j>x;UUoaA3c^;fhHFf<m7srDb653^|
zI@#A*vNwt44EQt0Z}JDKw!w%YoapFbzThkdQplqSF=IaR^`_6U;}Pi_>24S`hU1vo
zpvVO3keP|H`(x#5&I0keQvP$pF!FNx7kKyb$b?b_?p(v4izw267tYaV{RsU<>?w3>
zV~XD?KXZkM*{y)6v%6D)&VJQ2^v`s&*@f;p*H^0|&!#}_?I%-v?2m8k5SL!|?zJo|
z?Kn0)Uo+*n@{y2c^@9)wwdP&Y(#iIC*0mU@8joI@$IOBj6)o>$`WqChCH1~B;nGdv
zC<-ba0c>nvXv)JE_MQ)EDqijOJ|~zz+?jt0JMKL-jCTS7(bm657hp`Kd-dppn*JAe
zrI+)vL~;tjd+c#-lEWOXKW)9S-_&T-*YJT+h$Z%0-H-QX-hn)k`67t?{)>1s5rn)`
zY32@WEQ{S`V#(}bhSd|kJnx&7?Z`_VFUWbWGSK@dI^oL|($`)Rmq%}^UCVSsm)BNv
z38ykGHN~%ydfIc-`<kItnQb**fW8*)YTfb)$TfaH1Kzn+*<0<N%b(NNU;t;S=7qnx
ztAplzHp~P9hL?@2PX_vg(5-if^`uXgE?<*AY|ia+N-(n(G%vtJT+3GuxI?XdYaTQN
zo#!KoZEvNfXNcpM`i^c_kIr17$tuTSnBRqd=;j*m(5*mNb3brPks9erDn;9VJbV+P
zz^XEW5R`QM)UA-xQ-DLG<Wi%1iB0bz<NQ5QvmAZlc8v)Od)%*;ic3}ShSS+6-I02k
zB3V$-_buCPElH1xw&Eg(wWMgDSw!e@*{nY?^_YbB!42yEWyM;qT213(@l%>xT4E>x
zT138pfI)KJ!zN)ZzTs|dCY3VIxVKU;9HB42M?+LbX6;Bif0}Yf1bZ|$<b>JPhN;le
zAn`FJ57}GYC+MdRzfbOw<J}`7mEw%W2(3iqrR|gHo#@C`2sn$ob^0mNJIQTdr!k8j
zSodb4Prr9#S9IZo_a6O@>9yN18tZZCCw9|!?D^?-oms_vNoE$Ea!XQ}%k<e+d_?U0
zDZ<!^aUr|{4=L<qGQ`2=xkN?jztt5b)z2Te{)_|dqNn=OLUH7tDuYPbs!JSnvx^CW
zSV7C3+_K1x8>wQIVcpeIIhs|In>tGNqc80UnTzKnpm!2W`TZcsGurhkm0vJUu@h>P
zMwhPCuq+vjJBDvYrP;9k!xSmBlgl~bTS`zqk+83|sGlTkO3HR`3J<Dqj#Z6eP73sH
z8xYX%E$Fi<KE8!f$T7|Kqhi1M%$(@;R%NS6@PU!GF0)S34bT3u;-(vX;k=*7>uE(C
znH+{G3@^Zdb)BU0hqe2Vf`)vZuu0XeP#dEGXYmnRHM-yt;4V#V&m#nSew^2RLzxJ~
zH}T#ZF>xX*?{zinUYwFI#H3sdYN*07U5h2JSJDgi9~pRcvs=empyok)Kzv<H!g|K0
zV~*RKb1ly)4Z+jBSl_wr8A$GI6P{y_2#}tXOjiV@?IINZM(2it;+dgSu&=INp<OEW
ztPt`2C_r7I{tzW6uKzWU=vC06ktruJOidXXlY1=?tV`UFAO9_GBnK^5;9WBA`@2`y
zeg%GFYbI2}6eYWoJc!u>#0Bi3U|k&)lCJ@hgMsGXKmX&s_CI)za$rN_Ku<*>`5KC=
zLx@6i^!IHdfZ{o65uepHNO189_0Z5zSK)vDpI1rydll5)_up5EWV?&HO2_}<>o4P~
zUccvYc+;@yMv(55E|Km=x=W-K>5}eJX$0vO1St`>K_e2<0tStQsDOZg#DC%MbME_l
zo*bT_sJw8$uRYgVvu4dW{J-ylAN8MZaNqylDm4GTRoIm-eja@i#QEqi_-~*gJkJbu
z6y@QU7aw@=g?~O6|M!dYvx~omKwMm12+aR|@&9}hLU_XOF8&7L->>TY@6Yhy^ErI{
z@3;TIPbwu9_r?cQCwkrv>#DEOTSY}v#nP35eu}??!K~_tmOsM$&E$0$lpjeNJqv>N
z8-lyuZMfOjiKo)Ei(gT(agMLO?dz|tTo*l|-8nfv%>767jjHt@QR`TBM`P(iF?^?U
zxD@KA(z47We0U<{LJxk{(<%=u?2%ayV+H3>jH%6q{kdH~nWderx!wWRV-~yB@8U@9
zyA2!d&_lF71-_R{w5jx2wWRrlBX_7!S7>O(M;i4V+xm7$K11E060b&Ny=rPR=br?|
zgdZ?Ty>sA?!H#ifP$5Bxfobhcf~DLIUJ|aC%jqh0VZ0e%kvB_g9p1pY;>FNGN15bo
zg;OrgE4B@Z`WX1Dg%SmO3AtQZ&{^JTIson!BL;GB1*&Q_D;RhZ_vm-Rfiy>ZP82ia
z%E0K<Y<;M40(JU1>BxnD5&M&-Vx~LKrc4aDwpd@J7#7zKv`LBvEUQzAKUf-S2-K8`
zDvj%*?0O|mdzm6l`F-ysg?y}}E>2op6CY0vDbtC?X(h9kDrq64I^Qlctj<M!2cJ?O
z6i<x*tP}Muf$UCSsyHMy4He_`Ph=kf%I*GUR=3yCo_QqOI*()Jxp3NPXFs~NvCRrM
zuhc%Y>vfmkCCkeyYE6p8nIw$$Fi$@$`=W@`>WB0fSHsx7k51D&YI`aen#%VkzuM?R
z-5-lv?)=R+E7atPS?3uRiYGQ`bXM#sOxbE=_PkhL$oXv=AwTKjtfbAJQfrq68L4Bx
zwRF53HYv)SonQa{k;F*k(%XppWCpl*c|Ruc2DJdaX>sb^xFiBAMqeukFe;ysDwAFr
zm8vh6zWT<zxOVJ)3^^lSZ=cUB8VX_UE3mA^<t#ysEGtc=+;%M^dFE{OEAbDyumI3f
zC779pULvCFZb$p7Z2}D}gZ+C<XQctaKReg!Z7SaLmbZELSGg4x0{xwI+GrQy{#yjz
zS-ENfjHeuIQhQkKai@XzC~mL<J`9Z8GE<^Vq9PK|Df7}pYd%=a@7$sgdT`Q5#-cHK
z-8r&xu&8S)2n-}rsJY^b^Tw%vD_?N%JQw;i=y$(0*mrAEU8$S;miWZEs72+>!HfgH
z$dQ*s@m-Ef`GW!{7nZD{_0-y@Z)i`Ab|#;nG@_y+(vq^SHOj;$4D00TP$2aqiCQy1
z=dWUY^hU#%%sJwDVdQ{Dh;NO)oI(DHB45RQ!NZT(W=i;Ba!!zymKgqUX3nEf^Ypg`
zU3*iW>}elA#*C`0GKD<5f2LSFn<JZ-I2UhJ2;6os8nGglS0wceFzW(w@4Lc8qe`t<
zT6VMAI;1`bzI@?cz7m}9I5(~EQ9@k_g@4>q4)85=H|P{h$;5GFVo2zq7AJfH<U_)*
z?nV8i_UtNcN0-&65Al&sF+O;80Odw@>-!2B!_u-7tScuTtuvV)ZvNm%Zj)+-x(R}@
z?mtgQBQC+p7P<MZDhIQ?P1t;_-%0!J$I;jnyZDu;n<Y~Mk(OrNE<m{cgzAt&uRXe~
zRXbmD>_+!S65Fsn1|4^0x2Ci{Bch|<h~TUAw<pcYTfq4hVo%%mHcRKuFY%2UhvbW~
zmD!WNuI8)*Vbw^!IolT?q`uJm&y>W}qxb1582fBM^3toG9hg=2esA4w3neRG>490<
zpaNAwd_H5)3Te9vQ`O-Ph^gKMM`$)B6S^pCP#_4nerGw*b(@PGrTAtQvZ~!r$!Vk8
z;5o(Uo8Hv(&}X$5TxXZp`nI--i#9SNC2(<n5dSyw|M-ji)c;0)p5Ol<{~<R5@srn3
zQk{Y4*>x1{9di5^2}hv!$WTXfE&M=yhl3|V{XQ|}M)T3WfTTW&st)<41AzhT);}V%
z7IW7T7jmE&T8!PC^zz+@8#kjo));L+C%?XLb#<>ebAdv!fn>R#VptbzVi+>Mnd*?H
zd>dA6hp;krg<`#?lX?4an8?M#YTDso?)BZZP!p;(-+draNO|zo*VFZ>EZ?!_Mchsz
zkYU}ABciu>*yd2mv=X4cdPmpvUNg9Mv&l(o!Eh_RP`jLjvTtaErybPJC`|z@6m6*q
z#X8SP@p|taV_m`>TR+uX<(L7;7}SEVm?54fb@7Su44wJw>u<(cZ%1mMjQT_p5_Lsn
zV%;)`cJI0Qy|k9O_*P_nl-@@ZPhMAiYN==E-q~~C%QquDKLX>9zkp;joL{oAB@+~@
zs%47A)Sij1(tg!Dg->|{*`s1WDh6{4FFNXj30ax@wLFJs73EDwP-j2aFjXPS%<A_O
zct8Ho<JobYv0vr(+&olFMu}~c8DJA#Ow*y4+2%hs6-diyRQwC3@<zm$*a`;k*ctBz
zy~95IQKQr$PN?2F9b6jRJ@OG5RUBGfG4?2hKm}+iwWbcmjioqD949a1n1C<!cb8dr
z*{{trG}(2c=Z<foO<EP_1nTQBI@kAO$(5%Z#5h!$&g9`i(p%5+6K0FK3xZNR+n{V|
zKjvn9_}-YBn?Z0%rODG7&!?)DPKV?xR=YiA&7a;DLQGiZ$F%8U^k@;j=x?m6F8cFm
z=`Rqa7iN#kt@nA#KaScO#|UY9=T9()phY|^t42k<<MFa<?Vcs!8ZXgIB51!VXxIF%
zk5J63`gF{8mRb<&yp=^A^9l``HRa8c2-HVbumbI${19U@w@Nq#Hr2aiF-*=>9K+A6
zyRS#I6JP~pe?I)sYS#VUs+)S}MrDUTlbz$;5SeP_^ES(ZcoTsOTK#k5Z4OaJAqPwh
z%^OI}`;<vo_@aZtmm-%o-gEH&{t2w~!zX8yB^An<@l-@yajXxvKeRD0$Xv@&ecwb>
zy2Lz|eofYcvLhM|e=Qig7>W+qJVa_`8{7y~HqBC&;l<I(o^T${GnQ9KrRyu0CyKjn
z#&kN(q}^kikAFGNc=#BI!DM<S7NqFivz|p=p<;nBd9@w+TXnkr$oVkiB4!p&^z4OF
z8pAp6-M5#0Qi2q?Q^UOpAK6J<RzSPeXc8X7A)(c9_vK=LpV7-3*#pJY6a)#VFe=zp
zb>VtOIHzuEOy(T0*~Z7zWxu=kq3~lHc*nxbO@zO&Haf;*vu>yc3~Xt$+CQ4RE1Gs1
ztQtf#mK4&N>cie_;5KdIGup#|2_1=Rk{QJetG>ozFoVB&Ppg<Z({xBmhy_VzH@-(v
zM5377f)O;JCd1C=jY3K&_OloUUbu)#=XB$nMn~5lKw{zas}Ho+-{CDR`%Uq-!jV@;
z*9I(s2&mg@a1Pr-O!_r-+*z96Q7Y8J6_rvqptA_FoaPWshMeiupO|9f#s|~au}V~>
zz?MUqX^!J;LoeKIJ0vs$-8w5^sJ^tR^<bb?`|YdE6mJTRDy|J8sfnsZ&?kg~;naG=
zQ4hZF6w}bE87p0pCa$$b1G-BJj-WRls^+7lerToqa#JJ(^MH0i*d)7l>PlP(v-DYw
zacz$$+$&0nI3-zyByp>k9p3Di`JtTis7_kWK`U1AAl%rSXcahSYLRDx>Xdh1j~e?K
zGaDP|V5)09@c+ds%N}!x|20?8Uh!<zi>voC=`Y1xo>Ai;8EWda`B^Rl&+J^%>bqLn
zLS**Kd$mN}5;RoJ-h>2ol&d4p@5P=O(KK_78gKONE9$DY1kKtCL|EP%S&4bHn|0vs
zH|k#YVsg_r3#;^VZ$-*peeSQXc!l-eYzn3ZM&Za4?I3<7%?sow|8L~~`4{=A{*C;C
zwf`Xh#1R6Km$oNl?z0w9Q2KhFqq<zl31f7MQ10>nQ&Rawy>fpOODulMm^pGNxV`c&
z18B+1X0<w~U?_Z+ClfuHDVX$2i33y5#qaXkN8>%DAP|_te<<ooMv^7RI>up*h0kn>
zOA?m+oXyQ0z&Pj~ZK7TgzKHK~y7m%jnm4Lu1BQr?w}slGzG`b)>dQPq_Bgb;8qlU9
zsvgRP%O<!W(PVv41MdCkec!p5F2#QYCxB1owSf-xL3LuNB;1u|0V{$SYoQNa-xi^1
zu<qUljYB2#eQ}S^lHx)NTLelyw7|;VAz4Gun$W+fl7Y`Ld)U7H_^~P~iLo(7C~_0h
zrGan$eS_pOvq{ZRcd@)_t_N)M8I_vNzX^ST80=2#6loT(Or#<48M^bqXEYVWwM6uq
z=T?pA)~n|JH{-zwjfG(-;ibXOG>i&oH1IzVp*B<67C|falkeVx*%ozENHxy4Q54l#
z!MF9GvN+PenKaGDH1P4lbPY8?u_QA#1J*OQVVU&F)VxT=I7BZo%|J5x`@(CV9<;S5
zc2v4ge~Yaz?QZe|>4nocaP_2B<m2EoBkTgB)XvAfH$vVCeZAj0NF-L`8PqOssuPna
zXu`3yb78DT#qX*z1wrpzL>pZj@DnCrBX3fX+-qdBV~e#auCclbYTklIc~ekC`Esk)
z0yl?8qi{b`w@yn&S~z%b9sHA??G!vVQ<4q0Z8K>na&=7ID=wvmw>4ZB@!lZUWvis}
zojS-|xMxeIU<z~9A9|*sa)d!>exXcSjj&44D;WBj-2!Wt*ovDxM<Eseld0KaqRAm%
z9SC@yK7b6(`Y0B}rmP>DHMo3S`ldX!smB`eJJlXlcwTFJS_7Jy4MO)*{5x)5og+k)
zGDJTUu--BWP+Sdv`eMa?;i8|KIR<s)vU&3Up<u%yra34)o}LJmSVe@lrG1?LGxwWp
zyi7HOgYOJqBw`eXpoeg`M(8zo!Ya!}Ne#-NO*I)og!sjrC0~FZqVF*Js1di{ULznl
zEyaU@xHekgL~3D!#7`y)*wpKGzxCkxHiY|NA7j#sU(xo5m5+NxM;_(1J1pT$ynlD-
z<GKo6w1V%ml*^mC`$>1ZP?QmWxCp^<(6EyV!}<P*x-ho4C;I6behs}rP9KgP(pT(2
z4aJT9bFu277K#eU9OB;J^xhi87+3X66EF8&nQ2u)C6QO;ggOY-!?^CTIY8JudP*j1
zJ1^-SSE|73%Nkm^rGjUV7!&YCn7$ccFE>}|Yk#o0;wwhQ5Cr<hvNyTQpk>eGuvdC*
zrZsTmHkh88+#XKm{3;2mr9RI4@FQfVfWadl<0OmqJ>u+lt085MvHGxUur#)pNm1%v
zc2E5J)AH~~#29L}<osP`72i#B0vqXFuPsDi(ArLop(`i9<IsFh0kW&Ru%N@Lzie;E
zvp89m@13-Lf9mR|eL+tVuQo2Sk=5D;lcvaj&O%m**NVva6buyo9jxoYs;3PnhbjZ6
zQLC^uKvJ6!Q;Y|b)5uk(Mi>PD1{Wknj7P8CUNgtaZd9mDV%!*Rziyyt>b|e$?{yH^
z6%KGslIL|Mch{NLO6A#pXf7UyeYT(`6G<1PdKbx8g-c|33K)@sY%xJZQ3?G{2@%3E
z8tD`z6bZt~+f-OWvADe}tki??OZX-R5mC+Q=pOH;h(|*IoPM$Ctq%<-nplfLco#jN
z#@QU*m;-O!4>o_!f6ifGmVoyz=ts7n%b>~N?I;s|iSQN_QpIlarXMaTBC!c+Jb5F(
z+SS!{14nMKkO1#6CLsC_D+^1<rfdLq7=^DNSP_WME}-k8g1-)3@=a}4>6qH4Eg=(R
zosGgfEy-3i^-}wr^eFn@$iMv;`6>U6{NlF%Aip{(0&$<7d0Cdz;OYj?3VH(84yLj~
z(el#LA@7Io);@n#T@(`0Jw0<-8gIF{vFV6MhPJfl&SW3`*w|S1>nhCY)mwa34!S5!
zCB$7W?2ZiLCb#(TD8f&)>|7|fS!T?4QROtRB-K&Ju$?_Piza$cbxbscn{H>L1Z!1v
zu40?B?Y6(a_{~VFMK!W6fb58;GlnL4xFaCveH@%bCz$uDx3saOq~syj1l5bhl2PM&
z5_Jj{tqn2d<X7JoaBeR?eVFGNWjld2>a#kK<r^<CA2P8<bzc`X(9AXhV7oQ<`XvYu
z1=I*>6<-;Agg3f=oU=xMlfg_Ht6IaWEuT_ptnAK|ru`y4l;(7VQ}K(umZvd8A3$FA
z<OyF><SiBTsyBf<EU)8aAoX44`-Oq0*W0txKM+f*gyB>gYw^-;wwaXc1Y(jJ1{6$7
z1oe%gV&vJg`&D8pj;mo>$;4oN;p`@}v+^!&_a_10Qa%B}ANNnKb<!bko8&G<NLfB}
zo9d#fj&GdX9!bBD(aL+_mTkS`Zr-5K^R22Cy}U&jitxa*j#X9pLM_#UX@PSoaU9d#
zk_d&=&uMpHk$eyLalw$O1{i2Qh9mdD7c#nUB?^s|fLi<^bzf)upM&orvW*)Vk^FaG
z(ruPvP8LEAi;t#Fs_!$v_!>V@Y&PCPA(2y-x3|0rKC9e*rh?6va@TFDhLVh|i`ef6
znHl}|5M>@l8AUeXbcc>$aQ*X^*ub(1u(DFNbka}`B&klEPvux;id>QxcA>|v!VIkU
zECn;OlDLm6ZeZX0nfPsv!)gcC;M}?%MOg<pR1V(7=%A6&ttr;l%r<2N?O>%_l5vv8
zkv>nD<F&Ja2QxEf+#z82K5DtaXZ_NDin`R{QX;RlFPtj2gtyH2#}+El^<7+#8^KRQ
zhATVM>CsG5L=MOHm6R-9=C$0-l4k)wZSeTJRK*Y0+M6;2CARGp716g;{nO)9YtV&a
z-$Xtf3Z*njAjIp3`*r-vBpQiRX>BHJNf&FI<$bA!t>@10db)o>iJ^8d#5o65R;}b>
zt_q>=lUX#Gd%;;-3|Qh@(iAN>-L*aAsW%eIeur1XXn$`(;+@((ND^RYXCIs0ku@i+
z(vq^uJlP0|UoNjbG%#9KKqdODUE+}r+%Dc)i?BnA8J<EQ*`-UDf=zX_v<xjBH+(6x
znb)LC9*!EHa?dJ~TrX?oIM6V)Ut+@%%JC(?Ui}BVrcmbQ&Uy`JVIZjQ^zO^>p^z-r
z?P0Iq*uDjY*QKodc@CPfR)}KnsQT&nt4b>@O!k(_8!CRwRszrJHx^xwBZH2I<6*Hp
z?4<4ZC&aBYd3bmA9*5^FEjbJpO1WB5AH2m4Tj)UJj=8$3_elIU`maGwIqFymkIyjE
z*O>a)0pdTUwBiauvFKWhgSa6#%5o>4Z2GHbtEcJdWJR{#Kfk<GJ9_W>EAwf8+L&}n
zBk0^Cy}q~@xVmyLn47GbA3S$Gz3Jrhkoq(Kl`9Vt#%D!&zR$PY9!O{NNAc6)(Pa%>
zHfoFTvL4!p>V9#4_>qL;FJN`v4U*@M)-FiD`M_vIcW_-;k5uYV_gqz*LSc2A)&FdF
z@Ja=Xkr+kl?hEtwYF)xMh+FqX^d4-@mbL$i3{%7?`278S!Bv_1_W1<{nQw}wjqN4r
zNCXYZNa+wP8~EBij?X@R5;r`RkE{XkxV+eN``BB(6j$UrlZ?T9mB9zwZ*I$2TiAQX
zt2v4Fnk?fgvX$fv>nRSHoZPzm`1Rz0EeY~nYGiABp=BhfSL+ztAD#{((FenHB7?Zk
zL9l{05-y?K`T~1y;*!&Y00I>i9;^b{Pz#ezUWIVC9LiBa{0iccaW5+ypR`g4uF!E5
z5<XIUt<a?aPIG)*Tug;K31>I)_ERoue#!qv{+++bPw{W$mm&WL`CEMv2;+_$Kiykt
zOwvQo1+3bNi40}^HYrTRe3?qusg<MlNG;ZydMh}?lVliB$3Wwb@q(K!eki9l8S66Z
z>+405%5oK4OQ~H`+2|CCDtiiNdx)Q}!yzHcFmL_t6D)3DB~>&dCkl~1j(X28p}&kp
zrz!Q{VY=IC@GZajBJ?c(IKaM~NymUYbQ^XO%s!pIzT_{infi@@Z~^nIR=jVI`^H@v
zb*;zAf7o5^$SJz3tjZtN+D}&L%XUUvHc~2;3>*n_;zVQ0TvEVGD;8Hw<955)0EniS
zQMf5Gq{x*HLv7))>^|(z<Con>LtLX$y3DYBPILIZt)31p2fI8@G~SEiHLX|gz`2FB
z{1y7Uv1|tFA)%+JQ8QJfD_@-PHKKw`<@$)9ZI%&p<#eMn7`eDrt^y)%f^CcFFD_B9
zQx{yt;pse7#S=|RL5nMK9*Y52je*r2VLX46^)c=n*eDDnjdPXkL%T~gtdn>IPiO^y
zYKR9$D80!f!9#n{qRKAR)aYDhm~W1cxBGpyyR`OvLvfvmLB<RrULeZOzKUl)t^H7{
z;9JxAQFv-<D)W~g<Z<T|L7>t0_VF3aTV#A7e+*sC&!3_;0g-yfPs|zt&)@4r7nw<g
z95#dm3ryTtIOjv_P7PrgF#DRwNvy(v0c)QZ(e8M7k1e170IhTkzwp-0n>XWPW2dSO
z96>;{+eB)FC!2Wxe*N_dP0;O3sd|2!ewuSSe3<cyhdTpwe!sYN7$QFA%LEBCGou-I
zcXzK1KjNhB`~`#hTJz?w;DcW9@ZtKd<nMK4%k57en&yk4e|ZT?Fc3!moNsR*97Dv$
z#vU)jj?yQ{Qpf%|+w5Ft@r=i~hJutdEj#;bQ)2FrqJd&%7Wp#}jjH4(miyE0a3fSU
zODSOp@bwJhHA%!fmSJgZ!H}Zbw*3sq;1%zhU08l$xq6KZ+bsRol`CXm;Tu=>f`N{X
zj^HxLpKTvW+_}%X(hkV{1?AU$<}ltg0CNq$=9sv+acbNJ0ES<dv{#+qU(WeWm+HF|
z`E~H?-7bL*3MfnJ?X|97PyeH#0mtT@QIivn6K$2LB$jL&Xur`T1jxzB4L^_;jkR9*
zcc#7tz(lf;^+#T5(=8Wso9sUowd~LIP?~b)r#qyipwMs2tNxk^4`Ka*<1aDy51!XJ
zIn~<h6J8m5W{0go7pkPzKQeL$Zr@H-a&=m^miXOD-;Ypl#1rlRei6^~6z=s{B<0fb
z@}N2CmyCRQxeA}LpJ3ll;rWa4v$84A$Xf;JvM`tXddv;I?~kRg6e->h9$-e(s83Kc
zE%Icpk}BYJe|tua`^r*I?NdesOW@DWLZ?x_mQ}R(C4ZVRw>YKcW?m%0<?;@rzpS#h
zV*@l-7~DYz3!Tvs8ne7i5)#y&em_1-{fO!B-wBVneQ4_Me*l#i>pUSp-AT7T<S!D%
zy&D*aV#(Sk6!E3B30Zs7_O#0%In~?S8%blZ4;O3c`S(xH4Gj%1^mq&HLBA^hsE7Xk
zVf~mkNv#%a{`dzA+sD9n8a!6)uSrhB>hZ~NMvll^Ql4IqhIDw>TD6CT!eca}#C{I)
z!v21BDV>oj`L=RQ5A4^2c|=KAO9MvX0VvJx&U@wSfD1vte|(vI25Iqqd&adUJDdYx
zJc8TX_2x8d`~B6Qc3gakUj^MYi}`KCj@YS+DFgjy8tj|&yHp674`EBh#CN|Zk=zAc
zCr}V|43f5F^8`0!WcqUPueFg0Go#W-c@LV}!A_Q1)2H>YxMW~JY6MQijI-c{_^CpR
z+Cr_R!vkVHmVSOK92sre(%Hv*aIwI|WbM=w^WF}Vf=fWa|3|}`00e+kG*6fnqfe$U
zgq)xLUX0`B=61Q?EPiK>0Lv$+m&f-4`5pfo`FH;!Kl#6rU*YXP$WQtNfyg53Nk2|u
z_3i>G-o_UJ->g5zZ+kv|=1UGPu7&4f8t#46s*as;7b3W)z`6!p4F;Io+W-vcZd}A#
zklrL-<rlig&Jgm3ykj5A^G~g}SsNI)c%ubca(-wBpMcYMb*79XpOI(`0mkcC?wojG
z`ECq1UB;ft#>PgpjhX=qeLJbABwp{)_qiFYL%Xo#=DgI+o#}$1pn-#@k-A&G!Sk?P
z=aG1m3NtG$1@XbaPgrU|=fmn7DYz=Z%pA!mUwn8NxJ)QBfY@+KV(QmX_sIQ->rY5b
zEFpl7dy%!^mM`hWQrzz(z<bYawy9#r*i`&joT!|Livr!A`m>m09|29I_EOfJfgd-9
zo6OgM>r(?8fMVIyMSzo@{fG>PMTdK|V%NV}@%_2$B#)}W52U=#^prXiVZ>wtCh)j7
zYp!c(;I+~6G=`l9C#C<+NS%dkJ2C?S;xKUg+t}Ecu>#W>vtQ9;#_XQ=0RP^-SwG$f
zQ&osSMQdICMTui0e-0^HG<u}<Jz0kd3(RMy!;$5@Dk>^Rj|3z1Fvh2PdU{q?Zgl@#
zR|*dTBYh5?ycU3XCeDp9Gox7cv9d>E?*4o027`s9lMo^!#WGxlYwc&EkO2n?VCx4w
zzZav%?8>?(CR7C0+Jx4<DV^1ID?n!QTeJxJzi-(JK=1hkt<Zo`o?Zz?Wktnso|x7H
zoM2^D)jk+4Hgv;#{z&KN3~)K1^Mi5qwc8(CAkLxs#W77Tojzr|{L&2~8TOU6wG0~2
zieoy@x4355a7QZRi4Hq)@aJBdAG=a5V8?qApftU^y9+Z>pQBx;!8ud5ZmQR|Wm8bE
zg3AK%y_s<Cz6}!E6~pOBhjq?s;=Ps}i^=h5bjuZq*AMG;ydMJIgQD*mYV+?Ixe#2-
zxS^1j9^1S=2843D#)PXQzMh<t64Tw4bvOZOwLmF4&i+B;U}uj!@9yeiYUl_orq##c
zL1UH%HSYem>Bt-J9mBt1Q5ZEk^a6m&Q$~*N;-z#kd&qP1d<Rd$#+z2u5$qpJRpDxb
z>*EZz0nqCnz?v8IY~Zfo73*y$jrN;lnY);F3eO_C!P(gvBcc&;gOK-yb|qye;M}wc
z9WEEzX<tvzD^Q#M!2jI9JUlH?^gODvR&ohgDl=gbk!E;OeY6s<7#SIfpCb?VF<B82
zzy(z2FzWNSbfI_L+<Ht^AsyRs7ZQOZpO8ex>zd+C=83t}PUPNb$4a2v>#VYO-GXcP
zHB5It+JLGTo+$E9M>FhlfC)r)zGuAiX&u++Hm@=Ui@mD_KXH^y=_EV|HX_6(oUR)h
zI%!JHMgCFxjoS))u^zKc?8R6vOhFOjZAWlFdJlazwGCBKi%Zaf(dc|MFb`bVY_FW8
zMJp&NDK%tB_&Z09$y5M~r>q>--Qb03i#ny|x1jKREfqs=m?4_Ns@`T}W|j~T70$dY
z;A<SEb8e!Aq?Zk8+iKKUTasYj0eUWN0$%>i^z`v2r$L}q`v<F`{`RCRjD5(-!9ixx
z&;<~*bmhk)Qtq(UhBZ>TafK_#l{wY7hLx<etPCS;rN-zn*{QB>Q8?&%`2Re^bDIzd
z6&8Hm1ij<>16fQ?`{J{`4&N!s=4g-f!a{*|AzV_eGe&7&uKi%&sf+gfqDLnUn)Ka=
zBUa4Xz@qI8uh%FF-a+Q#L)bLY@^(+{jHK*npX`E+B&xUr1v;~fcnE#Mt+&Jo!CP3B
z*a_Es*YyE}p2ZBn;lcTg|0P4CIn^Qc1d0|!i`>a}^q|7shLY`V&%e6p5kn|?&`Ti`
zv_&x%X>M*_Jy5jJg{C2za*>>r(Tz^xrpBv|R+oYC9=$%=>;n0n{~P&#{Y8GVe<Q!z
z-G7iDy%~Xc>Cewj^L&wXEAAS`50gD8i=stfKjHSNL#ppSaG}+1S}rbJ3}a~`xR+<}
z?D5(>$pl(&e-f9HBxu$vl)2=BEbByv5(+SYEigp3f4HR}n0wJ+bPDq0Iu29rWJ1p#
zeTHb==O^(~@Ojl2y{ke%-H*D7BDTjqi6dHo&YAbmr#ctdq8im^ZJD%<E~zC!K`Tl@
zLD8>mfu5c`J3H&5@;j5f2VJ)?Cl?#GII}lKJ&_?haKK9#=&5LB{kP1*N5+5KTly|S
z`LtmEqg+%G{k_1|U@Q$&NKd<#_kebH9^eE_Y4T;0-I=;(-ky53e4nb#8S<X~WNc-1
znUYe>b)4<@a8FbY>^NCVr|n=z+i1vL*HSB~1!U|<SLS<xKA0dDQxCzdB`qx!L}wsQ
z7{6UoU5<sK8RlH^MQN@qpf6YJSMgc3r3x}(b^gdAJjGLZl$Xcz)Nt>H!xL*2C8=2w
z`t8^-)iu`A+MS)9Cg+XzIlRFC|8Z+vHJF$J5}0URAl~?0j+hx|dx^EY>=8{)Q4z7-
zGEN7LChyf;gl>)L(=d3w;1op#uKq&K&~0s=yrL<On8TXhxhgI$&dJI7Ff`6-o^E#H
zVK|-mtu`n_VgFMp4>JJvi-^asg`b7|_AXxQ(A{?;*GE$1^ev%3S<&V7n14f<sS;jb
zyolb$aNt!azn1y8-ii*%aupUlJOFqaO@i+*NGU}~n2$#rAi<G_t%dbmNoJLfg=*Qn
z#M@IT;gOs&4}Lx{17=1>qM^sWW+HN#F9tMBy&M32>_Rlb*Yxrdn~>0$lNi@n^7P7z
z`{C6^Wg|=f{6Rj=b%uLbYk&Uidc;t<RlojFx3JEW@6sJdcs@<V)tqmQyBpt#{X#eO
z69kAR()wyk31bXIT)7d?<#4w@l{u42+hFD1=%{`!DcY~tNQcWaEG-2?3%g8K-oWGs
zet3~gT1f|Qt~1w>s!>L0Q}*AjP^ff(8Y3LGM2LS&@_&q-y+`~;7X^#J#6h(f=SV!f
zG*-cw`T-3VmK*`=D7k@`9NIa#xsM?qlt^*9$w|x4E>f-pBRxtzi|zWUJV}wFpKMMW
zt?xe6QIc5kCe`|j+<!b(_p9O+O%rE)Em!m~>nv8k*Zq$I1dPeNxU!be>mi4PuA>h2
zL>s|$9ay`DTQ~Fa@{lxNr9DNtx!*N8BhW|mHNM(kY^gNR2y&X`(RO+_AUZ6~19Z|X
zxD5S&Dl-liHsXn4bNbNBY&30VXhJE?=Bxn>7@|Q9<Kni0H@6SzBgFfu++Nw(PaTe|
zsww)W;Oj`x74yD~ZssYZmk3z?u{cQA3oMm3CwA{AYKgGarcVv<QL?b0&FnF=p(U{H
zmGu62)%)8A{wIyl>>RPhFLV8Z`r!vMVm$H*6mzf%b^WtF6oBxC%USLdboKRZX(v{y
z(krSDwM{^7i^xrS$*h)N1b&2RYp3MRrChBhs+R@{mt=z0%Nv#7viU6!BaQJ8<{t0D
z7d2%P#&AWnSMF#$9T~kIP6+Ynm;g`T&%wB#;PLaV2PV5mDGoaYgIoHAET!9BAWp|q
zapfbRzpFUl(!V;GBNU5|QL1MUYlLZAZ&*d7cd?UwRO`Ju0KI2U@5b2*{EIzzF}X-G
zE)yc{b~x`)_qnDGE`NrN%oe!+YWA~4r7k$BCEMQ~`v~}#l(!uC7(K_0e;mOeZ|vTm
z#o*m^o%I@|^<bf|LGw+WR~-cv6%~?3>zlx&H8nK_?{D@NeV&&YbzAo|Go$(N6{pg(
zh?u~7UrM33xb}v1Y1A0n+{HR;K|O56`@u4-0t0dR#MH(1Vx2|SPE?<;XeyZ>s%9?f
z|AEB?^1J^x^6&jce$sy<zs{9^kiYLa0`d2TGl05!6ZZLAp<?xv+#(3BZe7RB0|JtI
z_Yf$046jvpdX-MJNJ}8wu#UQ;tBEFu?*#rxqU4nyBj?b@4Wy_P=;E%X=OaWb89zA*
z8I*N;7;KRE4eUVzatD&pnHDoMGe3X+40m|Ml8cysv}OmDffy@m8C0!5Eax2=w+qki
z!PH;N48x9i-~Dr&&}v(U+~Ip5BIFY{f01LUs;EF=MfhvrKKr(Lj-DV%xZ7-_WBih>
z(Obhw{ID>XT)~cbJ9nx$S1{D7fOZHiHD%??*Mcdy?q9VleyBphBzPib4?{aMIs#iy
z+aGhU@ojF8m8v*6uoT87k`r`>U`=phEaN88!tH;s7BBrpHZW556@>g;G<vv<JPK`H
zLU;rQQ)@2{vWL?Td2L_?l^rck!ik;9jxO+lIoBo2Mc?pz>S*#A%q#|r?9;l`^u?=(
zIgA2Y!5fnLlll3VedTYXo$R?R$?)^vhOWtM%8BD5Od@I{JtJd2XpP==>*&{-{cI}f
zA?xs>o=%>qS1!+k9WUP2B~m`YfFD+6jcA-0gVQtcV0eE5KwP-ma`KFZ!{8Jyf{f6j
z6TBg!n@L0iI-;0FxL*u+zIq?Ho5xxR9s*|XpDmTwE-o&XQy){CmxBNQ?&?PkQw^^k
zyf>BMV{h?jP&DE(t75l5W+s=O!!GZ_gP8P}xQa(juiU112!6al&S{t$JmTqp4zKTW
zd^z`|YArmHv1~Z38-E8=X=!OOmnCpMYnxTo21YV53fduZV{U2p{GUq7E9b4}4>woW
zi%0F~;LtHw?0z(kxyr}Khe;G^1C79qoAfuJNx25I2ei<8m!;Bov5upD6l)36y2R#>
z(!SD1f5yqiCLe?54SWAt#<!q-=jGu+Pw#w)IPeaMlRJXVzs^*b-cz6y6bD8zP0)ub
zJwGm;sW?KiF6@wxOI-UJ_K;e#6<Wv+shqk*{y!MVn`p0Vc`sBb8R0n^85}Qe4ZZYP
z)8&fTieZg%Pa!)gAW8bTZO+6?^9(qJQAV?002=q++Ebk!R$kt&NiGgZ5Nu$i)6JI@
z>UW$*tSLvG%)JSHX~UsFrj3WPBUxxUqeXk~Ud_XMJ5*LT!0dIfn2>hh74Qhk+Xk`x
z5`HFt&l(JmzDP;#jb5^7b{_da8G--jZvOpd7#ALV|71wdrWhRmWV_d}N1SiQNoS|t
z`ejPr_~l$&v_~CRD3)|7nfY9F?Rwt6RT`dbQiivP<BJw%(OiqYcNNN4S0u#6vt_jc
ztIHSlJZ(V@x0l-yQ#)3VW23NO$TX>%3neIq>Ey;c{a0;mlKrgW<?{;9Vl<bpc(4{#
z<7nv1h~1hIbcm?3X^MSBc&Z_MW;0=cZ>?u?NuN~1_~6ezr{_4Z`=`h!`cHYq#Ilkv
z+{HCD6>Eovw8wK~BO||N9D7Q`xnL5Ik}`ik{%osU?ZNs?BkO5w3voe_kYn6QV$4&A
z;uBxvH-pO*Eavm;DKmZg7fa@#I4HL{H8^|zTSa{7&xFd{gyzsTMu8KT^7lLRECNj5
zt2wq4g8ek+g?{AdGv}v#6Gl2p><1@ZHKsHowD3G1)vH$`^yu5leA@n^3*V}TRk%ze
zJn1}LV(*#Y3T7UY$8N5iYeC7Y8@fn?FEPpQjcIf-q%C85^9_Z2D7;0^9gulST8&wS
z1&91pf)<($V=S7Z(^n<4g!q*3tR@GmR355KU&1nCT#<gDFZR1Q?!HE~>5rAC!jU@l
zjyCnY7)jf0^;yk^>Ny5Nsw;<|byJ0nPwWI<+pzNxRpbiuCI*fUnzr^ja498hQhDO>
zlL{o6x9Je$AxpUMM4WDT^!a{%jKdH<^;|W__&iP`n)HVnq4}BPmj@TfAMxMFzyBBc
zN&b!e*O&i6{wQh$0!gvJB0ibJx??Lqi&lA3Tg0O9>mHY|xEm9J%l)felUVzZM{mZ>
zs!)+PbbFHBr@Ke_b2nw<qdBE7*2@zqTtj|NToj|r`qE6jv}$DiD#o;V>v#%xiji6t
zH7tw;uElK_0Xh5qT6zr6WUx`khjgnK4f?J+7TH=;Db*5QbXbG~Xg=+>2u{vRGBfJY
z<!B~R0Y4e2s7#*PT$5p+Ml*t(m<P$p_;`4(GYyNtG^_@jn0zq&-5azrTf_q4pTS@}
zzPdUBJAAl!3LY?g){`oSt2z5rQ~%5o+9<%L$0Iv4!)@Vv>tj~o;FELjn>W)T5W<R6
zrPu*AJS;3MaRir|oJSaP%;jNjc?%lWEFNRG>H31g!g?F@XvC2rd}*gY0u5u*l0FT5
z8&NREYx*(Q^o8@Onu|JM3Pdm)uRYSXt0_4F?%>7QkjO~2V-v4YHNr%Q;nw_{*E_|L
z-#bSj>^Vp0S0+g$e81(JC5=ps+6r{8u7FEk*+W99r<Y1gOWSm{fHa1NiaXhbL$B~M
zIeE0^G2fF5@d}E=Z*y`?gRufim+WuHpXxv*0Q}}N4D5AUENBG;&OtQJ_qEQrma3A~
z2nGQa@=?yPn=O;T=>Fl!5zN4B+rSNfV;h2nEL&V69ga0G%T)08MWe)Sa9*pgo&E`}
zwH4$ZiwJrqWiovWxPJY5KAqw?`znKZn)1*CI*I#%3rV^ejUl?aL_6}1clXvyh?bWb
zq!W<*xrH}yJ@;TW9G8%AwH0j9Ydz76mrRgst$1O~<)5{`ZPS}#z8P>}_fBK6g0VAs
zf!xswxwGF{jJGGFo1k=m7K~Z6^2<(uR+<v60U~>>-~|_2D=e-CW$i&~+Jvg>V;+A1
zdsT6>m;QA&cf7oWTvHPWuj?`BsjD9zoC$=uWMyW?d|c<AH(5Cbe&X?cWgg{22q250
zGF{;p2s7X**#_b`B#f-o`tw45-ps2YABVWZoLF7uE9Y7C=KOz*c^Z}TC!+VN0LT?$
zaKk&zAsyF!ygboofvF<F;bG3g6)rB=2tSK_`rPA-CWb3VnLON7j6Zli^aif{Z=BCv
z8xeFetlA)hvXJHGw8k2ezodGP7Hf`+8zO&kgVAn4FlMvJ%^?ImFdb$yxlR*PphF0C
zP5v`B@<2zQt|x3~NoCN+iWnzzb}OZ|)EO#nb<40p3g7MTK)fAZF{6$n8pwJ<rD%%g
zZ97M8?>{PiIF^%#n<BB!Gg=_m`4BdNl~~B@M&Hg$d`L-2DJ^C3n0w})qixx=^&FE#
zIuG&n?bbra<fPI57tCT@stW$3`X%~IQ2Bg-=LTFIxU*GV1ha}EtyRb?UWHu8i>p^O
z+cTk?*N1{zBB2{3u9K8za&6R6#p^t1*h|;KP9)`S@ISbf_8eyGxdh#QlIWM11O)DX
zEt9E?h^Fh$$7GR~XSj$Ueo{rlxQK%L9Sr7ZeJLNL&<H8Yl8)b)MN=9xCYgq!U`I@d
zNkqE`T{v_JB=wbC_2ANrc6@X8RsbZ{wcNMxMFnq+vm0!|6Lx!hmvl(Qb(^}NUU3g_
zLtwEcdDM9Q9E4|)zZ20)2itH^$l(%!Bc$pm+3P)>=z4TbF9G8T>1w1-#EgTbxq7K0
zK1aQx7G}<({uAGoe$psIsu%q@YSk<yxHpDJM&d``)m+-eKt?3t`EB@`VdJmca&jA@
zjC0pFVep)hk+Eo)R8MxKOr%mGV;!N-iD>W)36aUnCrL+i2Q*m`vC3P!-q$tN($eZR
z@9+*rx(&X>O#{Z1Oz<IBAPOmWFD0e?x4Hjzz{WV%mr;^yLQK+ww@0Ud9W*S^)-CJq
z>+7TS&60_50GlS##cRM!I9p#Jf6RX)|G{76C;m6`o8|n2{BFevgn+LY2S*(GB54ff
zUhaHSJ%dbO>c@>M*w($llZw0NK-1F*<5~}`YMb~H&c-tQx~@A>spCp(9XDnVOf8p^
zdcV|yg2hnATh{*_`=B;-7<FFjh`wPe|5IstO->71{gRUgGDidcHaMHGy1Ulnz0Sk+
zyTs+J0TY*&mX;@Z=aNRJ>v6F2AokQnW%g9wv`V*tr~OiRt<hr^pDrxZZ_PL=#eT<&
z%9;cyX)uJ}zlbD_#6}zMyDU?MAcbiUo>;>c9tsp0(d6%n)@iMBh&57$ak+I3UglZ;
z9&tBhyoR>PWZVtf=7K+qKyOCw3FIj~S$KGSJ;08CE5+vVdX2ygrr?!tVxZ_O!(k95
ze9MiyLY&JQBaw+2Q2R6B5dXZZ!54)riMF?AR9M({$|ssP@HM8cafd0TjZLA`74f%K
zir!AdK{bW}WOmrr#=GD~PzQG2$7nuGuX}owjixqugrR^ETeD3ZH9lIx%VLrZ`p_0H
zWB%O3dYQ#WaNP}bq^l3b2Z`<kA{m%l1Oq)h>a93iih24>h(|5AiidQ~mTZUcrPzm*
zC2k43O>&J9HUp!4VZ;D;U4-Ri9O+eJ*^Y-GQ~^f>9Geb$<>b;@RDb2=9w{+0@y%_l
zF1*-%EHM(Lg8EJ4(Q95U!5f{#$6p|35S(MEWvtnU;2K2Y<GTtwnbevLuj%fRyawuR
zGzjKYgRI*o!PyF?PF1wHk{nqQY;kR)#(_cxNavW=`1p9>(k_M>w;V=|znul80loD0
z(H>Ee)=+UR3>vcM!5yUJPluJD<klyrM?`vOzW+y`0#`nWQGzS^NAm#>gbC1oGD{+U
z!oW~OM1=e>r?8NSf_jFSAnvR0){GZyOvBq?ETiEDUj8h6Yp~`q6ZgCK-~rCfZxV;)
zwffkqHVe}H5Ytxs1e+3tWIFlzhlLNr0!QcYj!sMrYSegeuKcx0oyCvjGJd+)C`YH(
z6DZ?5bCZ0&ya}btBgksL^#r%(1XlE(-<mC5cLQ+@1E$3Su6if<cw_lUM8u35&z9P{
zdSI!U3Kh(`b$^lnk(o*HOrI2sL;E430)1xPmy&IydD}_Q2S}nA7V9=oGy%O7`(IET
z%Lw28DB4SZ!t4`8!lldXcFdmd1eTbAR)X!q^m0H|J1t6KGK+~(_QbOLfk=(ZA8u~&
zjRJ{^;UW3}h@kNbwT33>J2s){x&Gj=tkx_JH|7#I!2{|AO)M-d{lMsYhj<u-(6HlL
zpTZu=i*O)Zw{gWP6f{821v93B<`(+#_%U352PG%$Yb}}bTK3mAGk7a;@$tJS%@DCu
zTkfU0TrvWzDjiBkR}yg@h~B>P`$omR4sevzlATo#8S{q#45~i)r4z;<6TH|gpg>6(
zPQ>w5*VJ5M(J9L<M?aPK5BJR~g&gK5WdWKDlAa4deH1r#P8bjBa)6epX;H2{QF_R4
zdqE*e*_;5SX$c1a>H6hW&@TuB!+#8S*yU6g8OUMN5v=4&ZX2C~HjSN=6GH3Vz{CU(
z508QpsHX_XtB!EUK%NwsG25CN0P!w+7bf{mT@6E?>+|j59v%Y67Yn?4UGfWw0{=&7
z=RIybdPiG(2>LCwla2>*gmmZ!7aJ+SV?=p(@-PL>pe4jA3^Y+Eb&W;D0tr+HO?GO$
zzT9;*Cw{XA1R?*QGCau-OjWWQH5PnSq@*S9<#^UU8b{X;m~s~JVrE6GL{=hnk9gwK
z8eio}5##nK2<n7+eu9u@G(51seh*}l{L`l9=EW~3#j1`IY>wY+SQJ)mUuxc6tZLe#
z#z0R;8;WqleXMKxLV+QkXB<;V%mzadqh?jl<pTNR{~P&#|3!YHe<Qz*)<4KEW`ID1
z!R=|>BzNP2x9)m`tK}Da7o5&w$H%V+mg<@|k{#ox#)$xWQ64*v8n-1*+5lS%gK_R&
zPj_|ogp<ecdK?EWL1ODx3a-(-z^Y*zUs<I!TpapPoeF8{yPJ|aFtM|%)S-;Y*sLq=
zCB=_(C5!{ojJ*Qch?_w<lK(Z=C|^lMH4edjwFWZm&VIK_F1>eO*Nk+=izU)X8t_~(
zugVL8by}a_GqYlCUrGsf4h{w>@0fY8CVxJ|DK2hOP^pGuRe0yu<qEb~(%*O0Oqss|
z`7rPxhAWMLu<E;0MJ-I+E6<b0aI^CB^WpTX%tUnwha*q}y+DAb+rfBLRXW|%uim<X
zQ!x;VxNlGTW9u(0k9t%gy=;9FD(2aj0e1v_r<$HWWt-_|J`?X6pRRXkeDzA^m4@Rx
zQ!_pR0RcX~l>7c*T**Z2{%d8Yf4QVKMu53TCDet<EA0}3%*_CyQZTgw4_{c_05_b)
zRm22a#%_|^sAoClW3^6vI$1x#rc>oh&rh@A)N7a+0|8Rp7{mK-osi^}6V0z*dNv1J
z(PtZQkkUC|%2Wgk;oY-}2~Lrf4LBe#899SDx!Hra+{*K=_X1OMhE~F<r?+wUuao}Z
zXn#i&DM8pxTdV7f)>-q3VJVGjg-cW|d`ZDyq+!b|_kb*)TENP)=(5B5m8VVI@ytrJ
z`0D<%S`*GLr1gC&zm?3^S=)#o*|8{?uj@&1>AlQ<sk7O2Th+Sh&nkp6@cm@qp6%t%
zzSc$;`k^VBaINq;*6Nq}>khp8ZEw~&0+|cBG4ZY5gqXi(WOdoF4UCM-+*q$|LQ;;o
zU3<Q+C^#C_xB_jIrgKT;+1$d;6JOOWCPN8>N0$dFZ*eVi+!lJmkH(krA!_;(b#gCP
zPsF!QT;{jY0++grws8x(Z0|K`u?b-a@Dp1DG0RP0^j?<ZlkfMB5Cnb7dyTe*m5#(-
zG>+3FW6JF?A$bN<%UeXS?aB9G3Uo7coPpzst}eyVocnX3<5MtU_msmBHN#iuD61MZ
zM&I}vnubPgfkW}?apGZbL48-0J?1gduQ>gFfG6n9K!C+1q+tY?UeRk}lgF<WqOn`<
zzmYF%yC;VhY7ocR6vQ`6BY^!VqIvo1*21rEn=r%n8@`xb_-)jQ?~2^amkmYv-f+Nv
zgMCX?XuU+<YxZ1IF`4gq(65^o%oDA^nOx*I1LBcdv#HLQgR<yj;WVT0Ib2E1nn^Wg
z2R){l<=1lw0GCa;c;-N8wF~`{0Zk8<KA3}W{_d!$F{v9MK4Q_nRYsFb5;Na=+j7zH
zd{h7Sr>Jk+STAt>Wne^RTp)+ynPBDCInz1<K=s7j<l*62BDJV<AmiY*4BKGwrKA_6
z_%g8eMnYlSSVrqg>U`TvAlpD(!zM&qf>k8^zPVd-&sQY_&+ds%q4}#oFHrGM4c&gl
zQI+jzBP?YsvfW9(LxlGV8k_1&xW(^g{TWm?h53q}ppQrmS)?!Ts>hQgAC28WDrxN;
z1+*wZDXCnds4uv3A=Xw_Pc(l4D_NI`_;lU%QdM`*1BPpw6`oU&=$gN;LKBLt>uZ=4
zI9K7_!yLNxsg;n0n>;JFew;MHM>`U2l^*JCgGYzVE#kLkB7|oy6ofjrN!?#g823Gc
zyZ_zCai$HPDf>RCZaRuL9?8b5c(bMr6~v%@F>jBTQKA_0Owpd=IlLA`wjwlYEbQ#y
z;GnLKtHFKss--%bq!ceNFCX6%Xy^!<$S9k><dglNR($TYtm^R6;+dO}kkF5}kEB(O
zWzqBm*mcIrR)+;=??Rc_nJHg2`mB_>?-qH?mO|hkUIlS&Ll!l~(TR<p3awGF{HCi%
zu*=OJnA<mgQTvXg{M>^!?m5B!@wGTp?5h{ZU;N+5fA|;q3IC1!j_3a%e=<G-u^n-X
zYSFO2g3aF|lCY7DKZ{N8xGSLTF^nZ(mg+ARxdYzz7##}=pTE4m8<0-(>;a>kjRgMc
zx4W7&!q9v8RY?atJ3(iV_u1nVpUmT6i8+XyWwB)mLFxo<&c~8=Ha#dQX*8p}wj+Ex
z$Y}2y_W`CRG`4%mK&PZHTZJN(HerbG$ymr<A9DqRtbc|}FOo?QG<68(*8-O@*_cd4
zTB8^q=cTLNqh0MX1B#*~2Vqg%_~OM2`8E<u2S>+CE>`_UZf-TfR<;I|<*D{GTuu`2
zfdcW15Y9pu+d(I^U*L6b?8KL^cIZv&(YtxG(kIqVS63IVum(0J&1|bn@%>zA9X-9h
zC4&A;1T>=Wh$BSnBRpf6MlJo^G5(-&wq(*#wBV}hf<rM?S?YpN3fbmTXM~7ifnwp$
z$;TNi6z?4_aj&QJ*axli2<c&JRynpY2c?HMaMCN^KIjjB7tbbts$eIm-8n;fFhW*}
z6}uW^71DDj^qlecv)W=!7B%TJC99X3aU=cx9fj|I)hIXc=%+?ZtC9Bwr$^A<_Cjlf
zdRZ!A(~w9=_e*KO@2y!Mh!9mp5At<4b!|FEA&30kTrNBElN&mDd<U!APtV+|`V`=1
z5M1~;l`G;b%u$n5k<dI2e%8?(_-f5tm+Ic%-P>;1vg>=#<p1rB-u|;%Hh;e=Ih5v2
z?DWUyigN{7HIqo*n2Ag5>+YtB^1%{|H$u3G)9Z!VxRZu$H;6g}!%HftW9t^^lT3xJ
z(xY&VC@M*28IX_4D=Ic{7QJF4&F=d}i>G%u1-L)!f359n%($!!_3XX73lYl6PpsK-
zHsMDvdqdU1X`Pk0#29v1f>P9$KBZh)V~C^c%L961S$cqEQ8-s&y~gQosshsX>P8KM
zEQo}FxY-W3|9M4maR*Y_bi)dh;2!(K=<?c@JT^}lAFyj>BNRhC)Sf)G-sfDQ>Ql@4
z?OiAn21*Ue;z62^jgD#_mAs_tyFc7PqXSjwg@!p7XGWf=ach+SS?pM9BTarva3(Qw
z6}!gn38wBkP74-=WG_$<u(~QDOh?+^mYSaK0N9eAqs+Ve9cG)I9q*r({_v$N)4=mJ
zw&2gLdg4nN!V=pS{(YC*j6qW8=NVX1dp;*%46Fm*@x}twAWN~(5&gM)IRIEn`|#_j
z+LDozg2<6vkt#4CPobsIy6Ka9_!<y|><_F%X)zN>>)*6c5J;yw1-=fXAHumkws@n)
z9$c@lI6aHdQ(zR;(ADK=Fwkbnh)gk{w3BCZyj1jvfXm?6P8$(%V*v&-p`f((3_>8H
znWQF)oI>KLq-+IB@i5S4Mx35sNAVQ0A1$Ll%)3mEkVMNGdodagyb8_d`S=FdcT<`I
z!qmd3;*-rwf5MgrI_tvnntj2JU-AW>-<i)QYs+0Es~(BK#fQ@8jn^{vv1e?FTG8E`
zxJp66!6=H-qTAHvpskA%v}yBX?q=7?7Lzr@SW4NkmlusuHu~TYO)VvMU3|b(H~mIR
z<s-Yxp1A$-d_oRAxJ5<Omz>{aV3PTFTxmm;5*C&6L$8;1xla8lsZykMry#<*fslP!
z@>Kt8gmBo&A&g3v>63yZj&!|)H!%3VGt-gZJUb*(E`#As3jKLh*=lhuO&tglWs>LL
z(Un^rm)&B~q%PANn@E)Qq_(5vlZI}LZ)l-6L1`w__4$YzXG)wtK`NzcH@b^1x@i&m
zmkpjH%=7Wzcx)xL1ZZ!6Br9`&s9e50p?uSe#+TB0hqL(V!HUEVLG%GmFzibpJ%``F
z$8OrCI89?>E{VLOfe!P>2(<v9u6k)^cM=AQR<!w^mZk}G%PSQ{(We^k)rBcXmDfs1
zN!9o@O>ifAfu<<9_THfyxl1yE5ZM~bE)^-c{q>{^<S+Yg<Ujh0{C}N)0R0I%B+*_!
zN_K7j2l>w>5D3NYb4Pq}PL&K!{<}q@QMV!K>O?+#Gs=A;WJpEjvo>CjT>BK0?oFmn
z^!U98uWGI{r+?N%f9npj!mi#)nn=5GSoztBPBv1YE%9fOf#&=X`BC;Y9g1J+Nv^Sb
zL^4jZM@3!djCTWQeNBzO;#)c4G6_X6C1Udtpp9c@_}(lfNFurEf*!+NAgCtIghvv`
zmYRskf`&oii6z8}hi)9otnV6!9-9=YWf0=}tyMw)CFQfnZm5R(Q2x8~w%@Co++K{_
zJ-92J^!(u0V%@JF&9J$7ZTY-?#KPUZ)B5snsVp9|3gJc*;t3r`x0Y><H6<4qG&uBL
zma?vhxd=YWS?Bp(gtU%D`eMv^F2ZhidgQ2tZy@y8+t?(M4m}ApO~w7z$#46XqvWf4
zE1f30*1*--=`&cE%ezfg4p!*%J*+=WlwFY<q&<Uck}kxYe(gY%+qHbU?G}~wR7E)o
zHq~`<h1q!uFzZc(lcetlMW!{12nw@bZOqGiUm$5F(|Y|q7iN^$WyW!nA#IVn2e<4v
z!q+>U$90(3BJ>LOT4!2>Epi35sl6>;WG*g<GBE6mj!kW=ir=oNO-&5jJb@@l)n8eh
zJiQz!S_M)vccG|yRlTlaus-6?e|&dqNofU*-i|1YK~OtEr6y5LFV#5s{usOU1su30
zW(eXG^-w^++iGrAmiC?h)1!JG-r`BHXEV$^D?7e0T~>K<nkU0}zg!l%cw%#YGIB0s
z*MT_7z}Xyvg=X|0eXW~WRn7&;GE9$oSX4AjD`f8tVgthcSn(TSdL8rRlYu$rN9gl9
zu_MgKYfEZ1Y=Sq~_eGZs$_L|lO`agKd(^-Ee|)`VRFzvBHB7g33rKfKmvkctNJ~jb
z_a-F;l$HkRu1yP)(v2Y9-604_OMGje_dW0U&Y$OxgE5W+j+^_Q>ss@gfjQz9L|~A8
zbBGdZ7lN>OZ$Uu&?xGqY{&(XhHp_DzCwI<TRP&Jx;nyM{Dr^nx{slaJzS&oU3;OPt
z*Nkyw#O!+NlUgZ}Tp2icMgjL1iCig;$D%DPCLgQVwGrh`P6MB1Vm1!*vi&AtA0qS9
zd)Y9_*j*nYk8RM%W|bgd=M@AEgko%b&|;y-?)z<h<o`s87AHqz$j8!_f)8O1(uC|M
zcOt7@f1zzzi^Qk>bxu_uiJA=+agmuVrz+kkAD&5F!_wdXWtP2PO_x9%K<qcumCP8e
z8Xj)~2Kvy>tfqLFIJ9@f^6|+NPks4o2*Vx0+G*}}OW2s2PcWPms$`W~SaDRbpLUjR
z&v!}c8Z2E!OIJKu)Pz4)Lfoo(mr`CLXqKu=^fyk=swt@ZUlq{7Q<3nzpcsJ8Ti={*
z*Brm9?teMns@tj+43b|!4EqZ|A<%Bz@UilsU<-vZS51<7@99H+x86srR$v%c5~|x3
z8ug#iw*u;b;Xz;&Kz0`wKTO)=&|n&k&G8ziG}_LHe*<&`iJJ}=E7~^>phZs7NR?ZJ
z!zotc6Vrf1-v>u(!w!$bmw~=VtQsbF!(>1}L04F3P$1Ks=E=zT%%jC4X;P&4;v(l}
zK|6Ifig$Dm=wpBESkMq`FPdu5+@*1mmAWyTpf!wkD~axMC%l|?#FK6F;AgDwGlv?U
z)k6tgfhbz$f|Xq!QA$pAOTd~vAWZn(i6nd3v_YY{&1HTGJkG*Mj<r$CP<h3xAFj;?
ziHnjfdO*uI!sZ@Y*=$~@B6aj7Jj**Y7oOK9-=1~Ih;97~poB#4$uV;faDHv`(X);4
z#nyA1ENm_gXta?lBEXx_-SbrbVq)GC5boP?tWTsjX%PVq544bmF}VDKv(Am2TD+SG
z(atY;3P8g0lRv@OyXYma;ETGJ{hdl9hHI{<TaW>)`86X0`daH(8R1ISo^8BNGx>&r
zo<>wd-ck;<>7<!9AFAZqd;q<R2jO#s+f_KuJS_^bwVAPR=hp_XSjRTbIQLmolFfzn
zde9V-#L}0O#dT`G@3WF@Y@xxBzxjV7|Ls4>kNMx3-^uD<<lp)L2bammEceIxCYN~^
zccWTeB!|{yJMw(n!y7#lO9%-W-8me)B9<!Xk#DuiO@klz6A&AOi*}SV@3Z;}eIw+@
zE<c#zC1PLWRVP4$U)<zhLz<(0;-RAZ1fKmBmoLe_X}VpnT(-EMb<xEWOr?<AH<R&@
z+zysighx=12+5tQz`@%*>S+LZui@{}W%Su*R24saMQ>t9T!H%cHhILTGmw1*mbA7L
z1xkVEAZ(h(iH+i{LUsx;FOm%p^UJUN&j?79&f+40h;$2CMQ2?4UfK9Yr*;82ytgT0
zsflw+KXYzrpzvD^#DcV@s-jSx&U*KUk53)P%F8-s_*y^_J%$E#$5Y|g$%h^-+~%G8
zfU1pM`yLi}r0t953v}Si2y4&o_Y?-}<HN8i-|yvqvgP~*6rxC+l7^fb{Zk~?ChL7`
z=NS=5rVYb&MguLl(GUx;Zm=e-BIY^mmW>`uckH>Ob_wAS!dlp)&MrND0?{_osmjl@
zQKm-IP7cLY6W%5iH~9lStm&tUv^J+G@5@GfR#wedrGoA1zq#;{BII4-fO2qPwlf+E
zp@NzF(~5{R2)S+?Jd%q45x6h~60m5{ihLz3MbSZ3`-t<5N|Di|{nt#J**V`+_`dwY
zp}Y!CxtZy<yr`qT@7Gi%bYz<KLJ_lOT`2n;IC8=-R@$*^^Hsox4}C~^%?BGU3}ODI
zZPH6gsfJj#Mp{N9JGf2X85e`B<BTf(EXMDD*X}@tvD}xcx>t)2JBiuu59-QyJ4xsB
zJ|~;h7$t;+>4dNf4_7UWEwqF?i^n3%c)3z|x`=4`$Di3M89UISQ|JBb@8Zi0eorS6
z4@3=ZxL=(q{V|d^^L?}Lt5-1m^m)SNn+D`CnpsF6GiyH^2XpzE(p_qjO3CvjI**sp
zRDE{Ze<r(5S?Ma4_>A%zh)5g+U#>}+?nq=85>GIn#b{>;ixB$^xM>xdd#ghhYtD~g
zS<>%*q|SUvNSch8$Y*_(WQiji-<2<4=fUz!TGKv7DwFN*F**K0)ppQN$RF39-^|c>
z-1s=U3s-H9r<r`x@AcQgH>{o0g~7se<O4KEv``fX2rV$}u~sr2?qrr1jOYxcE%7&)
z+fh{-#;erLm&J<7X}Rhe;#VyXCdIm%)+lB3zwq=%GKXAm{u!%{qX*|Jf;|WvCn!RX
zHv;^s;4*{&E}uULE=>fRa^2*n;2cNd4mT9ZWz)nS0e3@XjyPuy$joLmCn^HpHrD_m
z(vF^0{AK7i$oy}=z5gBXSmES{iEmwDNHl)a8H|eRI^%{m;w5|u^h3vIj{B@_D8l`+
zp?M(sgqW~QoYt?yc0_9qWF-(^y@lncwE^DtxP;&02AG;;{V#HdS#Fh1%$x~_yZwAo
z(Dq*+$#^(6Z4*l>S|z4)u4)i%5Q`=uy!tS71{WD{@H!iTy}lGLN8~7EtPs=!&TexC
zz5io0e}N<h7kC&1ThvxQwpxQ3mRa&g@x&DHosWy?C$_uWbw)UIsM7GWGG<bMR;#Hn
z(cjI7m3m_J*Y82RY>#gldARnwo6pvS_`z~{e_rq{C^hPA7y8e^6U_cV;v7;{54r=_
zyc0H~=n^SjJV`O^*Bxu;1#g<kal+1`k*noM@|vx^MjSP023X9Jev<ivJSrK)=h0<5
z{{*L8!Vwl&6WT`I!Ww!Y(lkS;x>co=fDG7}0QM{rO6K&bQ!wQjf%HP~1U-V_-eP?P
z=fc~gG65C(Xs{30TGFO1Wd0_Zu_^rKj)$}FkKEhSft0d09Pw3(dCm(@L2T4lSl%zt
zstpQa7e3=Cwy}{5mxpCj04IAx-aKb$Lvae}fdi0SIct;2_xVE!$9sr@sOcPBGu`J<
z9~p%V^jkzg5bWMM(7(eJXzM31<Zt`m$p7~r<j43g^1DC%7x_zpwx?zFUQK8Amtgyi
zD%jLCx%g0BfE(rTV+Bj(Q&X#6o!>xn6J5fO-e-;^KKl!&nlAJzYm#<ZeCig8i^qy#
z>tAxK5?-RA+^pIgfCno{BVpI8wv>>QE2IvPgXery$hJ#XzpuwMWnZ5%?UE;-?}VLP
z7GO4h-)rbOKtM0!9O3#iwhn(6>{o(8@ID{5eeocbwc0`$TrOge0TYD>Ev}P&E&(r&
zIghic+7q+d3tj=2yl!mKm)UeobfY<5VwElh34<MTOW-@C`@f4A?8prQy<7bvV}okF
z&G3V(VEh3N)ZZZ=L$D}CAYg$z?siSE&F4IY(uWp-nsW)nAMTuXa@=;|%|N#Y>@N$A
zF6MyjH#hURbI$Ofv1USnb_=ZmSp|M2%0qpE0P&s<Og*uH!X&u?do0`<R)#_mqo`hp
z_;l5jGU(jH+Ew2c&23W$$aq4>w!pai_u^3Z2ANxc{5wdj11%By5-RiGU1u>|?9QX3
z4}`BlomC;wwmf>Ww9+z8xwt=svj9#Kb#2%ELWSFGxF2XPboFSy+J0*94GAG%Co=nX
zcIaWR9_1cUujYR}^8_h6zi*i5z}qJtyv13(J^7oUED5DO=H8g%^RpJ06VQ$2{@&bX
z-W;sQ<b6Pt@5gVa3f*zX{+C~~x2+CVz^U`*x#zgFE-cM(uBy+bVc8=+<jZKHnoUbB
ze?)*w2X;42F*NGodh;`^#y&6pv9XHTR8(9T+)yBIoP_ZO6|ufc>%!XGU}52-6x^mA
zfTk{GA;13oc#Y#iqov`+U<zdS;YVjjpau33G#-_UojC0sm_+t4z9*Xh@S=s>rXWrp
z{6R3k0wL<80E<KrwuR4S`?xUMM*Qc}JlC-G2(94NuroC+6XH*F)Bd_TugYscdw1_9
zjUcupHL7TIIjsp-7=`ZoZO4Ssf7EREIUi)o{$WCS0m7;g-u3OdZhlZX+%KCn)sRtB
z0M<4t-7})b>-nGl-zbX}CtcApoCjz=<>2sP>Gcg?m=Vj4EHCeYDJ3eLA`0`c?;tAG
zaErGss=WShxIoccSyX2>6jeLj{Z1*pWsXrG+3}$4XyU_%dRg<Bv|z;5%H4D3d!u?0
znnr!Lehd7V0c%01dE068j7PAdmhwPxq#84Is=wXO9%4U6bE1e^k5NaI*@P^DU>!ys
zi``%jfePwFkD~*SoHTu_Q~TtpKu*W9+HaWKXtU<q`~BS@R4Tp1QR0Q1I&c*H2Fdl6
zt6kPWHwHS>UoBGi5T<#>o`Kr4EZ?(1Se*XIwj&?lMSSHn)2a&NfCz22+(^}Jy$cD9
z{D9mA_O!N0Gk`+P1j8F;pnfNY#mX=ePhV9wA4-}K+=zocT<-3(MDe_C=6gI+l^0mv
zc#Dr?hTbjhieCY9f|eR=NqY0L?egojTXWeWIH?3MqR|#XJe4=t%kM)0?~)so^lTx+
z<Dj&7$R<-(N=-NO=O+e_y0qjyjx15tRPMLHLJmu65AbW;%Zr@YCTbp%6wA0FM9}$r
zUM#`E(bLNRQYSvKq5Zm-YX|3r7KV4@nQwV6G@5Thkq-6;)ZVH27T|R+!VRogdkA60
z%+4;F+FB8n{u@ZPm%MNxDZ#PG1a)O;=O0viP#kL<>g5FvIU*Lqfo=?lNkKF&rGXD<
zRw86DLXNJU1^FHbHz0>fZX`s;6svi7_RT#g9F$Fq%>*xO|JhHUX62`&gT>EVE-_86
z5uPl8g04B`k;@7+Q4zQePJ=q;Z&CSfADz+VdF^J{{lcOj7L+>Vl*1YtWU}BlDSN&e
ziUY}tdegG~mQ}VNG5$LRFZ}MK<(38%4g7DBvtjvI<>=6c!@vj7ymJ9w&P-ky@^}4j
z<iGm|`O*K2{60VbMgCVKaBx=G?;uMq{h@edvsR=n{)LjQNk5{K+4Wr~l$b8|C;Rcf
z<-ExJ0#;EmO>&>w`I)@I^Lz1_;WnDPn94KsG8I;dfn4`GQlJ!COY&N71$b%CpNYRx
zFswB15Ec~Q%L!H!S`SIn9$Ys#HWo&;69utO&6z9g&ZOgmicsdrhOTuqpUTI^vM}?M
zG!~2Fr))0><_TLfq=G+o^n+zXQrA}%DYx6pqradWgA0!VWt!1^BwHc?KnOy$^hmrI
zxX_}-Rr0{UTKfsw_83<i&xY9K7*O3Z#O+p|0JCJ(1l;e4n;&ZOZA-_oGT7_8oFv7K
zZ(G}4(+7Z7LE>icm5x~Q@3+oL;j4t2^R_HVUwJ2dRqe*ld=Q2tKryqv)Xoxk974S*
z0)BtLGFx2KF<`xKE=aKX3F^ySHyhl^T)`!m;-Pk!lWnLs{^N~=@@Z$g+<qm_i*wun
zURV;_h!v3q5JHg{ItMLvZHN!lNWTLHHfik%0o-~1J8t*D%PsGD>fhSHPx*hLFHUD3
z{<o2w5-tP1C7|?y=o3>9J5E{w*!`nQE6`&q!G;Z}_>(9fVZ2G|GsSLp0Z&oN97hoN
z)JSvkxXl$nRvYpC;zS%xH5d(fNayqEhS4ARIq9{>S(AW!&|c*(JQh0Gmp;3Iz7*=R
zJBfhz0}3V)0FNKXOvNzlufC$yqw=~}fg<$p-~;Uxr*`I`&{1xytI)Q7gIfJSYX2*%
z7*95pD#tJL?W9M6e1nUxVIX!;Ko7k&VNPUHH9Jal+H`q(@DKg5<;-%#B}SCU!zbi?
z%)35D7@XW7LAf#y(d#hbl{lGEub_DrePYa-eW#sz7Vy|>#i8s4rT13l-H{!xI~n55
zmaOK(<&G6*#55r-PBZp}G}=_`pmND<8YEpw5N}h=`lNqEqlk*KIZx&=^QM+j=lL}L
z_}l-g<>Ip^vnpiGXCLhw8=n`Z14zk@YqYrUL6id0Acfub&nlpq&{erz6W2<|v7sFO
zdDHoX$``JTlX<J`C&LrFpwiLQ5E2$VJLbXu#&n2dLoroRA=kkM<8hiDJ8a*+o8#ex
zD`@p*w4=g_Z$|@svVPmbACcnQH_t$jljLQnz!O7o;MyGY0-Nm|bl3zM0J?Dw^q3+C
zfCZcI)lmeGa89<#&5&;D8|JqoaadsK`Flo!t@qPh7UB5u{Vr|htuo5wbXY!+9+}tU
zlYg4Zc{l#nSj!uc#1T60Yk+2A*`N3S13gC3z{=xmDSj9R+B1C-axt@HVE1VR?o-ay
z79VixjHW)%zX<OK*8qQzby?T;$&n4&4ft30cEl(DMxv>SSdZm!l2iyn>i;=`!5>N!
zW7Dw1IBwJuSWs@N^1x1J9hjYPKqS6-jBt_r=pWF^wFDS{;LXu4!lkaBuxa?+y=)lw
zb9?31q+5dV3}|3AruSSC0{(x`H~kYM2iPe;Z`Sz)IJa*=(^&EF%^j@v5Y`9@OzJc3
zwq<dK<jo8J2hZuE>23CG|ABV8XV3oMm(hIj1^<2kzP=W0`v(E{vjLzA`3;C}&U$Vx
zzs)v%u(<kg36}COe-dWIBWQKJgEcjsfywF_nDu=H#g3R`)Y=X!TUec%mRIs%zHz?G
zTm#_d22&K(_vxSM23sIRm}Q7^Wn&ebChp+vO(a&m2Yp3V8SMb1@(f=X30HcMY!63H
zjyjD-Rhd0>fUs<X$38xT+m)*}K_CzT@#}v;m&$<W&v$WP*8ni=5h$Qb?2+GDUjg$1
z=wX_`%QOM?l0i$Lp!M;L>v6(|uCZ|9hP3K3nr*ZR6kEJm{rrwF3G)pM`FH;}^56f1
z{AmA0{=ndWk>Ah=4o=}b(&X+#SEOs32)!G~z$1J3ezgLv_r2|De>iLx2iJBHn}PPf
z%fBb27V_a=cmvz`>rGHDn9V200X%>A#R0d)9dZl1v3-?KZ{C-(zJO@oDpP|Gwck|G
zeoj(Y<Z>+-#}Rn5GIKupUV{;33{02r*&TpSOZ2z1)9&O~b!F)O{0DuYF7W~Zpl*TO
zWIsP03%zO783=gT4bTzU;XKvOY184|x5^kKmS2~zXz74Ya8a{gIYtt}yN=Nk2=V+t
z119vR)jv$~LF9xXTTjm361v*3NtWF1*e?e#yn-ao9_$P`Aa9tU^jwM)&2n1i(|-h4
z&=~Pyt%?S_B=8)Y0*8`F$E~!eLa#`<Q`ANbD1kFr`tVSiC?_-li{bX|4Jnds5O*7%
zvhtZ>A3<Az6cOsy=zgl=@ubmJVpE3f6s8zYcvH#ovdF*$+Y1(PdgOn=A-!KsSChcB
zSol|-9ddJty5J#ws8-zCdkPHweeIxPS=r)S9u~vxtjv&$XZ9ZloPFoFEJwzO9A7@k
zXr^3t$CVfzM=0)MeSq#bU`O8-TJ(=in}B*`&UM|JotiY)w9S2@j8p8_sM-|X)RtPD
zBPodzHr{Tl6=Y{%^4V{F2Y#!|VdRJ@F%;uLus%S3r(5PBxHz(m(w(Avj*FoV;cqU5
zG<5_%Im`_Nsn0nPbKy||2AQ<aM5)a@Hr*|@->0+h3K8rD%G<7-Ya~`Nme%1K<^6or
z#;Aw1q+6%%fKbktn8z05ts`kE<0lEqsAmcK3d8*Ayoc%OeWv?j-f{ACYAGT=x{2PR
z3D0aBM)DSL4w|<1euuQwX4=T<;eK>s><`q7cRPE6*SVCJL$&6TRX`xK_(7wtSw|z8
z6mKi1qtx3%7FtoMoj9t*JC&z$!4-WpQGfk4s9i((yB&JQ&^Elm94&3-qHtZtr=z8T
zLC$c=BDZc&`uIM9CE`YHYoT4C0KE0WW~uiV#|Cvj4e-P0rjVhZu!Y-y9xcEJBWH>_
zCMb=XDTw+Mjs!ej1z3#%POExk^=@R90@gJM`rt$c3W4r25$H~-oIBu6(fb2!v4IT=
zNOnGhLQZg9<cz|*!3cz;B^dE|otT=wA1?bzjJCGbwyvu_51M=!?uobm4k;wnf(p6c
z;MRNU4fd#QBKrji6z5J045Ar9E8?f&udu)(aEdWJg*K=Y)@xYuawA%0^>(JA4O9io
z364sDJqx(0wdG~B-!Hbm0JGI7h?7sd3LP()%mAK`fG-Cpjd@eR(<UJSwlS!Fzz<^r
zM;BV)6x0Wvge%ak?Mngc#(fXw?!LaA#GKuv%#ny%QnD#v_<Oxe=i+zlmd#r!w40E9
zM_;bl#4VEixw+P*`3EA=pXj^-uRAH!D8)w`{_kyHWX>YM<(r+4;P+1QAK(u30~aRQ
zpEzPCk`OLqstPG=VZgGg$LK}=K}|Gczu~!@5^PujZ{)-A?*~r5UJnCFW(d3R5opLr
z6Yxgt@a@HIb8X=cs&?hRNJa^~%=>|YHU)0O45%0LVP>eVQh0cvv`Dn@4d%qubB?RM
z@y#-5Wki+iF*vF-vtsGjJ3hW^<vdLZ&jxp#Az`0Ja1j!v`ABW_I;^FIdljPtH-jMe
z7WAmOfC!{h+usp(Z=WaG|6T=z5os*}R_sspI837loW~QKw27Q|$QnqnV@L$(pM1n`
zwh}g3kZ|7ii#;~7xbM>x=|iX;>4QRa_XYu9G6H9>z6YYxL$&uzRyP<n6$y4-YJ=C+
zP8*|SB2+zGLYxXxn2f=~Y~k^Tl{lT(r0O%TwIB<w?qAC-SHoQGOG-{4VT#yE1=!dl
z$q!%l)VITykr^J#?z7Jg!6ocN_QV~45>+N^dyQil@*n<h<bU`F`BDFi{2vAXMSkgA
zIJl$VUp<zLR#T0?R$P79&iII}8xvU%YiS4NXl@Aie=5PE@6TlR14P3Ng}9jF{;iOV
z3|}4;EesPiCGY1x5q{HHu?lUY&<}8)?NNk&CgOvtKE#$u(mi9Fhldbl=_&!n-IGCy
z4|!J7l&kG}10+SBbwqMDGdtrYo&o8d(HKj<=3zIE1jT2e4L{!rI<5om4cDN6%Jv7J
zLJA);K5KO`zLuRdyDe`8$Qmfjiu16|2}>V(*QH=@TgJ>g2TsejlTa=+J>+|^)^fO-
zn8-s)07gjS>OKa#-eEH2%)DPY)`j2G9$+JU_CN>~MXvF3@-srh=nf+ODi@8<XT<cJ
z!S|q|mP5=FG$a}T2lkUyh^Y6(3B!{x25i<t@2?fptl>Xmvzvf(e47ar+DQ+ee(UE9
z{j6jNF#dDr5Vsgp?F*>i1=M7kAx0y=!=n~-Qd`b$YYmYVcy7NLwk05{Dfc&a9b~vG
z9v<G0MYfc)`Va%_8zwZgZ~%FhkkKVpmHXqW1A9%(V8>(J#+eLZw|Ki=m1wyq893d}
zPG4?-1<u;D34ijyKn`7kQ1)@cLu|sH$*6e-bn)4&1rpC{3Q@iPRpY^hcndmhV@=c&
zfd3nE2fDH})n%7-K^v~m6Xq+7*vh`aQ&x(6ZePz?R5ffohxSi}Oc~Ay*EN~szcuL-
zl*y5-Efq0B@@+X2>q`VJIhL3tYwg)@x2z8E%hpeTXB!T`+2XeB;~mS5DN<+BH+dvV
z%1clX0I_@h@_tj|VRL3oTT$s9oTwW}wpx9B_<+fYYbNn{^RsXW<O(b8l_H-AS8s*=
zQh>HH7%QPX>ymcP$9)eBc2C@3U7Pl`u?xyXXs#OXgo{eWhBsUjlb>l=fa<%5JYWCb
z^`!B@I4Rx9p8-l^BK$QMGoaXpOE-@K%LQyXHx|&3vZ};ENWF4X!u<;nbdZ#k=Znt+
zBD<MMerjJ7sbvoJPY_U{>Sz3AXa;4_n)(bK!Hy<A`-ND#rK(c8Y+S8uBKc4>gOp4h
z7X?Kj{L-w~ZKUDZ`cnE*8i_w`38e~mK?XvK9+p7I5v+%1w|pnZt$<NJs=ur22wX5{
z99FQOD%`lm_{!N3HK&DCmHC`m-Lcifeld!)g)RosdwOC{=z927wHxRgazpnvEOIw)
z99!n<qk@vib%1M^+kd*CD@8#_y+7zJJ9gFnc%M<ZV}_<|JS1J)1N!U8#28X?pr<P$
z=Ie;)V)X0K#DoVTM_{h^0~8)BBx$iD<YRs|(E7(8uYlAul=ytUVWf3~eVSMJDJ4?&
zQbxCMZ_jMM#0qSD(H1kbY((>If}Cv)BH(hP#akN!db>&sSJxe=$dRIU@hM@Ga89N(
zshV0em`vM8Rmxy}lSEtsW`q{8?;A_)kSXiltzEOc;q?naVUzuf1^<pMK-fsNi=e;`
z@%N=}60W|+J1-z4h{RWslp;JdI8rxV;8n-jq>&W6U2_Mtj(ljPJcY|&5K_l`x@2g(
zcOcky`XuQdMhAmI&_;4oN>>i|Dz<?oB1q^CFn1K5LHIT3+dr(-j@h!=IP7?h7ZuhU
z%cg7%**TlN69r0Ne1H-d@z>H>zMs@yA0%k3QvveL!nB@E{%|AjjT;{NY}5`4Ee8hT
zO4{|8=>njqjgnjfoS$G1v@SoCth{g##E;+lvPWtMOzERQDrb(;3+BbQYYVgGNTI*$
z{t`v);ye>KtUfHuz;!Z?)hi$rBaer#V0iTHQ<FP!R2m!<S=(A0=3@y(fLor>);|_3
z+(WNpu@N;vPL$pxVTd+mh)`=GUi)d?IcVy;#it${1W_7*79?i;WEqmv-Nqo5Nglg7
zf6$kezjz#BEM5O=5avez+y)*&X>e8QR<Hzy{J;M<@<0BA{3!oL{>a0Bkzb=54vxIJ
z?9;E_`Sa`t8&RGDv)rYD^*8dmE({f9aY1(3GCXW2xGP<?&Ir9I!FEKO+H1z%+eF{v
zwZQqVsuBbJrjGGhoB2l1;+KbXP_-<x73Rv*r<HQ(O?Ds(iyM?JJTHl@PbYd^=fcsa
zX_yFi%IRT>ZqsUnSy3s+VW?t-mA#%yl<y>Hqddm&s8OFumT1E04Q{1@-H!WZRArw5
zzmg>j|A`c#Be*Q={Lv_)Y^e4$%KH64OfgiN-~V0-K@DlIq8KVBHRH;$TJ+YX=SVKE
zY~&|6KpAmOr@V;i6DHprLWc5u2UfpYy;9y0cw;hSE>5a|+@+1wXh1Y~TMq>pO|ojb
zG~O#oSto9a-6`;ADyB?m3I?1*x^h>bc|!F@@&k1VN7xt#fr!QfAi^{gs~SF15m=#@
z=0e9v+PF9h?5i&zpf8m;>3rr0f^f%BCZjQm&qs_-(-!|05LHjV5^rO8Pkh13+$)oX
zfNOSv5~cmtowECiKg1neH9&o_md}U_e(BkrW`t{3F5V#b^@lqr*;6eAO9~<9oPu4G
zU2|>IZ`V9|Apc^GQq6+{E@4)=F^|$ndnZK3Rk|SRmCnlM4;zrP<VDtDMTmIBW1Hr}
zMbcNL(lJ;9+Ez?rUnx^OH<Q&6uM^ZOSRCXWWI`j_=I!=?5Q*yiK0|F%gxDef+%HSe
z7<L;KE_PK5t^BBNA6m)EiN0RKZ@mxhftc;jWp8_vX#xj*rP)s_22^?9_tuMbw3Q=9
z(95j44s%Sz;1p;1l+~0lf<ndgUra3Uq(-+gyO4SwzCqp{dYBq`j<u@x85>gOme|s}
z&JW0r>%5*Db**VUp;<m8VAf3f)Zwa|0@1D{P@kH9iz7S;Jkzoa&{N~*$h*!|S;;M^
zTpL<aA*Cvo=zNRHy4n`(@fUAkBpC=E@tDFNN^<i;dxB&%B6nrc1x%*I+vTnU96O$c
z0pRwj-b6pH&C>e`csYR5iuwuDpNS(85@=jS+>xqo5>eLY4C2Dc51p`ra1ArDXS7Q~
zVhvnFy9Qw|#T1BIGhRoXXqJkn66$I-ZG3V2M0>uatzGo-<qNR(0GO`O!qnHtrlRG%
z24c}bd>3A0%%Tb*wMon6E7ro{RnGm2H_d6X)|fYdJkx$Bv<H`0fID?3MovqWi%|a6
z)ewO%!&hH{6N8NJDO;9n+}Oqq=tZ@fdL2vskmNwEy%g(jyJyS!qsM!KkCe8?i3~K$
z;cg?EX1#?G^Uq~|e8=MU{|!w^<;`a%-2RaPQk|ej{s|Rf%6y>Ter5)Oh|skD@u>k*
z*Y-rAol7s^Wu|{@*%NsOK4!Sj=sQ-(^LmOIB4fpfoeiWO=x`w<+trJk?rJ%kHy8#p
z^=yu{>cPn^PfQ!mfY=B?<m>WPIUYzNciVp%pqZd-&|QW#1t)L>SMm^)bf9u~3VngH
zHG(aH2e<z&tMcdg4eBRr@F-z*eVV6JAdruRR5|T4$MSdwK=;3(rYR(Rd0~4jCdAu@
z1-&o$3V`LBa;iduQCL#WyD8*i;Ag0ar;$V2+6fU`6xu7QjeV~qD;|lBhFkeD=lmJB
z8uVmo0G;m=5JpyjQ_Urda|ev{({lE6z&1qO-xZbP2=Z(Q6hrF{R<%U2vJ-TVvFAUu
z)E)66!bdB8ha;M<k8eAoKhM#T{wjC#^qIJH!wtI8#5B0fM0Ihso=D%|x<`k<l+vYa
zg(M*5{z=K=8ll&Tm>!$X%b>;XYk(3eHP(su{M1hE;%xa9KVzp}iqvA(i;-POPJ^Q+
zQxINRY1qWWi0@`&5kzHZTskVH3o9^h-IcR~5KRs$7}=1K=UxtBt>^hlM(;RZ<lSjR
z;a@wyoEHI=%u;A?Ke$F*0bXtAH)uOAeEm|r&<%$CD8c`$jS(5{ALK{=FY?D_|BL)5
z8*p&GV9YuQv)+*YkWzRSu^LlZ`xn%0^p6dqKS|JG3(9#1FV~qKmFf5d!_&D6+-oCw
zTt;qwivAX>GXr{?uH;cfMCV*^Ct7G%1GkayxnUV8_4&{ZJbGY`(lPc#a<?M_QS!4!
zVA=%{HD^+&lv4)OA_Y)jQL*w-;9U{|Nk!ow?8XC9DwDRrE=t}e0Xv8+xYx~6%s-2C
zmF~0HhQTv>hvay&jZX_rZoA55jzO7Z=HzF|<Jz20cDZF=_T~4zRuc~W64kYQ^HN>f
zv77T@TXAV0ED*P-KB)cd<(DADn@BlNP0yh;nkLsIhT4k|*6WSlyk<EGZ`&_ZEQmhW
zbixR7Bh|{<((U-XrJf5Fix6~$Lxv_L5Z6PrryCE-prmQdB^!XJvMYrCLdaMJ_ZT^{
zTtMBqMbH%vwI^Nm6EPT33cJ#ON?h`}I`->CCh4&-^(>eu*-1MfRuQb-giRpZ@~T_B
z;?C$SwC}_=*l`y?Iu4vffo~yG_4BQ6-kaTNU6YFUFjv2RuD(9y8oJu}4cxR}ICh|d
z0TIc1_DO+(4ZE~4Gx{Ho2QmWDw`y|hpt$4y;i|ogw^qa{MWg`1dojn>Kgc!ra{HM^
zmF-rG2auH(+D2ed#bKU9&6?%zF$}-V3!6!-dy_@+ObeCTbcLWF?L-JE<e8=bIrQsL
zU#f(SKr8L1Kb(DmX|#f&jrMfF4{Q`_u-Ocfhpde!j*}}{XHE*R7~P8aWqW7FwPkjI
z39ks{?&Qh*oRxZrWz&<9DJ~Z6hsGDuf?#2ZK7%)Sk{8JtUqUwA*yuNskAH&Rvq3u5
zRjbvr`z2h5XcA!b%&TwZjXHP4#FMUYTB!WAJqMJ*r1>j-<gs9<$sBnOhvm$%pzd<O
zwQHc4^j^D!c6fuU`n7?<wA#tW{pBK;&QFH@*h*!71hOj^o~sgj3;0Ur8Gec9o}5^+
z>%TC4ZrDtS7`8V3W7J#X`z`Pku$VZ6IR9Xga#Me!?Ogk?ccV=2O6s#CY<nMGD5TH8
zF~p!XM%jA6=ggKv-hfoN1y~T&ECXe7dnSnXjAkZR``y`q!IJz;p7)a>CtUt2#OR4;
zly#PxttI+oZtlAGQVQa$plH&k_fvneG~yk%f9M^!-5&9MS^C2Hmb&fecx?u~(3GKb
zARg{%AEtmkPBX^l_sa#l(<+LrR~c&^6PTNM(|GJE$?W0TeH%#bs&=ALm3_7f5eQ#z
zs*P*Z#3^f3nr&s-X%kK;(6}em#<ZETo0T^Dk!?&;v(uD*acRBMoz6)^O&@nt3oRXd
z+UZw-*Z5q=j<|3q`1JtMXxxNR{G_&fNCF@zc6qaJqK3KxB*TD=urA}ObuX%t_Tr|5
z&F&AS%az#MiAPxOb%@3|nxNQdSV$B?Gw>PgYovpL82fk9O>dE8k&M)L5V4_(E>a}r
z9{O3f04Ltfww=<*2sqQ{o<Br0<wd1mmaf%l;xdI_c*+TzV=TnEdW)*(egj^(In{e8
z{tY|jpqMyP*o4xH-J4PGoiA3@-W2ri;Dt?k0hc@UTc_&@X-NhdWSWu%$+g4NfXN)9
zs7n*;rK6r`Dd+JWP~e+Nicq_4Rb(U8n*2qCFYDlTXM2r)QRqmmu8#3cef|ra{$J4c
zg+aSfR_l^x@C_M~6dy!!oVy*SI-kT5NM=Gt$)sOr9am-Xel-96`A#tR*2%{~3X#5T
z|I<j50rb(IU(LWwV#m`Bh^1x67iuZBzBjJpBw;a+e;n}2_yUb@3Bs87%EE99x}@eY
zGPfYwRJiH~2+HC>4_XOry!)xD2~p5B@mfb-UYkH@mDUw*?T90iy7hu%Q*@^z;zGTD
z`jg6Sed~a~n&~T<7NMO%{Gz*(a02W2+)%;~d2wtYj47+eH<Lt=r-mUv#{Wis_<xWe
z>A%RI^7>!oR|NU|Hmi_H)sxg2dfZ9`#m(XgmFwKm44~ccjY5o+&FYK1#>u`~f4X}8
zF{(_b$VM(ROm7liiR!L{<vJH-lTArn=SO%ad2RTUi(m7vOY?{|xCDX&!>C;d*&YHv
zk;}tXMxKJP<jpfIG1SL&IbA$?xvyu?FJ39Q+^3FD;iDL$eOVKio|3Dd89b9=&<H1$
zGr;YN$EU_Se9mG47N^dzNbFK(?F5fJTA2Ya)jQ~iJ#Xp=wLMm*ac%z72)4=r^ff>(
zB+>Fwv-LT(83=H~i60j-&bYmR>-ds=J5`Lkm}-R`-9w+OC&~JJMhnAyoe1y>&&mp8
z(Vwp%3q)c!8F7?6(#V8v8-Se<_AEvbB2|a*H5%V&1F~9!=!rE=Q!=Zm&_O;88nONh
zR9z#CS$wl3eGfi#LUaql+C>GjFk7H`W_|riv;cZwN*aeS*_K1Imma7}<iHl%qFL05
zApC$LsJpzyXA_%bPULa-jy!!}P$CDfl|zs?eeVFojvEfQQOKVq$}@kd0csdwGHv6+
zW<VyZr3<JkL(;|unv@PL*7A6p$@NuA<Yy2ht_AXW1?f>fqg#1#@nic-em%uyBw^OT
z9Ms!m{q(8R8T#yQ4b@fS#{fn%hRJwv5FHmvWF9Rc#Ui&<eMV*TGI-xDRZ<<&C$$F^
zHkAK}M3MWe@!BJ@X?mp{M_Qj`)K%c#F}8VZePDF|Qn`@=+b<5&dqe8dv3~Squu_{*
z*Ek4~H8Nl1=+(Uu&`fNDmoX#Quc^k-v$%zyYUg9&C0#Rqf5Z>AJAh|>^%kE_yr)NZ
zC6DS<dmu<dXdOEps~kT(vb8OY<(LDNQ6AJ<h>gn|NAq=xrN&jZf%jN5s5#0AL;FQG
zk0pi~Rg_ZC2w3C1QabWf(%pVis9>Zb_F~4SZ(|<!cD?Rb(o+27P@atsA`-)oURVwV
zuzNFx@eOw~SnT(rC*sV>dY{d@cvIJ}G8hpxo#*#xvC}RsL0w(bu*zMmPhhln-g_l5
zjO6iGG~}^i=fA6Wt7t79)4X*!1?)m1YMn2j9flXfmzima2x;VAE86!B2zwWa;D7Cm
z94Ur=(6H0fBm961!QqcVmpk_!72dU8ZAXcWcBS!g^Q3%D86r`og5%#C))nXU5|}6~
zKcqsd^%r|il?HR;UF$oh8S<EMrF0`*sf4soh`%4X@^JsOQs37So6sY)lPlhfsYI#7
zW$!c2g#!NHnZiU-E$<vkY4gc;<#=_bERGSefdJkWtlymOv#_G=-GD4gd!NwEW?H~B
zzl?a>oMB)3fEb}##P>J{jgsFsvE}3~i&5-QT?D4`Q#bl4!@4|oai!?6dvL82O@7}~
z_5QgzuOAz&mQpx$`5k*$;0nspg>EHcg^eV(A;>69Bz>w;H1haHZY18|v4yZeTVB-!
za6`*JTLW=xhNFIa$}z631nf*slg5^6VVoMZ@1kp#&oy=syCylk9s4zJ&=Vy;*_!yF
zPWe$PzCxjYqRL^^tVR35*|b0`p&_DDd4Dv{8K05mn-7okH4z(c0>w4Z8mc5kq)91N
z98Zg2Hq)}x632)fFmIPL+u>#reRkM4EQGEa3evCf&2FqnN;9Pp7TN)R+-R_Vg9JmE
zq7yyf<8AD5+K5=BYGvq`k9MaH?%dTij)84S;b9f{l}SbDL=0s?FHOV2Qnq>ViLKcU
zQMFN!WacXr;(=D(BzSW(?1Cavm-hQh^TgZC22m24s*gGc;xn-)M=()2wZ2d!OGwwv
z%l$CY&zA90x_`b5o~|HmnE??BF2c9#{Ac%yX0r8!=a8FD)Mpu-^JdK$H+%SMnN}Rz
zSw|c2gxPOHGf>I6kc>4<*^KUQXWOZAA}cP0H6dfucfzFp>x*7xo4zOP<JwHaG}O^>
z#T_u@7x~}FkMIxjBmNipGg1FVe*G#qI0rRd2F?avKEVx|p$KVHw3tXg{tu74$?gib
zac>e8XA(0x8`nNi-WUsvhnV$zMd*cqbOKGw+i&lVY&AyXHg7a8zM&ggvhNv5?P57D
zbBdM{vg^&iNc}mi2xNstgd|Vr2QLj3Ybo26qO`KkY4%tRrH)!TiPd>^w!f@j=0jaG
zHTvN~gXa>HSp)*s`W%FC6sBeFkxZu`HC01T+n5vXC>3;Xw8grmaDr%U3&<7*8Z!6e
zD>W0<M@){ppCS3*K}y~`Mr^BQitx{3^@xKx(_Z8fD}&!IS)RKVSODTirRsB_>|wY>
z+fkm^G&3u=!^a7Xs>&7aO1flWa;%3|k>F)pEunY`sb_}LBXACD6N`H)>N1dtq-^!(
zyw?crbgh7u8hUaZ>8|+pa6-C>^NfG>zltuGIYOoKqApj_g+Tv+I3pEZVIgq6RxA#$
z1c6^J!+T|ymWsly@jZY-bXl+|CL_Fe!|9DI6vAnMuYpWhd7?@aa~SmON?{JNN(cW9
zU%i{{)@dFRB<3_6INzVw_(Z$e$t&4NJVoa-nUK0MS7p+!x0JG1mc>^4OY@cPWOu~l
z3cZ{sWO_ODYxNn;xOOwb;9MmSje7QH;T_Teg(BCCghOMW*;nykoKqj-u;DjGpvCLG
z?UDb-6#@$~@5N$c*#;|}$c(@RI2^Gh7h}|N5oT8gr0@?+?O+N8(c^QVp$z!jv}}(F
zMORe5+DO!?$^Oj|%Klt2OqWY!i6obGrHfv&PKaWOR)ZPT9s$COhqXe$?m-xv)k5K!
zA4EK|h_-qUP^Ea7@CB4a^nTMo6-AoVl^URD@1v3UR~g)yI^9{+aD#Ex%(h)ss9&1&
z-u?8D*c#L*3$|bTks}Zfe0gDi%Ls+f?3wVxu!~o@OaosCgx4x&yK1G7OuX^uGOkmd
zseGtO9LTT@ay)T(fa&-43WD>@ftV0**G{w2XSB<k1{Bk~pmBjPB8+mseg^D<JSvks
z;iBSxrf`{Xei%c=BgAn#*gerQRKfPdJ&|A9GEQ+zee7S!1R+eBHwf(xkzq2jm~={T
zy=%DR9v$$VvMogUcv6fq8*q3;Oxze@ZWQWRLUhx5Po!iWXl#iXO!3T=d)mm^*|t;k
zETOnA5z3`3=Dh-fe;*FSddrghR@_$pd>Fg@{`W?b^0MV>;iu0G@7?43s_)74CfRjv
zEKM^ol|$LGbK0<6jaMgmn&B~@Y_J_et&$bPI{-z&rD;wzgtT)>XSezwpiSFD&9OZ6
z+G9En$j?pE8+{{(X}-~N?*i!o`7$Ju^wzhukZ=^k49<XxA=C9YSRfqU_PG)#CLWr8
zhDSt+dMY?71(!-9hk2W{LQPmt@??Q4)Rzr1joS|?9WaP!dBaVDRpp1uV6pNPljGw6
zI*7B04u7L`un!pTkz0ZQ%m{J_e>NYQ5BjH6%;Mn*fBGk*RTz7s_xkR<S4P@d+z4|x
zt5<Zm?-FsEW{v1$K{t7Szo%~%*it}}(>~773pB2G=j7W<fR{K$F|fR0TA-H2R!Wv^
zv}4t40NlJnWrk2j_RHq3(icz!0d@KulHViZ{+!IqnsGgkp?L`B-Uj@_TYH_Tzl}tz
z%g{U1Yoy8sH@-^r!d?PwZw*$Rd7`Gy{$#o@kF$n~-H*y(L&~qv$6u9l%|2Uk3Pmfu
z1x2Y?8CT7T8J25xIm}3r7hmyJ`UbB<X}Bq3TSq5ivrgqc27b__f1xdjbo$(W1F%(F
zDtQk;Pb;66s_{C5)s>PsUo}VMiMkIJEmMlI6WEiwwesmC61^sk{*aWRBkfF=f+_F)
zc|0{uDF8^S$8|*gp_YW)jeBp!ocqkMk`-OVE-%8W>>;x0<^3Q1x03t-F{-BWZ1W$n
zmYTbaD-8Kx{BPt({0I3F{)_y1E&n1vBoYp;*<gw_60X2jtwsgHzt`&Di*?B-DT%f?
z#ET^dFZn#83hPS?u?KNwZ~s(Io{oi6^FCuA<O6ktB^m9ZtJ7>P5vK31=;~k)180<B
zKQ9Jk!f%__JgpTf14(kppvWb}*TW3aVQfVD>xQ%aMsu2Fyn@TIKdv$101Ibt04y<O
zWkWv3kfxM4f_Sd40xj-`A60JSiewN=euQ?qLvE<Ac+x;VJ7UPS@Sh3pwiv4t(lJ@x
zgsI8tlUF3t)=O3Xo~b#|J_h}d6%o-8ehJ=jZKIgzr&!8{w6_Q-a2zPNb7^6Ql|+=;
zBJQ@gqa~`%tRrVZ*JfSL&I6zY%5%Uh$sT!r0;1h2Gp<<})ydGPzJ(M`jeJm5$8uVR
zCwD~WiMP83=AmJ$tykJgJ?Iv3Y>#1vHf77<p-lrS1_ZwWJClPb@i|&pK8h568X6By
z07N-gDqVaG=Lf)!+3f-~0^$nT>s$Ki5?%{PVv`PV6ec}&lXBW7{vNq)wP}=O{3Bfu
zhX}vo;i5&UeG6WLU5tRv)HpL<o|(IfG5T@<TSLfV*jFtqk@<(5W%-+u)4R9tI7v~(
z&Cuv^OEhZ&8~D*24&wNZtM-Tc<@2yu1c8)LH{H!H{S}Ii!!#lDuoug7F{TwSS20S#
z#M8A(nP>bY{8^aYKS1}&@F~&fx9(h}n(0`>^OBMBBL`?)(ZUVB;Z6!g$W2cg%!&<%
zqQiXYhW4c!aso+%tgzt!$*PP?XTcC7a8>*4wwS0#m}ckVB#%bS)ngW)I^2uRHF71&
zsZ{Qo-9r2$xYyY!CYRXy+lV$>!U+;*=fhyVS1({hyMFFEBr-z1dGqNzzWmYE#Seof
z8uZ^QYBd|rDfF#{d<d(L&KKHXs^Qnv%*p?pvPjtZVPQ|#cYtn|=*b>y?GMM+u7MZ|
zVSFcBSzU8Pu>NAuHF76X>9Z5}N|jO8Ki&?LdYKZ)W^0G!Z^|p7Cpiqx`?HpDuih9q
zGY-oN1uE|l#3ew=n6@&b367?835eK!S2>e&IoxOcipFpQAJ}QVv2F0es8BDkThAZ@
z0hgrTEyN7F&-65VBo|sXA^c_Q^S2XA`owM!aj+S8GF|2NV7xP$nO?L@#xLbyDBxhV
zJ3>fD%WXb^S^vkWn`T0CQ%R3&b$)D*RJAVvw5lmnM%~7wCdTxu1cXLS%F~TTNt_Z(
zHG`Cq9Rea*!<8Jq_*#tS&NzC8!uB>b^g_Kw0VE@7Ed4Crx|{M>N)!I~I?D^MhRHjg
zHu0R|#Y(bWG*9J&P3*JEn9v@O`<*#4$WDOAB%Mns@>=t`@~?E|R$bSytfIbLw6~$(
z%P>!wYfGkkH2)470@qk|VwS|=YwQrEm&QqNl}U>3<?AJ%QK<!iKnaH4>n1E4iv1{y
z!lx{^5j>#`6c>E1UM$QL4`p&3sPXaRW_0Pd+WclfT%;{JV`|}6uAK+H5O{Uf<zb{k
zHk!>SMiTJbptODBU0$;05@<f@WK<g#X8D6bHlOaa``edH>g~uh@xw0^c*g}z6?UBi
zEgzX0$7K<rp2lmzitH+v5}D6Yn4UwsE0KwMoRaoM5iF-W(Z#6k%{jBGZ4f(Jd1Vc+
z?Ic}8&IUs*0zu_>u=F4sB4x+5W2txM$_`<e3{ZjWFNe~DJT+`};>lFsl`Xr9firM|
z!BEgU5qe_n&fSk?pH3V^5_sV(tp_xhtD(S5DsHu=F|Da$0tlSHmCE|c4)$^!NVKn-
ztL8rSZ#+>fuoUlpOCehhR{)~S<WP2k8a06qCpOF@Wvq&XAxokKk8&%6+VUXh0Ea?^
zS$7X4CF}xg`^Q>PG>tAMt4v54|CR7bq8U<GF8X|k25enr!O^xE$*FFB)t(}6UsF=i
zyK8)7EDThkEJosBfMiTp;ryqWMe2VeKhi(Q5C31}FLC-8`5$QD;Hu$RN89~1hsWSq
z-&z6pTKto=YNLE%kSHk=ILC_QD9g}D36<U(^X^=+X3D|6t_I?@{oxPs)Rg<_Gd^*9
zcNc+(*v?#aoR`XMwp?hgn1QFNge4?!di}zI{<$mHZOug_Kxn`-CZF7YHX;98KKOOd
zq^n1u4PC-ybhsDtC*i~LulOh>B*COQPd?bAZA6!yZAnuNTPgpkREalKp&P7^!p4GI
zbapaidB@0SE2YoUq@%$rL^UE<{n<l;NcXf!r;U0Vuy01Lqjf#1-@_Omx_xe>Znsiq
zodRN!AaN9_3qoavr|ZS!Mw)9X`eb@((&r&?t2vsjW+!xh*f>s&DFNFQ_0u`dx*frv
zdb%k%63c7A63ni$sR(E-Muks05PP+@;5nF2TbYe*wz(RG%jiHq$*h);Rq5C0oor_;
z4@D5>`^G7{JXAM=3uQ|&k;P#ap+-oec#gZNr9hDV)PpE~$^<)q29;bvEi>7P#=`oJ
zq!XkL6upcK7}GXl-mkJtmms@-g!f(#C5ck(kl1f_T5Y2=SaBN;S3dR6v>*90@kXtH
zuBqh0Na9;s2B1RYyHhTVx>MMOZb5*8fCCLrAuQO~)$1PGP*pD3RI{|iXm9aHLayKn
zCgoGn&#R7CZX=w>fVdxemc=WxmKMZw$vOX=Am?I`(iOceVBS)YxYbBE!L{G9SX2I1
zS91LbRXg)+dCa#2j^yXd(0F1?;6A!|YWR&A_^|Fm((Jp^!yY-k_X|^`cZo>`%M0R_
z1x#3*4U`y?v^13nyg@|bq$A#i=J@pE>K1U!|6O&DC)Te3f9;<iuKVv_9b_DiXHZEi
zk6e*`xL<wzKC)c(?|%Z{ioSHu_MdOaU_$x-zD&}JFZjPD?n%Dx|L;riW8*7iU~N3#
zSMQHKM}G)TU4v=NOo7y)FK%vbN{R{0$%{6^ld!~VV8AUC05O&==%T9*Apbi_*EpBg
z0jM;)r@FvODo^2fdLzOER^oTg_wd)`@xlZIHe*(#ne1hd@P<#jJOVkljHUnUwTgxn
zTetTq^fk}-hWV9t^5DL<0$+fZZJmz;z5pMsnm-7SoJ8n?wXOtf4W)!S(F57KI3jtK
zsveyB-(1@$`-5M=!z1r4Z|&DRY+YP3-(yXVM>kxbYDwU`2@9Uvd>zO{PgkAv+&yJZ
zI<Ki(j4}_Ca(Vd|xLA3g{$_Z5VEgvMp)T1KpQi7-jmqxa^Zw9<a3LQ+Yo@0cuGB}x
z(7e<9IPIFC>Kw5!;A-x<OS%vq=U&hoZN5}v5#;+f5LZK|eZ&O6kE{L!sPh}&FA$m@
zqE!_sB@{Nft^YY{);Umf`%6;q?z8zaKWCQXAeR2p8OP>yKX1}NqKUpML}l`;xSm<0
zhZ?j;3sV1oe!<GD=-_E1+IX>@_!`KlYQbt4)EsUHwNWnuYvq-l$=`(-(POaZOYJD3
zUd8c0K}5|2xgd8x(Mx`&@k2ooEzDcC*zg-%I7OzUa0iy#FDjfIfP4TbY!AUhZ)O5V
z*>t@T>AC38K<P2}7Vu3sqdL(&6(9szt>*eSm@Bb?TH9dycZ^XyFkCX2NS%tV-oyk0
ztJX4z(RE09y#}6+cTh%)Pb}bnr4f9bUtD0S*}Oh&P%hd4OpPEKwG>v5=qIUswqKmR
z0y3&W-Fiv_OoCsXOAH+IZ6E<gvvg3Ljz)0<ohc)S4noRrtMw=0a2s&ZIR_q#4#i*l
zDcpX5c=_PjC7^@=36N$XK+EV0v>iv^g0p$j<Rca?-!NrDH0?>3E8YnD*;wMLNGE{3
z8#oFseK%pq63lBgDh7aP9+qYRoB6f>H}WI@gZyy+MgB^<f04gk2@Y<AYZZ7?!Bek<
zY6OZQWb{jAJU#oDo;Uinz31W?KKk=w|6m&!ZoUXOkY5!YfekI8ES0`F$mi$;M|aIl
za-3nL$|t+tnTC=cAVKpRAF4KhsoDP=Ju177%aI&`S6<!&$QQ|hJk#FO6_6hFPYG#Y
zubvxbqqz-RLnE>udA&1Gylio(zp>5++7e(WbdU?;QlTdZo~Bh0znnAwW5jqU2PvSs
z-w|xLSy}k(f1WRtfD;x2o~9}pS$r3@tFi!gpe0JYl}lFsTj`<5sFuO3w|4`wACevl
z5-C7rao!?2k<q`fqb&W6&j=ZktE%__9)Tl34!1vCRP_tQfYt34OrHzF$zdL`xfvi;
z|Fs502$3&AgZ0Z`t4#M9GOG-!7ddE?QvEqa<M|5Ryd{o@lt_0VsrC+Pa&HS9lrZ--
z%_j<cp-aH*_3*$XePDo~3V^8n(KQFDQ+Ni^x{S>t?=OFSqVhpIvnTn|4*n&-r;xHg
zJUTV5qoAHD6v5q{W5WLe!65lbL_m&;s5M>zvZx1nVBW=u1x)gkwbuqYDA%(V4Bmp$
z{Y$gjuzjFIK6q~bWIvo2gQbOIO67ql4~!!MA;07?0?YYLYt+7osh)>GA@mEZUtm}i
z^Ay2;_%qBS>hh~fi7wmk^2=LtVONVhXbEiqZ|y4}WQIqj;P&`6hi!9lx#;xN=f^Ps
zhXNUci*4|>=+#-{6+5I<u7Cma8t>KG5f~nw@6$VXy1sWmhp7swMujK)u3**j(by}q
z8I`Ud0oH1!B7Ef8Lt(o(TGVwuO@8)p^6AIK-nQuNXY*vkVQw-)fwy`B>joEuJcFu&
z%OPj&ps-5*5>?{5Q{sM7;vQ(x?J_HAb>7082f<Qjpjn23#n3!D1IZQ`0W5pL6>u}G
zQv}VJuV|Qmm+pfxQ^fr~feDVrhp@bwsJZNGoN>{s?1yM4Uzt2d?TZB@#97!Q>o75W
z^lg#Tp*m|TlB>;mu*jicROh1}ania<z->doUqQLI;D<#>%jvR#WAmTmE0#l5S3@Og
zt+M5q)m9QYhEl@6bycVfd>ABdBwXLmH3R2yGPZ%(_zB@T-~~DcO~tT+g?j8Tr)q&Z
z?x+pJp1y<)QlU?M)6ahcyvUTWe`%*ZbHjKj?lQ<G0^he8oq&<PnS4Tohv}!-A1n{V
zsH7NP^72LNKG>mfxbpoy?|c7Pzi-PPi>a<kZngy}!56MzN2=MP8iIAyprX4B5*jXt
zOzuLfnbLx-))jy)(9VUG-6Q|&0CFYjRzIJqT38w1JbQkL!?6d@U&6G{Qo3&IyeR-J
zf#zbx0{0NPa|xVH2cPJ+-mm^O2KL;)po5h3g%8B$Tg4+SIWv{h7g0|~H*Bg63d2{j
z1vV3A{UzZ&JCJFxdiHe<7s_z%LWg;XDYjg1VeJMrBg0KIKoMf(T45-Q!Aj4%cqFay
z9?8NQ5+oQy#w$+}^6lEev&cu|y%$W9YfNsu6%SgATJC_d8IaGIX=Bs$844y;e&-tP
z<JyC=zw4ZV3{XDRNm%L#c>p}7up3oTux7F$le85uO@PKtQUn_dUsYFZ>+}DQueXkh
zLhZsw=@tR$kglNxq`Nx@kPbmgB}PC6kyN@Rr9)B)0TBgBK}5QdkQP)z1SIaB^SkHX
zd)8g+``?8y^S=At``J$f!_M{;^uScwI_ZLX^1sRy&dSwVvKqtge~XiVa4_(eNDJ4+
zcPViHicWPlF02H`my}$@7DPLolG&*VJV{vKf#|$D(l_XrDznfFW}Pd4aXX-W(RQar
zU#?Wrukg4HSeP!<m>K_{Mu;=h)2*ci+)6<v)*km14Lagn;Lmr`d0R+cBETHSN`b34
zz4!+r=i^X{Zx$EeTf;MB@*NNv+6EmUsL=2)Pln}Dckc|{L|6VB|GV<zp)3FF#eXY*
z{p7!ue>MmMgA$uVe)%aonmtbvkCgySez?y^&_av182abi*<kQWz?N@q5NAaGWTR+g
z7q%c-xb*L`9|HICJyc6{=ks&4><eg9E_c*kPHXYoiRNfwY#A-*$^oi{dDB;?1UdD1
z#?1N-vkgR8eZsB}x(Q9^vWO*zbP!OepjA@n_)Fkm;W=B0VA00bgOcwr&p0^FzIGzW
zUxip~FiNbC6C9H~Gq1Lc5T6`Hs`zf#_PSTA*d?5A-%^l)*YM?=HTrk<Z1GHA43sSk
zD$$ZTc+dK<EESWMH$Omm*ewN~7D?aMLfZv6EY6OHpFy)ALDLg_pMWCki8}k{bUk;T
zEX?iDGQ@wqRurZw*QBa@M0kfSeyZ&Ar&(0>(I{AF#K{mdqK1@~o1#d8YyA_g89{q`
zd}L23)@`-vmI=UJ)>UbEXVZh&atke_7LOm$0-j%i9eontOi5+W8CV99jeRJH?M54B
zm={<A$*HW_qgzTs?_g4Ra}6ZXoF<%?WB;Uq?bKO%@NqiuO0?@q`=yL?Y6rQoAprOJ
zrt3qHT}KUpF@4wW#3o`rooGcwKL1R;(`GF9Qa{xXD*bE=UpbpqwJc?GkP;gzEMIvX
zP_yiJeA8a{6xy6MWjvi*I{P{I^q!`Tk^QA`JBLs`hwr-uT`nWYC{y*-FMGPuN6_OK
zhdq(x*}4l+fg`>gSC?P5){JF&PJ>`mZ`Q&uMQ!|wYQYkOydZmyp00sQ^g@X~n;LEY
zkq}Mc4w_o%)eY*&rjq?4W3cqdN1eiz^tV<v*;c-Et0xZ#kUg&Iapn?zwSbU)Gv^<m
z14c%c{Lr(Z@O7xfqm|}DwKq<@tOoj@!HU)H)Z8}BKr%U=5mZ!YjY!ZhpEt>SuR^~4
zsI>FeAL|{7$Z114Y|eTuox+2!mn$nZww7{g_lK(4>dqTZu_W4k>b=WaENlRA1nhw=
z`{)CL;G<6FX6E0gZcrTHyyzRnaJdY>SKoVsBqidJaIT$;T>+8NNZs3y1F_#2^()1C
zPlG>Juh4p#TJr>g#a&M^;<-B3&PJ6*wxoAqD5n8PkdJqDt*{EJ8Tw2&Cw!V;ZGk3E
zGHfdo^{nZV$vY?7)S)hm4VjCm_;uw>$#qb1YSt_Z#;;uN>iP*XQ`9k#De%nkmA*Ca
zcl-EMU#IyH029Nsb#$a{tf>#TKTvbSN6I0C;mDqnHv?_iYCH|D-=mgfP{o{A4y;cg
z!shbxS-nBlPw7Gm&~EeCAIuwRMpkPtZNIGD!)Q953_de|j_g)Xxcc0MF$h+}aQDJD
zO822vNv>-;+#I+TDlu>R^AUVD^k%(kqu^NY6ELc}f*B!0XZI3*LHnC3UxIHQVbuC~
z&UEOGtp{Pc9jt<A5c${i5FR3iQ1zeebD_kW^6V0J-6b#Nrl}{TqFsn;CsrtKV+|;r
z?<SP^Pdw(^vU_j3H=Yh}r}IqkX>agKOY}!*s#uSEV@z{-{|RwfRe9eL$%v9V6*4wN
zux={9Ie<P|k@2XWJsHpV%4n1fV($%3WnFj?k@WbJb4qAKk{*gHj~RF2(pY0i_6cXJ
zm}h>}8-8+{e|`SBII4a)Td6a|8`c@|q-><*?H;B?875dsNs**Xh%2FDad)bXdE`!D
zVEoh1Fpy1gmk&in@)eqPX9l8;s(>dEreYXq^Ak`pvwl8Sf185+{1+VhPYv1y1NWiz
z8MfwHqS(7^KX8AhH8E|a_LJb-fjHQKgkX21tx=abayj^}!iXZY7X6|ot2<@X&Z?kt
z4v)SKXb@CNnu=lZqLedO1K)*Kawg~0v7Yb6S!`<Ff_DqEWW)0<YTV97(sxZ)`d1+a
zy7Jrn@5+z=Pvt-VZ{>dz^Ka!>AHl#V)a8h$w8j<?HK`j;N%Rsx%3JHW=@^ihGRL#d
zp~{XO^+MU+2jb*7(pTggK0TvG*~hxfo>f^q!pQ76PsZbJgEq+?Ar}3xLC5@qxpe|V
zSMYDmYP))uOAPKehVS}!SLjjalKkAIp0iU$XN`KxZn!JX!5k&Ttx<9p5}kh|o8y~!
zKIo>~rZwuDkM@@JJpUqAeuT%lwyVwZSk<^Fw<fYdimv%!2O*UFG+dZPX+6Lt87DRR
z<z=5FMaAbZk4V|~fDi;bw9Yn=sxA|i)}6?8u6v9!r1jz8#CYEV_8;#-{)iS^8w9T|
zF{WX~uj|!v{K4}n^t>$&h@gmTb>m48bo)!%A)QnU_#SLEm!&uIkE$P2zmB3-EWfyx
z^@CkW>C)6^``Z052F|N7tk(=z!!lKWZN2nUzI0u7>qXIN)NmpJopB;?ck7a7k_)<4
zZ_?S8r&-2WDmz&rRepnQ-3fZa9FhpK{oKJeucSn;5fBqXwl{L^{ChkMkHNgSggno$
zWoaF=L_YRra|I#cg`vV-)y6KGJ==6)*=`If&X+GlXfjVrv+s<smm|F*-qOdQ-c)ex
zYiuf&H#c|>+x7D9!wWQ&gWDxe%wi^8a`Q>K8rgou_DQnAWA9&Jh1EHjVRV&LG%}W1
z;p(mkPR~<p6J3uU@@O7+T6W&jR_#_1e@#=i$9tj+7%mM_t(4+5y@RnrdfuYi>aQsh
zr0*Pz$D=&xI+e(`N{zhY^iQM8yx*K~2+?h2E%OjE1mQUhj7aT`>&xt@F0r)v5DPip
zrg;ze%BI*NnR%A50~Stq)2h{k%M?6!+^&|*&ur7*&zY+#76lB{D26eItV)u|RGRdp
zM%;t#w7eXQPAFNO&}e+z2Txqr#ldv{b*!Sw{VG=_!Kx^Rd0-!hYF>-tj^@oFy!3>G
zPFaN1Ni2?>9p0$Q)bCZ_eE5sGN7%)T56ymdrD~G5Zk8H`%<PmJG8<OQ)HbNS?Z{l+
z4|rfWrmcPfll9?_$M#Y2aBARkpX|pE8QxhpJy6E}svCecjP0UlBB@rs(w^7%HONTK
zmORn3`P=&8Bf?MXtL@F53VMP|>s~UN?OYX9Z^e~9r3E@W>x?3era`9-U9T}RSzYyA
zV2${o(7V&uTv&))x4%0Snc6-1*a%jhVvX43-1B~;4^bZxOccesD?Qd90%|zlBC71O
zFGBzP7~j~b&{<w$m?||s+R-R<sUAhjCEwk5zK2_m;s|!+(=*fX_K+gt<9C0FQT#l^
zy1I_X9oQ9I&1|$zjkei7Qw~qwsG$NO-xUxIrzaZ~OD1GRxro5zQxK)y4fLK``*gHY
zSico9NI%4~_A%dbQ?lDO`0So|B{|zY8YgbG`quDRm1FV~9<~vdYwvINCC3X6@SXK{
z?pCESWpD<2FA&+R&Qb(mP+Z3}jh?BOm#mn760X%nd4|k8xUQN!StZ{wE}YC9XXXSe
z-6oRLrYsyM0e2j24rQgG_(kKV-}Bs_@IyM~hT6C7#I+ro*SClx)nD-y@h{Ag;!$?f
zUiYMBqrPjN7WN9`=z~F)!Ty@5ENjTrDMg&3>(0n{S>7W{7tI_oF6<|AX$tpVK^^-{
zQ%+b&D~);)J^{FTMx3>0api6K9Z;+YVtbNhg-m?E-8dcjd)WX!%f#`3puIlsM8e|X
zje4w0p_i`Fn)?d{$g?iNHfQ%yTerp^Rs?}K$I>r}PVU#rOi#6Hr%~d|Ni$M50`9*#
z_pWA#y+-K=U$cNrspWMko7IQfVI2iwR+%;0cX*k~Up-1UMxEi$D|!aHnv4z1LfRQ^
zetzX|LY(T(`mMV*g_YKPk3^ZqBp_$W&m%QHIpQo4`|rV~$=C}puHRA5O3rHD06jKy
zI>xCodg?Ynp({V?e^-8je=7gke=C2R!oQVYrw{{!su=(BGPTG(B~<FfThf*+vU|y9
z8}70cZX8uRIY&o4jJyvx=<3v?Ka(kysq?&CI)&ast$}^KS)1B8{Y(oJc~bk>HQKH_
z!Bqi|r>yb~-Snk__;06XW2z;Z>jdsKG2v^`!+;gkzB1!EM8A+byXqrJ;3epUuXZU#
z_%BQ{$&TLlc@Dt|Y#k+TKH#OvbRWm9{($HGl%~0px6YrmrQM_vsS=GkZx2M;Mg{S)
z?cDS3e3mV5>_Aa}fpNqev!_FTLu6f2Ppb=G^5C$>;a<JRh>ZO}Wd^~DvGiSZJnXf-
ztM}^{9lxV~UyN})SdVwC$H_Tj7-70=oWqOp1+?$Y>?6J97)~4MADsUlxX8wtH+-4)
zY00`{ITp=AV4l}EOR1^I*sV<6@+FD(263O8Nj+zarTYbNFfnJbnyE8qCyDVewUz2q
z2WU*jzaJd^0gxz`2HC@wi~ZI{_MVX>$0e>+3^;@}3+q_g#kNH4t;CTk?&5Pbs|emN
z%}g#U`E6Y8?F)>>c*}Om+sOjXsSmf%1TRviE-t%!@8f@!#0$>YX=wpSMdhfS)=!n~
z@v$;w6t>C*q{?sNiJyp#Bgje-82X9?f=O<*7*pado9*k>{H)o;mfQx>&FD3q&^^^O
z%8V?vgPX6^g(Q-ycCJTnUotpJav^)IZ@y|3Ab*zLv;Zv*1y}6Y>8v!bNZQ@UA2|0E
zYei0@9(UYgkbA=h7F<2n7UC5O_H(Q)h~*49vu3QQVI+36{qm8vI-*L?a!83qX*z<_
zcsr~#gXzm~=nQ7(ijaiwlBpX3B{|VwR&Gt+x<8=M${CWD)9rASbQ?e{xe2o-=mp=7
zsOc~QLy!`MS?xxUI=uSk-v4GjmqF<Je)6#9W8>dq&YKXaJ?Y;#j8R^_;T{kg`}xvx
zKy(qj`d4^)J}Ve>ye8515lCDE;4J<}*DHES2P}Va<FA?JWWLofWOp@HRw$Tz8@7$*
ztFtq7d|<J9PkFIw8J*s`;uC^b0<8<gf_e>z^cKtI@&v+E)$MCZ7~Oey5C7**KTIgn
z{y#`Ux&jCrgdYu!7aI%0CBFd7>}}!87jl4;hVm&n_TA_x&l|ExKAlCD7HP@FUKXJy
zdFwjNRvPdBA*#l>^WBzR*p?;RqLw!5H~7F6`?U%YG-T$HlumFzfs#PVC@Gw``f=1y
z7!w(&wNQfwIypfDHiJJoitQ&&d?lpSYpElrrk_w#tSF=zip#aE3holh*Oa%5e*g{P
zH2nHzMFTeZhbQW)J@Lo2A0k;UzDQ`xdZa~%jC>J|a)4d9N&vgR-rG0g6xG9tc{B{2
zQWGRX?z*znQvB}Ior;Q^(e?oJRTfkJoFVxPQ;4-K))OUjrBUnsLh+X9`IUEq&si`l
z#t5Cby~9OUgrs9E!|AguWNKe5`R<fWsz7$UJzujUh=MDkni+uo023kF#BW73X{eII
z=F%sgRG&$J!^wynX<ldcAk^IaGLxvZOPZcV=3;ksGPCjaJrNmB*HWV2IST5by9E}D
zsk7`FlJw?%m1zuV8}3H?y3u{YY|9W2ZqSQ1Sc!d&@);U$KNMz7z1PQ?o;v8}i#H5t
zokd~g6xsoYrY#Mj=a4kB&ai33!5}SQ%}0na4L4Ej?u{EERvdh^>dv}X!jJ}Y6)#Fm
z7Rf%&0UtEP!p)ktVvW~JSz6WHSLqhdjc68IeB$mwtREu)#NS~KPCg@r?;L;yQA9WF
z6H4{6T^8?vU6An&q2cku>k~<2iYHy4t;nB|w|Pr_7k}V?qp%W7>Wgqi?3EV{An!lC
zi$(5jAg1)&sB2$vWvOa6Bb@hV_qC%RA6?brY7kjNlcX}+?TyC`J7oToLA#aD&~gtk
zUG5iHb#bxi${+B*D?i~smH+g=mA`BM-^$PZ3Ik)^lK1I--Y<rR*4qqNCR$~4xo7vA
z!xTwhSt?Wh+5v=G=@M1A!akk9(VF#-Kmwdd1JNnIX)&O~P!VK`IN?bwCMG}jib?b?
z^~T3`46O;jF=iNUEdmCPH|8@L)1L56h%hNrnS3}aS0OIzvL1!MK<7<xK35&x6Vq#w
zRH>gn<3#9A_18QHB;vlV#}g*MjG@CKa#a${_Q!`fA7kk4okGxFVj*!OPffc1I9gzT
zdX+F0yZ(ftDwXqk+Ep%hN9u4_*cefw>I!p6!f`54CQLMc-QyN+D}OIkH(FYPs3aqM
zczS@KDBLg0UCO{aVN7j0dNWM3L|9q!-b5dZ#sHN_UG#h9iIx2&4!3Jwx?T{w$U3uf
zm&vmF05tkY0*kP7;~QS<g@@BFkMB2kCp;iw?ugvI_DS&ti?BtzPH~uyXuM<#n5<+4
zyH}H*uW&0Qh0F%-P5iiNADeyY!)0lnOWL|dI)jT%AFz~<8U@7)2ds5^IhW>M<GhUb
zFvOt0^C(*$zmmpv9UK7sxXeu_^#NcHc)RsJG$P1iN=nb=Xee%eXgpl=n1PIM%7%24
zSMl@a*2(YhRP3DM_paDbS<~1CurAOF+bf=P4yFqZRDSLLo&nZ~gee=I*(h=An8v=>
zrUptJf%cz>1)CKsbWv$aLyC$tDg7oIS|mB64W(nzT+{i(vq-7vbgY3vu{x0}^5-~o
z*N$M9)?OTF{O-uOpDFfU{hLaL-KLCh>rD+sf?mq%>e4QQIlLw765WdXR4<f!;uzB9
z6Lr~SK1_8}msVC)&?=FOh{u2N`gtTNRt7Cp;@u(!tGt>KM75%(Lm1LBvqG;WYb{)d
zo{{U9!_c_(&DKJ7bDiGI64!(p`Yf<`x&Ad>oT5BdD`ID)MCUAB;!geN>zg4|)i1cc
zH;YK39DNINY6=m%Z(53rrBw<vP0Gb^Yy{kF8{ntB6RcKzN}&0%#B=+HtWwT1u9iwk
zEQH>cAueT7YQ!@kyFs(snxYl{6>&jbVg8U5dbgAs`aAg3aZDp7O!pNN*WNluY2c+A
zXdlNpIDZp+t#W%@-&psC($i@A4-W2H*^c(Hb!i4R9w{|FJq{=0fk(e&-*msfT#^!2
z6G=;&`sR_<6Y9+^Xw#Ul<i=Q{7R3vbJ%)wX252%p(sVz(rZA`YE$EP$aV6Pv8S%|{
zOrCS`B2pJ)IYF0O4gCU>);VPTYK6ELXR!(OS7O<NL!&s<mk5YDhlJ&%${bpiU|*Vk
z9L5SX|0xh^7i(Wlo2}2S(LQnrbh~u>ZjjRh3-a@*`zB9WqvzM$;05WC{`&j-Q~Tny
z_K;}~p81!POR&>4Vn+=fYd?;@@?|<25B2(UUweK&J!{H~I}HfTs}lF#o0fV9;JIWg
z1V3ucOFkaQV(O9)pk(ZDMMdUIMj7>ZIjq4>tXY<)j2Mtu<jf7*(&*-RDg71_j!`==
z*2b)4lGz-0q}KO3szaMq8#Jdu7D@DqJEtpXm;Vm-`eOZVY|PyklsUbbr`Ly>YuJXp
zm767Y4u%UgP2Qfr;|Xq^d51%v)Aure^`xx)c63&nJ+^$Z1jB;Bb&6MS4!oZ%3h++c
zWLCjjKdck{b(ye>gc<t@zY6Xz_mtO)F>w=SV>z)ud*ev-v_iQ4+VPA^U)7=5)G_rP
z<}Ud}RjaL%ay(!hv}r5StD=OK%e&kwXgF7A$Lz$K0<$LklIxg%&8Q1LtKEB+rAYcX
zFB^9jNxbJ$W{~%F!$-Qkfe4?NM`AaWcPO2r9_+|ySJ(DSj0D0m%qDrYJdMVnqX?6c
zd~%6%>nUl7Q!1oZe;D6im7k%kQS0*(=zHd&Bwum$ZjvVwbN;R)a>v&b?<OV@j!)v&
zs-I_4n;RpqhcVBzHSzr;$s2Ce+k(9wl&Rq6FNUuC3IDtD6a7>9|Ngh~_m}-!`8U}x
zFgCH$?RQRxIb)aJkC1j3lMW9*DEaXMoyPG>&oWF+iNwH+S;}CO&b05fuzUf|D=pPs
zO7mMcg!D^A^C(#YN`~EvF<R-XcO{;s<}v6=FK6!lmfpplaVR`WF|t?p_ZBMEN#~is
zK#<XT9PY&#4|&@^(EeRZ=)-^GnPB=UJ_)Vig9Rhcw6u`f;!1up;us|*@@?hFNa2dN
z1f6g$r!NO%S<;%Y?%OT36Fl;i5~@hI54@&3u)oeKCF7b>LqT}SKZT4|R2o8Y#)938
zy2Kt*3kMoFQ%n~@EQw_1i@uwLge$OwC~F57xiBaC&(Qo8OUTrvbYTTn@SgqsQ<nP(
zjT_|jCS<I+Z~r2nXO<241^(fi(`&Ox7S_pD*SH#@+SW<%w(%tJT*tl?+))^aSJbya
z_Qo)4wa3kxg^pLk8KM~W(mmCD%Qkt7-dN*^xV^_x&qh&IMz01fXMb?~*5fPkR&o&2
zvI{mtKdiP&ui!Yn51xk5c(TG*1vRkcC%(G>7kqA4)Z9h7Prp|Lq>_(t*@)XxI*~;Q
zzIzv!;ypFer(}*)`RD}{hRs@AL4gsZJQ?vWm3Tgn3-YUaO`60iqC}YL1KR2Jdr~3f
z7*~jKv=wp$^SO6cq{@Pqjk@ajhdq*<t;o#fsLehrjZOEeLtnHf@o|X&u~R{}*t=*f
zkd>QkMJR=nnL5~8DQC<0*RYS7(L=*a&36<rHi|?>J^8eRwuzq}>3qf&`o5Net?#>q
zd~i#$PE?I8xHFTR@G5MGi*8BM;C|U)!6rUTai^%n|HX*imAw3MLzC$a4dxWYkR~b_
z-KRJHlBcFO$64LcC8xLmGdsPkmlpph`S-W#rOE2hVONpX!QP(WUa#4rBsp`wR}lpn
zIr*K^jmmB?Bw7KoUf?0yLzL@6wDy)W-_UsVLis;ySMBpz+`4x_uhEIc7*JQC;4{EF
zQyxY;+x#9kZ^E&e2TB7(+2E!2%&4*&E?iVxL6WFcDSUPH*cM<_Jc7f*EW}gmX2Ek2
z{pPr-GW93We`RG(>fXb2Zy?DkH&8j;^b3Ra8Ic<M9l}XgrU320cH^=4+f#rL4`aT1
z^|d2F`zuQWiPx6p=BEvTKRa8nG0F8C<#WHx@hwR23@gE+?NLdZQ4GC;Ufxq`@#FxY
zl8-R@s2gKd^;rG2SY;{JYoVvG`q}L>t&ef!gk@m#&`S(Ls&<Xra^z3KI@i8Dox({V
zZB)iApjk*nho?5*pPFbpk7+NhoGGqk)n6m*Gl-tav1%<vS)T8>^Y@}aUY2^b^tGlr
zC_OUJUT%*($Z!?$a~=<_*F;1XyREYZ7y=-foF+^v&yonlmURs_GjN5MS_;3iN4%@C
zB32q%7xoZR%mjnJjI*}TFN_;^+HB!lc7fHi5V<>c*KHtG&|XB8yqPXki*dZF|KLP`
z&k=cCmHnV43n#?=Y<9fxP=xnoC)vH=jiCYyt8CGQtl+nn6y*a_$->KiMtW;s^1dYP
zm0+pp%l#e;Fi-n}@u!H;MsGB2zT0lvP(14GSnxohca}z>qItKnt{x?eO$%!2&~tTB
zEz_%lrCV=f3y3!~24$RafGJg8(_cHROKf51^E(jj(bfin+5b5kjp424DW?RU_kmK9
zPjy_GNp?gw5LuZ3TTB3Vq6eXwdc9C?!mWUHfW<MyWlv(RI2_*@x2P&Raydkwl}$k&
zHi1oFAMi0Le2W#$cT|vW$Qg4X8o(~>t-CCIxxUMPb$4<N^&5tM*_A{Upnc?+?HQF%
z-c8M@BCXzm+y7mZ@F@%=Dv>0++|<}pzak)468P1X!xA(E^u-cjc{9F%94mdb^!S}o
z7`&=183)D3_~KgBeyoz~8jt;&9-}LN%KxtX#Q#+OlmAx!A*+8Yzu7$u43Uk%aisau
zJjShTK5SqD7$uLr%@EYNw6*$9@H4|ruT%~f0_?mYe!eA1xI6cJTDRjxov?fd=Z*(p
z`9<_7Ox>QsM+9Qbc6zt&=Va1-*gX5Qz%0V=UTlyJY?EP{^e%{lzzbrv;_k&k1Qxsq
zvdR5g`o?Ix{TfhP#7f=B3Dcc?kBg}KO%}l*3HzfrnOyWnjPn&?y+3<DVf`Nj3wLS;
z_NSaq$m6Fh*Bzdq`Fi^5x?V2=gUY}H`8FuaN|ruuB4p64C)flVynm)|q+#wPbp{Z}
zo5ah-m>n7iG&0zdN$)Kh({s~pAGrOn-0+jloHk4;RNvo~yfaV?+px06X2s0OYO5!Y
zKN6x>w=_bw16;>0Jm{pr(a^=w1v_4+o1;xlOps`<a(`*yfr#y<npKt8$L-DTcis@G
zD&4fM47&chm7*~9xy&LDih_b~J%YJ$LuT2v*#*o?@9=0?G<?K;Kwik|Dsbnm$(U@O
z2;d9tM>9*bIcSaw<L2>tUfX7AHd`fdRUQa9zk`KP%?a4sCjdOg@OotKVU6>_-8ZYx
zQi)<a?!4WhPMCQQHmX;Fx|H1Z30HXt`8@6B4-jUdZM6#E=@D;>(WwEivot<)A5DQ6
z?<9uNYFtU<fpI2<^&H<~y)_E!4R`6_!5k^T)EiP~A@F9xegq83eHg?!Biiz3fu({=
za2*9y>7J4PJHR%)@yh-Kbg>IJi+Z#zlcN7`?n2!?)#Jy{?Z2JSeaa_S#3c^-0L!(I
zk<%MNfysD3({h)X?~NIi?3r4+^Y%?#_=)43sUjV7kHO}$;6UtMy_Ai!R$wtKuUSr9
z9=)XxR<`mg`4%rjs^QTw?c~<XA?(oFsCdb-Ee*(fA)God4P)ZQgwAM$@EqTwHb=mU
zGPV9ZUI2_`=vHc7mu8W!jH|KJ-L=+!g8V7A$&Y?MT&T=rZT|ze8b2#^u7_t)4C|Ux
z4~fM);K2fWhOe?`^8TVp`I&Hf!5k10rgF$(Rnd^q8fRP}yIX*nifkcEA>vzd)nN2i
z&05J*?b?*V6@Ce$D1uA)n{_QBJ;X`cORm}0tzQWTmq-+JNC=}?E_llxoF9Mvn8ZH1
zRu2J8mSYyeSj!!<hdL-KVxD^f0`m$GXL_qp4Ugv?vg?M=q_)s2h;&U;$DiI@XluKY
zvu1y?y#cFJIbhp}e{6!sJnKDys4Z>3%4Io9-D88`lPg=%9r^lhtTCj+$PZS)g2!dF
zGD}Nlh>k<}6aX{Ax9nh(=T%TYZ`nq~H_ad5g+kFva%F%aA*hB%z>*^{hd2J{D?lQX
ztYVMgS&Z>_@h5J-I_YNzJKSa^*;6-t^SlRJyylw`m4;Hg6jtFY>-m`_UuwUZOl)A?
zX$Jp7w_{*+H?Jh?gw|}SwN_CsN?X9VWdOw+9Flf}Yom1f?~!`|eoXGj6Jjsvs+pH}
zy25=exp~U1?71ls_UF-_cqYC_;-TYgN<LMJPp$GRYfI|(afNcvfkO6+E>3l?6>h<7
zj*^kq_y4DUzn8AdT&Q7V5pt#&U4ML>er`KfMd63_d)C_g()ewEfjI$I4AC6A?-A%&
z6k+2B8JB(1<*^SI0(mdf%4~_7nr#JCF<?A>7LSi()AlH6uJ*-n+)+wsO@ElxXY<EG
z;sjS$tlWn1_oK~gN{E5Lc@}ugHSlqVgi(2Hjmb&uyE)C+qpU+~W3JoxETwJT^XBy-
zGGWS!`T_6rfopC;Bt+}=NR@`3$6`-n_Fm&BS@*2i#DBLD3*Aedx$Ij@RmynX;HBPf
zI>hPx6`3{s^xKKPtd^vE>sGbQpd3#-*0Ckd$w%M0PrJolyrFD74PP2feXjjB7E%Tb
z^ifR_y7H(0@5)c|Pvt-UZ{?r3{BPy=RKviqeJh)%p^Y!F;{BusVnV5`PusTV9}ZBD
zzgGC=6ycMUZQ4q;QmFRJ_y@wDCzQuuo1BV|rofggt&k0$(lAMfijsgrjgk^GqU$Mr
zp_qk8F@3y3aIj`5(TnOv>cTRq+zqXVUl+K)M5k=Z{uFIx`Bn6}{+#9V{^0hFht)qV
z9|qkz+-54Hnw9k?^MCv7T6^B3Hap%1G><4;?=6#o6e}Cs8$))7E1z8^ZasDOOTH)^
zs5$|z8CN#GTlE$y?OLWjr%7-(<tLip@eOKnti{wwo-bPw-*&sb8H+7ib|0@oNXjRy
zi!v5{`LRsak1ilC@S~n68ujS=5QNQbPj*$8T|j={psBsJ1}h-gr*xrPN8YC-L;HKF
zNy`<f{@thaOj_Kxj&3rxbX(tP(#&8nkjm{77K!PJYiOsROQL18VUiDQ{>0?39Lm>}
zxUb@SNODR1hb=wkWsND;>4M8P-EVm}1Bc0X-nxk?e;IJ9tz(1)a`zkk#?R_fSC5j|
z>&8af9`pRV3bw5l?Rta~khz;f)tFEM0TonQ=U@9T_zUZ7-um4>r*^rpTLI_I8Gv6|
z1%iSH!n*-q^b0Uq9Uc$h4mdcZmszd@FZQ8h;p=tBx5&qI_jqmTzuW1Owj?@H;o6*m
zammTqEU!*HBSQ=Q7k&SonKavCv0PKv`Y}Ags6gP~i(p@XCAoa;Yr0Fj7fHz~HnNR{
zzfeEWH3s=x?Cc{7cA@c-w(heBWa)w6alhL&&Z$KMl7YX6o9SOy`RQH4ef%d~a*2b0
zjWfIrq^CT)o>MfNWCp9`dR1R~Kpnk}CMoDr&$*j??v#8P7*(E?dw96v*+LxE)pGyX
zV`{4?x6aQ+UoCL9#94rG3l#&b+q*R-!GTeU$D`2A?MskU^T@K|Kk_%o4V6xA^cyT3
zojYN^;1T(wF4QrP7ZY}8wkzWRRktA->)7+UZ@%)qkG*98_2X|yP2<|36<`E7Q137w
zWFqk_clk}RhPh_19@O3}85+ULi@cODb~tx}c9gHB9E^~{h8FGZE|*})vl>qQ@VJe1
zQT7x=+G3sCSX8q}k8pqO>bt&E9Uh8*&t@^rpCcmVdfD|hl}qBEP8nF`>zXI{E)Dsq
zQB*3Q5kF;-TdqBPDX`~P7qVFpP3%uqjF_Eb;-+xEELE&W^~r~^A7)ah?eGQNhXg{%
z?m7NHUln%CmI3SzE8qx#+y;Z4CrUX8ytdF}R+F;9samIRm_EEW8a;2o!FC^e;SGY2
zt38wbp#9M@*j9*Lee)H*Sae)DYD5bH5;Csewq!KT>2(onA&X&6O-9eE&;;ni&-<Ou
zyZnhMLQW<RWCG~kAzR|^AgV<0)(H6PPQ0{R$b@+k+??v2IQM}keDcx-aHbd2%S@js
zv>F$P?jKIyx;&0W^bx3wn~#9oobsA2ZZojA`nCJ`79e%{TV^S~j)9Twl+Yjftl@Mc
zx_zEuwRZ!vrlPDh@z|Ak1l$d+z$jNBb>>S;Du%-6&6leX0$6f^(}ZSIgH=LG&Zme@
zFdsqh{uezL-UsOx#<(d*6{p7!d_+^6ZW(`r)ljEDcxQc{hph9WcIdrx>I<s9P1s>x
zahbY)dxk>>!^{Sq{K4Zzn}DyB^cho9UO38Gj4TmcN}6uZPAIiFU+?&&DbgSh3~97u
zlXnjte|zJkwXfb_O?iIA*v<S1#Y@ccryzhy+IT9Lo}ej!0tOa0U!aTXU$lxc&=8xD
z3fJ}C&Ww0I)kD_ZZ$Qu;l-<|0eEwjooMI7v=C1{`UGckq4NHzp&<?qA9J6f_5Y==4
zt$D;e-Qad*C3OZ*$0en7xw2=#_8#kAq{6%Nlka^=*K7oIZlEjwtN&g3Fa1;bkN#Wv
zXFLC`{QILA82=QY68<R0+btD2xngd~9lt@D0>5AxrCV)dE0(d;33#7DsJ)(2w&%VL
z|69ME4rE#=Xe=1Ppv*D3^Amy!(x*>XWTeK-1+*7*1mEB|6eAGiR)(AD2>PH$a1t%@
zO<&W6E^Tc-VSe;tc?-Cy{5M0C5oKuV`t`XwXX3YMEsRkRu1@YDx(SR+qYN<WYL3PP
zM$-rRfv?~O0CRMcDY25d6eqvei=XLjkhlVXSA)l7{7-v(u;-=1&GPDH@?Ycy{y7H*
z55F%h=IG`&U^X`KhHyaSe3j*GB1XU|(Ln{|I8HlY$X$F9-Ke6u-JR399gRCb!KGSz
z8CBBM<fW0;s<1kW{LwxUatz~3Ffg2*E<MSw3}l)Zbl5edT!$#e%bMYYiS1Kx383q_
z-S)cy0QJoCQfD}8Xj{6|<9*)8TUUE%{5BBO)b1;<I*hR>HfS05h-WAQ=?pVh0nEp<
z#A!U*RAs{yV0yBIV|g0-4=)&<Fn#1c-}3sG(0J%!OaYaZ0nwE#bTSOu(D{M+L??Be
zj#=8BVx3#Df5EahYL)1U>&{edm|k&ybjPHkm^Z0}k`9n0fvWF4c8(^FLe3E1JjW{V
zbnivUyC1$<uuDy5S2Hicij|>O5;*_9nr;{Wt@GAeOucG9>NUSJug*V@(#pr-(n^HH
zxJ&E4@tsR_*EpyZegYpBT!tLC@{Q|Z&rcPRevPODtwVqrKm)@`c@Vg{Aw1ob52#{%
zb`9ISU!dOgUVt=f{@uerV5L2$^Eppc;Sf4G(-RkY<Dm~OpR+jsnwcBTQGPhyO$fF&
zT71PM<EKkqURjv$1QDE$2B=c_H@l5kn9SEbE$aAh)&hiIdW_~`PG#bz4oR7EPAu8M
zqj<vd)Bd}w8nX1(0)%?d*adp;3Ov50uN1nRR#=JAgWE@sin9N(wF6zSldc5KO*jMi
zNG@`@4)x)}0dG0wGmLu>X(NTAvR*ob(>`Fqa$>w0Q*7)5^CY+$<i}-(UbJ2OZ5!6g
z6?okdRT*v^i93WpY}M?wl*(&zAac=Nc!-(b>;a{6Z4T1Y%I>Syo<eRD9FSWs?`y0;
z4t9)O8pN#5nLK+X2ihfYWqKyP)Hr*GFY;NcPdAl$R~WCNoUzBpPxcw<GNtnez`DUk
z_p7~|kg0pX;E9NsfQd!qdqCg^UdWYu+EfD*a}vjy_@!bf(;6o55ra;`&)!N}t#g&}
zqCXt|#B3>Fm%vCCMUWN${cd+LW4Avquta<ao8-cF^yE8)oF|t=3s@ilY$dwbAJ(4g
zFP#6P*OrIRt$`uQoZQL|))xkA6hb%ZRBiiZ@qO8Mie@QnP!7-m&<Des0o$@RUvFsK
z94vgHCn?Mjq`mR~Jw@T@vXWbltb7*zCn5N>XrIcI=v8#b$S8ujy4)P}DfeL<F{Lau
ztGI94239;Z$|ta#HB^Gg_#FuH@*ahj;yFB7wRXnixHfVSMTSg(cPjoGul(Jv7$&#b
z#_ET>{%9-KEuROCuEWb{T-P`I`fbWWi^FFER`3+=0*hH%`POU4bNmM+C1`0)?@ZHO
zW|<(qvb6WWobI+gGvi$QB|q=45y2L}@b01inlqg)=7%NHZABU%i@+h|SzKR9t+s;G
zwL0lcTnh{K5<!ir?_=dfN3EbN$hpW~IE|EN4*V6OY}q@X<t$v3b2m{c2$IDB6h#|`
z<6pj7MLBr`Dc!l;3aN}rZ+$ipH6h+zGZ~-(`vGr4$IQvsmv#zgg|=;>#r~h=Uv&BH
zfR@MruJP<^k3S<iLbyLWm+#|z9~%v9u>>1DbmedO-<6;ApUVH|zm<Q<|KG|#Muvf*
zCZB(88*I^>9){*uwoepmUBR!cvj{O}{5I&RX>PR0e?lyr_P&YjPKf7L0HpE^ODnDC
zORi4qKbJlOCcV>=+i2-(Af4VZ%&BhpzyB%pk8j_gML!W05vOz=vRL6@zwqtGfZQ{y
zH?W`%L95W{mmZuUO4=-_hx5D12^*FT*eG8vu@kLqE9k5I`K;*C8_$%g!N9r#<o9N<
z<|n<Ut<H-{aZ+ses>iqxR<(-<aEbp0jp|7_=a*!Y5dQ+yED76f6^Dz+*T~}Nv31su
zC|tenUaXMYvicZ}p3@_3L#wuE6XDha7#Mt*t25|H=iiM<EN)z%6!Vyf9X|Q<6J6v#
z;ZdgaiV+abj46kz&_$Y9Aj7rE<2Oowpf?}!&2DunoQX2Ixp|6!sgSw@SDTrji1^{3
z9}w<#y$Y`(<HfQ}i?r9GqQ)F<5skQWizPJnCI6ID<@oD1XV7sPs_CL}Uo)|a9Vcv=
zd)uJxLl#HhRMYo-5sp_OI<A1uZAz30H01PKf9_wAWQu~*Ki_)4K5RFqZL5%%ldnSZ
z{@w~SE!{utL5=u4IclwzOLuUD2uR*6W`&`abvL8-bl)`luIp!^6*LcuM;IjT<g^Ui
z_@E3qd)7nTm7iDe427?K&IWu%PVy&U-p}fbNq#T;L}tMvPpzN}DaB4tig10|vQ=Rm
zn_t*&H?~g_|2NO4pZ8mDg8v(3nsTG8YchKbjE%-09D(*&>gSB<*GY`FX}fv>*#P-o
z-E35|Q)Yu2Sv=JbXm>1I18RvFrI49I7OxcFMcXZE)XLiPwrn*&bl~))vf3+QzTuU4
zU1wfeLosGX0&?A;MJ!j%Y{z~k0#=7EQam;hw{1EPegcyQf;j}%s(yTZ_ZOZ|TZl07
z6UOqB*+`B$4ZU;Ic9&Vw3u6uB!rM3Pq8uHFXqKH(i|L?+l6*>5fcJ42=0CK7?g7V>
zs(Fx8l0^u!$pmsVsMTa|kq0%Gj#SH0I55XXzG=tE)c`XNOLVG$Q8Ls@tk{5`z*XnP
zRgAfG#q~LKfxA6%i<>M)?;hNH^yR)&0MJS}hC<gNB_Wnc#?0C^B&MXQ)1t82xFE_E
zH&!<c5-i;Yni4LQl|5T&hm?htK5;s#63EoU)8?oUb%QRsJ6cbGsuQ_qx8o&PbY|r+
zs`V^HEQB#nVDwVksQz}XEq`6*1T;;()l+$<ku~QK!7|KGk{>rGhT0f{kS+Pabs9}!
zMGWIszVv93es~6?*ov+L@N`{|OuQv_iu#L%{`KKXo&gG>NV6eiV=@L)dU-7A|L=%G
zGNd5@AS<NUNcD<1a>nW<8jHxV{;Lr|0}10#Elc3OLlYluY*J7|q3*W1Ie`9*j$8)I
zyuejWc+L0`jE>qH03RIhptaOZ2sQp_)me+-$u@-hn3a*9);r%{AVI4PW&G3UhT~wA
zCSnf@2FLkrU}6-+xnCFX3YmzO@Yd;)8Z@==iDSDW?m{PqsiEj@sBfy{kmGyb;xTVd
zPh@<T{0#Dj4z-Y9ABZG>AUI1-u8^y=)CT+@ofk{1zZ#$`b2FG5TML-L<!2zUj3!sc
zj07Yfa{EekAWsZCT?LCm0xr_Z%O`r~O2pH#XWz*DWS5~anQOVnN7M)x4E&+v=tLvm
zp1n9ovFI_aL7Q|4PR8WtP+hq00DxL&eBRsP7=50q_2r042}alO)6=vMhDKEvKXE@4
z7^X#szOF=8_BfJjWIP(o@y)upt8_%8(q*;Fl3w=5Yaoe~Njl$V_#;fAH_G&xvR*L=
zW3+~Wu7uS6*;i8$f&6ZH!iHvSsE$J&+xdePB5sYwn0UI}%jnAA{J$&z<$o&w;eRXt
zI^VyQe`pc|L(_f4!-9f~4NLNa?t`TvW0D`jI8P|TG9@zTTKcm)IIsnTd#XU=uEWQ4
z7h2lA2@4O%Oc2P;xL;?aYYxdWm{p={hce76s{3$P$QKLnPQHYtxesQX)6eC7Vnf(q
zanxqZ8b}qGzqIw1M_0x6gUb7;-_Y;GG?dpvB#3fo3Vdjq^W7$PBdFh?1D12`<_K2}
zt$7cf{q6!dGaHxcntwurBmdM;bTdle0{m-GRofWlbDW+0j=8)FI_gKTuyDvn<bmxk
zn>T6UU9<)f<Tfy;Du9MBzY+#uqx<S_-U9p&Rj=|sX?a2)A4v&|G2M5+!yoexVTLw(
zqxQyjYYzrPAfk%6w46w6Ac(~PjeVctq=K|2wJA|-_}Pn=UV}>VL=LtwM5??`PZ9Mx
z0tq>0KSAaeeb*dW3}a&g&1?7HAm;<w$d7!YBYzl7l+5SPK#B5H;=wVsAy1)NEoJN=
zI;$l^{`T(bk+gx(Ueilu9*DVqcJz!45n2O}YuZBRtNb(-^ZR*NwZ39o_-d9q=MSb(
zY0OfBw(i)syogkPcm2c}E=pqtG1;Tt)v6g-PBB&&zVaZ<r9z3{zTITM6WG$vvhk(y
z_G~h{BmRmouEJj43*l}wRQw|>I=>RF2@U|`IJ-n>w9<@OcKpvTwIBi@xHxZs;Ip|s
zG%w2H&B=px1wV>RQBM~~=qXIyr>7iU!4cPyx>1R5eRf=|!K*#L5?!)kg19Q$gNZCI
z{`^-Cmv&L0KGi?6rnCTe%R<(5_ai!4BSAi(80r#O3)qcx09*y}NGT$wq&8`m!{g}N
zp95?6gop1y-|_?LZc|=u)#PIsh}5fuxBl%RD8fC)UXbfe1atRI_IE2)oAf<Pg{`@u
z_(+2IE0^?}cd|+=1u+HQYho1_x|WyxGadimbFG`y3<}A6E%-bT=QgzX65!bbX^a$i
zW5!$%63zoa&O3ctEr{mk!T&OQ3<O0*?ywq!^Dt7(Z@5rx<FOA<u>WA}i-!+?Z$%8}
zQ$g6<ELu%&@u!bzK3$v7yrwJL=lzosMHsWv7WmAn3=_&tschT_j}$Ne%?33CX?DE>
z3LuJGpR=HNR-grdpxf;o<s%ZJhg>aw4s)$iFD9U8mG`v+TWt<pyLZ$n(RB8#*sqU(
zYBI&v*l{D{<)dQ{Ufi)9N_$K(li!uC<~(;6-oFFP;Jgc~)vz_uh)r@2En>t4T_&w@
z?3JZ7o-Obzh(HQ}E2dDu^$Fb?Q?ESu<b9gn^1Mm%uwDZ(rOkluggDawyuTf>58#gU
zl`BRzWecyEp<RJ=ui3`iG7k=1ON$;aWR8dIabwrB`mBdT4DBc@wR;VZu%w^M4$L<y
z=V<+2j``Gfd+})ozr`h+&)E{ajky8KQMZT+4TZ!<83dI72v1ma#CRi!goYb1c38Nx
z!i~${{K(*^{eBM9J*180J%<qqoy<XtKMaa~jj{m7HDAxC5xe~My^Y!@S7S0h90E7O
z`s-^Cb0PrFn~YuIKiBvuEPuAk>z!4vK<@fx5+ETZok9ZF?)6`g6z~WDwAyn>XhEK|
zFZ~J^lB8GBHTXI>gdCz6b905)0pcIOI`W;BAUWd1)^U^Vzq{F)N7U5OUeU{uOv3e2
ziB7A#&bh01Y{;k;1elq<ZE<b^gjlvOZgaipjitM?&Wx~8lUi*Gh<v7*Rl_yZp><!D
zUSSy}E`R0Oh-hUeXUF3X#Qn&k)m!hcc*@O_K0zZ%in(p$GvqWyVM$`PuT>;hR7r=+
zZ$)#MA+W=aUgrC0)v+9-!MK6r+6Rr~9KNzw(`e^X2#*KRm4EnuSAMd8D*x~QR{rgU
ze=GmrcnpkK1-h{7cfXQ!9xsSvOhHfaoMg&AF;}pI9q|N+f=ZEnH$`n8!uDtM6RGAA
zoPg0Jm=w!L=5QP6R*MirkLt`Ghjq^qeOFuSSiV|oQAeig8Kc_-RtLpjFt4VOG?<?J
znlmI7-BjChJeF~pe&rC>!F#8ll(Z*|UrQzvyOX6K5#*rtUi0Uc;9Nug-?}-t;US{+
zPjjroBu0_a1<o*7YQH?VMuS>3!*@yu^U4e!ze{SY+nW-x{ep?SAShnn<y_RLg!ziM
zw&SfJ|Dxp(68+`y0M|_%Kf_e%<YT-p!e8xc{CT;1wcrI}JVZ3iblpF6bmTai?u|iM
zmR_UAq(*_ptk|#9alI7oCU{bapI5$Dcqz)RJj&N@5-V^0GoVDq>|^bD>em*VRo<4(
z?Fz`l?Na)ne+%D1B_X+#1^-b#PmWdh?dkc{QD46y`}L#4IHirt+^PJHts*pyl|H@f
zZ0H0_#HIDR(@!5oru>mRC_ut1XQ?_Z<7L@5Of{n2aVt(ZY-{OUO*hfANvJlHZPT6k
z7lE<P0GXOJE}@V&nz;l*35a{PO;OQu5^-!My;M`TXBw0aOg|knm~Evx<~sK4zmYDq
z)vGZx&2<Z0>WGjUuI@lD$mV(6kB%sZkE7LbukVRNQXrSWZ~B;|@pm=I5I)yhWizTY
z9tOeu8?l7n29FP@Zbjwxm_HKvZc%abX5={k?>(BwtIK>f&7s6(DvScs9u`Kz`<~lk
zsYQz06vP<PGJ!{46Y+!%P%9;2OtotCEcaXevHUucA_S+qnuz(gV*E%ERow*i&Wx+R
zU6LhOWobT41J{mEVSTx}oAc?Coc1mx)8<D@%%e<9H8R*MI%XW6op$HhEK_gZ!d<TY
zp+H1oNo0eiab#a*-AO~vq>o22wRmHZGN>f?7i|W-?>!ZQ8ongPA{(y`0sH=f(BxmW
z(Z;#<cRzmvJvA;C7m}eexKgfdgKuSpbpP?InfzxV&j?EDFMtzC=E8EFE<L8i*fnGs
zSiE|Cwq(~@17FOVuf~wA?V>*Bi^@{za7XaOUU8+HbGlRsYI-k;Y94+X=j&3@mu`*@
zI`+V0A#;2;kf++qM`$WV7gXzX-jvjd{f@Qe+T-yhlj0pSFukX^ggw+Ic#Md1#q@NX
zWeUamB)dud_~yyM=B|}(p?VfMPi0P`!yI5YxuUo9_ZA#o%THgYw4S?AKe~`dAwO`j
z3h!M8v}?I-&lKij@)Zu@;eB{S)T+8~@lr)->+awy<B@vb+=#k25Fbb29#1ff7NJ(r
zb9%tJRxz;AL6thFIqbZLEy3Trus)bF8^d9~CGor(cHPMaJqgTqMpKjL;aBuE*E20{
zf7x-Y6!(G4uaOND9*GgU>HvjXw*;l%isM?uCS92!MzpW7e9>Oq)1@zTrMcBzTom1L
zrL`}GTc=_M(=^O;x1OuSt!gEahgo#Mne{B%_dw9^v(6`28;#P7yB9xvemsPYD!4OI
zbz|2q%Jk*)3HZYg-1LW%K;>hWb+uM1{a|NSLW+$6^<z$opT(5jphK3AP<n0Lgd3;F
z?4|8aspqm}z2-2X10_>Gt()CM8Y|FH1h9+m2EpWkE%35CwK0}<*g9D^#1Pw%>IDz=
zCzh@h!3b*-2TEb-ji)b?ZUH1zI@!`L&W4+a^-P=GkH^-*9->{BN}=a>i(Bh9I)ynM
zkM!FWyaSCMKNFf#g#@2K=!QITclv4Ni3s{g++6A8M5n(5Qx)!2T*)aFayXqTRq`9B
zd4)zez9pqzYtJb0sIyBItBuCZ<`B3$*PPTLHgI1niCO^Y3FsM0P)msBE@PDEcEIi$
zr6L;n2~HmQ_7P;R&Z(26>=^1*X_zFAW~@OzO0>OR_EqT0KmNZfKlwkE|KPuse=p_V
z%CD-8fe}K7T{tRfw7`l8#y(J;qUN|}z%<GxqbBJ!G*qB+|5<R1#?)!qnTECLre~T-
z#Iw~rn|Mqcxx?p(fAHWU1mYOHE%rV(mbaL2uM8MVp09!=-7xiP&v~2Maqiz51lF_{
zIDK`a#skE_SO+HWn;QuAM5z=Z%7Ew#$Y<=BpKWmS1>lBh`pH$PP;b6!|LrLwqk!Vl
z2Mh43pWyUc`%OD<vTwL=J4fmxD5+}te%zJLexyPZI#FUb$DLeIiRtqjts4ihO$oUR
zsHOI_1N7K0N>bv^0UBzTQO*N@9slnWmk?-w7MKa7b6cxjzQU@&o{i8(EuV6w(yZEt
zwPR5HG;O+%Z^M08Vg^}Ixk-1_jpa$Jx;JPlcg31t#T)>|U*Ml4Vk%;zR)t5(I0Z((
z;WZUoNkPxL%G=IQJgCh1<tEDvm<OKTu!zkTR;BFo=5{j3_y$I#Ve9a~=BN~vgI=^(
zLN%JNWr>}xr3I#afFKyy1!0gO7-+aXd%d7iTar5F^3=CDuS9><0C4#ZRIP<M>(b;m
zRBou&61L8RU1-Bb_W?7i;b|pxX;`*d39YH1AeY0yBa9!+39DI_=?fMY^g$-mwMfIb
z14VUv?v3bGHD!XgN(3sfctU=|6mY-ErR=5ggp^6~>F1Dr2v1Q~6Y)Uu^;F-maS>rX
zY{$MVnU~#_L_zZ@M)nY7N0I_2{q6-@C~-5pgc~AmE!wxd(7Xr{8{8wXkx(>;u!$h(
z-;Z8nL=8PP&q-vNf_>nP?pAfj_k|dN8wF3`I^(?)9P^J{epyj9!8T9Wb5kUQ5z|uY
z5S?q-Fb)0rr=+xhyL1(*wDp2Vs=<av;~!s0CA>}uHtI$9wgEwlD#<^!%vH$N9a}2Q
z7(u8>A*f;w{NTq-+Y4<9td4+fc}~|k@3o-cJ{TF!bI&STXwzXGNxRUkVhQywapHhb
z3MKxv0ESta=pA-tbCtyODT}TA*@)34fQr%6t(pT?6ur!evC&a0{p3@cmlbm`E6xXe
zivz}**2WfW*#%pFb=<7DZdttX*|YoJ!NwL;kyo3#_-GDJK_x3X-Yc>O5#U9nt5inO
z65ZWN(TL@wX=hCN`^WrW^ll_@3bWx6I2!d9&ON|9CeYy@i@e<(b63BM@dm#GK6;}V
zSrfTfOxHqWv>0MjctL3M4xnMLn;+Cf;<(k<B<JGZ&ToKs@xkez;0yn(#WVo83u!M3
zEd?waG;^z=&%f9G$)5xDx-gLrX9iqnuC3qPa3@HF3&?KYzY8Gcyz~)Ji62i$t>@JH
ztoE-Ua0Kp`F^B#fz49gQqKAa~%(>@qXO`PH!`rW+sc>-=d@$6uO<&sDILDmN!AfOU
z`MSUpP={GuQ!!V8%=-nZQRF}t7c_`E8wg$HpKuq8d5`=b={lkVycxvZ!;5>f3Iz#U
zh(u$1JZcY%;$!|)3?U!gQcv&gTda7Mj?bY*lBxvFxw!YT>I=N9TQG=L16-h4DZDxP
zasjj@UcOu1r&@>1@_~|*VK?~SZQQiM%K%_N+L87-tSO0m;~4(HX{E(U^3LRbPx=@$
zO7JVO%n$zubVRnl%77zB+yoCd2Z{<a>e6}Q!K7WVoC|@<C&1eel)nXNk29G+`}Y5C
zynIeS8WmRd%f@1ui_1E1xC8%s_w5mZbo3$YxGTa_c6C0RK<#iG@lRE~AN8nW13@H;
zK^36=;ear0WL(guMHU<Y102@}pVwyaJcgU;dO4VT*BGz5(yHl4CvQ}*kQ979zm73f
zm{8AeuZoS(5HGXRFeU}wDe5q_>HX7~5diPd>(T?g4a9k2f827&2N6kh<=_6_m7n6D
z%D?~L%73KsZ{_d#g@KWNizq6;(p1mG)(A9uxbP0&HyId2Ljc$83{0QbENer5tEy|d
zNN59gRI(l~dJG^k8k($=yY>m}sV6W>*#glI`Yg~XkTXb!$!+08XUI64{;idz_Zb5w
z_(5+4vaAx`;&D<z790xr(hbq%<f(X@3@4wL{mjpX45DrBjUxxilSx+FPQ}5T;wCj8
zxg=pxAn=^gSb!1x#unJShqQU*Sj8xCzhtvPABMdoEWIgw?;>Ozy*MJmjP2t#?2x|Q
zEUfb)+ur_C<{GdZ^a}H;0+}z@$VXsHCJZPOME-bELCclWbgGe7Lv#$U!Aq+qQbN6r
z3dWCma7`wG!&pWPla7O|wBkEwY<}HEG*lUC{>sTORsrlwe?4Zia1=2zQ$sEh#X51S
zSEYnab=h#RjlX|uf8tu#Q~m_899d1g%y@B62y8|kbkN?3nX*L<tHHumB<2lHG#8LK
z3-$;Xqe3l&6aTWwgyd8PtY_ZJO`==o#UFK;+l;`;d;yRL>Wa0p%m%{rSM#jfm6VcG
z*zSRKk?4;*({&|*%PY&An4f%3buw$7{hu8|JhK!%3R&<zVArvP@;a2AA9XPN-=1wO
zFz;ujF{A9iixNN1ID@F<7jUT_WTqA&YK0n?wWUrJF7_2bU1Nk<%H3tAZJu@jMZ@rX
zX`V7Zon6Tsa@G6}{X<uglw12~Yo+bfE}Da5)IBJe0B8xl9`b)m&oHc>`R#eCc6(g1
zPKGIFxiQkHl6!hON$ek(;P3D6Pi9ctQ{<miPL4$OZEg-B)!Z!iqbr7y;Ue?jNkoxL
ze6FIt36+}W5Ok$8_7lFTTgPHH&OMNb5T-Id3!us3^COoWk+dPe;MT;0l*pFvKV>6g
z@}g&NPJHQP@(MVp(z$pJRGSqp-XV)-ZY^6s?$m;AHky^jn(U>w_oZidM~b7`q&Eb?
z;LPp<BFx%=>)%Y#-5%xWs<TWJn-8!Wop@-Cx{NFCw=M*yTREFe_n248(PtTgL3ord
zSr*pOT5gsuD$yh>PWX6^Mmqf79Od>t08a<1g~vL?{}*9z0aewy#gEb;4bsxmCEZGc
zbf<KeN{fgzNOwv|Bef}!kd_prLl9{s1Qi8E0eN$K?|JWk-y7pR&p<p5_Hv_Z&2P^6
zt4TbphQ#?7E;F~zzba@jXp>O_)SLJ{iOa&G*)^k8U%E+F{;z>3GBJnj^;PmiVCl32
zJZP{+N<-v@T_JpT$p8YrI!ef_evhA;V@Z@{Hu6v$ain+gM)L?i{AMqlT-%@j9@FBj
za}cEM`t8rUd|qy=gLNo!V+3fhLb~}eoFzl%5873m<cv`{SNw4!pzh#cBp}hNRFgH+
zdVm8$2khNlOt~f*S9l4^*&h+nNs<*PDLRw;_yVtY){gJ)U<=l_k)>ugrA3(jPliVf
zt*%$|3?==aT(lB7W29GCbruW=b;Np?L+a1$3DSs5iqLMo%Zoi?m-(gI*q@+Bo%YuB
z+o$NbKB~wV!zhEb*ui7L@G>^^A(b#NtJEtUnBBe(@jk`YhL|2T6eg9=B{=6{0p+i2
z0@&hhML{L~W@<NEZaPkWpx;9Hu)hb4z8BGgsZB-*^B9lH`=F*mj7vMFg~FL%C_g@y
zQ^RcG>vsMVP}3<AA0p4M=$>mlzP|iYtjEBbLZ&Kq18&7-`8q1E36$ahB#X~amTv*X
z*{0$0Rt?E0AXww^Qz75uBAsgYbvu!MjI`|pz+zyizE!*9brnZPV+2EF=jzvR0#q5T
zP|GPl$j|OcN}be^-XDb+^>}Pnij`JRJD^Dkxw52%wh=LG<@-~lXL3y&M&NPAt)Bh-
z;#7@^M}hHzbR5U5Cuh<20GLSLcc;mU6$zZeP(P<B3UjgaPg64A;;7v)5{Zl9cAh%V
z{;K0CyvG$GOQPb9jNGQKLstH;|6cj8{;mAq{<rd9oc&YzpB12>+yEYvavF>_tY0X4
z6^7lHUR;r<5xZBja9Ww1#MugcfrH8Lm9UTYiG;I;N-yuPj@R>#cs4pahOVmZRR#4*
ze1-*%!kajqr#PX7Wq&e)8rBM{M}(MhXr=tz8?`&%_3ClsYP%n6oox^v(F)q*3=KFP
z>@^2h%H>2GDYEVEXA9WDj-LMR?-^J<_ZR$eNU(c(Dr=e;1=K?>lRUe4^&4C`##lzL
zJ-^8%Z>4GJ#PnqE&V&`!b9sM>Q@STGuWxvECH}*LoW-!!>KXilo_1eyOeZS)#QtfB
zc=TuR>F3-o=>mzSF<{+nh~eQJ=9TFyyl<sb9V@%B=jhG1ldnNJ9lT8@$r5SWuv>#F
ze_e7^WyG=hpr?XR(9ZGkKz!>KFdY-exs-~VrW18vr+jr!#5^DAWaP5Dn>d5^T@de#
z7AQ(L8&qp}A3oQ^uZ=~sZT?tjxnn=9R%EDK&l}E<=eEOcvO}g2r{?+7!!6O~17C@(
zbi0!YrR!m#=z83ir3+;b`nE_m1I^L7&<01S5l)^?$lW-~yc&b8tFHa_FRK(jwUXNq
z?vF8l?mGWA%FkmbZ(x%9AvH*KwD`5>LqR9j;4Gor<=?dXdHeP{GFK$m>jx63o*6aN
zYjo*cOJ256Nmo?~M_8WbuNC25n~T$<Xg}Y(k7+ZPNGCNo-Yw;K;1Nc12L-KZpDtwt
z`+Ev`kc#9++5`|kC`WH+{gwdFK{CgL0)Tjr*mk2Q4c|>Z@U??xgpTuspw5$FwRhGw
z<vFp*KG?FP-f2K34XnBm`vloe9pTs}9-NZQ#G^(n%JrT0;X$Wx%Tb-zBKYFOMD?S<
zBl5j{V9;kC-)>IYJS`f9;{^i^X9dlO2XcFFnb~nTrnF{L;$RcdL<C79bc`)tP5wgQ
z=0{G0Cs*>~eMGDe`H?DFwN>{YfDq!1#1V@oe(w@&nHHT1n&8e-4m99SDfaCKYr)0y
z(lo7DUgK8u(R;u#(Bl>axsPjUw?)E--B>Y^YGw<i!(P&_@tWc^^v6qXb)lKz1CwfE
zWhOTPbF<aPtr&Rex%3b=9}QG2x5M*_ll=9)GQvB49W+f0?qmwa^nZ%zUxJQ;ZQK>O
zSu%SEfKsCt0-%v98!-qDjBoG3XdHVTmc+!IK8Xa^VMpU|d)sHYNOWgk>Kl%+VNFWm
zXPCUqkhWuOQs>pA%~z9jxXP+$?UXtC?s767wr(N~%^v9TbeUKI!vpLpyX<p;ui2x=
zNX(n?;cfgG$tl{C%AJX4GSFFxk*m4fjEwi`uYWPUT39^`Y?L&6df)3?umQ)u*Oq&f
zGdwcnUZ7!`SV#-ZQEXxe*?q6$1+0QWZ*orcf-H$LpGB#aFY4DJ)_|+)1egd+wJ@O;
z-}n(P#ZuI?%<TcpnIf7Pr`gXO5&&TD5f>1Bfad$p9ku60!&48KWG~@+yrN)}@p>UI
z^BxmLVf0Sk#uBmh*HmfmSl5<UaQ=RptFEYgcP9<$UaXoM^)Zj{1)SNnC@L(bqnZT5
z9sID()XP#AF}I7?*M(5wysO)MZAzh~oD|lB(75doujB|hsdZ>nG-2_eYaaMAUr6@h
zz-vr_@KvdH=d<q(%<M-%2sP#DS!$G2aqiV&CYs?7jx{SQ)=(QuU9@fFLNja63^j7E
zoo;kck3I4oCzQ*OuP)ZHsS-QS+Jw~Y)RGWSt`B`sqCXYNE6HiG%7N%d%+Rg;ow_~j
zGWJF}X`i)F8Kvv-fdtf}3lnf6BQakl9L^P6o{uWwIM1DhI)|(pLMWtBM4e&U7^|oH
zC1<qvzU78B(rkVAwH!li`zDN#KEGi1S<BHuqh84BvL*XToJ45=`i^|*w^s|mz1WZd
zt)n%qvN*o`6SDFj|9j;p`&;>s{-^TCqu2dY`QuYiP!O*e)x=D59|r-WL{guc+G@AH
zXj(qQ&{Zpr#GEQ~2~Rt{@}e+t!OPDE(f(Wjs>w)Kb(x}EpQrrb2fL=2FABy9;_)NS
z>;?YC410Hd<fqd@4bAsi4QGJwMkWD$TB4V6DCHyNVNq8DfiB?szJ6p9;NKU6_U3~e
zr6F<&onWiVxHDt8r<*buAB15s*ZZnFE!%+e5HI<aKIv!@%%(l3Gtl!3Kx8jTZA4=J
z3^%#U@@<TSDX{mv#o<*Jkls&K)C_y1Xy;l7X33k-N_-txdRRym!a#S!a<@Fz$1o=M
zn2?4W*C*rEOy{_Cr|x<E9X-<FmGPo*>thAmn9b<;OD^>-YMG7jS1(H0(X0Kkb$bgp
zNlSDRs;=E3`@m7blrdG>d-^%`OLiRQ#+h2?I*sGbje+17mGfR!tcv0s57U{>FMdJ_
zi@w3Bu0|sKEwEz9ReY?-4vw^Rmkoxs;~Bwa;wL5GInA*PHhJ5-yt~SSQ>V+8^NiSH
zbeUVzm>bt~C>|@{r!uXm+Fj|cwRaKj(3fFH=fqw!o$BW02f#2)RW=}Tac(e?RUc2f
znf_~mb;Hajo<>BCvCgz<Fp|$$h^hnMCbf2OX7o!4Z4`Zy!*N(X!P|`^(A>pdCG>T$
zrfUQLGz%}Vu>DP^vD_V0olpDIxLc@B3*PUEy6m2mbv-^IAG&xiXptJ!Q?9+IlB2O~
zgB4Uh>8N}07e-WL!zt0vn3)1hrfVqSmx9q;!oU2QHyHM+t^@B29UZYwBAamE_#!J(
zirgN^Fx2g_YC1gWWN0v##fog36x7*$_faMC+IV$8JY6@n$oA6Q(g^LSOFAd;71yPL
zJPZ??Qa-z0GzwP&dztz3^MZtRGlMArnkDyNBS=PhwEZSSIgKN8_WQS}tN7TqY9B0h
z!w{~Eg(&_=^_?9>z{kC1xozOPdaeS6IQyj!PTrUIE!sgQ9sWmhdsRJ)`pF>I9Im%j
z98~lByj&S;bY=G=h)!8v!!9SowYRf4(*E!`wr?v9h{g2<<}3-rPs&!Dk-~lmrU;|^
z;$gL^OPkdgVgG_wT_8Obh~>gs?>is0xU*HT27Bq~6$cYq7?LwCM5(uhZQ`2@;;i2g
z@npcOvFwy|cCVx`{{xG<Pq)}<_#BLT_}$ySg4<5oqP_gv@|Ic+Jnn`ca1<}&iGNV{
zJOi-Y)?2T$`uP-aK*#7)3`sug2t{}jk{gpp-aTM>7m{fsR@m$?N<lpx!Y3<wZ`s6L
zpEWg#f{k=CO!;*&YI-egJo%Y=bF!@ZdeIHsrC2n)%x6l~6ff))`69piW7FW)qq}49
zlCpi3w(bcDpEi6Df3fPT?@rT{evBohun%@f-a61FZ!LA3@wfLDxz6|t2c4fHfp(*>
zjUEBMDQcMFbJhR=5Vb#z%A8F>uiaEU7QVoZCs1k$y|zXkyTR&bX2Tu5;Z|UX1$)f-
z);j+lz3W}zkbSR|ubDK_?DiNTwP5LVi=A~1#ZuQ}Dd{ck%;&|?0aQ9nTQi_a)IP;Q
z>7RmJJyhw{CkV;!sp%XIg6#EGn@8iu^BFy?CIk4nLhgO4N^jALq}RMCg!bvqV(gbc
zz!El_!Ofm5X`~_;<lY7t<=UAZ@tj9@D8G`O6!h3ktN+p6IB5tK_m(z#=#XF^;^BB+
zd8g$buFS})Y})I^1eHCkaD4+Zj_~-1gWDv4UvWgO!bFmncb?TuaFyr2M&)thpyDCr
zruj#Wg2CI2E)Mqc*a;*#mQF8IGG1@5N7$&U?4{Wii|g`NB&jT^;_+7pre3=0bfVg!
znc_S#eJ58Q$@ftN7j_POtwKq7$}i<5NW@C+1U^JYc(Yt3Kb5QvF^Ss*=P?b2i5e-g
zr|dT@8$@&TTL&nFZXhc^cErCXu#^9-{9pgK@?Ww0r}Epkqo9DOLV7+eI)dI#55H5d
zLN|mG3}ddo#(>*oxTYgtV^gs@?n~M2LWRcJwiz;++nSQ;f>1w&2xGCc$<Dwj9gqAT
zMy9~55t$tK72+KJMQKX2?9nSxLQ2NpLgb6np4xuwxUKr!md7L?pZfRn<Gz>(6SNNs
z#ntH(K3s!7myU@}^wnMw;UitIt%5H^WcPW3D(qtyqh?FE<g2dBD-WG;|7b?KZLeX+
z9@7<jS#prYS$}!gP*RS8Gl8ouhABi*uAmVs+M#y?3(r#41=SJU4a6f8Th%7zUiD+H
zm?+esAEaWSFfy%&W3XoQx>nSO2r&`!Y|16y+NYsAFASkb-7Y7OXsD_u;qO~)jtY4f
z80$n(vhFD!zav9ha?S7qnS+GZmh+6^;t7b1<5cvl*@T9+sB?7M@$CP|{P--g8@oS7
z=?_{v+~~qWV$Tjw-56%9h>+W49Ryq}nE1Ll`-Ny+w#+N{8955ez%2|ttkB3*nHPgc
z#6Q}MEQ5%>aub7m08c+7R!br$d&K_P>Y{dA)y&z4i_gZrOy0kLeKqRtd}UmBVt#q~
zd9FG%BKv9ICq6KL-&Rfu^JXr)Vc9{&6}Mv~ODB5=Kg64vc2=i%+CC*gYJxxuKl!*n
z|K1LL_<qH~UGtLy8&;BR2)sZ%mhFH!76?D05+ssA1EXH|?G35|s+DX9`jBI_e#VBC
zF3+AEXJ1DM!cj@o!-M}b%K-<spw;z>diy`HK^FN*k-gspMzq4CYFvhQlOP+*KU@eI
zlJT5U_&(!ak?dyJ#@wyjsp=qbP<6S?ymL<#Z*4)XHFGP^o43F^IIdiOI?5ov1T$!|
zx|N%+w|IRIODR-`ZlS6(i;w<Jvn#pPvm3;Yn8vb|HAJ7Zn|wsLshCI0cXeEI%c@Od
zRBod%IrZe)(rm$ALP8?i(1SUPIOE&&gRbxSX3IFXp1eg1r?R+w7?NH=rP{t)lhI2|
z92s=4LS^jUJYPn(wqEK(qYa_4N_otD^NiK4123S6cA!%ha_h|a-Rrvg_}lBHg`WkW
zU|pI=(w^s5QBZy}rjbcs{)W4L^p%&}J*xCidVi2Ia|gpMj(lN^DVyt$@j}EY?K6@u
zl!Qu*Az0&O@8F;12MmeenE<H7&UNMZ5HUU4yJ-)MFR`P?0LNPJUy2(&-ksX4?yT2Q
z+azsS^6R<JfWETZBPK!D>8V>0!T;l!d^}^Pj7L@B^U_DU_gZMHknpz6n~#6~6X+%@
zclE^7IURC`f0S1XQfZ+c1_F<TumA*G9<fjlJ%GjZwV)hD`t~cmvg#+aUN}C#FTMoJ
z6#VR!?^%Jpxx4#vD@o#AICIC0U37ZBz+S(E{wd}!NKI=zV4pKnG^XnSl*ys{H<>LC
z#7R64qUdJE{(?GZq8gyu>j5}xLiRHt4^vwB=-!LzV?i3d1DY28?dRe97DzUlbeGll
znVWR>>Ip&B2{^jenz7%M0VKHJ$PCb-=$>_Ofd;pyie?!7US=a`Xs&Ox8Jl}zp6A#t
z18&i0Lk_7n2r6nGWg#FENOL%bPj)ym33xn)zqEmqL^q_)JsXWxTpjOrHS-^sz`U4l
z=|6hVVv70!>3}Qz<WYT{&7b$(7uVQB@pZ>x3yKs7U`md(&m%)BTLNL8M4o6!H>;-M
z8h#f)!gW}#rn$lX2e<P#T+kZDhSd_6{>~E*-aOV%W=uRmU@HI{H_i`n2zC>VEIx|@
zXx<OTvG%yCie1tDv9x?$>UoQ+Jy%62*rynoU&5d1|D7a-GrQvL_T)onb_(y?J|b-t
zSA{>B5xhaNp};;q-uSBxh4!<KU~s?p4<r7e55$%>NxqTaXfr9$@%zr>-RNNKv1`nH
zo%napkN5ADpW<)j|MI_;pNR6G$}cK}g0g|LpBjg@ClQA@tv~cX%}`9WH#HYTTRwWh
z%PvmUDY6g$>Tm17Rrw2K4LBu5^WAnn=CP+u`=F|hc+`W64Z;Ze>s8F<KR|jQ#|!#Q
zs2kn`;-|1~Th|4lgh*@&q-B&O-4cuiGGqrZ$O&&<9M2H2)IKwH2|>uOfi5LEZn_{9
z5mhg)KbR2azgo2@RlFL{@%hoh?fJ0a1!lV;HASiPVRYA-zYl{=z{pPZiKb>!-ps*5
ziXSbiQt`xMQq?(8nu$@ddG7OcI+d4V7LoRTOD^om<V$i+U@3N`)UZl;9T}4nV9gXr
zaHZB@&vh&i#Tq%9g%A%%%&p(dA+87yL!t`ka|6t~J}7ywJ|SM+gYZd1^6uN+FQXBI
zVL=kgU(Z%AgOF#7T@z6~ZHN=Zw#gjA#HkgK+l&$~paR$y((n=FF}*9mRmI2U2k$!Z
zuYek2ldO*|FEqGeIu$(;R*2eDNuVKj5>Yq4gp3F!<0BjuN4%?c>mu)rj@$-Xmc7(p
zBtJfjdEKvN&WY!lOQuD7!+#JhJEQ8?^KmUUIGoeE`;18-8!ONV8FP+$|4lEZhq7Y$
zxDC3(XzlxCpmgq-9T5{>jd@SWKLOu(AQ&GCpG``9GDE%yK&d?NFNn{6n2~QVUmD@&
znRK94faDkg{R!kIdnZN<svG8y#~YTg_Vx{pEy$G>H5%)PTA~p_;Am?S4E?-r#_6|6
z>3T4a1Tu$Jz+PGWoiB=y%ZvTXxYdozDhDm9!GcL|mErPKMOyyY7g(~8x(tl`Gw=}j
z2J8I$OD{%HJ30XXVs?O59%=y>TjIPYZ@LHIt7A-eH|qCpzFM|lW4SzHxD4&KOH8#t
zNa?aQhZIHoK#ybwOOIYms7~q~nfK}kT2qX540wZ)!6tTwgT$0{LXP;!=SaUC$h&Z<
zq_#}3KpL(Thd0DW=6Dz?OumO9bpy<PU~y_nt@cQ*y**rA17}RtZ+$~gjk7FWPi--(
zv2zcJ+FD=R#q9B}<<u`PylsYlKO|5}PAVJY5!^#uY@}kz>l1MHRELBx2yUC3I0GOF
z6;IpS^cqR6T!u2_?4k5n{;-=*m@&je=B!Dkb#~XL4FT}e(`|v%P{3o^0m_T<MM{<v
zZ1!SFgIOwXMe!^4(LO!j8>nuWk@QFWV4QmwBUr(jy?-TJ?a`Xgc^obXNNMvN*-F3E
zG>yOE6Vc%=6j!<lP@-fqg`YnhYI)JF$oSU*qAa`6x5$VDz^>MTu(7G@6-cL%^;KlI
zbB*=wE($r4=ZOvKCV^UlnxL3Ju+{t+yLJqSMXboAeci^LcUWPbRFOYWPn3;HL{@6t
zdbgshE<ihzBk9XUb-#PQ{$PXJeBBHP4BoBtfZ+Q9Sk~I$(gCVU^NtiVM)SX^FzrUT
z)sS$<_S4I#c5(}1H(YK!;BJ;{->)&rSm@<&Qh$b!41!_UT%KXW@#IU;PpQQHew^f^
z%^}JflHNm@tB%2SI_lbWH&{I3TBex;KihP6^yn$w?WS+Am}3Iry6+~}-73<vsX6eX
z5IgJIfr&5L8P64?14v8b8)eUFEk7>9ne^H!omL@!Gq<#QV+qny8UBQ}R7la2sI+#7
z4&1MKGIHc$Ll~lX&0WBA@<5e6pJl@<Y2S6vl?y|3SM(($y}r@HY}>D@29I14qTsdw
z^*t^tr9->V4{oa(tN*=g;3t;%xd?e3<Za4B$56vX5go#R1L9;thIBl~h?R}kr+a=t
zXb<UdtRkaZkBJ7EDQH4qbGi!bfkEtO{T}NhE?j@CRLlw-mplZ`C^9#J)rWr$c0out
z>1&U!BYS?rf3N(Me=Gmz|E>IFqyJR?<^vRz8Eae$gaF^9*x9emni@FfUJ(i6RigFm
zq1!XXXIoG-79fKR3TDDz!d@--)BOR%r*x5S12h>K`?y*(p(CM(gWcp|q{!~^r|S;j
zp$h=&DqE(n(VuU98@=)5kdv4GO+C-cxvdr~nsk`7al)+~`mqJIs};zinY=?xxb?81
zzLuXNz?|*$HQXtplV=csg6tk`+trv%7y3T@0Ot%7Toi6V_pQtl8w)&Yk$RpB?ix@h
zKAM!n=7rdg75wit9k2q28s~9%eK@o0RjlFT$Opy=y0OW`$Pl&Y>*ho|?GX9GZTQN%
z(M3(R7N3frac8iNvR&-{%2>1O&evc}YH^P>Bt;wCfUg(a_Q^!}eObBrfFGMb8P-;S
zn7x4G7r>&h<KbrKy_g%UwIAiwkxy1r%<T{)11UA5=_x(}Y?k_8RbOS(5C>By=B(l!
ztULAX#=}T7)h?xtlF4mv|FC71Ud$UQ2O|^tF_ag25c6&q8n6vb%eybr5w;t&r|?j7
zty=IRYY_65a&>q#W9YmOAx%rrN`4&6L4WKERJY-epkyZ?`~Y#X#Ja%q+Z^B!E`_-j
z!rPE^n!;lNyTL%f_!yUMzy@_%mA!Yx4;Bh9NiYg9Fyuc^qV7HbJ^m8W0fspcad{k{
z!=8EAuh&g(S2+;D?Rk@fEJ%S=H^#wG0D<-<>Q6|`BGC?NPC%H-P;78GHWA{dk4QmO
z&v#k2HxHp%k-sPGP9$D|4l>JekacC;xy8zE&B6`UP28rh+mVG0ec}2CKw_Brp>Od0
z^K0h|kRiqC=zD4FpNlG>OX_GpsTrKFk-ono?epkey-fqnFW5>mJlrBFms9oV47gea
zcR-RDbqz&wFTk?Ari~chDu%?$pWnpUlANIt%&OHOTy!)-!au!6CiB2~O9VCY-p>8=
z`ZYEbUkQOvW&#uDvg^6#qkDieN`k@?j}8421jJirNM(svEhFQL29I@l{w`~aRY<Go
z5I>wE_#?YM+La!#s#;?((l=YF?;?11ay5O?v<Ukerbh4XWFFLU+BgXIsi2B!#?2q#
z3;Xmj_x?+ZiI&yC@0v~m2-#>v*U9{yfNwL9mIgLAYrF=b8|2b{6YZWFSTE(!f$oX7
zu;Gr0m}8cJ<B7Asby7^=j;t|!3tEY9>=NSe1cm^1ZE;@|^x7H*Tsgxo`YFi9%YME0
zueP!D93XE!gcve)g;Rj9wb2vtoBKEN{wokwlv_@Wex;2lems5&Ch6*AaIU-fnUzPd
zC2VDWttzYL>&1|yUS*8CX!h}i0-E=%jD@3(W6JP~+=K;A?n~V>iBuM3p%U{zP`pSw
z&-7{j?;WXj<rh}htKWdHgxH7^u3aFLm3S_pNB#_+7fAR)0=xj+mUCndU(D1OLCZ?a
zKrP~$t{f(dDg*o~dEdi8AU5BT90dB+c(wp~{@zkE_b!z>FZJlXU~bH$9wgcP$Wg}d
zJ2K^5>zVXJFI4W(Vv=H>_y~y<Me(a-idexX)mG&77Tsaxgi%UN?Qm;tzyes-f&kZW
zitzYO2QKz*(5$Y?+?inIpm*GbV<e}IuKPl>FjCaP63664W1S!1?R=7hnUirX55&+M
zS4O=$fbvImYjj_hXJK_~?|8yv_%<+Nlf*Z0>_Z!#$2Iltcr<qb&A*{+)UlnJuf&)(
z{L9gPws}GglTJHLO;aJJBI#SAg}z&T&0jU$(MlJ-0pJvyWftq;x}j=IiZ9$HBn7G_
zM@ov<uHJ~q^N$+(^|6tY3VL3z`yV$}3{{<I;z~jm*ANgRQm}|$_?r(Cc+oxoNe4`j
zhinh*d7dIGKkvU+eyYEf|L}h+KTYsImH+b_6qJZXo1;K<?yYtL1pf@^w@r51JQrM3
z)~sxK8?TZM9ob&O7Ss!$aJzr1mG$jclYahkTyL!2ahqd;`<iu+Mqh)TB{%RLu;cR5
z89vV1Iwz)twJQ39E3%yg*TQe;A~^|Ke0jUyWWMd<uDw781rDYf))3;;ON(E)`IuaS
zSNjHD{GPrk7JU;=>f~MVj$8d%f#Ha0JwF^^BvvjkTsZ{mfdRcT@x$otR7B=~TQW|j
zRTPVhkJyI)>Ci%lSB~C1>_nfOdqLx|8HTgNh8~Q`$&Q}&&zGyJwVNTo^xI`_ATZ4C
zL$}`>5%GUqPbw_^pSwB_GMY-1;+7)MPwIm61s&cjoJZLHpQk$Oe@n8%P)ePu@#WVi
zGCZb@_V6k=8Qy-jg4of*_);Pnkow$paWXRs0FvP%6iWK#;xCVbHFMyofxc?v@eW9o
zZJ>W?;OPNck=S!(TP3J;6+_*xpAdCJYZ3H4ceS7UyFr%Jty|AZC3k)d{r&|Cs8xVa
zimxTcgU`%0Kj3-@4#A0Q{FUt%`2|GX`FZdZWE%OOL77o}2CiYhK}QZ>Q~=6Wo=2I%
zz<SG~U|P6kex!YQtc~RbZY#(H$2KB&!>UoDkCK<5ab60B=At6&0y(+E%*Xqn7;jsv
z=3<=E-y2lJ13!RK5)4usSJ9vOtw;l|%E*Indt=8Ca<>6%?1hIz{jONZ07kj%Ss#<r
zzaqm<7rM^sE`Qg-`*}L8H^CY4!#rJV#b-uyal)p~ta(3OUu%6GhWmEFApqs=Uv?Vb
zmGO1&i@4$<Q~DD!w(?=1hF!_p*Y)$uKVL4#`H&+1MBV1Y16+E@UbOO2kaF>TkOF=R
z^2*>VvIV$M3bQkCd!uwdQN^eBu~Vpz1s!s;7_l+M)8m@Ad2NGp{NYH@yEsCthuh@&
zv%!*A28^l@+xsKUPt6T<T0kdwi1I{N-m3y|ZetIZWGrayDL-9neLiVd1I(r&FXq7k
zR{DV5BH<nY?i8QRP;SL3NyR@}bjUgyIS?eY_MRu7VW+VeMsXU?8|eb)8H$~l{Nkjx
z!`U5Rf|$oUQA(4LK{sBssec`qs6JECB}l1^XyVg!&`5nR4ye99h>G;jx$CU63Knw0
zo34Jn5rf+>rmPnuH6J!_(4Q+FJz*y%UK)MuUYvgUP;YwfKli&I?XRak<k?70VG>AB
zktwvVkj8xZlD_Sq)m4WnjwQiK($?uW>1Skgr4LIXfE7RQe&a30+TM}5d<e4I4ZB_#
zMh?NU1G*`lO1@EA3rUC|A{1W>d6$Se(vS<yIru1ld&5n@AcrGL!r=C5BbIyG1M;4I
ze}RI3$s#Mo<PQB@!k0HGuu3U}X)>rUQXm?1V)UN<B*+J_^PUt{kstrN<*vtPCJ_v?
zNHQNX)UV$H1dd2w5MYIpdSO)oUAy;jHR&TpY-4JE>yXg%T@@L@F__wzRU(ng>G0{Y
z*@q?{{s3t5zI7w}KFHwf)euk220u5IXsI_o*?kAfuU(lxop4P$?PqOurA(O62${SH
z5iP&Ke*w3+O(X}AB{km5A<Bshq<SfdPAc=Nqs$>jp2A0HBE0t{)Bv%kwD*Qw-qo{}
zpC+OW(tgrlWZENo_+EUsFkGkBedyf>&MAReLC#-K-4LD@exA$}wBv!77e9feK4s!F
zX7zqAUCp=6OQpQ+qJ9~kVPIp)D8J}k<b&`i#<Nx-M-slL<O<%uK}S5c5vY3R!h6gT
zXa`T++<Sk4&=U|4It**Y-yud;{&=YTq9`bTKTz;F-ExTFXRZ249278P<3P<rR{m`|
zsQmcI>W|vlBaW>4xpD7b>kwl*;5|Y4o9s3J?^ntHdllOM&sE|Xg^*VnqWI5Ms3UPu
z+A&f7e*EWM{O27Z-wS39CJpi`%h!<a19_z$an#OSxWeC4hzjKrbmu5c!zJpQxu<cu
zCAWXSZuYpWakGH9V+p;%u5`8_cC9>rB%|%q{N0gMR;~WHqg$b07GMx@llBSYXv0-@
z44Fd3nD=j5eOW@Sg?J)vU4}aK1U8+?#^Or0s%OB(w<g-4{_*Yp!H~ky4Z<k*Z_1x_
zD}PIGs7fR*IH691fI@}sDi9-9cc&?b?1_$ssTGB-NL3bZ=#xc1_slrO3P|gt0JP`1
z!TrdS-KlV+#g^V};%g+R<bip$kp<?)UtLhX0hL&16Pmz|T1lNZiJYtW7KUo)+!YRA
zK8*Ar_r4cxk7}ElFWpx<7Fq3+l)F64xZ9b$T|?D(`ncMe_Gd2I^KKhmp515tEOmFW
zk@b-Ck4DrdNA0A^8CGNb&R+6?mZbQngsTWOy@g;fK691ROWn!s<oybdYYrh@&3jJ<
zjod}cGO4oWjaUf+@ppTkNyfQ8cg}s8%9sd#SV4~XjCGl3KG7?(pE9cP#l7LV<Ts}n
z=yc+z8wdGPl+DgHlk?0rtTnfPEC})8Rmu4jqaUYr%8bk%&Zc2~iEfO<izIi>$Z%`6
zU<^a5o*dquW=S+&+z{7QRN&<46KZpgsA#ZHQ4XDLr-<B2oXR=)9+~&G(;RPbWB;TN
z60L4oNsZO<xWAoT?;O-ZKcU!NVe9M9+rKnWx_5kk{7x!^C?_G|{kll8N(a`xPm_kk
zW@qABycUsKZb>S}6EH;u)T-8oTs@sFCVKu@bA1ksSX4r6tnn9Bbwn`|=^#SbPy6?=
z=zt^%X0-fOACa>{E)0n!r)Q5{Z{(L$*E^RzWmjsCmGRltd9?qSN}aHX6+6yNEj*KZ
z?gmcyB2bThTy?kwuCE^c0fYAD{<LA4yH)6g4isX<1+){y-V^u25c5G+tt9O<R-tw5
zQ6ZS6iwDOa&3yFKjgg0{RMyU?U%<1Ru;Y}wh5t0hM<~<JUz~M~=DALuZTw&mJjd&)
zl{*F`6EoNINYea2ms`Fo0D~Pe!pF!l1vU%6KN^s#DGxbL6z~fBjKzfZpW<ItSxI#A
z1}bQ*zIoUP24tt$rUjTjA-QPx+*FQ@-C5A0WQ^HlztT>Vr1>k}4fFdO-1gYDir_h^
zJ(7yiDZ`y_%n7Z+zmpmercF_9M{@y)jKLM4MJmNnaK?>=wl+liSq2^{kqO=+9<)3j
z)JR-V;JL!+K2uJxeT`<{?3LurPr_QpBJ$)_CTTt*D&OhGR`GSty&ioa^kHGfI065T
zgIT9;HIk#XX1%wh9MUuF?E%mkOh<(((jIYqyjR+S44+mQ(yS$3$A90-T!%M|!S&AZ
z2q?y#FsGA|hft8>%&r&LY}TN>dzrsmcXy~&QF`>{OxqIW11)=;*E`S5qHT&v8yVsj
zs%Cq&JU3vmKx(lqGewZ4Mg88;T=%j>CV`_Uold6<wf&7uXejhtnmFdb)LxhG(Cs~(
zEP4&+$Su!}ep?UjIh++(QK%)kSgLInPskfyNe;F@JFpOxsibQ!df`xUY>!NsJ~dMI
zxsGP~M?(rc%FHKG51sBHbIK15gl*U@To({@_>2!JmJ3otGu&;eIr$6q%AR=*z*-f&
zA3lNK*Ciz9aqWgIy|C^@8=($L>t(i4?$YcNKGCvjuvPjo49EAcaj7rqv@Cw2C-*_K
ziB!>r^cdP(B=lC@NDcJhKxu^L!vJY|KuhnY_bzVwRIf=zlmoi+@<2n`0S$&F@x9Wt
zX=`r=juEvQt~BzJ`fgY!F6IZ8&_70z&tt}L9&Cm0x=WlCU+UZN^~%VR#%J19?BjZC
z=5dsURrI58u$11zlI`l+TS24H<q{Pl6TUylQ-vS}2PGCx739bN=Tr$qEkIWCts!I;
zhmZf~REcM8(V@b&`mKk28H&yyeNA~;<gehz6%<tX?>|4N{`>jz56a))gChe41>?WJ
z`G0&O`TOgCUiF_d#ytIBaqVl!clLfC`L2-f?muS?YYUt)KXiyuF0+t-G%AY6|NEW&
z^M^A2_ZR<v?@R#2<L`w~Pze9NLi4|`y8@pt;m3df_y7JxPF8s-U$WK@N>+L2bG1DK
zg3VDLq?4~7y;*3Dd7I#lndCF6a*7-$B}Jz@)+$<P{_*rT+fxY7TX0G=pdY@|><0@H
zAs<HXhZ&?VSKSJ{$R0?-!pJ;jbqR&H@Rd0u8BcS6v;Qkvj$<#GUMl=r2kgL$2S}gY
zO0#w@s}HaOMblhVlM6*u@z8z&!cUdOqc`-OZ*Tej#!?K(dbrU*m#dcAR%|Y7?C>Zc
zEp7Aj4Cu;Koef#<{_ytl_y}$S7oA@o*XeEZ6bquB!Fp)-PLDeqan&q6k;x_sR%+L@
z#UgZK^0;q5Bz*|-F?7-rUyoR>KqQo9BIsd&#qZ~fxrgjSQ;TX6IXP1H-L1VYe|%YG
zaQ${;oLPjmD(*8Xy&SRL1i858fauNJp4pCN0js&jJXT%OzUaL*Wz`VEP6YPUqP#36
z`g^)6bgW)Sw(kQ-t<higq6*N^eb4#;dCX76S#Q1U0u2z^xDTQn^j3JDA<qp8Ag_Ds
z)L0)50Y9yr7z8tAhwe}qsUxe3u>xep*WSP2wYV66(4~;jkZ|I`D_QBwYne`Ej`QN<
z@+_GS2ywTte8`Em;e>D)>a2k++FJK;Ypn9R&S#j@+$6N(c3q?09#?a=<K}ynf`u9D
z=aG8Mfob-{!9-!&BvO`Q&>BKt@k~A1^R@I^2s$(OhBHd`^-7MZIS@!iE|e8~e*z0d
z;nUV9qm??I{45i1k>FW~{bZrs?mB2OhVwC$M0fNHr7OeK*TR$pyJ4YYPnCn~vF)2W
z7)^5B+0bmh!Md=0$DACpwXr0&hNW6;>V!2VuiUri6nPE=ZB%1My<ZV*CD&-tn`A8#
z(8f@n``-uQ*;dP-rqLThR#;HS@_hC@U4H`Nicu5xp*U@JlyzXH`kq5|hZeQ_xaxMT
zGq!PLEGFBM6tFtYIbDnx2^Jy^kKar-YP*)=t%v`-!pd4QGDGmos;ZbhwJm^hz>E_a
z2)x1W(o~4f%tu(l7oHF!OPccOP3)lWl1qiEVskXJFAA9i81y1z$N@DFI*q&aJYFx9
z0$(kWtMHKzpFgWCO>(E*Q<bgv&%iHiswFJvGLI$Ea|&prYJU){m+H=A6=Nf5D2Ax(
z1LXj^zOg|DN^)>d;<SX`aSq2iNDsud%zAFX;B5|sVxQ*P-KzK@p}9{Wlr?0~+g38x
z4WaTnYB9guR`+ag(9tUU?IG&-=3U1&1m_}tPEEk3MOh8IooZ^5#nL+D+E>W(%H`^V
zeWKO*L6=^BCps2OJC|LP;N3c_Zu;z^!vF+163p^uVP#V{M$XQ{?P1<9{8ds6;{zkE
zPu=jz;GXMzGx*3<IL?jBag|r^>%L&bL`|*|m09fF<El4sPocPCMNU%m^-$B8(^RzF
z9)Zkp3km#&RgZdlp|0$@img%nq<v^{<FKLzHmX!h21&3$Xu7$(4+e>hdRl1TuPHH0
z(Q44IwWm^1Wj;#3;fZRon47m6(qr)rYsH{4ik%rnz>&x~72&r#+1naoVu)3f;DV4d
zK9t^7*VW)QY;T9XI$e6osiUWW#Wo7;<q~%sPB6&LUisAulH{rX_9{9axu0z=pm)ZC
zi_<&Vs+fsDSav>T!Y2-S;=;<jCiGzF#%@(a&f&u{f%g6VMcp0xr|NXA_V=PZcr7|1
zCs!ELcXT4pO3}FL=M@3B%G{)1a~$z;oECjYiHZv6hJ9%Ag-lhJjK%H~$TP|2-zz`u
z-^#!Dzm=cc?Vrkj{~HQQGYXN1wY}e9JT<sO##0&yJQ$HaJ32ONr}6F!^=_Mu4BH#t
z`D3^+Nz5yY2mYV-Ws-BfdzE%C(J_04LNZaD-Y6Oi;Q63ymm2<<D}RyJMKwOpQ!wK<
zX?V7m(|}=oXr2#9KO&{z=iVHw@6+iK17fLSYzuEhl^}LA!<tu0DLxMEwdw>8O3`WJ
z%j!IEHsR5_R=g6WruMyOhc(MQwPy#au9+j{3etbxtXM;?s9Iiw0ffWDy^4stgmu;C
zO642Ie!uY=sJtcxinz#~_PBV8G#%0I)Ak%=tuR_(`dB>u)c*W;-!<xsh3-GiWL0Ze
z7KVM#2cpy6C7z*=-X_M0$DZR)=$4Mip}I|&B}se<u|gUJS&R5>-&ief!kLoC`YwU{
zj8F7Fezt|w8KKn2hIsN_f!!*mCK1N{STpaCb@XaPnd3!WRlo2@y+8CwEJAl4n#qtO
zq@m{4x=Ew#M}x%8d($x6PVel=fKwKALHC}5eUyI;<Fr&3#RuMi9<B|0(HwTl3N+OB
zq%r4#kmUDr=3*>>`F$Q7S?zQ!+ivO)n~HyPI4uT}hmE!XNqmLZty@j5E%KH%uLQ4i
z<5DamnNASWM`d!k^wV%l^Mp9=7AQNi#XUD5g~f{~>=65wTZOv_C!pIMy@JPZ1hVU5
zGo(9hW!jRJRwFHd0o*Lu<x<dL<3qYt>)%#iElB>9KDD$hF3z6itg8>ZGI!v=c+Vsk
zQ;D?7$8`{pkCw@zy`a`AHm|}1hh#2slBW)jJ+pRQjn-nJr^I^ds<*52m@?c|ClgUF
z;zUDPj>;wcTxKn&zt~`Lad_FF;B~XV3)K{-TG0%-^GlAxYE}CR|F^Yz19^o{1#2;v
zxUIE$NoD1~6>+d;^u2!H{H&Y{^@*UWY(F@OEgCIT8nK>Mz7VbDqGc0NxAP(Y`A+QK
za<*W`YzuhO8F#ElUBlflAib&ro5QS`r)AX$Osr3r;2yduiqqN}`0E>4TVp?O%d*~=
z0oD-OgAq-z)ekoj;p~&XnWD-ZH$U#!TW?+eM%0YDH51{QsT)sbAK5+=PCpmB!Xj|d
z@3g6EgyXx%PH>-_($&0G4Z7A+%*P>b>*IMETvHK*G{QKF!Uz;E-HI?o<KFTOR(ivb
zBcxI0ay&-xjq++A)(eW7^RY(*?sb-(;tvgIeG{1SsIYMk;qc=D-1*}WB^YkqcgjQv
z63_AqwYbbE{}9r<aR0Wq51vH-sU)${4l4PN-lK_TdU!b(Wg@(o{AKGf1QC=(t4i2u
z1EqrWA~t;(pGzgXe|^jad#_C;*B2V2=|?dfB}QVen;UN$i-ULa7%ZlkbQ0m-3`cID
zMzDP&(;Fe0vDyID*+r;;OZis%gb4GKNnXO?GCStv01`0+Uwlf1$Ud=jgNpMqt{B9$
zst!6~;X4~)T%*2NFGkr^WFc58p}r{tX_{^iRl<Fm!F4g_iD1q=ivY=6RaXn{_hjZ3
z1?4pMIJm|5<;Gr)jkmUi<b?0>44y!j?y821cJEhHV4oNgGV!Uc(>69$E8k|)`w2Vr
zMGnWFSjxoS$n*aE9+~Df!1=bn;#bh3NJ~!qHXyq}I8>}{+V092Fe*`r^K)x%<GEbB
z8v3&K6W>B0+(;-B`!wrezECF9rfwCxsV;{kW1BuqG-r8MvBL<&k5pfYq#hq5fAz_^
zRuY>7z{fEc(%SLAPAU)?UUhpkOay9KhM~Kx0#rU3+VT}I%qrWfOW6}V_(OHRxEOE-
zs{k#6%cxIgTlHihMa?8#-V$UO(x}7aO2sVtm0{kdov`&&Lmx`K_P{m`-CKPDJm;Gj
z)$n#jn2VK*Ux5{MTZ=p6uOWN%g^hQBlC#KUDcv0kBgZU8R(^+nul#g>EC25QR(=77
ze=5HyH0AZoxefG6WoB>6Oz-X&?CXEIVn*644$f@UH{Qxz@hsjd;h%dXr@gr!rbyP}
z4Wp`Vj5EwdNFEYzK40B5)eEaH)2Cfl6H;HK{ppjUrSekl&*}eqYqBAdu)&1$(3i__
zj-@J9xGcr-O38{POr6JA(@mInsqh%qWMXggrf4(QR<6;iI^wnC#vjpMINkF2FsakD
zQN5$6YgD)`obVhCjVV4Fp(jqcO&)8|6fTI79U9OihLJbmTUnMO?ZOkqhMO#9YSBDR
zRx2N{QTD^4^q`E1+M2N@XSd3WhjcIYeRVkI7dMmy<U)9IUMmyvjV~k244DF8yGo%J
zhL(xKgtk{yUB!ZHN7RRi79KU3qd}18sMO;rvp3erk4e6rHeBjDeEB{R!V(xi5+k+#
z`DN&8bHIgb*IY4q2vESLqj(e7+o?Ooq0cu_?v3Fdja#RCc~%f{(0{2is2KC)LSfXz
za+GuUKt+dzjx*Sg`EDS(KYI6L+DQN=yN67_d2IB^qmyhpZomp;*5B!6YK$)HVb5a!
zDm7mCyM0$R<zol4+suA190rTI31h+3{3<z%#YhMFjk}XQ<f=pgXcR^-uUTj^lM9(1
z5>WqcNc&!K6E}w=S|yaX{r5r^H2w_+Tf)*$9UEylvhm}`*F=!krytWo_cX`1Bu*^x
zAGioG3vc~+p%odHn=cX@V?8rX$B5b(8=z?TauL!)+)>CgTyxgsz2rLzB;ahhfAGQ3
zP<ia5R}e2))@3)!g<zlDW-JY@Gii|5ExGDPGTM<(`OBEpBOAS63M+J-#vh)i(#UMD
zHU7YvuLM_vx3G56BaugaTNVy1cSxy;#ABRPo#VW(PBhObanE`9DKYX}RwcX&%-A1o
z;+d}HI$nl3F`MOp|LuOZPeb4@FGmY-v462=WjAudBt?A+X50j{pa*rGX0#})Mgm1I
z8=rG75iU&2OXA7A`LOu9nRQOl1!->bE5UY7<Zk&kjcx4hAN^LBzZVX)c%N=RM<~g-
zeE4uz-ngmQ<U55+@)v4@fb_AeJqB}{7VqGoEW^Y`!M9C*ZS5-jYy)RLK|J>4rlKZf
zAdibH6x`=eqLwO?TXJoP<1=k!Ide<%$tVW<z65B<y?p7bTlQ&)G>l6vS0bhQOK=IT
zex)J?c^_}4wr(iL{*j`><6mJr<55u+Orel1FRVW5mqwd31&A-jl?8)}@s69?FR2V@
zdk50LJ_HwhPrgd>^3?au<;5e{%t@HZ@oqbp{f@f++nSvn<J<ML;rmtOtKmToKx<uk
zu^WyiFN@uJ0ep(YTO3ZN2V`X(y^8~2kScjl|9U#Y&`$T2oMOG)hZ}`vOkOqe&+brb
z|HQ|BVHD+cH93|4iFA1lPVl0h{QTXMFnM6S3EA{T04L!N9$41aJ#blkof1{&9%F?Q
zam#{`lwxXd8%4EzF{3AivxZ;nnTnUrs$rg^NTF8c8dqT{nf6S&dW=}6M^=}(b{e~+
zBUp=Amxkr;a>-XX?nyHwni@8{S&`u_=tbLHk;o)r%DMdw<r<;-`)R4WVy{d(mkDXB
z3KsKesrm$_l>?Zg3j?UB-s2ihCV4Y)8;x)5<Z%#>+lo8zsT=2rtZ<AJE$7wa6h<Dl
zo5Pcz1~kRQx<8vTf36d!@~fti*1aWFh>mfEQo$zke9tpZq$n&PjKrhX+BG%GtWwsS
z_YubZCLco_m5bQmbzF2H=iYo0^Xil4O3~fQddwtWUL^`u{4rAvW3WDTj3oX1=3C^!
zt7@F<@+{Oe2LL(_ZBLg5FfBsR(}DK$a&ksDC2iRNbVV0BBUz*cPN9eT+H7&!Zy7ig
zR1I$n&I6XbcKPf3PLsvWTWI+F4+v$*x?kbCECh9noKj+t>t5fn`kOl+_3xFR{%_^q
z`QOSfI`dEEf1i$mGNt5Yz%%yh=57^F1LPqa6>5APZ0@_WYu?`*5qRPxbCz?Qy+V=Y
z=U;c-Elc_WOA#$}*>*f$t15oclmZh@&03LS&H{|PSKGN{JPZha>`p1<AX@%hqsI{a
zet6(U=L4$Pci`0NArY=u9}m*qoF`pmlzmC=io8*@?l^h7EOEkZf?t0WR{K+<W#=;G
zl~kXn;axF#f=QKFX)16?JbRR;G2Tf+&|a*!kf2>APU#&#uX9$4>XMns94hoIT!O3R
zLB05ZPpOVD3wDr~k0Gf}q>|VL-j;C7kd|uH<tO~+Q5m$wph3)@JTMzuO#G=0=hxJ(
zAy2ap*s3D~4yJB7SJ>%s{}6zo{lzW?qkX-EgCkH7hVB+~ieXpEwZHkayEr%ZSVTRK
zYu;RaYN9>UHYIKz+!ud-Sq%mmY@l*LybF04UA!(OOCDpXS7B`0__SaMWtmLp5Uy>R
zG1bc}78xZz+8zz!4t+u|%jnQ`om-QuQ7mwG0WC|&DkgIqoO3z@`k{8rY}-g&b{!y!
zq8m9lg4|!}ZulbYtbWKT-1MX%3Y8Tf^fV0J`85X=my1~zi@9eee56J102U_@+I4l+
z=SBY|9?vw&Z`zJK-^bsPkJpe+<=F##IK69Ys{Hx_tQ+wLYakNDzI7wPTldEtO{8oF
z*>G!jo!TM(3%x&<_AsoFRNxO(%!qSE5UWp&nBfYn&ZBY)u%U%Iol89UPT-lWBvTg~
zF#}lS(gFfcF*RP2<4S8DSvtjb^@|7uSAHv3(9_SaVsY+rl?0Ui5k2!TQc6>8{6umk
znC`W3ZeW&73{|?Z!={Ol=7-+v?r{M<jEq)+ZgrM;eH2)ZXift6o?b0R7mdeZaDma{
zh^GFSh{OV@2#f3v{PC$OLLJ5aHyNBb3$fI7QL%gqgcPSPKYR(QKtCye=q=P1hn8cB
zdv~Thfq)M?aWI~f?WNG?Q4zl97*VX+dT1x**gr=a-;@<Ouw&21zP1iJ=GsweEVd-q
zzK<}t(6`O<5B?g?(BI+w@*PA1P(SsxH_j;jv2H+$o4(?5{o`w#OzXfXVmD0gx~hkr
zSz+icH}1UDz}vqS?G|3PL4W`BT1WcXM{BL(XR^_!m_?g=RrAbx8z;rIiX&GRBw^2k
zresj%TnmTrQJ&Iutam&X1AER=Q_Pxs8up|==0XD=$eXe7lQJaU)uq<H+UP@GJUlhW
zw(2@DZTM8c#HAKm)hO#nK%Y2DV+tub`E1JyfX01{{!zt~Yzvet#xZV-iHmH2U8hDw
zCLQB(s&by#n$~Y-v^i}b#f)hSO&=Is#nG`R04m=umCS4yBksFPkv%Sa7oS&$FRvNC
zi#FbmV2{R3SEGDG;L6Zs%BVMmJ-Ybib_b^}c|o|5&Xm}tbF-c%&zeAMnee;JN0{;f
zvPK%ldkoDHMC;$5dp2lT4a1bKR|zH!2nFSyQ8faH8(ru3=XjGxq3*87!naWT%UP!~
zmYpsyZ$e+N;{!OKv<Xy9AJ|*l&hl(qQ>(tM&5!xOXrXzN>AV(X7vQ_{Hc`^}VcF_&
ztXi35w^*z?hE{*My8?NY#IuyEyFvjRuJxj2t}tuo#hQ>)s29t+mSW&Uyrw)31n&p~
zb}n7tUoz86e~I{E*M`g=ZfB(M^~t7$CF?6ca8U`{1yK8LL{%auGd8_{;YE8bv!XDn
zS8ILsZZ_e&@yBHxQq-+_k0SzrIO!7MI~#dWj7u8Ci}7Z9PR-ZTS|=jQ@ma>sZq*hw
zw}+%|STmh>regJ0NgCoF<Iz*6vRHyfL}b@Mkc(P}L6v8z_;dw2ZB(REOnhH0r}Au#
zMy@~NSplegvZAHS+hY`!bQ0BOv_Lq*>V!@bu7xV(uHq{N1dc6Qx=DdOv4@fLT+y_H
z+Q^<i_TMW%!{5sP@qa77^pk%oKVKRO$|>b$Y>5f$ozzm)Gda#%$&Z|~^YP6qyD(}=
z&|7BO7Kyyc@Cf>|Qnyy%epL-$R+gGXD-lyQF7mP1xV^kLCNxnxMr(nTM2+uupxC_O
zu^>0v7%q&!pY(c7AckW}lGSK5_I5J({ZS`Vw62EIbopRm^>Izml*v1?^3;dS)VSDL
z^Qg-&<yg}jOGZG014PV>yv?BU=T8ukCS||Rm4c#kUo<|RRe5xJ_cOVAy-rLFeo6Y*
z_OLsA&CI$`dSxuhQyw+l*flhhHzvm`TG*nMP&N5;!^D{b<1{`;lxdK!#d&6RL!0Hi
zdqVPf@2Z5HPqm6mOb79{##s5HQ8RNMcm<OmhjOuu(V9Un?Bk<rsu}z00s+_5g(Lb2
zw!l0{)p@|2{EhtY(n_$#DbKqSrxwtVIswyVt;g)A9;m_HhSvj_M~2>~F!8o0=~k{N
z&`bI__mJ<GWgc9M%%~dr0anjzWov59q?NYKNiW&83wTDvq_F2EsTO)&xK4qYR0@&L
zyGewlBU;VHl3TN>C7JSA^Ho1T??V&dN}fxsTlSP;_AN$uT%=ps17itg{}XVcN9>ZV
zURm!6yxxX%ddVYA@_C5IH_u}M&pwxo#>~N#At&qSb9GIgYw8rinxK=f!yxs<*zb>M
z_kVUXgy1-}q*`-@V;G)Od1`XHk%X&FiSHl0{lT?c6%7_tsL9Zml--DpjGbwAwj?UM
z!I8KFL^LYGI*UAsE5oQicEtUUUR7(VX*7*Ir17VIkk`d#v3;22#A2kkovD_J0?e+;
zHMO*7+cpVx=53@i*b$A-oO|UCZdkgyzrrQ02#9*Q`SLE8A%0fwcg8e(?(1KpIwtG&
z=`ZiZ>_`n}yl2qAPMnF+M@KEA`_z>$HqMycq|sjWWiJeGTpwEbaW708Y%$;I+~LV)
zJJTHowG!|!F&0Zk*xPVpf4DJFyU8qmLeg_y3LS;DNfuo5y{DK*fS)Ml%00Jmy9xWr
z_;w)wyJpZS{D6c5$Fz<WL4vGJiEpwrl_Z?n#|l@l?wp0GzTAnvqVFnw?^LBh8H+qU
zedCz_eM9TaC&iB?VsyzzjV&4OQc-C$=ylPecD<HW^8&$lcS1sgMGD?LiB6vP!RH=Z
z@pp2d?f&7A=Z}+JX3%~pzqk&y0;R@@vEabmxMKZ4vxChd&O&eeK^ripB~fJGBJzjh
zQVW{&N8=?eQMDc=-}u8RR8asD5=m~c=k=RFXUF((g^%uacjFr*L6so0ljU&BT5>Ep
zzIx(?#iMH~A|rh9?)7Vu!O7COosrpB_t8YQBRoj&ZMOGZ@t*Wv?oC!oU}a9%Kf<*m
zu|0}v^hwEIDQxLex!xEXzNxuYSS_!h<u`yseauvWFj*KNc30U9aH!xYk$ty!+4x{b
z?oP(ZWsl*qlANO4zz4zCtQ5wIFQWS~;|5qu%)L~VSV=s2Uy!w+rI4`cPNnyG408J7
z|GJ)~>r->|Q{`<-k%7T<s;*PjvvR*n%kJ;gb#2l=A2SqS)8m{KOfZbSeK_7WzVo~0
z%TI{~iJgKZs}!c7))*SCw{A9iG*KUH?J5p*M%%BuJw<?jUj=mGRP*3qGWqJk7iWw<
z{M)&bzWW4X%k{t>#-1yVNl5PA_yti5UtxK4kBl0XQSM&hD9|W%mb7k0v6;)&Og#SV
zZ6*`Z2BD|&YI}8brPZXU6<8yBDF*m*iWwA&PsSbq1mh~rvx@X%V;~?x${0-0e`k~u
zkxhTL^TXwQD&u!xVk8NiT|ba7i7x;T%Y=M0q*%8Acf2~g<QJpBL~-8H1}DxXXrONC
zHzkpb7268b)7U!23#Mo)p)bys0xSR8Z}dlp^xyM@T}WLYf?&6NWZI~9u<>o26K6<c
z^Q+&Kb)$Gi{Emm%R>;bq`0tgU@o(kd{@=<kFZEC5SMEhYF^AM@;1t_pUo&mAmGDuY
zA}N%cRW3~c8glo=5B)<--m&|5J4i@y%&>jUoYXYAD>++Hb&GAe<9Ap5({7~bjzPxK
z7`JJdCR5^MR-cp27Nl8`LxzE*VmXm}8-n7L(Q}|we5%P|P0P{p;e+8l&Fi<74F-sW
zXoMW&b*6MSP!D6DgaI97sP;JNQ#)*9lU`K=*}4tvOuhimpG2>7JdaT8@ZHwq7~;_w
zx*$kyvW}bsZ+?;a+<WbuHsrSqRU@$3kqkMcY6QC*{SI%9tL2;9fgCJGX&WR#)yC)K
zbsRN?{}*5H9Zq%s$B)}PAtS5oy+c+qA~V}TWJP91hmgJZ%E~Bv?-eI|Q)H$@A<53F
z?0(O4U*G%t``-V2{GsdW;=DQD@5k#o9-~4^Oz^Ft_@3gPsPUdBtnc1uip6vXO*a01
zqlawLA$zh@om&BJ#Dmvw16>?!)_F~NFur$Ro;N0^mbtolvRPv;PZG!UEm4g%x1A?S
zDzJJa2VZ3P)vU7mrz%m>;8*5vh+oM1oxtYx!&-iS*I!($2wu`XT`Obmd#K$f?G>!(
z*m-PC-E)dxS}}cCh0(bDf4OzoxIZMN(^mV*SB`<~D76~fo?GqEr=RnktP){7hHgtk
zOwesJEGk}EHyW=|)$tk68nx1*G}8|~PZ3KmK)ojT<yruUKKk7`&PlsMX6mlWaLFwI
z-}LhSQsM4j&<p92(EkAT{Mx4mP9X;ETD|=K0(JNXMjwLVA1<OjIp{orRDb;*<|F-!
z^;-?t)0*Wl(gK}Q(2WZ7p%C2{Iu|=%1^xG8=mT_l9zQN$!Qk(SX~T$ilZ-JQcco9t
z-1wnve2Utv?!C0Fv2B$71Rj9x&c7ELjKpk0O+=52)R!5L6;t@MCj<H-$+y3hV%Mj6
z#z)YCvCjL2+<I>P01~dKd(0HeH%Udnl?@D_xH4^|L=*%f&*bqLS9W39$=PvLpqx8o
zt9AzV6`{zcM|qKO>s20BUN4V4sXA1zhmZlqVZKr_!NASP1pDY0lZchMs6<z<`RBM8
z8qpWaS8kEZ@Sg8D6d3&;2#*VPv@Y{{@ll+#!q5mq6-kM$_Hcp!8aeE`_~;d8?>je9
z(Zjf=kfm{X#P^zsr=ca=n_f3z^3P{($EMVLMohO3@Y&u&kN_W5Tz<wRv$T{|Q0fRs
zaEep<dvrp1t*)xk99LG6*2)O>(Y3-!HS&|ftbfA&>EMrKCD|}=?|Vdsr$y7``g_CX
zBlEj!#Mwp^S~s0gH>deFIOD;f?FHB32MARR<Be|xcCLeHXZsDp8)zqcpbg}kjF6UO
zyN|${*>6ILCbdVRo#+T$^^;GJX?`ev=*bFlG=7qA>@?3-^rz0(#|AugX41JFxueP_
zca)NNseV1NWajnr7(lU_JX|w%V{c81CqR`W`%b=?IFzL|$suMh3LVOd(o7tV6W*c|
zIDk!&{vpqvrNv=gF+a}A{sgEvZD0a>`(iIa%&ZFimFO>5a6p-;^EXZFzRgUWB^rJ`
z589!<<#^vZwIPTXM9Y%Alsq*Nj{m$gd`ir${-BHghI-G3-NCpJAh!oRpHF8*IUsgg
z16^zuu*m=ZE!F&gzUTkH28#7pLj_#ypDU^-|KHczQTczqoXrueE*zj`M#o-WtQwVE
z=rQwmcJ0GHnx2_D7VTT;10ZXW(Rub=uwu9WH}IDK1c(^p;+><dgN*8WC@;X2@5lA~
z&{RKl5)PXj%v4_{J3$Ly8cP%>DIwV=1SC&c>7C7IDAOTO&8=<S)1RAK65fJ{h4Qb=
zE+ehDQoq=9*;cPU=l9D@yl=b;f2wj%Fb#&%?aP_?#SxFyuSb=~doVk8uU>s$FYzWR
zZhR+(f4k3{(NTjn{ek0_7Rj5*KU588;03+B<<fyh{=)x_{LKF#|H^-n|L)I!k$=`5
z1LN4XO@20Qer~%%YntnU{PFEql+w~Q#u9?>(Qz=mmk@h$T10Ii2%QlWe#{-O`N+IU
zOQ-N~<?Ep?W9Imv@;5}ErwVr?PBNK|0rjrS!R&XnNs-3bt`f`M>XVa@R(;<?wL>Xu
z5$m_(R?(5v<>6IM!h6v}3Cs2$Q#-oa8hS*`_HEVa>NVbcY`8U&!rh3x^JHfh+4O(z
zCI{7e>NTD%VV}b_{^pPQAbdt!{swB5{sg-G&rc0MzzYE#d-~(+Ix+fWuLW*Of4cdy
zV;-Cd>u|L5bWDuj+W~s>FA;B`!b(X8KPSB|+Xlb}0wze>s<2`W{XJ9TKSQl|_2y&K
z{w1I;tb+EcX+oL)#ZOS4EL&es{0t@yP3XAE`eBY|JFT4eo21X8IA6N{hCiYY2-q(m
zlTF%rPIT>NhulV|_zqwo+F3XZ3%w0}90c6yng;5?QXn=MNjWvm81Bu)D({8mLfA&c
zec*2#fT-PIoG9ZAZSM$Lb<H&HP*eMeRDXZs<y*j%MrWxK7roEKIDl&J&^F7t8P-34
zfyuow-3FQSZkbbGhtOi@3(mU1TCAF7R~bhjTTAb>6fDXB!FriE3WPmYkGIkPv#<ng
zO0$j<`5g$bk)$%OBNu{B|1%J$P4|?{Jm0_u5Oh3`EQRdGa}AEv=E(0dBvF#Z<=ism
zLi^ieWnjT?<Kjzx^=tO+fD24~hOPzVjk0KRvKd{wC|-MD1b0HgmFSF?n-UqaHyX82
znq(}12(%HdQon>&$wGRffbpsu6jH;7X<MI<&;f?<(wqeN;P%a>5aS&7LHx5*@7=g%
zsR1AhjmA`!N<k#EGWkakf;|3niDTaIBYj`3*#-X)NR804ql(*OKw7Q^apEQx|KF3h
z<`=pzqTf?m?Tkv7(qHtM+N=Ku4Kl0Islwm{GY{-0h~mL{7Wky|WTu9$|CAY|O2j|V
zq$_Ede*=xkNXjg~0_SQ6_=(mw9}W2RUy4r)u3nZ1I5LtVHbqBXf|t-WVA<=34PYD9
z({G)$LJ<kNeNeRwYu;SY7smQNN*RMWOe(Y61tR_tW$}k`E`FQ$TUJ16Wwh764rGEY
zd|+xp3prX&Fa}-`RsoTZfeJcs2-%h11M{$4IB!}YkVkM|r(R6CXWVrGxKG5n+!{_~
zg5TKtKBe0bt|v)d+M>8J%@NZq?F%?M`s!18aRmnd1CqlpfLdc7(1EW6P$BGcFm5z~
zz!K^EK!q&B52_!qJTXFkZ<{m)GChk%b7u8erWi3N3U0ApVz>MJYdq!=O}snRL{%Su
zKv>i{=mBb#jIB%61>5zn(GF_VWkvrS-dBO`bjP3epOVoR+gyrax%$CE(`$<*E>Dsu
zGcM3^H~vX>Zv1On0VmJ5pr{m$-Wy^~D80H(nlP>)elYF>YYVDNmNjkfvTi02Pm1N+
zCee)M6}{YoCkep#bzuuItPC=ux7J#&W=os+U-t%m3WG2_a@BW6bnOU3z=TpnL7kdF
z|H%?x6u2*8*c`x_MR~hze7_;YC;&tm9}}NS-Tz|<u`vjUP78p=yGmuVsks~4dg1B3
zTd@-n|IcbqNwc_Lgbd^~c#7F4uV1AcQf(PsWBRC8L5z$BGio)(0E*`owMffU8_*>s
zbB%HFa#LR?6)*cLuB!38e9xRnn$1k#^2_9f+k{+OYBO3$AGdr$csf}3JNEYaulaQ9
z#KtR4@pPVPtVO@XW%8x=tPd#4TH1HC?A7@sg~$(_KUJX*ljMD2^OtJg53QeUi^WU^
zjoyf6SBzV(&kAQz9UbaKBY)}tMt+umkpJ6%kzcdmU*u<nB(h^WWb@@qnmqi^$W)g5
z=ABCd{LR!u8v57w9TO-xXW8t>43B@GN$o;`;q1yP&HYWgve7h}wC#Fyk&?N1G#7RJ
zM-@GB`RB<5W69rGuvdxLXb1vrvu;Kc$MQ?pFzQB%#PnvV--+(cC}u2m)@@E131igw
zMESt)*UZ^xBdWaA>>}BixOt8^mgtQBz<icG8tDT{=O+~>70*{6k>p6XXm0~-U*Z2-
zlIY8<_VM-^*KG1FZf<<%LZRNY58qzckBlc0R3$QCALTR;B6_4*tc+AvyyY<k#7(9#
z>uA15a&RBDN+iTZ9<-QI;WC^1rmFAXdpN2_qgRzV{wfFY2<L{_AJ-8zUQ7Ib?NMj5
z@ala;?B^&<1m;4OV}0>@Ia83*x7A<<1~CVH-=hnVV#$IWIiCTYmIOtyJ*6u1YS3%g
zB^F$kM}YbGX_%ldb1rV%YaoGn{1%a>Y@ac_pDHeuKHUQCr&~3Y;+<AvHOA;0u82PP
zFjR*3ads0Wr&tpxt|nZ#=pJl48Sx}Y?1O-sb<wvVPCS}G|4IkoQt-%jJQ0e{j*Z5k
zhqAhDe+04s^yj;J<TcW0)d#Uwz+!rRXy0k;8&vmp-j~md74GQZno(K6QT6B`U9hhg
z!kCkSotr<|LjHnn(Fj{NF3BlGrxrIZ#FD*g7?V=xf^0&Y-?hD@^x!T#j3tk_|3$@t
zbCReKP<*O@m@Vj$_A0FP-k3Qfr_-TI(xu5wXt+W1{$iP?lZ)S7fH1#LdQ|TeG=JwI
z3Ypu_-$Eem2m!lMqzBr2|EJ2+$Z-_#FXy&%L!`rYAHT*fo@X!tfw#70{^{uyN0!rM
zS(hDWIgX|PC{X7$6JxvdK1eX`{doq=v)iYi-e)SR=X?UJEl6-20pA=u4Tc`HcR0l1
z1<54pUsd$`&TIb3Du!R6b%mlcl_^{-^6=4X5MPn~xRg?QHWx{7>iFxs#E;Z1ATT!Z
zNckS^=2jH<%EF{~8&va(O}9qJ`0Pr@0-!0^N~b+feA>+QGEj4?ta8tbdonw64xWK?
z*qBhPbB`U2M>|3qwvPL;im+aye1#%nJC^m&#*8D>0r%+ZYJbUc!#+O#_5z?ToL66*
z8b&8kNy<9*pU?_Gu_2H)KPE!m=e{+YEz#76(|MkDabk-sZHEYxc8*V=L#J0#hg<*_
zhL_Ptk6uq+pf}LYe}}dFb?3%To6W)Q9JGQoikF@h>p8*6-F#r*Kk3t-*uRA)qYFSE
zPh%xr=?_ZvUt6E_gf@R!@!clMrDB8QOz{jM_6BY3(H-7XP5MKF`Hmnj_w_1Qc$FJ9
zA0Gh(yL4zbLz$CG$~R#tc?2>@{YvrZNjK2aLORTBEbMomEJtxFcU26~g$5#wG}OpH
z3^_eTg^)_wz2$#hDESWK_Z{V{2M}sgTQvQxtHktqVe6ft*FShiz~HoB1ZslDkuHh4
zixqHnjM=r2@~2^=B>M}enOcSocq_^21B1evkVu0{>$0Q+EH#8u8~P{};C!qz4I1*x
zA6ogWm!QXGR4FNxee3rMF*CD&reNtv$H&3Ko>hlRi(2;7bY*#Jh~juSQY-{{urq?q
zirU_Gx1eK+<4D5VM^JxuK0DeYu-45o{#XtK8;C44p4R>FL3cg(8D7Nq$JKd{%HNZc
z<nZo@tmNxQQxo-3$X{H#uk&DZiQDKN@evgKl|2$U4L|GO3S_HWwhG>}VpuSp71E<y
z{r0wLB?ZJix14A1PkHLhksHt}oqo{0B3hKt1ruN{n^LxZwBbdO>K6Az9sP~fy1YN@
z$c@&hjGRK?C&y5yj`bJv+$QLjND`ZK#Q(LG0(p6t5}y><;aD{-b0{?231E;!BY*q<
zMt;_Rkbn8V$ghX^7x~Y#F)-W<CDuPw(MxlU9XE{|P>(GiPAY#%pQw-&(a!lwg_Ym&
zyQ!vXHRG?F@f6aafIK3fk{-((^P63mTJ<ESEz^})Ro=#lz{~}(rYhKqjQd4|Dt9Bc
zotcT6rY$q6d)!>KXk4#hrci@iX$fzAIGpT9lyp%WEj7O5s-i)$*Kv>Y+q9~t{0m)g
z(CawAh0KgCz4JpZ$075NT8tR7^h#k9+%N($9k-fqapN=WKE=39mQ(^sAPSEPW!M5k
z(1D;Sm=GBZeu@nXOY#U!^B%Pst~--ytC=*!41ftmMYXL$E%!<U*882l<NH~VbOiEB
zAfc)IUL2j(Y<@DCeh;{+bXEcWuBc&M#i(M6r(h+sx7k!u;eadT4L#~7y{4y=wc?>J
zF+N-a;gtCajZ=BXa*t)HC`_WRew$kKQxpD4;O<qBS?$n`cGyy}X0dqSYbCN)o}@WC
z5Wj0kYCuRM_`q~dfHl?^mddYthgaikxbNhv@by#acZEE{ZPO-46&vpzmi7?SYg2h+
zsvmMR8+=CB-W}BRGrXa#A@`S9!gZ}f@~xat$|Opt)QLJhPhOK$9X%&NxY#RTV$|ng
zP2(Xf=42XIGF!0;c`nnaG%_4l#`BrBBw8NOSN1$u9Cp0-hqDu1ivvGqH4pcKkiSSV
zPfzLGma8nnMLasq54w8wpzNI}WyP}RK7M`8^_35VxgY)d`PF<Zn)Y|nh3Aues8c1D
z^A>O&%H65o&mEK&#4kTZriw@q*f@n^<7%*ke?42hnWOWE63<O(4@S^8^#<p#Dr$Y_
z&9%S2`-2|3`=iidz(m?X5!OWRK|Lw4<GMHLu1^`P=#V$$L>XCotnn~0+l((|R}*d7
zTqpi4rCv@oh80t8Eoml3^IHe=;d9-<NMZM1(nKh2eTCIaCU>=JZ|sy{90=o9(?UFb
zrcOa_#pJllwo%p^I9%wz%&p*2os*Pe!V&OKv!TFkyMxFx4KRTf#MlKG&V8=E@o3EH
z=`W3d0H}Yr`4*K(Q|bC=^iK#9putKJk&-S?-C>KqKFk|)#SGVclx94Y70Atnr5PeN
zYGr{qW`1A|lDw~jl2$;}z4ZN1l(b%O|AmtgeT<IAyEU*Fp?DqdOo_>19(uDv7FPK6
zf!~d_f(xFz333Ze_Zd7c(a!d$NJFM-Dm+hVUW<)S6Ma|lT9-p@X5gpa&u1Gv{g6`6
ztZ(I)9?Ts8))Bfyp=CuBr^GHN(u@m*GJ1m|S8?Lrgb0aG&3GMPsCp3ET8Ac&(kl^F
zTs!18mR>7IPHlR>+B-%yCNuz3^TYZ%y$@Fp3%fd!syyMBmo4+rOqW+3_IYYjS{~It
zP@WBBh^;pW?|JB2M?WQ~O*I)cOg5A6I^1@NQ65OXN25BpKsvm1iH<naGrD@etS@Ck
zfxW1Kj6x-UIzW@wJE|gVe<)T0aTgDRVxk3luso)w(ihbmeoHB5BUM+{FY4OA)yM`a
zA4Y~MAKFC=$K1gXdI`DA3;a8NDQi5~#UB?n$8-g%A=|0tkLH0bY9v`EUmN(QH)1V1
z+$JjDDm{p>G0OO+W{zEx2C2gj+SawRDQ?!wYpYoQYRcC=xO5_rSFy}v-oP{U=4^q+
z(fos`8H9zRJgzJqtd2e}iN1aH6W6k-Q-OsXF<<o2$5IXXDrLR%hsHqN^uwDN*6wZ_
z=Ey1}c4VZyyVs%i48{osUUez@za?qTt@ktzetl+}9MyT0?S}W0mw4ImSfu!IX_i)&
zxaR3NyTK6=BdE}>)8y2Kc=b$NR_aQLBg<*GvWzN?@1^BAL<lr`l~RR*u;)q&u2|c`
zQnCH@ao%dJdhBPJ>1w51b%7H{6$?u(G950N_o{dtJbeTbTxz@V0xS0Ou{R{>tlp4k
z&}C^K<e-ti`+p-p+ds&^^k3vRCjJ-s%e*i!QZQjEUxYn5*e6Eb8D@%W*0j*75mcqk
ztT+C2(mbwgxk=h1jDTMeb5}+hyv|4U--h>9x31DzsNTKLZASIE*fwC-h@@{SEZ9&n
z=z8o|h~cW6b-$z`P>ZjZ@<DG{OegP~{(N!a?dTO(DZ83FWKa&XK)?B0j90PRZkr78
z$&OBu26+lr_u1rD`Eq~uVrL@4R=0YOiUmoSXoocI`l(LQ-ho{fHx=4*uoPl0>Dgg=
zapNs3Q`CDx<zYC_g!f!6uL#>cE;Mel9VR$fj))~HXa4@h<vYUMmr4UAW?gPSa3>KS
zh|7~{#KH4SupRm2_H96wHZ9@2+nv3x6?=r3Ipu;^rFH@x6)}=Z9?dgGTx(y342d!7
zSjcp3<xrWv|JV;M=4HIPFY+r<x?L_OXp^E)Ul%9Agfr2qs#v!&u;REL`%EY-FvTHq
zF8{r_d4tH;!)fQx58&~Z8UeL5rxKns4PJ5W$$RLVv#VG0e|1^2_w{5*nt3>s7iU&3
zBEkCYd+@dxvqsP=eqP$pJu_4qyEF5FZ;VM^?VyXB-HyCmaJ9HKRinV=DmHc$&*|i=
z7LxNMx6#dqYAl#x?AYSbO<`&{hExH;WTG7{`+`wIxYz#7-a({d?PXJsiUj{n6KKIT
zb6&m6m{);jG=#0b6N8z~s$(qWxR2F~2%q{-wpm4vG{JhAg-zd?(Ox<5GaY!aj$UrV
zF>{usakvs$%2wCB0TZ_2n1s1f;#V-Qipw`8*h&c*N;y}Te~UzUk2O5BQAf?S-BVmp
z+{>hLq+BluPZ7s6i^~eh%sq<b%yXAVq>fA~&s5$)G?gIbzXbB+N!j9)*+DH?XJ)5U
zb6A@6BD%K`#ZeuwTsyXTmnYT1%vH|5=*eF3K;d|qQ>OZpJ<H$mQ!}PqHD&$xIU2G1
zg#<2Yn~Sx52%~P}iVxi!>9$49?LQ8y)fiZB$;f;d$`DFh6XpHD@wgNbRlQttY%a$7
z;=#FZnkfD{uJ7AU_tN!EzIEvZeIJ+yTCt+K?a*W2ClBy+28*t?x`Inc%tOX2gMBHz
z&6R_0XmaqEA97|};N7S>TPZ=8!OcIOBjLuP)qm-`?R`np&^0$*X^Q8Jl%fIyPn{A*
z7PU60MyZT`#QAS@>X3cxW=^4L7t+YD*v;^<Ap#ra_&<>j_@elom@k3*NtZS@PQwmD
zCt5l6*Bh{ydF=6k+4t^nu7{=Enm~vDH6;z+M*3T=v6f9^LXlE62;B_LSmR(z&r_&G
zWBXpnmNK+YYO@S7bHtl?ZkJdB@)gNcKPtvZu$~FBtB*`ZF=M3~;zb#HKn;(<pVX#I
zfP$5%zAe7}R@tP(vZTR!B$vd!KFu~yXdFnd$$T6L!p7&JWHg><kDfmB;_K-oYr0mb
zVQ*Ak7q?oJcJGBq(cBo8YD@4AnQcL-(A+EU3HbqgEvlP=%lri}UKg=x^ndj9!K0gu
zb+;akG4!4+?6`7JiR<_x8JKRQaZWre(kRz4ePI0?E%|%-U0$wh3qwaVFUvTPf$C>g
z&&$U0Me?p@>^N&;)=;bsMO-u7Rpa{^{SDWYpOdcFRA?Z=(pn{&EOB|N-W>v|H*PUB
ziBf8!l<9P0-_u~;%%J+5%mNGJN$mFUoYnn>QvYvtwB6Q3Dm%oj#doz6WU2It6>%tJ
z`9c{jsOW#y!+fssDRaHnXU(^-GL;BVO35yi5C$@ASTENXt!%w1X)5BFNOQ&#x;!Y-
zR?$@yG;c3&XQZjW9gn`vT{x+!`Y=2CrX3gwW@oW9HbyN{o}?5|67lVWka=?FiBNMU
zg`^Qt6ona;$%aN~T3h`1{{8O00`M8D2*)r1Ep<CdkG$IPM-7BnF%wfX^BnKF@#jDt
zapUBlnU=moFmc$Z$wMQ5-~UE__J5Fn@xRFbpz~kk&v3%PXf5YT5arHPq+{STSyWCc
z$mqLZVxUO5$&EC~iK;&aizo{m`_YWxP9Va{g7UfO`6|@@g>vi6nT=N^E*yiAMo*9i
zk4YJ&DDAkbBDg0EFj+A_-PN1gY~nv}_aW4zi58N8@B6m#eBC;7L$O0q9aSF0V+dy9
zDSp}X<LvoLGk#mvgeQR?>~RuoC>(F_ticwJhuacy65F-{9t103D?^Xlq1!%1PZ}nr
zON&7jRm^$m3Z5M$&6QnZPKta_ykmw3!MEfQHdfW%1=dJ|j+F)h8wUN|rW(Jh<8tCq
z)`D+Q^kxa`XS~<+ug&1CjM3n$ky#$Rc<-zHLyi9Pgu!!z*T+)T);EbzsBS!ZiTPLP
zVG6S9@((N}wb!MA!l^j>PLxl-qCHRf73I?mnbPz}YWOp@AVq>Ci)O_WX&{|AG4c$R
zQS+cbTJup#Noy*TtB#3?$+&?E{ZL;PNk+8^+d7lkXiY?giV$<@d#h~)-lzhwz)i3A
zuVt<*VtxP)pG0QSygK-E$9Wxu&k{*yqTg(&1bOwcwn#7!7!*_}NPSpW`ZV2^!st9!
zi?-m`<PnsQ!=hPVW#^eouCCAHLi^A3$r0HjsRD)lXq}fC1JdM)v^9DuRNz3QSmJ-m
zJ7G{qCrL%~@q1Hv(Z!&mYELDtGu_uHoGM8NPg24U)^9AnVKGMRvlymFq_p&o;WHu=
zQFTzc5u1caE757Q#xxlfTWA>|VNI)|W<pYlaG!^LtJ7f5xPg~o^|c`zv9CczGpsG;
z7LE^e6|VP(e!`su`Cj%tuP4Hp1&$T(&*<OMu=l{e&t?kRJE!SDtM96Oc=1#m^LOqa
zY(Pc_YQ%U?#9*aIS#7`GD{<lQb(pb`amn*oH>MCf%-<8WIIY%qDXq?oNZ#d{s%p6{
zlRYZIo3}X`D6AEx)vM+<_Y~)5J}gqeakf8i09IT^d|qtXoOBb5#YgSSc=tztgsGz^
zcxuGGgElv9$w^Gt|G+vwfwv#aKliQg`8X|AwA|edxp9LQ0W%!pgxA>Cyi~*af1=uz
z-JTqP`QAFgS)$#EzP|0>a(kKT?C9zi0@fki0KUB{YD^}H0>J~Z4(jyScj`0SLnk;y
zeGL`I%HQdnqr#hXmrT7vINk|dNY{s7|0d*bS{P?@yY`B+jg^cG1>)sYgT-jiG)k`J
z6w!H-I!qLfb^=nkMZ#OoyS4#JJh&0g!!B5=^tTRY4T>w&t`91CQ+}j41NHgj=&WOM
znrg{QE?J%7^MM8{H*0~t%o+z&w1GUw@xqlg2$_Ciu|_p0k{fyQlzF{w4Mf)xhR@qK
zt=ES(iH{I=w0HK)kC#5BMn5P>zI$EN_}#RN!SruAta6;8l$Racs!!}vzm&5nPHD!a
zB}Y)J6Y&>x`;WUny!oyHc3}p$gFbUFQHBRU+K*#LWkyi12{ft=NiJ&35>!{|r$x%C
zqlkv3(<gbt5~Oz|-mzDW<_11VeR)Y^|L9x76Ky7Tll~dR?+K*nIVFFTB$#n<U&r)P
zc~5QsV0!3Phf8ZTcS!}g$==BtTM>dE)@>eLe>34>xQ7xGoZz0ADV>R>rNUq<ePBD@
zw7g|Pbu_`HE0_58&^ICtDK^9F!IU>O<LlXU2jQ`T=KGjQMQ}ZJz|y@UhC?COp=+V&
zm)q1_&1n8)R1Ait!rj@``LEB3-8?1a&m^qZd;Hfw%`^tO{(5Cbg@^VSSQpkf&Gy|N
zo+t0S)M?>+?D&Wfs~x%df&W(NXRb884P3q#6$=^&+9?7MN<^ne^CI0IBx*QVd&5XG
zQE=T;$WHU`*<8Ui*;Q?uLpOek<k@t{b!1zc_Kf~sc)60|>|HABD_azgZJ-v>B9d~v
z%v$=4r1O)&XkO&Qje)_-tLc?FFU{D|$p7|#BR|JK$p7`f$p7%kzsOGte10nn7^957
zU6)oth$S6X%D0Irtc=U-1P%PAG&$B*D;-xe4as82ci1D<&bgXh-~)b^T-D4>A-aoj
z+I{%bDkp8oNrg|ZM{b0R+Au}qISsVWBzLjtA@|o+>O**(yxLykZ^YHnq)xTVE8<fI
zq`Km0h2V{zmy^9?Le0kWAan^K=H|yJCCjG6jN%MIzSnI~pWOL0(=z+h)j1urn{9#x
z`K!ft<Q)wLe_xNLRMMwmN+r4HRJ&MNq~qii5vEtwoCM7~7*<!Fo)raGs~Hs&<D{-R
z*bCQ^Sp5bY`{JuAS`M5`^>W5V+mVuoSeW~i)ACOY)Xmda-O^tr>#ANch5#g3qz%pz
z)VHcEtxd=yEZL+Wy6&#_C-aLDLA@I_U<gTT+_=kqG8`z62-6NkwP<w@DG(5biCf1R
z+6%jm8%W>C6)j}*vK1v7n$NBH{ZyCz9%YW(0PU)}rGH)4od&Haz9FWEA4JPWR~a5U
zkjlU4Z?y;^Gu$qCvHehU%HUf?9E&**I3MbW;%#VqLpEI4zzE0f<t$S4h+ChYG>$VW
zxO(7iW+VTX6gQM|2_KU*2IA4pmLzZr{A{GL89S!V{+W4YH497iki+J>d&odoXvR&y
z_yR&y$%y=0imK(8f-2k;Xl4rU3o9@ZjKdPk`yvsaT-0wDu>JBJnY-x5LbSGsbqchG
zCO=zdj{F<w)i_l`yi_!nt-}tF1|Qxk_XopJG$n`Fdy|{6#Bsz_4$~tGtGv+;!Dfut
zAr`~HDH<b0{c)bZ3HG&IFXidtq+jY;W9q*SuHJ7k9J>>X!H>NwNos6^Du2jr2kZ1=
z)8{?!xRSr!Lk@v=AGkEUZ!wtjZHe0&*yoUi{6X7^dHVk6SzGVs96B6|_x0Pd?-c9F
z`KhFPe^1fH_RZW130te(u8!I7=popeke9%ejI*lBj9aYc)7!l?<IbpF5O^5eeJDBc
zc$Gr1lrq20U(l+fCwznAJ&_Zu$|biRK2%$j)=QaBOBCK~<9XYZcC;oiR+$8MzeD*G
z-r2oSTWQ>73d7JeU530OLjskZaaJ$GL6>8xuLf7hv6P0+8GKUL%Ex<dspr|8g007>
z4M~M&srs=8N!2#2Trd`&m_H4zcF0tF!PAGOajB!ZL0pvAa)~9cXf`n2NdT+vSx$U+
zYA|{P7ZW6{glI|zxm5?!T(+b_Ax13p11!1q?5Z?TJXe&$d_I$8sUr>Ul8I}eK%e|X
zKghepG0UaNt~i$V>3knaWpWmZ-HhsTTUmn&PAB$z95brKvPvaMUE!6XzoTqBe)>}e
z&SN@MTJf%RSVKsAdxpl#IK}Ll%ha_?Ind0gt@2!`W%ICwpA&RS;1GqWr)qN-*ry5b
z;hW(KJ{hHFET||&%5F}QzT;xt4|b^+SIa)TVQHm18iaW$JEP1RgHsYUG$DqgvCd+7
z!z_+UA`Yu)-ffVP$&WJB>+8LOQo?j#eYV}|dbM2iMD?bhysX-f>~L4nR4$H$6isHz
zn~!J{y)mgS_!l@GiYrtx|7I4~XE)#V5D_bsO^^#2<n45a<YGZLUYs7aW8yAFDHVh!
zPEEpBWocN8YSx<BeOI){ylQIlrA#?W)Q|$N+(tnY&3*7uC2zQqE~yY3&EF{<LlJsj
zM4yvWRPj5#-<G^0&x-ZujYyx0{qciH)_9e-1Mm9Rkt?g;4MveO5^lpL4+2H^)IxpV
zjJObGdf+$N=(Z`U+`!#zy1$^GU$K|psc)%(194WwK9@={B(r`NheiJQ$Vnj|s%|tS
zuL(S4!c3=EqeK(r;vX%rGe#07-#EIX9I~^kH_V5px6x(pRSfGcGao4?o+h24aUo@D
z&h=z30rxaTJ$nkC*skfdatgW^3hX5XH;C6lmea_m(a8V)e<MHVKgj>(zsT>v`7iS8
z1M;`GJfK6SHofuKq<-&Mi!BzYeClF~UO>I%>mrv&Kyqr7S1~gg`}K3~>a3=M3Oo(M
zo>nfZA#$Wxl}^%}a!hwBjr@=--?#=M;u1ZzttHO-Wp5E#F@}6fY?oI8C>~_Gpm{Z|
zDz$9zRK9$M1n&zS-(k@Yuk|>F2qK~duEk1i#Y)6m`GYs1r>D-VjHuT!uCFa~L?3_W
z(rYWLhz><__fD)UHE@=k>iVgFN7VPo+wybR+qm``&X-aZx!P8~r;M1G-MX$7d{vzK
zPScx&fsAAo)e@fhn5;gr`?eF*jHLO9uQHRJ%e_s>F=5!hhhl)Qc^T9!;g^W!?;V*u
z%&fEu?(2Uj#_ARR=vO3+q4nD$LVE%uFmkJo5HYYo<^E7ZCi!+@FE}QR!tr35WnAgX
zu%)uh+5J4<up!g&d-93qTgE1p`C-E+(Y+q{*=8g+uo9{N1WY{onB3IMH}mtdd9%|C
zp3F{0Ql_onszJVU?YyeXT(cG!vw>WbwK}0`O!DbohOQ$Wp6MdFSWRIDKu)e+E)&<W
zHm28DC{A=hIXpZ^d|o!z<{`_GM+$SqA<Eqy`$Y<Y3MU*!J*D%d5GndMF56})`Zdl<
zo{a#x$w*8Zb2Uq|ck8l^UIo*U#A5nwwy^4b{SFh3%lu)&3cP9AQPiu>9ZE$qbCR8`
z*v|$jn#j7SDA7!*9AXHrac1A=;_Hg~s3z_BIey^=!PAC>Ob%K4{$I|w-whG;aA5l1
zs&4GLo~!m&<w$BrudvhoO1&>o<W`F`La6iCI~Atqt(V;LD+W|6i2E>Vs+dtcmUUy0
zU{mS+m%=PZ@=5V>HU;N{tXlD}hTU!Fr+>_AE#wPwvnBlfHJeU88H}fU7nFI-G*l!R
zE(gVY_S1{<?k~)|;!qMtVF}bFa;lL^+dI60{HYQuvB~~@nh}(@t+1{1KdGg9kKTI2
zgSY>tqWlk-_+0Hoy4<oay&~VANSNw`RDJ=0Ik&66f_hfsqJPdEMJL@ilbTzBwmHpU
zY5!{;g(qg?xSqwKDr|EnwDht?YFtY)&MOHwD;dmmb#+uGrJk!hDid!ub)VplaAq%e
zfTw}MbukCZccxZ*Kn5S9daFl|D>yEiRI@rh>8&1yC0Z~1_(gv{uE%8p;6rs-fy?=5
zOy0hj%<tH{2WP6+`ZXQ&?z!CBpfppu5_l_>;jVz6(ydS46ZuLfUU&H3RsJR_O#2$h
zJ26A46lb+po2cTltNyt=_TGd+*Zt`{Yf+ka4jjmIWpzvK^DT#Jxq_DH$JZ^pUfvdD
z+rNo>zhDtprXp{%kWxJ9RRCY<bM5p+)I$-I0*u#IOqm=M<zY~%3;u%g`OHQP!@KQk
zYRIw&W~P3&=ob~%t|OLf=Wk2GUpB~@>YP2@tMX2Ade}}?sPzrs?2_6Txz?>;DHbuf
zMe+!x%6Nv4QGQ){UbC-<>3CiTvRy)DW?0MAUfCRmK%(J02u<<Mp;v3=!k~3s%^<J|
z3~FiL>^fw8eFyRFxhol+pkmZ$Owcz=l(JjU1ZBos<~o!Y%>QJL)=fy}o3!Ts;eS>V
zQ)meww=*1MYjsYnrc2b3Ge^F=8zl9aU(Im&tY?<P=^wA%z38xt)w;}Y#wAq05NH(H
zpMar5_X#LdB0h(93uM#N=a{h+)20Q%tr$hNnAR3jErio4fmUK>xE^3n*Wxvc9G^k&
z@=LC(^9?9(0;_OuN@Ll3fWqt+952?t!Ww$TcMT3UZ#`%5KU#|XflffWN+uINzIK^B
zC>W@Rk~mGk*FpzOvRfny;ytD$)_>gkJ?*|r`%GZs!-M`6(n*6YzEM&MdrBmPb<`bK
zs^8SiK7^fFwBsDs@TVnF22M}$KP~20etKrzctlDRK8i~(VlK^kw|Vfw?OaF}jr>#p
z8~M5ZLH>pRBEQS$f06%|2L?v`m5LhL?w?oxf;%ucd^zqmK_|`EJ@V;Q9@#qp!CjrM
zdq(6;Bp*oJgjqem?XFBk#=&&=2RJ5Wi#et(9>04edu6unQW&@ES0JNbIUO|M5MI6M
zNv4i@PTIleC4?KT`BLTu*4_is79<3@xOdwzJd}>k-0}ogK2F~#dr3u{Ro!=B2ygL8
z#=x*hVxDxBiuc;{kd_))yH74Pe|}6aWYGm_8tkm*a{b<Revp<KKki;_6eEBu=W|b3
za~^HX7yC^vLfzZzev&+f`cD`AXm$nDmF@+!(U-vL<{?iZJSRBaW01t85{>d|cx*~d
z&F@A`ZyxWPgmj?!IXJeiAZ5DUDMRm)8NFFVc{*^j!xF+=XuJl*uBQoOjo2^qdBQ5M
zIHCZ-<8(FsXLkDO8mkvq87aZ(Qg6f{MWzEvjs4fuJR^IySHx-&et}mI@sW}?H`XA-
zlXu`N+z65IR9dv_UpqVNpTOYw?TFFchgz0`A5&~L)+sN`9_3<4z+fE*4;w64t1_!c
z7+cYE){(FlPc}N-+xSrtX+LEKgJ*C~q-$D*_-sT8lqG<6$iS{`P0pR8S<7x_R%;RD
z`{;`F=DtpQNHt3q7&%LT(I)Ky#2X|V@A==;m?yo*a~G%TxL!A^`lKQ|+N0bwd#!wL
zec-f`+#Eah5#qZDHk~&#by9P%iakEcaJpgE)UZ$QA!h<|NMe^6*2xi9!g{!e=U&W>
zv9sGm6J(1!XDYJggvMcgG|-)z`G?m%7OiaTgZq6Wh7|Y3({0@0CO$eMf>~eu621CN
zWGdEuTP&r*+ucP%k5q3F-2Qs|OZ6@c%ol*8<C?h|ugd%w^#IXsjtX%H193&hpcfti
z7$Q|w(eDx8r4wjxaI`xoyez%qfS155ao=BeOyV2KDMnDy_MR|h;O<B3ggCb?+JImK
z40;O^BZog!S;~8|*}ifN%;Vf4gHx44l8e)4O>VU#W9yx{G)}`?i<{52WIy>10JV1N
zX!QE0(49#~OQAti+VNTClswVRNp~@e@C7WJZlR(aV-7=V;h*TFgFpFcfp)co5><`2
zHHK&+AKE`7BO;?zR!XU5w$-wYk}h|OXT_MT`%Qv1@BDgUIh<9%kWOfU9Pi6JO71I?
z>q@$I&+Pvi#n?4Y{x)JGJSSz4NW=mjar)Qpstd>!ppP);inWqkIG)LZxvmud2Td#t
z`Wv?*<!QJ0J_!}xK^S)w>Q=hCdde?vf$W8RWB6CmxLV@<j>51vEhT@K4Y!=6>}fv&
z=Ycg!!VT!5)Z$U9xB<}D>a0jR>oDuT9b4~Sf(JsTNVLogpQe}PV%c=w-G}SFT2T(J
z;{2^P;By~r15whwV6n~iQKDD-dq@VSJl+S7@P0%{2*D;_&WV%gOOb~|WaK>rUPL`T
zJ_=ZR)OhPR#@9E<I0vZm*g8)aeo~U1O7OhYkADB|`ze9Rj-qFZ@d>LmIv*?)pW^BF
zRD>F4L_-44XhNM1OGbL;yTJXYAc!v(y#9?k!1UGOte1fqfuRJfqLj&1if!d8g>G%I
zWQ)()v0{Fhq(pi;G#FxY_mZYWWmPGt$mrPuMQ1{SMTSG`Wp=>#w32JyD@jHg*B-m8
zG~Rd_cT<S|ZjJC5D2#(q;j0t@Ko^@HICa(CQC4adV^=CLq7`#rQ4wZXnSQk_z;E(M
zZf=g{E*Ar0mR6hcg=~m)(!%nkL{IfPKeWv|M49<7Hdi{3`JnSoDDEW4y|=!JG)V1A
z*K~luwP=b5PCH8?_xqIlZ!#Ln|6iE{inRia>>Y82x|_ZgbF$%C>$fexNfRK~_6Dj^
zksv`0G1lfw2z7HjxbPpu9R`OSyFr&P--D|kL(K~&9)!AQWn?#$EYQgR;eR7P_dm!#
z|6k<yNcb1|{gD_L(x>G`TIpy{eF%pTY^VO&sSAWsY|5iVMbfeg#}YR4hz8HX;{T(W
zsFa51n{442$m}XL0)O5(3L4hbqhnz1iVp|iBmbfazc9Z;1f=cUX4zBPy0-vsBO)$e
z+KepU5DkvKy4~r*3>C0(2@W1<&KuvLQ55T*^Ug+1@x@buu^HfkgSx?g2J0xGYWiPF
z|KCx#q=zZm{3J?qvQ6|gn(1%Dm=5EY1+Wy`97^rdO3HmUy7_muw2~3^kIDojU=VEO
zF!lhgxPXy8FKn9j)ov3V1K-dQn83<MAmKncXkCV3#<Lor(!Kh7_M`KB+hzTHa!kDl
zn7fAN`rhz{r2FfB@%v*Il0kVMcML)<M1%Y3O2nYv#!t{GWw~^$-z2Uys>}CzuxF_J
zOv>7X^r3+LyF=2AwB=IMpvke6%Zzi3FSXKGmxr-<>aeltMmuL-QJ)8F<#;<8&Y=DZ
z5~P$hii9Z5S>>e|=DxFzk+TtKU?MWY<+BMd*Jvt|d&^dUncp}rV%%j~P0d2tgBcra
z-^TGrL4h<fmn*zaPC_SM^2a$uM-%dHR-Sj9`rS8Kx%TJaZo`|e?ZuC7y>ICF+CD2s
zK^8AceML7;iO??LbnO0P-5|8}P>WkgeVaqp$do|Dft4@eFC7Q&uMgSY*n3y5vjb&{
z_2%%Dzi2Z>O)>jz%Z*Z8XX%^KkG6`HQVWq6N;gOaSGdPY11nX#S$F1J72VD6=5yr<
z+OgW?sm9*<#rIq8`|$WDu~K^WWWzHR^Qq7rZA>Kn(9)1D%ZnjuoHYjAWPZs-8?9AN
z!bjbsIs|xv0yQp2QLN(vr;pz+50O^)VY40D=uieVMJh>VM^m+EleNp0;Os{~Fb$uy
zXJn00N0>nj3oxnrsgefe5SX{Y*q{nbwIJFho&P?^3Z;e^Y)Qw*#}^kDr>FH3s}$L7
zu7^Wb*1+K4=bPAvyo*a)TU#(}3THq){VDM95*K*d^?_aF=A*0LsSrA_SrYwx_~QK3
z{s@$C=v4KMnTos0%Ecum(tJFGgoG1M5^u4iquRm5!lcPz2Fx2Fo*2a0NQ@af|Di<Y
zm5_mHe>zy;8hRU+>GtOlPHWf5f#cP$Tf;WQei7?hhpVt7p%b-}vwj7{TaW`OUSi^A
zy&GSsRbfyOP6vss9;YA9)eNgmX=!L8Htd{qbt#lts6Mv1v3h*#a4XMY{+R3(C1*@d
zP7bt{sisk}&dF-`%A9VV6q8t14s7zFq{k+@m`>L&J3u}j#6N@9{D-Sl0%B_4i1;rU
zF2C#4(b0i_k);^FbANOlT-)SITwAkC{)UW-imHFpGQ0AynzN*5AGI}<#0p1Dnc17)
z&_iX5?S8oL(%;vIgNtjaAj5~B(hD>47r|wTB~I_x)P<^`4^1+(FsVOy*%$FPUC?@0
zpNWr;<lEjUOE5lo&uKk}V4dYU(tU6)Asz@1AQuIJjcGiBHbL+4mp0WKzuINdTd&<+
zSCVU;th&R(S3c4cxlEUm-#Q)Ptts_WlDYi!y3%uZ@i+vtA^6t~_>-W9Qh5=(nn;zJ
zvh!=#mB6SdbYGaqW2am&C<O9qu@&=?^S&_36EO4mKQ|5H4o_C~7jV-7&!ELbFduSR
zKvCtgM+^o%&l0tF-(8e{Y5$>;R(lF@DGwuXx3N*wJzO;C;fT-C0)%u1$>qw|irN`=
z$boySGqfhHt*!p+Je?N_?4q6^rWhBXd$zZ%G-sfztDugkGQqXnD;G^tPZv-nU5n!k
zyNZ^R93LOk2$)JdStW6*fGm^x)^@WMeXMI-JUk#?$(Aa(VoIcR@+x9^9Op#gW!_t+
zx1y%!NN|;dY8;LHbN?IpdHzBE&;LdKXNvzKf4CF|#yBo1^4Hn%fqELB{NJLYB8Ydh
z2bF@QB{N3Wy}Z+L4DAC*gPGAnh~l)N9=*S2boIq}2)G0E2+1w(nr6t}WZr`J?T?51
zCe%$0b`vZU;#V_>#!L2}Gt}OjbDuK!_?oMPfq1(NkAuHB%sa+DN7gShtE{X{NR0A(
zt#J@ys)uCJFHvk-1iZf`V%+Lq3WVFYLn_HN$G>vOeF)!9?uBKbm9@2BE6EPuu$!~4
zypT>)qa!f2$W%L#RDyx*IwvqBrJ$e?Qt_Gs@-!U!eE2sdrVLWB|FZBGH^D$OlSx_>
zy38!H-=N=F%;TC8H0Tz}b%9d$3QEm<97k8@1g84->05|{KB8aKmj~}eaC38q-krmp
zjgOB{`zCmqQR)sC>ol2?J>|6$+i(cbpcm}A#JI+j?FSTONORmf*`s{V@*bpHkV7z(
z%wB#sJAz4i%7E^T%U9Vg8D3uE+xhkYO&;szywxob+)>@aqWcN?3l>LUah|i4DA-7R
zxK`JE3vs`u*9Wv)+jXwQDVRIYU%Vg`dOo}Y0UyC-!}9)#O&~o=A$%?O2yVC=pc=1f
zaQ?0#^$1lS+N}2%C_AG^hDx_EH^#4Y@-|`qfMivPXTK}muD3h@YqN80C$rq!Nl8h$
zhTmjckWiikO`8&)Pd3`?dAKHTNndITvcYL-?Ss*a_tof<uPIM*l9Q9Mj>CUJn&XFZ
z1NGl)J9AAHzRWxV0^y-_KbU=}B+q@p4|o43<mf8LGk8NJEd0$+BiKxWk`xu{?nk(E
zSeXO{^fuPw=<64!^PueIH+p+|R@!7D9ejP;db7ybcNsO*b=QOU^s7vMK?L2{@cIXI
z%Pc8r{Ca8DJYYf4Y^EqTH}Ivwmms{eNdq&BGWgSnXu(?MDZp)-*>^%F_<5hMN&^*e
z6NK~e43b#JS5W1|%tgv^be^Lrid>Pt?(Xgc+LR?@vLO%UE9zF@z`wjN5VQ%qW->XM
zupe%&$L`T3i$i2jHn@Kng0Z~g-g1BKGo;ezR`D@2rB}NxV4x2-rHgxJlm@>ST$(Ue
zWH!@jDcoouGPV}w5Vs7k4x(Zi73?U#Q-l(d#_%6Q4qq9Y=Fr=>--7W|9Iu3eKUd(_
zD)Y_<j8cJ{6Gp9C?&pnSzVof8rDt71*d-b-^3R6M-fW=n4D{{6Rpx~90Z0epO}2y^
z*4D_4gCFnH51tg{=XZ%iH_UzvN`>(jH|vBZvdc~fAZ$E9aO4DsiHL}F>EzY}<c7!$
zYt~iC;T$niP++BDdkqc@K+c@XD=$+Hln)>tygQ#RtN#7VTV-XH#%H|Tc4r6b@ra>P
z)}dR}x<y!Max=8r5HHI94MT#x7Q+Ia^sJ)}d5MrL%sEbOijJEq5Ev5q_{B1=kf1#9
zIiMnfnhlF|T}_1u#eV-0N^PoZ1u2l=u`xZIu}Gv{lE9&nu_*Tu>ZWIO#6uBI_cBEZ
zRc^x}4c1=c{U0%!F)h=3hkOYaX^Stbl??C4z09=M$>8-gdW?$Z2H#ie11^64q8DVZ
z!A3>F*N$T=s@iQl%F<-N2h%3FeaYt`G4`dEtC|aqz%p;h&1Ev?1N$BWf=J&R9%Lwg
z2=GJMmz|=G{gY2Bb!viNTUih6UBa9+5Q%tBO+{sC0#AK3G9|T|Le!#6`^J#R_FPlm
zwyQz)#1fc;`W5x8>>nIVO->3Gg69VhO0BTRDvC;5Mq{i74~v{nNI-z}W}grXD=YYY
z^T2!g*Doa&)$+B&?-|!;$WLL;Fnz0fm@x?9n*EKnH{H9$DXv_J!Vs;6LJTgXh{#}=
zg%xPp1Fke77&49JNKa+KwlwgBywU9ioDR77_;2U!=Pl95|K)!pKkq-tKlfkc5B&2l
z@-x(7V1QEMXd1Mx+3P&YS=rfqoGv^`*vffzcV>6e7EAilz>C1*-QM0_OD~YSRxFJi
zplqpgwdd39+A6!Y&BA<3N%8P_01mu6FYEO$uBBI_{y{bPl&LRn7G@y}h7NKcAc$8^
zms;=v$@0FDs3qtmVM&Njy1np*CS#?JLpazguZT%Y!pX}^!ii>gKvQTJo&|Y%CU40l
zDLKqhT})R>QT&gWxyL(6(xR$uZEb^j;#gOYpF&I_R6PF1ge~ZBNa$-{q8c7ANEzR_
z%E-8lF|Za7)mRWJ?;5(2;xlH>$jTx<fm514g=o<SqWFFgjnk}QvcK)bF#E`|GGr~x
z2e)d1ia{Bn*2dQ>HXFsWTF+2W(<``R?7mI=1@$DhWXLPwsO9BlFlm?KJGdi6VZ0~_
zxF2AGMT=Racu?21KQRNG(e8wC!Y+DtIZ->@N_;FVO*tjf&t|$$dK(`~i8^JHYHDe{
z9~%pw##lV}M^aBE(`MuoB`0!9TKwMi`LU8=2qZ5LsLawX+dE9;_k)W6{PB3Z$EM+0
zxKzmlHaV1(%NLn-<H#u4AI%y_s_P6gUapW@z?PhA#1L&_X#(f!)$*E9BQdAO#>N!K
zoN9{VLc_zDnwd-+DwEJn%iY6!@L^|HIzMP4bnh(1RqeYsMu7v=IC<d$5-x;!TVP=<
zA()yc4W}i&k1rUfC5H&p8WH+Og!HcFuAIfBR)Y@@yLAOfipfoS?p&Agk|W4(msw1&
z_Nk=p=Nges$G(vkGOff#`6ngMa=KIps$}=;C=*b6wzbJb7dMnLk4E^t73Rgo#r>XJ
z0dd3DS9PD7qW*(>ClKoq;tYwIcnWWx{2=Y3cT#=al?AC^7#>4pU%=D$$z!M%8N{di
zD7q*tNEk?WH)kqn#@FE7I0nYflFj0A7d@9b;<fYV0o;Ch|8L*E&C~=<&A<*tL9y%A
z$z6>(0bb#mFY=`I@aTbe(gv4~IG+N7>=@#~x@Si;Gh|ONcX|@MuBmi-AJ`^{@l$`)
zXce&(;pZQ1#bSD-&pcI5eyGJ0_#FxlxiP3ID5<v$xV{7Yfso+tb75iOhwOitiFfUG
zD5<C<--i|Bugmg1g3exB=pqLc&`{CX;fiC(;qFT7(W402K?#hX*o}=(+NBG7w{UOm
z0E^q_M)2|BSBXA$mF@w$f;O?U1}OQpIs50${iYvFvj)QaT-aL_V?%!Ls7B=8cm>|$
zy#K@b`K2i-?|rrhfenjUqLRYG6F={XrA+3^V=pwi-Xs_UJ)X4V2R?JpqR`-z-`g=R
zbkBD2R1m8EFlvmU5$w6Sq-k@G8aW6h@4;%rGa2j*0HXsPx(|`06TM(Fj)rgER=xqY
zNK3rFOLH-b-hBBH{S@`C-ZIlak!x}*Jz>Q4VU)P!AA*B}S7d!JxtFivJ*yNPI|}nv
z0_RZfSzt$9oI`8nGT$OReEinK*0xyYXKHmab5%@iESrMb?BUMBDR?;~)e@S8!7rWY
zgZc@BIeBcHo25nOx7F0tM#jd(89v-Y%!r%U&jgw(BA6FWHV`jvu>O4Lnq5C>;6v+7
z_I;Z1{{bX5DD$x<=U%&XI?V7Sc+3$58p=|!b8>dVP$1Y9jIZ!GeqenVz#U%;iNLbJ
z9>7@T?y;`g1Dgt)7vlKgA{a|VL_{lezABG5X1msTF!*?QqKQhS;py0%D8TQ!+=S!a
zM*47m_MPrkwb4wmyx$K3ib57c6r|P!F>2?WRYS8@WPq~pgD9|3rzW2b*&T3Jp&k9z
zP@9@fr$f6pVF3JVI^hr`JgX#gZ5kJrlif9vjq*R+8|-rbajD==*N-&@Lxr022sH99
z|8L~y`v>_y{TKPeEB;0Ph$0LO%~-+MAmWtk9kKn_B;5;j3Y3x6U)e-ooDjdGo{El%
zIWY1GM-lyz@jY^dV<~6d!OgAiu?aK>;~Fonl0@x{=Y^c${ZJR;KR;!C++_2Xdf)W*
zV>2es<i!T4$cncI&g-kql&HQNy-~{zoalP8=eEbXMWmM^)=#z+8j6#VQnO-)LJB)|
z8I7NV_D!CI_u;k!07Rq-5<ia+uWD+hwpQqyrOy()FGBN|Z=VUVv7vdMS0#&;-st<X
zCXV#lm8qrj_%N}U^cYxMTVK8=Q|e`-rbgtXZ+Hn(8Zw&y!k7jgOHom>Yu9$>6TzEh
zv3Xz+DQ#xf?$e}UJv2NVlt1FPR_-KM1yVD1^yswt-b<UJ3V10CQ?K=+bRLIo9_Dyq
zE4T+>K~?O3J-u%hI5HTW1EbuC9la+hvCTHEjm*e9%F1|j1ht1mNj*IZrbg8A)@B*m
z(`m}>mRCMWxj+H8?_y#?=cBiYMNm6%aP`_BD4!hX)BkjpDs1}>J>S=JaNt>msRQAU
zDZ(I}SWOuX3>j$sE*#RYbzA9NK-m!YhfVZSXf5<s9uebpa2U`9ueOsCg^CsI@0Uls
zG`O!A$lGyo;>gOZGpAzbG64^l!H`W`Z${Z?7<Eiz_dU^<r?=-8HoOhSYwzE`|Jv-F
zH7H`u5a+O_heS8qKLdkH9dvY(c+O$V#hy1yb*qK>7u$7ZG-97_-X%(H-hx>5oj`W4
z<c;AiZuY|Ove8OQClw1&AtvQLKfRhIC=q(u%D;th=0nM*&`AN2J{vFc&ebtHRxO?q
z<>#W>*Awi>J<_~c|Nd6Eiuozul4N*RfL$w6=$?-1d0hLQduKE;BO@dEgS@UKe&MT7
z+og$7?OpoToi&2sTHTOI*CHf~4<@){br7oO@RspYN^)I@<0tE>8mEu7^5zFD3fYAs
z4kmPo2~6Bs>Wg=lXGtDPRLa>X-&A1ul_z*L70cN1w+m~kCSv%uv^0IZYGkn<owySh
zeUS)<xZOC@&6`i*gf|_+Aj)@~DW|%Jnby^GH=cp;2(zZyah5c3fB<VBlRa%+LoWY2
zj8BGxxHP%K35F(xMDl#j*v!ATcpga%Wni&k;8k>og@=?b5x}W(E~q{pj&0NXQc+RS
zz6o{X$*M*;m_Cr^Z9`obaxKn&KyAfw2!biw0{;3-a5s`Z={Ih{mbbVQcs<X^+Cl`U
z^YKJJZb1p1>~6>D<*>;;dGku5jXUIxhp-6f`TzKO%cv?BE^2hs-HmjogrKA}QqtY2
zfQWz~pfu7T9U@%<8xa%`Hb{qr(t<^!gh(qOao0ZIJ$HQP{&>$A=Qzgs0l0adxz?I%
zt~vd4uin)v-f8{ytu;Mm5f?iGw==!nS3^K9p?~7V&P&LAbfh=rwp1Ezx;J0YH9T|e
zJ%D?}pqo%J*4yx7eq-GaG#F%K$-Y`oOZb}bCMpbaSXB!wF+|t+>#p@;|FqQC?_B#S
zC{2Svu2p0f6#S|`k_yIN>8W+4vo^$VY8@lWF$EaUbW>7aP|d;q1f`nReIaNhJtvC=
z*Q~~TyiAj7fxA|qe|<sRHPL-wU|{oY^7C}}h0gE*COYxyk4PP8{CT?_yuGCEb%dPh
z6Wvl2Adc2`SXj2a*sCOxzH#G*N<4<8p@|Gdepslh)OUezTXio*9va<Jq#NVpx~*Z;
z9waTFkWb7gQ3>9jKI9{uguN{{l39#t+!aS<#!PT|QU>9}sSosWgKPqCj*_Q8!;);q
z?Y^3Q38Ikqa<IIa?Xa~*p3O_|_;ksd3-1adEs%H&pCyZAI!-##P77<Tu=xG)VeG&w
zF`X&<+YeBmD{fw5%0f&-^WiS|XUjJ;XB6vzI=9Q0#)g|s|9(vb&;7-n@Mk|5I4gAX
zwPICx>E}wvreS=B3wF{9yHa%$KPuL;@F^;qw?|6}a-9KO+rK)eCEB28G@g4G|0FCl
z>hWXnK^x#Xkj3S(ioi1Fvxz|D%YID*4(wDJjr`yLH}VVrgZ#7qMgBy)f06$@5P_&=
z;FJIOD{3tzRO~1=HWnOY2A41cxwX?{6sR3aslzeIW*%4ms;>}42Ra#&L|kD^r+Yzv
z0qY}`Jm1+$rUYo*uaWK3J<Fb{&f)7s%yU(i1RW%%3)n_S?;6!u-ZBpqs#f#yNQ~Z*
z+r?mUZX>^SP;4MqAt3VnR(gv)K^dU7xQZ>EMOE>e&t9}k?9oaqsi6d(-rnBE1xiZt
zkuBmU%f)L<S4yV^l)L{{(&XG2a@47^Y^-kQMYMO`q@*Mq<Gm_U%CaL1{J`6ei70Q{
zyZR<FsTAo<i855XW4Osx?nc+nU)Z!Zg?z`n%$61D2*%Ox6ou?C7G4;~g(v={>>=Tc
z*i-t@OdJ>yvBp1!8DDbS+Z>Z(s7r25HA8Rbwp7+VY+_czEPET`W*JuApOM^f?=Sf%
z{o?)O%RChhysqZIZ+Ux_C|HM8(MNuErc4ik{L*?86#Wd3l<4KPm#!=Z^p2vDuPQKq
z+wXTX471z*nLQBL!Rb#0?WU$hVjDTFWPdSJt&86?yROwOqSlb(Rl1)T5&KAPRowH;
zZ`2U>VTm*qCg|v8kiqdi0F#}CGH32<N)K&2<`)<G&4gQ_F;Tk+__H$XB;|hyzENRu
z*m!tUZU#kdrHFPIk|ws<F!&<d2zl~6=iBr7;seRC;+(`6Fryh-<KBW#e<s3;r>kTo
z(M*T5BmEltY{9N(H^%ayY5Bu#70tvI_fn^q%9g|`^P)zv&+=Mj0(R`_E3v+;nyC}A
z+^Xs7*QYi?+wU=%YhI^s+Bel!G*UOW`}<YqrOjL4bxIYkoyb@8oA>YEclnfCj1etu
zw>?*NMcy3vC+YnC{ZR$Fqpn!>7i$*X%{@a#C}J)Gx%5c8@XdbyH>*~ygoGPF2sd_%
zdWCv1+bH(o;}Z`VXHvpd^v@Km3P~Ud#f07YD%8FKBhDXFKk+*88!792IAKoKt^xfw
zOd<m!4NcLq$S@4zNlZC<o8`Jyah987S4i2r?G9F;BRI%p5)y7hkl1r!z7fSL#r!?W
z#8D@`JP7N7Q~do3eQPY!zPcs<OJWp_4>I3jb@NKg^m;>2B)D={w3yPa)QUiL%nJ`i
zh{Ce!J{lvYP54XXFhDO#Kpc${`-P-y17-$#8~$DLM3TRqq$G`F5<dw$O05?-J{N#Q
zLebX-)1q~wo*sLOUUpn~QrC>3ih*OCy+KVnJHNKXN-Q8+H@1y&hyec~mFY{{E#&nv
z^`A_!+OeFh*6Rjq8<4P*NCXB}H=ZNEs>U!dF!*9Sk@F~-4YhffaI8^u+CN8P(+03c
zpXICzlnQW`2Jy)SpGeft9K8dIS;xY(6g!WT%0vG<O!T6n7Jt}%r`v@XZx!<dY&wpa
zNGlPLcGCwRtQjmRsQqOWtP*8UjXBm<c5EMD++=q&m;62?`9SxEV6*N>*?0QaCCI?Q
zz-ApyO@baKbJ9oZ7wXvLDE9%k@G+Ccw03M+gXqP;09+=&v2}rRsxfCVQoSWk3k!=q
zDkpARomI6<VXWOzx@PQ6JKmH)!IP~ea1NX4%6Wt1oSU25Z?kq)QHJO`E4hg9L8&F{
zwd(VB#=pFeOVsmg4Os(}fS-=<t2;I^#+ZvtE|m3u^7jab8DnW;Kl^?I<o2q)Cs5K4
z7(rmGNjmG@tI@s{sc(||+J75b!+^dH@z+lt=Oq2ytt2wty<LPPW;$YwWM;e-n;09r
zqs@J;7#_cL<JAJu>)ywrm+Itg61|tY6CFe5V{tF*UAO6zElLp&2{%66!e-5{<><xZ
zkYo5Y_x93K>GziK4gSwgQFfT5%XFv`IzH0Q&YK<tmeq4yn-fqyPN!O~U%KkShL3Hy
z&#TIUWs|ugUN!P=a<RgDe)GL}oJv9X%1`~#8>8$yCkpYFOe{oPc#kYx(8#~>zmfm)
zKgd7xU*u1t`WN|YrV)sVu$Q-446sgKhC5RR6u7*YE#(q1>O1|uvzFyH+AG}>>4IDE
z)r{vu=AY@5&S!Q!<NFfv_d}X%{xHjo7aN3M%OYpKbO|{+e<e-D%ps_KW4+N;HMWU(
zHT+9h0hS^A9Wyf4>ot=mu`2rdDW8*{geRvmTEAckqhj#QybXjrG&$$sQt(4;(gYuK
zL6tNtk_n^spz$qBsILi+2myBuIjS1_6;{OFUq^DjMu_6D7$&PLV{2T-zL;Rb=rJei
z!$3}*(`W#DVQrn)-4hm+c4>G+Fu68@9&L!&hHu&6nyPDdc+2srgptxbVB9!)el~-z
z2|*iK5e)-F6-%_J^2*k}B1q~8d}7<g>}GV$)GXh4!mz=uorTC*r9w#J#r*mCDSZ>>
zp(@Ss6xXpM5S||dd10e;_-TJJP*J_UGjsVVRS6T-BTm;m>HD~xN(9PgX0_Iu+PiEo
zQ_l62&BXSg#T&Y$O}_~laZvlu*R-SwJUL|DDPy5=yxsQRl#-Sf_hJL8XmREP2NV!U
z?0abJeqwLF5+={Z#WhuB6!W*2>S?<+g1v64+JuNmNm|)#^`?fgF?CDh-7gPdqKKYx
z`T-Xey(>GpU%y(bnSn}OQ?v$buU%dF#CG5tf$v%I2j^jOatexi-*rP`mIUqxlI~OZ
z&$y^|EfOC<%KNGI9tIY!;@!kz!fWhDr6jq7FU_0Voct@0QXY`2;))--zrP=aw-|iH
zc&^qn9w(4so}HETahB4t{h>qoq=_XX3rp>Tbn@^9M~&ZAQ%|2h-HUII=cb-|VRbDd
zIeJ%1KvAOAYcb+{#L0Hc@Oq$!@AN-=+Du+mMLI}Z^~*`;@olX6wBg(M)sVrLCW92$
zsjS^+m5?6G8ao2>6p8oKmqx2^pRI5}&#a3Voul+OPzV>}_mz)}56h7YPghn}x+3v<
zdg<V7;k8awt<RO?VweWH_PxZtUh#B_CM%$Zyz~TO29H@b8?m%-A7B#6e{5d`zR74_
zNmQ=0xQ!2(WM(O^1t3)XP?pBVQ{a;g*<VUSh)yuIt+suO61#U}%^gj-<UYbIAg+1y
z`A8Sr6Ug`yZvgIfwh7WpS8HIM=e{b0Nmbl^vP2|ngF}}@FBTCU$vz&LdlYWbO}NFo
zI_PYlmU3myA0!9;8)=Ajfy2ivL;mh3_#{|=Tl$-nX2e?(9$*~Bkg?YOh{Rdaa^LnW
z7G2l?wL)5f$tGSE?gcF!UF2g~-!;Vj?az&yKp*SnN!0_D@sOcC(Qln<<($ixMp*)4
zmWtWe7&-#Fc^w?FpzBS~<na<*zSBxMVnVwRb_&bQs2f~7JWFB3O!`-9@H>vccEcg)
zYZo<p@vBxgF1pJtP6MP;{07=<8?f^R!|_o)JTjKN>%lSyAEjQWg^g6IIu8#IbE*R~
z<Ldi!)*H4x&6H{by}kN@i7=yMzu_K*X8h(;ahzXY0q`Q^B-uYu8PZ!<vQV(F5RwS-
z@pX3KSNDGw6qpANJ}r&XTJKh(HOhBT#D+V1!4BxT3Q|Zs&FI5i1H(8TsBh#ynwzDh
zr<Dr^_+d?!^lWpu!dbkomw`CCVtsPO%Yj;Lwqbi1gSqsM>tU#+GB0IBcXzjLzDyL|
zq|0MA4uRU48jCA|70SO$YCOFEUA;w*6v)f&T)Ceq8eLIVmhtFGmWIoiNf8}_^ZIp`
zCY<lZX|JYq<?Y9&LGyW)pI?(O_|%t1vK>wx6-htYqjz~ZWn>k$z<eh@=!)dv;9wI`
zR(xC=k!8dZpSaz?ER<0ahY-Du8j2;m@R_Ab&ULy98`E65z*i|!VdM+?FH|sO;Un~c
zvshz|6kW4GHhFnwCN%*zj$_11+l0wZo$Y-+d*4hn^8fnZ$S?8_@_+m<@@EhHi~K_1
z(u`Vvan%Qx0n<MzN*aD<H<v%#@an%ayzWlw69Sv8LxQ&tP=vvp!ctGqBU&mwxlO#h
z>duUWd^6|ptcG4GjaBVpR0jF_!8=$v<0OnTu`Zy~HS3_aCeUki9wnq=HppP9#abo&
zY^-d|MErS@sQ-dQNJdsxG<R7=1@ID^pFVwRP!5*-n?7dpE<xAKAYvpv)KSfpYHa&}
zdhWR`9)ogNw@;Z(4lA)YkY}wz;K{BApO-zMnwlEK0`wEDSj~a_g1cD9g!@Gh?x8sa
zaWwb6_!YqpZ;npDOE9P4ChB5i1o(A2Vhb&|PLz|7$S8{0^<STeO3_tp4*q*}F+*1T
z&JwiBZ2F?j3tF)FwQ6+FEPMa{eR+L927|KM1&Hl>XbJeS@oMweH{jdW1+F;&S{!F~
zbhj2GRgK-)2Kg<YL=F_gDv^)z&y3ki6|;35N1V%=MPu{A>5nm<u&v*zjSUtT{p{q*
zW?nVe^UK-(Uk=jHvx*qCQC~zMT_}A&x`w_Fc0`9SJ8^BkwcO{eLpzWsZZ9q_vWZ;|
z+M+jQFa*Uw3+7|=Ci8U64)Z9NnAqqDl1?$yps>++n1-i^D}9E!2C;bbS&Es&$ia)b
zOfR?$k*1_J?Y54<3S-KRnL+f!cF91fSD244mdN7XBbe7GCMG7I>tTty^3Tp46_^L6
zhda1KyEZ)s^s<V9%e;L}Ml}8G+@`ZVieM_YuyDT8fYXlyAxe*Z=Q*x8!%^YKI6ppk
zBL?ew0LJ8G*x8kMC{--iU8QvxhGYDR;(2cKammc=7t4yOefl-)^mec~0ZOXMw!N}D
z#&!KV2tshbeXEMzTCtt3G_V06M9e(#v(YY8&dJHiUDK!0BpAJ&LClo9kMV6Gqk%aL
zn0t09TYu9<1{azmw8BO-Og&4&V>YG3*B>gPaXvooc;`b09XTDTZ*L#H`LSpgQjBb#
z1r|E$)UnV@LPZ-M+aCQ@j8C<XQ}9I~Hx)(we5h}S4L*Uj@zTK{khtn!2{P)&?@&IV
zx7N**Qu+*s*PCuh;p%JE*5rn<md2e=YhjFH#)Ug+_uSEaIksVgVkB%@3`5iO8?Yx}
zExT;Dq5#rFIGwG$`EA<SUS*9snm1%<WW;#>Hc9>DG!XluD}&EXT9zkF{;x-Z3w2@!
zt-@-XhsIOgC1MnzS?-xW?0dO#24)vu7_I{S2|KIIo3r{F9v&XHwgo5C4qMd&OE(w9
zKJhk{G+9Onq8DiaJy`8cQ?da&Y|Wc+XEsfD4^oinh}92)+aqwqOMUR`>oMq-7Vyd!
zL(WdR9Gg>mGQlv9D1hqo`AWK;E55{l;&A2-Gq?Qt!A=D*F@>%BS!WtV2SLAKY8ukD
z04>FH-K%tBYXW{1dqv*HO08jk+{K048o_|<#37Kw9eygAT|(8nJM-{dWU-xui-nJ^
zRY7y|t0#AnnVXyYYmBKqO@Hw%AAQn~_y*<IUcY+fDqcxeifONxBf1D{<+=sXj~F#M
z84?Uq-6g_*d|1RSL#=gwyA*lA|2Fz>kwY`VTVkr?Qo&WO99L!K?!DFF;&iJfk1jkS
zBBFK2Pd+3mBB}cGb@+yeOG{!knD@>=I&!|3-4O)Sxss9+P?cf@K8xKr9*S!MJo4^S
zd<Dg9IvQ)$s+K}jk9t1D1@sfRLc!UBGjrH5`zGqI3D71;I+}gWxH;#A9l@*S6d)!3
ziLw#xWk5jzrO&|843tx#MW~WKjVgqgOSQ?$D@{qVmxy|3Z2A`BY*yB@Ytzc0K{%4M
zrWA*!=@(UA)do<kNsrR<q!iDw?+d6;7L5#D1<0SEye7)~aKORe6q9*cp9qcod;c5x
zMgKwm>Hi{s{-b}9e{KzdAmNKDnR#J#gNr?5(82sbNXFpj(O~v~ikTSJ$&;K4k^Bn(
zSdXu7?uqmKB>)JrnH!`00`mDJoRZnSyLl0>Q)r~e?x@ol$xIgsIlYnRPJA|VVbW`|
ztL1k?p?l==X*F+lOjVi$A&I@*hpi>Eads1vjqW?|!grao{iOudRDIv|7+cwHr#!b6
z{Obk_d}0!NT&^2rt|p|He6A-ahnOX)6;{^=P-SL^c-MANx~YYc{iTUR8Y3PV^=nd8
zm$#Gl(1=ZOkR_~dEFtf&<4eTpRwAM{TJ0P+em^5sw$o2Jz_cvS#u5|OEKg{AL-w_y
z*WWjlkbM81x#J%xo1?fCU7m*)T)c&dKYM+@6A9`2;_?*?w%@x}y);4&u^&h>3xCue
z7&mu{iI1l_h%@-sp!#R^2E|W(VnvxVigf`!NFghQmXMrQn$hYPmUgE$8@H62j!t6U
z-53ayPa9ZiMbJeo`URe*hs&GxvH&8(ip&}Bb8oL|PKJ;AZB%@th<P2tR6~doMQFOd
ztG`0+<f;wD=aDOib|wjmFeuGVDb4<pVnvTV-cQvZ@I0kCgMEUrZAG;DjT=~!gIu7Q
zW4Ze?6sd>%+x&`8tEF;WI?v5l+kBTGl2Csd1?z!FLezMeQ&xBL3UF(1K2)WP!7Hp%
zkovZ{B_+^zVG*9!oqIqjiC#G%{#=}_`1<XmKc?YCOdqb8AWd<yeb|jQ(Q1WYB>{Y=
zhYwMNH$lDFE45`;>xUXLmjka{rz?E2Hhms^%1<a4l&{}4svk_}y&vNqxikG#wUTbR
zIPL2_AkA%r?%eYx&*fwY0j)l)TM`ozN<Y`V0MB6iLRCvq7A~B-JAx~#u-z9pE$IO(
zQofsxe!$15hL2gf^oLTS;^`m@f<-N^OYxHcd5>{)CHF`G9;eh<?5BmcS;~*vI~gkE
zzNn$1*KU(Mv#hk;PEsNcv{a0u_6U+6r0Rlq|CozB(9n(+l@zCj-4&N=iZpKW4@zW`
z@Hg04E1RB9y}qqif*Lb%&&kcz`jElr$^DZ?kC)YRX&W>jiD{r4qxJ9n>`mf+`F3ih
z%%tqprw{T`wHreKdM;G~;=w1r8e#^dw~GtRn{~~0#ZRB`Oa}Ec<6gIpqg6_m|2PYJ
zJ?kL-wthhy?lll<;Njp@DKEaDygwFMg0fzI?iz*{OM^{*IaU~g)0MYiV8SM;WOXUN
z9U{QTS4lrvr4vZ(3r_~J*&TYHy1~RmVg_bWmgv5*F@1@`tgMRU8_idTJSNHrdXkuG
zQnIsSBtdsYRZ8eJ>}u0#3^QAI$UBU`<9dmh{$joQBtzmK@9<f`vMYoM>*>$=j(I1N
z)eRmelnRcrvho4b3VkfB(-%xvOks03(p*;7i!oj5tnRf}T<t^27ug51RsBArr29fQ
zX^d)sP-X=A4mHayXNrZ}c~_UbQf|Vw=zPUUPhQQtIZUUa()0ym?Ew8o!uF$@bVU~w
zT@sFq16PF4wR>}k9YxsW%50n8)<iN)K_=Ouhs!sGy_(Lhk!de@jo^;@?LeBpZk&&0
ze^KooJnOW#Yi)=Aq#2v_v)T&vT14m|fvoS-_O=h%@16u^a1SS3^_W!@ndJNQ^A~h}
z?K*eBLieGGSTcxhSSKOdKDknlt)dU>A*ocv2z_EwQaNUTJj)IHKWeBr_QAoyO8k|?
z>TroQtq&R#$=|)nsmslZpeFVs$&{J?Y|RUuD{5+JgxxeY_Vigw_Gml-wsLazRY)wc
z^_sN=!Ag<p&#VN(z-vVODN*r`Tge(`^?Cjhsqf|GOb^(6ui&N%W4+<{EJ}SAD0$a}
zz>{X73Xeumm21Q*Wef88#4a7CW*E@_exZ<8Som^=sce8eGBouxKa@tg^l9o;v&a{o
z$OAO;AO3IT7yAeKr~Zrlr6T_#KW7aBVLY;^c^o$Zk<|gee_H&w#t!n%@hi@=CcP`5
zt*^KaExEqgUkhP-QR!V(Y*i(4rz!ij-4hP#=RBdZ-aMgE<cS{#t?-TAzh1L^9IeD`
z7krp`N)$E4nnm`tm+#mUUte`=FDtDMi!BuN@g}BIc6x$V=b(h7I!sGx);cvi>0)fr
zG_M<QcYO8vJ3c$>#KtB3FY5wWNZSU>CwOFP<<t##zg!L0W>~_#{w`P_8DCgLdd75(
z{2Mf1&>H~Z>Q|mBjVk{;Rb!tzF=2QXj5#;pwGY=p>u-Pa79$H{y6{M@41FPEdxTkD
zSC^t>J(9TiY@zPKmgN$nLha2^*c0XrLHP?eW=svbefslZ$?qg{-x+U9hn~w}E0O+<
zwxz(s??bQYKse{3cQvgiqW-tba25u89o4c8-v#9uwE1<m0?`gc-kppLnU%z=CAI|y
zELs!`&VdAEcwDg*QAHj($ZBbd$iHPaZ#<bZ#W1_;odyn=kL5nHRen8&9!y=%p{%Gt
z)u5C3MUlRzVadQll~`Q*n@4e$6rbqjcdJ00RGCFtyUP>U*q3rU)PLxmOGd1XrfRuV
zBZe#sNph)y9BjMX8-FuZDr&D9;VWS!e`n|kEYtyMpw>MQp$~78suOC2^CfYxm4UR%
z>G9o<HBUi^qI`jACuWZ;C9X6b_8XXO+$SKf>-;=Kn1Y`M0a3UO3nDq?=fBe)c4Jf#
zyBu34tGqdX!!36u^gL)4+<J1dPgm*=9}nc_awji-7j1>Of?=mFG6D5WS2IJy33w^C
zkv2Y_%w+aim1Y%x!qh7@VfQXwG#eX>kB5r+Fn$W`7i>9iG^Z%3LeH3jV)$FUu3UDu
z9TV|a@l?dRxwB3d^bn}z)ciF#Y9-=`e91)LYal*%BT-972M!=PmwB#E!ln(^RiaZ-
z0b<5~lsi1WE=QDaMs0)hw0B^j=XtEglu~{@sSWcr&%B12keaZ|TEeQ@Ijz04pSiCw
zyj)&d0y+9pLQNN;8-?3?Z{YrSd5{FI;Wa4wPwG^wW{<xPNlq#{&nQ_FaN>BI*fjXG
zW~@nMa;g2*T|+otyl)-r7S7Sz(B0D$%sjJM|AE0csZVb{V3`C{#0evkbRkR36X*~4
zXHWd&Woo4$d*`kadQZzHkHI4o&{wVw(NrPYiJJxllgO&{*lg5#HcER+iF_Nu)7a;?
zs>`H_yY9UwQ1OB%T8b?G3QhXpU)9SOqj@-Hq?8_hL4tkz=Xhz%&$9R?v^Y@i({epQ
z?61(fds1}2O$!jGoh&|&^`BxV|C)SGhS3(ZDt`WiUaUK?d6!$+?5y1~XyS1=!NDQC
zC>K8-v$w*R=x<l4ZQjGva+#clI|hO^!7kR1S3uxl(Wl_Mrr(_r)UB(noi5EA3Kx}~
zBXD5E{yU<5<)*Q%t!)e`v$H(D2a%;Q&)2==(9=@r5rMcAvz^ix+j~x$f#bBq`0HmL
z&E4CI>~U=u4cobEW)L@X-$?|MqDTW~=wN1na4m+oL}vP;JP;>ji}WR$)=_@i>O$(|
z%g~Tq@={)_4*n8^7cQ!7z>twNv;6frzJ@;=l~h7Pf}4<sKTw`UM(pD7bMrT7%vXH5
z+#L*KTj`nrb2tkeUnGP(r2o$T{Q<4l$Is2Bs>DXQGhJFVyMDX^y;3fH!;|m!wZN{C
za^W4xN_%`m9fIuF!NK8`v@{P!@$ZdftsTZG%wT<A6S`kLE~h15|Nhz5gZ1>jdd#c&
zQZMI@igIjM5{GNF@_{uB*G;O8>-E0uTjD+a#NkWBL-gZYodcFMw)k=eA9kY|ubZ+H
z95zHG4L0r5D4T^|ocU)&UJZ*f)~jKTH2%BQ^R2Q&v>B+i`$^vw>Qv|Gsi~=j-l%T#
zA3LLw|KxuozxY4MKlxweuU!5Y`FF(;h^Nn<wR$hBJJz@h-DRI8OnqZjMY-k<RnjG-
z$POj2|K}aKcKYQk|LCFn+uvH>gq%IJ6XC0Lh88gKsmEiNhg#Q%7G|KEpnQJItGImD
z3l=TG#h2JQqvYp?S}BsX%?bljgLR3I6~yv|$h-8n5^M#nijc5)7v3c2QMR^ph?758
z7);C0znQ<K68(>s*#^{C5w>uke;-sXV~hx&^V4HcZ1cXUtmF&h8(V`>&b|d^-A6T}
zu?w}})ml(5!ow5239jpsoSazII37GIK9K5I>rJ2jn*0Lv6iPQ0AG*HGRZw(s&XRTU
zF1*t*xxYXG$1R30^@@=@L=!OHCU|LfV39b*3rUH$-$)VV<>lq#QvG=L35Om*fgs2H
zUObl~1gEm(OiaYF+|uq)_j9fXqh6Mv*TpZPC9JQnhZ*0eH*L(Mftil(4;(prO^WcR
zU~O*gFNMAIGJn@<$GwAK)=Ey9hGjrBF~c5=b`Ds+o-ZsLoiRJi!iS-uJqOt^7~YVh
z2zPLCop{M*EXP4y9<yT0Ehw1qxX$Jv(!vpC7`i6#-ebO9emXsAArH--L_;On5W&_^
zJBRtwNY+gXKR2e((FU$X3WI-Jz=}nPtnI;8u2|QIt;FHz$cU<fj7{IWVri*`oyDH2
zoDk9?v*JJXVo$lvEiL2S;;!~KBpNMmb*IBH+J~EX@8Ih^@J=mCx0pYl17k4mKb$38
zD#-4sZ02%i>FX;|udGl#inJ#d<xe9@$Ml+b&BcYs)B#AjD=aRambd#bHnZlir*v99
z_r!k@j+=b)v$E7Z76YGF$GqPcAv73|X88&tBcbUo`4)Yv#-eagV!#DO1{V<PdnSTw
z8_nL!6O)q;MHk6$Wl2!gGW$55Z}{G=AY4T;bEUXqIVe68WO8Y!*5il?U`UowPV|%0
z<n>iiS-BZA)mkcbA_VwME!6p$Dy1@w%8iaGk<D>;$H!lNF~95A_siAuTX3jff#bB#
z_Wj?FY;nIF$dAUn`OrFg{m#q7#EXkL_~Yfp$xBIJ6IvV!AVBRhj5ZQh*~(Nu6n@OM
z$1gtk`Fix~T?dF2@=<d`O+o&gjK{2K-nE*PUrK$C<U!9-drnl}RwHE|e5~v^PWpNH
zlC1CHz7Se3e^IM}loXJiNPXg4#>xCi`P0XLh*Nkn&Oquz{P||#b$Qz(Va9FOd5Drl
z`w6AqU}=F1m5i%4_zT!Rl<n}pw7n&Aem5^a`3s37ESrgq3W{MCctzLk1K`MxUg`R6
z$*f{NVVsXzb!01iFH(IhR6<UdSwojE%_9z5RgDN`MrZ})zke$&hh0>6{R`7b2U26w
z`yGqXm+adh4Gr%)HjWLQPjrlTIov#M!b!NhpBv(^6N?Pn6@3K>t%4|aaCaWKl8N#S
zGzRVs^7^;Tjl*fi;^4%{?FKsQdAMXo<(+xfdAxxS!`5ezTVIB9rG)KrcI=JX7nWY6
z_rwfmw0vn~B6eQ3?P;;PI_<3tLTJu|U_7nvMqFb0u)cv?UQ%l0NpL%nQabS)UJ^H+
zrhr-s?{L?Q5?t@)H`cZJ1#CYtF~q1viV05^ZDjhlj@6N@91kCU2*-GrS9{sKj*TU-
zNMUOsC^0U*mn8jbV>98*(xXF#frkedxp!&@$@c2uuuuK9gmq7L>5s?hrMe+tQ;|2M
zD^C21YX8Tb70?*7Due`;B$en?YRNK1|L_n-#Xsdp1~K^@5XG_VOWkT_zL~m@O=@y8
zKM&5^l;0oO1wV+RW!8%$xP3d0*B&ri6WDinBChh@IMnwr@ydsk^ur|1>9J{Z(gXOt
z7Sn249ifxV^yGFQd(@mkf9a;GS5{>z7|zzDa5A2(^{4Uik7jQ)@}K{2<iGL{@=yF1
z`D?TPMgIO}1Y#Ndzjwhq;i&V+GO6B}iGijQafTlLjX5N2QYDS)II|dJd>c8L*EMd)
z!1MXo;|}Ts(j?nqGYhUAQ|L%gW30LQ0(SZb`|qzg>DZ6J2LY_&f^RY8&pm%4v%#lu
z0byB)i-XM>k$It)+8BAh3-ApOx>gnW*@T0?T(^mO1G>4m{fa;2UBl)~A`h5$OoEB<
z|H9P2&)|Ks%!VNN^|6L}gNZuX(mDb6H(Y<GP&%SrBLB4ikw1};;j53HVsmsO@a%Pl
z%(U|k5~YI%H)>+l`oqz>9E1h#_5E_{-3;)Yz?<vm*ep~=$#ir-5J9b#m`BaV#8L4o
ze+WWkZv)5OW^YTwtnvn&hRzf0PB9bKr;*uYArrs>1W^^1uqtf-+Q^4sjc;I)s8ya3
zCRv8}CxSzW$bKMXO){xhYuo&;+p(6;T{t7Bz&{L*9ekrN<0<GIvBd7#mOs2GCG_k_
z+hpf#8=^lVNUIhhug*tXPUaeR!Eex=hW?P9?^<@x3ck!(kjTxxzB?skeFqwr!NwpH
z1;W%1ReN+VQ}p8^?s2vqiacv&%H97mfBpda;D-0uN+-&G2a#=ga8-WD8~{{`o9uD&
zhh<N(E=d+CPa2fFl$-qJ6<tUE>o?6Jg}?hYt`lG6)oK-kP02FElRmlP<5W>7<L4d}
zRa;VGQ|rd$JMGqeA9^rAyXtM|D4jPg&k0#IRZc!bFnM3a&Z0KF!k3@B(+q2%0$x6F
zTOG<|?7CduERia;R{hm*{(`G}3vRiSqgZACe-96#pkrYD+B{q#g%w~QMAdu%^YzYj
zur|bun~Z|D-vaHu<>c}L_N&XXTWxsR*z28o%Z-eMV$?6n?|pfW1atfqcsXW#pD<Z^
zAB^9a8JQ&(TcOgGVn4f-j%bW)ni-w8hPyW?X_4M_be;i_u&~ODPL&Jubt`^ntqV^r
z#3o*~Z7C-lsXYjKthKmuf>Y|nsw4e9A=;kddHw^&>JOJChZ*Uf(Ml)ZU7-B(7EUhf
z`vT6cR#^DdRVXCWUD3vT+S4z!E&t3Jc2APQl|yOV+T<~_S+NhRxU<Y|c7F-H=jYut
zF}BkcG|*2@{T)16HhdzO=H9b=KW?yZTwsL5{5B(@8dB+%6vp8tSMEl8regxRreS}x
z!*I9Uc9pU#hqW{j-DA#<VtHM9N58>na_qd@m6+l+TSP5x*C}uoqMp7r=WoCPZO|cx
zIjaJXEi#ePA@faB6bCVPikF`l{qQzt<_MjC{ZfUJuGzD>=%MxMk?1v>(6htAq)CAy
z%U?c>59;G;`$IN&#X|&d@#-3QJTJdfeEjg80k2LD8(A{5Y*x>JOwvskI7|K7i1MP{
zW(I#E)O#Bv0esZS=Q}U`q#u)475oqsbiWZ(`v6MU|3QhAyEo086zpREz^$sv+D<}1
z7aS_EG6CrZ8n5FNyLweKZw@|+Ma)}87N?a~g5=8HYyA+r`M6>|vS4NZ%9k>v*AbkQ
zbR56GSD|)@J|&~4ae4^9?B@{5=lm|^q^b_RWW7ZpyYRSZXW{aJwzl5YGMYxEW3(aY
z&k$h5=&ZdkEa^6P6rUY5L7^-o`&JnkQBerLNs))mKC45J;pPRkdddd^Gv<AUg&{9*
z7LW^xGuwPCRgauH)^DB7e_W7{?uL1jhs6QwkGqHZxOfb50d=$m0ZVaG3?!f6nEEXP
z-EcPwK*!dNsEw<+Gv*mKS$9ov>{-)+1Ka{Kjhat1McyUU!}<`q6UizEp2bHz@4dc*
zHy+_+*#^{$oSAW}v!#Ftj_+hEcn}(5qtNTRVR4G`+XVY8R>lRj;w+e>i3XPpsI`UL
znAedOY99yD$d8eUkJ!LL{PQn@m|wSU4E}rPDH%RO4T19&N8%skAOA1%H)#Kh{0n^u
zL~)k6(+yecsaVhU<6BvM1C3Xp6y&<i`91<2d&t%uyWz}HZfx!5EYc~3yuPUVMDq^$
zCp#k`y+<Ff4!*JSLv%a?N*0Vg%HE6&Xdbzf>tJi)VZVbjmA%fYA@E}vcyR5TuaQp&
z+UFELU_}CkRMI!JHZ<bkRYLb3yPh!gnL_CGYyB9^a=X1$o9i2w?zJghnn<NT0F5b$
z@1;A51L|B8%DKm1g;ACgJnXThjHn@DJxDl!3!2Mz?Rm&pt&lyq-5Gs)1<xgG*2WWf
zrI&$tc`u?ypjm9_<eT-@@p&Q}4)<{HvW;I9Bdv|!XyefdTXHGvmwYhP{<p08at+?D
z+ZK2n`3Z1`tkSC4%R%%y8_9@@F*+oLO*9nSs069zWY-4yB+Ve!Lpuh9V$K?eNvyq#
zI>4ZKcdf=Py>?>)G73{5IR$Nd2UyIAHY-$mm{=7eAS6Ll`u)*;CP+0d|Ka$eK$te^
zhg|?(E)bKVH~Y%o1Ffp)kIoqQxj8N+qw)pOmhP|+z;NZk>n(6<FN@C>b9ry54GvfY
z>gftCM7pWNkfm{0@n|I#xcqG0CnlN(-)3)2lRMJh$xfTI5oUbQ0$SYqkWxkS&TkJa
z-{ItAbeu8qFW-vRl$L=?$BHW1zsxJGvL3pBE!4=8hbZS_$gF*0m8Gj(IGCVelo0*y
zJ%J3#9wsrz$1F`(Qck~_c#IbXX#eyX4s<tv9sB*MnT?-GNL}y@2l{3a;C4SO=|%m0
zx5l~`Q@fCS@(k}6gnU5~nL?EP`$fyxXNh873!M;%9kb4(X@n-3=fC?#GcS`8%*W0I
zydkt%y=Q0v>*kgi9ZHtJt@CHUa-5zN-wi~(fB77FoYnqCa?V4Tanm~A@1uozi#i%Q
z8=O7;*Q*UibHqxcYiW~O1u17B2)V!YiPTbTK)rHzHX%BX5H=R;>hB9onKYNdk>=GD
zZ>eLuTUb!^+dY?2tMO@we%0vK{8G$AfU@*8#r^ev8XaiFp9bOjHoAu8DO}^?RlROT
zR<T@u#Q+!Y+P$ZL+OW94vdnDk{qVM2e^Yhy?S{`y8{TXgR?eaF_Eg^x8Dajqa|&Bz
zdb;Tsk78d-cTvqGKTDDaSA;IPi=2I_ps7ytXFF@Nx_e$2EwSY+YinSrJ>k`8W}{_-
ze0KX&$+KD$W{)>Pt<_r@7@vQt7~TD`Ue0XQz<=|Krf1Dp!qD24th8H(oHuQ1tL~U^
zE4*MHK-voS89zI&tA31*$c4|&KN);DCZ@70@(skRktP@GdZD>Mtb+$bJgLpr|Mhpg
z`fq{WQ!qi>Oo7OA4j$XByi>sJN=E4<X#Q{W-pp-)ioev>_pt~WZ~z}8`mM`;;<UyJ
zAI=eLs3oNX+1{_%iq9?gUej>@!ZlVHD5|D>zN+$W+x;rDz28DH)qKUxfc>k?Kli?C
z8a^^{T1QqSWh73Qe@8~f@1CT57*)u=Y;0)LxLdZ9OA#d^xm8Si-A%(ys>R>rh5-sI
zYpP)W#*1~G_VvIjtm35Vm><D{-z>Cds^{WI-g0yONw0Vy#PD_+vV8;G7Ru+FP+BLN
zg7cmN#mEWyosHRaEp5voE8Vkuem$ZxSs{kYh(Old>dNYgYNwUC^B+Su&rQ#Sjt$pQ
zcX@hFd?_BTy-Izb^4_(@tz?$CYEbxQPmAk!l-j26__q&SXU`GyUsHo^%T&z%-;vFV
z11<m;(GLHg@K-=_p#Vl)@E|q?P(2`8-$46r2ar7+VD{I+b3l}D!1?p`d<vDGoY-8P
zIV@7H%m00OzVQ+aM9d@*{b<7`IODZ_`_OFzj=@J^HSo~~5V_*Lm%$Ml`EmX?@=N}M
z{A2$`{+5e>k-z;n0s-LJ-?N5ADrMgq4{T(Q8E>AK@+q<h^%iKxPTt*a?aTAWAN-ln
z4~?Y^iy+52<iDPPp&7+DuUkQl;H3GpamE&oU(lnbZKN`~m4<XweRRhTTI16Op{8&!
zMz}pzq$HsbxVJL#i1lJm<YKQ}B-m|K{!e0PV~1m3JP0NkVk4oQw()CeLVM{<9S02D
zhROO`tyBy@@)>tu?XQ-Mg1vnzQJ$<%z={27S%sdTSm9%Xo;=!MhrtCJZ85_S6$*iz
zr^iHgN8Rw;(p{hv1)#D9z<~&yDng#yz;y@~bYR@!-`3nXh6>YVfCly4M0sjQrzn`G
z{lVQs<~95Tb}*B=DIx5?bkx5zefKitQ1G|R!I;WqYLG#D!;gGVIcQD6{|(<{GI6xa
z=&I+}ceYr##9r1hPF+E{;Ri<uPDY~8$x+uE1BT1T6_3?@p<}tE=5~1X$Mdtz`^Pb%
zM=>iCKqu?9i#nw(Co9YmsMB3+>;RLM^cISW2lcaVh2OJIEsnr5T%h}_7q*wNbtEV7
z<4Z8&TJn&azoAKLfXlOhKkjg1M=T&PsZ7Xp2-9T%ILkpG61eXz#ox?+X3z6t+}1g#
zq`oh3ZWQLnzFjzn)0as)BZW&$@~Tmjg$)qO8C<^;UpiZC^?FoppBV3p+w=URe@vKs
z{Yo{Go=+dTc>r?|&7+vhW0L*R(z0M&wD=*xeej1arE2#F13%xEh$XQBrXF6aV8LGc
z^7g1|IbgtFTus*CP-5_S^WA}vud2N@ziKEPk0r;-=(K;>`(?-ZLzWLP_at~-W{kGq
z1?@|(RS3m--d$+fl*MhoGeR!17Tq_>%<iaobx9_LkhYIN$iG^3I^E9v|8OfP#2H>I
zu&~D;W~Y$0F<IA@UZrNc3k?@gkcO=oqD4g97Ok3|ZM*6}vBHHJ?>G)nhIV4HVT@d?
z@G5-z`NjYx7%znTyp1;LTEZchsZ$6T<&_}y1;r@~o%q+O7?<o;-n|Klz@>e*R?Yt0
zp`WE4w-K@`YTt9w@`{X`c=VZ}(G>>4sD}t-br3S<MrCgV4pAP{=B<I(K9$52(F3%X
ztu>A%(6`>IDnUdmueD2%z-kP^<l^7YaJw@Fp7X+R<Cz*F)I)fbpMSs;_lT+GfE*cZ
zeSO&gSD|#4JmW}p-)R%GEy(b!*OF_H29p(dCXuM;WI`_Z>$W7F1fxda8H_eEI-IfV
zfOog>?B{LL4V9G5A|%_L1FoMY5=HF>A~vXu>Wg37=TC0UX88Gj2miSl1`<X$%a4hq
z$uOQrCxjlZKqkjmc*P*LOEZor%8rIa|4*MtNUCyWZoM@h?U>?7ux*1Y1<r>&X)4ki
zwmCX@5HFa@;kwitr(`vzht1148dy0G9$l=BLgOY67qCo3O6GtPdfaigfTyt2BY<3W
z;<#qoG=+I<s8Om~iiW>_{n8(e-!6=`v+i4%i0LBYtK%l_&%c1Js}AdFmUkov#1_w^
zz(x-3?rzNS@JTdVfpjmLHOKrCUwi(g<IJk&l70zt?SZc(eMx^Q*#w$vf<yRW*7LLZ
zi*KVzXV87@3lHfW15l}WK=Sp?=n5*l;68F0*0;)LpeANcdcL(B%-w0Qw`E!5vjhBH
z2za;Z_Ug;5A_8O%<B6_|2sVArksX9_F-v6HFztOQGW748(Ba9A(NDxEfyHdkYj+Fu
zjVn(efwV--GX9yuL`A6fqEPWMsBXs~t@W=WvOc8`sKBAs?m{?l3wP6^vvF?~h^rN_
zl6n=p>0{J4+TpwA{tva{yRy$|wffBjU+y__yZx^x<Ooj?&e>mGu(2GwG=fHcg8z;D
zSN}o&(f=ZU$LoKQUs4l+P@%$fYL*zuVzKAH3wy+xd2bKF_+RV7e6|u<hx^iYJ=Ly1
z(`jULc)Ls{C)PH$0qMzGJ8*1X)Sf(vTC|(i&R*L9Q<sAF2wE82b+DU;@!ogN!f>h>
zuIAJyjDG=PH1RLjf?$#fhMKixx8nmO9==-%(wu&>Z2DbzpljQ~!u2(GKke2BAeGXe
z+_yX1Fe7Fb#P}ZZxByxWbU^2LzzKn2ML#+wiuuX(?}Zf@CFrKRZ&TU4k1~MF0EVyZ
z@D;2oVOgpG29>)EnoL)25jR<F5TpJ;<0*UY@^wX6f^2nZIIl(3%;=fsj)>f~EK?_*
z5x$RKRS;<BST>i7UDgW+He9tIwUm063DF6L-{D@|LSjuoU|g#lQcCpWY8j<o+2Jg%
zRWG|ORQkTUMVTQie9R{|UU}t%ROxiv6L7d3g_T!vXT|7qrWKE7h5p>N>TvsCyQ(Iy
zYiS;dEPcr6T;oW%b^T<Ga{xK)w3k%jYhrZyAo=1b`394>YFur_7ixB)*adW~`0lpg
z%eDy5cM7$Qle)6yhnM=;t_nO!VeY@V85QsUBgQj7<tm|wrU&<!L>1xvr|c4=g)J8E
z1#+R@2Kf-kXJ1{OkYRdkb_eR~S6EcF6t+?S$@f9UUoY~>+gXfZ{muT$bUeqm9`xTb
zp-?UAh}FV7n8D!i0?Gc>WOz-zK_^|wfXXI`TkwoFAFlTG=t)`s2--zGwdVLWHF(O{
z20~`AN2@?CUKn$|!d}Nh55P`F@+%xp_icLOXtfsQz!$g0U}U12?{Z7+9T=oUgfYUM
z(dv|qTPJ$=`ulYHS$@6HpUAnRX{TgXZ@g})Gj3kfb4({(NMhqhGspK$jgpViKczW|
zvz(dzlP<lC^!#*`Fn#u&mXq(oPnRsm!z&IfUiy|+xO@<i-V8fvW_bPeZ0FBY)kF=t
zt?hTqD+l}UpQUH{y5b){vMQNX+A^Cr)mW0C&0x)|N|iE-?6_!{`Wd;*Tf6zg;ZvFW
zK&jcGRXKH%h7i9OGPXFpXz^0uT<mUIPLly=bSH<{<LZ09>z3^$<jh_#((a!KWK=}u
zx@8e}1yL}Ule&)Wp1ifQ;U>A7$>lUCY_)&CL!d>;mw&0RSz_8{WN2|b+*FofT4RuG
zbB6r<XVfA`z<QQ+V*M>gJ?zr-KpRbD2>p*8zILs8O*1BQaz8<l#&yfX?)|f%VOFUP
zoxy`I5w$36eYol%G=TG;Fa_{gOw%oz1v?=TPj9-U+qs<uC{~fwE>V5ezt8aR6|Zp_
zQ&};#@O2h$lN&b_Av?(u5ZYq=*FsU%hP-x!q@+LK>Xq+Ly#}?UZzekN5Z$`Oot*DK
zSn&iHzdq>zv)AM=jc6?5o>_0k2Rp#up|=fjwV1Ozzrl2vCf5$GWeT%>oW@KLoZErp
zEH-Midj{E<c>S_4z3=0^wIQNe)t$9d<YY>^!W9v=cyf)!Vo&e^M!e|9yjpct2p8@s
z0M9s>%)2F&%-jfYT9=>5PP|QZo2)P(%24x@xZ*xldEk|DX_I&>7zhaMFAi8G_&jo^
z9-nInjdB!1L*i;Vv{1d*3^hR(zXy$WVdW>_fZw7mSZ{}iSxNtr;9bVgs2IWdag#y<
zFnH`LN+6dQdwg;_O$!MxU!BZ5n^&Z$jfvXW>#=8G1_hbg)2e2vu`u;qwr(CPg8nG%
zsn4^vuVLos=vK?EJklRdt(RkVU^%~0^_;`iqnMe%LdWfscitbsx{~|V6&Mf4LbrxX
zq*LywnHiMrAYloYwI=Y0VG8;K8r$c)kf$MBNI!zHV=emZSzi#sVy0s$B1Yxg2fDQS
zC#-}pj2Fi0GbEC&DclostB9^mgG-IqRr|-Cpk9}DV4_1KKgs__{%ijr|A+q~f8XtY
zk>A|~fpF!f9-@_DEmT8ZU1qV*CDzgIf#vpRa&PA3zWb<$0N96HU;M!xY()49li!rV
zo`UJS{NL{QL@Yk<*wy2k89vip;*hCagN2Wd@PO%IT<zX%vAtE1&_M7jJW#|UESKQu
zK!>R3`iXj~_Bz{hy4cx~xW%5ffc|+)qx(Ex+$H{HS+<d`bU90?VXpPfEv4`Ty_hR6
zpLktWk29`aZXoUr@AGS`_nCEwIfFi}tFfF&{^0K6;x=pxghm&NCn`F+RWb7AA6>=S
z(=%v;hD^&PFUxa1seghbrNjD|c&%DAm86;BO~)_PCT5ms-f8E_apd0|$=++=jCONz
zorKPF@RC0SZVl<Z)NT;bQu$fN`Pv2!X-#hRj{22G=YRku`p*VJ&#EIN*k87@aZh@S
z(q}w}J!KnVB?4aD9w*0OXW04$qmu1+_1dS`&)Iv`OO$(>GekcK`CutX&_tWgxQaZu
z)B;<xwQ5vq(&Nc$oI{Q#(>Q-y7!af0p^^SM(`xgI>FZ=NiaYDdZk*4Av(Z7LI5TW3
zS+wz~n$EntwK9=Wk_u*8j^~ujTCe$)xDCpDo1>$4Z@WFUT&bN9_BFt@4*zPYLB^@Y
z5wf0gY;KyR{kkn)ecA|vWDB^bT84-kzHG*-UE84DKJT3vg;R%#t5atC_shBdV3dZL
zNL`9unkcdLGwpDfvK(nnkbiOOL!QO`7Zu&+fq0*-w|-oqI*j#$A(XuxeZ(v_>#oO&
zP|;n`P~TmMB+H5rwAC^4LhtC@j7TDgmvu!xluLd8d*6@0<<9iaSC%6BsKR^wa^-2A
zG<A1A-))+`>T5D21BeqPP*X{)>1xb;4;58;1oIl*1kdmWBP;GyzL3G>1sJ8xuV&r0
z(#B4;H{Oo#zsc*3vH6`>q8vGB6@WiWTjM}9ZzDWzQn5G^SWrc{aHAgKpo5IYRy1N`
zZ#Vgc^LI4l_v?VeQN<jd=g6TX$|?>%IOwn+4_aT;UH>+{7FaJiXA>nnD*Yqx^!tmn
zH#W;#HbOj#-A>8!{f(5K6qpa`N2S8_jz7jw+StG~iS-9jr@aT`v&6bCF&de=i7FqH
z<oJ1!Jl^fp)t9+SFhXwJp5-<OsE@Qm*T#^L_mVT#!H3g2(3MJwOAz5}-Z)bGdQR!@
z<zqRRSGcJ+KC5l1CW>8m42k4UA~jr|N}_k-*`loC_!(d4kIHNcotZ@%8?JMkxn<T8
z2G-PBT1~bhzew8J;rvDVkKacTa!kmXQLvG6h#0ySq_P<*%FjCs$7PYkEHeb?nsK{l
z#y(8SM}>uI7P;!!n^pm5!&Q#_-2Iq};|Md|iHmSDqt-B=HNxup4_}ishioszVYaX%
z1y^MJ`kERiO(KhYZnv1LHGwVa=c{4!<Fa(!5{?YQjj*NJ&q{XnMP3OctcRc!vw)}d
zI%`Gw>7c#54UPWgl?kS}*L@+k)s}DRn&VL=a@tIoBqB&u-y|_w;%AtbAd4dEaBkU#
z9J|z@ZMw_V=la;0kAH-o-~K_DIoN5>b;<2h<zZGSErU(DdU#J%V$|HMF<}}xJ+*Up
zYoE5)513`L#umc8C(Q%<QqdH7SNY`~LiLQXoGJ<4=Ui>d=hQ^}x1jBQ(RXJ-qVq(Z
zOVmKOut#yXS?<GgG5W@bG(8k;wcIIZ`ogh~OhL;a*#L&Avg|xqc3xdL<yyPhf?slL
z4Vmqfub#!*X}TD6bCKV|eA_g<Rz2&DdFO=PjH0jWL0@jsq@H(|Q>$OXGbeP&6qs^k
z3MOhxBR!oh^vqgPX0iQz!@k6%H_V5Z7=(s?A}{6*RDZQ`*@ou(xJItfc>7o&u*U-0
zI2eOt*yT5rRjROK+h#U?OkmF1ADxWKL}2FK%C+;P94{`JCbwnRI}WQyBR|FeMt-S(
zkpKOEk$?EozsOH)h(M@AO+)<kCT>*UGM#6ZP&_R8?tKL%fYHC2Yg+i8{0Y|}vhMUI
z>n~W=lz3l|JEqEGUw>aF?QxU4K%b9_diZUtwwYS`NPjCIt7ZFE)0e$_pR^e!BG}(N
zbX|*q8<iCU8E}~?VNx$qFcxV2IA)@sq@4`sj5s!Y`3#+$pWdir`6%b@!-^B@ske4k
zI-<ldTqz&29H0P+Y-vC1Z4Ohx_#hANu6D|jTN+~~?R4Lcgl2l&ZV=yGiI-|JJqed7
z_$o22&)9qjhbN3U&S@DUvi#W??-rfIi8+QE2pNd640g=9ugkl;-9Ys9kSSOXOV&=8
z!)AWSLDZ8X+vAP!S~c?B3T3L--|yEt_-D%<A;%V{VU|0zM!kNIMPD9_yG^N<4Xq!Z
zA2P%;!TQ=hKy!3a@MLh%$LOCBQ&BxW{^qaz1-UpjX#eiC8-4jCEktT3E<8#O8|wl;
zv9+e<Y*xRBa+x*;>@Ed(jpiy^qR0>=dyBw6^CwidQDX?~IO7HDo4VRw&J}kdbZ1Dn
zT%E1ZGlQNw>rb0&a_tZjhW|;d%5j3@`+WF6Kw*<<vnn=*a#dUcpI{!d#XMZJ^|U2L
zYJE#mIQZ~ksUNcEE=lWCX=s+Ssmj@uvto^7;6%Iy3Mu&=vDorw6Kd<+Vs1jsnF)r>
z2!-BBO=+gfY4tr$1BncryQs@K0)<E9)byA?R;DVe;B*rYS3QutRy6&dw8>W*0|s!I
zt<>Svx?Y*Kt6PbW0;6s<axw~~9Thq3m8TCq**fD$Gal^Lg14rLGnI-?gisN2B1gwK
z3#Q@cH>e{Cn^jAV_poKNw?4T5Dr?+9C;l?yo14~{*&Z@6tZa|@RPksSBu#pU>~qt!
z%kkZ>xz{jFCVnik##-qlyeuf1GAF~49bq!=VT2OkQbWG9P7p88&B0(Xa_PqSK3e#4
zzdk~+wjOxIqZg+-i(=O<b=sRUFPGQyQ5FU)5e!jl(ZA8*wp<_EHILG~24h`w&Ozp_
zEn1s#lY*}=?G#MDjPB=5SbYrdhi#)f6`oPGJyyB?z><MqTrEl!Tgt@CvM2%1ok2X#
zirir`uXZAb%5d20Nu7W=ict6G7xH=WbdMr?x2M0gxJA}BU<anEMi4P%1}mHrb?(Su
zPIZaldG{ipam8VobU{-AjYV{%%|@8V$lZnxSU-B%{K9^RQS$0N2tN4pu&xuN``+iL
zW1;kq$FITBc%2%MSZwel+<(p8e_a5(dsX>fh~SQ!NTbC=;S+HAqz45`SQa=x-%vKK
zVP|llzjt>ZyY~uB`vcWw4(&lf#>|7n=w9znSbZt`XnheQijZJalN>|0oO}SA2BYs&
z#;rLHy{1Wq>%{D;<>Zl4MPsx|6B@ZZ-;4tuJ>1JwJt^6Oj^9M7%1-p=c=oBbv;JVD
z`^3%dt7>d);-Ike3)z8c%_{D!@yz_mcpv}P__GPxz-PFMzjE<v#Dgq9UnU^YC<w#G
zOUH2ke&rfXN}S{}sTE~z29`xrzKzkUb6vIXtzVYPMbWi}QKa^K<+NP4`J!e9J!T}!
zrY}*wV_VT@mhw;AO;oO}Ek^d&Voltu!U_?jywh(>^9g~}`tx{ynb7D^_;pGEk;nQ(
z`LvA@jx4i}aIu+FLJ`vB+IRb(f^y}%FJ7f|e~$~ehC0{=wonQ#y(dcWTsf(T1e@^h
z54_za|5cnjAe;;Cc9%}#)3E0f86^d(+X9RYzdX&h@)K72u?>sZUQQ|O(1}YI;ko8p
zS<y!+S8uuKS7G%p$i>x8H2LU#2`OlULyl7*9)`)nt!4?d{Cn|kbXNO5li^|FaB*0>
zt7LYcqNTH7OhY7Mm(`ie;X_)dK*~gK9Mv_aS0}d;IEHoH(?>gw`b2_s^UBvYzL|Vh
zM<YM=|3-f4e~^FVzsNr}`Y-aoyg(rQoHWZ{9Q~@M3_L&n0o(j0!a`-XzyO`sGAWLx
z6gSL!eNKnJ9Jj3X(={PA+<sFlOfgv0W-K**Yeg<#XjtcyQ2xnv^t-ug+ZaD{H34_-
zRz7+cy;}36QnjJW*wf<w;p;8qs_M6BVOqLDx~028q#Hy+*hmP{AV>&;h=g=0NQZQ9
zLAtvHL>dL@1{DDb0TJ)yIrq8md%m3g#h<yid#yG8bB;OY7`~V4%E}Pr-P85rMW4Gu
zfo4>?zJ1Z1Y=7vKC}XMn%p@LlD^*StCN6Fg2TK!+aJb(YW0_!`7kf0{D6iRstuH8P
zFRjA*B8J9*Gfm!=;-xV{N&{JpjPzm$;Z$E`AnsW~;>F`;C*HGXW5n3Q*+xH-MCy|5
zrjyyS704$VT$d)KEIBL)PHFN)A_|n5XPweI&X~M!ge@jkWO)p66+WbQ>qISlSS5Ka
zg5K$BC@88*K%?TgW3shP(UQVsF#jZ&PpiQt-T;FmAV>EO;)*1Ur7e}WEQQ9DKm5Iw
z%=mPw3h|2L6r`eaI!upAo&;QO1!O@akI+VrGJ-jLO47gVWk?wX8kNR1A4O18gvrS(
zV~a)fZG=!oe0UZeW8n9zWoaV{h#Is{3YScH2mPcB*v*<!plQ_HBjJevN$Y1+PYNF$
zj-HCI)&_;4FgW30cwfL;=*9q3Yan)setDED(~;|%F_0!uIPwN~*8z7qJ<I!++FKAC
zE9g})buD>=sO>W~&}p@JCLRAi+UYqG#+lC}-xO?AMu0|li1z6**j2ho%N>!G#5B06
zXV>*777pJNpxK(vA-}f#?1ByLw%iTrr-6sP6Wit6+|FU{zmtO_<2~<W(XNdX=eus~
ziuM#IVf$r?Jm?OQC)AJ1=Ap#pBy6|rdXbKkpku&zY_{^!TdANf)qeZyxvrej3=uQ6
zI&0Rw_tK;}0ut>on4pu{t)1-k`1sAWDx!Iv-Jr>gyoLByyt$a^C?zx9)a$-3?zoJk
zX}oO1`<t75FPiP{=dtmog;XWl*-e|?U|36DQbgZv#mvU@R5%k(wVTC!G4VDg$Vxre
zlOMHN8R@<gh_4h>Ta1axqf6&}&!gOk^SVM@^_UAT`E|#M?@5UJj>^IlU|g#T2!n2W
zUkDbj#`>f{B#!qZ$NH`)7~N>Td`@iQ7|4MnhcO0`>jlsi{MKsMQo~3)*_`gR`#nvO
z8Ni_;qci26e5v%xs^0K#U$rX*eNJL`;rtBR=sV81+Z4AMoqkwjm`@w(@UtnQPb6l&
zzbPPUP!ru%PsW^&rDxrI=e{UPNBn)r9ym**ljmq^(5BdY$;GL{>If&gl2y!k-<?Kk
zZ&KlyjSDxvxUjsRCC)ee87c~`-OC&AsRbEhg(E)NQtascCg*IETveLaw^QRK`gAp>
zf_k6a({Kp|Crfqi;$Cv}d+P2koC(57!NO`Vtb8ZgE#m%ox6w*Fwuq;0dfIwAg|7fv
z!GCYC#4UoT>q}HvP2|Jp5z}TXQAdjv?U8j8W=o)0e9wtvxE$t*HsQQDgp<Lc%E!_e
z<@QM^SvYSh$hTSZkm(3?Iw}TZ(?IwAon()^8KO8G_m?X{-W{HpmwuQ=2iHnWOJ7Ww
z8sg@VthaCHMORXFSk-YFs&?69ppmJIsWV#Pjkh&vD08mwDaGBi^@YI}H~rRwQqk)|
z8X2C)Aep?KA8jg6Dm%TA&woQgH%;U{tx^PoVlnN3{NzkhOx}v6=;PCs@E*mSP&Au?
z*X2W5s%#u0K}6d9OKdi=1N%{-A(S_aN7nDYv^J)3UvN_oRa(>8M2ez&sCRb~iK*Jd
zs0KT|KL#%+n%-bhi(XLM<(w(pZ4V4y90=H=#R}JUGFq9j1lmunk`VL<Qu{S=K|xOm
zZ7N8}S--Q;vAnp;|3tyib7nA#sq+LTw!x^d6{s^RVICT0s3g@DPHsWo_rA<K+@pDj
ze~f9}!uJ_ZF>->710l_-)0Dkfv?KqMJI}mX?=WNOg8kwO`KkUl@=O1N{2%@s`9B5!
zi~L~$C@Aww1w2(se7R(^F<Eu02rPd0jfW3V+a7$&L$xTxl(T<(^u*qvnZ`9ST({l5
zPnkEA;no9P!Jbao;-tITR<vbX#VmFM16UZDAafrsS8{e#oztd8VHN{0FNrBfr{76R
z;JUV!Fu1mBXHkWz7IlUri%8KU&1lt=jVvXMil!+*!l<vAxG332-9+?9TqDc1Nz3o{
ziIdX}Oa7+jYbMR84hQSvJKTz>qYjfqhVs*84y`P)c*@+?yj}d^H@o)h%<_<#29+&w
zE7_o=Q9zW^7|DU^cm@#`dFHHukiwb_EE+0FA1D%K%4t?X82Wit)`s~_x*0Xve@wp-
ze)Ey?Sflg@`IrI6SS|UTNY7l|em^Q1o`q1|F0LWVS#vh0C`U7sDW1}EUZVe$Sy)xT
zt$wg3lGzW$;3twdEBy%Rf|BkmE<AN3<B5!lwxXklp@MSW{$RyvAndFr${>K|5I2dN
z*7!~g7G7}-SoD2ahD^o{x$YKx3k*!+S2oh_CSiY}*BqCg^X^Dikte82o-maC(y;DK
za9Sv6>8s&KeU+c8t(D7)BLz>sZuC#QA!VAY^=%MRZd;zyPdn$Nv?4g`WT<{FI9B`7
z!a#w0t%6Cv^u<;s-{yt)QzGVtr<6$ty6EIx?Hfv)$@&HFCW1%IJoVEWLF{;J;6*uw
z&(Y?_eg65DZ64^@8<UHs8i6z;yoX-zXvjVb!*a22QO#;9<ymImq&{0I-@n}e?Hoi4
z`j2<|n0zot8oqD5@@ur^rjNM3MOMpC^UZSG^bhfiQJM%@6k2`H@y0v+iFtF!o`wZl
z9T#1eNh(k9F|d&+47KG5Nj>CezJx&i%6mI$H#zin?q17xs4FNFRtOg@LZ>60axeFx
z%b!zJicnykF2&SXt_3|rJeuD3nVZ2PD2g79%BZ(XA^+#Zry=CTIPTdxqL^$}Nw!qS
zgum@OB}<F6R1p*D%+B85%e{>UUyMXc`OQ8EKBZCn>S0?+?8hul%|+8t+QiA3R}pjr
zg@UaW{EVjM7F%I}Ph>OVQyPn)iXURQ$Fp6QFdN;mgB5+)lZry-Ng=+k;9>AMxT2a@
zl8w=cd$&E8zKW8FtRb!f4dpC2#{9|bjhF9C8(yNRNci>T|McTQ_STe{or=7Qx`8+K
z&ZYL<^VpIwQN}~&l@h<dDZY>iDbxRm+|+hy8V+;aP;ylC&+|rJCW}l1^z_MjSKhsk
zugvcy5sZ}UdljUgf>fCKsk5>Xu2l6Jh{F*<-|_wyWM!-(vFC(gB8t?f#tXA@?Hl@q
z5%X79azg)D$B|(~@&5Ft&j{nqC%mGsA8Bbejd^_koi@dCjm6fJV(t}pV-;PtPl3`k
z5IDHLiEPO8DXlF3!V=(3QB0Yu|J+kPuAkr<KVL%$$$3%ugq>tlExM<a#e25oTGqkI
zJ96|SY<H8^#==~!&oI&B-}>lPr=W})zFB-iGIAi(Jhhbxx~n%<ok@OAG!Gm>q*tGW
zFP-0Telo!N3L`7VK9TFgja=kcJlV4r<b?uf=?5y*@awWWn=wSr@d7mLtC{H3MQStU
z$tIewJ6g)zIIamsiI%E<s8S7DCp(E+8?u!oRW9am)PKnP_BQ(4n1XPU4Sho5Iq!bj
zJGs<idE{tPU)8$<tO)ik-+H30?B8<M;=OjrM<b+&u9$QO<o-~kDHvdWkOyKr_^D&T
z?PgqAM<cf;mW007<N~exXul$ET(?vyE)_E=3V2$rj3CftTEi2iTsB}f3b6I?Uu|5%
z%EfDjozPe2y7w%Ch58?jPlLE*W<&E(&Z~}QL?wSXmwBbRS(Bsrwsp7Qr?kio-y=RW
z+(gaCcO{ECiJSbj^xP4eO(8i`H;o6vLBarpP+wJgT6JHQHO1R0yU2>Nfw<j(Kc54x
zke}s$Bmd2RkbmgEk$+y|U*tF8KtYi@gt5pkr6z3R4Zf<|^)b7a$M+w`I%J+1y*2J4
z5XGZ-#c=D3J2u<m1vibmxe_9@gH2m+IhJrBn<_TpDSI5NYp>?bE^;Tf`}^7n1Y?Fe
z6xQ!gdo3Mr9hw!4856z?e{AxoR6n{}{4;_CFAA^EX$9E%0^%whRop@2Z^qBbkHyG>
z*FFk}t28*Wehem6^LQ8YWdpA-EYLUb4miShF?wpG;k8hu#2}QKcb4k%Xyf<Og1<~Y
zF8N4I$drxb6=k~R!B=3)|5{!$E4VA;XOn!Bq=HEcU~^j7BiKlzCHnDa!*0doI3cL%
z6KEM+m32-KeHsFj6uaYwm0fkKkp-D=ZOCIk4y|#?JXgFoVKV7^SCpMe<6#vx$1U~O
zde=RT2lHL7J^0N3JY&&{E7-Gll)jgmIVgRO>4-J9rk&6&*m!NB!=sMW&htgIee$QY
z!B8!&%L8JyRsH2gQNhu=uN*V34<DfU1vMZz)-)Wv7rYQVB!)>96CIN?qFGXu1SR=1
zDq-s-Xi`l^+Pcn%Dv{jge_&KXeQNZsK=MdI?9MAWzlg|u-;(V3x?Ybl!z=+(>rhoo
zEJB=KQctmssJsKku_qauM6?T6!**Sk!@+Q2Qu{^4W=%O-5smX#n8+PDi+owO<jRVA
zGCYgl)AsdiPW+V(=cEEr`j|{9mV$2*yN5c?qW!D58>MXvXyy3gkxzAYe267{)qm+{
zQiC_Up>oc&XX8{3VF7JMm86_4WRQkWhfhsBd$~^$D%muxe=(f<=PN<Tl0^MAm+7>;
zm4w2z!jnIAJov@2hLgu^enq0?Db0(H>XQu}kJ0;9cWJoFmnsy>p2%2ix6IVuZ>u^T
z!dXE&5}Zk<O0%YkniIukO%}YLxz6Op^f};bM#qk-vNJU?{RelwN$jY_{=0u`-Q^=D
zJq(MfUqhNDQzfF#`Rzou#mly`JBY$}qOlzgsk~Epu1_-x#hxjN8n=0$hllmr4{0PH
z=dL4lKDd4syd_e|FysuD#TCU!=adoG4HT6%RD}@v_BDCoWQ&cFy&Ct>OM_p%5&Ig^
zLB&BB5krML7gbQXq7&tA&HtLIJrWi76KgK0+aDGk7A58@$Qe^??lFk^BdBXuwSM=A
z_|f-<04MeJEeEM;BPS_4iBM}b!WdPnj92OoD?RPF9Ir4Bt@k3=*`CVs(rmPBW>se0
zz5dsgX2kJ(ZsxpKLXsAa;F2KbJldkwWYBsc7S(TW<?7f3WYVetLN?eN0b4NCkH;M^
zL&$U@>hhH|J&((f6`FX|4-Csh-Uyi1e}~iS<#DJe|BL41AKa!_VV0C)R>~T}D6iQ9
z25+Q<ptmR!n47~g1)}48x^WUMw~Gk0UBkeAL_Awuh{MFA?CniG&kB53RT+TYEDhoX
zY!_d7zb~`dp@bbjliua1YX{!1^Sx2Y1`2hj)lFlO3&w9NIiw^vg_PR;T^5N6AH#62
zaF+oCFKWDeFxmJjn3PRM;h=Wjo0opl?ppsVMu=shE9>MTDE_0B0#dabS7Wn40u3CC
z&AEdxe-t?i8;EyUX*0~dGc3BOxqp?6_ueHMtGE%CFMI0zOqCFbclU2Ui>Ladf;hbH
z@&$~U*z6+^RB;wIxekp+J136*&jeE-IOykY$<ER8VR^%1dUnp%)y}TiL!;*sK0iT|
zmOxDI!fW14PPXMG_82RwKbD4$W6_r~5M&n^pI1qFpFxz@e4R$wyI%1m_<%94kIP}z
zyXw1r{jRz}BqFt{)p%MkC6!H=o5ir1TbzFII@=1-scT{`h%{awvb}kK-aL&MP1j7S
z7@EnGWO%>Nvd)>Tf&V$`hHjK9>4zF4w>vV3icSB)`$Et8x1BEU2aHYM{Zo89gOUd)
z1iK9aUvJtYTU*ZM<a<Y+|GGkc_WzCiGXEg|;D00k%C~=!KOqVQW#Rf)D|WA@KW(G+
zrIp_?DI6c8hL1MwpTLTi=&hr_7t!1&OTy1=wANb>N9MkpGp+qehrPXr-<~)kBUULe
zy?K7r{aU(F7PDTn!L##clx)8!{ZI38)M_$bbGqD@)4$5~V&>Db<QQMCgkm$>p!KxQ
zWk&IWRa481vE;_pa-I%Iq$4gN`o;jPOUiv;M`u$UmA`T)BN(kk4|mu2Oq6vs^%SRM
zu#%`u54BCjrl*qil|C98l&05h?yMq(l&wm{KaZtP;0pB~ubd>Ca)+g=SgW&OZ2ew1
z^gl6Q*!un^L3GON^WOs>olo~3?s~U<Gk^H!ul-&dScL3?voFp!Ro5biLA&EL*kx+>
zJ9C%<KR`kGdW*ooTtebL@N?Q0plyosV@H>X&BVT8r{z#NVCZ84{+APxqbD9odVfI%
zryCsqqA0M$dJc3e=xAtT>_%JGR)Vr!4JEW893EoA!lV_^8UuykVZ~hX?Bu)S<70>k
z1R9#pxH9lz?jNoQQ!rp#{q`+-AkPPsXW&>^aambv1<Ew+WVmZ5W<a&Hrp=xBPQ7Z0
zQ(wN6TEtE;FW&m{^71sHvy+2Ydd$w3G7F!e{!2lkk9AP~nHgdKOH>S^%rs?X{v)dE
z&mrHz=)`p8XlK&j-`|t5{W+{2+N`0`@o-SBCWDS)mF08(62{NhH^s)vkI)o!{NL{>
zX=Q~~zeZN~Xv670cF%|Ed9l9io%J#qi5HxkCZ0m&Zjwo^!%A@jD7C(nDKqQ^J7_d>
zK$2$;p7!A!si>=CFZPRv75D}ZQ}BLNu5NC^{Xi!id!W_Dr_=aopR-djkL2SER0nNF
zM#d=1^6!J4Au$Ay>le>=u#g99|BdNmuRqRyf!*G?I4~EDmvFrw!qAtdJz%-lPafoB
z*_z?6(1*j8p5<X<{vn<<{M&s-jQhEYq3c};^a>9{olgdDM(+;di$iYNELNPl!5;g-
zh)Grq+MRXo1Nnxb+3lm~i{Sw;_wSG%*o7asO4-EiI?}zLwx9L@+vKS>OQDCMxaET#
z4zxP6=dTrtB|L+g$)*BCslMF#a`5pEwVP`hBO;K!%E_3IGl1XN*Jk$iIM)o#-+MWa
z&F$ro^lc0z#$DOzXP+L+ggr*&=jSsEE-o(a^Q0Ebs1s9C7A^i6Oyo-Fc`87w7c9>t
zBHHiML;pq}{DXkXV@2%V@q3JCOlF3+`fEZ<pzBDPLh<YJI-BD7hJ;Xt=|zTwYlU$Y
z3sz1|h!}I)1Mi<Ng1>)t6hJ^1t3npzEl;P@ge#$R0joJxU{Dz+jeIV%>;p8%4LmHc
z@A>F+Gx&%6c<XY=P9rKA#NELWqH%ce7>)oNQ$_BsIk-*x0znw5)Lm{w+}sGmC}LMB
zZ!gG{3A<GMG>*X|W@8Dp@y{Rlw|KTHhWy%X21%zHQc|ufn~O`kMT6B+t;0B)tF?S6
zE`=_mmDAn3cOm{W9!Ihm@bX0B=e!kc32uAK1Tw~?6cFDW&~7ErQj1H^LNy3d4>Bi1
zzgJ@y`s~9StIuQAPfL@9^h@<`NS#yi<;bqAMVb{3mdG??J=|gSQo9%Qrv*v4MTUop
zib}4QF?JhbBqO*Yd0Jy1L(q!dVSRefY~;4GSA%I(#-qJ2t$#E{^Jaxml6rMXU9VC*
zYUvAk_tqL2I9*W&jSAG`uOt=sm6Dm+?K@VDC(`bijaHnq%F9i#B-}~eP(Df%Zb?E)
zHUW`ZbgR&O<7=vr^~Ik*(;|VX6|njiCtxAFS`Nn$yRGk!d8y57)&b_UJ}iix7hq5F
z>}J=srx~x(LcT#Rm_hv;lBS^z-62nwH!3rN<r)G7cPpebdxG?OUKebXh5hHXEHq#k
zZa_Vlzxh?`TSEX5t2tqm{w$NHI_VYibNz4Rzx5CD5BxXsZ)N|B{6At*Pz-$aBT*6P
zG0L-2^Qx~SP|d#B1ZL*)dg({DxrnOW#}d_F59E`={n-B2-D}X%_dwaX@;Z4~-Bivd
zIdu76V)FdTIzN%J+Vv|%c#)-FAChMsy&XiEzMF5Ka2#m((JHmn#J!Qra=yD9m5YE6
zf!>RC$M4}@kj<@pnw<7qEA=f4-D35HiWDbFjmP!1AIk0TmgE**E?TY4$YH0oXh)iL
zyNKYCa|-%j_<Ux30p2KJ9DvM1d0AKFeZbad(<-#v_{ZH5c3lTlC+Dgwbd^3-nw^iY
z#86wekbZucW@S1o(ppaFhRBZi7DL&jD)~(dNW#CzCBex^n*Y3XWEh&ta&vPJEFvK2
zket_ef45;tyv=>Iw-JJ7n&`8`A|fMk2ne1lF1l%Bj@9t;!$*Kx6I>y#UOE3<s(w~Q
zPtT+E!30=m`crJpn*JWWZTj{9y@sfK2r*H3WzjkO^G@()59B`>62L2#<C;l@lfyqR
zDjyjSF<IG5(DcLoBX&X>Z!W3c<a3bco7CIe`|xu`e95CO_r1kiQkas{dp3He+S<bq
z84LrF2hM+(r(aXi(mw1cm;Th>*Y_YWQ<9fU6!$mR%dWvkk*sRsNGx@NyXq{v)l1Q;
z_>HR}&3w}zGbF0GXKycXc^&+6lk^^lCyNXE=03ySm{%(KIf;S%-Omo+ld7a^jdW>M
zpZ3KAXuQ5S3-A_OA_Y}mWR7G`v>o&XNvgf9H9}V!F>a7H89*sdCT1a>vaplE=c^b%
zNu<(!Jk&Iih0&Us=)yF6-z{`*%tP|#8`THFAM5)Gqv0oNbf|aSf3q^bRpbF@Pb@@r
zt_qd`!NjXxeDgTzY&JZp#RV}!f-zhv?Gue)Lx&aqoks^9J=9c3FEEPZcbmzK9*25L
zKhldXK>PoFi})VL;M4`SioZ@yK%kWZ$0yHLUnZF0g2CjK0Rn_eSXX+se}&T&cAz!x
z-f1Vq$L9r`6?iJ)*d}C<Nu3byes^W*0m^*4p~M|nS&5E{@{oLbS#A4aD48!q$XZoS
zt^;y1GH4uJ0WqsVLC=Gz0Qp^l2du?F672fOo8J)DosiGxGSU^aKbj%&&TXaJ4Cypo
z);PW*Q>LU7&K&<_#gNwgF_@A{nTA{d^_#3b52o4+5R2Uk*`X&4J{w7hDFYSIVyR$n
z!R*u!CJ6!p0#2QLAwkoW)u8Iviv|s#Klp3!&j7}+Oyg4v?+1YVo0!lDOFj&A<9fM@
zm^9I&v1Iw%2Kgq<i)E(}opKi)^wRfwa0rW^?chypyd@Z|f>e+z!*Gzci&Vzi4UKX|
zQ}UJR7vdIuq5HMt_VWz-svPA=(q5GKu|lou4)v@za#dPr#GTc%hury~Z=!UeASKm@
z(2=*ACrlY|Zy~cZ`ewg5IZ*GaJQ|~iRUYQeNWYBLiri2pme&wI33ZN^r{4T#L>`nj
z>59<@p$=fUOh1X4yRo)52@$z3K9*qx1O(J!nJ`ONfoFgxDi?l2;(0H_Kr^i8tWdA&
z5;lAF!9H1cs^;9cFRY@XQ(pruDXyxfdo}F2wsbaYZkm^{4Z7l1^a5PIK8#u%nZV7E
zc7W~5%0VVc{kGW}jA43}nmu>iMi?EV{~sh^G1Qs0Jw0SsE&)LX#FQzCbbk#sh(|4w
z0OumZip55E^aUZWuXhbA@}B5nY@_w6z(_96j;qZj2v`0(_|nsP2|oR4GaLID0=p{R
zoo66N67D4Dkx(#*3(aM=e-Rw4cMU4M$C5<E$~i7Gl|jBaZgEcQsfGl#^q(Z$mgVum
z8|FNoRZSg&kOX$~$RoFnjvA+{avMYO3$Ku$?|&n|>_5o={=bob*Wh2|Ptry~(Mq`w
zu@P^?z{FbvJc2i`jy;IPvf1FiRkwu0$+&8wOiW5^?I0WL1UtKF!nRXn42H}5e~5z8
zIdyYTj+NEaCb`sG7h1fpHfV)jhSdo(K@_M(yB|Dy#lJ{`vEGG=8{|&$%CQ<h?G&_x
z%zMcM!Gw3jYC%Ck;JK|GYG&T(#w>1)|MLtM*SPfyu%Eov=_L)3oWEb;u>&rWycX?r
zM3D9zZ$YP}zWy=ebHdn_A#aIZ{`Mr~b#<ec3GBks4_#1{&516Egq0&6>z|*Z_SATN
z`=sh{J5zFerPXVollN{3u}-ImPfron=P|`TvXvN5+`L?FM8!OqGawlsPmSdX{M;J7
zV~Wk!OWs59o;0s_4i5FV_?DOPtN0ofp(9BNZy?HA>#r<slV-Txhh!Is=mPh%nlE2|
z9eglkNA0(+o~3%E%@mT%j7WI>y8Ys())`;?4?9hgrYNnQ+hKv+2$I*sULjF)LpYXE
zV<aBckIQoZ-w_|A#)lBFXg8}clL{&8d0NC!jcsl@6^UlJQML?aV3}E{`tP%|!KOpd
zKl1`DxucH#EQbqlBs5d#R_7=1Fb@nw;R!84W6ga4(Tvr;7=+v-H>Q3+XYXYDHdSif
z>^%#v%4W=w#Fl^^$VpOnF08lr+rE^eg4geDqY9dw55zka7!0n(AaI-gs0CB`=%bQ*
zHASU-VC%2&X2k~iB5o0KbRb7?G4Z7t0S?Z=m`_(6vr-%)3|0L*4ECctwL;AdNoZ-K
zg?j7be?n0;_rZ`Ngj%Kpf@A!OOmX-!XkR=Enou4m+f~Kg{i$2gEF1k2sdo@_v%7!u
zp1UGm{3Bex`H1lN3NGmi^2jK4wQT8358A3H;GZkYx&`>+|8<J%_o`^_)zRoQ<wn34
zVhDTQ3AYfxz{>^lyY5$6h5DAcei<?>Vqafu*=yIT<8+YK+JGDvd|ce_Iau#{%{ZxC
zp{k<t5%voK>OJNbR$5*7q#z$uK+Y7$ZZzxpawlrhDoDx)&D3N-@$mpGq!Kvp6zPTW
z_a_XGVh@AY{9q3XhFo$Yx8YY%S<&xd_%5|G;~OefSXFj($Q|a+{kY%o=nXf5jEw9V
z90Xv!H2DE9^`qC|Y=!wvSxW}3&a1#+Mme2HC^ib(j})ZI2oJdnZH6a^6Mur2YeY62
zDy{afkyAbRnFUZO!0TY?TCbh5a&LYDl9<EQbq^jMrfW>DAi^)P=xEm~=J4=>w~CvA
zq`N5A?Gge?`#b%2b)P~nd6h|fH6$q25B;J$R$#zkk^?=JTPt7-mEQ!#SUDsRKwWx0
zEv&zQFRV+H@ik7Bnr=_gTc`cw<Iun^kK9oBlF5W|LW9RDEIJsD7a(pAo=oGmjqo4x
z*t}+q;D7i9BA;{AUn?%$N<pSx`5e<cdL1h`+82G@e(<%*bCfy0I7?YsSwT0}(EGCB
z8U41}@9byoKpB(WWGDD@uefaUkF(4hXLa9*Zx4)TN4~QBpia7WpO*J(xpD^m@Xi~v
zSnzfwgPU=-Bj7Le)?|bI2!<iUb##9vPgXs(7%Bx^_ZO7=Y_)VFrfF1_5Sn2lc~H8T
z{L`!gGNiALTy@&BGfYP%Q|vDwpdv{FbIL02mxQm!$_$EMl9<fM3yu}Tk@X%2j`E-D
z)6O`2XM>@-_KiYzJMjYp>hRb+MOnlmHHi^3kPgP28&f+GU?=N|coRjzQ`Ri`af3UU
zK1DdQwEpUDzl0s#s<<F$A6ojaZbQ?Gp}4sV*sfnfT{p%t*`!!QGofbN3|Lb*fD@q}
z?lpikwi9p;_~5<_43Yj1W`MNsZkO!x3_~7X6_OCYN~5zL#|+NXQjf2YU+8}$zuZ5_
z-~Zppe|YU*<iGU*1!XgFczF1PKyQP)2Gy1%72LyEoPh!>Xjggk8fgjVotYJ6P&lzL
zFdaY=dm*zQ6Acdc`5!2Y`#BmFpL1^(rrfs@w-jdEf;9t2G#<jW^d}Ec2tb68uTjz8
z+gn-WJT>;u>vRwOtNzK?r^+73Fzbh{HZ>AJx>m4200C!sES1-zBl!x&{^j9)2~Nhd
z2f}eq&xDI!3<(8BD>AJFHF<2DgIT6VI9C$4VHCOci-7jSk()-DbeC9ff`eYsNs-cW
zsvtLzo;wo{xYO~dAF<Zu#1lJ4P>ah?H<t7~{e^MsHM0_y6X*TbQ}6>Tcgnfhs0^AG
z!5sM7<BXr$87?=Og(7;em}i_=%!I)B7(M5mcm_QVL~mo#8y2cXlHRDa_)#{Xl=>)$
zc#YIS0)t+Z)`~X`mTDsY##i~x0j^HAn^w$J+iC%4v|c4YA8H)zv!=l!=;cAt#<V9h
z(Ff&-Q3n8?_`^>ztIB96(Z))zh}j0FZInK&&>2|;HZ(}!Tl^U!Yl<3CAt9cC<Fpt@
zIilxGP{bpwh<Qs-L;T%KQWH3Stt>Sin5oxGP11X&cX(|ur@vf~voh6=m8m+6cZ3)?
zJM*sbLkhu{*A%*4U0p?EXc#!bp(`~Iu<?6!+p{0w?bdX!XbKXoRiUo`jw)OOzI)Z{
zfDQ-ZlMAqT0&Iavjy$RdJ3G5@d$s*2|2vAk`KAP!Ui2Eeufsn6S@o<3FBxuWCLB=Y
zzh;SfnZ$$8htW{fFR-kJjbL?;>Z@&kv(HqX46^vVx*OalV+z2Jb2x(zE}2!0(CgAW
z327FeS{&5h{uC?XhBYzC@V#oAmC@7FQvzCX!H4DdYE;{;2-!@oJn;>&_vad1MQjAK
z&N#Ta%ixLtoAaNJOKGh^jTOPXf5i_x1PbvRc<+N0Dm<9l%a;X_yXr<ONn{d6QxdDs
zP%Rv8P@!)FrN@|-&p6PIP@`*0uUEn$0s(L~Ic;%DJauBA-{~bc>SAX8J8(m?zz?(O
z#RHuT@pA1nVez*!@84g0^z<`MI{IT)z56;BFg0R!uIz<iHHEzeN{f1D>g%^4{1$8Z
zPK@53t1my|fcE2ES0*c>m}d2O7C0}GGDgHZ<<wIFW|5|Sc?R3t@cgs<g%lY}!}>=H
z%`-rT+-_|HpBeJFd8f0FO<IC>Of6#%A#7S4tMg)I#<leztTk7|g;Nt-?k6t&?P2-y
z4b;1%3hHB#;PXc%Y!lJZ(ZQV}lZXVLXKDWn$vj>rCKSRuxHJR{%AK^iwlxITGa1n%
zPGD&sdK`^E%-v*7n(o#-=IOe%4tn8-YJt!QaoqTI1p9Oa;Nbr>c8psu4<k2JLfC#p
z`;}#Ywl=<S=9ll^m}_AX1+xh4>=1T!lnSgT&JMR6Nviu!hxi5}1Fz0X8WYbOkCfv{
z{tnjL!u__*>uf~E_{z-oX#94O1zSW2V7C^_Bjo^+%vydyLE;Ak#3#qc&p~0h<2eX_
z%uYAE@{NRR)_gTDj2uh#3)h9b6v^d8g2?&JsK!&^S?;keO-BA4&;(lX2@4hVGQJRN
zG13eZ;seBTSI@u2X;fI{ei!>VU>lYx?N#QdB3+Yx@Qp4X{ja*j3Tlz&|82xYMdw#Z
z+FDGYo0_GMs0PFJ-O1utR|hFY_1CSfaBfdYi#ndWCAykR=H<p!dEbM3w_x486XgtF
zf<e}=(TqkDORnKH68bNNm7z5Di&q}KY+~p!B#x~5eSGjm1aCfH?ghkyq=r2=Sw>`g
z3$9X)uQx@NMYE^lxI+X}BhS~l(@&3^G<C2m-7Bsw<}eG|pXPGx?dMr7mjKyZVWGDL
zHO#}qA6HI4l9ruU$S?N4kzf8F<nQ}$<Ueis7x~XX&yND;ri`u`Cm*EUS24^!`v=%{
z;~!XIY{9df<=zFfaDq#OspYGb6hzsQ`HeVLFxlLzP&^GMpk<E@otZSIZE|7~7Z<14
ztDs@3y>h#Sv<$Z>lJ2>LXi}39xcrj3_tBChICt(1s~cU54;m95=}HrPpa@P^8)=VC
zlxJo-TE5blTxIKBS?)f9v*yHJ28Zgoy42+2)GM_LD|`5*+x84;^(KmG6;Pjo$j(zp
zq!YHQQc2I=4jCRxaH2B1uMd#055kePd?)-d`-(_Uz@`$FaM~lQz-On;Ron<_wWF5#
zj%0}lS}`Y^bx$5d+Vl<$BKWq47-VPtWTpDkeZ!&7FVyVMSLC}GeeKrS8v7J38gwiI
zn*Wb@GnK(@!o8+SK*6PN135~5ft>@YrBmn%FFq+=SQb<>bDM=KHyL2ft%xMvl$NF`
zn*{Geps1-Vq0oH$L$Mk2!UdR83hujsYPlno7z@hh(1J!&@Q8!uu`C7#hCG^iwhNi1
zJTx?M$x!5hNxtgRRTcyb3mT5<y~b}>7IvE-wb09*Qzcv(r18Xc$Z|F~Z;}e3>!C2_
zn^e4<sG5k;{RKz_?M`fFb%3+6aca-mA}7Doe4{(8&YoEYpkHC5?rPKHEt(L@e(VPf
z(w>~@w&7&rFAK>rXoF*~g^gxP1@q_YkzYwb48f^+q)hT@6eS<7-g|2(v!T9}r3rvF
zY=dH*K4{y5_TAQ*y}pPBjSR)JzIP>(AXMx#^N)b*L?Qwnw!f6~sXJ-Gw}2Up(J)fq
zy?f^@u41_s3yfBS<760-QA>vv%6KDeeC&1n%_?(yN%yduQ&%aPuo{<-^Bin|c8sEO
zw0D^F2t02vx{=$SSsscCRE3~6USFc*)RoT?AtEFM9F;JkUCQHfX2?nzQ*<uN4gHzN
z%x6;D$*t;;CG&LtQuRUL7&r8M*M$|o!P!I=C<Lg_3s)YB8W#rgl(FtJRR`vrh;S$k
zSF_<OUkd{2<x7MSTHs2LAR^$@N;8*NPeEGjB6)tcH>-yYaX>mr6MN&0PD**t{E(sW
zG9^uP!vPM>N6m`W1h8Jo-`l>osgwtv^d^MGSTH*j^+<{{ZS@fno^|6jNXX7+L=;zv
z(<+M~5)|(DY@r`Mv9e;x?cTN~w?t1K81Zq?7KRNfX{9iHznP}T#d<i;g~0sZPGvID
z_BFDW25Bq+i|d0Cg8p{O6=i!(BD)PPbIB|9KsmuwR#2}o3EBI#ih~MYU+S(29Fc2s
z^urBr2?I`Q(~~7(%rv<me_HdUbNevm<Z|yIBDh0F?63dj#u9;_GAyvORa!txadCE-
zuNz{~6*Zk<wNJ;aUX)?`{uQIQ<g46}m$2YRZC>=Kc!wFj`)d|2=-`d(;FABur_H20
ziy2s*fCeB?b9O#8XAsgC*f<JkwsK@62pX-x@*(@#4=J{N*nGU*fVeB)!5pH_Cm`@H
zna^~HtT=*6Jw3ApSL8iHJY!J)I$WigYfK61GEGXjYlhE5m#f{o!5dHa&rx*zPgqS%
zZ*_URj+;n|4%>wf3OeuJgxs2NYnDWK0&EW@g}6yIv{1%ofW*q@KM*e~gX6nk;GwU&
z%J1I}>QqPhbMN$j{rC!(Yh_m%^JOSsK3;Ft?Q~JS1;xxpJ{_`V?>(KpwICP+k!)~!
zvrUgFrp|>>5~}e*zfZuijH{@nss`kdA^OxcQti%NXlSScOO#!OKhf#9ii|~F7kGI;
z#~fIK8h5nZjlDfrTs|x@4|ZrYIPu8C|GWaah5ttF6ngxQ+PX*<^D>UeZ-0ef4+3dS
z8pp}gdShajRd6PZCll7qOv;&O8!T>xYgDXOaTydXUm?HL|3-d=e~`cTzmfma^<U&4
zR6{{QZN1GwdY2Hd=}IIEU6&9Uiz`Vvc~v~}$QdT>Y4@?OGT}cE`EvT=vTUmtt3xpn
zW1*Ou5Rb$lt)I<2>rORXVEJ7;sQ?cQxSHj*!QP^9oZgVr2>2H%l!vnn58^)%8)rkL
z&8Jdvab`GBGl&cth98=VeBs=(^4|S2ZCG)?(G4}!{|E;Qk4(tU8RMVcmNAMWp#3(c
zLp<{~zj<>lgpHS+X1m-qd4ZKB``m=a=W=yJiYFkoX44h#6QjS=W$fjLWY+gO8t9Di
zW?qtg5Y9*!GO26h*H|dO*!iMh;ry0z$G+Tg+<TumvBE$ug{D%4=Y9CJZ1GOJjCpIO
zLV@fN8U?yZ<cPVXx2R)UYbL4$T*94=l!bRKW^aZ+r0&Nn8C!SxZDd)t!=L*#$YzPZ
zz@xe}R;+ot&W;ED?H6@J)mk6I;hb(sj>_I`v;=!+=ltmjPG>C@he*`d3DGns&lYRS
zP@S&pCKVv3O=g#AObEA3t170OLmxVnV)@L}IEnAvrVuxoJ`g0ljpgPzYJF2Bu1V{*
z5X<bo_(wgLO&)jFztIR=Nvd-3zE^9%ZXtDO`Xz-4r1KefX&+LU2&*9N8sFqie_$TW
z5OvJE)V3F$TuDSi8JYBSl$^myJYPIg;(Ho|1|rRpZuFPw-9g)@z1RXu{M8$it5HM2
zjWOBxna{9fZ(EYgLWGql@zWPR8smD;@5ll%aS7%^n&?D~vFTM#e}B5zi|=-vdR~~e
ziTKV(_0%B3;ER7_HhtCI`J}sT4pV<ZLsH*gcj7Md;z8WAHICks>ym%u3YmOY1CH3g
zp7J})`vE7J>HYG75GANZqyEj<;L<sIf~w>4oabDN#%Fu0B&{ocNjdX(O{}KKh2Qyk
zV<)Q!y0<!d-GAQabZw^ndCPfV!<Oaqr{BsO=7*-A-4TSSv44Kw2bam?cr?pklBxoJ
ztmlkf;YNH8Rr@=uT1f356*c{zu3>Gk3(Q*KZ?+7sj4ZT7dcXd7tR5E^_s{gE-vA{Z
zIXLPYdEotsL*{%?%*74DmJ-bB27EYvoP2DYlQ_Me?encF{q%ijvm=y!-dTUHJ}ceX
z@t2v6@c;WUeH7zxn`lzpel5S#U~c)rw-8?|zPh+lQgE~5b2;4VP|){h0~|kKt|{Fg
z%T<CVElZ&2pSgt$y;~9z=#8f5HzAuEr(tdFEX9rI#A*Ig2hq;>?9cjAtn<OaK}m3D
zXD3L@oxjxX05O<#Czq=mI;;(2+|g(sPT&ybZZ6LaSzL@I2V}cGO7_{RKj%A?(dq$~
z!eJSn?zH{CkitlE{dxm9d59*a50LgN_J@Nfx{ZmIRo;0y(#-rYADHjQ90wD#y@z_<
zj1`IAt80(`95O~qxRx|E_CiR@JzS{XzzW=ioRL8tDV|;lJq%DJNY{9zHAA#nVUUoJ
zP-5F}H%6jan=tZY&X9tF0$Pbjy^;#{r7h9KnQULaw?9P3qUmcQP7$f6BteJCvqpz&
z%XNY!t6`V~2%;QL4bLdCBrP2}vtDoQ+OP?rpyBC5wU(JpX+KyI<1mw0jQ5R6H&-Y{
zc7*%L-xhKy%zMF;9;LN6Mz^CdpZfi!^yzKsl)rmiEh>8Gkwt9}-wrd0xCn_?tpqzI
zg|}G-8l`^eyHT0&Bko6${jLO!u%bEvU-;uC3dfXixzBETU#p}7da-KLt5<t|6E(0K
z(Aw7AiN`3woppYn=pgdrhxB#A3jRM<AwvFSNEsQEh!<0=#Ro7QMitK@`HRdso3g~`
zmo1oniTlW&k2dZe8W+Xyz*&?f_L~p?xDUkeWk-@trqu^v%m@f6Ej7_w7<q_|qkVQ=
zxL3=!6YcuL^<u8gCH#k9jez47^56R3$glVh^7s4~^2cJZ{)_yhfsn)dS>xfa`8Mib
zdoth@2~Mhk2V3tM1I*fdy^y$FDHi@`u;DRdBN#NO{Ldp>jKYGLKHD8m;~{w#aK`+d
z@mt42gYU<R!VmS&TRd&7Y)%^c3cEjtt1~3y)G9%fcHiU0Sq(UaUEPmp-69~~088Ji
zDAsTlvyHOzU7&r$o$>!{&b<r%B#=%vzWYw7$J@d}@MnhIxAuE~Zf}346~8om!mb>d
z!eyXJW8CPrq8dw6_<Sx?Uda|}4@NNl7*V&u0prilr-2U7H`DBU*+AUkbxc%T{<Y)z
z#(a64-scV);(+th4*#%-R~-zO3x(~mRxd6+es2;C_6XmCk`yY5O$Z%?rwkL9eE;we
zT=!@49o?-!oS^!W&hdCRcMZW9Y<3GOFF5Ag+S=fY*}x%V$9^6g73B*$8K{DTM+uTp
zrMQ5>0+mDBw`pVpuq$Uy@ZW`=zGx3viZX`2RU9TSU~y7dnXxNjXeR%1yw&G`CHuLb
zpWrg6Da6GrRUvN)=7{Y1)^PGh>O4?9L>eN)4Ds(|C?N=Roxl{s44jqQ*G8c)fwDEN
z|Ek~uiUsl-#V^QywS%5j%42;XO=Js(UwQs2`<7vJmO(uWlpLGWB3vaHtFeu`WYDwO
zc^$(QFOdS9kUMg#wLtYu7E4k}oa{`#59?vI3x4r}+vsh?n^RpKilF7=9}5{&ojA~r
zNPBL_#r}fBcnSu6zHu)d=IYDYR+XkJ6B%qoV7<9c(!2>Gv8-BvfN4Aj$uNgAw1QSQ
ze(kS-W9KW^0~BlO!&H7cBBJVC^CM@NXXfSSC)C-%I>6}_UCdRzv~sip6=xOdd&Q28
z7`9D`I&+VhB2%D~bw6q-ZH~NYu^(laloA%_*zr5xDejd+6k9-YGCei*j@#FdK;8+Z
zP1ZokAGcQWJt##pk+aKh+s!+UAl}Y!Y-wr9a}gK!ssY01FCxLm#>NIBzh_}-uO&me
zq{gV4mVGh`I?K(WB)qMhq^V&4OQw?_3(=_JTdIXPRA^V{XpdXklJ>RP0-Cp#`D(BD
zO=>yUK79V{4JL6FPxaXlu6-Q*v+<(O4*zsyYeqG>3-FJ--}-TRfcK02ZCi`~o;hpA
ze@2N}orV>chbf18;}TC)v%br+aGtLoU-Pbzm7M+FWw*DW#NF}vDFhh13tv;jhUpIe
zRyZcTlm~|U)*1O%sW=Ko|I-JcWirl%dbvM4E3rBS8UBjy{A~LUj9|tQuSORpT?YG}
zESb~Zd}`WKGhS>}VLp4bfK^L7YfPTADu_yhy<h^<O;)F6FxJgc5_JPNW>xe_?Fx3b
zd3?N=78AQansYxF`MDhyqj$KRu@|Y;707M~cvet96V&&pl2&ShE?{)^L*4c#kpGna
zlyW&J{$P0S35ju#njS0<OdW|)$MfG$oPt}uzE0t66b>1ZPeQ2yi6n{^Q|~Mo*GQ5Y
zv8Mz1nMerc;GSP%xZK>sDWUTU?guRzBeVJ4P)!QeBhZ0g?a$t8iZZ@xQDeM;1>m&c
zG%_|e23~WW?s<^mUE>0ElJB(*7{aVuj!|ZXyFk^mkO*8gsW6%{+U*W^`BK~U6GTfc
z^NsP#dL1ePIR_hh5=ff;Cn01pM(1clyKal=y;RO|@1QTSwtcFtt=+3Ma8UX>o58Hg
z3R;3MLa@OJ9WWMJ7`|sObPCkZLC(=8ncNEjbcY<zyBds6L`-s1hIK-&rR@-Es8s->
zj8^g$-pQJ@)prAN6K6Dh77~i7zvF6*B<l`eK~g7d4LR8(E(g#alcD2N%E$)_y^6Hn
z!CUnM?G)4iGcl&$T|*v-SGU3NpfnB%NiAx`SIDpMzmZ?*ALQ@;Z{)}M{4eq&-BD1W
zHh86{Bp}E}Pqe|!uJP@3vg{Oq3V%=N+yU*DN-K3FsCWk<nK;RGx-)`_sQnxUcach)
z`gdg}(HNMzHF}YQS@XVIBlH-uKNZ%w;~lBwc|10U9i^8HFdycT%)M(r=VlFE<vaqM
zBzA_`BMT<;Fx^JHl1o>u-LMJBB2TVp?|O))6IvUWw)*~xmMM-<lMM9{`nnU?f!sKq
zgce$~AM=6go?x`19o2Zn?Avvx7dJDTeSRl&{zkGgTzFhwrXgSQh0_-caJ*?bvHaov
zt9i6zOGahO0tUfY58L!`g>}nK#Lk8<UQr(*fDcYHO`T;6sZ1a;Ylg`WuM0FhtVA`*
zpzKGB{7<=sN!(O6;;QyCQ+j_gv`sB9#gG1M?qhF3s>`ncZeNj--U5b&xq4cVMBM&a
zDF{cK%S3_3{*&G}CUlyeM|eFCa6=z^;3TUjZvqx+U{wrYeDLT|j*8fxDEt6vXN$Q?
z*Qnlo^NZd;Iy?-H?#>)USGaKi1(>b?=RKgp&i;a}pK#JDDSH#{v2gpX(~f|fKVJol
z^fbrL=mwmvFh}#(E)pN^6fl|)+_SjpvscjZ=rl~<MyZ{-)Qnbr0~VsazC!qRh-y_)
zT!cq>g%(ytL@6(0gzs>m<hZ=Lz+JMAG;Q0e!(YD`W&KX)bUG*5+CV^2`;zFbS{!k@
zGdJ)G%nypqQn(c^3b$uEg$@oEwKAuF{9N8dJnQgpL7XA?5<9A&JoWqDVWN3$+~O#H
zha0Vg-a|DVr6*qYMWMAwVro+23xKRdvR~WJDa|sKOyl$lIz<M}fc}EX<}%q+aiYHP
z%qrp2WdTG#@699ijjv#x@*#;QoGlk?h!pwt4UM8+5|Vq_8g}sWFX6r<P4n1hXwHGX
zU`UU;O@D7y5x}>ffmP)Z+w9denR5ja59eXc3<d^c#-xs1{^In0u4s#oAPn-B?SLUg
z<sX=>nhfHa5V$MuWn?*q&<lwWPs6{QwH`9RP=h)z3%T|9PVbePG;a)woi7D4|N1(O
zw`#xob$}p|#vq&`oKeQd4S;PlTkajZK82F0C_8z4R-a5mA8f!IwfeY6R1BgI7+P3Z
zjP5p|q3XW7f2+tKp~42ArR&Pm@_TSf$fqkA1t66>W=)~Y;_$YT(hU>FOwEs+!m1GI
z`<$Rjlcnq_44*M5FlIKJ!Jv||P<u#aojZ7H(T+m<wstv;AteY@X+l?ZPIU56j^kyY
z`<7WnsWxbOgNi?<y~Y(YkCa;dnMy@jPPE3+y2jn22;lhM8CP|avw?cYmR+IQcLL*1
zVBO%5p`EzN#{sdz8bRi^dn5Z44~e;k<6_L3BDs=khzGWy*cL_zrmRwLDus*aa@-0z
z$3sa92?^2Vvn6vLEy2VV!XlqMZGC#^>|dZ*K}yOitz6B0rC~iwc(|gEC4eW9UC4*V
zZfH|9C*4FxdI@nep3h}y8w9VbsH#pFi?(lhh^=n*-nY1w+B8T~J69$7z3Z#FH~)L~
z@`b~k-J@%DYBz~%UdP^x4)vc`BF<((xSPY!0CY#d;UMhT`fmoOkk||uYUj1+y@h>t
z2cR`U=tuIU!tNg(-GL_@ud1q-)i*AbPrJ4&{}fAHx_zJTB4VVgsP@+H+2jkabGoHW
zPVfbTG)cr>M-u1p4t!Pld3gnr2K@S%b(lAOK^_L<|Iu^IU9Nl8Yz66~KjWxKgA2)=
zVxyQvLfBjvTgSdH?Yuqp`Gon&ml8Ai_k7did}Y#1Id`QIm;$ORupff>Vv_t#tJ$BO
zv6mg;!?CAsOG!C}*XIN}W}g0?j@x;#r^bNyTio-Ht4>oCowcp9{c~8CnQ?xrSvd&_
z#0grgwYk+l?=C`I4c4>xE96)G-^j205At{YH}Vrj|BL+hW>HYE6hls901@1{O9awj
za;$;wSX~-ak_AOq0=35RYP3Lg!4QHg3EB0@<JjWir@qIC%dMJ5z2gK~WYSbachU(3
z|22WgXT}_MKF^-Dl=-7-G4u5?G*grXbF#+Y&zFkRzsnGk%`XX~FC#;cE8i{Ee_L~;
z1+`v|(+$l;OO+p=-!ak!v#6JaaL8A5yEq8XXYdCjiHCtI6#QEI8ad{LCJf}*7&iv{
zZnsHP4@-#)C=H%C57XzoO~w7w6ZF;K9oK85F7MB+p`?dUdBOhzq|#)IfxEg=Jqd#K
z+}JgtUirRENYKZGtlg^R)=Yj`@2l{NISmxJ-9?}f!@#jJDES$JLq=RSHUI;J<R^;j
zH5B`0^F5^Inahbt$pSd6l^38rNqF8zq$Wh_7|lihK)+ar-XV)3ym%5igwsKeY`1c7
zd5=KZGy#p5)s&Ja4oV(<fN&achSFVuPkOYrHO-jO2((&TTis-{R!lQKyY6;jbQf%$
zi(r$yMC%(J^u?+^hXO}%UJ##VILErO$Ncl#dkK7|;u+7PIdn3?4@!bc7GRCMDQX!y
z1MZ77!i@ks4)P#FcXpT7AvTmZ3{oBiM{frVrPG!377~i%A%+7{q{edlb}y+j3;@-u
z`{;GLKw4orAoJw{LKgaHF{l^<cPG7jn+z4OFcZY{QI2h1BPA0yYxZwE<A|S86%|sd
zmQ9~X3xyFM?`U>0j!Zlf1lzr5MI;|rU#vgCs8aoXetva$QwLJziz|swBn_YZOzTT8
zedT<ln6Da3H)7F$s(tVHfn}MkUzJTIOXcc^5LatcC~D+Rm(i_~%CuiOm00Q}ONF~X
zfKQ$%^ueU34qFE;DT~kOEtS<hO(A{bzGeJJ-)zh+B?T#NW_Bo4xlwhD3spo0Y)ZW4
zHYkcQZKByCoFn3RlDe_oFg5NPY5hI@S+T&<g6F>f=ME+Wy_Z~o+mYuBo1TRIlGj9C
z_WfKt&?E7tKw0zP(Naf%+~b=T@o<mYWNL&#j{S<ugtfJG74@4rP!}RZwlV)12WFu~
zm>F(0yjhV8b(U-uy6|zBk?T0KJC3z>NqAD1DN+z1|EKF?`mbBhPBLwRk(ILD98jI&
zNd-{~+gJDYnB3cdtWrZtJV{eve+L0B?TnPBP<vk+647YuT-r;`!Gs#>z?@lP6w2Gv
zq{8{fC8!fB8*i20))#=(DkF_fJXEyk6vju|2DM1D&{XQB%iZOmj=!Fg=ksZ8Y7N8Z
zRdbsn1`Xz!LL9BXv$8w>ZuC~UDs?2&dl^3|rDN_H8bIq}QLIb7ZTh9wF__<)Ic#6l
z<xAo)v6chH3rzMgP##gbd$7#Fl+^3zq<k_yrEFuB6Gxg}`;@#LWg;kInEBUvj_3(j
zdSFI%FKM8Z(lZH(e4^ZBF8Y_TstVCTaIuTt@eG}NVfS>XNrJ~>u7TsnC%!Y%U$9#s
zBq%smHxGx2WuNhnt*u`H-``v_rg(q;HzDFil}g`z!FuC3&Z_?V^1)VJFU;>&T7F-c
z5j%-6$F{<W%8Ss$s3Ot3TiHvR-_OZ{eL@-gi@j;{Le6{3F8gEF<K*D+?N@*OvJdya
zr-_LC9vQwVvKM~KKE;6zMz0|+3&^S}Bcn;KJ&tI>{wuF{9)g1ZP$-5HBF`4a$3f2#
z!(gf0{A5?NQrX=p`1M=rXRE8_j_;@t3Q~FbU|~$WFUaY6a}D{)kpvMbNUbc0ieLOb
zBAMDOkI66f!jp;BmN@1fIWr@NFQl}%QSFMg<F9b@b(3~e47}vha0z+4)*s8d-s6>)
z`w4f#T>Jh-=BY(A5|5IXSgw)PubcE?A2nhBn?>|n*juTrtJhyB_BNc>^PP}Ulh%-Y
zjB2pNjK(<$0L=s;At3_;!xi#t{%_=0`3Lzs{~P%!<o-o|m3b5tqKV(h$FTOGnas=O
z&r}*UV|=0YaaoZsQ8NP1TQEI_*YdY^Q#?Df&=%(7Q>_4#9v8b?+0`${(Gv|v>mKxA
zHQNHu;ipXH{6Qds5BILk?J*$|JOLi8c#)dXM#)<sN4Hvi+Wl-%T1rYNC5;Bf8aALV
z|4!kmt;qo@uxxJ0_ZcSN`*a4Q&`<i@s5}vc<!_qhgV07sMvmmZTa@TBuY~x}B!o7p
zn(_H-S$#w?bVKzo{H=JC2miw1LXNnOnOFAY<m9b*tF0tJD)wI5_wNQVZ%&h|n^M6i
z(Vyz?yMR9*=n(fLDmDG6JB`8n9y1<`kgh~4T#SnFd)2|Fdi?;US)bmlk>~Xdl>ku3
z$H&`pS+gv6_BRemk0#&VatJst`@PHkr(c@LX(il}Rb=WkV^osuN7oSk1L_Ofpr*kP
zt8ey?_1u#VY*Aa?R?ygiYQVO#-FUC_DK0UQ{32TnBg1|;^+A<RSa3~oVWInQmJScJ
z*(|bFd#wAGMFt`@{VWx-RRw!w0XvQRuNFVtZc9mHcfMHrUblsgrhO|V&6iiKF7+(?
zH&J$!^J+ko6IT)b$RKJJ27B9|V!_A`-f@7iu3rO8z8Uuhg=inaxk|<KSmacFwJb65
zE_+<3;qH08_flzKtQx;XOTgbn0V4nT6B$P{&C}&$i`|m(&d+^)!1BG@{-hMR0V=Ik
zi}dd#-@D&-Iv=gRf9OoT&P;AU3)QY*22(u#%8khHwqK^HB8SVcizCA$Ln6&fD*+Wk
zQto2v=%dr(>JC3ru_+W8q(fjP;?QeJKG~d4+iuf~{9IwCe*WlrcdxDcA_qUc<lmmz
z?OX9HOU|qzV}{sFHTG4rB$DnEpl~DU8<)>XGJc8Q8%MPS5i;Ted8{XDRb-LosxFpr
z<J3-*x+xy5rf~K4dt$q(9gV2LG&EQ88bE436LWGsQ|!db*Zx0<j}2vicMjHCp4BhW
z&u>du6#sUiW00u-TWIpb=GP{XzvR1@mN2c4{6B=f1z42%8#PRKcT1Omw1A)>-Q_UE
z(2XD<sDw&4NT;;)C><k$(x8Y+N;in02sVoH-Q(`Q?|;AVy7qfk7uSVhn0bD8oco+}
zyF5>#b7K&<zC^GYO#p0NaxyaBq9Hn;L}da}OOn?H1+uj;Hq5JF`T%R%>WSl%240!p
zl?zR^#~ju9XR`=GqXCO{qqR8bjo9sN33qBv2?>eP9L~0SP7X{XhR92vXP;)Sq==MC
zD(61mLz8qS8vRy&UDQ!1WsqW<&@i?Lz<|^B_3QmCu>pyyOXbkH7$^`sCr*mnc3$#}
z$dmibvhhL{ZBH`g2_5VAA>#|bG_+}5=qSC82Ct(8p1U!jaYY|s!cNX#n|MQk0#c5@
zWYju^8nBLmR(hxrz-+(GXF!m+UQdLpjG}lFABso+<Eq5G(QiQf8sGKQF$mpcTnUnW
z4QXZPJ!Ezhjs}P8Ell}Y?36tIe2V~pUCeF&9A)%e@6cK43!Nx&5IJ9;nDbM)$E|w4
zJ)={SKvVE%WYimE-I3t94T=}pnfd8ym=)wGxDgxnuUQ=`IOKuqK`(|vmOdgo|JD5b
zoFlzOlzp~Mx-sn7eIX}8q4Vt{^X;;@H7Z<^ndspADNsO7{QjP+r0Y3eJ{a}+cS5ff
zcNMHD2QhN&m&~l??$9JO`g8c<G{PbSX7kM^uMU8hc5#s-e!ov;Agsgt$d}GQO$KuK
zG()1y(t!aJN0j}C$Kl?+2#4Y0UD3OqK<C%o+wpRDcXu#}LwoyJqrQCpEc@hAUH>!`
zgya41#1xXFqVNw08QEsFKwNMVcvr+PyDnaMmX@GC(YHS_fbopo;)@q|DwA!q39)F|
zb7l*=9FNQP-9(*pR0M|h53j}$dHFMT(AwYa__}~ddNe!s$hg}3hfny)ss5P)H=kd>
zrm|Otd?fuB1Kx&hU-_9^FveEj+}_x^-V;P_koZXYv8-Mk8l-A{6uUf+rO&Fb*I^^S
z(SJvNtv`|f$-g5%+oyjbzacjc4g`knG{yS;#N?80G11>sDKhR?N-i9XrSSE#Gv8DU
z-i;+Qvb9D16cAdW2@ilJ?U6pbD!jNk=3nhS?ido3^IQ>H<;T~r(JO^8t4b!tA4+^E
zBtp>tPMTo0nqg4XY;2WbfV9yE5aL2c(=K4QfmFp+eZcK&$aSWi8wVyG8tfap9Zkg4
z!<@h0KHJ*N+N<@f)jeB}dVKr5-20)niUD*25-$?3w#0k(rHBVNIZPpo-cw8SsuHey
zaJ%yq&|wl)FQqYs)?KRYvoj`J;5a-0+NLLG=>QP}J^ekORUjzM-E5=emjFxh?R&}V
zyRo+{{Jy*?`M^0J>b@#;!nGM#{V2ftRWp00ma<s(H>-BB*ESuG8z>0MJvA5xdRmJF
z>D^?s;B4}3S178U8kUW2XI~W!J&lWx|3fv{lIWf~eo<ke2j1E#BfKy4lFGsOe%WqL
zEH+P`#;(*~RSisuqYp~bw$5X)q(5sc-<`ZtZ<H^+MR@yBV&;ZC_&1t;@E3*uxSOAK
zYE0@i#qCFW;nj~OMJCPfMkvJ5b}(JqpjPN2xs`9vAu~K}>@$q$n}>?a=9p7Jjm^@<
zuXeCPHot7H(J`t34}Gygm8r+|c<%++YsxrkMjOkHJe)d|6A2>OLx8O3_~INYh;4(a
z?rxUCso04nG?OJ?tP8DVV{ZYd<jO9Ji^z<t8r?)3U+yavlTZQuoY=5F;w;hg!PnLX
zZ+~6C2CcMje!`Ka&daQ$kH)Mw)3XK703noG6POB6qUTBAtA7I1UDi)*<bt1jH>U;H
zcb{hgshgcaR-`5=MogQWS>n=N*eoKZJeIRk-#nW4EgX{(Kh}5*GPo2<8YglzXb8Rv
z)r-Yqusj@l33P#X|1@lDw|+3_o;hLp)g&VS`-M@qD=%}1FC>0RnR~ysRyK$LA@HYX
z*D%kRhGvMw>!|MiOve}%zQ{RKLxLKt00v46F)3=W3q0w(UdEKf#m27V00!*PxVW_B
ziP<M-sq@3P?uPm1VLK@1tWktQgH3X%Ti%-0VIfNV2d|~<Puw*>f0B7^V84ItytBKa
z_26jh>c^K}TyC<Qm5({)y)B^!Q_#`Z-@pK`xVX4jY;=H5Y+G#P`4~)d!YS@ktaqSq
z{rKz&F&XGaUq7t)UcuMWLuF@VJR_jP)Y-1|^*P5G{RnwoOfDsb>=3hJlni+K+4HVe
z3Y8e5Y^nOnFIa<Z%q8C@?fMMTiQ8&V#5>eG5`w4qa|TSKE${aLum3x6$Rp19Un8RZ
z*d)~ay79YtA;U<F-YnIR)4W1zRbE6Ers4}KT8RuSiG%r*O=mvQ9!k3N=v)sBoDv`R
z=2b$uelokT)N~oy@Yt^V=a;u1&N+mC2<Pc1qGnfg89Crt#_#GT{`z66Evd)v`dI_E
z(i)h{fQVwqL0&A9l9z@qfxXw=4{_;kMuu6VgW7dtUtixt7Hyh@Wsj*ETKUWp&P+d3
zIs5{Aow>RxBD2J02lB_)_L%(7l>EM-(APJct&!?^PCE|W8`@yGEPd+2<4^DR&;9aR
zIt<iXIGDb7?gkgXtv;9Xj@=y&kt<hjyewf3_QM}S|IwF0mH=hmIay*7oO2Ys5oDpf
z;sWK|F~_a8oMN5K<Z~(sKJgKQhF3fZHFbE}`P0vr&BJ7CgPnm#K2OpyQZ8!aWwnv*
zPYBY&u>-7}lEhVRs|4#RH^0+-Ej)KaLYy}yJbwV7NEl-m9>4oZ%(!NxN+w>JPY_Dc
zB)(!bO_t0{#pC8S6K@}2o~@feQG4ouIlQMyZnaMtMQb5Iz-Zw}_f;lR;|hk7mWq-=
z($&<#wywOQg5RhE)}YU3suq0RpKFP8NDU!Tc(7y~8(s$>v4VV{u}DGb7Bjm)BRdBN
z2MlzoKE9s9M*bRz{PIA}#Qy$k4<q~=b~0kOG2#g0mS7|Q78^u<3T*Vp?e0;)M*X|V
zi)T$}h&#zVad5DY!kqJ;k5c;QQCR;!kCMV&jeV5C?|(gtH9SfuA<m!Qe?5!8p3$Gp
zkYFzRCkwsDJ`e08^(f$W--So`lZ9AtPJ-;Q`@uZV6A=&-Z;02|*At}<l`=$WnpE3K
zMjnzb@6J3J9g*G%B>(O3fZ9rz#Dny_KPlVjJ9>L#>~hc)yfMoe%gFmn^SR4R9aMs!
zfa4I+40vd!&P!kDY@u1kFeO+gc9`ZxTxjg6V^(z(7{WUnbz{J<CEPOFg3ikQAO#C*
z@@^)lrV?8p(jVW1L#px9<SVec93R*e3$Mh{I=Q+rDD<SGP^g2md6C&^FQgo_P&H8P
zVrXuU(2a#Snaz%^tdv~oeP2{m<hkU0nt9*w8Da$3BNHyR#o$a=V90Mf<4oYm$0Yqk
z<Ay2EWjqy0rvZ}K1ObnO)!v!ghEL<sDmdIwd}iSvKJe}|{ppH>zm|CawnFTWQ}{Dv
zhkgQ!HkMz^9#h=6ZDa9o^0H#s-`w8TS~!f@+3}c>mDigwwg@fEscJf>u0EBPmp3xy
zkS@fo5<W+S5w#HCPVe*@cPYidv<N2cjsyPq@`M{kqcrseStoBmbZWCIivP@u!nH-C
z<&GmbuO@4`bs=vCKY}U7I`5;0ELQU)S-rkZC6r07hBrUo@cS};Z#eDkM7+E6YZdly
zUmBce&XdN66omXd<TK<lB0!;i!RpM$-++aNfnk7*?<=#nGnMoWCBVkM8>1@M3?%&7
z)#cJ&?M4hBL_}&0cmhzARClgyNx2T)r%Ymwdzr^1>(=_@gTs?6OV!L`^F3o@+N+|y
zJbU~&7rUN??C<TNC+KasezLuzXJJu*EVXWFDz0|MA1|M@WjZEH!3&1B(YXYb;R~>=
z5+P&hT>A#}Ue*f^0yAFTcFisc-;elhbT3|vypkY4G+p%Q`oqp!^Y>%WXq(ZT2j{N^
z_)gau?&UmKQn-H9s!9HB<}3qBKx}}YqAJDYA;x3mc1P&9E8Y$toPTn22yB~P=7MEF
z=g7<AgY>sIhEp?l%Hs>)t$Mj##Jir4!6-b~@@|t{nnok%`V>S&qEGqlMLpTqVC|dM
zrruv!W)2P*o{9UmpP2PCA>rw1<T8v$p0L-A+*|Yq#;aywkzGs$iI^Ix{H=0sqWIPP
zp44UdQHYONXCOc%G<&aGk}#M&1vqk0_{Q#30@sH5i0R^N{uTbuF&w)5vQEPtZU+~_
z(b4x>b7#*1FQ8PoDRC9A&^%N{0IVDM*9$xM#MZS7czAe#=1=?5R_?Y^^+RsL@H-=~
zp!;54F8;2E8UaG+{e9HT<0jABq~1{9u6uH7cvupi+1WRBHk@Cnmu}(U<n#=J2`Q^~
zRaq~g-g$vmKACZ`rt+^|MJX6Evj~~_>KP&e0vaKhHWaBcl;ciP)brE1!#I!riJAHH
zQ+MVnbm=c&x|o;3zJXJCCx0}H;Z3A!LNt^M@7}-nIp)wUOgZ`pl?5=XqbrkpBft3l
z29cChbMhGt2XP(wSCEHDzO+$?@oT(pySzD)&UB_y%C55zP?Ggfa@icMwNIb(Qjp)K
zR^XODH_^BsffK~M^dh;%BGKqx=|}>5{N35rl6B9<3i@anA4;tpqo}&)C7q+q#xZY~
zH*~(~*dLy{5JD8b#do+k9q4N*UIAc05)pZy^Iqu#GA*=8S>#t;DFd=1#P0j+CwF?(
zeTo!X)Z9>L*dGkk5pEm6sjV=oqpx0>_@y!^=h)&ragu;VX$%cRHnT2oCGb(MH?O^S
za+AUY7PYj<OkY)!H{6Kxa%DiyO~PzL)GwR#4lGuN^O&MRLUrPZ(LDl@69l(WvsiVu
zpX_(p@W(obEh_Ee+6a-Ss;Z}KQYGxeZtm^#`8ZiyTifsH85+vf(?2OMnLCr*LVH8^
ze@YMV;lJqchcU{PPlA&O2?hK6|C3d2;+A0}`6iYz`tPigB6!+_g}CjT4ED=#On#di
zUR1^Y2`*9`T=?g&i|y}^C%=JN3V()_frCTv_h0_c2iiY>{^zUy$}yyO|8x7W?w=gf
z1<&k%a*W{Vk=-~w6B?Y8!f1F%TpYju_cQzFoAUhqhyTB4CWYho=Yaq*`|}lse}5e*
zd^~~c@BjQiAHGhb`=cU%|2!+{w}7;dAtdm&daV5YuJ2bBleG7zOacR2+p<w8O=;-B
zE}HFDU$A}HEa1Hmn`YP*nf+wF%^w73Kol>(XSHVUzcDcm2VYYkCQ)K;+=8#yc7Lc`
zV4WVRc}uka`_`AV#sQ}b#)S%p0<wY|N+J70Q*A5VUMM+{Cs+91@h2nuZ&PvoLI@Ii
z1tzRtC0%=EzBQ9Hbfc?P@Zy!j1>SXua8rJ>7C7S<#gbodUGhB4|JW#W_(_*Nr3|w}
zKtYpo@pHyuuF(;LD*dgRM>5%%jlj+~gKp2f-e00Dweb#is+C|zyzSJ~crlYWxhr(?
zEBIR&vFVr~M^u4NaD2s%kB?j8ryTRkwx`w0>1)hwn5f6wMoR+%6{WOfQ^*D{>|YAg
zM;2;^s`D==vaz6?Ka`)<FbYvud9-^#^zs#LdAu-MKdf9?=d^8$=E>ccd`cD+9q+08
zD;oyR*2L^k&KK{i<WEP=+x1;7LY&zWsboSv2&A0+(bbvdDbze;(>i%n`|-K7Pt1&k
zcpc+j6pR0cQA^X=*5%XB&3#N>Q_A(zZv}5T<%5-an|?$=jn6ysjXF(JSc_fB?(yfW
z{5a9u#{7ugfvR!F;^R-Ysb*nk)U8iY!1G$`30XdOz(wAp^q)4Vt*vGH$tq)qdGX|4
z7zMHth>R5#-sy6v?h~b~ygUq$3pO`hHoO6X%*Kcc2xOD;`+X^~ayXI7-w-8kSg6Sr
z2|(F){QTlw&~Q=v1;4Q^pFctmu3baygB%f^78f`C2hf{--CgzArT2^ysv9O1d-A)k
zyReE)31!Rae|U}k%f#pR2?I|r8~ynKGBQHcU1*VWCKQh+f6ixTW$|MlSCn2S`g235
z;jO25mh0>58u)XDJ*;2$+Va)kWe`(yF;Eg9e_f<|Ome<k^w@hlXl&*C(i^m~1nC`G
z%2rxre}8|6C>c5VLREa$`^1?CHbQ?t*BIA3Xm}+|O--Acn&Or(4Gs*1qrpD?cQv2B
z2xR=+y0c;3w{SHzH24Js5{RJSk^wmkCUi-w+W;2@Ry-%{y{!vrOO2X8<9-gh6uhp9
zp>>xy{&1>Ke!ULU^d7ro0LGF)wE6WK1{B|(ocsde6qs7<uRK|qe~`l^@=eR)gQvPb
z*?EgAHV=v~E)Hyf2b#;wa#|ccNbjNpZT3Z6Os61*UPxk_vg!4xu0G`S6uzjgK|l2<
z%c0I%dFgKbD}o~2uC~J$rn_^eM5zgxZg`XlDK?0oEr%^<$Z>J)?d|lMM+uptT6##1
zQB7j&(@ssd*+Ul!qWe93ueqB2P+Me2?Mcd$p$Algh3l7vo^>@5om{28aafMouh**}
zUom>kpKhoVdasP4?cz1@FW1%AbI$iUPIOb}g~&)HosA8t8=1u!C*A(WL4WU)>cgc@
zaiY9)L@9b5?BeoY%dVz!mNDC%wX^)5{r;Y=TU5Fkk}LD7HeXbGyp24om^P;JMTe%(
zF4?`dxu6I$mE*xei;;rM`5U{Sdo(vQdmI{d4XD^oUBqT^oeY23Zs<5u3d++7iMEup
zR~8kZU&Y>1iMPxbdN$cR){X2ERc=d7c0GQQRnab?j?r_`^gF%36^fllo%IzI5(29B
z=z5el=uSj{^ar+lwA=!Mg1{WC1``utE#xFBgBl2+pl6_^2ja4=tu4TEn#Wb=N2-7j
z%z7&=MVBWM$XJRB3MT3>C&Bh8RR10M_5MWuNB@rer&s=o{MJ)AI1RRs+@wR(#z03%
z>9tw`^2#yL=R+Ce8L9Jb=D}U-MR3<DRp@4*p)mn5Hrz<B(MV%u#wJia0GXtH@Hg-q
zpw&$fa#B!IqU)obPO8S8|1PV$G^qs^5DiHugZPdK7%`@mX4j<lpd2wPpk4}ax%AuH
zP+)EzHMhq?+MYAhLj&{$>?-OwM+RjT6-{2X-@rV9k;@U3H4iZuAPESmUt50)T%XXB
zU*G&G+}+=RtUuCkDa!lZyLU{W{cKXWr2s3<VFK+6<W7^ai||gmt1wjk`2O92aWJLi
zMO0y7;Z#5^b#s#~hN%Vd#@b;NP9==J@?mlXJkk$yEyJZm+nzvH{j@b2hfD_MnzA~m
zHelf8^+19CCg942g!l@4kLzx0xWj_FM(D16pZt>Vc6mV5uDR<@Bt^4pt`JiybLe-P
z$?@`_;wYB!cAib&J#kox4|Vaq<<f@3Z`>3BXGyO(yLEDI0JW#?R&g^8J-zSn8&;=f
zFapS`?BV4}j3aJ(HogEvoAw~y8TSXiPe7&(m@~hMgv1>$5V8FPsvkNZ7MreaZMmkG
z_RhjhBh9MFZ0GJQGd76Xu-$&Ujg6pxt}m<8tD@=CV7~`HCAOvJ<?u6(b^&{FeiK$0
zgfk&Y7vg<uPwx6Y_74c)`yuc#?)qtq`y>ZffTs#9Ss0~JKbN3lBgcslR6x48YyxUH
zXwFSokLR>5t@PFAG}Zfd@Fg?i7Xv;Hmd~N7gn{nT-1HcdG7*tUVk}I)oqFKjA@pCk
zg9a7=i@Z0>Exa4au$ahFR#a3}9TRf=-QV#Iu;GDGyn;rau_bawZHeuEqa4^UPw=(J
zK}JPIX$nBtY|k<yq^CW>4-Y(lUhoGcH3}rB>Aae-R!MdEHt1f1^keH_U)UfxKk)MM
z3h%#vZwr1siy3-TL+hQDdfCnL7#3BXQ#3T;`VCes+pwRA!7@4uH#|H%1@o+S@a@4<
ziaForb?Xbq2l#0_`};2l29%?Q+xwyn)Y<kwd`P`3b?*5mmJQKQMLa$CSaRV&a-P3w
z`D+IvDAwN1`A|t|#_15K&V(9+mA{UUSxD53FN%@><<KHKgvepz$cQLaz!$X;%8W#R
zuiLR)d})1%te{x)0u9@SC6Fa76qmHq6gHA>B%I(63=hjR1E)c<AzIPwzNM6M#4=MV
zTAq2S=Ev7U#eh}A*wjG5ZD6_#P1Fq{jw9~0eV=m3A;0gmKQJ_8Z6oWQj_o3`S1pBz
zI)-dTEvrNrT0kCIFIpt&Yq$YLX;Pc9h6NI4dkiP<JHE$Ez_|u(dlAMJcz&mDeI5sh
zQkS1jriVBwQUt6N7TbMnmcD32px5=#O*jz%y3tVVdEp?ZM{f>!!5sj@r$A~Vfr6M)
zo+8jz^pwfpzQA-$yu5}Nfu<lUdk3M0Fsk}=Y#vLt>ZLA1c^*7TjsnRZ1melBuk44C
zd`30|_0k3m!;UQ6QNG?}sBR#>OB8))&9eppAZ|-<o2e)<(Gzflc`ve)2vmTO;9%F!
z=X#h3ZMuK%KeBG-`~Bf{gFTR0y@Sh7Um@a9R8p!F0he)%5+JL#yyA%o2|O0W@+qtq
zn4Ep70uW-lPT;D&Ef|XywP_bKsMu4Vr&3+ZKQIM<V@f~98JO(IcUK!$3`3N`ImU9u
zLEN~_a;D9aW7zrXTF-VANni&!WPn=|3lf5d4d?&@>hO@Bxou`=1e3c$zKG6D$OJu}
zfA8t(3B4qLvqgNv9W>@yms_V)7CcqtUaw?t!hFG7VI&f{#F}qqVA&RM5Ils}^V;?^
z3ds9#a^AiN(0X!#iP`UgFgEhj{deTo{}cH;{~h_IGXIJEKXPzz&N~gnL&4>Fi@jrf
zUGx)eD2vAXSFp%4`p0kz`|v{#zG2y$Krk1>0|Ll>xBEJ>7Gkf#u+r)K4%5e)6U)g?
zroHMOgi-HAD`3OVKw4JNrirb+{#*~GL$1jwDa}KV>~Iylv}Wq-t12o0Ou1VKrnK8Z
zfI&z|NO%=N*=Q0x<Kyk^4I>1bRu8o_e8MR-5<;=NMg^R9Fsvxg@|Ub)%mz|fi4H|Q
zE}C>#W0l{JF+-q^e;nsDz<%I0stB%DBZTiNBl;Zt+8`=V&DEL<{TNtfjwIM5m<DAb
zq?Td2NE<kD1aTEv;FtkOG@$ZwJ-p}3FT9-w+fSN8byhs2T7oE|PC-F|Cb%lphn8IN
zT>P+VUY0(8BVBb>EZBU_N1_8c-$Y6nlI@xe^!G=tU&1@Z%H7g~=t=x4UAk^9FEI{O
z0f4njp#cXCc$Mc&;_%?$765O;!X!%lryWiyZNgX%)VjYRP{QP~SAnjn`X{+lz#1}8
zEL{d4d?dw{QNKvSP6K^z;|dCYuE)>+S~3po1K>n@o?Ds#i>0AlDLlX9<KrDBj(cX6
zdJ1`J{-~r(JdwV(0oTjIsklYT!P4~ZuS(SdAIp`4!WYZ8=fsl5A>V0hXsj;a5T;#R
zkSYace)1jMdH@;%05gBSXMFyMAhEaBfGop=jHZgXCT;_!s8de<+tPbj9?R0w(o_7U
zc&h_o<eIrVIB@GnNY$@X-)971XE+?@qIM6jYRUptK%P#D`f8ZS$)t{sj>C^v93j{+
zyV&ZPse3fcd0L%NQ#Kf?T9z|@*<~)xje5@u70rL{*$Vc7sP$TQe`>|$u+gWMJy8ru
zbB{qV`m)4ry^|<Ol({1;?W_gX!pZD?R(UP=L+3R(>#s_1MCq3OdP4l$;Fp5Xn{uK%
zYhy3Z|4dH7F?K83oB}P1lWlqTuODAdBkCApn><$2sIy8UF58l~h`dPfQ)U~q@p4dc
zjEq8m3GwlmZ#Iv+@@q@~@#a6j2GEAX=i3$xM_=Ve+;}&u=0Fr?)sLWSae0boLz_;A
zz-u1}#oona?1?J~+71q-z>x}+3XhXeh5xl{Dapyti&a8{f-ryX;Dxz4f3tFXyw`Yy
zWHd?z4D-CN1bTp(AvnWZ*Kz$dcepT+BPD5bXp(W6c`Z1Ap9wUBT3li7?T)X6$^*K9
zo+eZ_l>wV~pi+<!Nm^aI3)EO}Pf&1hIvBGHu?!@i(o#0?B|&ZFjnEgM!DgYY#Ig?W
zzT`DnDa;#4%<gFL{PxF9(&6@1tZJ83?q$(A_aF2~R+D$`m;`ynb_<$BF!3mBz(E76
zbMlSG#~u>e4{*X11S#6TGisOR<>g^lroysC1@?i03t<qFzO6hAAcl1nJ1-&i19{&U
zxB^38?~<RQ=NzSRPGIuF-f{q3vA=#*hd6yGqq?XYn(|T$6+>`HR-oESEf#(Zoe2@~
zf!T3HnPSjEsha<qH82%u>tp!RbxI^b<a5){G#oFak}GMDHS)&FEoSx|%WdX^QDIb9
zP`ZC_(WTeYJ&4`mq?@;Htu;W0hYcj})!$VU`(48S8F8jc=y@dW!BwaTs7{?1D^1Rf
zRPK@+ng+gixFXDjSO6w(orP%OAH_|R!Jv~^k256mL(@MgvJWhBM_nr1J+7v($>|h=
zoi(IGVAGN(fq_Njc>`VDGR5R=uzNbVj$_!-9_|eEhR$bJ`c^io%KoN#Rzy)qw1wf%
zYYdqe3nUeUrl*g9&il#~>vC4fv&v)p;I6+CKoHCUZ_PfvSN-NnD&`X58s*>*l3t!9
zx~b>#xaf<YS-L<9f+{!?KwXAO{GYit(|<>PgFlh~;lCsQS?zx!e;_^%&Sk0324RVl
zC19)Pl9#tF=QUHi80aM4pwjkpKl{v4#y`I%y6f8QKTWfd+n0w%tklzmr&~h3@cnzx
zMcO;0Zt=s#C$+P)v%uxt`L+^<G>_L;q*coW9oIP9p(xI%)Em5DZU$a;qr*ivQ$?ch
zKYx;6E(?eAK(--u*O>GZgl%0v{Z`K=qQ=3ovG-7#x@`MGX$u&RPPKxj4u24z4iyPW
zqZ@uU{c&b~Pclh6*oyE^)Ie^)Zl~p-KO0&9xvY(CM9VKPEltw(8AD&tod~whJ3W@I
zgv)Du8}(Q+ts_sA@bbkKoGMAsDf^<>8HAMGG;nx{VmhFcW^inb4lXQ8rFchdw{zNr
zS6H|PkYfzx*eUSN78!E8fcz1s%GO-P6;cZZH{h8zgxF~XB36O1Pisu0;!<5;pTLem
z9?3jjrN3!gQw0v^`t1iqowt7}xzMt)k@>8NdMUj#K3U}-8uWi_&nQ)jVPa5cp(d6Z
z_ikD#zf8%YKohn)704XW2<?<f%iy}726T1+eQLabS?j|`k0xmfqHz1#YI5p8?BG6z
zLrt9uPjFm+su31B>*UwdpORAjjPqW)@dV5*42-+t*9&R6D(L2^x?WMcC|uiR$Zia=
zM3({38YHb*gUbz-U)hL3rf%=;peMlJSatc)onOr2#LUcmn50jWH}@HJWFao}zMLd)
z(DbeDP~>%h=3jzg&zsiDtAaX^{ypyJX{V>BbI6!C+UEwqiI~OF_oBBN9ti`(v_Rtl
z94VL2jV~l~)Cx*RDMCX+L-**c5*3+~%7V^8&%1rc(sPdU`u?JBzrXmg)#8H!#bt;a
zke$h2)3qd*IVMV7zxk~01)Kgo=mI^P<Fw<p)XptjW1V_2sr`SW@}~Z`kDO1|d;3dD
z?vlE2HwuYG3k=eq4#eoCRShB{^TCPf{mPRI7FcNL|6IG-qz7FvQpNm$MJn%?9${UU
zAlj|FwSd0%W+x~l!0pY9px&-KgfZFB(6F25i&7w%s*H?`0G0UW>A#yP?1$`H!V<w_
zk-RBo{6#X}_h7stBBHyxd-;)P)>ITRg_@4e2$x9hlLw8BjXOI#L4VcX*b@9?BN9P)
zS{HSz8|X_YFrcG0GYhkU?~j?>`|9z3KQEUr0{yMhu7tl{uUqVIgen8BX9gLVAM=Fv
z?-n0^>dKm0nE@Ise2(tlmn&Oshjm7XZF4*ti~cC4*pdIV%xoM}Ub=qnsjfgLL()XC
zsg8KfSQXmva@~>kwyo&y*_XA&uglwrgl<i%yEWOq5%`~nldu|?9vIL#c>;4rn-iAD
zwvTTrii+xS07GwZaPWcsliR@C^@_y;9Q^z+q9i6Fij9f+1-t5ZwVytHTDk(IKJ*JZ
z$_?lvh|KWG;6PP!q<a+aX7=f{$E%aT?+0s8f9F?|qkjEv*nL&jZ<7cVC~H6(pf)l6
z`tz(h{BLoS(r}4%s^R(BSxXx)VW3oinPe--3tWOn4Nl!W=!J-Yd|*8dtL&ksf;0;d
zNl-{gMi6ic(%*o|+V(v#5&=AI=LKl3@__*bs(ib<7<kL!SviLnTr7q{*s%xN+BQYj
zEO32=VfGo=2Lx!tPlz<SP!(?i93jaElzBK1;8B$yya)P}h^_X|{V>M_ePvSILWUI@
z?q$FQOt@Pt=>A4G0pOI*B&c8hg~mCp8ZNBzx&&^>&Y!6}z`MZeVWH$1v@wCcRFuU8
ztX}1eU0f<MGc&upZvhp8j9Fq4sy3MOq+x4*w*QX&hJPYI=HHQD`R6~8{~>T$i!(B$
z!3xy@E5iV%lR$rekiEuR?*ecOsLu;<d++GzI10vAI+<gS`pSWVNk>PQF<u2qz^9|5
z<b2oO&iGA_kNbn9=X31cyX--XTwKMbHNl!8jF?Us`7$O#{XEs^sP5kdI1i}VfO%vF
zI>vnP?}gVII*Zq!o19EkC~9c<046rj*^ZRLw==!LG%__e7YyyA7g;6CFK8+~{23W4
zxw>qV(Bb?-K=S(xx&v4>`(bU3mXT5O2Pj%RL%|HTO!FOBTg^iC8Th7+6IrHj4UyMN
z-|c}#gWVFaLEz2KM+*N1y<%g5=;R0vGGSIm&n3(rG5~<3QXbsPeg1wl@nwV4klci~
zfj|eX2My(p6gas~fT$PruuZT%1B8V1tw0>b#)`AP%M6u0iBLx6p0WS^VM8=c8eY?6
zc}o3Kp&IktE0joZO5(pm&86(&?oM2GvjK;hQ`%-6im4aHD*C*$bTl-Q;F8v}3!n>a
zrN^0pv(7^l27oY~CUj(trxwO<YxiA|cs$+-=K#!xZXXUZgR~Lu$ujQGU;<wbZZTlG
z8JD@vGph`3?VZ6b<p?x*A(XjYC9|7c_quoy&oWMBii4F^Bsn=LiBCoZ%9CwO-EOAw
zd60)CDOBkIyUM!N!ykYbTlokyWcKyEAH<Ywm!O@p<(j9u>hvTi=}>lMdiol4Yt|^n
zXC)V&Fd;n)y0PW--nF^;4&PK=*)-?Q8t8St7fYn}Aa3Rj{Wv<}L}*Y?GS&$MR)K*h
zh0*CB-#!@UW_$`I%v2QVHhi;@DVy^A(%^^_*VoBVmxU)`VPHncBE3}mzoAEv6xIC+
zNs5Z0ZG{77#Q!2L95#x;YjVEa3GW)@tFvd%_FXk4bwE71eQT!*e5m2a;ngFqg{p0D
zYwOy_O<n25&TC2W^TWf{kTT(w#V-g~cyA?)ZO`vd2m;i`fa-R}Mow<hSbqcMleM^0
z8NBB~6>SUNfEk&YibGw{`V$cm$%Anz#JcS-Bq+kY#x8j2RTm*btdZ21SjKO)a{ev?
zLoOhH0jJZ(-qhNf&Aoyc$Wypz5V@MC@iyuL2n>b|6sxMQ(&VyD6n(~v3W_)1b*^|v
zqOnd>2?<~t0$T6>-UBe<Wubg_+O{*0N3--B_*ps_d>`rUjmUz69N*+K&s0C=fN2}+
z?3(~ZMOs`I)SnZkn-OI=r<>D_+JL{X#sKI<?2?9?ETGg%r_OH$!E|+&=npnRp(2-Q
z)DI40NAXkxxY#)N_N^71Q20J(15cm6g}yHK0}v5(+!9wWz+G3x!xVO3)DOWC<!RaM
zJtzIiJBXzE-ojg6BU{jiQp{|50udOBf}K-`Of^C;p@dVE!_<vFPYBokBF=|+blt~#
z9t<6Kt-uzU%AoV!Jw7`iB0MMXoTwm8nMMryfdz4H>W*cBK>&BiPKFfY&?@^BzSG8q
z*7aZCR@_beoIC5mUDZjLRuc~o4?4lG0DDg6Z;IG;DNHA}_bg47o|9ua{r^7Po$jKE
zDJcT9izB&bPN_*ZlEz7Z@9{p)uTmqtcVH-vex<EJSqqF8o^kB@K+=|{TCqT)Q`KT1
z*pGh$MCDq(Nk|v~&qKQpgBdDPQe2FK)Up#@Hoi6_X@G<ybHSehVDGkb&zO^&N{(lp
z!_lCR@3;Pqcc#_)6~}#^Qo5U1A(5Y-A58vnQ*aY+A0KM7kuy)KKEsRk^9Pe1L#(Ox
zXWX^hpU1Ub?qz`XzgGk%I6vr(c333v(*bwVN2((}V<SJ;e@A|!Kas!V-;w`f!#|P#
zyDm&%!TGwTa8k;06>A*@D3yNZTQhKBr3e@1u}H+}T2E@5!hbw|q2l||QA}*Cv{qJm
z#40t7_6IdHJmg!0S>mA0WN^`gAkrF1M1~qm=OcDA@q!->GQmB0MkK&9#<XVPXDl<C
znC$ms(hmg^4|1tm36X~>;JvQ8GUJDc&rv#ejy!87ai({E9Z#V9EEwAsP&>nGoM&hZ
z`5|k3z<u>{VMJhomI^Pm+#?a`VZ_Ht8QB~qPt21iCjf%!R)}ZymGpjvdER*c>=O_M
znbHVX{e}?f$RD-7zi(7>28Br@f<~{<``}Udje;n9$Gm^=Pb`;43?D^^;b0&nARs|K
zu<KUJ3bdge!7rVDV8i_TS*8#*vFPWRn3&4SN;Ls^I|Ob&_TM0q#9G8ltMU%a!d@G&
zNh~E&C7PKm?u1dvW?4`tCIs9jMH?>F()pjesrL*F9Lp&3&_K}N^j*YA5rv~+b9=Zd
zkLyR4ja>+v=H})RYF^<Ru;7c>kI}5OTa{pu=M|%B)G1B1x|qv7QY7h-&}X!Fbi|3R
z(mD`Zm${v%%k{v=#}C+g=1Plv`5OUnJU0u=d2rx>ggdSeHa2kVBj`PwGc(O$|3|MB
zn~pDJse)e7GLqIZYEbCTL5qDgal}9%%^ACZI7eKctO(x-PkZ$yyn96qQmWUlU$+F}
z(5RFgV9G<2lPz%jhYJnY*Po<z%TTA5Kl^bIPDVl^Ix0*hT5~UaA)G`wk*fJo54V!A
zXk-lu30Y)(yebY4_c_P0;>Kt(nvtOl8g9o-99&8(Zm~HW8|{OW4~Cop4=!E1p+rt_
zwEy9u@r7wb$Nts*haE2#5KBwl(4n-ZxZ&JrWLaoUl!iKic+j~AYR|N^^Wf=e&6dE~
z_!6d>DdU?AcAnzZ9M=SU5pzSvs$BrG&9{v6*WoKm(JrP4sruz8L%$w*-}Ub8@d_x`
z`Zpl{-9vc4($2Q>Lv+7~zlx*c^fOJYH18VhpG$ohOMOb>8mDp)P1xSblP8sS97I9`
z{go|&B^eRs&tLGD*XH3Jyb(V4b`UC#Ee*YTn~r*EP75cDr#igIP^mucSsMa$KO_He
zP+bfGD@&)lYdiqy{p&)c5FnHE$c6b51()SN@Qa1P{(&Bec1P9nZ*a@s1l=m2?ShSA
z>j^@$rx+Or6Y}%(y<spxlqV`CcIo~w5p5{^I9O?aKTW=)Qh@kJoa(|#evFr=i=Ut5
zB|>TSdtO2dAET5dsgfz=fc178<WJmO9y0#x8V4<qs$kUEnk6WnTORIOfJ@kN2p-#V
zzRMhi(cG)x*8Va>%@1J|?dRM1Rxltnh%m-unccSwcXb8!k*38I?!e|GLotLptC2rr
zbB@oejEg(8Q^7yqcQ}_g3Lbs`jw1&-&$%m{&+h{~?v@yi3=a?Po!H+vXKUhAdgQX^
z?`cy9`K<NDG>Q|+<`R7fM^j%oZoH%db2<Q1pUJy}N6OEd2y`oPyfe0#OJg8HV)Wdb
zsBb=a=JLHq>$;$TfInG-LX;3D@f6-DoO}4vaDlt4qTK=3@$us)u;JG=6keRK_FOrk
zMZDzo>$Bf+RG-NQL>u*{dc%-l6uVb4?S=fkWc#O-sFuw&AGVkBM7T&e5ijH$08ohW
zlOp_nb1D|il1TC4@lSYf$I^(R<Kn=AKhEma<6EI~QDNs#jz8tp$<=%P^R6!Gh%(nd
zhJ9Vlx1i9V@dPz33=7VIRjgDOE3&1znW0|qb_^Q0jXz-Bo6fr;kNEHlf`UUR@;v<7
zA~<4{^=6(94y!8P7S%HeQnEcLv_F0Ph(nfl8LVo&Q`zL|5DB}}*vQZO-;v+=Pvmd^
zcjVV`{wMPPbjQI#6MLy~82QWb^J~0-m<8Rc^IS<r241$h%g56DE<_G$>^wJgT42rx
z>fs1VT&W;OI57@q-i2oe2?%AoxwxcZ(b~ex!w9bnX4WjYEa^V;;LS;lDb9$%s)EHK
zxi0tqUggJxEckRpY|7q-uI@k#L)H-~Bk2ulwh?uFFrST(gNl5NOK&v`2&nz%p<F93
zgvQ@ou$15>S-swL8Xrb<ArkFvP^_GvF3<v{;|5_t#9Aa8NPjLu?M@fi!&%Za^%X)^
zZhdR&HF`z;1{ayC0PSJXGAxRpGt$?G>CXq@Q^WUyv%W(4K+PhFW1#}hJF9h*7d0%C
z-B#DUp%6RQr2z#J5zkzBq+;}8e_tPL+=%}&%Pn*cCXD`)_w_2V1EHT$)aM;8B&VL>
zR0MH5PhtF>k2re7?ktDwJ=m;nVL1TPVs{T04*!a~S2`0+@uTO!75WaiohEZAW~67^
zGls545Gy=ebi8@Uq?F|2?@;&Y)2BUXPN4->r0s~Vf)M0YYrRpI^Y=BA!rwdHHvu7r
zSxhz1XPK0}PpugMU&<dUN1K@%uqXuPSv`oa=tpR8b*-y67;!mQMcD^7H9q(a495zm
zg)gE;p^A%tIypJHC2qiT|Jhsb=Oq_Pintl`aOA=-l(6w;ynOlc4b3Wr7VS`fo-Fn4
z*1!ia0Wq;DGXy;6;}SwRN*Taip-q7}SkppI6%k}ch{ul||IzYknaFXFg|&H%ufu-7
z$aAZFu)8COFiG`78qH1my9ZE}KhCKe9YAOd^N1Y;Kn|KEZjTHpkoWlkOSU5PFI@tx
z2?ljnnUs?dtdFqsG_R?6@4P#X<xvbI97{JpjZxrAQc+y2O*>a4!2Y#jBWs(q-fZdI
zhc0!`!X(;N?HIJn!N-r-WhMrCwyO_uw!a^4u*ylYs{7|aWKi&ju0D&%-<<8%+vV;@
zaTwT{dNa6gPOOe7V%nzb_03U6dsm@PPB4e+;me+|?ra25^=oxi6?R@Mi@!3Y_j$_h
z3}zl!mLU<@J0AxU=(jw*WTEPZ_XFl7BMX3YZzyNk!(>yND>zz(Thzx*n3a|-wpU6_
zg5U%k@srqkPxyvz1t`<hwOxAPkI?`7+SAG~M+qdtAYEL+d6{$-TuH6lK{^MqpP=TV
zsyQWXVM|F`F@0qZ_~e}b^?5R*1jF{sf$z*2U#QXG)lWaZFVUoQ)1^Kpjh&{7BbdCZ
zO^%d`QTU3DHB3UvU8taz0o>vZEXIj?xD$hCAm9=BEK39wZ!f9~fx6un;+GGuu}Zl<
zm}EVKn}gcpsiz_ktMHfMU*sY!ar0ozrAG91<lCt-neR#~Gz#yaKVU#k>YbL7GJTvX
zq6ByW3bhEhElUHKaJ6)UpJYMPjSqHTdrX>QfgB@w=J|*SM`CJfu6JIfccFxk*+&@T
zSGru+leeop20mB&mT*@?L7AQ)`!!RM%Jj_krc6-)c<^$Y#`fS|aB^}IX6nz#ESl1B
zGfJm_t63mp%9&m8O~-RexN=;3&iI<iL+k-&40^*bdRwYAWb`Xj=A|RqJc%UN3UV(o
zNs;b;w#LS8JCTyB9x`u4%`;iUc4i*1Ygy!rSk2ihCH)#JLM-L74fcKCggr(5xAmuG
z4gTlkQS$XpNA798T7hZHo3XpdCCVf9hYugZY#_W%Mp|0biopS|%-L`Bb~UCB5gdWd
z*To9{PS?&>Sb_l|+!?+g;CO6%G!aY1xeIKJA-nV;g!tdr19sil?DgeE=WZAkD?jYC
zF})8si#$kZp}Yj<$<voF8(ciWrj>$%qBZv(SZsO1$TjrO4oZRlj{GKnB7fVzBfk;z
zKav0Z8yuYd2m2NbrvcN3feno4kT-l!-viD4h@nrC?EmI6I@H+ft5u7O5TD)<5ffuq
z*X&N?ff0xn*UUs+D_BzhZ|aj&y6@lCS?P~J*H!%QjXvRskNnhHXAI0~Tx8fQ_`<%v
zzUJoUx=_>ciGQv-w#w@24}i@g(Lb^Z3&p}7)m9>OJuRmH`Gn4NSZYTg5#xy{0m>a2
z8Cl%|ZR@|TdV5AjMpt+DC=jI-)$O<cPpy?7e-+yR<mU%NLf*ZSl#^qjIj|Xn2#&D{
z17DKeD|h~hw>cKmJ1~<4#(~Y1EBnyQqaTR_6`0Y~(b3V(O>m%~sK|E7=YO8JH0>4>
zd|MZnokwVE>oC)&x27R_!nz%`72E&&<Q)Tnxdqr^iAt!&itVo?QI%ho4y$!wl=uB-
zgF=Yxdl=YV&s3C>@=w%-FL!+d<u-JYgV;q;fHOTqoSQa%0VR?uDU@b8MbK2)gILJS
zYyvP4g#s`UAAb>C(bsnobe0e=EP|i5UQkf@zTgXfg1#le7gVg9U7kXlT-P;}NJ{Pk
zOr1Ax+}+&fQ>&_~p7~AEY8^xGSDagT_wHzdQPKm^!J(moTN!qZEv2P6_P-#fK~?nl
z>Xsf+-(m%ruz;;FFvqJZE3NdfoSoY&tgN05@#=L<U~dd=rG<qY*JPpItNzk82X93=
zM*t}Td#As+d-kOv5o+99qUkwMM_?W|x(e?9lrNPb8Cw%4CMND+%{HZ~3<6p_PJpQh
z<{i!r@%s2%&S82vDtSdJz_a_>bxu2#Yl~ri^+<%una64Q;mgdz!sIf`M{rvdN`zQC
zLn_^>d!5~=cwJa#0nk|pMRgTgNtXH$*!0~G&8k`R&H%?US^B(p@hWOgN-%S9czF1i
zSQVMpE*$kbRaCm(SZ1XEKuq2Z%p72mqiq>~-Af2djfbcx=+}n<d7VwA%hxf1PeOCy
zCchCdUj>~Urk>U(lJ4>2$IYj>v3ODN!c&A<%%X-!^gTf6{KLqkD44&&2?v#X4eA>0
zCdshvo4&sB@wFDWZqAZ}qvCG6h4$3DD()shLGgE2)5726*jx$5Xf$+xWjhDuj@Tg<
z7CZtk^&B+iz|*jw3o9%pk!wKY{LmZ#dEw;v%>~j7h|`K82*+W^=mDtfTuaeio4^BV
z2Sf=J%dOEn(a(U^^YPOsw965vQeaIFs&NmHO$q|4m$AS0Md{NdM&egso(k^6NHx#=
zzV_r*(1rqdlkof3hp^m7Z>feM5yBYi!Of45Vcx;~o<1jRGhKT&0K6NWYGB{UISQS3
zaF#>;B&n{wn;qxqk>P{I5ZICohJqt@<A9F79aX1R;Rm{4)2=y{MFN*fNYJvkw~i;6
zw>7BdE|HvdOI~zwsGF%VRnONaVem$7cY+OaaEu%W(N)-ufrURO_F!o)Ls-9Vg)m2K
zTPswYM#OiL@Hp=y8@L1q8<WWers@!TG0b)cUFVYdVzT!7B9?<TD6I+#6WwI840?#U
zf>wKpPYtlHdQ6K{hW*;Jw}<U-4|lH#-26FX<J<ObfTzhlB&2h`Uv!`xDIh00J_l$}
zm#tEguVf^Xa`lH-vezB50Q$$0N)E|pqG8%uVy?j1u(R~2<6)Z{WNqX7$H`egFc}hH
z%3cM(3enALm!6FY=j@+S@GJHDi3UiaveFf4XSWQo2F$R+04o1E4$<KEopbxE^8<28
zdG25VSiFL*`9=Oa@|*sN{H_0v{N|(oME;;%92^mR--qS?>4cH6IBOJ3s{4(!3*LhJ
z$2WL^loDHTiRx_hErA<lP4AcpOu<k#o~p2_>=}YtjjHTUKSn7)Q^NQDH6M)uI_3_r
z49ztzDZaYDXrNmiP%Va<4V$d;Lw>XDoen$RI931bzUZIDV?2}<0X}|m^72e)+Ex_n
zx^N~S@kCr;LfN)?AwZ}>P%3&4YGhbK)|C;XkZi+4Q1~3nHl0t6L~|$fvxsR$v#xDz
zZ8<(I-Vm+7_EP0r7J81??@QA#SIcX19lUByO-+c;mOlZfyv}mV5pnqK8x*zGEij)O
z@SN6$Q{clVIQ(sKbr&W=`J6q>d-!=ndXaBMU%m4hKyXYnXTppx`W3A~1Z{E9dP2v_
z?YqC=eRZ_BxDMwQCRUD|SfG7+rE7wag!4Es3hm+nU8$B95jPQ~>D9Ik(IQxDVGNid
zxR+`512wf9VC1|HPm=28>mkNYw1K~5nO>b=C2&$<PS7NF>cZ{9!&_jnjNJ~HG`t>7
zF$Pnrs{sM5=5CW<S)Bha2#=iav`l7<W-|ng`ty^p2yqBZNX=T@3}etRXaEw)K)4&K
z(k>_DnE0%-ygv^YsB@?H9{rWd;`1s1GgeVqdb@=1L*QKq%Av`<e2O+QPJliJb|Go)
zXXhatQH*TZNe<G_GLJj))#zA%5RiJg+b40ByBX@Ww6*EeXz;T-qS4hStXElHx*Fb{
z3H!ERuc#Px_3E<J#DbNTFNeZGV(#lO=yCTx2UcVB8i~Uc4KR8-*llF+mtcRKs4^Qt
zQgUz~=)5^P32QwTFx3QD1Q3X8EIXg!{LxHa)$z-wsewUy_z8gB{`_%=B)qs2=Ef@1
zu+%G_PfBXsak07LW)MNcJ>eIGTOKx$I<_omCCK_{hWq#c69=d(J?uQBm@Ba9Z*E91
ztF#y=y5NvTBwsSM(*r+(gFsJ)<Y#Ssx!vs}*Tl*wZn|o7kwZr)sSu|UE{$Q}|4w*x
z9dn)0(Z4K0ya$mlwdN}L?WA7#t#D21M$M?B@+E_(d0B;UCqb7k=%E{=dsAmrQDYV9
zUm~fcc1v~b^M2i`XmH-!=X$SF6G*#Wk;k&M;(iU2XW-)cU2<|9x9>o35fy{}oTd2v
zxy(zND!K-vJju1U)g@J_Aj8F55P1L|h+t9{psx-ozDm_K;5ed&i|?+wy#Nzgq|Z=1
z$=qX<0)=k{cJpNmc0<&J{2_1LVUTD5s`%84=g$Yu#y3sZxu*9a+K7km$p-%b4<N$z
zp6wiJcKPI-{?XRO*RMMu1Y3sF4zIeQY_WnqoGZ|Pg;-1hIEkIL{c4~gBKVxA9rPP~
zMHL5xaa<KB<cC$jv{xj+5ytqD=&V$M_Z|HQ3s9Drb2B+}zdL0hWd>+Qr-Gz8^#=rX
zxr5`eVX^lx6)<(IfR)*B#V`8~G)y!NJq#>gi*78NVxHZ1-(S6uw*|Jlna0xj$u7>j
zYj2?DL13N%>-UldyI&nNmW@{=4WaEZucGMg$$+s^KgoCeWHHRMx{sTg#@1}tVSU_4
zl74uzcrFpq>x?mxdNbz7y_P0o;aaCShgu%9M67LR0o}_$f^{~BNXFoEI#0`n=w))-
z{$DIrxcEek#70@}c~&mVx4zkWRU44GM4Ft}9G7dNi;?;1LbT@X(t{_~Cw3#p8m2b^
zuWfJC#w{FL3bI}1Teu`zvewwR8cJ3OHPP=Ld};?jK@soMOT9v%{5XcTc8-`WRC>;8
zc?=`!)Tvn1LdC~l+6txHtGA|qYX1kK3{7JIPHs-$zC?ICdIvQEL-f=3NY9nWDxdW*
znt6tsaDs;_(`KVae*q>VgN^*+{~h_w{zU$ke@A|+uzw;yE@+OWr9ojpx<F^qCPwS{
zAgk6dn>&%lw73Ji^fK2$VlJFC|Gg>tXuGJNr0Zd1hsU@RfIU<jyT;zCXv`0Kp;uh<
zkc;^eN**$ucHlYxhF5|>&*3Q-LePg>%s<aBn~OFLyK$c3stPI>YntYL`s``IHilAe
zZ4MmHuwGCpKAe1#{Q0}_h4%CQU1P5^xge}wwZ{8{4W$UDFS<Vjm}YD5Y9x9#C;Uxu
z=>8GV1%QffuoIshzf+U@YujU`wz;K+v|myh;GiH{yNEcNZ**2_!D(!2%=MbjV`~$<
z57BT!)AJikO7Hl411f;XT!RS15Wft*H1{bDZhaa%8$G7s|8a*iT~Q(V6kUcXo*$36
zqpV^sWu!}_glOeC22BbB6T=2i98IiE^Uj?{n%2!gwol-_O#UQE43kKR6MX-TWS{48
z;j4lSN6MXq#(cbB{WI~20(Tg9?zzmXwnHX^WTK&=0f&gVxu*`toA6d2%_rtf9=hux
z_h?YvTRAo!lK5oXlm23)lnJ#7K_xQLU!Y1YkoD}#auLdxy3=|S*kD0a;|fVQBwwNY
zrsu-9NT$lX^VCSbJY?ubC(lrk1J_-d?1Ak<ofM--y6kz?_r)#g98ACc)(E->2pIu0
zK*kHOB4ic+bG%343+c}wAfXE>f*b<5N&EJX9iDnK63)0hj;aw34w()PoHAU<9y<Vo
z{Swfq#^ugnMfzX3&vPZ=4A5HABQC<w{@PO-CTFwN&15`QFb)3#xUQpn6_F|#TAFjU
z09fwkm{rkFB>M9gPU9nMJD?haxtDXK<zvKq$zstm0x+A1lX6`(2Y-WSWvX>OQy)3-
z0^)d_D`Or&UIrG^;q@6UtuW9Bh((bh-;z@nOS_WI#LhR;ojc^%PBOrq)$_|PhfPES
z25-biNxoc6vSi_M@mZS)r<IgL(tnjy+wb~h)QjMt8*Y(J{<`t<qgomT?+fRXiEd70
zz}2gMEcI+K8gcBhoPB7p`ch2KTk@vCaU55O&MnESfLu>%U%i^hiL|oYVH0%C+eAx<
zJ^0v2z&Y?vouVmXu#tVq#nkm$AAXZ!QKd`aDGgT+tJ%YR2%I)vx-k1`F=_82JZ4q1
zTCcgpT~y_ywcW6ZyJ=;a$AJ3SSa*|VtgE#5`qv66S?mfB?_6@^!;ce1qDK-@e`V`X
zf6h&5?bf%u`=TR50(VCx(l3~%g!AV*tkdIJ<FQ0))wiRjRO$L8`^0+)IJoV6K%5fY
z5bd=aVB3qxiwTOoND>t9r=aI;OrSGmc>AHPQw|}Lb13E~lp=&d2?HeN2_>W#H)Bm<
zUvc~^l6;bIkra<;g?ycikwhlC(Wj|+wBPfiXxMa*S0&d({l#!e$L`U5alCzv)M9Wd
zIjf5h`Gn=Qs1SOo_MKUR%8J32?4tK{Naz86c_;9bHLr>mt8x>6(FSBdTRY0()emSN
z-Z-A4=1{=7Lz}AvZ(LsDnxI6VF-c0PC<i|JS?U~J1#J)X<R;j%FsF!uHC)xSF#hoA
znX!9g;am@_pWIfVB3d#bxuVLoE(OqkqhU`1{%Q`y4B2o?+O#Yxy0XI@2ZSFZL-Vm-
zJ0a5F6qD@MNZA+uGP-x_&g4Wm6ayDaFU38&%G-V|YgLp$?Wv1kfk5iLT`r=k>kn%a
zGZnfYg-jZrbyRvq!Gx3PNmO(TZi2T8Q`Fx{K1)UA5qf$KUYLz>l*(!?ba)JTGcctr
zLQU0rmgcsL3#&-^=e#_Y(f*!QqAO9%31jbNtVNWSIRwkiwxtDn<aX1PNuNi@@VS`e
zy~E)C4tLyoq43*aRPk57dvUrianK!fGP8UH6KB;(p@@U0A~zA=YR$)Sj@8)9A}Cj$
z0!c@_V@<TBA2#w!{deRy{}cI}{~h`5W&Vl$YF#)ulGlKdt!PDUrQ9TQ93Q97TNv5K
z!yv_Jq<Nc(>H5TFB^~X}(by|PY?d1u1-QQJ%a-b#<<U?BO)6_y(G(*M;t;iXH25>X
zP#@Hb+*?1PXbnXX=33UQsm-Pw)%Y<^t|5cSF9!h#Dr`|q?rPT(S9o;+>Bo3w{XT%-
zj!XrH&frtr`jqCfv>(|Q2eP38iq@39J9pzEnsEBdxCW~Q3}n5pJarpJ<nV<=9G+n*
zSE_TH>!pH8fYW$?lfMwhQ^!Tot$B^Lk1-y`TtxDa$vL@`eOqBS(;lZ?+}^W`dQjX6
z=r4wwEBM3U$>^N^-9zDr<nJUOclFyGrCE@&N1}JhUd#(m=7(7QnDWv}Y33?`h$vb=
z^0BoYaAD2+6Q2oR`m@RZ-RM6cA!$H8<ZbwRFPbtshM;pmM#CQPt8{Jxl)#mAZ7EVY
zQY2<4z-n_{Q+Ti~&o9PAO=Vb<!mSq}v7#XdnUmgyn|o9I`FdT^b<|cLWp!f-NeU4S
z(a3ZdAW$Ya$Y2_%$=S3NG?;@HV2B{G)!Ms;TW@!P8h`W_VqN9k8CpF5sn*)=FoO?4
zuy-av>Bza7)lLOKgk`sCYJ3|%MtAP-_f5;6ux31}EFO9NI`_cxb~9A^Dyfunw377N
zv_5p^PmSs>gJUyo?rPoQDgIb@8$5BMteOeOV}6EnV-K95T?y?WP`gB4Pj^{2NK1z_
zg)V(!5*im8_n8L!m5E-c!$|7uR@4x1z?*mv+m8u$=#7=7z&hd+e*Skw7R_rtR2s?d
zaK5hr_&~MMYs>fv$ygtG>FwLMEHl3;&&R!WbZE)T7<dEZ)lXl)676p$7)lZoOHOvS
za)fa|Q6APo8TNR$b2V^R6C$OmW;tvCE}*@eJ4YUyN>t-pFuIX0`w@sqQWviD%J1WT
zXbhBe+<K@T+W?9xNx}C6r{b5b8pO61{29SVb*s1`@p<JI0GXG>-LLiGeI$2#e*Svj
z88W1m)(9}jSE2WFHn?fC-zG(PV3X*S-QO=GBXfwjV{H(3*)&L1H9RmFvd_Lhf>iql
zKrG=V0mO$YZu#ZxasF?LSR)=<;^%L(#0}>6Iyr-c;_AJ^2<QGtu1K_kxOZR1G8ida
zT-@pe>X_J*DQH$>&@$uae}8w5i$Dij{5nWq^#Zq}DOoGnV`=Fkg(p8yyV;_!n2PA5
zte56xu~7N+5|PjmR4Q<n6ZufpB<W-2{rh6evC+|KnNoweJ0!UY)x{yt9PcM~Wf!(S
z?D~KBddsM&+xGjL?uH>Gl!gK6MnC~kLV6ftXhFKW8zcn@X$8rFp&MzC?ha{??ymp$
zx}N9$t#!Y-*J8PNgNql;KF{;mdw-64oF4<q3R;H8T?*0Mm(?RLa09{ZwE@kXv;>`^
z04~|WSdS}cHUl@LS-;!}Ip&kPD)&<S9!0RY)5d#x$Etcc=haScN2Ihjeq!)gv2F+_
z2HYuf^9|PjcSVIWVMTa^_4e<K^flg+Q`Q$h+6HPPfQRd@JX4NH1L-Oq^fT4IQdiz0
zMEsyWEh9sTP4Pfh_7W~74noiYPut@pT;5I6z}`-1?0CHb+Z2$0+#`j8;6M>1Gy>Z4
zSuPleJ?T{KHsmy?aDm*ucDXsIZh!eAxOrQ|4E#BAk#v%#kPL2bY`p(gO81LH0~jpP
zb<y+w*epm!gMQAX15y(7GGRvA&9Ndej!YI5u%z#b4v-*&P<TDVk5k~`S%pu`R*C;&
zRJUO&h_wH#u*=+t`%Uf&IFR|~$IHc2AiQY^EFzG6U80Qb^5uIJo<sObF>MLpO;W8Y
zk`(_s>7fRu3^c4J0=mjCfr%=MNddFXgdsmdn(I8X0mE#7J8q1d^7n&3p(lgFm%HMp
zyXB`vANMKFSNDKHh@|Go>Y?h8^f$3yn2U=5l~3$Nc{L3uu-yHoAlt8B*?~^kSk<8y
zI8?^0F$k=&aEi+0P2_Aigg&WS1WzPaT^s$Q{DS{m`8EGl{)+!r{*T-LQT|92BqYy4
z2LJAHU^rEQ_jf4qw^!G!l`U~aheIMM5MEMN1l()q`;cUJ4q`2{)-`nIGnJQWjFPB-
z#<_1YKY~)z_5OT+gZd@)Z5T+dB{A*Gm)Ang%B$dkZeVQ{!J-;Vd~*lHOLpBDAEr#F
z-1e<aaF2xg+aW+CGs23+aROu{@fk0p@*W+uf`swyDyKEiQq_p$9*^YN4|T60vRa?a
zY`bwYj6|J55@Enf`oo8w*q}{R&QG1J7|;Q^Tn8&5@8>&!uFa4?VK{2~wGKqXi;3DH
zHUqmc#FX{G9waeJGBTI7F6`(wjz^4pV6P!C;Wz#uFW)Y@v;yA4wl#Wm5_`nJa{f{A
zv=L7W%_E0hHPh4JDaS=b6#moP%VnI6OhAXyi<5KE7}#mdJGufPQx9~-FKMj^2S}EX
zJ8*3v2tx;sE+)J0=3gd;*XZzg58ERZfLkQh1kiQ7h>nR6Qst9mZ<Xqa6fkN-lA{S}
z-9t151qbgui;Y|cR(6c3ONu73IxKyB30%Fy#H`vOa+u%pl*m1WM->0>sPXoDdT{rw
zdF~nv-_;Z1q2)ztCz;_!`2nn?b9lMccm#adkm-ES)sDaX)&CZ;GWy6Jsel9hj4wi=
z1x%erfYkbj!Jf}u89<#4?8ovGjhqZYLI;dKqsl|zLKQ^3Kq_L!5e4tk!EBrCdtVUT
ziBWz@13`}b;ymIy<Xc9-S1u$Lr-*B}Zk(gg<vOXPxpm>+9G{%MxbzqOb`o~BN1E<w
zl~o*)hDnA@)ER_PYJpEPNh@*PD26wW4Y5qHr_|j(e}l|68FVKCsCmfto_<5z)4flv
zSGZb*<<tN#0X4GWJ`rh}W}Goq_CSU)GAg$FH!}OIetYvZd%(<Ym>t*-I9KnOyEt?N
zL{MFbyv#-q>J<{-r<@@3M8*K4qScMlk|Gx#FgUW|bqag9L4eSg5}$VRa7>xO`bdq{
z`;VwW-vkL56PceenItYd0!mxlSi=hh9WQ(sr$iqZ)tGhPf>fg?q>3FP;b?$d%?Dr5
zdGGVKLzD|noWcoEQBcO6){Jr5Rg7dh%!3Si6Y;7uNO}pAUR!+&8h`C!gvRt6rGHCy
zI3SLeUWZL2Q@Su-mC70LNyPA~Lr!@#fwOd3p!#DUNrh-Pu;WILZq5w0pRx96Yy{2;
zy~dtuPuOL52c<6P#nw%h=xAiAc588xm1yEXsa(<?07(2e?l5z~?F5$=XkWhK)RNEu
zyo{4_x+4v2`Y8XWp#7H<_t~_mSRvuu-<k(#jbky;MsO5+)va?%3z_e<m@d)?H;-u0
z4&St6M~%TxB|aVD1_G?fC`(d!C5L;T$q;KKgD+?(y~nL}*D#<v-GHT++O6b+<P79W
zG8DOwpBtq9ELpwANN#5lz^KCgN9&WU!}E+!%>sd^*;mpi-Uua{JB=bG;laCn`SXZz
z?dLp#Tp`_U4jxo0M#euFU1Gwp5l(@f4{X^P(cfvIsn0x6$lEemRI>JuDWR#Q(IS};
zeyk|ob{(aCzo-$J6A?<uiC^CCH-BYVP?Gu!Uc<;J&2HbSmAEEy`j5!IRU&#7Ic5($
z;j<XyVn@wNjGu_5&pO*+Tz$c2JSfyCk0OLGf$k06ONy^fZz_CTrT;b7;r-}QATqMv
z@QusdtQGJoM+NCB$Be}q0|Wl|INUsM81n{_OvGkHnMmde8s6%>J1|G$3c8e%M1o@X
zh;&_KUI%h;LqFX-zL*p;?mz=cP2iajuF-_T(N?=qyHe4ZLMk)Z>TwE5!ilCF1PiEu
zZQ9i<;5TI5PB_S)eU>hs;qoyT@+?EU%fHn32T*BfTmc<M%f)(Q{^pj&D%PEGX7_d(
zV0o;>J>z8jyPdy`tJR&?N&zB1K%Zpx449AU{G<FL|6BPX|0;j^e=EOL`hS!^yA25m
zIP;U%z-V8$<_{PmLM1f^J1v|d8`p(^EV<`#0#^934FFK1OwLqip_fSAtmWLq5)qG%
zfOh+}agNRV;}e%UM$D@Fy-<{8!ccNd3?N@5J^G-mY_8<UpQAw|<M$3KsrCaIm|LD+
zUiJ*1ZU^r|KM;}K6w6oRq*yF9)-=v3h(-?pOJmqFVu_O1ZO9Z+0m~;G5-Nj!%Om-M
z+Yl$2lJE{GKzg~EIRY}$sga*UhnM$AH<{#jcOcxn37Bq|O>kgP>@rcw&&rBf`91S=
z;QhIB*1@MlON^x-#scCT98oehqZ5Fs6?o|qX)C=4TvkVIjKVEF9`8NLzW`1bkNTjQ
zl$6xy9~0-<4~>@OXzwb3i#a1}m9`&y$^%e1@vo`YcIX0jZrKJ$7h<V6+-?tuAX!KG
zN}cIP0w3B}>&z-M17j;IM#x;w1H7~^Q^Eu1;>6pnPwOPtUS3mE8Od>e?lzhQ%8o#j
zS3b1_PDC1O^$6F9?cn}s%3{LS*oGsA&1pACutmV)N(m?5Tu4Rv+aoOE3y`)>ZB4>g
zFUg&a(R9WwQEwcPJQnvC6zVf>?m86y^-Ko}kSVneN5_bxgS{tk?>_+>j!&H>lp295
zuIy%bTvtu+NP~blFK>L<KdIcm*Qf>|_EnhTMr?!cu~kbsWnF*~Y2amTpNh7IAe?lf
zi=DUPo1Tpm0HXy1;r_9Ouw*WMFiXdt1wUQ4LtDC%diZK8fXc0Y*J90SC?t$K@VlpH
z9G4~32O312_}fJ%UR#|Bc&V&UqCQ>6-HT=1yK*vGWW71Zs&kp21L9g$SmiFGOq&&&
z#gET3I9M)!YhAOd7M+$e09~0VGaq1>zB^&$`10booP^f+PoGd!(wvKvnbL<3HQy5D
z|Np$eo>kP|JkWsV0^VIf2PSW#E$#(91B3K0=4Yt@Pcp?Dn{Ff6&IH=fBO0wzyvces
z2J|@49+)Osdl*Spqz9*xiPCxlqX6|OQbxqV)Wh+pq<h<^wDc1<TPLwafidPs5)y|C
zR=ni4xLhP$M|Aprz_i6;YPs2>7LA|%j1^cOJ|Ljh4{UK9e7P;H^j#VQoOHaStFQzG
z$q?&|u}dFXHBaf~uhavZ!e`G|!#UWo)_`o8*0M<x21B_GfS&Vwvej^ydRRt-%H7=D
z807=GEZwBU6)VpXlMd-1AmCQ_<Wcs2VS{i5MMYGhRonu1Xic#qkV=eNg#Plm;fny*
z8L4Y%{4+<rS%#FhegSMGhI_Q-dZ*3Ehr?nmW(Y6r0BDN?<%Ow{{r?L(K$M&ervSgF
z)QT7w%k>*Bb`%4tWgsjN4)F(u8-Ovp&^ny&n#mz0W%y`+vYS+PgfNf*vI~hfJhl43
z%LPbrAGYq5{%cAC|7;onxyI2iElpkz?+@XCMN4LZu4YVQB<uHtsWtUP`+ZZ>$$e@E
z_~rjEi1FB%;16@XZH4R3Xz#XwN8^D&VIi<p@Slx5PKJ<&Lxr)>oG2h5VYsu_-GPg~
zjq7}dGrUc)vG-9KaPcT!slG7|WSx68qNAy)t*!ajIIz}yJJn!Fyv(gp!FBF;_lH`X
zlpRixmcA1-{?09V&%$%DsovOgSUt(@Ubo=Yf}U{S&d#oCR#e?qMxHV^kGiW~+l1yZ
zRQ|1b=i}5v6%*tt??Zu<hVjn9?lYFFKPHw5mlf8cY;Jenk~m^ZJVm|9{YeuoRcY$0
zp&eg!So0t{qB`hr(M1cKhqtpi8ns>cIAqKgvfX$XIrbVAeycow^Wqd`v%C!Y%WEyf
zg^P9OoGO$Yk5XoZ!_A1E_><4sE6a`L;Qh(#c;3~lj|=IQ!r<xLj0LwI*8S)+rcatS
zvPL0>Mjst<{!#u{|6BRB{#E|6|5knnmH$(Ie1Jm7rW{Dz((T<5Gb8o&XiA0IHsbt(
z2i+@iXe4>@<5|frTdPrlrG`A;pD>$KZvIfaNB*RJY=;E?NG7w#c+HpXYAuMb3%T8)
z*U8F$bopySHY_({ihi4lW7A|-Of~xVjop@~?(u_EFtbO~r}<L9J(K(C?%T4c%_)1^
zk}@00g>L&Lrlg6)!Em1^B}c!!+9|y`F8RHf>O<Z9>&SwO8GnW2g)b`<wJ%?A(mTlb
zAeqvV9O&&syJNSXK1B+RZ{aZMshMqaL;DaD`MXMHC3yZP8#x+}Tq<)V1UlhmgOJIO
zyiY4@nzf<&$y+^hgYPzj)&}>2VydKbA7*Uv@&1q*g&;r5;jsC|l>bEX#&OC*31(2t
zGg{D7bgFrZBQs-y-hE*2opV#&`6x9YpY>r=k>1L?Dt@wOYkW=!6FueUm!ZHsjV}uA
zW8Lgs@2zr~(4VpQdd{nx<G8i>!w+nW$o5%6b=9Ny$n<u|u0HANS&4U<MRNZ-@Kh-O
zIhvqp_0$-mnl$(>>dK}nPs%x&YcaX19_?=DaKdfo?x3hSG<`uUf%C3P+3Zucq$_Pc
zBP-!>q`$A+#*5Z+&<q9?9_;{6RC!9Pw;DCUMkt(~7?LzexP3Yu{weXf>5}O{d2UE<
z?XatBBa;_fFXi@Si5v`HAP;A?I2>sY1Im1p)O?$?@0fP4z$z^I^q!mm-wE^QrhLcG
zEnC*_yVT8d%yr2G<6zm6F=ZiXI3@I@_U_}~?9oQa;bkQG?&8fhh_g9vTe49RNco`N
zD~5f_NbE`dCrr)cBHG|#pnpZrwPe>?;WgZUwzdr)8+mUXh0>0-Yd4k+VlJhZg|l9K
zSEcYF)kp(O2yg6xM}Fj>hQew2;jiYJ$nV3u6)4Lmy)5QUse#~8Vbq3wRjVSw#iF82
zF6y)`HXZ<O9x9g3WzoXtmM2Eex1D%&;20ryw*Gix{oUr<SB~MBYA3|Yq*T@yy**i%
z8#vGb#iGN6-}T_R5Ot0SxS594jk*PIxY+NhQH6D@-isLcUbH58wOG40Zira>RLJPK
zjb1SkH9{+rZOIXid+*|G;;<5QEPU7VYhL`YM)E{X;qTpPtsl4j(UpSqvZQr*Ym*RH
zgbh_{DoAmMHIDX{eJUf?{O5z_*mwp@_BD3yOpQLd&;UMyi%@%Oy{Wp{vTrvu!+;Bh
zum5-eetMhKF%{z%bw90SurKW8cPx?}L5w>clR+(Fc9Ld>Y+Ve3GQR55v4aUN=_gfp
z%xs^h@)uze_5gvTWHuHSmRGM{@$)-BRyIt9!UOX@*EBj#(T1dXOlZI^h+bLBm^n@<
zl;rpR=7-_`(QKeDF}J&*gxdbqm4`vPcAMPbN4gP$)2)=c96@k|T|;qtaqU9UR5;w9
zM}KO`<^qp?plb@}YmqnXr7|@Mp2f?Sp=b46JyIW|%AzR$9OxIXd9-xY?;0!bDY3I6
zZkt}H`cKf`h4nyGy!B0lM^rRD_MV%V4uZR;R`?tt^Xt=BMpHFos#*Tn2n=mU!9`aR
z7gx8Ln#o@?@9XNp-*mvAQb%<!>aEs?zVCscpz6jp2mxdt1ODI#Cxy8>6<j<~BM?=8
z%pcB5(cdnu?$)Xbm+X>5XZpvaC>zGzjb_pe^z&jSTHYUwG5YRKx^S08=P9a$hhz}o
zh}C#F{<*(FpUBSxrW%beA3uu6$FItZWu2`5AjM1=ua(<3tmU+<o~ebletx=|Inf{7
zNx!BjU^)NRWIDRL@p<(wnfZClQcBBRZ``}M$3(icHQHMHlh{r*_TMD_B90N`uZmng
zG|%*YXEiT-Iv=6V&vSI`+kN{kj<(_aEU!}Iq|Sufpx)z$h(4Q`(|K>l<{4^-k3{>_
z_Y3$MRQZ+o<Ib%6!cA$0KJcf3bM?{>EHY>xn0@rS>fSKxALW1jzm*^Quks`QTlw8k
z|D*ix6OoXrF7#V{O@*K8J^aTuuJ;M2X%F{)HC*+2t``g%5Z5!b1&dda!+`4RSHK`#
zgt8!dy1UUaF~dVcnORxW9R(}Tm!^Q>sqEXg=;-LSK(ZeQ#UDB*4gRxyO+le@b@!>l
z{khSH%ste$h65lRTzBOLvn_?_?IG3*aajus>(ywm`u}(XUvaMkLcT~)8pkn(ywpRU
z(@0LLonP23wJp7zexg93U*FgWF+Mnu8oApL6}<tLv7o5<H6LC1p~)jy)<=^B1v45O
zznAj>pgUAw-{8LVmKHx99UV?xI|R#DQk2|>wQ>zil1g<`b%r2QR0a|m#~sS@-{M^p
z(^FpL-EChiViX9bgeNld+0fKfir}A}1ywFN(zK~Vx-kReD`v6YspzH7K?>81c@O$o
zwWv^KUn_i@BYM<iRL9`FVaHM^lMVnq9<xZa<Df!zP-VNp98C(cFSJ6aW~r*jqp<P(
zY<bezqK9<efFj{vLfczyu_oCup(kG}h)}v2M=J88v_afnoRX$n>Y*5kB$WyUR>3>n
z(og*H3eX>)aG5WAX*JMuuzuVsfRLh!4hVZ86-P+tRi}^NK7#N@ets}+z2OgLwe~8K
zK7tor>9zcoDZHY~{no{X*21Xl=S8egD!rm<A{7EL#tkDjgXTGc8jR&TSTa$e+xuEN
zusjA13^}rd*$g?3%y12`dQSfq*oBwppbm^-PEW+~?vc+3SzmF73MR)Q%n0XXjPf^3
zj&J{fX&$ms{JMm}wW9+iDM3GzPL6buF~9JYV5b=gH3RDp`3&1#<JeZ`i&TD8d3i#+
z<wrZ0b3es_P6Xn&sVQk*9-&&H9)Jf^a;hn4H8dA+osKUKmR1n3t*X;DFMUfXH2A>)
z{r9@UP@y0(mnUW$-ChYk!V|MYXT||U_x8i&^r6=EOt-U)t)+MeA18BzLKYrF(lO8s
z2ckXG)6)QIN=>H@=p)qD)&lp`Y`<G<ny5UMfofJ>TD?r0rw?h}?pb%?v22O@%ONTR
z<jx2I1PXkMKi5)+9T~gGdy$WTWx64ez#|DibTU@$?m4Mf%UK!C`3U$j`uxNl`XOrk
zyE-HN=l=9Z_E0!BHa2i+c6W4)?}GsF0%vDue0+QdEIeqS)zIJ|@MZyw%NHd^?-An`
z)quy2gdXLX)S+UHQ!geDb+KX~57!WP-QC!kn7Ozhq?H6nEtjQ0IZVGPS&3yN2>!z{
z@ELUExtcg$?PsNoqSBM1GuE=du*UC2h&*?6nYT^XV$=(i?T&(<_(I0>H`p!n<p~I6
z&<)0?16Ftc1S=5DL3m#c(})YcR(w)0N-P@%97GKiv!3WR7-*d}(P7)*ki(ILiu0{N
zFldc`VP7F=I}rY!q@=e&flPE;K$l;;%jGi-obtVKDcBcducQITmn=x*B!)f1)Qpsm
zXj^4Fm-3n!&A@?II-dn=No58jC4o<L1CP8+=$iqXN0|a|E|%uzhhhb*M6A$h&(Pxg
z@ZQZKseE<gRz=x*P1nGWo8=oL7T_xd(%UBRjjvoAg#AdV=rfez$)0<p`0Z;e*&lpH
zh4+@R7RC;>0eR}I)ykMuCXpPkpw0$zZjk5-pZ5%fX!*VGW^T5@uD4lYzwkBiIA8t-
zD?zn88HN#&+uFwUV4}TAAzLmOXo0`g8H%i|SRADQj?~%Yv_r4UN94B@ArKXa;@U`!
zc5`UuS;Ngr6Ec5+E6I;n;nIoo(hjZ(k?MS<&J181E70yBQT)NSCID2x%Je(BJRr9}
z`Y}7(^y9}>-^RP#T+{gYq5gg!#3cd2`>4afKl7KBvay+_VF{wPne47p`yD~Gf1(@Z
zJP1Y7IW)Stk7!ytT8rSy^XNa5FvNHgJNQfK8*mOSsRY^}c;t$GgM%ELO0v1RIjeTO
zy#FY_?EhAN?SGZO^uLwgyY4^ApR$aE#EWDC4EtUIi4IC9l4b~%fTroj#q)%+2kDx}
zX-Lsgc}Lrc)Rckl8yt70{DS@s@Jq&`ms`^LS2ey~#tRbTFAF!RqIpnWj%O}Wx!(P7
zACib#ljQJnwMdllosYG*x4RDV4M;ldFk+E+NW#*<i<ZlccSsu8)Ph0*h!xO@>vX88
ztxaw>0?rQP+2q8;Hix9nRUj3fDe0@r0`1d)eQ<Dg_P$zj2MOCt7Utv>7G49%H^9UR
z{|A#v5RMAVQ%XK!(IA=P&PGQ8#M_au-toBCFVDA$Mq=M4<0T>8AAf}hSr>)+HKFeH
zg18`F_C#4ps6;S~+seA@rz~3c^*iR!)LF{8#d0**lJjfJ*8Y~gFkPfz=mlaQ@+a5Y
zX^4N;b|i4=MTc7Z{B0U0!9i1wH~WkJ-x8y56W|6D!I{5kC6^lxMtL_iwkI8S*yWNj
zR&0>USLO+xLwT!5QB6@8e21+vB9#fYpHs(E=GY_PpS<)RPO0>uaB4{cBk$}}x?^;?
z9GSYqStq%5vX$cCrXlnpXE8ZljIG9|%R`Y|N0Md*Hn8e%S?|_<0|%#LUm~RGsga%Q
zR8!sCG~RC!dvdxncr_g)D71^E`o6RWOQq}Txj`mAp9eLi$uUBsFbpHAWs9}dAy%;<
zh8l1e1X=g&dwxkr9&B?BY=Z;RfgIZpPBFYHd-aW5OGvHv=l!?9Vr_R8`W$7u_qQ&G
zo>Oy<uKjjvu!rZ?HB2vdtCi42r&Ezpe&LLlG|#U{pVV<ccE!m>p~hI8TGX89jW?>?
zVD1uf5zt-uCfKG|gPt=K9+cT(AB?_IeC-{lCab`WaUE0xmaSt(hMH9yCB&O1rNgWG
z5X#->%0R-l*Sxep)m*=De^=TuDTOH$;&xHD0j6#i$kggZdc&PRLIDkg9Jws@arCmP
zSws(JWT0r#H{}#o7k|^!7%c67Y4XW@+l((&Uqb(<4MQ+$`_y^Sypae(IVy=OLqDmm
z1=?~_wF#b>iT`Cb038~-sIApc;eIM;@}`V?&d+zNBHt$xI$rK8-bz{TZ$ZQ-b|?O~
zX3S0r;=Jp{-#_n(hr9a;n?}zG!d3wm`KiiLIr}}Y0Q>aWnojL-DyB)QU4mKLz0t=p
zWawvEhSYY8or8mBZwi$>v5r3gU>~^*7>US!U*RPaK_o=*9;`wi(>+!_BQLo<*6r>0
z|BB~~`fD2h{nnA`d_?>U|9z_EF)WWXXF*Bm(u*B*ZD`*8ZBj1No?y}PInA2tq`f}h
z&-6L7p=WNKbj>vHA>swfk$PwK_7fB!>V}<ZG8Vfq_`PJ~1T|=?Y6DzeoSmIrTKdv~
z0}t8`xVA&%<EH=%!saqsg}DJ|_!0=L0h>JJfvI>j{EIVmOgpiz?h07-)usl(K-ARL
z=K&K3sNMlnz_hfqXZ)G^9~f9^Bs|eZAsXA2RVl%hyKgQOKjkEJ&iK~49lgoBpq|kY
zOGEx^Txh{V$q&Gk5Phz3FQ5VKomODrINPH%ta7S!xNvRxUX&#(i+r4e?Kp#928PpV
z|8fHnJwN^)TTyEmGV_}QiiF_0^Uxu|Mo$fNJ#&|I(WGh{6<$1>WryJ5mlnHyI~wi$
zt(nYqH#$B>(=1kgQ%kEC$R)Fmg5EcwZNpSgnUssEk|BZddY5($QSA>U5q*q2H2V&H
zZP{jkG%`XaEaEYX!fiO!)a-jz%cS0%^tB=NSH(Co52dU8UC`H*UoRjyEuz@h+5zwQ
z_10Ik{ds146-LI#1mcOJez4SIim<Mknp6;5m~bX1_qsDnlFAIXfA-c8xnn<~f&ASs
zK4<$<iGL9f5^4f}3WBsvp)}NkQ{;)ATv=Gg`u94zI%!=njV!4kJC@TaTG)eu#do14
zXnyRnp;B=UESir$i?!Qg$bK6Bqx|pxxAN=!tNbPZt^9%3|51M9b0nl23o|EA%jun#
z_G3E`ecQQ@`k1caNl`vess=Li&$z^%j0PjE$1jjlu+vjGegwDS@mUg8g4750C)Ri!
zyy*Ss?EDLD#dvM0C<&_gJSGU~@GnYvgXSRQB7w$XyF;t2L<t62<_}>a&>PPwDg*<V
z@Ub*1Flq}vl2C$UOpj1-(<WJv=SE)1d+(GaRP!eFIRYm)>1`h9<D%8U--G9eJ52*z
zWf+FUWYD5hC&A!Mzinl2aH{cEAm6dV)EUFyn=cnWMK8{Md&62}o&9}0P<E8PF<*u&
zo2nU;lpKH6?k*@(J_-r=x%d_GDJ3uu+jdYkKhF1NIMdM8?T<S2Xt8QLyrpIJ=g$*T
z*2fq*e|=5O8Z$*NVq`q(dT}Q5w$FmJ`&h|Yq|VvC(}y?s;hcG0d`)PGQv3Efwp#jJ
zu6gk%O)XR_qxbiGUKn1CQRn(qu}u7oKOF@#Qwi!LJ6D^1d_@HXWv-6a3nw|o?ST&q
zFud$A;sF@k9_neD2=jd2a%4lXQva={Gtd2<ZMGQ0@|owN_Ov3!JRZ>$GQU9>%D>tj
z8kBy%$$aw#)Ezdx>&v&+Vl(O7U3eF{N*z@kEp_U0;=-Dwn_ow{g-5lC_w3`jez(98
zUkBZ&oAGzD)-pfmpj;)B@A*&PNV}w?;Xt|uxDu}@G7@1O!=@%CG_<q`@bQQGQg=$3
z`XB`1>xYMQBqTWqgaHhO*Ev;O3?`34SH>;JZijs4Q0ZbJ`Yg-A!2xh`TKlLy=-WOq
zGUf&ap&$dN+|P&bOI>ljebxCxs(tfqEBsz;3%A=2d0IwWqp81%SV$5)B%x6it`+mO
z&hU5N;i;L}B3%+~o9Ce#m~k}a4aTX-vB)rVKY==a^gqq3W`y5AS((-wPu%`Zbg=&9
z{2J=8QZZ4?G99*3U0D6i116A0NyvkRV)NZ$tnZ_yk^-7YRpjm)Z{hSl6QldjRlhS|
z9VEul2vqQ*T%*I#RgiNI|1^>E+!PO+y|$EuRtN~xBjI9dAWg-j3kS?d_}qVK$m~0*
z`i+DDnwUy`j23&=R=WmT;@&i{amdm@bL85q=BVtipG)b#*EIz91$N$L{5n8~w7fpq
zy3BvW>xZ<oQfYrJBIY%Zf<W=Qd*>DWkeE^Z-o=4Q>?4aaIL$Ou!}z$QTTH6E%_-9L
z5|){%-A$0_X8!6IrIcWLQcPEIM8hq3P(O*Hcz?%Rh~zB^{qvT=L7T>FnP%;eN*DMn
zX2}U{ag_J<%-vv#l*o^i``!i#V3WHan+%)Bp+7hhq;NG<Z%f;+r6|XjU-5NEzAi&E
z;8-!qg0LTZLPSS#gdIU%ebjwhiVXBBdMmF!hpQ(S$0zH9+INnE;G?8a^vlFKE6Xh+
zKS>uZ*xNMCOelgciuZyuyHR>1KR-F!&+8Tlv=adkIL0~=ctvkTHIGOxniK^>9jEt%
zO;gTX3%e;XdEkRd;_nHtNnx|MKyJb}eS<DAHz&Af9XlR7p05FH`<D7IZ^z4YCX%9P
z_4w#r&Zd`r$DEo$Qv(R6yGzWA3);)e2k*;Qc6Ke)v=WZHlZ4F7jGsT(=+&Jzh>7rV
z(mZs^<Q?c3=ZVq1{Y}Bp9Hsn8C`Vdker%Ja`WDM3hP8H{v2n24-{bYZg4F^?&}o^+
zC;0j|?D6`vq;&N9w8&20(^DSVH9?7AGU0?rfRhIlIWP%mki<09)R3<*3+#=&fxuat
z39xB_2R5YWKv|{x7}e6jefj)B_;l7kP@6F}CPVv`&wJywjE;w@ua3&b_iO3Qwc#h#
zWR}1WR3BBtyk>Tmh_|~LhZW^AmhH#AqMSDjYqqkRFhgJ+?l5I*sb^{pBTdIHvIo3n
zB-E@?yo*gL>F%m*e>4Q!DglT1P}DOjE-ri<d|iCQXesav4{B{?1(5mznEz3JrT?w`
zy8kLa{J)hy{P};BUuY0m%<|IO+S<6jzcs$^;|mxQEJg`yWVmm5*f`lqabaP>+uM6#
zetwolXtr<ASdJy+gw>TKRpf|>@P#bJ^Mbz{4o31u<Fe8|uef@8=El3`+4$J;cu1Sk
z%KpyG6NMyw_2d-V?R5k#tE%9kAFSA=E2w0h+i()WlX5+^rB!j5+uN6V<_75A^W%Xm
ztW44B!xdGqV+gCug#{~k(UPNO!+Y}N0`ZBAP+uvv{SNsNbR8UM9Blf4Ed9XPjBK9y
zi>3{Cu4xWM^0#qrTaq_M!zzD8z@UZnt8DmBn+*GU*03-ZJ`Mec%;VH=ST0!K^Hl0T
zS$W}j;5Z19fkIfiF=cN&!o32bkXez%)vmu4Zj2sx8S#664Ssj&jn;sr;P&<XNn61o
zvM^Sv_G`^-RYDp@s(R41z$^NQ-mV~H?2vCvCNwC4{h|dIc}}2?(tElOWnd^XVTi=j
zq>WY(k#1gvrg^i8$=j{zIVab!!qI{R^ue2Tu%B2B4)MK!HF-)#dzMmFWG;wL6#Xkt
zC>0MYA~J<dG1A<iRA5hv;OY4pdF3DJst@I-rTuy)popXyER-LRs?ay!82I}!umL6B
z2WSIF;16^#A(WoLXR|>ebQsb98xp~{k}?31lWf`e#+UHkbmcmHd9dkZ$#)=j`fpfR
z?a4_QnwpN9Tfv;|#^qac^A|3><(w5LOqF{Ie?wg~eh2i<ZZtP9_V-5upNfl%%V<18
zV07W;>MA5K>D-X#fil<6-X+c#F&r=Co5WR!gR$^aI_F2tBOscHbSqQ7gqs)48wH{_
zqFIw7KWs~0X1IbJruY}vzog+vWjth3ea-8>ZWd6ah%)^YM=RkwIoZyX^f`&NlwTF}
z;c=X4RIKL1Rdtb?CJi>Wr^nv3zWx&T;9yU6HQn!SiNn37PZrw3nfkxP#W*9{<KNhQ
z($WsKb7+`ue&-QtXK~|N{>DDGW9BX_(Ga(6bilSf$I7N{Snr{x1Ii~L26Ks8OE06#
zvX(Q-2WI=qZ-iE?l#~VyA5T+&GBMCm^qM(biak8E^Yf#7eEdB*Nd^K519(CJS_0q>
z5CC`yNZteGS@YMgkv#N>dOh&abEZhxNtc0vTj-ROfwpqk@5bk_I#;;;j#7km%_x=l
z%?Rs!nZ%g-%5VNmDdxM>H%>`uS(8NH#Wv1Yj}sv&(Tmp(v%aqHO7i2<hlt^YjO~kY
z_zB5|Q4iaWahY1x!Iz@#^lneX%hx_OwBqZp*ioZG;Ny0^6qWIu7-7wQt%t?eNu;Tk
z?1@YaF-VDGJUl#-l7E($m&eD0nDdN^<bTq<DPZi_PcHqe5|dTZ3=yj3QyOSHb;p4+
z4%lFETA!q)hHLI9&N6)^y`<Az!zAKz>CD^lQ_vi{uqe#&O}=ORbp__wNrQ>|Z*o3`
zY+bSd*48iSMftfRAL+1M6h@L@bi&Y&;LjReup~~5WI=Y<%j~xlVQ_(l2Cz&?bYH+`
z@nDD1tKc}T%Sqk5-g+>{&~3U5L=4)!C@lWI<A#FWd%G7>q>%K!ilnk$!veHR&G|_G
z+zN0UWWhfno3BD}isnN<qu)56U`E_Lotm}s<~tRgIwXC9$PuR+ye84F#c&J)u?(e2
z9BAq6&A-?J%M&0NEblo&;cI({VO%J#>^id<^wS8W$Rtw*p^(|s->Y1zsrs6P{rcnM
zYD`1EN-O`(;lgTTqqwIhjGzFKlap5s1Z11@ekDn0mdYu(hHZe$7)d#y4Hp^l@nf;W
zv4z^_RL+a+XPVC3KC&cV<27`95$5EHti-1W51+SRj)E~P@9>>Iht5fBfd=1#W;luh
z95yD2jUWOq-)KCYPV4K9J2}1%vTH{WNM3@i`qOJ|N$Pe#{?*%g>E%zH7a_~VGR86^
zgbrKswivmTSRgGdOpM<61@`_&`Bne7^6UMp{KfyR{LvHtQGP*8V0-1!Eay|B5K$3i
ztn+QXf@>WDs<|)aacuB$V?8U&zpl=IX6fOB@58rW4-;qG_F!;6#aes$>R9{^C1P)#
zX?pJMvVcKEn?QY{i|XhF0k&&x=)v_k0?!Vr<;EeFKaKZFZ$6dFg_$w9GdMBbxFvLZ
z-D!zFrF`|BoiW#nm5t55b=fZrnnsJU9M`=WLxB1zC^RiBxb*82;fq~hs?%uFje|4=
zbZGA`W(+aQFRrdIVF^7`iPhh-n}v|`S{w|oI;<ZUC#DXdgs~8<$NT-cTuj1w)J3@w
zpX<f@>?c7_)UGmfdk2{2NwlUs!kkD(k46Z;iHpk3@42??dC$0Gwo0qAX8#Fv`4gGv
zWYck>l>1KJu`uC$YthGsN2ftI+KjlXDb}HEiRV&_(o4$u-AD-a{8Hhms=rr*5F$z|
zb#u2{APvFF!qSq_9B9jco~@v=I^qgSJ;&MB@)#%S!Wbllb~iruR~>?7I}L(lSKi`_
zPY`K489%e+m~UfI-yVJLk>yl$oGoQ$4&CN+ch!Prx|%Yljzs1r5vq*Ml{mjIAEqlk
zE7NbdW>4+PP+VuBBv1tYd;Slg*uruZV!j5zQZTUPiR!g}24f3C`FMs*pI^za0v7O~
zConXUA6kp+^!efX=IP^ur1X3o<;{}-nn_X%2?uwXt}F(?+=M5Dm=HkPiA*;vn?kB7
zDc9I{Kfd1v%jfH@niw=Fq<boWq4YEQAU!*fNh^(Sa+i!xpXQ03BL7l=nKJ~hRC+<c
zzzX8!R>M{^4n>y7s@EM6cs#-VwXM>M(z4>z;C@6P<#~Dz;0B)7qK?FL`wuHFNz`dR
z#p|0Tn@tN%t6NUa&+9V8TdV{%tUyeObf3%G46K}2T4AIvwus0z$;)Pjxetk6?RJvG
z6yy&RNsSwxB@$J;bdM9c5Y1A(i@tF=C>VZ>4RYD-!)5h=W%^MPZM&;p1O&jNq_hXq
z3psjMopuH!4cvxgt(^#mCfhd-+?UCH)fyYObT}w*X{)S@3m`J1?JI+;-*}J~uxzeV
z6$`j`Etm>&QPm!QkI=Sy=%WrO#dC_1_i)d?@S4@Mop-rv3-m57zPdQ4YiyKsaeLgF
zugRXA@_*%BdtHT(XW*73`AV!mt~M~gOKhR=Stokrw{(`lY1tPh0b0^uxnEnm#1PLC
zQl>8@PYO<Q)sqlO$Se_a=6*M^g(;)pLC>Pj+7_@wr5`TJ{PmkXPJoFr05fm!y4ZEy
zL(-e^2MBB{en1{7+vl_oATG2A)cx_ojXnnmP&+&EJyYi*DNi}d%@LB9isyaYHku2l
z&8@W5H=DnIkF-2p7Q7>TI?Mj8ucJdN_PfP>@v_4k_1LC$#!t!WCli#4T~csHita>P
zZ2!K!d_7^yI!Zxv`9h-XqqQl*B>l&(ZqBY&<v_-5oc@--LD@y!g)Thte5~c2zm@)@
zkCCDHj`J&Cn*?~5B|_Qu3DMAReXppD7jYb=7%4BW7^@tO6LE~L1#%%_QNe75AMcNs
zjH6`1E4#pze)vjmAY!O9eFL}%YJp&YjhSaPh?PCR_d`XHH`5^cXWZlqg($y+q^5*D
zge)>UUunh1b2EzKvcC&qpVX;yl1}IYnQXZr$k*7JJR!uLK{0)EC0)RrFTSPy)De<%
zkg!ifm9v}}x-qVJJyGFMcG3EJrojnf(O>L>Kq=(IVNEF|HZ*aygC&W*wn3+1w*ay1
z;+ghgor^JQQ6d;d>XdI>jO!KBg%LOh;ns<=axBwSIUP=rW;lt9@QR6AVdS=6o^w)?
zu1*nBPVp}H%a`7bO=Y#UhnNdPLy`LWP%kfppb%n<kjSAX%<fpGY`W@sE13gOtGd2C
zh#ecVpHGLg;?xx|%Q%B1oB9!E5KS#3jfw`(h8uMB+CTE!OC0|wzvll|e%QatU-aL~
zpAh~Z<@Y&7LW=32MpYND>_3Do-hx{%2RyvuJYCM1vvtv6ne2FO$F=@@+4k{K?~SDL
zLYmDxpM41CSc7G9(Gf&nN&U?4@b6y>yGf=^4-}ZOg>C;eRWVa*qXKSqZ65m0w5Zgm
z<;I&<>^)OS)>?Ld5R@vB{LXxO4YyzaR=>Ye6$U(E2O*g9F5RYt_~l`Fy>W6z;G@sg
z_PY@pP&x^R5C^%<7ybm^TWEPfoC3zyzGF!g^AWWk;ECax7}aMxa)6uFQ=St;yws+`
z#-@5+v|)I#d052;Hd=nLCEz&dE!kl&+Tkib<l?j}7*AtNy9M7sJL1yZ+=%w9G~@9<
ze-2-@qK6|jX957;WzX$Qz;`RrZ_-jza|H6602*ZxI5ntOR)MfGvTl0-K;n2FF}1wh
zT2)2r0ODwe_=wd~?VWRs9aALSd<ix;)a{=w?bmg(LFFhbOXhcj=ZJHAnw00(6&H68
zAFH)B7_O`MQMsn2ZHRk{7<_{#${vm5K98wC=?`d9qTm&38P?8qQ2yY2mluJW?*iH@
zVHDC)2n%tqrD|=tAKX)%9M0A_Qq+HPo-p)lIny$|wZxN5P|@tKhTNzbK(zFr9Q;lS
z-`<BUl{BSxN()q0XAH4_qNl>X$L)lCreO=reqh>`Ml)k6jmG;~&Ui!hk7KPpJ4_0F
zyX!~X2uXmSs-M@bgExHG3gc9cVW3hpxnofu`g+}F9vBFLpCt|dF0EZ2GSsoDeZq}d
zOoW_Ho%s&IrEOd85d^W2dU|F)kE>E+wDx5}(Ze1aS+^)B`@YB_EYy1;ijrKNdHnLl
zi)}dLbPDIh6MJKSoYoKFq)GR6O^%gRW-WOVdRC~Jx0X#KN6@1pk@eh*Z#6iiIgpn3
zV~t<B+koFDvM>C7f50k9312r(5*<jIqsxy8TkCI!5gS4|ECB9)Sm^iQssYQmI(9%!
zfnTm5v$BTgl=^N?7A587F~CZh_9QGDuFt+=OG1H1ZdKKpmzP{mPs@%CqB*<iCFp=H
zLGA4qeRQGbIhQH~LXv@xfmOJmvT~dq34UnsgF<yLeLhqF<gM#~?3*QM#iU&n8!rM!
z3qh<^9HDJ1Ve@!-)jBq-$rC;N0~uijYkIM=TZGH{BPy`L#YPJ!_A@hxNZ_K(r}Fk|
z;^0RIU2pp)*X&ZkTK-B0A;UVy($ud-Oi&f8jGxJ><#XSzq<og=hayKH0usm>q%_x8
zb&py7T>-eLRu~0ICHUm);Et6MQ0XB!vT&4;s}+YKzn`gqxuK%2(Z9aczWz#Ud8k83
z+9bvn%N}QU>L#)rXX)B%FG3->{B*C#_3)RwcgQwkd^bm0(Us>WK7j*)^NzRR+l&>v
zpeumu2FT;vWnXeiN_+scA^;#OE-ns=0WgMOc6Q`yyV-K&2v;DK3h;Rk4i02--Xy@8
z6gpJhM%_i~xP%wHV`5bNuUlpx)cb3e5c%fpZvsQf6taF<p^BcjcZR!%hdo2}edimU
zHFi+Bp21WFzotA|WPHBldT+GRlb{@Y)t~q{Sy-aFS1#Dr(=k1cx@nU2+;(eoug>Ej
zPwJQNN=@rg4X?0|deM3H?nU;3Q29<{Uzdk*9?oCgIn}XI-DMGwE515IdQ#Hweh{|M
z#|<7F3ls6P9}G=w!8(ZqJp<9_D7(#05Fu$|E!@sTG{!BkUrT-DY;hSLbelozBP_HM
ztmFm}g6^EPL9jzQ96`oKJQ><R;6f3L%0|6$F%<|z_`Wr-W#HQM&1(>=87`rLZ5k31
zaeP%A-pJD_=mHNERQ>>e>Bi&wF2UefoNDY~>+zHgf2uNh+Yb?e=c6`kd}Ui3^Z|I|
zd#$qZEYmO&&`B4B645W1ev!1cJE`Hk22MyYx~T`7HcW{+*R(DJ1*msGT!j*Et3Qd9
zCiWlYhyHKn*Z)`f3;$dBzlr}x`Av3_kQ~ifR^esOX7@WcHyL1?`8z&_u3OtjtbPv{
zZ~gq<z+lqG#yeeI?f}5Z_LJ%6ufdnIvY4I?X=?rT6Mqa0)K;Ib7;0)xPEVWfef2t&
zn{!=mM6%KIySN^TEz`NUTHBHE@~ffvW#8WoNqLdt{&+!9&N`c#9IW@tuO=&xiv)pF
z+nFHq2;ilD$D6cYo~k4p3QlfNpi<90Yq=_O2OK96ysW$mcHrvv(Zqgm8(b5DH*C3S
zg<aoYP#8ORL73tzVhE$9p`)u8m$k;b;+{exHbCgj>C8$@>M!dXj0S!BBMo)ga3^qC
zJcJhrg<&QetP#r4t$Z;;Xz^TG5nbUt9S4j@1uk+Jsc5GXH1@=MhtG-55^%{7y_6V|
zhX|X9x?S7gy@Kj2lC(_$ab$q70d!bgfeaJS+ZA<O>jK)JQ>^wzG9Nx10DPT*iq|Co
zXYb~3Zk)8Vw62~WGL$(guxjV;N%cx?#P@L2hY^4bH#Z_R#oFL>UtMU|xMPRW@Q1vH
z9%{eMq@tv>nEmbV(M}QL&x>nqD6<y{-*{JjWVf6~tnGfC$EQitxi3q15){kz-m5CU
za`wx7dVT{|Q?&3+of%19i7Ej6<KBEZL(3s0Npj@AW;qa6u(&z$8?kC~p>D~p3S*YM
zz6z$mvIAY1mFe<2Fc8yHlF~+X_Y|zE$&y6M#<r7oR)|QE&G!iNgeK#qLP5Cn;R?4D
zYPTRi5{^o$5<XUh0veF^7=$nhwmCI|{FtXxj(G`*p~NX@Dr<?7t+33)Dgk&)`?xOu
zn`Snt39*`29MqMa<FAs?RPcl8QcuQzG!iL<{(v_Zf1ubbKG*m>5{SNR+`c$lM6Q&_
zbbPjXfzS2DfEw>)fgVz(xjHR>{6w6<pb%l$3B@jMP4Qqx6Z1Do>VW)F#;~7z*8dX{
zdRnX`kLVB9YS^wzFgnNa>7QV(ryz#Y>>(IdcWt`FxM4#ni(y+}h)X&JA2nCsO0iFA
zGE;YC0GtT3|8Fx>-&De6zYRJOe)n@>r}73Rmf-e?IH?(fY*hmTb)9yx(#FuQ!_+ST
z{Aun(;YL?n+#x{cJqrq23kzFt@zT=M8|muG9qx(bO*7%^fAgmSjxOlAv?QU#!q3B2
zUR-Qt;qZDH-MJsJpY!gkRBcuHp@Ho-s@wVlrB`dReO041hzx3}Isx_cHaQ*(C{*?%
z5D=Q;?zx(%$;Rlq!+r0eAQJ*lWFTpE<pIbq$XUbrW7=fSpQ@M@Q<!*1jh=Qd;KSB%
z4Tav<xw<{NijudlRfjlMicfjXq$MSBC>mUD)Mvg^1Eb?HANf&U$_%1RnHsrI3r5<t
z+O_)N1-jpkZH_b(3bZGAMxCO}!982})RfQmsrEmw?B0|Q2ld)1AMPG8&7j{^PTqLG
zmQ6|5s-d_bxQyQoy4R*ayL%H5?g%2Ue^!=gHS=ZMx<e)K*ep}gKDyL~yTpQ<&GN^V
zKmpIQ9KQ6mDBbsF?oJE0c7afesK*~~+^n^f^4=<_0hsV|GK5qA8~`u=2a#lIVlrwW
zKpxe-ej>{duf(FkM&>|R>nH+qa^k}Yjf{=OP`$Xg7#bR~wX$MJ@SKA@_MwkQpE)TB
z@qeG#`G<9Od%gn@mOT6mfheKAFIUCqZq5Scr3RhpnK3@Uqd(Wz*T9yXmEMT#UoU%J
z^K&t)dtg%&g}Bh@LVu|}Jnuv(%E6MOX8~S3(8xKv8iy>O&7UJqdNw(hm+x=0h1r^0
zHrEN=!VH(j-agEze0VN#r18*r<fI+K&&zM?R9WmHaeR~l&(3c05-l1H)!ELN_?Y57
z0KThr+$!Cx#=wVlXZ7AcY;!9szX)9~UMUhCGI~4Bp?!M}xhWL`E<zr|6wvJ~{Y=SV
z0mK&R)*z%P9M|6}r^DAR!Flc9om_hVTlo$CRsMqiR{qSR|0qA*I1&<(TK9CNr(k{L
zi@kouDw4M>)i?>Ie3ghC;9yHAwjrMWC6L#jZV95}%-9_w`cYUNtK=kW&K}>#{3$76
zLWe0$)wVn_8eB=USMq}K*85$?oapxT(B}0!7x=LXRiF6BWLRdk6|w#2shwv=?{oU8
zPq&SY)48!D#H<ktAh-kR3hZWqYbYLmLjp^}N{jy9%Z8mC2iL6FLAdz2CDqaEXL1L^
zr85Ja$;dcCWLz9<Fm=^7<v)fHRV*!4Hi`p0SjhBkn)6Nglh4im9QWpC5-Mt^gha58
zj_1{p|H70uuflvH8DYA9Xj;4O91N(SAb%lwMm|43J-;yHKgM!VV%p7Iu-mpV9h7!5
zAB(vkcE=_+0+~tQw$qGsgjn2yWk*Fd#krekz3U9enwp_zakUjft*#0FCE19E;ZNyO
zsOD(Y!;i`<Om1{S_V*X~<!`u{te(Nfsz%4^-HZofhlCEN+X_|+sgZ}%>+D-R^w%r@
zFn5m#&(-S<aZZU*1;CrGj`%A1=Y5S*(i)%9OW`9!^Mr6PsN2tN4zOY=DuhDD64e*m
zOQ=nzm-D9Z%%<Z$3dGJ4KV#>_pqv)x8J(Ni)N$#^eg85fcWG2d!zXG@&uO^n+J$UJ
zB!6(QY~z&&xJ0uqKiIdR4qxwpfbO(2#Z|Hl+r6o&BDZW^`6%;tSYd6*Xqm*dJ>W&H
zxx2rx2lmF;(y~kmZcLfOiw&bsCE!qaY6F#&%AWv^Y+x%9fI$XE-COXomNZ~}y898`
z$_Bvb1+t95!d)*fFJRxo(PF~{z*Ys|uCucd-KOeAYl`{#E2KH33>E@uD<R7gUOxUl
zCGa1`x%t(hUnk~NC4?j;`S?1d`0H;luDe)5^2ZZA&mdKwQ4m44n&slASC|qQM+8kT
z>D&wi_OA)*TMz2T53i^3;SgXs_RX>HROvt+ONJr;M#DAzP0VvWNS0qyX-ErcC^p5l
z%dX9Yo$v8cnSTLn$>s5uuPi#|Y37e_fS~JP9IE|OYi;YopN08_d9x{9=w4yH!{nS*
zDel|$=|Eldq+e$CSZMFDu(27}KZfJIcu{#pCae0f&~++sa_$jPdvR%*z5T=z9>N6R
z1enl%{~9{;J<Z5y7TpdYI$OQ-ZM9cO#V_@f%$*C<<Q<CRH8$KJ>!`q1i`*2yY=h;!
zA;XZ8!A$z1YC5>erKGS#v-d?NH9<){{6noG#cilpTnPM9eE;>|!`01-UY*@;?Np{%
zf#2h39OGH_^$N!Ml}`LR<DAdJIaQtbz6+RhnF1vh<kgmMFvtNhSvh~b<q91y(v3p|
zT-p>yYxxQvL9Q1H-|C+%u`;IFY-j$W=`OuTYD;DlCi5-^{^e09gm;z_I;8%SOYL18
z{Mg4Bq|4#)x}?&{LmFP;XHu^i6z-os8tENJWlR=3xNivawd)eog-tCmvTt<`O#jtR
z3V*Tv*TL0;S1S<>K8ghmPqJc0NIK6!G+>~ePtbS05NsT1Xc%k?@2e5Tm5Jk&PsQ##
zJLIOdgSwNDWO(Sgew|*1pSQ?0z^Ih;K%zPR3w+by=X*Sy>3>l@4Kp73t})smHfe<&
z1CKete_2|p`79~E@9)6@dzsDR?$<q{Kj*fp8h9>0zCUVBq%L&F2v0CkWOnG%bf(vZ
z385g&w?Ci5{bNG4VO%*5eP|eggY@kZDFGZ*CSKBV%|dKMRQn&d`AK)M9oz)<l2bF1
z5_?~aqG{HTkYJU^)Au8ZW1oAZeZe6r?mH%!qU-E#BeT<0*J60rmr$H+Wfr{NiLIgK
zr)<K4oL{(mEh=l88CXM+od{pdgeAK+H*IVrWj~kjJKt-4{&0C$BmPvpL(6$|!>c+=
z&k1#`dAe_?dRU@=YZ&kX+E{%h;7o1OF7#`DTgi~ZqxPo^4YZPWzpv<@JHO%oR(`{O
zl|TQ#l|MK4Kg$1x1_=rGP~88pYcA|~?c&(OE9N=ncWQ}kuh<%A#z^5dRFVNVYCImQ
z(k1+z3%Ws)oGeI;LlVK*Del?cv)$K|lhc}75EmDh3~_fvS(!?dMmgs7x%LTfgEXS|
z>i~!^71kf7EpLhaO7wRC{6(QCS^WERfV~KCM{gwSC9Zd5e|-Dp+h{W~$WXBJ7W*)z
z42G@%>{~_=A+C>8i8d`RwIT|DbG|XZ->MO;^*@>uy$nD8oZ|DRp5%ChBhVg(@B5^=
z;<D4;eS=AnfuG?8AW{gCpXyn?*H2z9Slik&_lP+BRAPdz#)w~?*Xu$cN#9!}{O&2!
z;Zsvn0CyCDKoFrBJJd8c-$&eT9Uc-8#I{3t`1tt7fo)?xO%6`3u#bN>HX^Ccr!7}I
z;s|6_PV#?!I^q><Ffs8tiOlpimi7~JznsUn#(P_otv_|tD&XRy&T^8MVi3t97tPbO
zOZ68++FhkKqGihQOz!StLMpR3zT_>o)>5$%Y$&kd9%VR0e*KE}|IzjqP;o8Yx+oT$
zAPMdeoX`yojYH4?!QI{69fCt}cMriOxO;GS2<}dBm)psI_Bm(2_uu{QIO9H=)vH#m
zT4k%pH@=#4)|@{b#;sNx&PZh!@=~(A4zRa&4qRw`iTrzJC}v2!`NFy+Cp7$P5kcq{
z9W%K!BTB>HX`7KDUaob9j2*dP4+H1>rGI#b#~plAn|YtyaL-V~$Dqkpud7-gK1;93
zrd|;i6@iDOwxyOA;*f&JKi!KwnJM<w<7y7(R|TB@_7KC2mw%K&UXA2a;bt%8dF|KE
znF8q^6JVyFw%n@jS^F6d+DpKms#2|Gg!vbxR=0dH`$!m-U>x0<U2{H)&f*^@b%w;{
zp_w=;c6rKjjmW=<=wU_Ii*?}^l=4jU%0u7vHn?lP<Fp2=^nBZ~Q_`e2L`re>W7zG`
z92uIwD|EYRtqy;9^5Zsf^Vb^xfbigMF*?&*>hS6#z(nd>te2Fb$_(L8(aw&b2&)Jq
zBcpdL;*2=3nRzBd><@2$h4Sqa&5?9-smQXAFF6%7?Bh_~#B!fauQZGjuUqN3&6<P+
z9OO5^UnoW7VqfJbF2>I3t}A8)6jiEK{)|3wn6b<9KY3Jm%xUGxuwoX7eK9f>fGXL4
z@I_#^;iom{U0vcoJ)Qf^eu)lQINqL0BP;cEY*c%BY4H~LCzQaVB=+IhSnQQ<&Gz{o
z2gGKCCNjE#zHT0gYkPG~_+je>9yUF=H+hU1E8h7+ljTXVp4$6!OnE4ee?X;s#6m?>
z_MULg$L8!+b-cM2OP!)sB9RrqAu0EJTJRKwXUG_oEHL~QGpR5*C;=g}=o(e+?W7I0
zkT`i|WoW7i@tLW;WY7_l$#1#R1`{fSe=_Vlu*H4CMTCQde)}C^(8{*ip}y8fr^d!T
ztnUc2<Fr_QX-wyqgoua;;&ifl?X5W7m+0`oEqcT@7>WWaS<3=NX^%#Okq48y$Y0KQ
z4xLs<B2o2#hjte>%gNf10TqA#7Wd1m&LiB<jkl9gWiPtajFKZ{i06<UW8;x#9ZC@2
z;73Q6-{kKgZo%~&W*|l)-QBRBW<Du+npUQ!P>+TzDIZD`5)$w<BOu&enJR7o5`)-O
zlkM%H<wNVH0djt<MM2ND6j!?G(0=--lC&-9Q~|4d+Df<`b63y)v=^d_XM|r~wR$7u
zWB#OGJa+3FcXHzEpOOIDRhAQeJr`YAf=5K`GMV>hk0KX10G)VAnS1li)K_6U0JTcj
z6TviGZP!lY&h)3?j9JfC_le0s2piKsEsV?eyxcF9@wtti+~n73G(6j_Yrg)RmL9|5
zy%C%>lEG#%Dv28fyDvG3d#L>W-gCYDY1Oi7_4|Z(_vq8AkAWYr^Xs&#Ku7o}oD@7R
zlV=kPc2Bn-yW_FjVMjz@e}xM5=E(uKdYA9J>2B4Xqutu0z)u4Ubj6!vX=vJ5IHZz#
zvC5xo?I(8YJYJu`<Zzv{*t!vZ!G{A{UN5QXs_N#EN-7cvi|6&iQu_Z!euIBTe%(LF
z|LyO{U!?LE^7EKNL0S1?{cN%7Zj!QKx6<G@x;IoIO&Z%7kr)zxHlHF`#Q<;zM`#eS
z`$sV91>MN8|I&?0jz<*B6w3ZVohK5<@@8RDvO_69IR~J8<Sh{`nv@8Mv2_6=%)P^k
z9FvY7h3C?mA#KEz*@sxFg>MLgaSAk<b3%t}5<B0hS5B1@3`h3oH2i!O<!N7Xcc=VD
zg3Wc7r**@YwyB7XjO~_$!qM{dcqXniS3Y~R=A5c;JxinYTo+R!O*w*>jfXXx!dN;Y
zSOm|1^HIgYNiqL8?MjPypdAKB9qoDf><f0w$IjLSIH4^0TV)6oZPSzLDH&3IHyZIh
zE7ONXK$W)=RjO9VtA0aRKwDg!T;h5U(8GZx+@=2+T0)u9T>P!1D34y58Q4-<JTYB7
zUZ^xwv)w7^6k;0`@@8qIx-o&@-~*ol*-aeuL`~Xb5qqP8brnBJe~Rkc7dI~6L0T2G
z{bFR1+S0af(&hc1sJ{7)%|t{*l>4R(UDL6<&T)v;{-_$=nt7CkghW%lffbqjl|J6I
zP;oufjeYo9g`~vN=Uk1;G9DFWnpK6W|4gjVJaaOEZcutzwaUJ-dJejE^Q%4HbrBaT
z$w7#cQwN9M%HW#c`?GJcKl${w%|z8mE7s*70@GeutvYDfG*m7I7!}88EiV(BaK(LU
zyHJ|HXGrWP*x$CgTMyLn54KgT!R{xlhC~_iIUYTk(pok_)@aZhtmqJOGoW_mWcfLk
zzBNaEM~CB!G5yWaIZJ>zDEwX_AzmF<)GjYaDZ&98Os$Z-JpJ?b0peHT{;&cPbrovz
zKZL~{ysn6{NUS$~q@P(?=RmK5UUl5Rk9B2~180r3LjotRt*t>E7TBOJajErN++?~j
zP48H4`KgDR$k>qj(5E-OGL@n(!RqXN#_CUS*obt`Tac80zW7|s_vmqT+s-!n`0-(|
zG9zte|9R&)^U3DYqurVA>;(;{%~s^OeRw=&;_Mm2mX$zJu2Ee}D<eG}b)GgsqO!5c
z^Uj`~y*@fRIy4j+wY-ZR(GL=7LPK30*nlk7Y_$l6EMs(Zbka35Fcg4Pjrxx+%np;q
ziG$_yd2^me;wb`F>G7&f`n!DoM+c)`t1TBR+$lT+8nMSGE{1VWy>_JDy3LO3=YYhK
zx|D?8cdfS@VcG&Dx~O>Q;Ee%hpAumLz2La+WcEHrou@mC&!0ya#-FxTv{#;%>$_k~
z?+%Q9wZ5Ee7=>wjUD>P%Wa`@LHmuG$ALfrG*F9-G&`nWKkt5^PIrivx47^kCisW5X
z@oYT$mZTFZ6#-+oa?pU^KWBGSm%N2&n{JjR{mR?Z<4A+NQh>0on9;4n>a#gD<_`TD
zki*;7acz)|!6(0-Yu@(^l?j_CK~QFCy~b<%C-z#uw!n#QvP|Jz(};!1XbQ9g8!Z=<
zClZ`F(c?H^c+q*^&!{A^yj}xA7?nvpduv#S^(H#$qH5+-)NK<YGKY80%IcBRDazIT
zsFMvB0~_sNmRQ6X)_6lGQHPQ(K+#^3R*9XzWU#WBpDe;Sj;b}v%J`{v^#@F;sSGx{
z1~$9ON5WzpTPMUa+kD8^c44)e6R4O{yo|3%yds&pXVgg_Y8IwkUDqV#wTe@_foN>w
zp5{zY6Iiu&K7ybu+Fh`uGhMlSJzbdxtFsG5Sw=Uk``uI~Sa1TcKcKT{>UnYIfNcc5
zO7TQWax4?#{#|$(K~<kaXGUGKwqY?AsfME1Pf7!u;c~8`GftP70BUOTK)E)&B+&`J
zPOO4*gWg;m*fw4KTIEa~JD@>0I*wRe%Kj4#k+{q_oB;M)KL$4L*YZ_%c1mx~>CJ>J
zV3Ybr1_p{sDpY9Cb2p}Pr!3F|lulkVIz?5`Tr@4*?G|m2yiC7&-DdP4D6s)DHxzlF
zvXFxBX>J`zu2NZDA~r1H^c(q2{u%l8{vdze-;uup<uBy_aR>!<{WZv1RLNYpC<MsU
zT(=Gsot=Sd1ZsV~J9m=nIpLJbNcyGS{!roj5C#AFe!DO0v)NJefH^V84<2$^hbu$K
zek_xMZ0ebhb>ooW+j8IAT57Wk#p5*}wKQW4L{mOL4XCT9)F(NXXL;Ir%+Uec$}S9*
zH0ZuQ7Uo65ljQb(Q8>Pfkd;4M3COi!ka<f;m`|FKE2^)*@Y-5CQcZK4fea_h&EgaX
zNJn-632*}q`fYXxQA0t(VO(BadA&T{K*){j<1O<C+Q66~O-Io;#Sky7A{{f3Xu6mj
zHxRGk{F==xY7`{lX)aN~8-ZA<kE0V)CQXnaf6GN}SC^N0(Q%cl>I)m`$+B66Zq@eM
zpOx-*7>sP%)z3ytX5Q$O)VtMQ4XH?TwobZT+OVw~Y(_CggkPC_vImxiZqYY9LAJf9
zlxsp35S=>*5Z^8xHlYOtCYF|rU=>0F0!aKvO-;?x<~IW~4GkO+-#`QrJ9~Q}aV49%
z=QKfI`i{fW<7U8Fb0F?A_ebCP{k#JtJCUFIYu^|Wp;mjo2}75ApROb5%1DS($mT3x
zkHi&t@tCZb_>}nAXucx+Fa{Xz<L$uaIC--Bg%I%2rRj9R&0==`Q5wOe`Jp+sS{_P;
z7iOvB>d4j}&X{MdX|;Qm4a|v*DxFI`&uN*;<u#}Wz_qpg^_8R}7N|03b4P#*Kjx>W
zch)&EfJx5mdx7(_RJ}R2Kv(M4^s$QyMY&9i*?5?cNKIN&VyoW6#V5l<>zYyB9HmaL
zoa<=C8uWP-zS)V11i{Co)t^Tm|HsH8*bijAtcL*a6NYf3L3E76sP_H7M5*wqW9w*3
z&B2&a+xn33;I21$4q7ZQFgmg1d7bY=>co#zui$Ga<v5nO`AJEFwD>_WNwSaC_V~8U
z-y1ctdF9FlX|qbCLa_0Zzr~JWt2jhCI7rp#`YCE9PuF(RY9*Hr%+L@jZytnDC#rWT
zy>%rh;|1fhIN?$Ux>pj;1kCCij`*xdu;x;Dsb!Zd_&+`otUQO62&qtYIXx+R^LrjZ
zNN9;&xkRYjsi%_CLx`t;`(%`C(HND=nT(DXd}HXR(lI!d_gM|*_$tBnrBpDjw8Y4E
zMNJ>(h{`1x-f4Mh*$3vf<p|JXiHM3&V<2J`m7c1qX>ERq%kV1jV9MNYbuWH6A1J?&
zqG=i|IXFj-=Yi&bN5LxOlT{+>P+@F`?Si*XZ`_8R68DO5J$jfahf#Ev)Am<ROI?_j
zvxKbI{n8cpGHwNmG#ZylJ@TNUiKUqhg50t^e!<c@b>=!#CVsIhO=+%Ty`t}vQ(5is
zIbN2g#;KzG`g7tn*p(+_=en-9j`~<=8Vc61mQy4`{z&g<XTW3`{vdEZ$Jj^(e+e}N
z9b!?0>2nDQ#bRrH2?@Kt_6!Nm4GDw*>*2Fsm7*prL2=DZ&Or?);M4T<^aR<T&)e!{
zCF1wd?9+3G^@B-o?rUYSYU*uQL9b8X9wiJOPMVmvht(Du<3~k#Uw(z~6Map-ZPMQ%
z>>69mwNAx2JBE>|*Am}H(j0D~r&mdk_y$?oR9A!MJ9g-OKg>5e6hK0eJ3E8HD!v~e
zK}gY@DH@T3tQM+X5uHNRYpxAk1|z-f#E+|0H$=OFw*fynKo>s>;(y+>A-TH9+-h(~
zGA-((J0wKo)c=Z(3+wA_nBJpY3GN_qwyv}JKBv9AEIr!nCDh`V3kyr(dG`v#HCa#w
z<_7AEzy!1-EwQBu(tflbHpV)_>kUU++?Z4-u>8KTEm7jTMbJ1gDtxR`>*?AFqqnG{
zezJ)V;X8x7!22VIg-y~OFV;x_a1sz0Q}gmYF7AQ}qvQLUcg2vk%Bm2nbgC@UE74m~
z48aYt3GI)|ou8MU*W1>ngIm+_c~VufJq-2nhG)tmoe`GXU~%CGQq~52X*+)-zxh8S
zzy2TO|N3|2uWA1a`FXIQpc3M$LRN|G?Clp`QGnU7P!~<xpM4ge9l`hsB`uzbE+HRH
zA14^~;2YqP86Y;<{7Y%cF&J-;vl8QA@&?9CXr{0><iBFkRZ1ddKty7r5=NnWP{oW$
zLPkncQvO*KDieGvo04f8s3S`=G($=}eFD6c*FAf=*aU(WuVif04?`x48q9sNfLfKD
zX4v0Sx9BrXg1@Gh9QWs`fKY#R))b>Im1vK~shqF>TwB5_FHD9V4~<0u#RuXqC}HX^
zvhe0qp>!L`XywnlvbtIjc!$(^*UXGr_wZxxJt^w8)@~rrc+OxMD2phcrpAbDZz>)j
zHkjw(;h{@Mpo9FB{g+A*V*+LfFBlz^4iz@tMOZaiG)kKs)O}^_%9_o=DrK14?s_;X
z0$T}#V;TH_gn`)DFVHd1aLDAo$sIu)PFGh@1alQSu!_*ejSvF)v9HL}NI;&RnU;d~
z9bd9WKmNg707mXxsr<qR=4^W6x&nOV1d8#{szL_!^~!ap;zokuK_{_t3Y=@yrO(N8
z_5w@Jl<kMJ+uZG!nr-CAZOvH|!vLj>lC~oJ$S#6?x&30wT(jUng(YE7%RBH&tlQd(
z(k0UT8(OWR!W|2QG;Aj+Dc2w*`YFW03{8<p$o3^dHBV7V{kMS<IG=?3BC(Yqe{+f|
zN-D$*eAHMd3jK7Q>jGP)ib@_-3N}H8Twl_qDdd7E0>uhPjpoD_r0zUlM+i$&<>!Ah
zrwHu)md2A^Y+y^0M5z~RDvl}V>#aSS8GPg3c#Mw7ffa`#I3TUJyK{O$7N;y?f3@Bn
z{Jrnxb`#yQ91Jd|c2`kUWMyYJaH!Sx0u9XM=TqC(Ois%CclJW!`}lWj1P>VS?rl;U
zk<uhcOBX$IH0lcm9BEYy*GJ{OUwn?JtW`$CshT)M51;>v_7tcb+ziso=!#`iouJGR
zPrX|}rRPTTK%13>w%SR@FG>;LVKM|&VOwRsFAqf{fU)2QYlJH>7^;*da}u+aA4r*Q
zLr<fI%@hiq*(QXgm3%E#M`<+YRA-KDG<I;>lRza961X?&7X88XL#dp4s#rUx7BzF+
zJP%9zBZW|r>XIzmjub=F{vGnyIh)WD<-4C{S0n6~`~3}EOBw?;N+T%5C8;y`c<3q-
z&Zx8N#a9lcg#)v@2_^7^l>03KVI@Ilq}@srb^;RA6a16>KrWw*zPAa;^LLWS!9+<o
zgqe6anHV_m6nw1jm^j|?(Q>hc4oeu(SM_}BTEFgcFJw(Cfe)L&lgq=`Oi=%!v`kcT
z-2$zas}<igz4?S|z0!QW`E*$Sxyf#~p!4BnZpneJ;#cR%rD$@AQtg$k;_NIPy)fLi
zw#x!d`D9VkIzWe!)&P=gj-bICsgi^dcD+m6uO7UyUM#H!I3<g!@L_SgRCKpzVWSI_
zfQyl&!kUT;nHDDC*5aj^j;)_!Wa14==-e<85X8}lHkhzejPMJz%~$GN-(pdVwXEYn
zh^^`n;*sc~g%@q*g+*D&wso?E+ReZ?^U!M~74Gj7*^UZ}{*1xo!OrSZO6svtM~q{u
zG**!8{nqr?dXJqW!E22{B{cQga@Kmz?`|a(>UPk|!k^bD3=Q;9G~TZxwtm&ylEhRp
zpI1<}`=VqCuk!IknZX|0O)n@Xb9`{hQ2lIw(w*4<%EU;WGhEGy_Dj(|$g)s914k6H
zFF-YHGx-gMU~NC8!L|~crV^E^6KMHdLMdNKyK_$M2>!yQGgp%K+LgB!UjySKxBN$E
zO3WpNKu~~ZqgtQvvz_jAyY16wFQFRs!I^b}H5k^Coe0^|oiVK*tda?R-FV589@!at
zY*Q7JeWmp6&M`EVh@g%GP3*77mC+?eUm*tmmFhmqr&x9=<F+Yj_RRB02%b1wTpR?I
z5~%j6^QLUoc=J`Uy3590rkZ7wt6zU3zx6*Ozri2m&;2{{H#z);{QNdhP#VBeyBa`7
zdxR=++0iG!;ZXU>F4!BuWhXLw=AXBjx;NZ<Rr&2vUddxC_8fVcLs=Q-Stu_Fjw<0u
zoYqc^X`zo^ijj7Rznp*gpz}SYLOis&Z}IvU#7<kh8Zm;q=Iz2@**D#%!dW~IS;I4q
zuSc8@BSj)Trq|*0&&IDw7T-r&&iv$sESj7Vr)!9`5lli#y2F~(N0qiA7CT5P5xqK^
zY+)s~DAX8`qb8_zj8w(wrBO3M&u+$+;OI0!*+<#Q>bqRcLDv?bJo0En!g5PL6Sw@}
z3pTEb92e9cB#7U;ihEB7Y;^UA@Vj5z#aGoO#tzs*rQMp?{1%#Q2eRpUm@41KcvSH3
zx~wMB0g-|_eux|8zLcui7XCRx?;;xnduASUH%!PUqaFnBQV62YU%B)3gcnH3bpl1u
z*k$9*b!T3v%TtkuS+r2gagsNcmw)QM=ajOafite{>np_otIt0CXfXHAI91rDr-&vU
zwJQ}i<5ZDinF`hH0WzK!v+gUt?G`kz5hSQNH`;^zG&-ggmo#Tw>Qil~hukA-I0a{)
z^xxj-2k?bDVH9f|hRrhI$(@Bo7ZsW7HGoxH1xpS{wH(6@Za?{^s&!j&4UL=Ff3Gx%
z3}P-T<S(Tp+Em*vF7-TfWjRu{X4723tt-YWhYqTS-JAC$AZ-m|@IJFwDpbG<@2}j@
zT8973{2hNJDbuL@piYILR$sR=CL>7yeGkp7UU`>(ZKlS@{u#_r>^1B8GU|rVS!eN5
z8O2Ix*ah~1$#KrG7&dJ-1?3)7`ChK87X+1gvwAdSBWptkh__8Wt3OE_eRDKqHcm1i
z*`E{-4?xk))(9Z0XY%{Y-pJaKj0JL29w2YzVB=(OVB`QPB5Gsp`1{06#`fo)C<hrE
z_+Ke@GB(zKrC7+=|CIofvHq@K9w5p}#{4Ibj}M?Kqi=3x@VgdqD@a?+ATr25q!8qm
zti6qaf{~*JKvq~3plIak_^%>@|2hf%>m;s41}Q3KWN4-*Xyd8@c@#*-#>vJ6Vj<&T
zWoF`J(INu~LAnVUfCCx$_g#6wM|&G5+rLKm=K`Prk#Fc(JJ|jnsev0nNC6;h<ZNbO
zB>xd&hyzg6(|3RrQE;?(GI0FYY&eiHGxPEN*VO%~`md=IHM4XyvImG->Ny$-8yVOb
z8UZAYtW6wE$v~W-Kac%2^RDS-8Xh)F4VW+dKJEUtA}Gh?iFf&UaPa9r8k-spx9vs!
zg|OaMm1&jKYd1FAYp${%)E}YJN#r`yRZNlfx3PlW1%uk%qWQSg*k@WAEMt=ZQPQdT
z4J}L+u~8p)ua0-WUIZ_m?`c&QDvK!0lx%Kp&7{o@w4-OzCD2i0m6^fYq{oC$1Pq05
z4>a+(UavnGI-OeTG^y+&j76?Y284!(Y<YU0hEu~mPY73slQrw5NQ~ON&Wthi1@IH`
zJS2PH9xh1c?G_-lwE4f#{E}X67c<U^yJ#oo;eM6U?iofWTLj9XP`KUsdiTmAW#D*S
zI@Y*%s_A*h;vM6VlI64!jQ^+!ec4>KP-bouVEwZl3SeYeGXK!LR&4FAg1<GD82J;h
z!Z?^wD-k3yDP^z2HV5jvTh|!N*k+950pFNwS(n>k_1xds@Uob=^-5W8#h5i<x|LU@
zKVTMRrwq6>j%YicrHJ=}I(Z&8LDez|!>9sQ(UP22c$v|X4dlD4&1!N7bf=i)j%mUK
zGJ>y$@KETeohSDs2Za5*?ZBLeTbBiM19ET;+A~rLt3SS@1e0=VjDn=oQ@ixs-^4I(
z3U;6>iK0pq<NQW`hkr(X!#~KM^LOO$p!o~=rN*J4>QQ#{_nW>|Yw-a(!|nMaUPi~G
zIu`L#hzH}bUY>}aiW~eYRQ4>cBnucGzxT(+QMn$FH*Lbae<t9m?);br=Qc~#W<7Y7
zWS<D@@B_ci{FUU^9#<!_^J2SxO1?J+Jz99<rwoq?5o$`u%z+rLRqVoMk;aI*moc%}
zkYPAVs^E8&w|D0T68rVU;l&dWsc1`gOJk)C_ek0<>t=B`esZ$128R&mNMWVmI_55x
zFw2sSp+7<r+1=hzzG{3tjm^PU(yTz-SC_q1{#HJZxM<%8;?@zD9x`|wgk&nHKqc-)
zy=;eccU&4=oa3PM0UVk|h(}FR$yn%l7+vO^^#p(LY?xMiTYWMlj;Lv}_V<NU`E=D#
zMpDeI_K*I&5F?@Q_d8ht=E?G*N$)T*z3({VFCRkLL|+pI%-$AkzK=Nip_^hN3{S8R
z#M_qZDQmzrc;x~UUzyLG3|~p46b?PC*l&Avu^ZwP|LtnfJKN0PRCxnef3m5OiTU{Z
z7zY%wEDi(87YeTxEVh_4I5u$2>%L}qK0u2aZjyB=B7et_tA*Xt!Jst4I-YLhmrBU~
z;#2yI#8!1Jm~g<aa$OHQg81DhzoPMdw9pnh@<73Lr~~t%4v(kZl%1SM+Oi!rYr&rn
zhxV`HDq+#5BNe*xDzw*8B~U@P*svvD=93Tlo3ZU7KQV+&Ig}gCLQzyNuwdkCefNkr
z*(SNf#ttPHf6iRYhlGqKH=sA9Q{9V5*<j?{?ofxOoSa+xHn)VHZ^Ov)ZdIGH&<`*E
zAWwK#21w1VGLK_iGO6kQSzM{sIo2a(k#t)MvK>k;NITR&&ZJ{l!R%wDB`4on-^%5F
zg^~Rc1qmLvcjSJQ23K*i#@v{izG|kZ%XE`cu2r26%0^m`>WVj)ICPLR5}R2i1Vc1f
zJ~tn2r&m%;LyO#872WSZxSmbo3oy33e0ZX8IlM_~A|ulUy&HS1-&BHmZC%1dJu)6@
zkkVP!Hv16yc>AYWW10v*!{O&TIRD(8I&Eko)it&E`Xp<EKCN$e>cu7`oz`zQbf_ra
z;FU`P##<8EP<y8sn}jCKy=V;?Y)JE8v5KKgNBS6sjA*}&|3G4`gOz)+>BRyorVsrJ
zX2%Nz8>``TnJzPgsy$Z%k6l+KEhA4W>fB(GN6_c@4!xITS^!{4?uAG`rZ09FmLPTR
zwXDTdVa#$uD61=AO=|irn4CqB8&7X9Tk*F3;n3X-!9mlM)aCs&+7X_A!wuuDWmsY^
zU1nbgO>kq;KJj5UOyv%59`Qk*Q$|Q@J>jq^Y19szJ!6vY`IT3#Uw_SqAs7A%8{~1%
z3w?>oAG#w%{g2iF2ZOf|5^N7f&+c5rN~6w_cWvzWCDka9u}C6mx42X`QCuE*%53}!
zeRdDrhT{Ko&x1M3cs{SOGo!RZLUW;ye>3UREw<tMbJ<YIn8!k49(b2T5^p#Q!yq25
za<%7rPG~ZE%$}!C1|vc;EB6C4L&qC^+5Ac^7Q+-c@;VzU3I}k&3C%P$^e!0YSQr|i
zAKC<#7RH&^$Y0UIa{HBKy_R}q5mVx<4!PB{JmW7QnYHmC7foP*0r4j?)l35$V|!vR
z(qIEo((yLlhqD@~QM)7d`9>$IQH!JXXUq1%%X(9AU&LrKiIu=&R5;Z=j6<dm?BWj-
ztLEEjsUW9*?2(1Qx><tA<4N4X1`R@^s6b_;9)4w+?hN7Jque9-hf?rDbUCtb&y%+E
zm!wlQ)x#w#`vvc2+oD_v_MW84$sc~Kb$fW|1)zOWPn#DEM$mc5qe1^2>kFQJE*1%a
zVoHQuXgJ|aA^u9BY=5rR>`@hvv_&(u99|D)4?fmwFo-{@$3UI4e}X*dlH#623j26)
z7+QeP<ftATfE_gx6H>5-WA$k6%U5@yC@#qelgSbJT{1Y&M1fE6H}X6GGx8h#LH_K&
zBY)50e<FVk#CrqTo*4L`&NZY9?(K#<tFT2+@GvlGanw%4p~Isc1jV$!bnoRg<$Y|A
zyLHZGn)Ut@V;;^2eSt{)iJYJ(tkZj`YhHz~b_jG{)740Qb=vKF=lR_4-9jn}!1~Jt
z`QLgwPkn|0$Iz}Z3~QbZBn`YVC0Vt(VkA?dXL0gBY05O7eF+rZ?#T`8lz5M!*IBem
zydP8kWTxgGU-FCKU2BCcM>GHJA?cpSA#<T4;(OHG55P5Q_0>ViaBAEOywX7OgpdO(
z6o#HQRXTe;mxp~-d|N&w2G~&y2B)+mhN<J2A(q!{hv|sx1K+MHSKf4XQD~-ql;hoV
zGM$V#_Y@>CfhpsSHZds@`VeVr;n(K??K0cMC%J>lPf@HWrNo$oo{VP7^}%epT_agX
zyUwkv%JjaF2MJa1OZdYY>xcK|dz4zVqGViCvL9;w5OX}q<r}|};#x>*piM6EP$Vm4
z*pVQgj9QhE)z5z`16hW~Pw9oivBEjxj3nT7A5lc}6C=Qp1ouaG_dyd4iSCt{Tc1J6
z`tg-JyDISIy}iiST*WPHC`m2?>dQ34w5h)G7a{pz_JI)H4mF20+lhRnz;Xo^fo3br
zNo}6RI^tAyY&UHZM!zx$t)8|iWBP}CIlMxP?k(*klC=wYUFrM0I1fr<*GgucKu4j`
z0`lePDSV7IwHAxlufHsO>ZsFV6DXckk-BbnmP6(HQYO*<k=bJnqu-nK>o!J#nHXUL
z3b*KXO)QtX8LaAu#e%ek*Db4Z??1JdTD_^hB};MqK#BipZr+Rz<+T5cea$jDMJ0}f
z)mojV21*n$(ge}@H0GH38>vvdZLlQjzJWw{UR+A_wNQAXf~4$C910<gsTg4fKzkQ&
zfLObt)A&1jR0FAT^QdWk_m)-nr~I45Mso?3#f~`bky>=8vv@IsZs&>x6r*2`0nH$-
z5Q{ju$}AFQ^+QiFiz)q{S}BLs7b^F8p|cRv{#~ri`5k@Ou;5FXJsqp4ix5~_pxOJ6
znFwj6%On^5uOB3v9oX0`;W$EVcY8*?qH_7*K*`F$X7Op2hg?1tWc1i}m@C*(njG(r
zefP9FhBl4nES;JZI;{DV$EK2gt6DY2LA8(HnRbUJiQRr0a(Gkxz&Q3Vnm^e02L6;v
zlWyc|{M34S!=%;==sZJz1~OW`@;K_4ITS7ocWK068ZU+dt+)aWHPV~k?!}qq6llPr
z+O(d^uAIc5?v>5E0m2PA(Qb9H`caV*XaWw{1KRTYf*+~K14z3qwXv9FAcm{5B%dH2
z<F3DU(b#yf+@})lo{Hk-9K6q|*kX2>juh^|McPpF_Uwn>DB|p_Y~9OD-tO1^Qr2;j
z^Noj7lpq~2im+ROExCt1D5Tc<m_vkzLdw&F)&c9FQ>I)3U){e2A7M707(%)(SBegU
z9~Y8+!`rnPZHRK8@X=Lhr+|1JjU&rB;0C#MgtYMJn|G$cp%;g)txFJMegR-i7HEel
z*%-kj)aOJ}U-TRT_RwT|Q+O0(ZY<y0&4UsG^An7}RDal0^W#m`Q$D;|w`;@Rw0$Ns
z{-m=mz2mAIMtAd&t9}r0X<I??hIiT&?B6HxHHUg##^+}*YRp&9;p<ap5niW)z^E3z
zU)9oy3`caA*v_@8x|83(ush|j($E`fCe<%*kskX4`{SVQVWF*cfa^VR1yyHO?RV2y
z$%-0&WI<F{Je94>T27TCDV~F@jCGI|=&=%f3-3Dh_;kN6zt%%_$_ar7;}=6$CF*1)
zRMoR*YSIa57z+|8221#e$4V%FE&X1a%E1Pb^9q`mkl`P?#XS1ej3(7WBUA1E8qt>s
zuC;tQitaEKHBXPTlThFE_oGfz3ku|bajq}sz~R{|1^tS*Rl)>h*y2ohOqK0!$hP7A
zjGgdEw5jSX%3L5<A+?1avd7V*-^lO&&&Y552l=!9j{HMWe<8n4C&a1~Zr~*Hj_)0(
zA`kHwsEaO!a!gLa%^3-XU_sweE<Y_5tr6E%{m)yS*@@$AWcO~fIvKVZ6`dL3>t#QL
zc22%vUx)ZLE2p&22k^_Okh~oV=5O)fa}fmhBn>9Pp}eCqTVH`Mq8eAK=CS(rASWRP
zmbxDwyulTaXlYd0c=Fw|`V?azM5${2*cB@ag-dSNg32~uiDVj#Ojt(iZZ-Dn6%@k^
zCFg@7zUchJJoM)~(&=-nR_mYdnO*z2eJf=>f?+<CB}KH#Ad}He5_-ItR}lS}Z|3!_
z;ow;G&-A%&14Wl)o91+4f7pp|*p8Z!_fT&wW%?Y28l(m6?e5$N(sg*^P3k;5>hpYh
zZ4ZQ|6M9A~&%do&^?Gl8UiMAO2>mXk&Z2yg|3uwr`ONTMBSO@Z9aA@O2V8@`Emglr
zb>z-hRS)xo_tlPfg3^lj)vrcpm-y2v-`1BQAVK|2(A}vr1C0P6tm-=Z3(FgMD>ZFK
z%<s6<{%Su^WUOC8jKnnNDN(=gx}SH%zd5BOsN%CRAs`CsxN%y*R>8GeCGjqZ%2-1g
zt=0?{y49f44lI8;QrdzWJ+*Fb^#iub3_4HVzYbU~R`o+<!mtnT4h@62_0rZ*OEfKl
zdUoBkMAot=KwiFCgK>aoNtNXR#hdm+msL}Vp#wb4O#yF8wO|pH!oT9WidS_6_Et#R
z8gTDSq*$(+Ql0U$e$~{cWTn{tEIKKO`)_47U}lI+<1fL(|3qd3k+}Sa^ydG%SVq9w
z+Q!jAgADvfq(cV&BM~A4|7ng4{6|s*5zqXe3UB@;fBL^9ykYs9@aA{bf6d|lUU<X8
z4E}!#Z`78h55=(BK5h`-Pm);ue6o2!B!7ivJT?K;CsSv_V?Bp^!x)=fi^ljM`jDtG
zQ|B+WM9v)+X&ZZTP<(K3U)+9<)GLy(Omh)RMEq*ASYii#pSTgp_-@Jy=;0yZA7&U+
z7Dqoc*VngYXfN^X=BkUzCKv<Uddrumt7uEXhK)%#+3kOr)qj7gtJ4^_ur6TRi=+}y
z$I{Htvlh_FFD)p5&lL5F&9IJ(N7v9dDhnOmy5+F_^GyPK8kVbe$Lg)V`(4Csz2Wud
zsV*|t=LclmhSx<buW{R!)SK636<V#VCFynC-JZ8S4E;oVjhw_g_F8RPT24PscH54v
z1Kj*RUO_y+^v|NeT&V2QJd3IMJ`9s0*`(a3yHUA~6eF~2yFJacg^9_&*J?8nQRmBk
zBYt)}llU#9FkCB<KTp(3PBcigs<t1yz>XCzt#xZD(~P_b>-c<(x4K$%Dp`*ekIjiy
zUmQ=VcHkk)yn@4q$~Kg_?S1a1asY!s;NGVrjscE5(Krk!njYzjfy>8uxX3Q2SQVu<
z`xz$I7ii0vyx1ANgETi8%=d+g$ULm^J$qc1)`g?TiHnw6sCwE$1R`aGFK3t^eZZZM
zG1nXxpT{s%28bV9gi5!)_sY(O{9@0rqPYY)n1Gw4P$}5b32<|7>G+0fTz@0K_dg@Q
z$sgp;{5$eb2>pfpAEBY3#GepxxI0dhoXHde#`lkPIbI^N$!#KRiTy`%Y)`0mZAAky
zXGpu;Vswvi_MKawKQo%;n=Vxgi-xm2^0l8e+^QQac>=+2H+?S?E1&QrZSd{rNAgE~
z400BVL7Mi11|@Iv^QN=q*W5N)l9T;+)*k59@-$<`rM)enB>YeUcJB6Xko3?Vfjlr4
z!I5j2AR%NQ*Z!k?K_nqzGZ7InS4p9Ku#v$h%3n}i9C6$y^7!&{b0(2j0drSdSlL~z
zbWrcEN7tGy+g$oS*N#n%_RsXuPdkaDPUD3a9o>I-f=7*mf34A%DyS?h3sPez4H7c$
z;xZ&aejjsMffnzOi&m9k>i5W35?J+C*CNFsm+hS(M@=iWI{Hz-lz*Ag=$F}ODZ)Eu
zgP%s-)k5O*9(1)~nb4<KvuIA;HaU|)er_*fG1v*J4pl^1hfSWrf*-)p{u(MGZ8fli
z9wV|4haSrzn!GPa{MwVbHH`EK=7GqjBW<PqNYZ&0$@|6%>}T(UgAXH1*lYKx%+-t!
zCo84b{Tk}6x86pW4twOPj8QF#ZPN?P`NhF353lw0o>`dRaF%{Ys`#?DCH(blxHtQr
z9S#b~L>?QzYOD{+aU;ldNPH}gv(WoPisKi@w;q0$DT<sScnp4V*z%^+muP(c*`5Ns
z&jG6+O4iRk^S)P!{nC_sg$Koa=(dL(6`+nrGae@*RD>3JMd%V+0RyoTTwtja@oz#Z
zU3%B&1FD*^qqNqd!T2-;(=?g1XL?^IEklCx%h)`Q?Ug8btKt6m52<i%7q&*29w8C8
zRa&g{%k5e9t?PG5V<<dhY_CNsU2J4ZzQasvtQYYcTi9CY1#kR3UJya!apV?2r5dUy
zP%OVpk_+K{IziD^gSX~vnJju^`9UiOd#}6-1t`B$Ek^f^F3v+lqA0oRshPOQ=GVhx
z%&k+WTkjK&O_nd(iQ|*B_PcjP?o4=b<(vAbx1U^c7=)$#w0Wrxr6Lb<KE(!R=X|Xs
zVZu4CAIf4UC+;{sWXRkr0X5f1{fIbEBk(ZWcF>!t-4%*?&mOI5Y_#2{jh|;)!mup?
zJszcdoNR{!-(#t_7cyIbhbX4oyGDN235(Y=&4i0e2sNrVJ|0|*f6{bLQYi%tv?B0T
z3YgF9;fge1&tQS=%f&zKEOcSyzOO8=`|c7)e<Nj{EDEr~h$OosJIpsZMdIw;I-><2
zg;dHim(zrQEC|1#+hnfEa3AJ)(|2A-0xnp7#Z&xB4}-5Pn$v(Moha(a?^cy~2J5@>
z!JCq*YVCmVti7MKq@;)Hst0@XM78!rZTOCsmRJ5MF(*>bR235<z6Z%pXTpn7vNlAo
z(e678N)Y*vQGc4bAYcIlMmJ=p+X<s5+DbnfJdkppHKL?mvQ__zl+SXg@DxM#nWY@T
zwCSN}@UI!&y;hPt4b|UX-iX>^s<54>ejs(A{e~{3)qQ`RoXbc-g9q2uYt=C2(`0Yz
zw6*&o1i^>w4BPhvVy5=awhr*NCg`>1b+&EqN)AM#)lQWlKLLK*Fi(n7E7EV1_VMwu
zL1%;rV5f_lb7a*^C^K4M%Sku#^TyA6>st+e>Uv4%+t0L{T8p^OuKw6j&a~&$oJ=X~
z2vJ44ZZ-+J_?`uG(<?sB3K<UU0+U$x7B|PB<mF?jv<hEQ`LzAS;cgP2R~q!{JU`D`
zd`QEf@`c7uzPk#eT_e+H+VLlj>$B`$tl4vAt`%R<8S`6B@py@2B03MrT#NopxsjKn
zdN1C0@>JcjE3{k^ir3b0*kio<BZ*rdO(lNoJ>g8^j-5?7Y14_kGD9hn#U4Im8Rp6j
z{3Ui!wkqY_r;?z{kbH5~{My`-dMt)8Y^@m<KaX~gQ|yGV#nlY)h^~vum8)LuY=P;O
z-v!FgIqS@r@=Xh)pISL=9`V$5mXn+u#J`~aMt;A4Mt;*j$e;0d<e$Cy3;8*lp`dDL
zEVLw&7LZ#<XK_ev_R7ww1H%}C;8!^>FW=o@m+4H@6G~wyj`D(czxlki8GrPT)xoG7
zx1QmAX1A=PUSRQ{Xgj$vY~M(FS1mPDuts#C&4FP->`XjQm~K?nmDdr;Q2Bc1#jDZ>
zslf{fI8wCLSx?RO?8+w|lEfbt5OB6xg!6wgzp5}#Hm_YV^8_$uv)4!tLHW-^*O0@b
z)+VN+KP=&z3Qd>sa-c0sw#XdzcN41%2c(>gpX;!`Or-vMGWwh7{Y9h{ob(-k>kuW)
ztSumFLjy+*GG-tv69<S4%*@FIVkKjPTye5NXdx$r1qv!aG;%6r5NC$~Q8HG5z+d_~
z0Ru-f8*7O6O-Ww-_d#pw=xECY0JylgFc~>QTwNRKSuz>eSOF}}92^}0e`UQlG;#*8
z0D&MNGr-Eh1PEki1~ZvDT3OQl)))SFO&&zy_%|;2o23535Wt*F?2s)F>_8?UD;bD`
zjR~UXWaH#y0{>43;bLZQ<Y202Z^2|^Zvrs1F>nC5I2fAf{O+udfvJ<Vg^?lP-}IXG
zZ@vD_ssF!w%>ra%2a&OIurPrjI$Jg%6Nuw~F!g%YHr5W#)=Yoz`F~ykAZk*`8;6Vp
zATJ^yEG5DOc^5{OHnv9g|7I9$e;dZ{HNig&gZZ~+7otaIXJ%q$A!B9bWa9Y!Gh$`}
z{!hl?pl7A8_h;7sqyWZ_wg3lPBghLdFf(=lGda3C{+kX%wmkor+L!&muN?lYzGU>x
z6&$Sq(vY7OJ3!RT-oX)~DQ0JbB>#6hVdnprPPkTWG4d@thF8=N{#$0Z`EbCt##<5O
zFBC9HWMqRvI3jSO3@}I8%jC$PvlN`&@(b#h56Q@x7ne6T6}A;{JyHu3lqcwRmEK|7
z{Ysc{MI6M)%&q!aoSXpCruy1Xolu&)rf46^lG$?3RPr{VZz*00QQfFa@S5JB7=@l2
zLoERbReJqFSZzBSYi9>BUXE;#gw!)@0X8fOblaU3eJ74@fMt!yo*A0d+kw%WP`RBJ
zk~WOznQlNb><Ek~Y9aBoI{om2h%7H)A0B-L&bTMS1W4j(>`#V@Lxj_S0kmc&THp>_
z-*ZJAj@hnS6OTkXvqC;Xp*DOrU`~hiNxWj5dSg9!8BT~p46?F&GgKD@Tvl89V8ke*
zHdGpEyNQ2f7l%(2?*s`h;_M4KQaW|1aiHyL-l{<XJ#fBs9DR8ORsGSC{7aSZa)2Ho
zOc>lwe=(&pxQZWcCpnv(wF+rP0K7!z5gz<y*c_8+NDOMz-#&Hol}pAo&=;{0OLS~O
zxYVvoik^VMgmY;eu>{%yYTl0M`@7%BANJ44Z}tcI)BleAOC^6Hf8`e_DB)OUvUk!5
z0iBr4@Kbcm)D)l9;I;tY!+pPW<ODG=b>PCv<1WAj5u1EH)0MXLo8qT>%@}Sxi+^UD
z;v}k>LxoNyLSP5%$D>CYP?D98I`j!-)g<Au#>$b#V1P9msNz43C8ELFqQrH@2@09%
zxQ~fS4pgKbOc&OUF;US==JA1Fm0x?63#R=*=zo+K8%#?X+Va5=RwOeLCi@5ZB$=dc
zt!#vS%ImNA_jXbqBMc&UZpWMq8RweNI9J=8U8-MA0I;}V7`R$5L1{fs0m_FQv2j&8
z93oZYCHQOjPiSJ|Z`sR};oAL#QVAN~gp_oy^>zc391vrM09}%pB<x6b57&z$2G<`-
zXwnMO`qB_S(>`fhk?7F&t$N)oX8>@>cAP_6i8qwV`CHp=ZEKf3Uz}gI7nggak9Aty
zYnxkc@1M4NRCu@}N1xZzE-qHf>s97<cW+$g7Wt3w?xGeC*&mi4E-r?SpRcz0e?31w
zt7O#j3PD|^fK7r%!?`ck!#6s$u{<stQ8#pWKzF*|2i~Z>%Ue{srsN_XiP47V^Lp8+
z3dhYIf!$VSGd+BKqMMxP=i)6H?1BW3LO(>+ceTpUbHcol9MCXQpUr7rO?Bp#q!O|M
ze=RYzgNlO(x<MISBKD*D1R#1Gz3n#fF?$908ac6Ye4W(%RM({Z;qXm<nE|%J95b6>
zd9RpA;4A`yYflU2nW+1arv{OL{}!*=k6l)nLD+0+GZI--Gy?>nHI&d{a<QVEn-3$J
z?#~_j)C|v9ZYvPB57+?i@@VtncxPhyK?WT4d{0P|z|zuTC>1rpl>D%LwVjsh7NO2*
zMRM-CG!Uq*Dr8nWPS7Zy<lR_#lNz7l)Us0NI3`se`+D!k20<^nZWk2wYhCsHQY#c=
zC`h~RUcb_Qs`t!8OIEYlw*5yUTMr$yFjdf3t|ZYMvaUlR@8sfA!6!XN<dALCkrfu~
z)Z#DYAW!ga#7o|0C$9~5x*%_*+|}JSTTlwuUACH{#M-K8#I%o`|3=fkV;4W#I5U`X
zAFY)8YN_IbO+fcjFWt367V8pX@G+FhI-+yn^oaN}8C_ZQN^};yxXKoKWn4skY(DlR
z4-J|@o?M0S3#**pk-O4CzO;tyg<cB%N{AcLr@Z;7yV7!Vq?&Xq2CMuz{DZdCS%Imz
zC;DDST(cJhX}nusQ1>Y}mY2OJ(($cem`SNEhrvk7<YTy#?m5cNYm?G<CZ(*L1`*u&
zO~DRG8nKq2rVC`+K9VM}WtYQO_Qm526SGBYe!5dgAJ#%M3=@-AQ@h!BV0RY<gspi{
z7|wlTL4il7H!Ny7;vbM&j3fUPWMsy{S$gUMYr0g0n!_N(Zie<A&ywZTL&$l`{6gIN
zz8p2yaHirMtE!Jb4PW$w9loQj<Ac4<y_1$!X=Mo8R;4v`<&H(^zIvFpIP|BqLM_1=
zec9OgT1!PK8>;n0(@*j<>GEus#e)UHn3%%aj`1&tg(?Fd-xJ0s+E2<$tHaH(toD0S
z-Wdn<Ax2@6Q1Xbnh7Z@XSQ{-3Hehor+e)jaz44Gf;;h{Lk@<#?##8z>{giW^^1pp9
z&b=&E@RMi>kSN=0DpV>d1>y*-#Wh#F=1OYz%rbbFb-Y{~KReeh^DP`-r}Y8K>yozR
zW(*`bbBUUE^e)%0SD*ZkKhEP+1(U95U1;O?)M4$G#zu4%H3`wmPl8)x>xklAiH0;T
zW9_!t+{H7`Nm_S0&v0Am05cZTgBDlxw|3mQ1}fKmqi@xnlrd*ZjFj=*<ORpDW%#Hk
zAGs1$nWZ5C*KjW0R;SxqnN%ciZ+-IiYm5nb58Y!E+qfd#?6YODZQ8naY5x;n8c=_Y
zL~cEjJNJ%nj?J<B!q|{T@cGv$YrAxHQEf^0A_IA)pnd`Q<whp%Z{&~qXXH2kgZycK
zNB#|+zmOkM0}2Y=PxUp-YZemqDANMV=2?w^$8p`AIp=V56MpiTLB7o3A9Uhjo6tFI
zw4DRbWZZU(%r@XsZk<O2a?Aqke@nPofd4`Kka>8J0YVTm{F^NcL+sATXob00fXqN3
zI|xF3nOWFa>5u_ZHirNG9y2o##LNm}1F<mxnQ4GP8b}cVTU$#rgFn@f(W;p0Ig&wa
z;>g@=oX9L~Y%I*IO~@cwT$*%r$Pf=z5F0`WTSI06{wHtKAY)<qeZdO+Etdw8u|tH*
zU=9{YE;AVj2>NsU&Szl*LegN!nFYe4!4MJ$u^9Y6I9R|Of9m~R$L|jtJ14}_5JCb$
zzn2wk5N^vs#tN}x1Vacem<9B&`k5hRSRj3Z92{)F7aU-S^qGZ>?T-~A8!LnnL!Mye
zV29j+<bv7BI5;6SL!SDb_q(6}_07upyM5N*t+GH`gS7DH49NvSUIm1h{<&rWK}HCI
zJP&E@cbc8^U**|YAftpl_xk`rtRX?1kXZr!>zWlZ6TfGR6*3Z5HpomtmPUV#^8b%B
z2Z&XR?7x^S%b!91#l8RcY?TuXSyTOoIU_UK?_U__A4dFN7L7+9NS=x!O<pst%lp!R
z{gXUy4Vr!F)OR0Xpu4be#D#DYzZ;oJ!uSRRNPWOS<i>MB%Z=P9Z>Y$2B#0(sDs1@G
z{B;w|75UYtA<|F$x!`0D8-|PTajb>i#v723?jh|}yHxy3dFCmVH5}Bd*|0Ys-*s+h
z5Ly0Mj-cS}GvTE-vDX#)sW0*Kz<fPrbe00EyI|*g1)a}9l>h=fP#Y-!d*N+`jOPPL
zp{){>PeK4PvcG!_S~mfaIB{>XtM<kti1Occ(hy5FviHv?<Hrp-z&~E@lg8m~{#t{t
zy$U->yqxFMB{$%0?}o~st57{b({6uZ>n)yR&X-B8Hay8C^-ea`D;;~=OYvrR_Ps_|
zY%=;y#RrdvrNENiOMo|BU}ef2P?^hi<)|rWY;sXX;AKjV&y@sq_5pP-%to}WuSH}?
z1+B5yzmnE1+=!<^_j+>bP!w?Yr7|faTrC0xcWw?F8_hGLat$T?+gm`fM(sN%S$FuK
z^|`G#mrWwoAmw=d($8H)x%x?r+I216Bcpw;@S*2apG*L1-?hy8%9smCoT)uaRwsWp
z+#Z&u)M2hx!%@C5`;~O4jqzyslg%QM#B34It>YA`Dn?Q-ew@j#7Sy)tcriiw(K?bR
z`)ZnMKL{o4eT0>+I~YMWIb-|#LO3T=x0h0UaTB9AzC`%F#Z}`TOQ5P(U`7RyQo+()
zM9#4|_aT{%*t@Pwh!A@6hkZrT9dm{tfxli@?7Gn-wOszm?8h%Dxi^IdU)KQ!!u27$
z=MS;vsa8|iRZTkYxjX8dMoO|svtB-mLpB~yY0TH?T;5z%UWcA+-A^7^>%*6M$(Vng
zeRN+8skd8QY1hur>Nt?O_Ws#A8F}@!gr^hzrjogRR`e-+A+p(op!p{6*WB<VD&0}M
z&OAts|1!<K>dCR-#Y5aHPU@xA$`N*<_JC2@EB4PG-q?Reev3cIpZa&?-+S{H@-t3D
zL0LpKugWPqupGyORPTQg&%GGR-&70GD9GGOm_Ori|GHW7|2%PKy!&L$U7ls}xy)M_
zwz=-`$(uQ`CC<Y*<Eq>1i%B7mi)XtzJp*qFU;KmG!LP<${y5<12#tnHYs|NOjn8+e
zGYO?h?r%Ol1h(Rq+?({xWi%<c97r$k^V87HIZO@AZWEW*&*md6mh3IeybRhE+R=Ci
z<>fINh_o-9>_%oqmb8atAe71_R)6$e#YRt;+;~_Jb;4LIgg8h$4|$ls{(Qyz!VMt?
z07Qp{b~hpe-v{4s9h%vsK#g$pLfp*<mq@wBnC+)e4;K5hcP0-XJlU^xm=jN?|Dzv8
z+)f4m_Tt4r9F6kJGksTB?XO{GC#WgAGxlWG9V4#e2Uq1iZA-kguHt!C<!<9Dwj*O_
z^yV>(8ysgx(^fS(?hK=9xl%^Wf|CZWmdyvIdTAApLhD|xgM?oRH2f)70|o2t!+C4c
zt!m5`h$@<{k0CQ>2Qy7M2W$sQ2k=*tY}rgo3^RcT&{x^+VowshrQT)UU%gAb3%n~b
zLo2yeS;P7sSyZV-6aDeSbt%=z8T6@+6qQGe*Z3~xS?bcuj4c|vtd>UKxFP=<C^$9O
z?%ur!^klZ#Vz_np#$4?O>?EBX-ZHgC@%LtJ$Xwv6!trNE93ARB8hz<@xYQC2d~)9C
z+oAqZd1tn>nrSe1sWXz4!C`Q@0+;^k!^`K9mv-hNjpsWi?`GAx3zw_eRt9N%rQ1H%
z;dD8Wm%5XZQFd-ispH_5_#2w|a8h<>Njo{c&ON#3$C!d}JU&a)mFP}?`}^yGla!d1
z?xdYBE?h_8l7+WstipRv#a(L7F%=E7gu{hs2P~cjeb<<7I>e|>TBx-G0Lh-dIV5+B
zTJx1ni+eeTQ6#n}#i>=bxW!h=`4GN^6^bnOTm77|#lezK3_0xB_r)!p{;8RTW?Dgs
zl@xKQp*SnKw{C$eWEEF9ufkM@Etrbm3x9rZtl(RrTUR6lwqQ;nACc|MY@>SLvMW}O
z^uK6(3)s4vWl?jRnVBhOW_IkD?U<RFnH@XE#I()K%*@QNW2Tsy8DeG_=fC$n-7`<`
zj7FMSyL&ZAU8}aV^i@f#yQ<J)x&}K4uX4LdgtN1xij1eQp{`^qGflg2Ni$$xgC&pD
za_Z@70>{Lhpp$XwIgQ!Av0kfDD+$^_bnRv&M>|Af+*--y8cIY`y(YPuWzlB5_%h|{
z)Uc_#h9+fC)PmA1lY3Ldr)}-P?k&scqU#4tRP$^QBihm3pVSy*V5a?-)>%Z8epuG-
zSyk4g$Vy)>gpXwPR+M|4wn_X0FT7f6B8BP+r}30k{xnu`l$ql;KBe1ASaZRC8e`!o
zT;o@F!@>8B8?G;Ts|2d-))sS<7`oi;OB$L|zU3u|PY7f$Zd<L`jW?qruWj02jk_F0
zt;|>kn?D`iL>9rbc!JnJcC?jp!f_+;Ap}-539ZtlsHoEX+GDh?Vk`gyc6~2Q^wzW=
zlw^eHJSS?kB`rtaf&GQOnQMy4slhb{=ViTyq?zr~k$66v(+z)Kex){1g|0AcfpYf*
z+blbGUeegNDqq4#AD&9^J91qHRH+_T4E3WK7iZ%TjizSD$x7=|OfvdH-I+Un&N0~$
zDL3i_29LATu!2Ted?v8=e6~zgrknMXhv(O)o19u%19x1$L9zSC5YhZ)W8uyY@p^=I
z#ETaB+bytQ@8?@5x;~sOg8U#Qfr;8WDY?OkAUP54G-&~lr$da~rTUZkbJ=%I(Kp&e
zWBa~^<!eUT`@{rw4QmDd4jH<rQKfIhdw~pCAhvu=LnLgA);*KCE0c!r7Vf8TpdHiN
z=A}b=S_kaR=RP7fW_MI7qFB}{dlUT|VcT)z4EwHaJ`#O;(70PAkz9S6&db|ArFi3Y
zaG22d9sD$(y+n%DWzA8#h4zI|9r1c}ePz}*1+Iy#X+|MmBdhRi15JIs*1?IC`##`E
zOkZN)U!OneKa=0~AM&UEJNeHB|3&_$c>rK}T8&XqQN49=G{vBvu8%H)d<P3}S_O|y
zqO!|7I=hytQneVb;kysLMcO!xUB+B9ooT&nI(T}Nt?xJ$I<fMLKnw1mU2L<6K$e@@
zb(&52z`k*<XTrmt$T`7qAke`SL4%w@B;MifFlUKdd+|C*F#8m(&%UQ`vzBlI%|h9w
z66F9BTb0tqMH^Ul_<Ln}T1hGODeu`(jV@`~HK&aYH#Ml<AX|v|_807Ip8(aOssZ({
zUhu@cN-`f^AFQOxQ&hEIP!!XmrY$hDH1o@$d!Z7yo?M>(+Rs#`fpTiSWeiR;Badp!
z&P^~&nj0(v?#C+GWcCRvbA)FEIcIXVP%2MQf#j@Q>iW{y+;uHlSiHlAy+bEHG-cJd
zeJgzG22q9b7Nx^-NlQHFZg};aDXUvwsEP`U(kqJ$O$}T_4RXhQKuNR31Z8EG7ux56
zj!>&B#2hAKczU{c_JBV*mKnGRzRW#};&X#y+=Z1DW6ki?;kXU+@n9eko2M2&!nfIV
z#BgQ>E-oN@AK|&lXDuY-ee4H4xoXR^meFRuM%m-|GYn>!T9#CA6l|_?YoTe>jHEg0
z70<l6vefkS$aw<?;WsvIel6TiaZei-Y@ljq<wz?(#m=K=s7nEl4zRw!GH&}TEtgcS
zKG03MBGEV!v%FA~5+p;bE;UU9a;8m^b_&LnEzo2D9Vs)!8Rudm6!6FaAC<@AjjJ$S
z3Q`!we_-A!kHzK51GQ<*WmrXl__Rf`ta3nW+OmR@gl$#YA{n%pye~j!+K~d9L}MUk
zd|}EbkQgnMloC0}llGT1t2&TX8B<p2lXxyBlyXFpaRR0<?NuQzEr?b*BF4A{v%dhB
zPCN@!v;da@L`n-S6H5;Q&_2mdD*y>;pJb*bfwr`D1&55{%(PxIv9#jBm`BPtF@4nH
zX_%$To`n}uvE<@)n9|BEg;ELRB0x{t?Sjz6KFS~!ATDiQp`(;havzm=0;W1GgK|nC
zi!>T-kP`e4Of==g!YS!onOv#fLPMio{sPP7JUL)?ArBo0jn+4ATaxyT3525jof+hz
z{GA@et^A!4WJKE)w;h8CQ^-RKN>=_(2HGfi&;@qOT&80B#cr$63dL?uDt~7HNh*J*
z0l_GDFoUuSJQaW*g%A0df21y(Fdd{Xi!dFeF557xr7z1ctEDdMFqx$<^DvpEE;}$M
zr7tTmC#61;`YA|X7GORXdVT>87J7aK`X~#~fhd#(7(k-Rr-|Dlw09pV*+BNR#4*On
znEZu{Wa3glY}!C&+vIIu+VgnhbWEMX77d_xL5mKsy`V(}$Y0Q+2V5y=Q3L7}v}gg-
z3l_;ik;<#2pj%~KYEYxHE(K^#S(g%&sBD|G4NuFIyp5u)O9d)a)+Gl~(K00&=VOj5
z>wW?SDeIDg9+fkwgAl!2{@<4eWm?mhezX5y%VNLTf0c%Qv;RXuaEA>j;Z0!s{Ue1p
zVH-SCuC@LPZNIQw0)M=vC=Cc)TcOoW%qDCewGx>!8oUyo631U1y^_?rpl&ZgN1`Di
z!s2I~<c}m&Mk>C{G6r&OsRq&nRY<-_OQC6jyjC%nFVaCdO9?ilWz=cns*<X*9PyUW
zjpezku6b5sb7E>@iDJd*a+L6>YN&}AiD-%Fa%5>=Il?T-ry=vu^DfEmd8T;sYRT?B
zr*QMOW7;8AF`X3vSm;=&kwtY%vwz8-_Mgdb_Ye6~{+;~S-v1&$G!p<Yp^%_(CV`&$
zg(J`!nHpbWJOq6Y4T%i@D@Q0FfmDKQCnD*w!fZ6(DA}>>*%PW6h8fx|)v@?&JWYJt
z1gT81kT>dM=<kvfRdVLWYt%wiN(@T0)-ZI@uy|oOvCG_n;T)bkO}4hs4ATfQAeFOX
zYUYr{FB)?C*r1UyF{(T%I(BrtQ1UNuD#A~SUudNy3*wY=38{_oFOl=yE8!jTS0}|J
z!=e<I6cV0e5C4dLM)e^9Rs(!+fXpyHvaJrGT~vHu%?y;zQKv=nAXM)tr*TYQ2&NCj
z{3xFy%3gw;vz5;=MqX17P4c2kPDS%jh8~2bvqRS@ypqdaVx9k>b`k;kv2N69?CB2W
z^0<c{_@-^ds?j^YsOeLAg+(x<cM9JKOuMM=Y2{fAJ#b8`h$*0-QF{ei3(2<*hTfqG
z%9ur?3V!_+5_*R&DAf>Bl4yNiv<e~C9_o&M1`FE%@g;ZBDhE4{blN@dIqaNbS)w8F
za9xpM!p0Zn)|q=+Pt~1znn<h}V@<-9ewtB?8)Ho@(=J!v{!?4PNELNk)S-5sO-b)u
zLObwKCU0ET9qQJZclu+`G+Ul*7!%pDm@Dhts#L3aUU(?er#An?mzZ*7SN$PQ1XreM
zUa|$ksU<OsAYCv;m7$>ilx#d_BxpNQZH4g#rS?WKn=e(+Q`Xj9KugML_&kZcJ+aY}
zlfu~-#5_te4M9s*H+Q}{U9pB3OR#AxvFp;ck5`(bj(7GumlDKW#s7Gt<=TQJxH2vA
z<=WEPs`3cb&@*NFGiA8p6`8Tb_QcG@3dxE|I4E~9JyHmrfqR0qy8<vAth=WWX~JqU
zp}#^hLJ=N#Mj|QkMSpF_xImQ9>~;WDah<c^=wNx%h4V$HK{-ldzIosCVskA!HXdmc
z2+*8W1A;M-5O@cE<H{u9I7fgX!ST|G{1A<@o+73DcxwrqO@BZuj=zzGq-b`>h@OrU
z=5@_>psbOl(}eS#$jyG-q!XkQL=uRdVVQ49uavT_W-aL4_6zj|#As)kQfb15<PxM3
zQ0o@_w?*&pa#~`1sA!Ug#CJad$$&-B$kv9``H?ihAsN%$H1jema+6Q7u|vX`BAmCX
zDv}b3Qe@j=V;e^4duW!;bKc9gNLksr(cqH)*@n+(P2CWm0UHn-y>E;cNF!YmZ!8yB
zj<7ti&tRLf2|fWY8~&34-Qd~c<F_xA)>#KCn;4suJ%cqqkZ-6D08f&~&jA|{>rij7
z9VU94-&U44uCX8FPQFYM%p*>o^w>;QYu5`@1DGM0b6><4^=p`}1W;ZHZ|bKeH5IM}
z>@xp+8{wP0E^w=|_`EC>@J0+n4Dmwr?C68(3F*1$9DG1FsywMb$~O5UX)jAqn7)SK
z4#r=PW+kkSs3yoCn-tcTyZUa`L4T)pvSXrtykot7uA|q5*%8H&+Y!f++A*Xx`oR6d
zuBXz{1>wQ`8hlc2N+-tw(%!#|*hep<t4iEpp~s!m5zCRX2CoIYh4Adn|BZ=V?n>7>
z?X-1(W1)W7HRQl}Mlb7n)^)P=<L?t@9q{r`Ve;76sBDh)JoN-uo<Qv1u6C?<cA35|
z-|8%MH?NZr8ENBaVraIz$r-vCni<Z`CkDVIUM~^u3A~5)04pQG^z!SSzU4pZQEV&^
zArO4)mZ++c@Xl{mYGgoRKw?;F<LF6}*II7iXi?=BXt~KRgx497t0a1MXK*XV{PB8{
zq<sdmfW(GLvehHx@tMf$vBKSa>1Yl3rgH$jzsm_}?qCNydoT_^yEg}IzW;G@-?kF&
z>ts3d*A;D|l96)64B(T>H63_BC04*y$8X`K`QJUe9nt~PH40<&a9<a-(Q&i6xmfH^
z7JE`UwuRBCCgV<}*FViML9@`pQ5e|^wPmmTc^mRstTZ{#@y^zXZ2C+7tp7}Y`+vxv
z{O{y{Wd0ZV%?1E~kJKND`c07fEW82C@;vNYzai(a-<><QqyHr8*@k=bp7*y@Z@aR-
zwdnhVYgGu&6O^|NtQu3RW7=dGNUi$Ca4m$@c10Mchp*@oCoAtdIqg3TIW6Y45jS?*
zYS?nw*SjrZb|cN%DP_@!>+<EP`l-H?fw;;C%R*&C)FN+njL-zlwTo0SSH_6z(TBJd
zxafUdd_`(ER*MZ-Ra%o>ew~rd(Ma^_Wf`BI5Y_5VUJ5ys(oBxfS#j3Y#pO7SG>~?)
zr06qMz5PBm90(G@F3D0~>U*SAW7MTBf#m}k*fzd=OXsSc9;WQwy&BmZA6BF6rGo87
zB|>FrrA&&f8cD0IaMDtrzrt%7(`*uueHM@62I?lU05{A=V{tx5YG;|fn&(;Pq>jcU
z$?jZj*xz;wUi#ew-mX;;Fbvpm=W;Vf@e^G9>jUcjsW!hFLevmz!c;)b1Ih!`dSnct
zreGOhlE5qgvi_i+qaJcYvKjynQVPl##6Gx-|B^6-BFY%}vA?z<6$?ZOSP{gGzjY3L
z38Xw!5ja>5I1S8*zp^1b3tkH3S4b)VWsj#JAqzGx1SW*IFqtAC0$Kvhmy`q-E(1IQ
z5Dd}ppDRqv0*Q-=2o4S2+5^b>JcTj@_5|+ZZ%c}Bh;#$)1)eGl9fN!W_%4he1Mdlj
z5(EATLfW4|3KHGllN31=O4lDF6f6%6#t_C<7}F4n!5@zWEY=^51%T#HJQaD|qXvcP
z4-vuXxai401^t3Z2o(kR4E7n^55^bJ1=9u51=R)C1&s`002bo^qvr!<n+Tf@JqJAo
z0h9jSfNbz=fFHCFv=F!uq!3^o<_)p~rUT&x%@f9xz!Sj}!xO@j$P>vE%M;2I&lAoQ
z%@fR%*b~_k+Y{Oo-xJ;weGx?fOaNH``V@i~iWrO-ni%{J90lClU)_-V0#Jjn2zLtj
zB8-3v*#vP9aSyiQU)j^yBiOUnqt}z!L)3HD^8utD#-8yWxgP9IiB0HDuT8#9?M?hm
z>rJ{%8AEnQC`aB4m`%1#<xO-$jE~T8XqM1S;7pKAfC-oh6Quk!p1aS3ZwHI-gwNR~
z?=Gi)QLmG=@4Wx#Nm;NAFhUE!AYP9XwB!G$-T(D$p~3Zo#b-kAY?D7Or#?}glePD}
zcOR4Q9@+ixTcyVvg8uIpn4evsO@bLC8V#IQx!a0sW)|7ze`a4VQMp5TCv*;)*Sh3X
znQ_<iF9|XX5t~fbedJ%gUw99n?b7ZJ)tX&n2n4arI~D90K4%J-3zdcM!S5QouA3ww
zdk^Mf*oG`uAJ#NCONg<@&(D{2K%X>sRPMm8R}Xn0Vt?BMw@jbkw&_p0J3I5p-29=e
zK3-INR1rK^$2Vs1o!&=Cpx&R+G<@+$``k5Q9OQ=Vyxo4wBg^4aF>l-isX3BVFVO`4
zSvDs*$R+O-k#S>4ecK}OuA6+m&dt{6p-s8ILUb6Pu^WD|XJR0pH$1bFcG#3RBy)74
zU!~n&Z;0t>d{sQNEY;2wXNT9IkLfkUYsRT{^x_)Eop-+9+?}!=sQ1IoNw9qj@?<XU
zm9Hsi?I$P2NY&3hD!H)VA&V-uIPKYX7ATfo6(I{l6u+5WI7pZRQ09$-4_xtBA05n!
zo4E|njqS&`Qa^%fpE5D3|9qvf&iauyiy#OyJ^F+p;Dom?{InQB<59@<ZZcn`|HxQ=
zGl--o;L@3daV&Q7`L{+bK`n$subQV?iB7KcTES7(9b=}O!~9iq?aC67C$@)`44c;Z
z&#v&b$W9;Tm64{cgOu}sGPC6UXYxDzL;j?HC;!{dzsP^M1ptKpvADNVU>efa3_UaC
zzx+gE*sfJ>{$5#UQ2z&ZMKm)>@KmG;hkh5W359xm=OH#J#K@b&cCC7e=AFkI{F_p^
zvqEjL(-*<PEDPqE<fZtb&H}w`k#np&eDBQ8@k+(&y6&yzU;5L2BYBH7ziv?aCb?_y
z9;SCxwTrrfRm9Aoxf0||;};u3Qn0F@HMt`GEbq}VaNMy91ZuSQb-+SLL|lV+%N1*S
zP*d$cyQ2UX3;2FDUJ3DEBc-G6?>GBQ-6_kjz`*2(>=W+t{_%V19lWbHa7G*-etn3H
ze!ky{QVoH&NHAvMq4;j)lPHpk_rt{nCPEb&Y3!m<oHosFbCZl>ZWW9cc$|<F3mkH}
zZOks88@59mfi`%X)%E%Cv#lbh=%p{GeIyE2MvDuh57TWGk<iN4Ef0B3UA2e%@)|sl
zqD(bxog1ccGYL;*+;NxJXC#RpB}m*Fgqtr8%{h%9ZeECwIjQnL9CJ&#Foi=w0k>6E
zod`XPs9JvG$Y9HmLW`}NrfWUvyy#EK;ZGl7_?jR1q7JzZGZ`YyY6$LYh>5cQG%P+s
z8rW!>Hn<b6TLrVo8U<cZ!zbF~Xq3A*T59+yWHABj$G;n+7)U&MVAoR$F)mruU1??p
zX`N!5wf|At7!{hcxYWvvAI*b!0*p>hMicXKP!|{dLgStVI~r;vA>14a8mzZIR2%xp
zL1<z^!I5lHR%)GaEIT@cEATTudk0a7Q*FU=_s%t%T98V)x#g^WMpY$(nU;6$SEN8e
zJ(X#Zr#H34(fk$4<4*BFTfS>qFZysu^JfC9$l0U()!Mcg-jR|riS%zOE83Uc{Y_!-
zvq5u-eRZ0|-oLUB!<w(dh}-3KD_RD0950QlwjBoEvci}?kLdX(wCnEMD)H*5PGBe2
zi|>7OpGCe?nSMBBBJ~lvo?bB4fhd1!f|klIQTQ3~{kr-YG;5zLxzq1cv0RMzJzk#)
zye!}8^!REL({&KB7~T!Ln(RZaGSZ?si;+Aj!Xd}Bv_z%*ODAYDnK>CvVoWwSS5-YH
zDd$~)BQSSr--SXn$5;moqP(xD7P48ZUO$|m&TY?MSL3%3#`O}n#2lR^7T!9>`nL~L
zZ-I5aaPhwf8EAZthAu_|5xY(kTFofD+XYhF>e&UCuxzOADskg+?C@3H+xlFn5M`{Z
zFOjlW@7`)g(6a723dqbN>f56F`ND;u+CAr^K5+@qpC(q+X!OAR)aVKMsZrObKkNmW
zU7N2dFlkiE@WUd+c*M>7n*&$q?T(KQd9kr<x09m(!PL!}!`Yt=<~2O5X)_&(mcA8L
zTf<~_akOjfQ5g%R8;N4S{beVDtZrB1N44s#R1a;p+LaOwH;H;y>z-Y9DuuOK7E{Gn
zvl%KTdLm2q6!O`%yN5#>i|Vf)pfiIF&(X=1;`WZtH6_-t>4}1rp|OmyylWDj=DRI+
zNwZy3F&^a_2oPO6W;sLJw?!F0XJ5K#G<s@@iVR%peL{>#xWNIFCRT6Ih*8*X`aq2X
zdOtlCYlks<f0y)X_~dKsMI<Gr+Oho}9;25w<!>B^AuJ^d`G%dOpSh#pEw0BzA%AQ?
z7YM%Hw14idbzSHI-Dh=onyq!phR`jn`P@XYc}*3s-#s>7dt~yzSqu&p4Gz5PfW~Is
zQna{qrsGoZeDhMblq`ZJGx3Ps%sppQD}ntacz8RJm&O-im8*x%TxJ(OcrS^FS+Qub
zq;J9|jN_1vVy;zBY3xbH+PurG#wgXk9~%t2HIKSf2jP_UirKXy?KDF1=v*Sy^Yx=;
zy&+NXoH!22bE#=pEjf>ViM8iPa_E>etl*uw<E|)#H&BDbsF#t>UL%p4x&A~^SVQe+
z4i`1!8uwjC!A<g03H(X9=rH*h^mce?#cRpbfvK#ZVZ@_Ok9eO;(aWL!_4y0`Gx;6=
zA%Eh(kv|GD`CsHmt_1*KOdlc>>Ni*$T-;x9;$s~Mc=Z~=G1wdWy`d5HXMFQ#(s8r*
zIgHCdX>NXB(al-s4L#b8SEGiSx^XL@JBe}DUX7E6jU{IIkdM@lIvKLpjuqr(>OkRG
z_{{2-9Xu=Ba@e^n;hvW_6{pi*&&O{p=FQ7en=W4LwjNjd_?NKPhyM<?SGIT|9(x|t
z?Uz%NxHv3!_3iuk*9W|Vf|K}lzPZazs9tu|rW5T(UGUyZ$c?{E{9rmw-f_R)Btx!+
zAFyBO*h8h>tbMJXsr-${2rauF;ZlaP+D_hWIWAZ)SwS@W7Tlj3KES{2<zm}F>$P~J
zh4fm@=eRPP=8de+^>(@>9!9kmk+O?xBC!!6Js!=V-~4B_Z`ZVouM%d}l4ChOZ^Z<i
zJ#J>3k#hyvq3c|#hG}|%o;7kl#2$XVmAAsp!q@M-{->TPT>B8ZK6%mwdhN#mZ9)!s
zVuZcUjqoQu=zhHK+1yDe1;kGt^{D4r`(QEvI^V=dA=zV)f0+h{3M3KM(*48MAzb&`
z<b(YN4AP16BQOyq8awc`=^$Ih*LNP|QkU~OP(EopKAd&!r7E-sPN(8$AG+bMxC>K;
zCR(@_fv5}kB1gpR7{5^VJ!?8+=d;zFIhDHok(qNB3yb0F==P+1IWSgnKNysYS|Kj3
zt3l9O3}QI_g6&R*&>kZg%04|?>%c8wRF`Zu1LELE>ANxb8muwmB-y6CgWeW(w+IU=
zK_m)!D8^M&P;Z5)zK<u7XA9oh#E8%TZWinP2>AXrYOr0F#Mi@U#=`BJOZc?-kfU-q
ze{|%{OhF&WOj`7*C>6;|97HgZvUzeMeR9w^gK13u?Q)>#_$`(z1hg#`8YRwP72d@A
zloX}h9Qqilhbq+VJMh(ciJ?2cdvX4C;CKX$ZVvOVfmVQ1#nZazV)pA+Y3hJ+V+-4;
zvYfj|>Z@i(GPA*FP05zHL3TE_$7+TGN6!Oi30$7&NHsqWo|)CIQ%zCtXbcSuKc+t7
z<g}E-NLJ1KmC;98WYIXD5sFi)y}+iq%#h_;wcC_95-Zlj8x~EBon^k|D%l9Q?nW7w
zXE82!6qjjJy{+N4zIeAF>JxZ{dCIpz=<tTbR_$-<4~+vZ`U#VjquwPh;h{UNkbjbf
znqHkc`KT{}uoAKv=P6PhX6MPGf?l!(6to>z6m=Koc)d-JXN?re5vmohPoTZsl&4>V
z)J<8Ynxw>EWuo7(!=*DQsGOow26&Cp4??8{tl~A3LKR=(j3e)Gb*-bK>-Pul{}5~)
zX&u82nUH_R-|}LjqTBg8aC#@dhwCLHZ(kL<-F`|(f)mSc?0L?AZdV9(DWD<XF#Z`$
zOQM*XjEVDCNy9;zxklYg;x-5UnF-HC#7|FwUE6yBhi>A_*zbi|*$(nIrk@z<T1^-R
zxeiwI(~+otl!+<^M@uibFaJ4R>yKNUdA%+@&ZO<c7>i{cuDVF=5cy+RTyyPix@<d9
z!_L|C*E$<*eYIFjl^;)~E$Z@tfwe#mZ4N`AL$1;J`6Ur7513iFo0$5v%;pBS9m%8~
zx-YcVVer62&D~)-q_RlRwWzsJ{Xj1sIXZq=SLRAkQ6+W~Gw?Nga!zQHpH5l{(<Fjg
zXdT0DOrAk@;^q_oL(Oh4#M7V)BnNBOPfdpgrwEK}gz;erw#4Y*DiWc)vdhnYE3G=`
zXQ}4ElRYbMb3-3HxryD%_(aKzQaDyLWcbU^PW;HnLJP&)LnEdqFJbaq5XG8`@@Or5
z;+w}2)ZBYd6rB|$Hhl+W2{kS%ee|4^gy;o7MFani?#NrXYat;4P0rbiT2G~eFg2Xi
z84;Nz4UG?tvK-aV-(RpuY`b2@BZGFh-#?FZK?+12%QV|F>UDak-FE#+*IuhEoKv<r
z`CT<{taU~15a+?qwFzbN&q=P*|4e?Tf5@Nk@8pM<{TKNqQviTP3`ATiVNXc#Px78{
zOPX<Th8@FHsh(YAqH&L7F+WpSm@iTs;s)amQl;6V^(s9S)ZA=pQ%z0V%i9X<=LGLF
zT;AV5A2e-v9=>UupYRhIyzluucXhDh>D(8d-20jFi3nYN{>)qJbai=8%>OpcPN3m;
zprCN}xYaqT?)&zbxnR)Z;kx(w8Bh_$z7x*#CLk8qawH~Ji1<(WnIQwmo5+TW)#9Id
zANZ}qkeIocI|q%qMufS67~?x;epWnPA~A}J$8WwW1Hh9h%og@e*M)M8B(wkNZ1{HW
zpN$*wNZ!Mr70Nqb=F_J279u|>G|S1)`M#Eqy5C8bFx&gODtPm%L?Q^xRdlv&?GM+k
z@$Q_4gauUo6fo8fk<6g>3WE_NN#07Id#Fk`!W{oilV+qk&N4dgnKVfi06`rtkOH24
z3AFMAada5t>$4)EFb-!ShB&>Y`jDfGd&4yK9BsDfNwcB1!6<t}6*JN(kxPT)9mB^j
zo(jq2Ho4c22Rqk#GN_Yr@+DGkyFfAWJ;iXYwbq>pgEUiiQ%>4-`(ctm{c8m90lIuf
zt-U2olXpxW*aRe=bsjd&B-D5vn%0h?3kOu;TT2UN5(6=*xrmJA_jj&mgf@-1Drcj|
zqwn~a${tatb@gReQZ;tG6I>83$)%M%_A&!H2ccE1%?hbJ9KQ=wN@Q8}lH+XJFjd^f
zV;YUiL^yP&q<(~=i58Ik&hg;iY_yl!w2%4$^McO(HRM@93q|XtKnI)<N1iV+UtB1Q
z6^v)rB1_UK53m0;rDO+UyhLmEXc`vfl|`G!W<UL#4*&kA;`Y_A&Ovt2l!-h8Dvqfz
zzY=BSoRWDR=e{-23~gwl=iHDV#+83bEyUCnw>#s#i7c(^jJI<q3Z}F+*|~ZZWmFN2
z4Gz=u7Gj@XY&r=@EFGS9uLn}mCPvMfc^7M6kGfO^W3}I(>Q9GOX}y1L;#veJlbm(9
zhPS0byW?bbu+^Ve-&kyQeqVg3ET5q&-l*6iG6!RKQCK{wJc-&*Zsg{0uUL#e82V}Q
zs&@KFX8f!b0?QBrQ=SQqdyfMn#8B|E8Z@){NCyU+sS$PtjmZB_igz$bdmf~kI57@!
zBEuJ-(^rm;<Wmypb&>i-rPKsnI#F|V(4d@e8=LbFYr0u3N=(0pQ&AUQej28e?v1@n
zK0wS4kjDe4!tihW4A6)0mKXOW3+c&{SWEz0`JZJXo^aE~5PvF#%KAdb(gb7mr}w(U
zC*xexi`kCwuetPKIcBs&g%0QZd@dJh7N1w>F|_L2+(Es+FM2N%Ow&kzwK%MLo?Chx
zj9VZpZ2@_O9(UT>=ZkC>R)wUOaE$LzC+xF()x%J|#T+2fb;tvC9V1#5`=X4YRZqkk
zk#{qc0#*3}8V*Wy12B~QW#vO=(88an2_s0^5porGp+3QYN5rJ0eNj<SDJ@l14HV&E
zIDdQrznC$sFV(zauyg&@*_88Rp<eY{B|cnO3^k3Vr7Iv;F9E-p$!|co)Q41)Ji^e;
z`iWQiw<<vc$$KbMpIZ!vQ3TP)rq{5+Mfp<!JR3<Qb{CRRLDWU1(?Dw;X;Y<y_$o1_
zAu#G;RA<P|PkPb6-DrqJj##X-N>X7Lj!J^W&?r*Kvv^;ilq;{OwLzY$d$va`I4CKt
zKlTNrvp?^#{@(i>L!u<1!G>CKn^JP+p%xkq^@7GOo5%76TgD{pNkAk#_=`09H`+wr
z)7v24fq@8tP4soC*Oz$Py^Oc4H7Iq~V<F!F`?*yA?G#s%cZjtj&_Tqs84SYQmXx2u
z_KsT~cdGa>B9K>cENYu8fmG3%yke&l;{_c4N4}fPQyNYoTAB541PL7?@;qM~!=I)!
zsI|w3SLu5Tc%7Wv2*18YfY~v9&bQ#r$T8-sgkOpYnobk_>+@IsXYxD$L;m=GCqK&j
zzsN7n2>|H(Wfb4;S@7F2Vf+}*2re+UU_H&ljUSb$A`Rzi4lB~kz!W%awuYb|zdwyO
z5)gtb)C|QpKJ$wXJ9gS!rtI7bEP(+d=i5?;!=M8tPxpNn$}ZUt3D?l_HWAvet@3h~
zHs?}zdlVru0mAqwrAP4|**eDFc^%NoSRl8OOGi!T-jB{1idV<KBhE<FL)$%G%W*eg
z-Erp=G)iDojRms~Lw9&#mu4IJ(xFcR!Bm>N`B&tQIPNltqiJ9s8DL5o21UN_n@>IG
z#fA>bLH@>wxeQe|GqY1u^eH#~IWP0Ic_PMox^Knr>uw9-k~>*QDB;K+n;s|o5M!D?
za;{?NT~|8Z@k69<0#zLrmNI%#(Vc>V8tE}Y=}~E5o)nj14_jm_Di5N>nOxa7q_$e=
z-trMF?Gd+%4%}too;+a2;Mo<y3NbDT4@=g0$JVf(r0wk}JW;yrtrutTZbiHIZPe=i
zWM#yMIb63}dutqRzjNog@rt0mJpsN>zY*zCJO}5!w(iN<J1my(XHXR{VBMwJX!yAA
zA>6sLE_LU%<LKP;G@Vzcye@jP;P6GpH*%$DWKdS~DCpPX2qd2-W{Z%7+S|Yb{OACD
zf{UM_Y`y~HcfFPAtzpZ#HZTiP+wcZ5!jM{@TVuh61bZW7%E7sEI~Dgtuer*r5S&gD
z5q@TTrE|>Qv*UsTyq7th;1nqrzP+_*JL<6ZD%I}$_lGUX8+$sk)b6bh56sN3TC+~k
z-hsTMZ(OUa-1C}|g+3AzM>kU48)^)k7i+LHT5Dk|O};TLq3<WHU7q%Ktu(vAa;_om
z?a))LG!y^2Y(myy5PnUtBtIA0ibYK#babE#xVxi;ttp4yd~ecx$nw^}9+1wo9Kw&C
zeoQi$#fN^4#S_b7Ls9CkhIz?lMVw!lAf1C7r=bxm9sMn;hUk+^=fh0vRATB`sI9q~
z1OBO>ZzW{Gl>2jCXQ|EmWn<~(I#q~-IQ&QOIv=%@T%8}=s@_I!tc5UauX5|d1Q|-z
zq{KqsE+$CUe*bFyf}FoZHt^ajc5ylr?@=Kwu58q}gs^Ia(KMPr<|Y<FgL)5qGbZ@m
zih!C4B}@P%Tn=>+1<oV8^$qepTwA?KTb)(?ZwXthFs@+WNth=*UBKG5U)F?3XCV~j
znLUdCrDP5XNZOSLQ8pqEXO}q-^q~&8<{qo5GBm{qaH&Msbqs><%>?Y6H2eCpP1o!N
zM4EVnR)A213cqz6RC|Rl{-}|3gW?}}YpLHB4w2A^UUxDcMVcfbI6NV9!_pUA3GuNQ
zMXSBPJ6lZlI_}k0S=1hMQkO;J-L|TwN@w1`-=}34i{}LdLAcal*Z44M$}-W)JR&{!
zg%o?MY{<tdGVmi!C*@-u<YSS<XPp$}XKY&57_ewQZ!0|^aC{4pV4evr5?tCC2qyev
z&vwopCo$emJltD^t**J7^IedVKV4NL0bCUenaPp<#Q1=s^0LEJF^P}ZV?yZQWP_W@
zp5E-XLS8%;vwXCAo%!5n`)U5}HQH|N^`huzXLdY<kIOY!DlP&h#6df=wymOKnihAA
zs&nFq#bce#WfbYa{^UgPVvcivg=8ec)*;x9neQI$8;%Qx1m8+ly%Vax@@8vd#a@*u
zeRJHzDv-U^sNG6W&ei<fObGxIDC^81aRf0fAVEvCh=c`k`5(u4<zAvVM{su46igVZ
zxsC)ea8%3^;?ui9Uol0@saDJ-yGpu%?I>K9O~4jqmpNHGLyjHm@FFXZS8ny51oy3>
z3I1}Vs$Uzjbj6q4@jSs!@<^o!Q1C@@M1hY<;6!C@_jI>@s@9-JqUu~iQadTS!YOSp
z%|^`}U^Aw;th2=W4S{L~VJ)y50I-mtfQS^20Plqqr|i189B03%B<BxS5dR@9OkrZb
ztSZS_$KZ)Vz4Vv-wf~v?F8`1}?%&CeRsS#Yf8hcEP691^sE;J(&&&yCI2JX>0%8|>
zsx>h-FGlBQ#l(q(B;?!}=Gbl~pRgQsD$}(~JeFZ>z}Ko95i9)|S&A^vKX&pR#AQ6G
zMB?<exFe>3v0Xoqd$0z*7tx^@y4jkf%jv@#J7G;&aJBc{&<ia@BroXddnHitF9L45
z+cLfc@MA|4(C*>6H7~j9EY7gFxoTajHyi#LdGE5=5To)K-+8X)?<!0}n1?y8M^f_p
z)V$RcyX#NlBw)bgkX=SFwA@@>O)|EuVN2*o9ph>lwZ_xYIU~1*dM8O$KWeY7bkYci
zXTT$BJ#09*+%(}+ew@F(tXorGIDJG|dbWreF7Fn-UdL9c1T*TlSi?T0EK{+z<v^T~
zY0nsEZNZmX<9_RT!q?j!ZK8XRtDi~`ny!H5QexiaTEcS|n3kt(GB8@VMvW6%pd718
z8TUIFxvMzQMzjl`Iz%I({wP<f+eJ(!JMKccQgA5T$;c@{Oj~ZTyyT7zzd<>=6zbc!
zo2iUjrli-Uiga5g0|>%^rjlO(-BtZ1l_OIAUShr?t+UzLZ0m_%_ju9i-h3#*W5Va>
zuT%yj%D{nxN$h@;txltnBEwekh*<`r4c$Inv!W+~*6a(^c?FCcta$C()CtSisTnW=
zW(D5XIMZy|WEB}MRrREDjp(tO(?E7(X0c3JB*Q8@8@b-@GPn|xL_Wkan@VZyi_Zev
ztp<tRp-o$8lA(OtRq-ZBQ)UzaP~TrDRy`Wx7IR;rp;3b-bEJ;o_71Rne7@<btwy_K
zm$>nT1tUhV{uuOR+hW$bknswP&BKgNaIme|)cV%oSusW~GT4+-$c%s2qOi(^D#g#@
zQ>ckl4!`n4E4w!CrU#m{w5bVyrm3G^#kw*82T@VZg5jta{kD^SoNTZcjSz-++epb^
zEZ<bH3<rt>xHUccd-FJPubNn*Iyvh1mBzaO9`%=${UNT08$Nnuq-4fSs-92Ip^IPm
zsFbd5t`jeMI8e=47yAzNwK4G5D?CN!klym*=FvF!h0kmH3+PC6jz8igYdadhVb)nA
z7F~U77|e+;ko@}0aTsmZpJ;S7%*>*~W=YdgVts>L^}UO5uTth*ICIfl{Y!#%k#}L*
z(Ol_fM|2K~yj82O)c_Dew^PC^$b!GRgL985C7Jb?mV5_&8&nCkj1MELv`?t)@BS{h
zSwAy}pB14@hq<23X&c{#2xgJLBRRjyl$lD4GtiD()%s=YA>+?qP0;Je?KXGjQSN=a
z0h6yIR2JkG_}SYm!{LhLc2}$;bA)yf_-LRBq@ii!Fepi|A=8l|xOgj1c(mf3En~3;
zX{99ZsamV+SbMVvLHM8w-sPk=&fS^9bE~qK%Umql=|>T@cF)!|HAl%tqo9aUIWRmP
zxY)MTd>YjM7Q`1E04HwcdMsN0OLwVC%*P=Tk9s3^1plW+O@OBq$1poA%7}A=Ym!jm
z4AfAb!k|;4nzXf<<`l?Zh^L(4YYju#@{M97yK-3yv10#swG188vu?w0b#JYErPc$?
zk#DJcR<XG?0bISukhT{{wqzw?g0x;h=>$~8I2cCOB1u+GU~P$na&?t5jQ4e!8w=p1
zs{-2!2XhfT9KrTLn$hyrLT=ztNI*`0@tZw9yvcsal#O91aJX)+Zb^0TWO8n@gj*Zs
z`}<Sp#!@^p;X^va!{SRryUV?%m4?HV-l`y1OFOr}Z}Y*bUjJIQpqro&^43o5?=v0v
z*2v~)<h8EWnDj29hM+6a+3FfQVI3a$<u5FLiEm)M&tu%^fY92Jy1-8?QdlTjMlEGk
zirc@0)HGVsDjcy$9$mGzdXK~$l5w>*8L-QB4C5*Cca9kE{VS$uhT&f?*LA%37P#7{
z__^OUqrjLF5R&=nTVs4-o)MwS*2g(BrB8-xEs*clnkv^aPD`2n{*u4(Ka=0}AM(fk
zJNXGL{zd+TO8~$Oly+w)`ROg9^0vgdvR#auE7>49&|li>7As6##+i0=f>SL2lna4R
zdP9v*nx3dAQC@j0vvNAFiej(0717aRK@q{x!X9(}rQGE}oXck0%&d8v`L0OeU;-bO
zy*o$_87XPoFfX_g#rEsXJ<_Z&dmX61UgP56suWl_1u`YGEpxOKT2AVyGH$zikC$#>
z7&1g>G^4(Plg3;1vNpf~reYSSIk2f@j23ui!ez*6DjouuDRdVP^75!SG1;{sC{JK>
z3%sp*71U}kzJPl+ic#>!0>1~UTFqLwa~r$Ob2bJi7o}Qi*!0@KN_2RoeVN5hk6y6k
zu$DD1_;$BMk1<a4xZV<`Y}1IJKWoDy<dOOvF1kgm<I{0{Kj<TGmQF}Eo;fxq#)b+o
zG)~1eK)_62*)#zde#o6?P(>rtDCWpom;;N6=N$Dc;H6-VFb&S|JDg9PE^6zZ{y2L&
z{%P!F{A2gs=%d_=P*xm5$U8z=uxL~Bo?%52Vq)MHW`aL9CgMTujbF2&RM#wz&vRYd
za2H>CQgEPQSxZ}CQFAX5PI5Iq&dzXHKSpftd_iI%3*YZDj@<9GIuulua8AZ^@T^f0
zJ`3BAP5g{#-FQ0+9zBdductMcwonTBG@7~XnC6b5=!?0Rc-Dt&xr)aLtF8yq(E}9a
zo@G+PH&?sk7p6C;wZo8#;~+`o>A4i>U1HVu$txj0G8v6<@Z_%BOBo=ecp)X9{kZk-
z(&Du<fNZu=oh=V%9{Nq};}&34i)d6n#JcNd%@i}X_}m<}KA8qtg8!xlRniHyTx;l6
z{;h}jQgb#UICsHYG(#yLh)kj>fo~SHrCfNl6IUUU(5OPdsf}df+S5V;o*DfF_6rgP
z=o<m)>U5FA<Ecn!ZRJEO4dR7!&PACVirv?!*w&~Bj3$w)g`=h}Eb^k%d<8~71(aKk
z9VzP$^2p+*uwEN)^!=(Ulhso@)lt?R<DMM#jjjt^u)e=4o0cpn%x)Ya1Z5FboCvHA
zYQOL}L&;&G5o$M9_#CY13@K9bS-iX0nkcxA(_I<v0hP@PkWHRv(citIU?;cc5dEtR
z$~whghp4k3V&w3O)p)h{x2jz+%LFl8-pRN``=KPT1b{9yy*Y~D28Xb@Qm{~44Y*>l
zr0`N25H#q*P8e;hp@F2%R-Pw@EdKdiu#K`v?jTZ{hzmq>a@arBA?Dp;v?VTyt`yg|
z*_fxGl(-mCnKyd1KGSy5TV~3$sM4lyjGE+Q?yW4l6s7&41w&Wj%bPL}-{Fd5nYzW;
zr(#U+gU9jPzN(PKYr9O@-Cr`?x@qUn)n^MpiOXr*%__%xiHI7>OKro9SIB<E6ONXs
zE|O|Qu2}oY`-|1~OlUjOWdI<rK;&u3Na{<eqsUH}kB5nnrwIVP(Cmw{G6TI810|&4
z8=G>Q)Mt|<&Mw|NG^c5bhhQ8r8yEFj0lqL31-ilcs&wqVW-1!ePrNMVu>?DJ&dtso
z)bLFrRkfImjlQ|qbA9*LWH!#`E1MI`qK&2`UDhPi{;_^gNf}<bnjN8xv@70St_(QQ
zd(2ByWo4PAJncF2URd$WJZ4eTUmtx&3>6+;IOPRzMdQ8)v$ezt`4N7m_Zyl@(OVQG
z6Orqbh+~e!2W#&%P>ipRJ47#Kh0#N1{)%A3I<5f!En9-!+t3&I6<a;OpZ#a*afNJt
zFS}_^7|t>iQKChGHo|q{z%*;b0ln<1TU5zl@RrC%NJnfy#B`Df@@ce1PS%02J0<rb
zU9znd#JV;_2bTVfd`=R}$Vm(n;0D}WytuqtHYq1qXS*EpOVyY~x!N~J{UtvYrS!tO
z>CiSAxdq#->Z7}oai?x(+qvm(-^6(>QDTP#N&H=!?rMpB&mMv%%cF4S8SV8ycM?#_
zDsMIOmh<c>ne~?5kL3@-f5{J>0SowW-2bTnL|U6vl#jc7%@iy^8~~sJ%lk|IJ)95n
zBmSj7SZ5E<U+Skvu9hpJ!U)0>0RVrcDE?<D`Tt14{@<iTkrDir0;>2gDU}~m+Modc
z)c?}rzcl)*3seP^`#)Bw``@h)8NokR2p8~PGXemxdex(4iYwrbL#HWQEnUHJ6a{vP
zXM$9-f=>gKHqmUeVOgC%A|=&wiR`v3{f;C=|K^^P!s_s82Y)w^vUM&fgVB(O`YJg?
z+eMoHYcyIvyj763j|{Rl>^dnWO5+kDQA@3Eql`n6Dp7h6C4qzT9Cr)2Kq+6|R>@WL
ztnR=8f))qjmsuD(A<PRgPqjymL3XcjG%QOIS-Tp(2*g4zJahJ4%KE6@lb`;Qb=W_a
zHA?HnfR_A{j-H>m4%0%V^-Q&1UNed`M6L4#s2Hg;e-yQd>0d<tcv$zZ?E}#s;#P6Z
z$jC5j&n_}IdXw=`8mN^<9xutNb3ahDRez_q2)5UWo4@qJu1ZA78=QlVEZaEU*HU0H
zZCJ`6Y~{zrx^PLH{sj|(+#a6p^K*~oH+ii4x!?_fd0Gv+bf0HhSes<4ukGxDf%cS-
z6sQb*F)q^Yv#HTerljGwf~H`>^BOg~Ssn~uKlH&L6i4^e8ThU>fnKH8ULunvHyv*~
zUs(3$k5)?!S<YsUGOTQi)2;{(0hd%;R1K3yr^JEYdwHwygLTfxmRuTsf4~x_CpN}$
z$K=@^7RaCEGby&6B~II(Ut7N}Kcbhb$r^=?Nv?s(7jA?12xMh@ldMS!GB|18!}YO=
z5(|~z2C+hLBcX%BLE!*t{3_e_-DKovAzTwuFq5y4h7q#aDgnZb5!GC%GX1QA>98X>
z7yeGx9))C*-{CeUi3N;_j6Q>nYv4=>$0r8&^+q^Q-g>aSKmm8MY%RQ@-}Ja+#&5R#
zE{IEBunW!JuqU&hAO}&GY<)8ISd;UHYZZP&hc6r>!Z!dj@{r84u|z+mJ^tt|DAM||
zl*4DsVpY?~0R7_YbBLKr#t(~OBp_bXHp&4uo+cASPO}ld8-^Fatbp)<;Dhl@@Ixr#
z`K2~R0n`r5ac}e(&cS*>ium)0qt|*PSHz|B%FdRf_cGh{BCtorZ}M_acFUic5FYBn
zXI0A={57mK85V<VT1I4~08pW#tf{2leJ-Du0=lMbwku)b!#tg<N<^d-j}`E}`9o05
zRb>$~eS)cLE|{2YdHH~V5h>OG&DI@7l1;}~Ti^R=?yAji_L?tPwKSFJ^ZV_|^ZomN
zqrqu`8eK*gPt6VEL)3bo2j(aINwmNSGe{_e{!5P4RMJM$<4;YL8%AZh%d|u4SN8gr
zBe71DWv5(VoqJYzlPX^IvX0-7LYG(s1?A#12JLSztep=;ez(5g8oYmp$ybj>M83(+
zrPlBKne|W_JhR=dGL188^6=)X+9lkUD*BUTu=bjoY9XA(ZD|xMUW3KB2ELFI^^6Pe
z0Jc+Z>IgEO7>zChOzxM14?@(QLZE#HB|{nJE;^RQ0Yp~xvKm!syQSVEIA8t?*EzNP
zOgP<MGploWGx*j)Z%08%)-;^^YX+K%AklNB!|)()r{0v0sgsE_`tBJO)^#9t&k8Tr
zX#4m@`gx&y4!8@dcgsF+FhNgkEeoew0uiRM9I}WbzE=A@egl7?I#S+w+0~g}9HcqY
zVdJL`ibt#?qQZ=WD5RbhY-TRq+ejRPTCHLJ8d}I+Bju&Wk8>2*NObSFc{Xmfh28iQ
zBe&tzPJ|*R+m8+r*?8pY=-IJCw50UbvM|nF=@}=QGg)|InfhF5U(?{(rQF&)Tvy&X
zZ#C|qWsD_!GVuuY?(Tm*%2nUVmsw>A4ll6K#=u9gWySH|#)vDM(EISIimwkTKEO;h
z3OQNODup_8s-XCqkK2_i*Cu*=4N6j|ss<r`nRNCo9(U*+DqT-LAAV}o772M(A#v0?
z9#9KPE7gPX0zPv`au|_XUlqR=R-W106m@r%CN!?0p07>E>vEB{x$txUwFf&TumIqP
zRry>0H>>g;tl%%ncY8lb{_j>LiYi+X7l!Bl;O{bk;+u-x7vaCXj|&a}_VN3#3-7<%
z_qUJiFdzL7lK}ug{`chnXwd%Y|7+EM*%-ufSiteeg1_~DvoWhs9{<>ws1MB${%Y65
z1J;@Tq1A_t$x=iGyw$IKtO5f#{@*qG*F(wwyYv5~87si?A3*>B>OU*w{(BwVNBjP9
z{rB*HHI<QEH=ly8x^vXVb&9EMu5Bcq`ZAxX2~1vf_?Me(H8)~(+wIx5&I$CgA}o>c
z(@f={Ek+ypi!oyPva?kAGvu?S%ejJA*mLI#){;&MSH8raCq=!f)+u08tQQsZXWD1W
z?W*JScW_%NIIP$4V$fiVAIk@lXQj4}C8VYos2Nc-b=Nm^HTW(aFC4!vKFafQGkaG?
z&XAv#UQl&>8b9xL)$&bv5So}`3#c9e4t*KPRD38S-9f%7eRjt2sQl`8TSy^SIq3WC
z#pQE*dHMB(fnsZ;LUQ-D>SL)|{6@O>Rq9pz&Ys|>e71$K(HWc1&15=@zLQrE!jeBS
z&7|;Q7)b0HI1OBS7Mj`$ol0np2P%@61#ZvYeQvTeNVK`0_BMPU-xi2zVi#WQ9`B2(
zHT+P}Hu$3%Eat2Iys9!-mOMLA9j_U^yKA2}J*sWkc)_^@E!c5wJAM(|`Cgara7Te&
zSi6BPTMw<!>^mfEVC0gB=!27JqPT0za=V8`WC?tlV*J38;!tOCOxnC{#3c&t8{+7<
zB&vpXI3(`ed8!2KFLDnA7I$c{%7QV-ts#HT>L2Vv`2>GYj`@7DzQpi3(bXfuNEaD!
z*>CJ*AMy%Z(p<xcia(j9$K8;B4Idzew3LpYFl08c4w(JIoT$D?DPt*)@@90tJa`{X
zvNVOZ_j7D9cko_JazL9xHa>LD%C+{za%WbrJT9T!#?|e$in$_E&~CE&BntT!ORsm^
zRVm~ACeNYr>1n)hV5;%{ySEp}quc$@gnOj)6y8_!{LSrIiFF?5n^GjI?0(fn-}|EZ
z$ThSdYs{;6H&w1{5AKI9DLqYslaO$h`Xs{5*%Vi#I2Th9!3u_9R%uFA9BNg&bQ;cy
z^l_Rali@{_rL4pXN^o;(zC~5!VhkPRSePf~QpJZ2p9&he$c70=cx}(5#$u4C_t=Ac
zgcfm3V~M|GXE%vIrDEr7t20v-|3*j*zvxT4Hbt56sLuE)ot1rKebDvWz+I$tT`y)?
zw=Dq1YD=)~<RaZ&!@jNEd1h@y&f`b<rS>NLauG6>;EC=Ew~kxV7dQT0dbU!7*@<YB
zRd6Drj^Zb>c!b`~#IU3hwVlPR$$l6_)hFhw*~gDh1P1kIHs0D8{oYT@+@ZZsm4hC(
zt$t<LX_L@*$b)`oc3RV}XZjvSbw1CHoVi_@ouEjfH~wg%PKd~gkMnRv=G#TnQAFh-
zqHkT7NRR8HHu&{B-oVHidf9-Bsj|r3Uuo-n2T5v|S$Bb-@0XSw%!Awc0^cUimCyFq
z7B+c^2D)zY8lq{%JLvh6F>Uh_1Lg2Ny)io|BC!*UbKWe$8b`t7Edo%yY6KLFH)SAA
zbD48^G=!CQA%MF<(GC!Ck&vh_ej0fa2s#B~fpJ16q7Xg~%dCvjQfZM5atiLD2+9K(
z+F#PE-1;Rk)75+4a!2k;9<yA=E**22E8?Y9?hI6Y4xzRM<vLS3&zDy0zZpxGoiAHN
z6aN~th&)$)wp=S)BjPexxa&<)Bf=exzZZB}4;znH=zL!k{UbZrz4Veupux$X?Dqz<
zAaoHesY4++v#=31voOPB+dZ)uhIq-(ihh|JiX$#Sb1H#`1LR5k`1)h&4Yuf=IqLwq
zUnL6pe{uHKQE@C$qc2YI;64Ni?k)p_5FiA1cXx-u-5r8kaCZ;x?(XjH4v*x%bKgDp
zt#$tR)|%N<v)6Q0*RHBxb=Oqyof!X}deB6c$yj#cV{C{(YzQ#Q4@pTl15$H)ydyh8
zY4Zb7Zo_6Ar>gafPZbkf3ZQM132<Sk1A{3QKoPTysJr8yhSakV8e@s1g`J66QWYwQ
z9N-*o_(P{C&Vm33w@BY2kL%Bzg!<p)2mK{~_`k_dEB6oi4c_OMqG^ZE`l9X{xoj2H
z_{uGkxsy24{r9N$?lRPAFf-#W9mJdvK8G5^*h!kwc`Bm@SnACIk2hVai|f@_$dcuc
zs6tagh7LuMXLH)R-lgumb+_5``8>ga-vpT>W%+(y`>cK*m5(PzU1$%rkln3>Ce!d2
z&oBww<o_m6>97HGrpb&A&xUjmgPl=r&HeZRqvFb7lyy-)36lUuGdRRwKaQV<0zLH$
zy&`|SKvi^(9vw6CcR4ZDUkWqJ9Y6530S2t(Bj&Larn*$6qHh=5Wj^aBs_C(Kzf=e{
zopEZjEl$`hrtTyR%psjlTE4RvNpKr}aJ;KX9W%UGIDyGoIbWAhlP#Q>m8L|MMc^wQ
z=*2CKuE;j&qH|9RJoDUr6vGoJDmm`v+7K{rV+-OEDd{4=@*0@UbYWxv!3*WlqF?V)
zq4t8fKxUdy8bqhI%a|>LYCnVX8jaKMPST2pPL-`TqCibGNwWf8_#o}5!cq5ZBH9_l
z9YEX~9%6=vX~ogmopiy9v-FE8SK_B%EIV0a*=FY@{CIEuMcp&vq)u3K)~%E`n4C|z
z+V8{O(&HTnrIjXsIVZ)@yB}o<c;~;81Sp619v(*a9-wb<oMVf=s_%lYV#XTx(6sxe
zak$+jm%W&&N|<6Auo@>T9-o}7&f@<lZE(J3Os7%IWih>VI-~B<XuQaq9U(<hmF{O8
zW34Y+q$zt^ezgB(r=d2sx?^JhviRi0s@CF>jmmNxMDY>Hk6Ve2wH#HD6If!HAB+@i
zmV%z!%%A#!g}i=5e=pn+IF=L#3(M^oj%`o2R6}6PfBbr%TcbuI=tf)T!<j04p^6cl
z{T)$=mvUEFhe|+*kkV9y2|q+dX4prUpi_=ON7_%AiX)~f?vqh*&4{;@Ik@Bjf9%uf
zDiFclBwaipCF$wg^=8KUr)SRd56C~r31~?Oq(R7hO`j#lZOgJQAf!#UFl)#A#O4gP
zPQzF`?5X>07T5h0S986y%PwpMeX}g{eh#9VGqh3??vYv#V5=@St0GCTW)z!KhWSi0
z&~^I8Y0Ouj9dbbm7S+%`LhIemJTmrd0JckatfF>q_Tg$6aA@8{a@Bn}G572e-6fm6
z(Z1~HPQ#2)ynQ5JOS13}T8bb&MePk@nOzGG0I`JZ<vPOs7*sae_M0iu&ow;QD$stS
zGFKPXo}xIPf$A3O<eaUj-<X9d+Bn3w9E%N~EW<IN<E6U+B^mv4hH#-Ai2%CM2ej7R
z@IzLN`4$p7(ZZ({4t?Zaz}TdxLcQvorm;Qm?}a|nyvfGX|A3)+?af+bEp3vR132J!
z*<8FeQ`%*!4IH!5u4RL4f^oeKH`?41QFJN^b|&y(Sjc2I!3~wZ4G?p1C0bMa66wC1
z;;QDH-&L@u0dclFBUw%}-egx`r#DgVBqS=w_^U&dF@}<VI7%YrEGeb<98Ff}B@ArH
zs)y+uv937-bn{kyN4GAcptR(gVYkZ%7i-P*4G|U!Eh-?$iz$aw``f1);ewdnA1q|(
z%rQguhG;QA+lj+jzZB_(&SuqWmns}-)zV?PUZmh88;=;72<0kT)L_O*G07G^Q17^%
zY3>bw#!+k2On-aG;5X_>ao2DybvmovO-)h<7~uA6jE0%GIRy0Sz5Y7wCt7#!a!Vt~
ztH#Mh$ppe~RRaNATWHBUOhz*GVs4`|+o;}pZ2X(aSZfO=z@6S(%9U|RR;_5cR*Ea6
zs{}?wKznL%e3<VuI{$F%VBEd;4;RrqjfVDTaq8Cz`Aaz}7asl_4ZR0}h0Tief%-5W
zBjMX?72KFOqPL^D-pG2+DZ<Ht>tOm~Tgt0uJBobI^BUJw!MeO~DLKWR5uC_5OtW2#
z3KPCyuMu$aRW{Tc*YiP{_V~&S*S@jQJv&-AcK23RBdm;_?aw3%1)V2o&8ay(f5?yV
z-{g1xOa8Eblb;#(AM)2LgMn#@j+!+^Y1wWJB0ypfVypKvVDO(FX&)R=BQOtu5E%im
z9%Pcox);B_3qyNe;9u@_rgU44FD`r7LU(XOA2xj_p;xb+SsujCL=|f3xY>;8Br9KZ
zme{CJ{I5B`^E2C~J$&Qjzd@X$QXGB#__{ewl+5UP417p&+;%0$P`~MU^1)WGwLgW5
z+No-~<ZIj|Sv$RKob2R{bI^J+KYczrL)Msi<+8Hu^_@yk(ENRE7n(0lU!ttINcXbM
zg5qZ8bfTL;!D456n{#YG)G%z5t9JIVJnhrNwqjP^*y8+fEH!hs*rx7UQKr2bH-ms}
zMVa&f*8$3WE!$48%ylBqb7i5ZAjmgj&UjvLu#g+u+v7Jr@S4(U=jSWm`#!ezW&s}K
z`FJToqc}^S!d<FAHAutZT;0Swg*5{7>|h<czrvOrYce*)Yul7l<LBY`)NoxGq{BqO
z(pajiveuYzmV=+eidS#4)*aof4Lizx47K$&$OPRT%di6?O?K~$r>+)37fMjb>&;6C
zBgO=pkBrn8qehz)u=#3}6yiyY2kHst2|RQM=woS|7wYxq^*jXZ3+e2u7B=%5iVN|4
z9X-}qO8X3|KFTagN$tSNgdU{@e>oGm%X_THk-{gWjVnG`%~<xF{&K`<F_CB@syXs)
zNaFaN?7=(Qwdzst8nPbtDJ-#&mUGf=9pZ>F+|6OBXf?!+l^5eng}Vp1g_BopaoNu&
zuaPm=LzA92I=D)DL4E8Y$B%PAdUxNi*oc#&Bco9K!rJ_|jb+J!+%_{GxVV3do2E{K
zB3@EY0`xVQLatv)nVnCJV@`%W*y#5HM&0@7<*>pB5}!S(wFnddUa8zxlYKuwQ*H8y
zaf>@s?=7dYacRBIUrLX<%6X<@)E=*q8BMcH89m2dK0k1b_GfUp?;cg3COSBs8Z_oQ
z5AuIj@(^Ema56Yc3>)~b*K-^3H5aoHt%Qzx@`>Sa$EqIu(DWMgE*e&)omcK-O1o(b
znsPA;MAxH}H|h(qc8UkD+`Xnd7|xUy*zM66i%@HFIAlBv2P2dPuK2_ngyK=4x6X@$
z_BT(+`643lx`P*5-@Ra_adJlCd5Yby6oZ#Dk3=fu<~-oEKD*-c<byNA1I!aod_$eo
z<q)CQTkWRG>Hf8=V8Yk2?TRm$+9|JU@%|T55JNg+7{lDi!`=N<;|vuT>5@7}m8Tf=
z2MmzB%I@%E0k2d*kvBp{sYvjp!se94yO72T0&ZuNkwa_)#&f(Be}z_vVZV{;{!o>Q
zE3<Z4>hifaFmwOU)fJnuUn)0gOYX54VIPfj=q9RCRI?t%%(0r4!D#0gpl1)>I&3#?
zT-zCSpi;Lx*OXM~OCBLBU?1%|4n?*37elpY#M%}2X?^PEyml(`aU5U45<@lU1N_$@
z%JOej_o)JQ6I7U(<PdoxA*yfIAfZ`$w09k}(K%^%NBmBvTVn^CO!PV8vcFP*T*2Rc
zis?R{v;*AvE41DKG%&6V)t@W&I2o1R*eZe~VB!zQz=~}k655MM+bc9t!uFfIEFO&(
z(3CI9rT4WUM)<*Q_hG$X9=pupBu!vwpdqaw-W_pM)$qb$>{Vm9L_n%l4&{yqIG#Jg
zbAnllb<F5!b8)J}B7tj11Hcu1uN=DHxQE^0=JVc?N+Fd*yZ|pM+U!78*s^rk-3_vG
zNdByM%Vw|Z5Uz=xyg*dOL(%eIfmcYbK_VWsl=zIwLUTIfD~Ax4v;$gTO7d)R@^c|H
zgP1lE<+XdTy-yzP+7mqx=Y3lW!0^9(D~>G<WH@_2zaE!;E;vMV;er;0H}ndm$2q~S
zly<-ip*BB`8cOl12rG3z=1j#2mv-4Jf;Ot8Asg*6WEm{WOcYfKUTRPq%<05m^5gzD
z`Ca~!KlI<^=V<ze{Py}_U~AW-vprhqV-r1VSM*aoT4+|2J!>>p<mUOeY4WQQq)mkc
zGd*i~{9kqw>0cLJBI#eTTr=ojAza(&UvD410J<~lj6@BRR*>;W2;L5lbnPF_3;ajM
zz(TEK%&5kub%#S~!*1QbblBmvHY3x1{pPnZWY&JeiJ}wa>%TD+{w4AiNxRO2h*4w>
zfp+Q)jQv0gG6il)M+c`h=+Y8zL1Kr}9Jvcy=Cp4BuIuuwn(??pv-6S&a_A=1%i*!K
z{Uga|2!u8yj0se4|M!99>YXc(WiDboM^bSv^9xqyqqje-H`gP$cG9bucC5#Td2veG
zu=cMq|EpsDNT|w`gG{M2ACBEZgtT=473vu%h&nfl^HV6pJ+1YfXfjxhHJC>L@ZC?4
z^|~u}-X}pLiX|kAcO?AvU)zj>i8oa%Q`#VINljHV9|UG$Jk7k59>=^J{e)aFl#BRb
z)FY?nVWgJ404uP=vrFDwoGcdoFp-c$)_}!(hoCBUfY&Sgy$5zhQUxJJ5mIaDrDgKc
zdyT7{@M(b%z%O)6FZu0&$%XtksCg96r3y2r3U+HBC6QxQqzZK+l#;17D8z%NMkp~!
z@Vi4R$PTg!5q`Mi?0AnCXg*}URdC^(J1^IpJ8vfHyN|aAV~|gUz+Z3CuIo2E?T*^W
zyXj!3GjE6()wafp$c8Nt$8&E`1mkO)&WR2f`x6=9hDTE1cGquEyE0Zu@0Kg$M_86<
zk$GX$4$B31O~jlZOZ_qlQ_kbH<AT7L!w<LIYYW0vbOzt|o-<J1vCu|7rrk0y2UZZa
zCJ3|{_u;M^^bhZW9nJsH6i`?AsD#<A0Bxi2H|a3`hBlr}1oK`XnB8@s*U6)lcT?f#
zkPC<LE5NyzN7!6PC($MO<l48#l<%JC2Ua965;<*2y{uD-hImurddVi@Ea4_1Pfza%
z!I_6uT$*?_S_i{1gJo&k;xUnOnoK{<;aw4Js*ZIuqBuE_T%1a)$#3e2jCJa2+It`F
z3fk<8O&cp_?ab8mM{TgDdCaHqUQ88>;VU-aJ*W11H_V?%FmO84g>?p&+FRZyhxcdU
zVvuC!tqJB)%(5#spw>cXv|wF6R5N)nDDoql_eGrb{LV5ce}!$uPId($ZfQY>Trk<(
zK@1ZQ`|>hXaRoG5K|0B~VgS3(UG|`Q6Y=K-=cPEk(n2~sh$_?>U<0nTt^g&M<l~S?
zyvjRJjDd_OMpdxIK~>7R@6z_CHN&a2t8pBlL>Kl}&Kc}!QjqpW8}pb%(K-H3CvFX#
z_tDC$U!$GiC86Ch^@K0F)=MTeoX@xp0;N5jZ`eKcPVbcF3(E0X-!g|6*Ln^S7Pq&-
z^s3}Z6I{>3F$LgppwpwOBEzvFgZ4PkAF17zkPEdK*ah3oi!&~`V?NL2r2w_7!vR|{
z_}-5WS0qkkj#t2rF<O|cnLnMvy^|R3TN=q}wT&kmoN}orD$Z<*7wU_PHjN#`(zVNj
z>G6GagPwFEeqv!8*zjjs-7Rm>4Y=YFzIW}oIx;V~_BWLG-=Q@UU;&`xbxLicmAsi=
z0^iwa)b8=VOR~on<brPNoy8ANJLyRg3c}te9ww%p(uxskMhH7>i;Ld6S=x!}_iM+|
zA)-YL&WCd@4x-ie(g@l6CG~wO>E2o1Mge{B+Ww~`TT&}2P(yLJY8ZZ7yt*VOta9C1
zH%X-~uV!gpYa71W+{kXb%W$DXeuu?yf$Bso%&F4sXON0xHP;}+h;6ccitQk6el@pR
zJ;)>5tkq(k*3PhcjA;n1nrrbr&nkkYk*XNx-p=I+t3(5{A5G!4Jgs{1C+1mt<Fq`9
zeOxQFJkBb*&7m6WsaEkT=2=(V)v3KoJc5Q?X>_){Fk%gxjLz(XFk`|C>kE|lKzxJG
z24Nl5GViB{|L2;Y@W09L`j`A6|0X}L)j#BKaR&o?&(hZ@+x*=8CsKNN)qB?Lp#QhL
z2fn<jhY~Q^pvin?FNMmFX5DF8q{SUCaf9@NRNX#)d^J$grrHntDuaigsMUPy!W;U+
zwBrjNE@mPpM%qoonh~!K84V#9A#hNC+3-D=2bP)QEqSTpSRhRs4WqO}V7|HIV0#59
zPP1oYbg1fzqq7Q+pNdG#FZ(Ub>|1%UeHF_tWb;A2*-h5<gD1i_k*NHU=%ymtI{QoL
ze%{ZKf8>LV7@-Ow(@VkEG4)AxDLRLo3D}6R+k5JpaXFDNXbBqpaapNiJZ}GtXbgnz
z5P{2{b)L~WohIc%RK$YwHEnfeg~&?25~9rHbIzD~6kirS%s6u^#urmEOOEmWoSs4e
z+^ni``o<0U^wj|{=hTqiq?iKfJ?L_5<5i(sC?U)9UF=Jzr=HeVd%SKXJ)z1uYI`X3
zRUCFp);>QOGnQJBb^l7ikzkF>3EYd!S`R<1iz#(zF}E6zxJD1YwE6HFrL4U!Ch2S9
z@=!FH>L?Ap^eivuRjjXDB-arhhcCMiY|R%*w^litU4XWM#EQyf$+8Ml^b-}g(ft;-
zx8e_y=~#MJWx{k{-dz^VO`1f8&G$LyL5EWT<dbZ$i5Xt(<CU^=Lv|(rW4(!{lb+Bj
z2E*ZBe6(!<`YfV+J@?;-u0&mVd)K)lkJr8fpfWQtOLbw*`ms^DNNanSgl-ufwdKC9
z84Vb2P1jADAjJBkh7>dIfa}%$;0sE;o(hH^$Ab~XH?~Y|8R}Rw)&HhvNtxRhv}d|W
zhMS#YQcC^4(R7yWP}dw&QU={dIgRsbW|}AmeJR;?)OXv&*Lf02!{aMzqtO%HV>n`T
zpi1?D{cIP5Cy61yxk6VUtEXE;%;J`cD%(|wjZ2a6b`#1|I<TDdL^ZY3>%9BCr~mOn
zj_60TkGveR#V_^4r|(io>F%VQH!1mV$2cELLSpB>u@qCihogOl<JHwC+^K1+6?`jd
z_}<$MtP<|_y7=)^$`w<e?ym3(0Umxv3cBcP_(pGXkc)~Q<vh-%5JWiA!{Ov_?sw;B
zdKP3QWfy@jnTDPYuLiBZ+XJM(Ao(d|sIDoWps*F_XbCC{dHxbEy_kVLRGk^|{$7e_
zx%jd0syMSZFW~S?S8v5)P$sG;uOYj9u|jwzj3;Gkd0AKin}=2o)iz2oaa*}0(zgm>
z1yC7Y*<FVZwbuJ)+uYVddbAH;4Fu&{`2C`FJpC~IX0!`X9TBQCTgu98s#OuXX1=(O
zD`Cn&BAI@>2OnY-Dn($`F73s05Y#56V#f-(S0hOznBN{#lHjoGGHof(R46s|xe8c`
zRxLSOD+zEr|BT_al(=84l;Wd{YrGs3Z~Y6Yi!|K2K&4?@j^pX;O|PoYZjq|ihkysc
z2eW7VltZ`7Ze)y}1bQ^J>T^74sQhXFhtS=8=`+|i<zCnqe8^5@enf<aqL-W2aq?Q3
z>l}GA;Wh0n=vDQVk3rh6i$M&!_nav3cqZP|#~Nf9=YdyB911%Roz*j@Z7xCus4dao
zD~wm0M^ZTU=KA9Hl-Op+LTg~~IRe}|7H6FmqLX_AzRwd-53=!bR)~f@nd_k!SSX})
zdf<R3e5*g~l6(}r@eX1%7NkjXdYCCr$l~~hd2HtpTbZ3=2B}a>Wp}|gF0C*pPuE~9
zUktgSO^Ed|6;==&v7nREQ;<w6ynJQe3o;rzvGnnXBS=(K0qLS6TlHI4Pc+Pn&bXXG
zYE$=NcX6Q^6K)iCJ2mH{&tuewsKee7B!}?UX(65Ju?mcC3ddiSRA}ZQUbnkn;<UmF
zZ|0!KZ1=a0p-;M-O+CX=1b&_&z^b8*`EGJNooHuk5RjgK>*!@kDXX>tIWnbZ;iRAA
zYU#MO-g3|jHFlru;*dh~pWfH7GHLSN+w?`^Q}n9M_Yt05{2@Q_f0N(sFZqN2O@2Yr
zf5^|G`R=XgViuFg$xS!_$12og`C_Y257^3lAzwHSx{z;4X7tUi6ptUNvTg(V(`i>*
z=SL0kh3EU5MQ58uU!*8A9chcrOO*JncsB(<DO0)nmFjI)M|GL=y22$ra|*YPb*k&2
zrgx}5(9ZTUY@*#=+BE-k1#yk-DgXmvodIto3|kt_K5L!jTTT~Xo>6lbeIQcL5RQxN
z=A<|8`YUudiZ`oPwW>=?6JX>IF1K>l6rw1s%f#&+URkQMSiZie+;F!qA^pWU7MC-!
z_05utqzPhcF-JLP{lo`e%j7TetJF9BOF3Ot<S&}5^l4F6aj(>#8g>2k116Vgwsp_(
zsWfeL3{g`3VmnUTQbU55wU<q{rEap8F>ho}{rTG|+x$aLlnMQJ8;C&W7?B5xH>gMy
z-@d-~ExGjzN{|~8FunUbA@Fy{mi~Dn3IN-;4|Cmy4s`9^$9+Bz1F!;%)PjtBYTvr+
z$OetwB>XuB2m@Gyj?90M9Do5(c=egA+t7oWae(n&eKZ|<(4b`~KuX6}Li<+u`UUbi
zhy&#I5eNW_Yy*pw^6t~}?Ne&sYPxhx8mb?}UAJKdrNRLAy!&?k6j}lmd9z-L1oXfK
zo`Od{b-Wk4CDpNozJ8J$4P0zZ@7&^Aw;=~Le*n@$M=JUB9kp+fpU=Ys+7JO&;E`)E
ze=0`NzGb&A<96y8QyTc&G=0?c0ppw#_Rj%3>y<D-;r8tJN<l={`}V!(Pr81Ay?*fl
z^b84dOPCWyv--&lip{w+JRn)6*MJ9z{izP3S0DL#10iq~3Sb2r`Cf5;@JRRd3zhSG
zcn|?Z<QrYWR>{nOB^TMAS2XUWqH{#E1bsYPYVFD8UWeXCV4Y9jyAfDG%|t)|)Sm-C
zfZQ;F$liS{ml+uKZa)U%-%7Tr5-3AI_9{hePdL!}_YJHwp#U`z0SUf+#XWn|>oUu(
z4qkolHsw3N{{(VF1oEK(BE3b@6ujDQo`L6_*g$%i$l`WAOwck3Uj}MMrdOY9`=7em
zoZsW0-!p@N;DEQm^4Lkx7jA6eD0F1cx(yrX8ThBAIDGpE*DtWn8;F3fMCbQ%=kq9l
z4DiVJ?jg$O#Zm{)<WlRF-Yl684cPPT6KmI_0yV<}%OE4?eES^FaiISi-K!6B{eltn
z%y52>{ouD5wI)-wP5i!erKCcZAx{q*`JSJ`IujJ&-R3Q%&ez6Nz;pxv16X8ej}xU=
zpIOIyBQ`(+PhtNwAK?7n?2l!EBR?Lv%n374014iGZ0k0Vpzc`CH+WDpHt^O*<l<op
z?))D7?z?3=oy0EJBtd%MJ#DPwIeZ}j5T;!Z0kjPLr?F7H{^Z9BdM5mPa^R7Jj;%`R
z{V4q`Ao13yyM8fHMsxh#P~1Ax2f$LtR=D=@(fWnu`91IXJq`#61@MFeXu(8M?3{!s
zv|{cZ9SuHQS`4Z`NE+lm$IFtom9qXdp5i$O1>^<=y!GzeYu{ozzfZRfhA!`jHz9RS
zZQ%FsyK2|t1JOc9)^0Y@w{Ov(-)o$MJ^=X;-rKP6P6e*Mdgwv?ya5sD0RX~uY`u?;
zwDk*t3tT#oTWswQ#aZ&SuFodmL=<$8e+-G=t_KBl^y=eXzu;NF=v%)K{nNk%n-W#s
zDLVtr8lyWrJN|C<&8b^6kif?dJshA19B>s8a0VUu_TCH7fdJUZuFIJaIn8|WsG+z6
z+cai1WU7Qg3r;z;xS31#9tyK{)21qX;3;I}oo^qJcc0OFS9q`prOl`ik6No7{uxLc
zy6r?~wi6p~`XCig{_xWv@Y!f+u4Aj^eK2jd_F8uFM^Z49>x+p5u5_N%br{<h6c?L)
zmoMp{M^aK6x7=}jl2)SlL;lbIO@8;k<PZ8c`M=NoL;j9*FfjUS%6;5P*5@f<c~(3{
z<t!5?`*;jlXmrU?701z&5JOGJqy@~G2HhG-C3`J%E!M@)H7dh0f{r}(Jg%;7zDM|L
zpDY5ASKRN?c~@5CO%8I3{V}2jzSdfMQ%}%O8kUBcYR;gS)~F?}aGRIm)sIMj;@sb-
zq#78y0v*#EIyn@j9a5iBpDBD)klVoCbu3esk*?4cqM$lFq^3a+DZ#R=MOsk%{ktC-
zfA|!wSPj#%7Rn!Az_dP;80XuTuSQq$tgce~S8u0&8hXSkRkf^%A9TjjC=w{V#CbTw
zOup#(B})czpBvDTO_M)aY1u>dDDu>E6FJ*b(5p_48<a(eDI3({)}fgxrs(`yv5ad}
zz-6szM=+BP#RS1vz*kcRR6^$nhqac@n(8Qq3Ixn_ltj>%iZ$UeKu!@06S)ljJ|57~
zELU!44)S47)Mc5{54OQARU9p?>W>iLYS14s&_NDeIlU;*{heonOQjv9mSo9$^7EGf
zYsk=1ZV_b=f?KdDt>lm40+$gQay<v!ld3SedaE_QCZv1_HT8<TCZ2Ek<)8(QyR*05
zD&0jpl86GqTw5ZGj*11yBYCSVw3?+69cX9+g9#l18g6&{f|2yE41}23%;KZLdfFxE
z;@40nazI~4o@yTU;{`b$liTARPf}Bx3JVelwvn)QPp#=i;Yd~3`X-kezzKanAczx<
zG#i_h2VRWZTBqe(`)hI5+)L(uF6!s~QJRDMf_(?&hOWHafby9ST89-Bn@aZb!hzoc
zI|+i;CLlP=j!8+BMTIK_H;}(o;C3R962i5<72;qW>}AfYFp1;#@wj|cdlUYs7As&*
z_&G?f^c6OH{<DA(Fa)(lJ~EIgxiCFQkIrzqr7-%Kk#vEWWI<;OIWTA&NlS>5hhTX_
z)d&BDr^cPk$ym$={YyR_?sNf}Z?em#fQ9_<FX7LBzp8%IBq<P*A}I)W@Ci=;Ce8D4
zn(tPj4%Uf=o?Rd%Q=^vv`MJ6p?qemm*aAB@H!_XWy#J+6>Z8uauNDw)Wo1d?GT|u(
z>Wnv^&0_!?>F?NDok<em5N8fY`^2m692N-SbUvGAI=~fP&J0hu*V!Qkcj<+97czxY
zgI>d}>z!-ck4Yq(`Npn=YR|V39;a37u7m=`X7i?oiVA6w2r~6-RqPl{Tv|(Dkab`<
zm$}iVBN<}evVb@ov{*;X`VVVEBV=r+oM5twA#q4-QxYUExxn{lTX0#b4BwsTrd=ni
zbZu3tG)NrVAY^rz>`3zb1OTBzkqI$0dfla!qJCot1>0vA^XOLFrZgaNm71uf!rQ5$
zy>GFIW?#ap+`xmW2^)vQ4mM#SHMUf7B9nuN@tNvOBXLi(=izc9zZ0tFY8ZJDWd9O8
z^O3oGnvkPtN_p0t-(GqfAj4)6h|TW5G)$HmT=g9kr(51L+Q&=v$vp=d86o)_%oq3y
zuA~u#O}dNG2|xYy)1`f3BNded76VFMuWJ<NZ|f*rjoV>u>RymSx-leK%e{?A9wA|w
zqN!q(`6@|6MU<pfFiNz(%e|xXqd5c1CNgr90YB)nwAJ@*L*qNhTz!QFeas!C!COe2
zj6*upW-00O(|FSSKYwmOou6sUo;lbYttl*FzBM@;F~zX0el)Q%FsEjbDoPS4Ff{z=
zFn>%s)H0B4lV`JPq2laJqiCO2x3mQwLaWPB`zaj9*-to~{7vACZi{x-SU=hK&yo~&
zzuiFVSOYo9T&(#VQ#>m?5_a5)=py_{(sjhj`*HofX~-em(VUV9`GjKec(imHUkOrA
ze}PsaG;O@3`l|a)xHE%uvL>{XU8inOcGa1r@)wNKv_deXNUEcDNAF9&<rgfX=}DpA
zRSqhDj(KcN>3F6O3bIfY)W;@m;UruZrP35@{1!uT(<w$eLzXIBc5r<BiT@Azss5Y%
z9)HOn_;2z{hW<nTDv$T*!`4bJP!E#$c8ll(y|L$A-&MP}1E<2%;7F%<X71fZn0GiQ
zjB?&LvE}eZ+W`%8sMS8I(9<{tLq#V$m>bS!@)=y$Y{@2y<)nREt<1D44su7T4^R^>
zdT9#oGuWUfSsMn@k7`iy+*$qL?VQ2-aVPk8I=!_SLzC|Ey0NThWOVHEdsu_2QDmFI
z^anZ7gs2470_;Pdv8)_@v^QdMw72?CZ*}BTTg)o7et5<9GF_epq!P$CHP(dCCSm<-
zeZH(}OFpbnx{B|TP09V=4H=wsT%;(9=;l$bFsW&xe-`|P9?rSOavibLmq#}lNKvlO
zWtmvgwXAjDCuNBp8c>(KnBx1IC(yjej${U6D<A6BFie!SwOx=IyTCPfb?3@DC0NzT
z$&VoHvL6+4VZM^9lKh35@k!!}*_@|oU_4vFR1VkS^PPy)LUDB@KXeL3((nGkh;9v;
zKxMY1CT$@+r|?jNo~qlOlcCVEpt6tU=p6G_6;AUeGdL?@!o(V?6giMpD-{m##dy)f
z@mYNSNj2jd09=f6{Dm+?uq*4*cKW&z1HH1JZo6DVb2*ov!`KC-BRv;c7m+LJEI%|(
zfM+w@;lxlpFYH~oG}FW0qr->U8%r%$!!K2^^CsY$rJOB%TG~)=uvnHTyj~}^p>f(@
z586{ajI+k1!)_T09j1_vz8E*tu@uu`-U;r~mD+8NpfjR6+h^4DLNm`B_|3w0Qpi*v
z*F+`JTR%C{$m6ib))cxlMHGHhm`3##rRqXR7&!AghWF=d0pJcMVxqb<>5cU&`b#s+
z#^(>^-xbT9=B-PkYVZ)eV1WILBJR`S`2t&&>STP|0!oM0-6qeOP^iU7O^w@<%bk(m
z{T=Cp^PS_95vDALEn;&(?5wewpVJZh2A1h!GUwz2V}4l3hZqT#3tRY-j;{Wih)+hL
zBL2MvH(`MeH*vCUSs(pTOc@}ni>oV~(><hYGkmgpdR?e$uw(0xPhmPJIc8g1Wm|+w
z+S}S)-@8Le8JbLN6L3hEHjg2+-J?$!EEDrlkmRO;LOfAMcCwHZSGFx0_wymP11TH%
zO$JjTgi`R07~=OuQb`}?V_T*Kp8b<a$107eyhJ&NqNGE62b19wT}vfyF{8a0^#Y9o
zh2FXi%kRq{8&8%`fGcxzPW$#+R#sMPCiRd=aw^ir`jr@k--hIcpVM?&R3ov(8eM8M
zPY|=cxJVE43va}$Ho}-9@}y>bGzFd7xLTO8!X#!2SPJE&G(PRdTaOB}esU{S2|lX(
z#5K9Z!Dwy2zdzyK+NxRko7bQh*NNN76(%215|^3}cxSva@tZ;s1(D$J^z78(?zhQJ
z$Gr5h^)aPB*d(koa2Edv+;=$~dx#-1wI`SP7P?tI84=Anz{ICxswDCz=9)={-IN#4
zMphj?6sb;Jv|bffb=h&(abHxbYIKv>`JqM(_awKn?qg*_Z&}ETL*)CWDu7vJt&@m?
zlY-O8my!0YY=ps3wJP{3ctj5uGt-djst_|%7uOZZm6LN5z7rC1GT2SY54^-y2i2<e
zw>P{isfK$dk~*ECeJ(u?$3k1-zIau|d5Mn(>Y*I6Z@oR6T!falH#&P982KvB$+Znt
zRkjV2&C6My_z@aw@$-tq^Deh&EiEQ!QgXUXy=YJ%4Bio0>2_s-OFZ%F3)aB>lde$|
zLPDH<7K%J|WDch=SDW)2pH|ebR^()}EUT&onYI#@Jh^A{p}I;!f}Q;LKO$vBV7J7A
zIEYk{gDo7K>VtT+%_djAPFj>f+IHh3Z?=q3lk21E!*@qVcy7`v8dx-!KGs2_V4@f(
z7%EKSBiC5zE-hz|jrd?NGH=%K&=iC1ZP_Q2<>q!Hf@=EJtJ>2O1LlMRg`$R_+BSvI
zY7z0p>QzcDIau}KY<tFWlp1=ty9tlO{(38-`)~4l{w06FzsWDp{}1`)-#6aR0pT4d
zjXCt{tE#;43iUO!GVlV0)7Oc!E491X^hJ*op!d4@K9#XzONps<B2t(sGtq?25EBS(
z7KUId<u&HAj>${hXl6Q!SY37J^0+{25=Z^$R^g~;ZcVW?(ixfng&j;+<f1Hn@Dxz0
z>QFToGF!t6*?hnDCX)stu+xel9wo=YWlpH|%vv&uga!~~wJ<bhA)hG5j`&Hi=_hje
z3@RkR(*zvcP!u@Ipsfvj700y)5u_uIu|_(LKcC`KG>K6g*(#V7L`b|Z&symUIkbL<
zR0{{RI*u@7?tOWV09|n9#pP}Y4;I)2v>2clt{6vKr?4T9O6Xn=R#jn|_a@Wu=T`ZQ
zl~5_z5E+G`uC;CJ>`6=X!sEi7H2C*etmsz<s1Ns6n>$)6FcRoHp|48af7~GT<0o}<
zi{+ngPyghWeEwkr!O!<Se)byLnrELR{I+7Jd8b>af#2LmO|7;<5A?Mk4Zi2XooaAr
zWX*x+Pr+wjA6@(T$rn3v5Rpr?aiRy+->{d+js+Lr9*a4*H=pi$oIp<N7l-t>khh#q
zNUm{d+h}%C`HoXd^@;ZjxVTs3pN_0A78n?qTOCgrTRrSJ4Uk8df}4b=8=tQGT^>uK
zZ^DM7Z!TO#W{uKuRmOOVJtc4ZA0f7dsA@f^bJqs%F?&dlik&u!(T%tx<AO6dI#ZFQ
z6+XpPT1>7?UYTb+OFX0;2cgN_RvXccDK|A7s~=roh@@%tX0M`KMn2gdFyGal^5o9e
z9M&A=X5?Fl9mON(iXAu}a2%ZFw=ulL+ekdKBN@8WpG3>-FmC(T@aOg0$RS6P<WJ^P
zkfF#zQF*IN*)A=_IC8#}T@yK5vKeTFEHiuqLWGfwhE@3;56;I%-60O7GKXvnVu{bE
zkT~Ig<uw}cBN7LZ5KBoB_z|Epi{eT!Ur`uH4)Pc&g&Y$*yUBC8jcRSiuo2Vn5P!}q
z!BZIgUdGfGfid!psVs8)``54q1|uYibe2Y!%e2@tOxwEKfi)rt#FJPQNspPIa-yik
z;;#s$xxsIHrF?Ca#KmJ;u~DXSWr4<fTKsx^-8?Lwh64|CkXJ^0d`H2{d*3B@6u$UW
z8wu==dN|xNzP52c4X0AjH^}uLD>2+JK=(0l@+l>y@HurZXMBm+X7K*Gqcq&q^|OzD
znm*ZK0w1CEw=uZ>K#vNxlKQgjJ*1q6;=B?l#~3-M!nkh}o8RPfu*aoM%#;`wopbw7
z5k6<U8`yY68H;_{16h*+$b`|G)%}-+$>*UVVg@alr-1?{JgvYm8JdJ38ycnZ<klkX
znHYt;_)!unnwIpOTzioN!uGd~6Y=(xqS=?0*cEb<SjL|!(ukknLnwbya{eNL6@bsO
z{+LhDO^n<xPpO^B_CYd;)W;=N=o>WKAs6yCMhT)p#h0mB7%B@mIGg&KTvrY(>zB1!
zwT~N*>Su4xr|y@{r}`)~M^7)UXKFk_OT*C*&9^I@cfH5>cM-{hW-7lEs(W+JzOOMc
zXLz1QpMex|%nrh{t4HPrCzgiiRwwX|2`$1z@hq&>@mXw!)0r?iMz(J{=c~D_c8s$R
z`sW+7!z-Wq6eICjJhuGcoN`tsb|TX6KCf_Gw8lK)MOvM;dCl#~sY)EMv)LW$$=T&A
ziqGWXO~vHhq_EpBwoK(ortq8un+)Z-15b)goTnTmGPqy-4~p~VMx+gMMsWD_Cd1AQ
zF-8a&?IwrkSbB|s(Wt`(83rj19VI%|eCZC_x8n=pNgB+71}-f5My=_M<kk9;^<4F1
z52lg>slAP5jVF7W?01Wev3q5yYRu(#&6!uHsr7EFht96MxRJ=t_NUov1`AaI`VwQ0
ztY&(%6AwniZJw`#4~sqm2+Y_e1Ar@vmcwGXrwO7aiQAGjt*S`Yw;{RrKgk4Mb8dxG
zRc-$ItYG?Y@_YRyzyH6<uX6Pd`Q>22z)E8C#NQa2MlVL~CXXUpNL{zi7#0Yt5IjBE
zZlD(g)k;qrD!at4Hztcs_md4#*z2#CX7%>Vht!&<Op}_{zm07#&kElST&mtF(Z#>5
zzB{SP;z411vYJv^QEj$U=WSHF)xBDlbzTOxsR;DG47OxQz9K9AOwPt+Y%(wx8<{&R
z7JUAxptCP})P6?O!DG9c@9;MB{+`}VfBU&`HbQR|(KSOCaOv@IAsIweocxl-!FH38
z_d0t_${USLsgdHA#RG8q37E6_=IGzN=@i)%Ia1bNrp@ZC$lKRzU$oD6d!70V1uK18
z<}H-Z)mDqQC7<2tG~AG#?S1e?-bpRYEp*iznx!dL8kzSoB_Mxao8T)nA!Mm9Q6a=z
zIw38dj40>pQ;MshKZ*6w@=mUjEwk8N5WPe!TN&q*07ScPtJr#~VmozQh@XIjRk0P@
zS)E(l)@ttV9Im(H<VSnd*;3|4ViiYOg*hG4+zwER^#ra4=Wp+ixmM?|PcENCB24Pb
zx1@KkU~h6wW%W|I3w0ySmgR$GNAkoE_;6c9zH{WF5%$%%&s@94UGL@;0j5omDgjzL
z2r0rNv)qP8W)ch!NVZGvCH6wCW`nGaBeSE86(Viq$%+ktmtlp2oCNiaWJL};_vbga
zB(p=&@~JUKrNvmy5t`HBxdWyCxLeO#=DE$bXYNYfw}B)1-0h=o?pF#1JA=0&hAYc0
zhE_?1zGe}w1Bc%pyDdYa3`utql5b<0`H|0SW2faU$@cMg^mMC@lk8bbaUv_Zmt}o!
zyhf*$13ZLRQ+A}k2V8&c>NPj`{uW<lV>^j!(Q1ulxH>iVaW?vVmT6j6#B>(fz_Ym$
zK$F38CRru5+|&OKf`tQDVWS})oU5t9-KW&NJDNs>qA1sG!tiGLmIs5?i(%HYaLzg4
zZ`s%CDZEils<XU(EZ(WR#5;|ok#eTp^z_TJp=VZd_sC<hkv@>ko+Ij==_Rs+W_`a~
z-%ztuis|Z@O__7P<EDqjc4Bd99*IaU7RQLW?B<UYToe||<b!@UJM#yL(BaBqn>Xd)
zd>$8DK&smGwP@vl5l&Hdx6|c=|K)-I<$}MdG;TqEJ}YM8*hTCa>lLmJ)>V?P;scq$
z6_=0X4yld&0J;dBW^VWn(V+4WS#Io(WshD`NlhKln6Jay%S|!kA%`#Y;ae-&sDq8A
z*&k8FrP=KUqZP6vnTycZWamcEH?|FO>g5is1YUAE@5WxFUN$;jiaH)<50i>Lhdv<7
z()7?AdhC#}WnIf<4?Y|URLX^4nJGnRYV+07i}EQ*^2tf^$&9+CtLIJ1;%3(P2>f6$
zU=+vViE~}oj2i1sp*oC1OoXl`M&G5RHz=FW9rhI=M%eYuIKuASs`!A_g?>&3gqG@J
zIj^-Xy+k4dz2SezO%MV{2$O+Pv-GL7W?6>dGpI4ho{S4}KLqW-->~;&u0o?wN%b2^
z6mktN6lrnM97t5s9MFOA9jRJk90iH}etihZg!1r_{m=!tS2>7V{&6h6O5ynVEvq4h
zZB<DieBMAzQFz{^@}&H_N@MVrxN_>2QQTYPli)XtYA_3PV?9CqCG{`(OR5GHCvx}L
ztdzbdEpcVHR~z)X2`dP(+IZrDTv13|Uc$F~>&_tbRmHMe&+a<-qD&amOk_MTBtoaI
z_rSHxKg*~>m^pJxCufFNAb0Ivx0`%-uO1hpYr(77ztr83EtL^30Z5lD$(P8ZEjXeq
z1h=biw$ZPrFE&*k5P2V<cpsjD57$68O2wkMZIy2_GmzWs0z2$1W49?|<7Vzz)Ti=~
z>8!8Ty%|0Cb1bi49>REfJw*9-B>A=^`8Fi^)*>!i^_nk!AP94HQwHMXVrHifQOe=u
zGGt#H{Jg>y;@h$<cf%qi9WZ*nVaX7pAYJ*h+QatW<oEtde!qW{Un~C~@`JxW7Ocz1
zQ%0)y9LV(Ag|nw}inhimsny#UY6J5gI6lm-){TTf@1~X(`z>Ay6gy_4*Q|0WYI(_J
zc}Zn?iEC-<Utr|;U>au1TW~G2HG;X6EaS>j6e$DCe0USK=!-h0SF>`NBq6^_nMIJ#
znZh&7#2tK0OM}ri{?q@Q^F7AVITR31%G>R7k0pu$ZBTI@W=RM3`2%zXx?_hWrQgS&
z?PFglT{97H1-RtD<jxlz2Y#3iuCPtyE{7#VH1>j8IZ=w>=tSj&?_1~CCGj(qY1eh^
z`Qbo<>)6DZvpO(KgZ%jfO?C25Ru}?IKij3G;dSOA`31$vVvxTQcz`1n{lY^QK$`wa
zND$znO)uK!{k{M_)vfsSF}gwvg;bj?C$!)Nt8Po1q|eHiXM;X-p@k6+uszROH>E><
zW+X^Hym6InUcIo}PO{1X<5t07@I<h*w;{CJ2F1|D4D!EN(|_Y>_KdtEy6~VoYl8+>
zZABAC9)t8z5OmfcLHd29Jb;Be8woCXFu(#zNChu)+s9BCg{*c>q(Dx^uK8MN*c-QA
zo~DjE?=jGJ13q~d@4bOSy24^IO+pb+>@<QjaOW^?IA7|X)klgWYRCC7a_}L<za@bA
z=P+Vyk`6PAxM9G+Fk=!fIZKzmVd7uqXhe(&95bCj-sk=rsHFH$Q)v3p!o4{9VFG_d
z$K62wZ~qydpZYgMjKPS%)#PK?bgIb3XZ;3}8CB59%{uiZ5=-D>|39T99;eBAj(4bz
zI^tHUx0#MQ!dASu9E_yD&F3(D9eJr=E)X;51?gXIpo&ZjiZTnlvtUB-3UGvlAThh%
zKYA)uDsw{!>B=)>2uoUylwI585tPlGs^BXZ-(B+uTT`IMr#$ivQalWA(C<ItkYdoF
zD^u{6!~$kTQI2u~9VWZD4|LM5D<ob1m%8;pc6Ja@631Jx@YS>~Dw!_FaHvovEqUf2
zal;y(94=jrYRdj~M7TiZSy8yk68V?pP~jBwVNEJGog4)f?@ZH<oL`)ONw$WHNK;jW
zqv6SQg`<ly4{u2tU{(^vEI+Vzs%!B;=l@WfGJT~JF6jACtNi`sU|OA+P3ilHkn$F=
z#0D_SfpU}*=rAH!`b~KWSYp9j5clC-@ytN>hA{B<^|CGMnStVMXuvb=c~0eRQu%GN
z|Lp^p*7wn)Z8tx*@vg@`otLYMS7-g!Q0|(tt=D6f3r=Lj{EURDF&1lGPRZu638Vho
zqZy55QOuCF=_uv_dxqhK+*F0mkcX1Qv3ybWrcg7dYNro#d_%P<4USNAShg#rA*GEG
zucJxCqqN(@sJkz5!$~N^(We{tGX!fL7bFoVhB*{mk5r@@L*F05?4zAurFPvnHLo%P
zVoXg6?Q6yT0@rmwP<frKiO4J)REm$YmvCv9CaISysh6UuyDbxHKVWavcF-JnUzI3V
zRBEku>6yago)Aybnu?jYy95kB8m%!5elFRY>TxME9^*COXw0*F5gbG+(MBJ5So(=S
z%`?(ej{g&DxP*n}Xn2^LrF!)LmyEM$w1roy+Zm+Vjk7GXx64hTSy4aO{lTI1yK!>l
zugXBGtT~a!)pn<6H;%r{-X=GcMnnBz^9Q!l?}o{qKPomYu3ry>;NNUhCR3bRB*Gzg
zdB6I)ea&~vBV2~k+c0bp65Uy)i*v1)KV6Y+bP|(@eoJQ;<uj1uW2$<PBptghP^YR%
zrJ$y5`Nffng8hZ4;p1bckTuh_?<*r1y|<XoCv}*Fu1`3KO6~6ptm;UD>v#=VWxko#
zyokPS9o7xt!tLK1P=y7!!vd5x*g%A<UK|_m^W&<w(*`eyNU;;P0-n!r<{Z@xF{2$%
z86l(7=nwgU|4n|MzvTD*H~9_J{vrQK5*XMy7t}h!eN0oWdfkywp#h{Dit{<7x&9kD
zYL$5aT@;F%0N;rn&#@O#qi<q=c^r?Bz$D7DsJWj+1#aCJK68JI3Jt#)$M#5)pUbN9
zWcB`z;{fh2BKu_2=3+X~zr0V7Y})H&398(|iq{2|k+dq_T<exC7CqM8y+15C+Ihg8
zA<5|QqmTNOS+j$>iCsDNk$Kk%_Nl(!+HC-3OwXXVebUq`wwhXqGM?<rD>${=d`^^Y
z`gJfdkuhUF;hJm1!sdLT=InsBGzO>3#Qa!JinIu3^M0Qxu#CLv__5x%fzarS(LTiR
zTE{ctUjf*MS;>S=h2%|=<F{#_Afm@6?)!u@+)B)d_zL4>vr1NXXM4;y+C=1b4yJES
zi?G`T(I1d|?3r-Izy7R{HGM&xp(IH7WG@q~3$80+Li&}eJ9<)*;5%0eL9!8_43-0J
zft~;%!lANspAR=yS;emiXa`zKJwB&8wj2R`V}z4my!KuZ<8a%tCOdW}O`Qwt-j?Hp
zF6~_7=%aCCY`aR14EsoXUC`sO^nR_@sOpF>zxWZo#MWhTJ|uMPFn)mPdJo>J4z1Mn
zu>q#c|45rs9i?mCijlzbJys-|rJqa`a<%}U+#NX%0!J4eV}x^LU|Sbd1LpRX_1>SF
z5P%S$D?S1Og(`5;!5-W+AM986HlRVMnm!3SxXlok&b8$oN9Qoja8?~l=g7?nXB|%!
zXv*Mpf18h}qwgH91l*<6U(@UXkuMO;jW`2|He(6_f8Dj;muOqgR)@vh+ie~`-!a-|
zljw4xqXd%f;902xxhCgn=&ibal#E*wjgTQYBH>$~Sk~6(iHn$hkf?q0|EX5(viezj
zPUQxZAqdv$#jvrKMSWm)57X*@rcDU7!5@Wir1PhjR%qCKKJg;LRI)Yu%+^@CDQ*dS
zk_l<=CmAwz8&*(7hnj3bb(V19(HOL-SV6wwy)d%6iBmbhx`$&|$7F<WS2vMsVb<fZ
zlz-0E2l1(CSt<36;nscR!fIWO&l7fdsuwtNS|2?2K(I9Ei2qdAg?x_+kC9-(u{L7G
zgWq;yE_6(Tg=CmdYhd}DUM<uZzedX*ez&Z#)X-E%2;osZe?OwT#SwbKIPHrJQ^^+e
za*LHUxQeDKV75<*cbvA4xR0o@F8+DO1IymOIx~N>Dg$9pfT1DL{bl|ZR#Ang*i3Ft
zK^?hx)4m`IYCs$E!D)gp3Zifw3cDc_y2ej&9B=X$QjLNv;XnOp)N6DcIx*kZnftE*
zjwAgRMB#)T#Z-v6dI)y}zxGCW7*6xq(p@Dw>xKk*QX%>ct=n$mKyh4pV4U;JF(n`M
z1_Apd7_lrdks_KB_gYe&OcQqR%6!+FA{L^02>uL&-Dipi%fq$f#i4n6qh-u<>Sh=s
z##L(0)gFFbA^^9287~Q*EJh`N56N2!b7pRT+iS*P9oy3qC4F^u_19c`Z7q>~sOznt
z^p|6w4RSfwlne&)tyAud@g<KlNHRPuUb#Y=*NPNlO1pYa4k<5qo$?DW$Lcs0bJew5
zzIT^GYJXBk>gtg^LeedEAPd_pb4#5cTIm6t(%<GtepHjA=+s4(a)(Iw%U?GE!Nh~L
z?Z_r{+MNTN!5BKl&Y5X_m9)7^y#Dg_70#+X<s7RS>8!o!JUyss6x&9~ATPiHqAfW8
z3g3nCYA&hGl8}sKSgT&M?^aaC(miC2zMjf`U(21-&g^i6B*q0HEO2SVQYQTo3<xEs
zO+D<_^Ob@<ZQfpYDp=xwnpolb`jbbbGn^5AQinCnJLMZ!<q?Qe8e?mmz4#z|-u!hy
zM@jb&`M>-(`F;PA-{;@tH$(Y{{5^E<&+rN@7njrrv&{~iGXkk>C%*7OxBi@0LVcpv
z)e<@`4&qIiw+sH?LXM>;d76t6#dh7MGQfF<xm<lWZm8KdNs0by&_J_sm`14)2G)&p
zUC%P^U3ehrOY`E&j{%1gMd4VeWcpqd%O&q6j2vvX#I+Q$IZm%FUc)m)9A{!RZidVJ
z7UCG2&<vG2kAEa;z>VHp_Xe`?rCw}=p%}SwZgt@j{ZCYs(moKM|1ZJ0C08a0%|H#h
z&_#F`dZ7*tw&WA}=<Y688TEWC&#u2YsB1+0Ukk<on2#K9R2QY7TIlk+^%<<@MIXF_
zg6N3<LugK)X9ZxhH5Y6MAu*VOWV%A}{wJ!OY+-KG|4V={c^ajqy6H(g(u0gpZSYV>
zDLNN^P_PaPW&mrbzNV1ae;4#+jcEP;?A)Cp^1p;ox7N4ke?&JhBvAzQic%LKG@Kpe
zjKLI1vMckg^u8N5|GLQ~H}ZzuWf|&xVh`}EkM{!#xE{-vJB5n|7O$T7{9!7^=IEar
z{(sFDU##pW@zbt_DOx5(|9?p#3ik<7E&ECAwCn$!RQoe6A2?T4_l-0jO@sXKBBi%b
z?PJ@fTy5>KYw<H3NvAFS7Q>~RP<P8%oYESPhBb^%x$WkXnnsr${^u%s*IB3wbW<zA
zjT?&phqkv2t82^Fb%7*6aCZri;7)K0PH=a3ch}(V?rsxzcXtRAcXtc!7qV(q)w+A{
zb?cmS&+~kIw9%Mz{1{ALdT+h;F<jz93&r+@_(8)Jty(~t!#Db*mso}x^-~Ym)JWo@
zMRL()$cp$~wJ$P2&3m$PSnOg+-|=I98Um3952XJV3z`jsp#S6lAT{)bf1^KT)Tw&@
zK(=XZ+<>ql1?n~qiZ)P>Aj;0@IVK72m!v`97V2GrvQs_gDbwb%LCa#OV@lAFq?||g
zFXXt4!bkpX5^`?oyZ@6Et|aZ@Eq(TF<=rYPtnLgA{oyz&$+-o|%5hIqTEhaOEPHs1
z7{_9eA^W)*N&0b5wR)v8!<l{j?KGPzP6hR6n)pDI!{J|&3-gOc>ZCBeUEH4XF4q3q
zqo0X(I(QMQsAX_wdexpn1C<j7Urv9p=%^EfvoyBb+jt&w{9|C3i7mF1`dVFTfIor2
z=Kz84;yZh*-e{4F`RvoaGvEau@t%+TXscDmqSH4uAVyKDOejM6P)ZZTr{J+qhFm%|
zc#Rp^xgwUG`VN}kixJyqjZUesrkWbbv{aP!l(lmF{x{-n&Kb|$k86U>CH}jyVU7P+
zqj%<6xHSQA6Nqe`m=nr!Ioga^3jc1kwvnV(aQ+l)A`MVw{sdOAYS6QtQVn?iovT_b
zOCT{pn|KZACq56I5bzy7X9yfHvTKNmP*YlLBR`TNL94Zx^tx~oDcTgG2U1%L8?aG_
zONaTX8f&D0Q6#WK7;3_6ykHPm*53@2SSi9ggLSR^y@o!@NmO)Ul+c1xgmyyd{t+IK
zNO61Je*{WqdVpOa7iN5WdjCi2jr{z7Pk!Iu<oEh3`K`MDB!6?q>%HUt>xuv0sdmIG
zZ0Wz6@-~bDtB?GcRvd%Uzd|WyucnVc@k|Rad*s5DZ_Dowi2sumBXh`6d~Kp%{>9*l
zp9nOtjQ<!4$dxN5u=xoKV(=2f&_eJ~q^7K9Y}+=TWkB9uuT5~r^tatw!Qgw}BJ>2P
z99HWfqe_W=K#>LQmHS3lTNAcYff&K-gwmDs3Gc%>X`m1f2h@f%LWH*yO3(jhN-jt!
z&griv7bxgw^dFcLPS55iJcx6az<wSMxD9KB2p=b$uFco6_Zf?CKLH2ax;113-+z!2
zK3~^*4?)D@gwf8twn30e(c7qLRfe?-uzs`iRlk>v&2)d)<SXNAs?Pnq4P>0qbuAbO
zT^5Y)PI8=*FOoCsI+)b)>)HMxSkxvBg?|KsR&?GWh-#s0I`7em8ZbJ0A*uh<R1sDJ
z!1_P1@7-Tu6TYhbwEAaI1d}ji^}k_ajgSd2YV;!}W;R)P=qA=#Xb><sk?koa()DQe
zrvEfpAfwdmH}!Y+|BFG9K$;5hua?K0wodx0>GI0-0+kHnV8g(!RL;|cPMetr)RM)t
z#^OUT!!G3s)G=^)yVs{W*}^YD-*i58;C@zN&a{8`9~tRQjy+7N?ue3ZAC^2q0n~;Z
zPbzs}$~}HLh#fc8MWavs5cmA;g;~V95Dd4@En;^BhDXmCkv~4&W8i<5%F6Wj#)2{-
zE&OL74QmY`kYMa7@@JVwD8Sl~<4ZLOl>P6LFMcM0n^HId8!RaOSuAk9)}-Nl);Pic
zpDBy7bH<%^zZR78uPs0Kn6Q?Ky|1wrM8g=r&P*ur>B9c61^S^_bS6E8h&h7)bFdTJ
z_#3{FmOX{6+b@iDsI5vbx}%ZCk|}W(6S841Wr7Wk8NHn3?P5ht=+g!{3qwUU4st4h
zXpih1y$USDPB)JPnyuz^6h=J<SVNM+Q7naBm$D`VKUkD9?)|bN|D!U3X48Qatg7bM
z@Q(X{iBV4zc3zS1dOFhmpW$Qq3hJOH#mCqMyA4Ot)@-Iz(Y2q5`Zx<aIp$o?^6Q$Y
z3qzVrc`Q+(ZPJ%v$xoJK8JZi+UBgRcREDcihyt^uO@fn*!DZ5RVcDiA>KBuY`2Vsu
z@(cex`Tc&A|Hog+@8I|+`4{X#K>l^U|0o(PBDVnqrveBI00aLDCpd#or0pWIT~U^E
z_V5I5NSlNv|D#kI{n$SimO9iB85y5z8<CJiun!YNTn}ANSePRdRzu7Vi7SU(5+7jH
zDQlm}q2$;K76LTO-FsE+e*~u9E)H$RDIBbhzF_A(vis2~DjjuH-e5Swnq`8uq5I8n
z&_6-U^*CA>G|T&zvft*Z4%GY2q49`)uf)rhu|KhfJ@LiLlm-HV=L!}&LDO!pRu$y{
z=po%E+<Wi|kbJn5<Z2pOjVFkU>hNHkU00BcMTAGm;Fs@bIqH<ncHiAhP;*!4G{u9+
z@2d=*qt6SS+O~G>ZlAH~wvc$(yARx&uFG1_U17S7wSi=`8;FXPfn6W_s!NURB0*kw
zz#nb4kXMe|V_@}gIjTw@zm_Y!Gy^O=aGP8!UO+3CM>$(loEy<YTyBu8=bq?GemDx$
z(q}7A%eaYTn$Q6hvP@6`cmmT;g(}{F-a;1)`4H(^3`SUB3EwDNYzg1soAqi+OA86$
zqS~XB@OH|ePzrYHpim0D8BZtDTNEw(=HzcbCVxx5zUCi?I>2JyR&wB!w4_iYIm(o@
zm=GOqo?YxuX#iB-ffNAlzp)18BAHkKFWEm{C$Vp!PPL=lj*^ir7m35+%}XJ@jee+M
zjqe<<%}KiQxw&8UuyN{HUQHm~Tuwf!V4<fPASy<%$Y-LuF5OIi1K15r((_=x;<cs%
zw2EHC6YXlqmLpwEoA#KGda@UbJvBRtrhUSba@R?Fd=TZog5@;kEbh6f`2IM;jMov-
z>Za>!$udyL7^>767*Lqk3H%xNNT?R3d)O;c7JXGUS`w9LgQj@8F+`=-n9(SZm=c2s
zHR^)#398Yib*@VuqTzs|%%~f6+f6e`x&0BqWZFPszYs9)-m6iz&`)_0%P?5dy%XoG
zHv?ah6godN%{~C&Jt5>X3+eHw(&e77%ov%IG>DDC+}0CdRkltnVG&cnAtpl7<M$2~
zjzrwn<MkF3j{NvwZNWW;+s8P6rz--zqpQ1fdhT9)x8jL>I9s9oHTw|nGPHr-uk+SE
zRI~rqz6{mPgAXHAw&1h1JSRiO7%D3LX(O`6>l%NwQXBe*BUn|(pF+9*t^zpA4)hju
zn`jisw=;REY2xDY$@9M~qk8KNt@WuyzGm|i5y@ryeha$aX#xlZxtInibq9jd7j*!l
zIEy9}mU8O)!(K<lO(B>j@GL@)+35k}t(ovAS<Nnt{pEBoC%<|}c63b2k?aqp>(dvC
z`PW@g&`2o@TSepsc#XY~M5T4eL@4u~$)%eSYq8(#!<FLqC;4m_A^>x?0@~1Qj#B&~
zGTS89t-^@acIEQ#6~6a*XAJ#AbMXv<eu?V}J%Wx^N}F|FxEyXLAK@pmY<gr&Dv+45
zmxuZN9#ECw%DcFGv3kD?&P0WwvMgtu*oOWV%q)b=et+SmuG~Ex;6Cx^2kzVi@P*k-
zcUZ;wJ?YxZLKPP|s>)epSI$>+gteYUaD=U#K`@1V%8P%N5w$GJs|Ws6H5oiraS^4m
zEj3JMybM-x5uj?#o{1h}-iZVqw&F&=(d>9aFFCaO3VGN|Y>HRB0blXGMHCIE@<hjz
zpi!QXzJxpIv?LF~pYx322sNZs-;5$Nn(n4L>>G-X2;4kUMW6Evw2__$>Y@qDX9FeE
z%=jC7E2Y~#@eg(<NNkQDQ907_YP(&0b%oXwl?<Q4O0`hyexT~Th!8GDJHL@%?C;6%
z|C{`te<i;g#h>ICcme^j%#q9sHk%%FO>mk!GNhWX^PY(WH}BP|vS*oROEtqCTWAvI
z<Qq|7w=IFTleduPG;8K@bkTVIG%S@}Z(TH6;bpk;SgvS-xcAs!4tP!|b9L6@s13hb
zl{?ClO^^%O?rTA@NB3ac45Cx3@>{F-ahz3LgAV|s3~v32QHL##uI<ip#DmvwM1h1H
zcbdJE#3Q%e<LFlq*z7x6d7Lbfa47;BDFUH^Xq>9g0hEK*+g6WsPQPn;n0c+HA32~!
zSzq+8seBY~TW}O;$4uQke2!B#v}YI3s9Q+T8duP(l}FJU6fW+FZZWtJy9)u@C05V_
z9XRx~0S`U`B{tA%nt}alnq7*iH;fN$+byR~?Qq^l<C_=6*OmrLZrA31=0}Tg?3q6*
z9lEIJM(=u4Rl&HeOHlS!^c>;j*+*&>-GsK`bWzp6UBMN&1T>P*3&AxF@XUgKf>)<w
zA+=H8$_nAIGyVqG^tPD%6ZD{C&7HTz_6aJig&TY;H6%5MLa%v{o!NO;p_k1OX;CkV
zCt)B{RIdToO(M%R7mRh!AxNzrTji|nOO1}Fsjv^zktKzQ(!S`cmT)o3iFWP088R8{
zyck&PDf-93;a69~-0hT_r0ZP0NHe=^mqOyMEm|BlYq86hU%N9Ze06Dp=jA-$(o8V^
zkou<p3&xQrtj)(5=hwSLoYFtLx_P`UE$R4gWQmFuh`Je+jbM*lJwmYY#0G1M=&$nV
zdw!oT%QLC3*g23p@+_Pa0oagCCrYB0<v=;g+Rw@=JIZ`FElT_%Hv%sw7EA7&L_RN$
z`hM{FX7G7Z&y#wd=0(&`bnq5G?)zmie9~ZliBj`3zO^A3u0Y)Nsj7W(am;}Mymp+s
z<2yMV=}<Pz1Vk$->GvOSrNN0wNiz|^ST^ZT*1&kaNnygUP$EeyphkiweB(`)+NbpY
z_T$8kobuy$;k^gW>At(e$K8jW5jWd0N0#xTvIAB7)rS?=)tj5^kIVNiRX}2$E`u_2
zFZHd)<(8YcAtINZsK&O>2J(@OOi}MBDwz1M7vA)!6143aC`&-ODoJ?{RcyW?PIjJ;
zGAxNu{!U5b`v@FD^}C*!@(K^CO0733%;;{XmF*C?;$Cv|=eqNo6Z*Ug_p^_=j-^5c
zGsS=w#C%5ad<N>#`1BvrtMGX?Y&>Ok!qkv<=D*^|cENM4_BL~fd=+Gdkni~GZ90fk
zUf*73KvSx}T&|y1t}h-iKmz*f`wx3;!h-io#RN0^iY3Ew|4=W2X=!Y&!jKAuzPX>0
zD#46A*&!g-{tC5`v?KXG80NLWTbm5y7&#Kvf3Gxn4_V12A|1)D1d-7#fwG`ciz$gu
z#J*L5W<i*Yjx-9b48OWDjntAHrdX|voPpRFa(=``Xit#79AJ1;$uy*l-5=D~$iJzU
zZB1>ug)}1!E6pSv3tOe|OPNHUe}<CK6fKG|gwZz8C|MGvHYl}`zXyj<2Tp_Ae>P(M
zSeL&8hfoU+kv0G_k?;LTXLWy|3oCys4xu_6;wW+OhaerE>_l;tVZva2#7;9pB`!qD
z45K*78YrYRZ~lT$lVrknLxgPlh-p=U5_kN0pQOp=Fyg8L1$nZg#J>*dJ6t0wLj_U#
zjr`;?Fv6eAOWczYdrwBJf`UW^6$InQ@6SufN5Bv_DyGjMJJ0W@L-_5Fqv{Ljq$2mD
zM;r$?ICic8+>Gw<aqa%yip}b|W96gkPtBYI7VuSzuSYx%t_0PIqtrBd3FuYB(DU1V
zz#bCm{<5+*8OFfkIem+?D^~|OHg@tf+}aT5^!~CUT@6LL@}v<{;^r?SEqMAGvvdWA
ziBtARfhrC>RJL>xjfwqmh5B4Ol^dqY+xsQI>=c~YUeod#!{p`qac|_8{Cn~T{3gH0
zU&-&a`X~AE6F@);s)weON9}J-aXnP}P0G3z56`Bh-RxuK)dSkYtD+CjB#EB~d$^Ns
zcS(yI!>82(BIwVhiJz7G4@&i~@~dqQF>Hx-mr6DCduM39aZ}TJuT5(GYn3S%7^<pM
z<LIgoh@k1JWJAeASP%^KltU?@565)W(Ps3umz7I~y8zWnc4#5IN+?~~2s5d@$<<28
zUC9VDdfI-f!~Xn+E`a<3Hy84p0(uv=Aoyi0#*`Jn9#zUp)qZL6tGz~meJX6t)J}B6
zy;>~I)T~_-7wVi{dKc>M*Gy~jO7VVc=*sXOXUfX*eMKl%R-%)$0<IPiVy`h64?0L+
zHLxKdsKLVhOqp^cxdvcTlGPRV60mQ>DgqPgT;}Tt<y`RDVQ0qSijLa_>y)iq*>`vM
z{Bf#K8(SQ^vwIh_z>nm;(?l+@Qx?T;t5y<QFGH{{Lk!;`SXH2@Zrolk!}Zyi!K0(U
zp?O~KIsV~;QX66qI!%vPUL8FEF?2`!(FvRzZL?qJac^d}_x2Qq$*k9(bFKmc`+99S
zV|E!gb5ru*w5;Z|Q{$-D8uK{8cC@sSvF|95Y0eQVMM77Wl_`$d!&^4!ir@&)Qzmj$
z*b^>dR+xJ_b?KhmCOKuv`V{|WaZ{SC?(#p!jqgd(Ii2pA1YZ;d+fGTOnSNx<{+w!5
zlB?D6B>SbdskXy#A9SL5`H10;an9wkELgs{XTQiD%3+baFT&0|bh)u77^+|M^bm-M
zKb&ni32G0VA--Uf5jTE341ag&rg=mo2%+OhN5!o>Q&kB4tKtQ^rRJFgv1b&9DP5&c
zt=aj8WktomKAtX}#_3>~!yLCd(a&MH+h_P}joyGBnuc0eXzmCy1#?u#O|yc+tWRkK
zBLq{It~%Kde3;K?JFEWJGqug!hz(kG>Q()~WSrrp)G)>adT4W^@>sAy1e{YVNI7~B
zS6Cr&FtBJ@N!@D~x}pIrWO>|*{LBG#g}P%1in63*_=8g;2o3t$Hdu?=j|Av5D^O1P
zwRNx-)gO+~XBMC<R9cGi$oAtgPfDC66((1H6NBEn(jxY}*@D+L4$0NX*%XFwjAB&x
zJv<pKdP7+B`mjk=`R5E>w8`5jY;EzO=)_ZggLaI1O<0#MRP)rKg5?5=EJnXns#Ia;
zOZ|@&d``*)9A~5FO$N*u_uv9X&;(ss^pdgY#bM|31bbqJ4=eP@8W#x+o10EpTG>X{
zAYN5jh$LB89{rI&T2$T_(botyN-@ZQAHxKX?uUn&_F1YfNB`4E?F=p`(RDu;4`lQ4
zIX~FLKDqp`{f(@$ij`)O(P$F;J-MJ}?_RME5q_8gMlsxz-j;l53pvw)Svac|0#qgf
z1};&tj-GsIiHKcR{nKqd)(c)=dw{1((v+jG#?YBLBWLU+-~1}zJgidk@$I;cGt{!!
zQy~j~XDQqr3Zoc!eyr_6(_R1io>J(rD8&%Gs*mMJKpSARkBW_yC>)b}uz1EssR@cK
zWbc+olY&>qkhCBi!$b#+TMvvIKkj@q+s~&%VZ|$7DNcf;dlY+Q-eq4YW&)r%BqK8K
zsBgutY^)e0>ZaCI0ckKoFrjZYWEL@RR|q5i)P=H3NnU^TrGk*<>d(dcZ1z*UPD_#s
zI(+O4W9PDShNBl|KE<q~GJW;cKzs!N^6eQ17spGz^1?u^*jT;QlK;<z;q!uOheTU!
zkJMJeh1iKUx$PG-G~{!Yj~W!6reB-@?<M23Zf?RdzQ?UaA#uofGmD%Feq15##Qx%x
z^WHLcEeMH2+8bTujQ67kX(#lTY|c$eolt?$%0M~=`aTfd5&h7{P&)LygR&;IzL*dI
zOb&T>Xda~gep!cFU-Yn&jdZkjU(_&*4W<yHE~ySoV<<ra-B#Z-y1pZ;gdO_6PKyd9
zo|n-2_u4n|%l$q11Amj>{jcN?i20NJIY=NNydyHu{NyA4UlZR6$v3fp>s$FV*_*Vn
zz+X*(pab1XBZg+~dAS=fUfYw_=^JqFyFoA@f43*Wco(muTfxHko368AfX(tDErBq1
ziJyrI`)hWNT0t*C)pwS!J77R{zb=Y^A`4(2i(dKF$-3tsdoQ1%9(lEz1k}N|`M-8j
z)OIVCp<z(0aSm*_apQpWneg)z-KFoCR2Jlk++<d97Mj76FHV6k@UoLiLvtW5$aRp_
zb{s+bd=j8yBI(vWV-ZuN7{UCpIyx&~msIMID95p)VG>Z!d?}sb{LuBS!TaJ+t48D|
z+^f>0%@MK07ilcw8yT(PN~Fp<EZ>(?d20`e(TFK|ht&7)IJCe-=-~1&(BaW;JK)7L
z$-esROn|BIQZxu22V%o)Iz5s0JL7O~C1!Dj6f4Z1b5OLQ-rs^w${eGY{@5c?;Ulc^
zTA6_OeZedOvS?xayK&F3F+d%=)UDu`AU3CE6i)sS4xKm^@{~6CTaz?pT&KyH7NcQB
zGK116W}m1@`#F6JSb3M}8QVy}hkx|hR3OCLu0lCU>eC*Iat2I$ND`oQ-bi&_ZQ@9N
z^Sz;1Lz$&6e9Hf*5eNbOdZqS0wt{dc-g-?(X=@BxBlMfHuDsr;Q3(SAo;O%!Xh``_
zC3O!a>C$V&oL70%Z{Rt)6QLEFo&V9;Q-Pq+84w9ttPSh-ZneuX^25VAh#nstj;|VI
z2SLSp;exQ(+;82gr23H;`rAsqvp3<i*7>Jet!4DF2_X4c`F|YrSY;wfbQ-g~lcN+w
zZMYHODY`nU57W@`N@zXRFL#|k)VOYRY`9-=W$urnO=fz%?S#td6X)*hqS@O8GIPSy
z0J%;<$9F!DdNafa<JKGZa0=G4-3Hh*A9QY~^H-~wWvcp@+6>CwkEsG6<!mfbXU`!X
zELt6sX!)VnL8qQriEipSKH)7{o?d%#Uq75u@ylXRBK6kNYUEY*$trIam7MRFoPYm!
z=@3gM<`Gwqk^EC3+`$GL%1&_U0qARzXM`=UZM+l}0(MBM>xId^p<_CNhIBcWbUBzK
zM&Jy|ouLM_Ihb8f;QMTGeI@yH#l|BhSk=k-tvPVUqFQ7v(8JmvS|ColAu5obVP3na
z27XLefOC1bcc>^qymd0cU=tv7Ne5g$XD4xe`+T5iBj&9t5AaBFk!i;jwBnNH%#oBK
zyFVom$jh9!NYDj-wOc&4!Ra?Xz-Cq79xz*vVkP9+$##L4j@$hxiYJfx3qvJW>@upK
zHQlNmJ5aaL$XE=SD)e=kHQl>Fn|Q=qE)mw47GkH%hB3*B?p5<Fq{*0#2tW8DAp$!6
z-5_~EQFsy8Bo$n-iaEoSVh)V6;3^Lc5p{`Ohx`QGzJF=UMbad8JrIDF1v4Es`&gRE
zekmU_>VX5%fl3&aNI&0_JWEC%cN-=0DE!4E7l}I``Ax)#+{8&GUu@AT;zxQ9BJU)Q
zJSXsfX}nK+o6v&Ns_9ou8C1UMXN#-=!znT?e7e_%ionBR);1Eh%9Nii_~%W&*Fu>n
zO14L-^>eJ2mA3SAte7iMh^O|M(bw`V<M+A{dCsQ%)eZ0MNy`{N^Zv8d?nkNh99F=a
z&7wB(IPQURu4|_=;^BFH9oy|tvnSP%4JeU5_-^_&w+O|Qy26t3I;^*?a*i48p-*R3
z>5o5Eh(6O+P|GgWGbT!3fk?QJbzCJd(bs-C=-Yl3(AO5ZGtd&0QMV#m?4Me2BOlxj
zyX)JyK^_+SpRX(1-H$Bs9qucp0@ApSF0~8b+1=;%yCwceg>ji(YUjXXyU*=)3*s}~
zS4_T<U+M43AM~62Zhs|zn9!f(#}@?w@vJnO`HDw*hKO(H{3FdK)@ZBErrk9+>=|Wp
z1pmPv6uAXq_nGOV(h0l><FmqdWFsgld4vxL{GjipL3mKU{g*Jvtu)ZBR0>Qx_8Z0*
z1i_EK(*HFi7LoY$TL|s4;fatjYd4W#G3#_rIQboNuXP+b<e);?z<*c%ApewJwlV$W
z*CeB4v9Gm(`Dl|s!ekYG*$^WWL~*L@B7xsY=laMNRpAw?&!=e7j?jb6ep}1D>mDmn
zZ~QVtJPvF*9%zTVn<aQ*+tLhpJdE_j{Z-EQZ2y-eLTLfgZv`U*t4IjmYm>g><Hx%=
zD=3L>%-X<#w%~tPAy>@530d4SXW#s5Ygm5$<Rw$`is00ukqh?!g{103m@rVVBh3nZ
z3HG!QB#HDJF;rv_m|ph(K}Z$#ovJcTMTfn%$H64%7>Kl3^o9Q4ReS22r{C$p@`<u4
zF@ti4B;@X@^W;T(`&Kl(9?+;)z5c37GbTZS%X8YOqwAQGd`SgF`b7l##m|4Z$@%Pd
zj7jNIzQf?SfNW#Tk>d{+t^hVp#TtTPzd;)ry!^Hof+^<#J5HTdI?Npx)+EE^vzYBi
zJyvezG0FIg|0axxhRezACf%nMVGI4ALhO)O-P~>+Cy4kC871)3E}J;99Wi2CVp&Ih
zncs>QpsFeqK&u_dMpFh7hN$RChftbC{VT~f#bd~}CkBzWpUHr0m+v!XH<1MQmt>BL
zK<MkgzSsR1yIFWxKR9^|(!c-KHv_oHqym|jd7vlLRfhPJq3rKao;Q-5KsXK|Uj#C`
zGlsK2mM;$>R|YbAkR)=D#HnJ?M_lhxkG?4bK(H5NQx>ZWHSrCC>`~8!8&x1Om{3>%
zF*h4B`tC{3gF8+ja){8#A@^8dBF&VO_4GrJ3Lx~;&?ij&HRgv4E>i^iiC_RxAg{0>
z!EF(Tw;Uc1dBmqUp~xX3;cY~IR<Un?iZ&>R*c$jbJX!L!MZb(VoA_1vnXe*@E;2Na
z<p=qKNc&nwB$CZ;1my~Hr+EDypj$V@um4_bC%S2t$&{ZknCQm_WF`w3X*fu&74e(S
z98A`aNh3k7&KwTb#ZGIxvWdrXsjUj3aSp%&nmV$mN%`|ivVSLlLvpV=eInm*2k8SO
z0U^Sf{brBIPTz)hUPT-iAGOqgaDG5IxLO~+<F!mHN|bN`*mWsBmX!pf7n>v154ds>
z0-Wnok}N=ExGP^DsN^81Dk+}hLJFMN39;Bn0rPb!RTdx`T&*A9?~pXN=$~5A<!FWp
ze^<F8S|Y?q#rvkxH&Ko9Q;7>u{Shbw@0n`b#7iw@4;TNlFzf&-vk9!Q3<N;&<39_n
z-&O8IH3;hW!TMWsJZO*gcN3kF&JtTa;)?lxKWl)>nE)fLc_Y8t-;+Q1H~C%vO8)4F
zKgn-g2?7EFMTNi|;i|EFA5b$YwYaHp;Q}j1!LAX=kD~S|y|TAnCh5G?Pk%WtT*a}Q
zlU4*)XdbryWcO-{TxZl*?pAuAv-@y&?Zf)(EdZt6JWw+5dw2hT318q*GhPgX%WIv)
z)eFK<yK5kN)ff0SjF0O#6c@TT*vwlR6x-!Pf06{dZVB7R;N)4vs!o&NHDVEqPR|;3
zzyIzV(?1R7EOQ)3Fv;UzR6jJ$I;q@(woJt(1JSE^@JX`0?R-%S;`}ni`M#Iq3EVuJ
zO~`^O2OYo)sERV7ZH387*tcn3Aa?B7oeX@GF(>TDjc*3xHLA7>o{s;tEv1wt*>k6D
zZI?KWURlk%StgV?QKZmkVv-&l_Bqf_Dy|y<aojEftI|PayCS+$G<%?+Iwf*EDYzn3
zDH!sZBrRRdxia6H6kj?=acn_;u;?GIWC}C$K%9SIa>qz=%T6xjCeCdGPis+qQdlki
zd8K0=ry(vVfiSwYeK2m*d=`^OWB49_YD(iknhajX6i+52GLMskb0`o@?*P~*MulxE
zGdLhIfRF=a+o~pSbOXg_j)+Iw32lw=&-sk(BEKz02~<z*nNTec2lRO7#TnS+M-AVE
zHGQWK8r=b^a^Z6To3HAqMo2JcKVGL3K28-K5aOAvH9z7fppY{E95f-@`BP8)W2lsc
ze(AqjNNE0k>7!%kawNE|7WIga;TrszkP}+E&+E>CTjUYNy9F?(cPqa2YvxLjA#!ai
zn&uPbzMnC&m=0+Gna|NsRYOAb6o@m*?@Z0!F(7J(Eq7v>M($>l=)<ySD>&<`*9fLZ
zpbfa_5BcwXbmsXoNIDy5V(64j0xP?$=M*;^7&3!#J_*(>lfNF4PWwncXw-F;Uz3tw
zhw+a|mRRD4e+<3+ZsfhrK}&qOyUA}6=(QM2ydu_UD$r&+UFJaWy9Eb)CAE;v6a@Ov
z=Aag}UU#*OuS4G=y)E~^YIgF}b`JP~;COSez%Xs`y;Vzsf#8y@3pyfNPsw<-qh^DZ
zsCEG!v>;_tA9kj3G^GW0c!hUUt&=@>7&qxKBL<zs`gF^77r^Hrlg=>B*6-goGJ-CO
zn=!YqU)7)CmRD<W<NV-YDfu<}=``(!4GXN{8l@Z$Be0OrQq~B3^tG*D{%+-u{WA?R
zs7~enMJ7Hs9}^+QJHV9SPK$6(g>X!P{tYVt(i0td1V_yNXPkg;+?F=U?S9UYhs||F
zr>MhyHBFe)4y0Si19^`YDS>k;ma6uRdByYNtQ_(RJOv(8q}&c&+7J1l56e33sz;6?
zPZpJ{RM*W{ubuqm-EJKkhp?}^W4-IO2`Ihol-^FI1U0;-t`#~1<pjSH0I!v|u=Y?3
zb^q@(;3AW1OQzgToJ8o0HO$+0kBI4hZ<}mEpWpxPy8q{Nmw8Rx33|ofuLAO?cICoR
zyOOyPRyh-MZASqUw2xY)*8qNeK#zXUHu!m6VqSdU9}|@WxyXA~;U}D24>%cah@uSK
z1H*v(`795I!vFi>lI8l(=ioF~dEaD4-chV9gVzm%f`xojMXzGF{X<uA2YN@RM4q?B
zIYcgDY`jd>gF2#Hpp!{%%DmvNepnVC8JCbu8omIn5KS5&8B<lcKNMwn10{J(hy#)b
zvkYtslW^Y1ul4uj5BW`gm%oxfvHVZ+`@@2O{Bc4-6<*vLUpD=ZjDtuffnR_KaE!dZ
z3msW-fl?6sEl+Y2uGU8nEJQ}0io+0-^E@^72vj)y?;s}I;qGU7UfA|DA)XF1J#jC~
zeV*+n{^w-5;6yRvCBR28tVeuz{=(@g>!H+mh{uv`Z&cU~?7=uzL`XM3hs<^|w(<F^
z{ZDR)9YBmY5-^ImlmL;958cWC5WkR!m!$a7uO&P@MzxpGCdKKS2SHh^W^mo@4MQXJ
zms-`!_=jFAH_p_i6(603^o6!Om_V=FC)Zd$5<3Yp#fV^!J-_umKaF3x4N1EvCXbX4
zIxY)ET-i@4m0ZkcE1%_hnI>aRHEkU_o-~GDUYhM{g9!KWJu|4UVYD38gv$8_1M0QA
z;T6FnsZ1MOkmqf%=jm}C!Z&PgW=R_tqN)#dGsx<)%q7jNJVVwR8e-8BtR236rt5mY
za@eD^Z0U}jSGDz(4&%WQlW)S5P4U|LnyPeA+^9=rESN<UQJjT+e4cAk6@&1*Q^$Ln
z9v%**wRhZKz49+vWNPAbCY^K%{OHX2AUuM`mWpgbjR^-|cTld8Ibj)eQ40Ibzmc{~
zI6Gc4+u*kZC9_{eESdc*k$o+Zy&@6(^eli3G)Lt`r3>Et1#R&2i7_VaKo)4us+-|2
zS*J4#r$VRFx58fotP*gf61wbX&^_;_*)~!ML)6`xn{ylqiy|{Acqrw!@h6Xi?)}s#
ztR~J4$FPk2rFyJE5aug*$g`7a=w1(Q+TN~+fo<|0uOzC)OJ#cU*XOc94QFmg?r#qe
ztXw_TSQM11+c{B0dz(#j_k+mROJDr<pOK(Sk&Tmthn-Z|Y6?+;Hb|vWV80Aah)Yhy
zuop1MQ8%%7l`s=+?DV9gYk|XCqmSF6zLo?{GW{*zBxvz3U7Kf)M;+uoaHl)za61Gu
zU)S&fL~8DoGj5Qp@q7nE&9Outf3Stw$Axxl_txg0nw%`~wR7E<J{3IO@6`jJ%+b<k
zqCGe{Dw9bBopewoLwAh}u!SZ&xUdK1Zyvx-g$B7HCC|pbPKL8@R?cmW*)Gj@q={F2
zIdBPMKb%Ju>ZRJih~>ehc;Eo?y;J+d7Mg2=nRh?@5QGLFX#I;P9Ns!r?D*pS^@tSy
zz<f!F-v)X~z~Pw_6DM5w=qOJu<&5gL?aE!GLYpz>vM4X`ai;7{eoIMF>k!A+?LC#*
z_5Z9|Y8BK+o66&iYo|OsMZ_s7^d}xxl;Cfcbys<WHgj$|5DDUJ)?yrfbXNKrQQCC8
zR2jk^ZY|_`!qSI(+_;HeV-Y^uuS;>73FtpjIpIKSra*X5_ny3D_K)L;-((4&3JT84
z#zriU#?VE?TtviFML4bN_mJ*SYyVXGS&=*`AgTombrJide*Mc3iL$(8)M>cx&36|V
zGLpI#k%m)@8)Xj8aFW9oWR&9`CwmnRu!ydhk!Rr@+pi8`e)}b2^;gmggVr4GU@5%7
z1nqPgiF6#o1*hcVsdPxW!YKnNG5`KG>(`IClf_iu>ia5Zn@AFf?U+y#HoEp$XO1Cq
zwm!Jvuy__XBz!-hW2H(9?De#+Cg=4ubNI@WSYu)V$^}YV!DV;f4o9AU0l#zbgZPCt
z$9mv{EB~Bgg!|RM8x1w;X0OyaBnMPAf7Ks<OZ@blOga6cfy#Is9NvlBox?<d%J>`m
zVNNa(hjuiFmrOJJQjLOCT4Jlw1TIfnu+GD^JD*K9u;>yQ+2$~^&2$@unG`x)3FoKO
zV6I}VLaj=E$P&)~E>y!X{w`EET=!~EH}=`*FqdI-GAWip@E!0UO$FM|wE`;Tb##mQ
zj~t9xX|F%>3vXA^%VakfeV{0O5_u!P-rtiy^f&pP|4ROJ-9O2nlnVk<ctu`#EE38!
zNk5|^0$exwqDUUbb>Nboj6@Z`duGe&$c%vfT0!;~nwCPJ!Qzq^7=Eg0VRbl_SQ%Xx
zfm1A*YYpd+^t^J~_GaS`!(`m>8*G(U!Oe~j{Yf9x5R1eqK_d+Sl2e8Zu!Ub;E_4h%
zu8)Dcgvq2SXj}ILZW?L(MI3T-6nP=aRUgO{nwt9d$&x#Z#1@dIThY(dlYKoY+d3h2
zq&VT2H{#Qrm7KhrlNwrHZfyS1JU)1Fq%?aEK6Cy-K@BA>6ZpZ5Y}<I*Sp`&*-LR+l
zo0%Nf&OA-BELni_uMcJ_hX&Gl7d<LRq|wq@wu)5l=$PV8%R=_{s{HU18}FYQ)1iKD
zydSq~McKkEI6GM#MXz3Ekz9I`+##7^Vxp;eBDv_qcuBbU#_@#yBpG`L|By!a%={eQ
zdIA4LnT++3aK$Lh-P}*VX4e?Ep@1lPolwJZqjjuhHtfd5Y9;2z<y^z^mzVbEpL`H2
z$6b{qwj0byEIIzP3lpBME_>f3Ppa9hTN!4XZCW8_U2W2KX`wAl>v!S8sFu=~3~PI+
z(;SCG`O9j&>avlqYjgE6$B%s7*{=7O<PGfBpUNh}4mpjcVoY0|mKUGoZPI0YOHUx}
zb8zeG(9`=08XVEJ+u3=S_r_c~olXOq?fX(dN|jxM=9c1j>kKJz6Q9B_?W5SKS58MB
z)ScR~PjA*#Bv(#*A6hZ-bF?f}E|&Pq>b&a6;jy!w3V?e9Y8pL>?34Kn=1pfFihF`7
zCpG&#DH=8V;s&<6gZLMws!>01%lb_!i9p%i=GG(b>ace?b?{1h{ok9NHC7YqnH?Qt
zKRx<fmEGu>EpabN&l}ZJCqFftdaEC<wYRIHA6*X%#CY19TPb?3Kb_7%oL-}pKFgZ=
z7N~a>zKq&;ExYrFyd0~nlg%~|-H(@`8*HS^aXhP<631gFKNcSnqfI{y*iIruUGfl0
z2xTwOI&-OfmwSja3-k}-+6*#L4>a+CmHf)j?;dFcj4EUr35-xcn)cAY&DJKIa>`ag
z&tA|XB5;9=Pzx5i--v1xR2^F^5<L@^Ey4Ps=&~M{E=W@5n6Hk$VCQF%>R6x-zi^eS
zPP1@jFx?~DcvsXIo%_(t)hs{(v;Y&ShX8D#8~Je-wi;BfqAdWzP-jixgHvh)dWIJ)
zS-Hfvxn!u~Zlpq%itDmD;`=;`%1&P<Oe9O<9<YT2bQL{07SHM#(nOwZk40+<u7{rN
zn`JZ@b41$YAn6j5Ycd+5JfC`xH>l~pEfJk;AGjMe9`>B}P;AU@Fjfk3P}c>Ivpz(7
zLiaEeO12P~JyW3z$dOR=d`xdpIn1<2fT)#N$Rkw52EZZ<)w0(#3nVeAG;7A1Zq`_L
zP2&CR3lX6ba1~3P&NtoPNWF%8Suhp7o8@s$@Wid1UcfpgJQh9vF{6B14iBWBEeDp*
zfFJl=buN5*a^d{mtn!kVUZS3}TC!TAUc3reEmJRmp9(N$-XpqfuED-?y_8m|;u6Hq
zS<a4_>Nl=G*t`;|S-kvs|Nhv)J^MM4NzRiuBWt;cyR<!XxwyTs9UwlTIg4&W=F-%r
zl#*W#<eo9uOS;E9R(3B>FQEEq{#1CKh4*u~R;*QqJI@`EF=<*e>XN2W?p{VgR+A=^
zAhSr-S`}0$#1unSd#dLxHc_RYZC1WLP*#-^PvSa|o=oLB+@>O>K}a(lytVzy=Gc|>
z8yrw%E6yfTfgEDkw3eQgU!y!Nl6e5TCbH%GO0J)NmDtSCHm!32T9o6kv`QWh75)rB
zFF3VCU>o@tnfk!IO`XLMt4;Vx9P~CJr$kxIp`EA)A@`*FFNV9MlLXZ*i`Jke8u&wV
z{UXZQ=0RJT{R9lWoFc9PVcPpWW(>Yif_q`z<a2M2i1X;m?-_b#OkA_*Sjv5%?n!Ut
zH~M?>hy5nM(_hJ-i~cA11EWAdtS3mP6fsC(^E@{yIpUww`cKafmD6|9<L^Br%SbfG
z&rw`N>=tc-wsJJTaBgsBLpVt|37%Xf8+T(pdTje_1-aLYu7P_boc8H#txK|}MYBZd
z(D_2;w5<lRPpR`uW@SR7@dl>qN#>&xGRf+r6uJ5u`Wjzo=*yWbqtZs$N1}e&T!3D{
z+eF@#+_ki<KGGbty=x2Baer8zUru5rss1hu_Bjh3^g|S!3<`=g&j(k5N*%t|;9y8X
zCwVE9_a9n5Woq??;G)P;X6h*B23`_=3baFryi0c;|1Ku>siyeFa?FyXx_W9XJ;^ZL
z(coqf<gUUq3FkA!o#H_M7Q&0jov&M0y9!)F&ZFs;66;L6ba>3>qs1@fyAscs)K9Bt
zmhmxL%^vWq;vQQ!Q5gf0PY+vStc&fMV{sRc1U7A{r`*)&gT2qlHgS)=_|(ip%g@3B
zBDdoddE^f?MOc6+Zgt#ZmAh&=)9Hnb0tq>i2X4Ui0gPu9n{3)XjpA;h?IY>|hkbgx
zjCwBhg{Oidp!m`LfXzOwU1K@Z<+i;j{Q&O;-oE?*8}jOh3oRs&?_m8KfX9SCbJ`Q=
z=?%ju5(Y&-ZNx}CAhS7rn;Dv%nGdc%-EU$bCF)+V^S-|@1DKy#xsdGuUQoO|1irh6
z)g)-;RhAb4MGdsSqU-$96lH;;28fs*^%=GkT_$f(tDh<Lp|~Pza<_`(63;-hn>O4F
z@2tHybGNW+ZIjZ(u$xjmDC-ozH+U*vV_KHIfjOCIwLe{xa4$bWznp+S0PS49*XE>c
z5Q6{d<L!Ed!1;NvIAA}Dhx@6;gJ7?mWbb1qpG$T+21g0={%Gg7R(VTUylM8!a4jjA
z4s@9C50#%VkYp>JXulfh==-c!rYcF$QY%m^&|%;g;}qkxAaJvLNT2Dnh_;BHsXPL1
z<vS10O*dyhSoT;3t|GLco}#srC8D%{@en<8cnrVA?PNbsKTq$Bbt-qt&@y@KydCbW
zxrI0%_l`TCKmX8qf17<fq^0_J6T74(DN-BTsl6RbKqeUwkuN6V%#D-wOMEE*%sEHQ
z;nuInTmlL`8G5949nRLLQJ`<6G{0Gl!7&k!zWeekr@ryj@Dj~%;`5HQ@;nTakG?oV
z4+phrlD0ufiFrER_yDm%i?cElV|gO8zA3}JSlsc5>kj99rx?T3mhleXMH0udn{ivh
zZZiG|{4XSi{*jopQMYO(2RhMFaObdjGlv285s7NmYkF70Xm>)ykMlH8gk+~7b|`}o
z*_VZ(I2igu^EO7Y*l`IFLZ~?hHcoOx00JQ)_iQd3F(7l3W_Z}WP{e>?PJecm4eurY
zS22mu^w9L!azUb;s9&{vMSI3~E?=o#G$bTYi;8|N14DsTHU=h*K&W3Sz~dtJ?VHaV
zYp47>zA|ZrX!7~pTSq9(OV46gM<%|W<V?MI>_6MQ$1Sf3QthkIiN;}k6-dg<>)Jas
zlQ|X@KDRgDhb()KXUxjcU77WrI|UuLV)wiH>7Zr#)0f4!vMFf@-{dU&RdkAZd=y~O
z)MyBEUd>NrYp)SKa(O@%QS!HJ2IMlG1Wb|ID^*>hI;5p(D-w@0p%%GQh5I>Frs+G*
zU88ijvIhfD8rlkShmI5;9aN>dGN}5WAauX0xzBKkf(t!c-X<)yZzvh>=7b8cz;;%f
zOjtw8Zxl}*&pN=}!{5UlU2hzE4sz)VZCZNb^e;ADJ1pX6f!)xZE)vz037>FYBR4~F
z?jb*XSnyiyTyE`Z{59pF+*SH%u86+~$K@+#HJ-j_+$=Nnb+FzDn%jkV!wvWR=-PvE
zpoy<0LAyh9yk}Oeb5Y2ars1qsXz6(KriFg&3pHtCey#(_)F_SJbvdtL#<3=*)fKCI
zRl$7Y?Nd#fD(~nbbm;Ltu*4TgvxvSFSeJ41Mt-xuCx7^F@;m;O{6)iml0TOn1jI1~
zYWHRS3U1agL@lWmzwvzZ=p9b-<?Ojx`CP=~9?`XUU#Y-}BfFHLrruX~#GBf}sR#Kk
zO9!Z&9gph}9g(@3msUXH(s$q5ReZS<#rcfG$jypo{|D)p@u0?$6JG8Gw+_Zcca74Z
zP0F$_mVK(px1Y-u$%)6KZsodm2Y5@}sPAr4dJOUJ4$)J%ogF7d>%h|LPD(pF#x;)x
zKg}WG$(AXeuH9z2HD*6`v{`yuG2CnXI;BSNNVNI!vMVdZ%o}YDO~))o72JF0?0^ah
z-!~E?SRjM$OG3OEzj@+bf1}J;?r}0HN$3f)XKRWysQ!3(jr!|&t99qalm@0Vy@~KS
zYU^tJsG#8`gJe8-<7NzOJs^@jK!T*-H(au>)o_*P<IA$?6Gd>us*mQ#dJgAQx^{UL
zZcI@>%HS$I>2=9d`P0m^)F%}w!=?yu!b?(Eo70hr;k`y=WBR#uIhPEqGXO90ed3Ok
z?0uAi41~(Ivz^y$?;&q}XEt|86T52qiIoD!GFch=@*efv=0#!s?RUxo*B+C~WIUAi
zz*^wy{LW?M9C6*$w@T5YY@sxB37=GRiHJ@n$*e4oFYQQSXEf*RQ!yUsFE&`1Vo=0U
z)h1M7a132A_cCo?R<p~uTz|RWt2}>3pQ!&SBD%_+5^lhn624O;aUiC$XU3)ilXBvw
zvhf=1ynY><vEBF1+ttj>+g&zS?;F9JH3e{bGu|YUOiM9#g|McKiP|!yC7hVCmB(Tg
z^tmRD<zI-fr;HVYrdY%{el1}=v<J4qwT9HrSf9$6+W{OKsq+|Gi|vfnXAS|j_Rgm+
z>e7nWP5UPIkf&(wsaz|~unLRQE5{XM_pY2;X`Dw_cGn4x_0>Tw8e_!2Tnd)b=;sa(
zDRC_uzBA9S$X!%9&!<?#r@*ej7@9g&r<Sfi?U}(^dQ~&F^p4G(#j~h(tDd|j!d?@w
zuL&kL)$YZO*F-`!QOojJ_}R0SgD*l+B@iV`MzkOv^&E&>#O}8!n>ftbw~0qIq3hq7
zjUn;ElY#er6Y+wQD>ywTfmT%fn`iV=#^?K~W(@n&EXCeN#oozc1Hxz9doLLyCN8j6
zGdQKIh#HV169TGk4ApQhML&f}!O&arTe-Z^nl!*9oEu>3^b!J>$8~~8)H<T1gY)Mu
zo^gW^*5v>;nYtZc``0BJh6x&U8O%yy%51SpCCa=iog^i}c^%e!Q|FWN?S^&(TTiOd
zC&q*a)BK7qnSA(rN#(s-FfN=p!Bu(4&He%$Zhw!|-ly08yYnw{-KU`|YRIjP&|L{R
zlCxV}>Y(l}1kRn=T3>?JcC}Ckwd^a>WxQ9tspRP9u*`C5v|KAv$Uk^y-r#q(wnN=K
zLoGc}Se=%4w6=q}yadJOEdc6bvn6Cmq%#+^IeanTj}fPM?7xi|AAFU0eI@~$u|0U-
zcgD~di2+w)LD5hl(O^~3Ea9{Wx|m=(TRM5^gu=1dd}{fGpNI$aq1iGV!6N6Rzi5Lk
zzLjB5Qwd+t*i-0O$ks<mEl(d8Zo}C_h_oRSQGFmfw%9tzb0KJ}KM1?L(K-^~xaO!&
z_x}1c4FY_Kbiq)BDB=mkECDB))jgog#RT{h7&Kso$A?N0A^4nsw`P95JE;*PR%2fw
zT_AozUsme535Se?6f(j^RdQfUd7+{ezJ|Qz##l?<3J-fhAz1^7?6h3XfiB~_(kK2=
z{-jm1OEE^(EJ;A4375#jcdGm$lOUCF*DBspL3L9gjhuX`{Gk<zr~F}2)4lkUKNfSL
zxX}e#?FX`YKxsphxH;dWLoF`V>l%a59s9IIY>VhI?_l$^#gLq5A-B{6UM+-kY1PR~
z@j)ax%U3V>|6T;}M!!BiJ~wfH3?M^c5hEDahQic(Bfr((lRx4&`5pdB{&LSh$!{SC
z0wO|l+q&sax=a9l_br}PPi7~7B!_gnKUO^UM9SYSfIjwJtg=LsfuAyuvO%8m_o%!1
zM=|{o@@gnW#gyq-^O;0Oxs^v94*{oE<%rAnq}50RpZOnOQ$`JZ>k~_3P3w}(g{zm3
zz9pv_kd&R!H<R@q(ZyF08LAkvJ$mEwgFezm$AY3v$uR{BSd-)C@skM~X9o_wo25sL
zL5<5&3$Ty_-;0NCSChjtCKrq&r2yc_3$n^*10WSc00iz=g=}3NTs`j|5H4PyC{`O9
z)JHfwH91A<to9X8p9`B)G7lFk`g9`lCoYx@8^U4jXDqnBe#5UYUj9S~cpq^tF(JN4
zo$33M{9HU+CAehDT!(=4d=GPJ3~n_60XGJ&GX~mr-{Mh@3E|$?`7_i<9|L0Z)iEKe
zF(GU*AZ#%q!V-4!q_@<!)Zf1dmSaDrw5qN<-ZXW44!8yqW^N^Y#`vQ9ZLoNaJyuLR
zHk3{zpPtwt$X*9GP6ua13ugqyGmx7!43Tyj{_zL>4|lBf2K)k<XMtw{xs~?B3_aU9
zMX$>8XwM=~vJINef<+uS1udMCEzNb!@7uqutx)g2bx`Gcxi^!I6($T9D)yBw=(yEM
zo71{TN|8j4V-!peb~J!s%z|nMSa9W}=-CY`;K~d2u-IKp&mWlGzD_oxerl_A>?!z9
zQjNV{WV=INLG`S%AD($lNc-gqiruGxrY=X}0?hr5@41I%O+-5mpVIU~rw*v?(SKdb
zaYk{$@85q)?P%~g;PS=&X)MT=5k*}F4)7Yd3UooCgS+~glm0z>1%dJXIo!inT}|qo
z^zlOU!h#<z9!OVxfJ#X2(sb}_&YW}}mjEBGO)U%1w_gaOl@(Oi$0Juo_rSCM1J&Et
zw^mqkb-`VUFdW2b14CY2A2@6P9M%R7>jN1~sux1l;2wr(uk{(Ow}~q)nQ6xiLm3vP
z@a{g=1m6U%3RK=MpEs}Hgx}=HI^k={inLg^(CC~*tV+`Lkwwve-u{jh%A&lZs3qPs
zZ^R@GzA4H^B#IWP&)&s8avBRRHt%D7LYpVICB&5nDvpvzAFf9mt_R9PkKh0qjTsj<
zL>Sf`UQ);_2YMbCJtzI)3(L`f){(H`5ozyS6zGu?lzw<n->2CIBb=WR5GH!GCXh(5
zObv0f`P><Ez6(<yTsQAtJXx9-%B+QcnSHl*NKoBfuWfrr<?5%pt~31bj_ZZ2T;jT2
zTqWZ$^=Ytf&#if+jJzdV)~3~&!tOf$o#pzvecd}s$s5P=I>#uSVr^qjm$O6qyX}&P
z!=&W_4|=@14YZ|seFx6)$GBFocq0X`rHd#Nyhi(oD#$O27#Agn?Ss7+s<IUteCRey
z3mXdPM>GPnJ4eLLz~?{;0S5xOneEbObS~RXlKEoj67<Yt4-cp16%YO9hCRT}x=rut
zT5O_ei+l3R$<FlI_|p1Jz)=X~s965sp|Zt$%i7hgUVJG|iiQa4hl{0B?|HuuG8|op
zJQk&HbO8#Pj2{rmojq@EZnotQ^}iIbTLq*mWU4ifp7d2tmD<m9L**^bwgF%0ZkQwP
zo~#^z1bQcOV$Q>bX!lyZe5CfPWoUGDY#jPxR5PI1*RJsA6T89fv5JNAANp53c08Bc
zEH%YX;PvL|uHD1cPYiCnt8aMD1DrehzKq~2&@pR&wY7~__ijgyE}FUUSlneXSgQt{
z4KWfa!)=$2O7yGIPI(0AqUbCxDqll~zYug1Ite{=y|XlqiZ3U#>$5F%Fa0)h_4<%|
z1BeEB4_8wUGw7by<39CCbs-zqGJzXj&r1BY<`Hf;BF1v=24@(^_<m?Z85_?!E$kn|
zcdkSh5qZAR?QCl197+MrDCevFOCGjS#mmQ+yvE3$=sFInCoTg#K<33OmmO8N3^mA$
z#po?{AItJL^4tAA`6GXm-~O-UuVwg?{Abo6Ak~@|r>$v^Iy)7C2dHGWoPC|;gUes=
z2cqf^YdEd1CU)z&Z?d3I6?ZC8`dgh=G`z;|372f?Y{zv3+5aED-ZChzX6xU^T@u_S
zxD(tpSg_#k?#@7P3GVJL!QI_$u;4IAaJRwr<-VWy{HxBFQ#D=v>(y&_^~~(K_SD{M
zbxVSchO4(h2A8(#@h2Vc1c_1a8dq1YWY352r>C6oY2;T?5`JF7@2}CHw@?9OH-Xtn
z2v<!4zQfPi55*h2VT)b%n{dY6$pV@724C*IXH0R2A$MUS<l(>X)@^P2cN<VTeW~+H
z(Jlfip6R%2*8>>=DN!uJXp1BsHoT;gWv^e~8K>Q~j>SCP%>u*O3npD(DXyZVonLH?
zzn$CiU#)OBcX+mJwPNP?xx?(Y^CuQ#c{IZU49m|vKUH;s?wY5U?Gb!}m0qLH#vd*b
z%nL0Xb4yp0?zDkbJ#B&_Z{{ke-}t$dT$~q2n@C@afokq(mE(h>c3Gs~uN9uXwwL{e
zb$_2S32cCKk>~|vuLQCk9@)Tp{nLV2-rEKCe`(a;m^D0bQ*#ZUns!qzx#_Q87B>GP
z>C~TB7oa;ZBMLt*@!F=G2ebyhKo|CDX}MehSoqf;>HK(a?p8}}S)LvEvj#TvdW6q%
zl4PdD5xZL#y2E!~#VbN(%TqlP_Tt7h?fr)3M!^)mbGftVU|ztsMhjstFBjGb1bS<A
z&=v^R*)RS<Z5Agq$bf1Zhh{{ve&HSH!92BMbGmS+#~%)pd)o|vsOq4^3&^$wY}w|$
zrV1{qL&tE{16EJa@~dI|D!rx8<c*d4OD6p`E|2;(&`TS3(8ckq@26z)_#W)y4RUK(
z8aCf~k>4B8svZ$dVwMDEL$iz19Lgxun5%swOjxGN-`3I2d>Xe#VS6&J6`L(C&<d+M
zb`-*C^v>)IrGyP{sH){n-f5m=x|Y#IEaUXz!uUtqg#>TzNDQNOkc19y{g(DzK=Pq)
zu4Yct?W78+hM`-V3|~)(L$D(ga+EeKHeOGa?y&XO47@Hmu^o9si<4fRx5Pq$x@RV#
zg;Z4Y@!$Ar*TnTxh2?sbWtte_8(v9clLiiYe>M{}^CvnXobeFtygGnldD1ozHX0b?
z*&ofNHrhv*I;Sshh1fTf<erZMmYx9}L7wmh()eEMs4G$=`c(i12}D_*x`M<WT%yfX
zAD~SK?|k%bz|zDc`Zg0wN5nyl@FvxSPU4!u8uKp&p-b&|C5?SUc9MrF%(hYjP`7Kh
znL}y)JHut$;Ck4*4O*w)$;M_nZJhncdpFbb!5um|y1P2don9Hn$u<qbn>Qd1z<BMY
z-nlI2X|=Ac=Gl&Ca!%^_tIZ3F(@-$kzo8Qoj9z)a5*=DsS)8P+#C#WBNb$%-(-QP1
z|5ZbleyvNYiG#&LKTP8xmD=R`*tXB@wO9{!isYpM*xB5A-xSd}-j%GjdG?1WYQbJ=
z<=`~w<-Rw8d;}rECS!BArO-G2P6)7di#_i5NfBw~!c$`#{NmyZhv2Ppey_0U+u7BU
z+8*h{-4-k$3@%U39K%O`u;m-phr-`}-cA)LEShzCzV9~w`iQ>&7^-#dBP-NQHMOEx
zopC`(oUmE!{r4bxriW|w;sH;>tWRc%5|EfeIm~h2bb{VlOywOrh^7N+v+iC8SUoti
zTtpr9D;aUGtsylWoBK#NJ6&zP|9P6T?VgOuAK@3irg_ag)yL;6NgWP!$9x#1zAW@~
zf6J9NT_T@4!{=@|xOyZ!gmkgB;2+3dv$}J74%hj5U?Yy4+{McB=C3_J>)zmF_q>ZA
zIs@I|{J_gUwGrXViezhtWUilToZvIjou1XSe(a53KH@bccp6QV>Otbf;c@%%IXKcI
zJ}N?DYa`e99CS_kiJbZT=|<2w6CP`*X**Yn0vmt@9Xo1jR+;X^72-T>gdc-N>v6gN
zIXCF;g*^#7ESY4%pBU;cUKHDcR!aL>UKy}8-9|N}mvh@_5<y^o3zt>_&cJ`j@A1FM
zAOA1;UH_Z>?FauM|3EYZ#F<t)xEkg}bF4vz*V@v;B)ENAtYefU^6F1=lsxc6h9A3-
z-AE-_KBp%KRQ4(9eVAjUr!)4VZ(4mhC+#4CA+9;P3q=av3)O6OkSMD(f0l4WrumoP
z67{BSZSD%}OJgu$U5}xHc1ELtjS5o^uZ>H&PmMj+W_9Tq&jZVTuA)=3Zaxjelnfkm
zNyBe^PQ&apiihug7bKhDF8P&)Y>RQg8R{J>cj$`OsSk6oGAX^P-8OzLAzDEf_iE<V
ztHVBK^h|VA=KYo2E3xl{niqz{AH|RCdw~(a;zkOiiLh;_@rk~QbH*3X#Vbt67#c^1
z?F|9q14sj|=Uskg4T7d`C$N+Bq9f-8MKOB9d<&TRR_zfBM?Y)%^!(IIy+%7mPvnBS
zPC8ExofeC|`a9OW!X!PQyZ&;_md(v#l`2T7Wb+Ysoy;E{3SNj`5N1#xhd<pkSyE=q
zv?yf9n1}BSUEKt!loqaRtIh`ON9YXMaTwfu0?a~v)kG<lFz&=toEQWfe__H+95mHt
z*!X-gQ?spiB~*nwH-xfEYaWr_sO3%7UBa}jb46^2*)YhsO1>Y)d(+|Y66XGN<O_G^
zj^tvhWfY@n#C%inydXG)<dUJbr~E?gi^*cF)~2eSENh|GhO(GAal>-Wa##N%`#RCd
zcCN?EvR2mZ*`{ziSwSd=wsFtwT<)-et#CBiu}atFxfFb4L|0>zhQ05x#M{MvvF|9_
zI^QvH)aBWgwUN2B_95<hKJ5CX_xpmM>`?)p=zP)K7fPj9`=|f{hYh?B5$*ONJU)cH
z<A-=w*qO}S=h*0UFtd2{=Uyu7K%6e?2=DzUGaq_yemywFWREBQ*meC|$ebHyy26rt
z5}@6_AmgLKxhKb~NOXj?K3JzPE6<Tyv8z4%hps)G>!X!*j<x=cru2}y8W3T>&3x~h
z)hdO|^o^9M3FH14EBnjS5l1%j`J5J?EU2czEyhDcV+Q-1pPqyUHgwi@hQ~5pb$Eb+
zlRV0wTQ{Gpv^hOY@vQR<ykpm;LCp3hdx{YLb<V4z4|Cy%*<<{uI{d2wKwhA*W>#;A
zr?i7QXJOq9a22RxfXTvl%XyXXAuw+s1V!ZLp>IX5B1nqhBQ>(0GCbDHYQnj*KE%j}
zD0@PE?e@^{%d-fdz9ACSV4M*?&K>;H^`izu_LiVatJ0<1*0@8(43obx+H)IFI!^7*
zuf}y1s$vH2(p0D{AmtV05@uKDRG*lRScqA;ofsk*BzQ<Rjy8#Y9j_~?!|_eltXM|$
zjn-V#)ag;E)H}s`Kh%8IgzwQmz0s8F5j}lbhV|W9mao%!Ex8)MI`)+<J>PF}I<|i+
zQ>dDBxR_sk(aF-z^h;H-0YCFKarudi^U`TNVS;qL-c(B$_x)^>WWYVHe0FcPE_H2-
zn_I4{FM<lCObA&DI(Z-E6M)Z7G-A#Q`8$7hb6)3%py&Az^&i4I^U7T8$H-A5Z1jiY
z4Cq6Q{NvR0(YN~Hw53`)hvVwZXV;hhF(A(fBj-e5WY)O0W4MYIG9Q0((-u-`J&x{)
z>S7?_hk1rct>}2GL^Uyk0F;vvpMibjIBwmyUbd#v0)Jnml!1Fg{+9{*xVV2?w$SzZ
zH<pl)nIQ=pEujk_OzRb4aH&^HNgf!OaSTCa(mQ}->K}UkE<iN$4mm(>PETP@@Chui
z%SW24+&ei%d!^i-pgpJ7JHypGqti!ZKX3qZtRVQCWBr#R{;|w`-oB8?vMpI<J`u~c
zGF|HCC+34<XqQ;H{l#x`Of@(Q;Fy~jF>kvXu6{TFA>OE=+kheBzW}H&xr0CRdG#%}
zoS}#J;G!l_117pYZLWF65qQ3Kz0tZr#I+N}{rtpv1?Q#sL&X8_N5?<p_x|7HPxzPo
zF8@vb-pv1yzij{lLa5N)NAm0`YW3ECmF3F|Mr{X4try&WkYcCe?_c+2_pnVj-7py~
z#vHgJV985D=s7BrpL{0mhH{D)a?{3g!tq~U@rG~AqmK3hj#!kbt`a=L>BA7WdsHRl
zV8%7fl4{0j4e)8-nP2YxZ?W-DD%ck_AQt^#-)+cz&B)$bE_<NQHB3P@qpb$0tqz9>
z!cb33hBq}shX$C3x$;tvyuN4)cP_8G)+gpr!Cx_F;?oeV`)l?{!*$cpf5&8^$5pg#
z68R$cz*aY3>+}gv38PuDa`%pa{PFIqZ^vG$Z|PoqKWg8PTEUGUi0O0Ky0x(-dd;eX
zQqs6pXNX5kh=MNp!~D{eH6sJwB(Sv1_EPTBU>uPe&OwRUJZWscw=7(lg1hF2EO$+u
z6By~`hBbRNxVT?gb#sz=9-?6aeK)jWU`3TT3v(*J(b1kKHPBK2f#O%18xEPdQR}C#
zk^K@y{X>6^|NKpGL`+6Y4UwfAnv}t6<3*&?2(2hnZKc)~$4^UNOu(&1_LGP{8Q7#{
z2Ys^7tGBNfi`E&aN+PyLZc(am^lBxxTl;)2;^m9(C*@($iuqUXFEbzW3&jgG)kS<D
zTQLhXpF#*5B|3Z77daed6-pB}1uHg*k~o%VjwB`ud?ki-dX;#%hP>yRb2d!R22-ou
z$rN7cT!smy5Jnb;yxoZUFTAkx^p_Rm<+S-3l_56^W^P5oVvAx=6npWi>LgULAE&KW
zCX|-cV!o<pV`b!ZZ2SnBgP<0A@j~itd`W<<e<!M$IGg>jgr2;a${=^*WPJTE+W-vh
z@kOk0u4~F7Tbi}_1e%G&+5MPnIq#Z=-8R~uhSR`RmQ;<r6ox%c+R}>70PP9Fy~%mW
zjV~RA!)trQu7RB@P=dR9^)$&JF%%uMtNPa@-l;;@`bl#dcM^!Nrou^%xt+1fyFGh7
zN)xZwzD1rQLjKyl5WllbAXL#&w!T_ZhK`cY&s;%_L!#rwR8Z_9j3+C8-|{D-lTw!D
z{T|c5PQozK@24#!j+zC>_$P=VFBs7o>Lr!xXIU04&6f*?Yc)QZZfXPZv6=~PN4JEm
z;LgN7)4?95QnEeOM`mS(MAEI}&}#~7sE{kfZQ<lxWxdO&bm{lD7ox8QqbzaPvX7|B
zz6?DQUfqeC6qAg+$V@MyQ<9knqr9$-SqultD!htQ;`)wQyV{hv`MX2TU!AKGDt@e5
zKO+CBNw$giEd)hytnG4vqR*W9SDVGpONd5Hev^C11v{40OGK-Nj2Ai6%O)37)9WOc
zmXrsU%iZ=lTPw?|$r8(ymKUnpS?3@B<_qK1CKj(!6;wl~n%B6EuMe>H=Rj2x*R?A$
z<PRhymW@_(Ss-$2`oR>}U2Gj*QKiZ-zsCV9Fp~Z|U`Ot<FMTVBy${|Z5Pb@UGz(FP
z2h-b;dfY85e4O_mLwJmP7NU_Owe=AX<{nR#c6r6xA=fDEelQ*@O%bF^Ao~6{c_NpB
z5<`Vr7*~z;WbFXqbvdgioL812$Vf5$TH3)N3G%(Jr+>cGdx_TE^H2{~`bPLDq$Btv
z(Rpd~#h`fP&Ip1)4ODTUW3+y$)L}e=a80h19?K!_q3THEC+HFhr;*03Agez3xj^(1
zSik5E>5&uppP1GwmE46Nt4x<4XyW#(>)iLW7=NP~>P(a3jR{cVWo3mm7~$ZI=~L>`
z6u^;M9#sBYI>h=u{Kw>Io>HAYB_Iu`N!=9nv5od`qe|CGj;4s@@MH;Z1;$W<A!m~|
zSJz72N}~QflRYKbUz)JGRd^L)c#izReP=Tmj{FZ>?w5UMTS04m@GU{;_VA=2G@*~R
zxc<{Yd)`V+jBXF$Djt~*&lP9$wSUnKo{r27y?nd^f9@vp{cOg&ADRZgvm-N@8{HGd
z`as&h<tGjO7RvDt`ThPk`4j&ozw>{Se^~K9<ma=3faodppj7_$ojLnZlZ;c=lA8xd
zy1!23!7$*Gg$q{&)+M|xm_Bo=ggu!pHAA*6p$(`jxgdu-_p3Z(VsdXclL5GZU|>=$
z`cz%Q@JH9CS|WoGh>Eaj*{<Z~lGui5WzW?@Hd(c=uG=-~S{h-P0{GG$dKBPsDf`eR
z_wj^bQc!i{=IgyO_T18q`1mu>NBYshMcDe(fkYB00;c^A2QR@S4*c{WKDi^!4n&d4
zluG+ddmsZQ4VKD?mlht65__NnV~rEpN$wouv4>b^)R{99AEhxYK)DbrHcd9{Ygyam
zuzy_95<C&DsM8QzpCUYA-zxSw%T4sTYj%za_vLl7Z8u5^f&Au3#w8hLVUU}@(7Tb}
z#lfG6jfA-7;>|-IgRRpPCrhOt(;rcqKB6x~fi3%9Nr+rg*9U35mj@Z1((Icr!4=3r
zsHBD&Mlp{%ExG94gw%pYGjsd}SKV~_K!*Fm>sg=Ko-%7!zu*p-4N&g!H|Q^*3QI$d
zIC_cLZ?R<ib(RPVF(H!TWmP+KVUW2cd@+hDDLZqNM7bg8La3zP8TCZDC2)rBRq2W?
zCPGYUGBh48Bqr`JJjstv^m<{6^z1t-Y4|M`=2?Bf2M+ULvo!ovGxMxTAWx~kuj1&F
zV8*SN*y07ERu9e8lOXxYeQ@O_X5GI%|JO(y{?}aef40(kUq$%Ei!syJoH?zY1C+&!
zqmMDNHG61q<pg0nd9T0hAM(yGPux29<rAwoz?E#oXRzZ6ukkN+e7cH>Y`Ltys)iis
zUhg1&Bi2{E+}AhUmG2vUR$*|wf<zEL6^y!xiRXr;AXTX98<J8Yti9y^+q2gtLF19w
zY1MkH`S1wrS2V@hNYQ$bG5mWwYJqc(yR|9wa32orQG|Uz?_~thp}<zMszzXke6Q>O
zVWo~oKScB@w|_Vi0l7`iH%0e6$178E?%`>772)wK2FoERRl`Km7l!>hV;lJj_Mv5G
zTW#=u+iP$d?!CIdTmpMA)|edc(YOw;TZOfJpxj<69NU=6SUp_rGP_wvLY=Fe*%$ld
zv-^`I=b&UAqEV@{s_ZF7$7gqKspLTtqp~jyBx<*U24ttMvDOdyq+d?wW6SHGl-z`e
z6h-9-mi_ehUs2QUxs5mcQVgb8Vm(IQPM#Ke-(s(9{9l*M?hK}d$Ayvp^7#@!+`fj)
ze@YQi3C?_+JhXh*T!waAA^CmL5-j**Nq9q;WRKq~k68!mpq|Q+<o~bMAkKQ<LY3$}
z-Yv%shjS;RdWhKH%=;)=-*60H=E~GqDIO9O3^z8L{i#((Gvur)$CAb}<g%ABET>aM
z2p27md+$VCmZ2M@>rwOiNsXYTn<25*Aj*Jm*bVQejuNd<jPD1I*v3Q`slbN`wjGD*
zDB&P{KQ8vSEJxW^*zTR1v$Q#e{TqDX(c0HiT;;$y26J%4iZ@!rojY&|oBbBW{FoOw
zwf2=o131x;p4tM98@kSL5*RPLzl{$ZTBFkPpjbgT${eMZzG(H}H~)(`Rh4GJu)kQ!
z+G0Nq;tOiKwE|X6u(mKyfcP@o+|U{hh<JaX!IXM`6N2J8T6S?U2Quxk@}gYDeC0MD
z21&-G6!uXNYuJCuh19Sg(`_Si*;BvfeZ=s1fvMef1}03K`+~lA(`|lZ9!bb#l@%gn
ze6-v3f&bUh9GI*#7Q5$~#40`|@^d8lqn~+%u?@drR~?wJHh$5Upu;9>Kfu_A_^(BW
zT~;Vu>*FHugLzPGBo-6cTBl3HO*VYBV-AeXWEU3FIgj`1{XxubKL%{YPIJ-<CZ@5U
z%xaA;FNn#*{P@9|nR^Sd?_j3Gw-}Ll3xT(qfk6{xCFOM9BmRoUa3FQ!ni#2c1trGl
zra`eq3|SNGIu7;E|ByfEf0IAyU-CQsH~E3k{~^Cd1Ox=KmIUJzy|G1Ygytx{aXz1H
z_OI3K6wOg>W2?$9ivenbY+4ePm=$4r^%0uP6=A<Bzu<hR57&?G6fF@6#%Q&{?GHIj
zZ`}5OeFPs~u&RS%>Yx9aXxzUeFs7>g#{hz&HzuzLE3S*sq*4EjtR>9Im`93J@2ffZ
zWMozOuPTLlG9o_-Ew1y`9Q}XB|EHGADoGauZU@-3gil=;(fNaJ2lze?r&&awFng_y
z`)JkrF5`drl==UAeA~yM{UKvT`?Z=ed0e)+S$Q_c8MUa^N7`FYO>TD9B`1f4Mh^1}
zZl4Vlmt<F&<XxfH;}ncfio@*-GW!5raysi`Eh4;AA-tk3b2J0O5&#ja(xbWfeH0%!
z&P8IQvBp2|u}w7r))XCoys1p{huNa7GR!SAN~}I!VhEF;La0#48wXf}KZ%8fexm%S
zZp$f?zY8NMJxNdxPRx*ukn3;rG%lTx+oxQ4bfTT`44&M2AcQ(v4o`UCr+iu*czF1<
zNRA@QKDBXAX=zJyl;d*O3HG^tIbKkC1pzKzdDNzx#`%6A7^wMT-(d)<l&CT+I0|VO
z<HR7<3`%1uz|s;?yx=JD)P0Xs_IIlM&Ol_QvO05+gjNi#-JVR+id5hdQP%7kUk%cf
z##RWgH&{WJbDdgKJxHSMDTZMYbyFZ$<H=R>ReTh*^wfA{e&JK%$5uV_R(nhx|I8C%
znKMnhsnQMa^VZ;u@=zoCNTkY4?+5wPBMK%e$~XY4f|D4ylL%SaW(9`E(UVAf7d}tA
z#98OCs7!*j%00jTUZpFtE=?=X?zcb-=%<7H<${;2^h-q)d+OkKzb7G<!k6E9xH&R`
zIerjGrD4{YxMewX@Pc5zm+xGM=|OoGNdCyVbZ~DdmT5t%14J;WU<tzleKh4;=eY9J
z>7buwv9ve^YB7OmRz(rTbR~$|+9ujcR#9Jv5u!|3SxE<=GfjZK#!(1ziv|30OaB(H
zoR8;o0(z0>tp5}>Atlu{@1w0q__<k9;!3^;D%GDq05iXikG{J(m%H!gIc~sUi*f)n
zRR=ort)WrD5#{1$!E)J$DH^|xJu$H&5s%H2VUvRN%tAjVqOayw)}B|avj>?hb~9$9
zn%gOJJ4TqN_>{MonWwywN5AK`kX!La^n~eiU2?2bu2OrymZzu>?{iIz7k!wx^jip#
zAyK1@ZA{I_;MQjgpmqU;X{IcaER%iABAV`vlr$z`>8HpUas8X^5lfBQLCH)RVtltI
zf3N=7VTMLkLscX109{Qu*u6kesH`3CiBiK&&yDzQ1I8>tic<!1fzqv9W<k;DBFUOy
zHJr^;_O|=j=TL@2Cg7M<6_Eex7f9`i%rPe1ZyA{<r~EMu6{fP3EkL-?Sn1PlV!6R@
zvXR0H=>3^n=?1lXHT1k+l~`%j+A3Az*_F6yGE2yEr6;f-y-;&UKLc3iZlzV!-pijf
z4C~zuV~)A$M<I@o0`cS0#NniuK6|HE%V&Jo!1NCPr(VJW7TF-}&os$2pbwG!#91AC
z3QP~p;lCkjj8lVaIHV6^A^pymgyJ=(9mMNe)hE}!Xo#a{!@Be1Dc^NjR-Fh~#DG>Z
zhYin;hL4Uv%b*(G1@|2&m5jGMkZ%$i6Cid1dwWZuX5gT-t_I(JqVq%8&GOTp((UbH
z{#>ZS$Mkj6WHgvR=AxS>uE7i}V8Av1^AV~a=6Pilftz5Urb_x`fM7)cN#IZ74++)V
z)?x;vs7;0t6(Kc*a71E-!GqI<h=O8<9)`s9*YT(8Wi%wI4Kv-4K`PS9kMp#E0Oa|S
z)}k%LoRZCdfu@D5^M?^(BV+PLV@mHa$;2e7pc001miwHSbS}>H5BWp?H~EwQCBNf;
zlYh45KjcqefPldEFTZ^JV-hm3w5*J53BmDejY20K5D@q^7P4Bz$FqhhO08GB$QQo$
zbD2ZvU-8eh5cDDfWQcJD=O+_+uS$_Ph6tObIKCG-q0i=XzP}}4S|RjBXq{0<26_%A
zB6Uv?d&#!sOyAo^-}({0=b`49Ah+e%_!D|9VRY{^_<tz>HGivKqAg}aL`Rl-pIV2G
zwRdtuhWai-UVEF(Hz@?GJ%2nABC^kM*MCz4gzfmqPD~uky06i5vD>)p?02=^b>d%m
ze*4`2@(W#6b8aPlU4Ny8!18NdC!`Rl25KOlnfX(Eeh%_kJw|U?<?B^?{JT$8UG61`
z$w5AjG)})Iq#|(XPlx!BM2GD$ngl6eJAR%+F6EiQfh*@pVh0wiZhlq(Ls#c}iLzVM
z7wOh(^w`p0=#zN~hU|yxs@&I`gH%_#h^nPLBIn#|tf}QVlTHF0W}ld}bJ;kdrZYHt
z!PJ761&Dx}ghBy<TFB#Ao^CJs24f8Wi_EOv6Y4Ur=ti$^O<9;7+#H!DWS22z(>ux|
zj@9R9IO$gY*L36Jz2hlJTbgsMj)6x|j`dbpJd>_%UYSIDSIwpw!^PxoL<h-RQyJ8h
zMGCuO34ygVMGAjoWXn^$=a{y>%q10lVanP0dxuc!LQ~}7hQm!u)s&QBe&5>9!9o@9
zJ{^v5;A~MepF%(PWe<BxTibzk9p0X;3fe|Kvlnh|iUe$)Zc!`2!60Zc4-4X@D;zS5
zNoG5=T#3i2;WbK?i9E<^Pa}-K))w109k=Rm`*V)3l<H)nY&7BIQlct-ob%N!ofrOC
zs+B=mW&+VgXs@8_DX$IdA*v1PA*&6^V^9}az}!CXmbxsM=%lTndcRs`@0jmAM0Le^
zsB(SB#=Po4djhpVv|N>R&t8`E*xWuN2U<}JRI$m`u_fmU%2M5Av%5RL%HpM5sE7vX
zmDQOP%*pb8d*r#Sn!@Z=$qwrMcvR$nz&{Pi;vOR%z5AO)W90jRW~_$YehOvu>ePDT
z4e>pH4MYt<zfkTtGn<=IaAgfsxuXp}p}?dR++4&u-U=@`GEjNvf=*?t>aL)Y107R*
ztEsJc*omA4YJ<sI^hD=r00#t*DGAc}x8!Y12qwUoC>)4yy-YD}6)0Gep9uyX`|30E
zMi(>pV^^o;upcLSM^WNe=sE>QlWQx&RJ#>JaJT*m$kf&9)z)CH?NcL@+5Mg4BDtXk
zVlNP?(oYGLoK>TSU9foMDT}RT5%<YaOoEGIUixfUQ=v^j#w2L+@%<X?suZal%X+tS
zn4+{D-#xUR&;p4qFWNBvR(Pjy*b4l$E~#9rKyQ!gwa_)+a$)Ab44Xg|*uRE0aJs$I
zW!HDP^=dpm@ve65^B8ceKY$~)<M`ve=0@O=!D@BXR@FU*E1eqcQr(a=eX%IxHQo3#
zfhA=)8lZ<;?4*2=&d%J%d<#;WzBKz2d_@BCG+bKfdV*eZ+X}7D?A583*^;Wpw+c+|
zIENT%#VJB`ww+FRLi799UaY@WQB21*)${^G)2?1jcgto#Gg+?jSolXEb6dNxvra=1
zU?&Sc=IqweHf?C1AvtiTE0VZ{t4UPXKF^3%5rXXec5)94>O}`y_>*Q#Lpr2O`IDxP
z6k$6j9fYXccW<{<ZR|(?@j>05{L{`g?2XD3<NRe03yf-&eR?ZrgVm|GI!_C1K}>At
zS{FDAU-<3O(pWgjHm%hC{7rDF6Gqpt8(!De7ed$Em-Z~KP{1X_W8)&;D&avtR@rN?
z6IR#G7e?129-6di&?6~BwR;n@!mgyUVbJs3n(ZMm2c~K^L7MlMb32V_qS07j`$__`
zZ3`Ae2h&gy@e_;HYYLm?Q4`S>XwDQ|Dmb?4E6aH)Bb!a5l{k`{Y>wzfVyUPT^OM9H
z=@C5hURjJUN!xgcAU^RA`6K@~`BVNSzr%l%f63-Q<c~myfKYA~?5BE>P|PUF>VY|M
z-!O*hmVQhaLIH#{I#|_cpMDaw(o-2TxHYw|(E%mBdU?<NK^Cw&g3qbTg6THlMeQ`?
zMeelaz3?p3Ytp?LH_AH6A(AiO!*JyF!)y)74F>Br=)!K0$?2qU+`dH77<AaRz40Wv
zvy7@w$Sayx^s^mB&v9G>1SG2HC!$Kj=DWf(B#|2}IbNW;s##es7Ik)*Dtcv7IJZ<M
z;2cBD2zhiwdOZW7s<VkYif6$SIm)Q}8iLqWzXFdDnLlp}ViN=yfK{!sUP4Nnn?T-y
zwQ-Fj$ztWD>J(RNIU$P#<j}1-&V_NPm7lLW=_qNgN?MM8iH$0fabKD@8Rr*yHK~0X
z56BiX;|cU~ks-RlY5Xo0owQ1TbzH295#Bje<s(KB{yh*5&p5iJ(oJMW_E%LY49XSk
ze&oIMNgSCp!=QcFLe)T^%BoctnRIWV7^|(x2H&-Jmy`|*vQLhjd@(Bo%6;D&h>tnz
z%l$VzC^UnkU{(}w+19PH;?D;pIy1$AhvEY7(9Nw3`u(<A8W@-H)$?I~zS5n#(>OZo
z$>gXNHST86n8M(&s*`aFq0)*^cmgugQzU2fkQcKcHRef`2?OhF49TwcMXkT}OUryL
zQC^c(k^R9-8|_~}$NH9CEOKrvE!D^k`rJ3^p+cGc1xuUl6qO!cZft+MTMSCE7Q1NN
z>iW&^GupM6<Hy|))zj}AnODkha@0thhQD*RbJzslck)eSoOb=5YATT_YnQVrIcR1c
z$=K;Cn)tX8Ruck7)r)T$_0rR@W;)9u$NzO-Qr)lpH+x=9t7258cJW-&U9YMsz!}pK
zI%_SedaV3*W7et)?jmr?aIb5EZ-f4)hFihHp59zrrT&E^PpMtJmU!IIFEDLJ@nPrU
zPF%;IP9@y>90(zM;$X&@<ze^8MWjl8Bf$glcF~hC#e9AfVsM%3fwW>1=x4E)IJa@v
zek8hueFphS^f~@|+ASB*DWmYXTC=o6LnooiWqqyPX0hY)1nvX_6iT@0)!R~qUWBsV
zcuT%(NU_MolgoQTvDHxkTB}*XGBJFi`Z|?b)Imf2(_)nPviO)JjLvB7&g_sR;)r!B
zC5;OEm?XTd`;@Cqb87<GBF*lraa~O<lL8|+InMJhgM%zqtVjx4TYC)~(2ma7jR*RE
z;dJNcc=U}1N7Aj`k+I&rwN8phqgNG^hVA(V8GaLb3wBt$v|ipRC3u2H;+%4Kpqp$@
z$XUHRpxJo#kPu;sF4vj?b5hxR?ei?!Bdh69cYd?=Eb&x;&%pBolxcZE(yThoQ$Q>R
zwN`}#2heWP*nvmoR?mJe{8d>$Q%L|3<!r_nM=`WP-C-s4l#r%jgIn}bJ#FoDTWeH;
zoZ?o#sci@x=P9OtoM{J+#4XNf*1y82)#^mzJ!teGc9y-?-5&rgvTWQiS<em0q^%FK
zk2GgvS&;oKiTwB%tF3!kWvM)5hVgk&ZS%FcVLRi%XwB1Upk>2d33O-ItXEIIsj#M&
z+0PRB;C|f28O@b!u;RXsgTAqBC3`&*B51TGuTw6ZZ}%tVucCcs9nn>3(|VoRGy4Fq
z|DxqYkfunX+#1x?+F!i&W?P1vgT|`W?=O#bHk7N)cFW`BA0b)SxK<Xn$!`VCcHpcY
zRj)tlJ2HzDI$grN7^%~11cG%xf60qGBWCJr&sNx`4Z3EMogMDjDJTXCjZybqFfRvE
z`mXfCAFJ3w&*T{K@5xwBHlUtKBKdp_Z;(ITpy%%rq}z{M!_pZ2aXu_OR@_iEPZ%kl
zq|c?U4I5>BUxWDu8P@iu?Stw!wkfim)FWfy(6P64OlYU#8>DZNc?;g{ew5&gk*#T&
zeD3;bs{<1aEd(M(vfvNynl##&wD#zD=lSax`3|!u>Wucro-};~yB6^e`IG-Q`BVQT
zzx{ucf1UI{<d4*VfRHKyte$%%{R}sypk%+|ItgmNbtK*<W+j5H>lGI3toHl1X|aZK
zfc;j7Fremfas%B=9ERJdP-FAWZ=4xibQF5}eUz50=F(smea&P*3npuU<Qcx{;0!T`
z=oQwB?ee!E6Va6sk>NY%tC^QM&-k;$;m8?pj`wS@ASvEz{$5HKEz#a<%l#EcxXK&v
zcu>;Cap`ICrw;PK=hT~qJEXArPb07QH{d&Z#bn=EedJDK2Y*_16NhV#8Lv10>w(ei
zHixC35jQ99L8W3nRtJJjPsAOxRgDv;%<niAC*>$ZwZqjJhNw2@<?zh_&hOBb9kLWh
zT7Iee%C%j3JXr8PFw1M3dni=(G#!-7UhNEc-;Ji-Z-4z+0qa5Mg-p3;Cp;}j>WSww
z-i}op$r!V^=^^aZYjjA8!=Bz&PvjeirS1G-^=h#BGBcszzK)b!$F8T6PhsSimvfqt
zJiNlM2hO*4?{lM59bpDAg~ZfX=rQE&sCS%S?ESUTJIOb9FSNltUen_bki}~=BPUjG
zO(v&MZ!-}$C%RBTSaC|==iMDHJ8z5=t`vz@JC~c$H7XY8gq?Cc2>v-hk8U9z=??}y
z=CzS6hCW3ffF$yLxhC`o_`;FbvGeCz2lcSo2wbEU-FiCIowuC<;)k}H7H)E_neMl?
znkL)d%NZ)7?!&fSZ0>!12JIk9v=NtDJ%7j<MS~GI_F<|owC|JgWY@n$Z63P+nlg!A
zL*_$17dia0*dZRTy9YCT{_)mvKr}_3r>^KB%tm8A)UKSB@J=&6%&x@uZBk;~GC7zT
zgV5(+XXf)N#o3cCwp7j;K5>eOig!YwF@3uGAy2GL-GiZx%1+{J5X3+LH%YaHd`_5<
zc(^%3K;pI;GtW)ykm!Ac7Xgy_Q8R+|Ii!KFq(60iZbbDj-=2rSc}}9jU&MR8A2oSK
zu~dI`&Wme}1ykB%*`r$4@3&&)+ejg%F{laVyf}a!8?UUD46$ZA689;t_%*GhkmCG}
zpo^4H&i%ShA6@DCRuihEiGir44igdHKwkm%aPE#B5t_gV0ren2J7%$#!eTa5<*7pI
ze%tbS<qvjG=8<DM?(*jj7jYY1F~G-izEl8QSruJv0R9c|W7`tWW`;BUcZzaiOM!xJ
zWDZ%cN<pl+7MkT)cw-KvXG8;UuX>-jLA2*|5nV3=qu;s6l+6~aQc!fgCSF-4Js8ps
z(=7(brcJngO5?R9HY`n>2)oT1%MS2Js}-kn0o!-l&$@Y)g6R*6<2oO)Zynuk+f2|>
zv>G<AcT|dEUWu>zdDVJ0exG>C=^BM^7@G)BbprO?H{NLT3T-KU*$iVW8Mgep^jt@w
z&ugcw0ldagZ|*e|%rk2w&XjOZYq9*wP&8|bJbwb<iM0ae1})&Gl!Z2ZhvNxb5p=iW
zn{r*S;F+6ZdB&kq`@a_Z0G%iun_eRd`5e1mGYXj<8(u?pEDh^ln+sPo#JYah`>f_C
z-kiChnHZM5Ru2%h&UNqB!sBo(|GiUf+;n*mEIvag>iV<i82p7ub5Z&eYX14*eMf(~
zj!xE&sbSM={*J4md=QZZG~t;}3^?HIPAVqyP3nv{MmE4T2;{^WXA|b6i~dDCYsdVD
zk+iEEoLUIhNEC;mbPGD%&V8);s51zW8sC{1xldI*z=Su=h}OLlt^w67rpYkpZ<q;%
zrsZ#UTX<O%Hw7$4ZX!4Oz~m6~QhH638Qz_M=&2$@@8HQPRjVOGfH}+ws=bAKufruj
zI50Xy-@@pJ$sr&G<~Ag8>Y9uz%UvA~c0kKQenuw8;RjpR5>JrmfP{rl?R4BWOs+%g
z?mP^9|MZmOLK%7vn=ZiEq33Uj3IZBFb+*D5ekm3a7brlS1rI07=M6@_7!xbSXvGuB
zV}Tcoh_jM6G$<97a0<D1EoOV`AM&UFZ}O-8OMbimCja)_f5>lB4*}r;?;P`l!;dvJ
zkx(GMM})56I>=8G*us~P)j|o1Kh8o@a5Lqx2x=f+nR?vvmLd_}VK}07WrmC3|DMIr
zCvoUW`ZI-pDTv{(!O?G5d$<e0JP)9go%lApeyd&5Xf%O~pMXEPPhMWeqLQXcd@lVH
z=x7E&eLu?QXrUcjFV5QPm6Y+M5H>|THI+p&y2l3=L?u?XP*N0=s%>bbX)CO0D4?k_
z$!jR5X%OsbSZq;frJ<>O;#Y9vy4eMwxN+TL#h(_JCYjO+V(-?_3ab6ZmwFF$61Yx{
z7_k_+9o<AaG=TeQ%^$+w6u^kF=|vC*cVYEqak&un-7V}Xv?>PqP82WK+?cp98*W<H
z%beySJ@Vx?<V~-5ht1*qYoqWfme)h=@de(6>uuPsme)xfN>^_s`#U`O{t}Qn;p-X@
zUV7?9a+vJbslQx6PCRi^*^H=G)+s9=rI&t6SWYt4g#Ncsv!i;AS(kdo6~aT$6@b~M
z1j{!y$ydbhe2%-l2TIqFfBmtGi5|uRa`WajX%F|78<$z~8kbj>sZ}v6V$MVjB7JD?
zMn*}!`0pT}Dwdm;<z3;Y_GP6N-tU7nZy0~V5lh}4l39yr-$)dRZ+??M+${9P`UZXI
zgC*t{>l;Ho%aVq7BaDabg76yRnc|sagm)dCn9#{R*4fL!b|!~3*B6{-TawB<rpgus
z1f<un`VG89J!;Q;DP4SZZ=-Gbiq@uaZo#+Lb?v}r|Hyw0z^i##yS`u*dc5DgU=w}(
z?H%<P@)Ge93Uqpm-4iy4+kMx2YXS1#cmWeXR>61%w(Lb-Q|<F#dtLjPhwSzwy(jQ8
zyf?iVq+KMo9HzOz=kQ+=fpb41+P6Nth&qYH_W|kjH9DtkX*YiCvh}EYYbyc0MY=By
zeG4D53dE>2h?KlVOMZAO%~D3HHPX7)WBt-6AN_;H^^5X3c$+Z7ccl~?I)Z$~0&7zx
zD^)F?g~rq^LTO0R%s^d^p~MVlD9Tu$nidBOxt@6_!B}Qr{Uvd`yE3ygmI_SgTf7|i
z3oA21s(!-~%SZZ7!PWZ)Tz?_a^Xawxbo~%`D4Y~6;m1WVL0wQaOJj;&(1ZP2MXPqx
zQW#o*Ch<=8ljE58`n_DT>(i@2L5*bbw^*rnO8VqZbgX3j*ZWzp66`FX@InGx;@#z@
z=UZ15P*p#oT;uIHU8BI4<XQ9--ub$VNV2P!KIwZm7c*(32;!({x~5LsFI4PgKj+df
z=wQvk>T#;mp?oA=e*c;+n+M4up6=+<E28em)XT2pv}0HA&ea&jPQBY^Nc3&?2O^R_
zlZ7J(4S%(<zTu^^=y!szK!>zVGJH)}qKH5rmRWA4_*3|LQZmWAoKwMNZt7<SEUM@D
zQ>jA;A51m!=k!wxX_+1vFUh-ZTeP7Wzz?;XvpMnl+zH<p<0G%q>2Y7WXDT4twYily
z7Ut0DYfT?~0Tyk%FK-G~GG21n8yP(vJtEZ{w}e5|c*M9E%WO@*a^d%a?>`7$;ZBo(
z*Z-a_aD7sfgY&W2;pFkd##Fo@G8)|YW`9S`KQ>hhScY{^*E3sMMs+8oaR1mP4QXVD
zGD0;gpkakGD-_uYk$EJ!6>e!qva;`IRGojeX1^#X6#kM<AUKqcc}vL~KXwPv8(HzM
zmOxLBBdW*enyqIKpBme3VufM4`((|JT}Sr+<Z*)Q{tTLlZ4xo(GW7Fz{9@RnZ>2X>
zw&rEhKR}sDJ!s4tZR26V-HsVZO9vs^$9<#$1f5vq^nI=o?bZ^OyO6<1qD_L5h+&&O
zIfNJwz=#$?ln9T=7YO>EH<+hP3$FzGGqYRot#r$66p%VyAS@nDi^eG)4&PHKK1~jt
z1Y;`k<#qdyL{HPr4EH!RE&j_a|DnW<9W6`#I|LQ>tCTBASClWr9ySLO74hq*@rr-Q
zpZ&kdpZ+iTZU3A6hoS!=|H3H*#9@!vn22!THNlg^A$8U!WfJ34k5Ny+{;Y7G?M>_t
z=NXnfZ>U$yB;A`&uSioq$gc)BbT<g&I#E&KlCW|p58cL3Zx21to4BFh51)66<><jk
zPbT|n`)W75PhA$U9s}A>5*8GE{odKLdDHCLl96vo-Lm@fJ?Ae_LHJSDc$g+)2Bx-A
z#0zZeQKSn27by9KTY^0SZ&8obE<`@j_=a#ZOGiuDlUp)1UpU#Pq6*c`10NCpd~HeV
zk@&fPk=7#)w_ggxI?lVB2*e!~(@d`dN>V?$=V(3BnF-a;a9>xB8=HN_NG={%HZ3&3
zSUGwIpcPB51o9<UjjPYYPT!HN7Bw44tEaH)!$m<;L$pAsd<IIgqHBIL;EW-piE4>b
z8P?kAbee57?sU-Qwuic?Wm89_N|85AT;bqKoHPQjd}&UqGOSqEZVs?BZmJB}(~5Vi
z)8`r_u~4iHI>o;uO8V>`)zz<W;!xYNV&xvwHNjkWzYKpW?jGqA>{UlJvc;1XrsBvq
z)!)_%fxE*-E9J;pJs_3OVM5Gh%-(FmeJ6f2LUUzxEgVKNLvrX(_Hesw-rn86_P%-g
zjQk^~Se-<w>V>uG`rvmm%?}2@9Bt1pP1lsxdt>wC21V*QVpRgk+K&_S<8!~0OH~;B
zlC?eIny#0ACtD~p_+@K95?UgC=W4p;E~`5Dp)+0F{3c_4;yJ%4EMfP`WPRd?(9A6U
zYrb1p{_Ht6Ej3NG*2{Q>YQA1roT($pm-K36K4aoH=SRAo3vbi@bO0w{fasEyBn^6(
zA$(fJrn+cRcjyHcjLS+ICa*DfLD4Nz)fS@d!o&{it~>IvV$I>icnxh&;PFQ`tmF;0
zS!jKbcMb7D^hwY`QJ|OKr>`mIwH@9fpYyPOe7359nuj8QkS~(=UDh<DGqvy&w#@Z3
zn$onT`<kLPzA`i-x*8?Ln0$(~)$N$tt7%tewB#o&O=^-|yx}qbXVl&o;o8BZL1N%s
zlS7l55#J3*Q2ot!MyRe|uy8ieDG-)$5+|VF-f7!ZB%^okXUQeR0RnooeWdA)P9V>_
z_>3PeqRz0sEGhFVf+|9+W3rn4X$#7ati~+1oMx22tE|%5x`g%*pKi3LwL_c|&C+b?
zrgWGM&!mEG*!3Hu2w1e3O$K&Y^_!wDVme5NPf`$peh54A6IHR$E)B1ZPJh_Uvg&|u
z>YzFxW}4ew1I#e&#P&#kz1dK!b=y1EBI5~+d12FLtI^5}4{PSxLG)S*F%%9W8`7^l
zO4hYA+_A;MHA&6rJTo;hMnV=!0mOzi-*9=11Ysoeo>zKe3N`7%(NAnEw&Vw2cR$jN
z@_*3&M4=Kp8j)=K(Wj22rkF4J+wA05Na+kMhajBuIw`bf<8bZIzFy;i_bPv%WwYo3
zeVZ?5Gzi-xfhvx530po$rk$U*S~-8ABIU<Id-rEd-64+Lvyx>kL$3%U@R&>%+`264
z3K%mPDk28mc;`ZpG~moV#X0U5`qyYqTymboj|}7CObLb{_m8TOjcnAaHx%~cb=y@H
zu34STZn_KgV5a_JIBj)2qmx76Ue@V9D`lmUyMWJW;JSFa`^bh^(l~!??NDFOLD#M)
zxPOip<X?H$1>{bg3$|NuUaYUdt3SWF6m%EidLsdST>O^d(-cDvSh6)rf0+_+_ijvD
zKpvbe0nS#uKQ~|Un+p3{x_#VOCKax~b9S~74rkGgx}~(DSsEVFQgjJlY#8iurdtFL
zDmou6M(U>AVuVBLR^QTJo!w;gZL~q1-0Hmpv2`4r%@$>x*Fm38P}*>Hn{LsrvQ6b8
z_)eez^X))R9Sz=Ww`g{4Zk`6W%!bG?kO4u^Xjib;XdAhL<Tn06=mTckv@T2391Hy@
zp6jNJ(oi<ejtpoevgtWzb|VcYKCPY*d6YMP`5*G<{crMT{7ZhD|0e%A|9{B8k^})U
znvI=!*p`i}0?1`QQ}h-V@FGYh-=DSVpf!)<I>#8i+-8;Tq`trZsv5e(7OufTGH`J^
zY+PRq@tnVO_bsZp2X?Dkn-U7c1h8|=+<KA%8Q6s<V{A^zbsn1>J2Wbt1%d@&Zj%X^
z5ImESI47n!L0Pv@PU)eWOj|&<;(yJwzX<aL1!_vK_4zqY7$dgOr?}V{Q?-yU&bYIM
z$}p0HarQr_D}tIerzz^<AHL|5TOW2VXTyK)k+wq~Cijie2ylo1etzogb%@^q_-v`T
zoP>Ke9T>PzlMa*lCdT64?xurfzHIR4+=M<3mqtM4lJkvuf>#O#55h%{2gYuDIWK=1
zlNx+Mo7oW>fB!ZW$rAf;wa!bjx<unVb)%hoIpVb>{&LCeyX5eS<~Ob(+05CG*H$7Z
za71(e{C%4g;Ir$Si{Nv_Q-r<(fA3$@qMpgJ;*e3ZN`okEFP_6aX;ZysVM+MF=(~tx
z({0t$klB+)bB65wBP-7r<r)nf<&(aTwKeykbS1<RzSF@Q@EGHh{KSFrF0&!xy&mWj
zJ!lE8_ZjH4-rT1dBnD?dr*jh_ft$t6L}NT6`{PZOc$KXbaIR8sG!rr<uBkJ?r~9;~
zm7{p3xl|kRqAyguHC-TkZuGT>8F-b`eb#tTP?W^=SJ?!L%w7HzRjG~ht43j6^jB^W
z3!mcFDkFZ3*sA39u->=p!I4W-X1uXi67k(`q4cG*fL-Gb54M`M$yr}nd-E~09SRrr
z1h2E{9_gv3Ou*Sh-Duk%6PesmK~HP@zLy=sAr-|*hG?F~Op~jhPH7|Cu-lRD&sTvw
z-%m3D5vgT@XHSrSLV>)s!tH064p-3ISXH?g7LVjkIfn1vJE21o+Y}GT+el5*6WdQJ
zo+$pLxZHHTB#4Isl)fh^@{%noTzlt4lrDj}EmW70&AVNXQr<HWOwmsn&&_ha>nQ^c
ztJgB8E3j?)1$BonK{opUTM6p)s-zgyw}GNYwV9Ks8}6aiayi6iZI$|}z9e&-FWsX_
zR&yE7ws0!l(cIW8-!R@SQ7GR&Li<(9Ce6xgJ;Q~$)K<h)8$=j67FJ_232bTP<eNpE
zd*rm&-c2rS^NPx=y+6`$btEExh@O%)GFkCQjHWJs3LJ%Sii@pAkIQ2VmR@tKXfOYE
zNY*Hg2L&S&`UxfnBQOGmeAzvYOcZLFjLrL((I-3@%HSi>Ko~wI=prfs%Z-g5uMR7n
zdgH~;mPH*K^X#VgrWHW0&-98#u8&Z;ZEBRPf^PLeuoEVAwYqS0rhrrSacm}6oiV5~
zTxVo5y;b(!KjZzx8Qcnsc^{+0aYaUX=bAmcOwwYyt#td`x`)XylB_6D?8Ie%J4o-G
z7PZsrhB*zcG~TANwawP7X!8bDV|al!5=wT^QX269jYSKs;|ZrurQe-L)RG%X0o_HB
zPXJJH!ujskGe0{SmRH7R*(WOjEN&+JAD{wCT~N8Hrjz?v*waJ2VC%VXgo|trt-ZlE
z7JyEM;@;Wb={{k5Tc3(5Di@fz?MtN+0iOh<MN3Uu9I;;K&9jfj==RVY(_Nq=QMxV|
zN13~XwSYaqAAa`^y52k_Orqa;xxIkQA~2B?V93FAz`eklj=Yb$$G0DO9s%!&!;(hE
zI$MJ<rj;UahZCo;TLwplX$EOVN{1|l4hC@tafea|Q%5FtDnh5DYa%sJHi<R~HnBGe
z(SMpjy0ZFm<QyfBKa_c>y?DPUcXAogWKe5UYE#u?wuRq?Gl!pt>xcV>Lpn87he`5$
zW&HZ(>YKm-6CzE#0#>9xBGWuhS&7ix{TSg*PLF5X;N8|c!+qZ8bVBhWP`{w1?767J
z9?8uFD5#k&L2|Wq5|4r^a&2a<4Yez1ZKlSNFk`^(FdG!&o4hvD(TduYxi;g~ifT7)
zci8n0`HTKH`7{3|zx98UAAIp2@>9e>K!8Hrx40T9TJp0^r_R2%<9QW>rtK_ATJqOh
zQC|sK@&%(}qlNJdxTn4!4P_q&fx_R20R=v7m}eu|hup20uU-Z^20DepfC6+E8a{vi
z*#J;D+O~o#E1=*J6duxwiTeCDdoM_FoOzyUFVLTT$a?;*XDs`$5ELRr&HlPHywi=^
zjXEs-Vf`4sr45tVZo1je6zeh-4*Bf%4sIacvui+lx%5mJPbR&Gb6Ym|>sZ=PL3NWq
zJIndYb<5$)N19DZk#!T>5B_sNtD{EuRb`ARJc~~Dv2=Q~685$914dVUrxaeZDf)3e
z1^Cj6xq%~jPXwafZ?K{K6xmQr1l;CQ;h9tVpvK)-g0Ce}vw|3c1Psj&!ioh_CR8Go
z9P!egn#R%>K!=1wJi4z%S5E9#vr%5x`+sUmDHAvdw51t=sUClLEa{YL#kOTA$mTp`
z$5X@o)xY)HvAwNP+TRLwMn^q{Vi@rqx3C|tfC4tjDg1^lC-4p)v`6ta#}4<|stwG(
zU0g@sVdDYV3+_k5a0t(QsMrdKTldZnGbsv}!<9~fwC;Zuo`p7Rd`_aPLs$x>Bro80
zX8XFS7W18)sQKrN^-KhhBj%VF*BH<_nWrk3^EBs~rm~hVmmMtvqzSMs;u|Qrl)ncg
z1>;!o=9(DqoJ9P8guMk+98K4*4NQRG?i$<)?rtFjcPF?*aF-C=J-EBOTW}rRWeD!>
zF#II%_x$TT=UeMNJ*&EU_Dt=r>8`o%sh+Cc%EW2c55LO?e&sK!RE;@>*D-POajul0
zrr$mMwvJ?s=upy6DydW-X|FB)CSCElBC;aVrkp<1v4&A^X{tG&bKrKigT8^%MR<fY
zmYwe6v?g^CjrOr~ODpaqBik!8ABIxz#r>#;Xc$ssQE_i+5w9uVrEj8tqG05mm7u<o
zXTGocq0B7HkxY=bEvQ6yLXUdics@Bm4tr<cS$-C)XnOeD@*I}rbHYrCVhK9$*|ws`
z=a%hZtF1<ZtVd!ABjqjG3~(0n1-6_|dm`Jc`xhDh6}+7!w@NlOia@!q?H$UC-E!Wc
zuAv#<;%-dJ*>WnI*Q1G&(PHnT?#NtV`=9z@%_I7I4@2)iMn>Pi-^|Qz%J?nEFB?96
zJ=c&Q>)@xj9M2oaE61MR_hfeNq}r~rE2n;;AFXlbCSA@TDA7(B0gSm#9N7EJfYYa+
z;Fg7{fBf^J0DbfdUS^9vJ@azC1)Z8r!qvn}*30|&vzMcnwpUZV#+I+17fA<04B84-
z8lDgZ{?vWVJzPyeT@rE5!2}l3T1w64#mqF=^59A$7Kq(J%z9)x$c(VS0T%xiawGQ+
zeH@(;qXNSQ!<8jDxQ%k^!<6ctRjyQSQ$jF$fN^8gH#2LpRNRS`ZQ0P+nv_tejCi;j
zhEyZ;EsS_{WeheW1dO_lha$FW1{P)(Nkhg@?Iy!BfpVQQY!_kii5f{XGUX1El=CC^
zBj){kRGd_e6fPlqygV-jvIrR+p#q_RTyOD_Z`8~+vF~T~Sk+3YCCDT@61d;O*c>oB
zy6NRgZeyUUhmG}J<VKLWyDFM0swv7Tw&lwGK5|mb9Pm^G<_b!@gkOdSSw@7L;a%kp
z{yw2x_P~z(96?K$5XXRjbUj4|q{7_6l1(Ds=8GPVx0oo-)x<CQ9w^}$hK<Qcrxn*+
zX6}CcMX@EGL5uN%TkT1$zOq<!U6TflSL7*~7e_m-RGK#quQ9)J=$<ece4Xr;lFT`S
z7Y98uEi#PBhmH_lI-OE8UlSSF79LbsH_gLaMQPfnec*B+chD}b+4>fCQM}kR3V+!2
zFr#*MU{+F{oRhhQc}?HiqLcjllv7=Vc=aN0%tSQf7nI0~&qCNMn?G}#6qg;D1U@%6
zNaRfi)-Yb^Nw^Q|9T<C9dq8PUjv5~f)3RDA0%!ea{jck<8HOFH*L0FI<Mq1VPSb%z
z4ch@_>i9cgL2`a_(dbNBe8qI!RJdeIO89DGEN^_}C*U{9f+kCuu*MN?i{l8oKjbg|
z@8nPaOMZ)glm8*_AMyh>ARv}i>(#dg882F<Pl+U8IjFIS5?Lypf=2e!<C+gC9<r4c
z6Yo9Tr`(I=rwVeHHP|hvDbM=ksI)1xu}+y*Gscq8beO(5GI7$Tq*-Sj#~o)LCm!!%
zQbm<*7+Gax4nq#xAL}@1IEeo?zJyB=sH5!3&#1WsZ`BHBe!h*zBTPtFrI8PdryQo0
zQ*)54W#{2~Ftjd>kJU-nN!3B)i_uBZiPt%M7oXN|`LTtuh0jHtfkgf^o)fx&F*t58
zjykR=er`B?dO*OCkK9F$ow+DNg_M(T?n|w#Op1(RXxh9|QGDNLpo(_rM(M0>jq32N
zgsOz<MT<mY%~mL&1i7TLq^%Fdv{b6p^)RO|b2eLror9l)RW;^wJ`B&pB@dNiJbqRx
z#j<j|WB6^MX`v|}hSHT1f^t=U66Idu$ZzDfl8INxU(a?<zrNu2KbPhtf;WueM-VsS
z3u85_bw0Nw%qh)Fm(UdB(iRw4^~_I6Ns`bmQkvNH=o!Nn5GLl<ex@zT|I~ptM_!6h
znxD=*$ySaR0TVpLr)8hZ!aemf-Gt$`ozo0YsOTqz=Q>roAuD(PYTxjVsT|Yz;uXx&
zl~1UE9l``dlf72U+<Ak&Rz!jP^J#T<+a~?{Q8VTTLemXabBP{5X3>X-%N8Z`asBKY
zrk!X9i^*N)Pb)uMHvDc|5`;tqQM_43vZ%5K`FS^|ERtbJT!pT1;26<5wf2AS(RS$w
zGQT>H=u@kFa6yWO5*-(mxvoG%vRw+%dPSO5+pi>02qsumJzNg)@L~xI+km~p_Sk2h
zBu&l@*1;!y`OdCmzKvAeT~Hjc0_wxbD~>n;u@Fbzna9aY&77L$D+!{!m&Hnba1Z;8
zh?x1ZK<hD8#{$d?6s=;<HQ~yxm8?Is%We=QuoKq);j-#?%bp9+kGPZ{-iw9W9Ym7O
z+);<ixVx6~5#c3wI)!oStJ9><;?R!}ZS>M>k$c#6E?uzL^ln5SNixG**qDnEZCQT`
z@XZiC32gOh^zktzA8CcOSUbH;A<yb)2l{Z?0`+sBT|_f%h22F3?1a4qWpW^qE?s-Q
zw3C@T__5(}X7`dOtG@$xqg%NxxGOWej=b4({q3^ut<w%2Klc(Ua0Pd?6j({>j-gnr
z(G*&(?tPG=VN^NZeXpx8s;tv;OUo`+JUd<m&8rtjEyfJb=(6B9sl?o+@3JL8Ay_gB
z{Gd4_YPAXun)mcUO-p5-qsn(N;TMa;5&PX1Q~x2~Mcxy9^IYPrNqsb5je+#c;PNZT
zN-QhTq~kr;)$*KMI)0?$OR5r=T*2uwuI)i1<7%tO%c!mX{T;sDNxX0HibriClKBf#
z@kML<8H`hL&*QQ|WJS>-%&fV0g+B8u{gLs?cVJ~85qxEpKhk{LV>%_K&(KqXGd<zW
z?$7P$>T>C?ngPFR!9OrEb#|*ONyb(nPrcwrc`=C3c5}}u?DX8OvYD7ItxJf;9k+{G
zd6W)!87uU&00h7a$*WSPu32D(Qq>Dv2TPWBhu|aY#;;n=K%CYS<k3{jd5-<&<oJ4&
zT9`m}_ZzSlvSs?9UB2?dF2VNJ<J;*wVBT%*N|JXJl*t;6M{+dL3m{w~CCN?OI=FW7
z&gSt5=>x_fGaal;4r<@Ai?w>Nh9-XU-Q<XNe@gyP%LTvS=Kf{CDP&;&3s;uJ?A;-=
zo%~1RnB-BX7ybPmo=73hyx@?I4~EQSCq!i5*u;;KVz~)&IVlH%zT8}z>2~VuoQxmd
z%5GKdDO$U8ns0sK(x0vzaBo&buH5LI-T8V_v^;Hwt}M38Q7p7_B#*M7f83I9Cx-1&
zyN+Z&`F6ndszET@4-FTcm6?T{*#l3ltpdxwCU%XDpt`3jM(Bk*U8Fk=XuY*aB(G^V
z+u>(~Gur#rc6bt+;tiufXFU>EM@8>W-aq6o|L^3__)C8Cf0O@J{U7pg-9SJb3^?CM
z;K(~W%#~dHmKUO|5^s0MiRHnDYn`?4lwe&WL>qS4Vw*mNdBV;4L>+ypLxxiNlDTe{
zb>yh9CoVqUIy4D$C4Ws8-Ezf9X62NxKyy$j;4Cgk=lYWG9TkC<3R+6?5vTHexxOZM
zC=4G%PbII<_S3=Cq@XZs9&*TWaD7oGlOM?>t<^HmNQ)-NvQ0nK!d;@Pmocx}s|pa6
zT5}ZLPB<$1lvqX*+d%FhT|B=Aumo3)jw@;ca%FXuJj>b8SEjHlH}Yy>BTd`BVUIh%
z6mQ|$oCzHLUfMt1y(~UP%c~WNusn@@(NMYls<@;sVIqX(tn(^4qemPMmJ06xqH_`F
z*5ZVX5Yy0Ei94O%+)u4mJoy(N2mY}#-E8YkM2`57woW%xT~W{pzP*pMwMC?SJ_B$#
zPqUe~qLZ<2t6tbOVBXpAaQpheG2mO&#@ZIpA={<M;Y!fO9zn$;dh&x8ZU^oL^Kb@K
z*QL-osgN`HLlO=Po-%L%UKTZ#fnC--X_7DpS~UDe(tAc6x;yiRN!}dzoC?vlAGh#C
zn7ni<v`!<QW^?-Y{LD_n<a1RV5r`{^X6#s&n++8sPYHs?_2?tmBhEWFS#L;dwi(~|
z=>Xz&{CI>zLWOU0VGU|I8^!%_{Uc^;ct*5el(KRyf>xC6$LGLZ_zs$S4fB#o_?*P`
zy;PVi=f|T!PR}fv4v#bf{tc>nZS$<j4>?An)Rn%azN~Txs;@{{&YjKsj~8~71KA&t
zoTX3L^b#{q4<wzIUN$Bcyyxet>O7T&i&MDP$+}8*Zh&c82n`%Qc=(uMK|#TiLGYq*
z=3mUc%$3Y7%}vc+%=OH_?k7&xDrlOkn%kHgnah|<nal6{C6MQA<;3T(<v8Y~P9|34
zO}vNgP1$6ip<a#hb&ZR|Ii;PYUKL6wA;$M%U}xs1Q^96Je7n<84&3JOrp2b_CeJ4H
zro<-Y=FaBjx#h!MtG$Gqm7BVo-MzuRc{8gQoeq{DNhfAy<YH`LEOx9~?C~eteD8dj
ze9wIKe0^hKigKWYAOkDerFdUxK6!s^+)%<0Vlg`_*X3^{i*Lpj#uDaVj0@D~KeeEB
z>5c3TH4fQs-ns86Y~wnKj#$vn#fHa@Dw5;-rAlazq)zSz`F`s;2mcm@@%@%V`<C#0
zzkL|e*D>#TOT+p)L)*+u^}m^!RtGk;%rVB`*6mh_kFk&KoR9~;OXu0ye>vwH=<R{)
z*^5xHw><Y8An!@(*^9J;*@N9+Ax5%=x8*E^c7+Dwv)vyd(1V3+Q-BN8>SJfBoQJQn
zf?PoIVTKlO{=+jxAAp{;sqCo{ag|3Nf9GUgzEqsEBjwTV=lSu(@-)8DnT)N2GHa0l
zU*=1}WVibE9=_2I-zrYt-Ls@x=2r!9%`=9QTmbcDS%J=27a^;tzXDs+_8D>mVgqsm
z(i-J7GMOF0A^u^kFWD^Lb<CKwsR>vjC3#B0KVmNVUWNe1*Qj^f&RV0V-5~QTED195
z$LF4&o{*^@T}@LA+`JkzTQTs0CaY+KBwhnUaB|4tyjX&CwCBz#CJnUmkIS$dNS#)z
z1m*B*ctl_l?YlXjQLtxEEILu=a@uCvuMHGmAule^7z5YWciVwOzEDC^AAzsf&!lcm
zr!VJXC7xLZINNI{HH%ZN?u#TQuFBWGGQLmSSqxr<FEP2kxgdNey_q|`z^=E5P-DVi
zOfRl`+w--xc@J*9XJlT(t3%&KB53*!V(0CHCUY!-29j)jTCGf#bzZ2f9_0WnJ5u-5
z)(;f=-_K;$%xZ2awWe{d^JV}UKMd6GE6?3sn71wNi8X|gUA8QU<-2T!iuZlPlCDLS
zA8hB{opgl8dbFVDofuB*Mq}C*F$jaA0>+&eG3|av?-PtqfT4Q!URc}4(eFF|j_s-b
z@8r+?OMbI|kv|$5;UDt<nZt|r>ef?Iy2aL$JXw@cm}5>k=`~D(q2oWUt@4|%y!{MH
zelPF!<0Esonc)ePMkv_iNnhM{c?CLn3HF9@<VjE@t{Mg5R*fi6aw-`GjJKL^u4#@u
zFp*b!_VgaX<lOGkiS%({@(jWkeignm60GT&ZXWdV%J57Xsm%uRRlnCte1d;zgO*=J
zhcit&#5H@Ffqu>3e;Yabu7dyA*nep@GT^Fb<=BefTj~A|YuxA@3nX|>>6s9v2x4eP
zW`LFHvFxX+*wI~ELleJx@B<?yir#k`IHHX9C@CDR2kmlZR!Ta&8&;u^S^K80XHTSo
zob-Jz`w&Ia5xxNt=S66)*v~gKsmgETedRgDjsdL((rt35^+htegtWxE4{p2g+5>SV
z;Ey-Pu|Wdn;;4rAUjCf=5cD<5B{sJiH)m+=?=x?@;IRYpM96ydDY0#h+L>}R;W97m
zd0DDejR4Y&*p@X4;elGYzu(Erlk#jzbHZy~@5sG!8k(YLAV$I5(WAp9+D6ba#}>}t
z_GTptbTo=km@=ajFz?DmDzOnrbH-Vlx;AQIuOi!0u&RG1p>Def-EjwbRaH)en}s~A
zT)*})o_Sy~z(~Et2%%H3A<jExX|F-CdIITx_Z=6zS+`w&_=M3gzbe5s4N`C3_YIC^
zG$p(_fWEKu?@~r-E3ROT8A?%OL3j|9bRmi37>ji=K-S#%xm>yOzx}=;24-p5Cwqp{
z74hn#F5+-~8>RY~`WXJsjxufhon0?M+2lc=&OHPet$J+Kzqa$f+Ky8Z@pxeh<@r;`
zCUx>M^kICr#||JPp-B#7#iUP~c&aT}>*&R*zOo}s?O>)p4G2i(;iDT_<sVAt9pax}
z`o{I_l?h%y+G4Ax7FpBJenoix5_FNJ_Db`)Qq5_w%u#q=s_xy(?)l1O)}cwX!=-RZ
zCGuF$yUXNm?d~@B(XZ!P@glsbvTB!l-jCH$wPQLvYyv82`d1E@=$qOY@lUbaeo}y@
zqx(2Jeez5aYP+gAhC?CYFQ>|~zMh86Vw9{d_`NBqKyS}gO$IX)O*GtOz~R?n06}O?
z<k)ANCN_P}?<<-j?CNF~x)*zGv#Aq^sd9ve+EkWh<vowH_{XML+P8F_d_T8P6s_L=
zdb$iayqlf>Oi{L-FyRz>j^bpJv*WG@PKhe)G~wYUS;cRbdgzW$X%TZu{JKlLWf2&B
zim2-2mQ5~S7Naudb7LRf?KAFNf2*pC<o!C5`cuNHip&=wYXdS%OkZwaZkW)r?4`p+
z;k^Eoc$_ngRc~gPj@L5$U<*CNYW}4>;Eqm<r}5L+hQWggJF~&V#^x)L59#e)@gDS?
zgP;v@nR$7T5J2$M&T_v~^h9XrlXLekJ=d2x?}THFOo}IqA3)PPhXJ`6gvh3<OD7h_
z4PYDRS4J66%hxoI-e~z_dAtpD-Hi%0%kf8H_a~8i$m^z5J+IG|_X#OKCHRJKO#>Sz
z59K!OF15-ShXc=yN7v_?;`Lsalh(4UNNiRlbaU5^O`@lG<SI5>VL5}feKEbJd^8yD
zz7j4hM-3D`)SkoE+|~qJo^Tv{A*H!DGTz7Limwp`osRSY)G(gUc^d`-u0s508a?c=
zu$KdbdgL&D$h>{AgoMONW@aC8`C$rYjcP}y^~NT3%g(thRH|VFA{#`Pc?kI+Uq#0u
z^w=%W)^h}s0j{)<%zh+(X)$}>A5t+^1&S<Fb$j%{z2)R1DE6*7i%Te{eG_uW$9)ra
zQ}Wqa3Za@2`CM_uZC0x5#ZyV|eIRT_GZCsD$Ja6#?UuI5o{D?kA_+K;OKp-kyEl+G
z!?`oL!Nytt4t{~*6#BI+QH|(@p<{6b&yAV}sNwl%bulg6VC}3RTLvIr3=6C{x9jby
z=s>Mv%6SRva(F6hueX77N&54fzy80IKkF~~P5(`P_^yA*KbHvsp>PC+tuh_&;&ZrZ
zYns&f_2;XgX<5{SleTM`cKeKfr%9W42+!z&Fb9$=wQpR9H-Q{vK=+101=6imw;1U2
zVH5<cf~&w~bdNxzxCN>D6Bdnn{Y<IR*^OOH%0wH~)=R5g<S+GpHxO_icCO6dVfW^x
z-bLu!B^o!7uZYmp$ptk&7_Xt%E$Dt$lZx29h<v9@_8e<MoGR63Y86E&zUj_oE3(E-
zj54YJljaa?-YeQYtp?1g0ku9hcfYoZgY2Nhfck?nG3)&K(b|w=sJN&g`A=ZTD9`dw
zi<h)?`aEzN7Qn%_<FRw1uk7r}B%vaCiS|S-YY}C?)o3uWX&ven=aO|TdZ{WFYbv>;
z<}|!hbPe?>w`kH!9+-A3H$IKMCv~JKz`Vlf_DFB}qEj<`GNk==6TTV!1?snPX;k1%
z<KsLpvJmQVq50lE?ovyiB<<rFx*`ePV{+b1Wbu%a>``#UG0El(e@AjrMQ9RO!yZ^l
z-y_mq#@zOOK?4%Dc(6QLL*(;t<cbD|%RabIYb45v$!e1IHdr}^A6Qw4&zIH{0D=Vt
zFY>^hLT8!SJjOV?bmYDY+?Rl0YORp0CQ+PTO<j#~?s5jJ{)kkyR@UM0s4vVbiew$$
zy)cO6-5LfSwYXJ4@SC(1W3P)kqBpFog=T*aD(!oHr^pi4aaw2ap25_NJM(1^Vj}<8
z;KZd5$k&b_Tc+Yz5-G0W`3-;6)$^~=iq!0OsRQ%<T|-kcz-mfIrsa&#Mx=YneDR$^
zuw4_q&IUXhBg!WWj)(M~@t3lv@1HRVb8bsaJd44b5e5}1LK@ynH?kM!s@1rJNa!-H
zjtJ}~t6h=15aW^Hwimv@*S^<GkbEr3<)7DWVb5mVwhoXf_+p+F?po)Wor501u^mp@
z=V#q!OWM2k$R2(jR@5&2j-kb7p^Gi8DD1EX59;T@ZyvfbD?Y)`u9kzyQ{XMS8oRsy
z?D6oqRZ82$R{~h=zp(am0q<*O-|{#}$>sgbPpOn+l1{Pbu3s}K0$%^o(J3_FW!FRP
z=d**3-0VZ^?0J~`FZ>Dt$x)A^DF`+<CE@8B@&}=Ff)(hmR5qa<$Y2b&H13+ItlvVT
zG|k0D3wJlybnBDFi&pY^HuyC#&oEk@{zbOfCxG>1ASSz0`?C#H^!u(aJ7B)h?G1mR
zdy5L2JamhbAaC82Zvft%)b7-{@oc6ssQ>)T944tbP7BN!F^X*M;L(6>@L*By{6oKJ
zPoHP=aK@0G9+QpJ;)fY-dZW*GlhZG$%}Zc??zIF~G2q95byF8Fq-`hbj?ln`8q-Cf
zOa=V$v(}2Kqr8bDSyIg;2m6HPJ>E{gD2H2&yDk#3aidxQti?&yk5?8uo#^Dsed2D9
zl;e7gdW#i456MPf7&(RdW}X@sSknWKL556}SI);O#k;|=Yo)|@aj8g9@*jLrUOt~I
z+FN8x)(n5rJ(zrGk(7&H+0^!5t9F5Y!Le{u)+IVl@{l*#*aMRJBycs@fa!?5+bA8)
z!aUb0h}9llEz*lu!9#q?N0BBxX6dj$7XZ$Y=Byz#Pkyl;3J=1{zK-r5p&V8LnIV)O
z9MsnfMY1q8wG4Ah6c3i<%^B_WXtNybS)Tb(L($|yQO_9L)Um!HUYPSfgW9X{3z%vH
z0U#LfsxBo@OpxHbR&S^$p4BSZ9M`KRa3O9-a%)rGqHebU_PU(Ne4@O{)WuE>Q~vY=
za8*hM^X~H6^j3oFXhQ08Q+4-OnK7a_FBZd1ZSXwrmvuLF;973oTL7qK`A&E*`FrR3
zhp$gAJ-$lyj_0qI9*^3RMei~O1!NQJcL=WuPV&6NGh-QT6B+MjU4AI9FgaYhUWjpS
zt*1CH$%iJ*`wUC?BU*ZoAa5pn5Z@Kq@MtbN4%Zl!{2_nye<y$TU-Fy$oBXJb|Bzo6
z1_FXFsnroQdab*=;BNF`>k_}nCz$xf593tC^hf0Opa)$O-}HoCj&Bs#G~Mf$ds+|9
zrh%R|UU{P&*n68b=HX67vmKZxPF)=H&B4AF&r~o>?8lhS4KvkGU6Q34-S6ycb30~z
z;>SwZexD`Y$zRInsvZJ2_nS9dt;y0JZc1(<Dh+)|T(m&1NcHD?9;b~_zkG9xoR56&
z{XMjrd_?p+^BFJL0*(hyILS0cpNcfI-unRKK2-zvoA~{+YN)-G<d3HLY=9>orcI_s
zS9mCM!Q(xHH|eJv5a57J^77XTZ<P99fQR%Rd4)1z;K6+ICfC(9*~tTdQ77P8=z)n`
zN&v$gxbozecW{PV9o*D3tJ;9naJxUe_RJ;FqAk=dWYa8Eo*yXx{UKrk1#d7WDpkBH
z`++LXdb#DN@|ah3)u^Lr3Q#8vC~el6S-M@4F8+L1owxpd_pYbu1sIQ#i1PgdP7UfW
z(f0^|sq)?O1w~31DT?4&hDMV<?^%vBD6?;RV5+?xI|q1AzpFL*n{tX+(nnMDaTIqW
z`rE9Gnt9Em<(JK(wh-f1EsWJ4{5b6aiMsq-8}et<jp^_e>eUYrw`=P+kX>bF@)klJ
z-KJ93F8M`s*Y#T7CPI}-fR`88?lUXQuU{L&?~71<P<`HJes0nCe@NemK77#iK$~x4
z_7plpVhivI4@A&FII=9Lh#Skhuk~&MVca6d%9G_e=p|h>2)=yy8JQm~pnPwry)usn
z_b}fXP;*aypA|N5EAgr)(Z<HDd-T|Lp2TeA_;C?IC#pedL0#kiopp3@79eXrV!^n`
zgOof>i22*8XPEY5QKB8X!JMa3*5g@EZ`;%{3W<8>uv|kD+FV9xSJD*-a6K9snHk~W
zJFtUw|ApaNau3Ht$N;PO^@Kt4D@V<@qDsSg+LMeMDldfll6^v0K4p5GF=KXZ3*A>%
zqHnJb+iR0v8H(VX%UzOKe$;))&f<$8QvxE{(D=P!|FEa(7Id)fa(XCASDC|9ySNoI
zi`YXUc$pvwSY7!71D1VZA{cAC<$dljDDjaw74Qb=1c8m+aI^!iV%wb6d#Zjde?E8p
z<OA#bjwm)QT4#n}Y65g+0Jn(44<)C1of0-6LE)bL)`JG=L#g{UxwZRP+5c?Ci5Y_>
zDV#?*PvNh4$4tJ-xciYJtGn&i^XeA=TrBgg$NYl>A)^PBHzaiFW+R3d#}$kCqf4>^
z`MjvR0<;3sWbZvs1_90+46M$@ZD7~%rirg3g-ZGy1mclQOZud$yrToo$c13^Ay35y
zZ`R2hHc%1P)@l^ij}e$4lUws3vS9H+GN3T6wG7*DFIDIp%smMFFX{};4xX^SX-Do(
zmQyV=CkSz$wVdI7x)ze{CaVxj_)=PxRSZES8+VgqWs%e2{q<ff6}n$mF!#t?ATlK!
zigGtEmkhAo;<y?Cj@?f^(eB9v{s<sn6w^6D3T{HMnxso1K|CFodXH=A+{_*9c}ENe
zmMKO*L@c(O+SIyVVA-L6_sqzXE89H1&fAn4%`O}9S1DU-0~<)2d&~@>tuiSmwUKm7
z*=PC*N2!NH_l$4X^?hO(V`%M2#|Uye2P);Vs-gGFJAjxy|Da%=R;KQ*?Ho(Vi`%cj
zE1rm7=n4<Ps<s{7GvTw3_>4~E&tw9>UOV$nLndbyR^5VJCpE*9k(-yqyiG{@j831&
ze*g#Aw5K+-R^;spKr+>AXkb-|a7}9@Dk$d7rU!l#c5hcwp)$d1-JEgA_GF1@)^nwb
z+`hz7E0T-EGpTHXV0n+9Vr!I(iZ6FH?tVpfe)lunQdK~|s_(BJCu%)q*EO_pO`tPB
z;MdupUuOk7MefUz?!&kyWCw#YX5Ib#y5C_#T#kI)Tno)g2FE;O+t_|{fkri=j6Ou|
zh-D@xxU#MMA%FXSCx6ag@*Dq~{Mgk0ke@#r0)lw=hST(DFak=m-)!pvwr0!pR|kls
z(pg#l*O`kWX=>fnb7>mDebi@rOwbeG(Tw`JXaVLk-<q>A-qJ4MCh>*z8De{G@c}dQ
zi~0IHmv@e9JmC{^=L>o+kEx{efp$2&R%>`jagbv;7fK{f$lq<(No{54p)X3)X&H7q
z&z$Y~_jki?LGs<9L)6_u?+Qb^_hPy>E1>a#Z2Woxph}{=N$TLAfv2gz%wf)bt?UKw
z1vMb!fZld2dJCWpNanZEsC;_oZqs*gUQiLg3-IrE`PbeF;d<3KN@|BZlUq*!Hr}aw
zTrGGfOM>Odx`Oa7Xt+@y)b2C)<p=SPqU`wWswg=%@Vt#3%8*jiLa^QRk(TaJpFeMt
zgVx$d_F+dti?Km>!yk|3p=@e)P4lHJPF5E5rp|s=+gIF5U8_$v0ouP16H8LLV|YQ0
zk8W?8Uia%3v39hlidkEk?nmZxtslv%m58hp3Rzz&I93Jj8lcRH;>mAZe++guLlhj#
z$w*ChaBGG2N^2EsF=`(o^5Nu)T=LfsHDx<n;CMVr$b6>SqjMd-JFFt~KBG_F@p^5`
zsH5h3ixIN&IGWCwK6KyMe@xP>X~w$&I#ylxLIJmX|EQzea6bUA;#xG$e48SGD+|b&
zZdwtV5eT|8ZFtGTj|`i4_YBOrlgYIpRKBJx;rKMAKan8`acn3*)e;)Ws(srrPs5-y
zRph@pix1<ncL$f;jmRe>wfb1;F}7UDJCZhY-DS@*NTbz1|E)Z<utsJo`Dk9$L3pZC
zDM62hsm`aoqg&3mL-nI;vx^(A=#&ruA-Q`CWNjZ=aK}T0ISwx)f5+od$;JG^;($b&
z??&BtT*Z)3VV%2>=5gdq$=lcNcw3>Yte|Vd%8YS(swruzG0~$)wt~Zenc_rsqbo&=
zx+7_S2JKUlMm)y~>Dg8eIBMv&oKcy1s?mAmiOwS0<Pq})=ca1CJFTz;eZw^KkU6I9
zLGC<U^F?(<!LiZ6tizdwehi2GC{<`ODNSg>y`r6GG@X)rZq}|zcJ6K*HkejRKIbZK
z*p6u2{rjD!5T+MGXZ#JX%a1!<;rQ0w-dS%*uv)q9B+bnWpIw*rda2{mY%%WF#=;Cn
zcCc*c4i|vzA?SfJV{})5H(7N92bx5Y9sG7NR0H=%gVZ=@D%<#7O^H|JLu@7fIsFu(
zQBG2;zP}K3=bkc3RRNNjmp;}wlVHbYLOV?yz2HmIL+M#=CA6vfc-by{XTw4lgXg?@
z$%*2%cdvB;x?@MBPUpr^DuQW%E@ppf_66EAe|5nbcj};XVK2#*?EKujw6muqgwFk^
zib|<v^erQXXK8IiJr=|ltX6M1mKeBKlJoHg=g0ALeJQXEh2bE$$ZxS;>ibI%ox~CQ
zePM1F-X(olArcr@+S94C0+&0&6!zoTjLyC2J(_u@==askip6}!X90e1oc53(O&YII
zB*9rQ$P%o8^!)w222+wuFidCM?Yqeol%y*szGv-o-*>@&uYT#on(8G-S}On_k}v)w
z*-J#3KANv-Tt2Wq1SdT2GDR-g%6VoFLw9YrU4K=5_r=O85B9}=7CQEZO~C4(Kdmf1
zRW_5mqlLjm4I<@15JQzFBPElL3;CqvVE_KtM^ZA<@9)rJDR|&Q{C+CLP@o5qN;}Ar
z@lby=Fx8t|IO!PM_w?{Rd#!3(Z#yc#xjEHsb5ZqfC@XD~%MxVs4~(^HoGp_lO<UlT
zY-9o`w+ph?o`_ySIAB#pXX72+B*aR{7!VksxLNJo;5bNEEszGpcXL!N7`)P+Gbml*
zCh+7uAUo4Tjw*ID5ew10Sj^g242Dkab4(2p8-bQm0p&l?dpO(tRXz@@_W*Jyh*7@y
zy)b}mL5{-p%a>#}yoWpxw-1|;=_~Ng!q4YWAsz1*v;4=&{*b@>zmq@rFZqrBO@4xv
zf5;#2_%@zjzGphT#!}eiWAo59lBuWwv~^}+ut_(~eqGL7VE35XqP#HOKu7~l%ViFO
zJ^g^^7BV5Ru%5kD<U8yiSycuYfLBnwy2N_Hq*20>Ub%~?=K80xgMQ*?>tI9~L8um{
z9#g`}aMWsQ50BUg2giUiN|+@i^TJ#PW@HjrwRfE2>$)*Ay<)T=9#GX}S3vEus1LEv
zBojfwipf_Vd><+im@C4o01g~n6fa0ly--g-y&vV`hh@Uo;X`5QZGfKk9|Ns{=uaYN
z;}*C9NnEWg4ku2N#t??4s3Gu>cB^S6AIr{<s-^Vkk?-N`A+Oh0-)kQKFvZy3q9OW5
z`O)QGc3X6IY2Ex%s~(^8!=ik^z|kGYBo~w<K+(*fhwUSwV29QRx^i;i2wH@i9)+uJ
z;cXAVZD<S&dIh*UU@}ksE#j}Xa5T@zuX2+Q#N4LNWdM8VV>@zFm=8Yf50)QL9b+TE
zQLG0Ir14adRV@_lyZUFslO~Bfk`AQe0>rOJh+qOj;0cbBBh69#Y(g7hV=R0045H9?
z{BL9r#CM7NQZuYO87*PTk=v~m(qVlpCtY%U4Pvyr@3Lv%r6s`tU=1|iY2cK&lQ#LU
zVkVj8_^;zzDD3{wK`q&Uv=a+Z>O+ZH5hH$Q4KZ$DpdWzPu#*_u3VkU(OAV2R;)f91
zigt+;Qw4DZ(Em=%h%P;J<h}yqMX-q1jFMzRny33)@Us`vCCsdu&^Z}9Nsl()HXZC}
z#pGU4`@2gg`&vQ=63`ceuiN86?X=Y;Q0@#$p2D`!9q)1({jIvuKM_G6LwVu1%;&Bi
z7w4!u)-U{N>+R+oZ*9Fkq)Jrpx>JDoC&ZIx_geR!pB_>N@!c{9#7`39Nf+%N>c?0d
zVMOt6FrqcKh!1>{p1wMOOdYkP=gZsu9LMX<s}XSnXW?SdQs(s*w*$;Rk}LRLU?~}a
zV8_l&Cz%6@r>s0#CgIlG-`^QJ^IcbOl4rO4nEfVvjSP#DOKnfr?*4MmT}@W~LCIBw
zDN?7vZ_lqw^cC5wG4PrHIeVA$bIs^42lnSL-w`XhC6oTo=9g9Zr}=%Pt<CK_6|Sbv
zsj<!J^O^LlgUnsH9Dp`lmxGmsAst8%7J_%%TE`u9+g|t@-L6J>jsb$&@6d#<U4$E_
z8X8pOB@-e2_3+mE(iio{JQ=l+(om0!M7C~@@%ITJ^ZbkJx~(yAk+bwFCeP;4NG1IP
z*UgIE4M-h2AfLpCaQW1HK_dH8MNrQxjM;<xji_*hY&mm~%}|^nmZNFXm7=#E@Ex?>
zz7S|+sQ|PqLqyaXYFAS5)B@+OBS8&5L@+udJn7u`j_zmD5rTa3XVetkSR!7ItfuG>
zl2)>^tFEpe+mH;AUC=E*I0rr0ln<F?%45V=C;y5J()aVJpGt#e7<yj*Wv+!=?@CY~
zCgw}v?n!#n-XknOMC8Y@c~WW?>X7!>hW9XZtoYNj7jF{r#+5&8tI63Er-1WT9=(PH
zJ+LFTe-g;y{=j6;OX^H!jEti0f6)zX-ewhp0tJX1M~0K{u9UzVGU;QDUszOtzoln=
ze4@rbNT{ii>5(VjE{!6JgO}`O)tadntn1>c#q}f&uOZ20akmazDzc2J?H%igNlW$A
z?i?LD#v2-s(IUFE9D@D2MB;$z0G(ecRT(~MeBLhN$h)+9fD<4KvmFN6D01k75{r+-
zgH{s1`GMs6Dw`Rh<-HOhhEJ4ucdlpXI7S^d|CYnSAupkg7ad;siqd4x4fhg}Jlv@{
zS)PT44qzu5|K1&)LH_Sy!M!GI#w`&EIOg0g>&9Kgu$BabLj;p@5If_dv><Im(_Eli
zKZ>kJ%xc`j^}O<ebh>s6sdTe7k;mykpGdXnEXh<w*l64-!GUXTdhymSP>wy0TwTbL
zzJJJ1TK*n_69VFIf<UCTN<n#B%T-Ulhme4Ppn)v-L;fAiH}WI?p+96tH}@avr$w!i
zD4@a)ydQ;t_~Rw{zk4bC>jmR~d5QiI{l`n6)_=U5zj<kehWMNQQ;Yx9=ucgs%c1lC
zs!;5|Rp>+XUlqcI06)$`K+Imp7F)+ek)5G~aNT;NV1)p(Mn*<hpE!Y~0)exo!z5N;
z3R|^E;L_qGd#gO1gZ6j|k^KoL%Q;yI0N#1q%wN3lJ*@yrcWEkXE;D>g{9NA!5xhF1
zAI)T>XKx52me)nrkkfQrQ0jLWuIo^p0biKZuuX0P-hgTtM*<@F0UIO_`V{bJIRcV4
zukGDs*hYlupD9+wyVimlIYa;wDfGs}0I-`Gw<SJ}AW$7fAOQ{7cVGBCg8FFc$Yiyl
zG!1;`hg^^rn<v??exq8ONzpR>95%o;I?JAujUQjPX0U9AaG-gRz%Uv%ZDJ#@CjKlB
zK>!rCHDXw@*$(sf!byTV{|IwQvws&5X)}rAw~MVL<hT2=-5X+Dxw_p{0m!}2%#5t~
z+G;*ZJG)6i))T&cQ8@R=1me~Z?E=8&6xsF);t_}CmBW9E6nRen(U~qH(3R#>va^EA
zAAq}v1Z?96dvksnFUw=3?ol<}@9i$Ej<^~1_WO1LQR9jc3(~}2cfi*iyp<KNt+9Y6
z1dNAQM@VW;Rj>N%z*VO}=|s(XfbSU#R?vkrl5-<ha)8Ls$TtVunz<co?P>%vL=uY)
zlH$-_YI~%mJwacCoWJjd{)C<P>u~nb9FV8IRx!0J6s;^9YCujJ4!OnEV3IJF#N&wx
zp8hbcmOCi>Qshp)OhP`Ojc~0f2%<0EH1Qo64Qm)ks2wM%i+4KQTi4)RzqaN<YoH6%
zS#P)GN9kd@P_+zhwltf+P6*Pn{a)Pmo?r~{i$E$briu6!GPVo7!(zF4K8@fj59;H9
zfls@L0CPp3&R0{cDk*G;fKTIrYU*O1(Eup`Nw=f(wK|pov4PFTz?cKz*@vBNg`3Un
z&`l$B>Y63@H)Q9qx1WZ$pPP?g=f_KdbIu|C{#sEZEdgl8itP%+pN^Heu4;G*A!MPd
zlIg)Fe5CW-t+u}v^Z_Kjgl-s)*(qP~^D?ne3s^!nbwe!2B$geJ86scICf{c1Qf>22
z0wu=p#PkroBey%ciE+KT#yMJODczMuEUwkb*|esLfH}JE?aqwu0-aSrW6SVV6iID|
zo?1oLO7|EpzMWaYyqC;5hv}jLHnjCC$)tyjsID3F7}3e#h|D4LxU{sQ^7ynA>dp8I
z&zNo0?YI~jQ6`(r8964S%z}kS;z{No&$aG8WBe&qJCQL}qMg>pSM<agu7U2ONY^G~
zGk(iJvi7tc<aN8ck?aQ|$k>MrPltpD4ym`5z^BV(e~qgof`=sc(a6|%H3A-Ydyw~=
z!F}x>C7p$)N<`4`dGspgOzhSgA4;aTmZLhu{VcLXds@0`!XM?U5NvJo5!s;^!K2rt
z6n=v0Wb5y4EAundd?x76`&oV_90|^Nj}_;d@Tu?y12Yt44LrwExqTG|v}oL@1?qt&
zirXAXEHOr;$?(=eVB+oE^Q{AfY${n&oS<j)XTp!T2{9K`Sq7*j<2iVcb{na#pzdCb
za|Lt<>7j!0vz>;Q=omHt+lK|VVn^E979<aMUM&yUl45NGL3U;U7nB|O4O%4Swpol&
zFpwigs%MuT#J!&^x{maaRFdP45L{Ui+B<!(r$<pB3}d&OcD)@Zjq}AjZW3oV&9$P%
zLh0>zPzlIh3L7wyI`oJQ=Oa~%uT#|XTJUbOowpEQ`V6VZhJ}3QeK*c?&ms>(4O~12
zNub;4pW(?U5_vZICc^YJMjc7&$8}zLb}BaL<exDpDbZlGU}hgDB(o}f^GF|2#wwL%
zR+2f%`_Lg`r>K4SWvzq@>FT7Hf);isFGA(}h$XXX2{K24TI;OjY!=K>N*=;Zwi|xb
zEAI6r4g4VwxsZe+qJRiiNor<>es1y~JveE84-xjJDu2@dQWY=AqCX_x?)=|+K#ie*
z3)_92^rskv0$5pARQS)<+X4px`S$qFLhwKND;VOh?M*TuAm06t@&Cxs{%-$M>OUGo
z+V&pe@U6g~^uIJ_75cB<tr+}UW2iCSH0DwP6#@*O`c?`O!v6oR**`la|DTQjSIt-;
z?EgA?8z1$zgzW#6gL}(g-<JP*`u}I4GgsGC9kM3}sveP#lkZ2q<f;Y0aFn>@Jpy-f
zIU@<?h9%-bJ811}*NOsMIFrOON|YX{nFV{rcpakO!xW70g~f^i{YvtOGUTz;-yIZ1
zSn1c|RWc406+Lhs88A!Shh(QzK0PtY?i8~Mh;ft%aum(CuJ`Xl<9`w>A$Km&yXK9&
zw2H|j91&Y8uD(?W%FM-A3CCAJuoUAIkd!q??GVc-Cg@ibx?-AXEbwT+lJ%?bBl27G
zyXc0r(H<NKb@emyQ}%Q8m+>22X*`|ND+k!ZoI;#J6T@U$uQXbre8YBI$?o@$?N0AD
z?1n!v<a4dJggAmCXgHehD4WAvgkMBngkA*Tq8xAJm>o6F8-Qp);vfc)C`bu}f70C0
zfY%IY#&P3r)IO`6mj-EqOhB?A0fSnRm9Ud_&Us`=a(_)f9%n;&K9cJ9A7M1GHQ+Rm
zH0s(elu;IO7ZLB_s{tRe7wbHME^Eh~-H_cM1R{JW>=EtB?D6f9?IG=@nb)Lll|b+y
zUXUpW83fkLXmhTPhLQ&W0aZ|T01QuOn-y~5Zq$$PKQT1kYm};2{fzVf+<n;H+C9*X
z-R*)e18wO4tsC6^p<A*00$&EU5ONO+2apV<4#{QCfUyX(ip2k(ADJJ}zF6j(rssdu
z-PR2YLkSDxU#fma++mFQ5&tKG280Hp2Av!m?I<KYpbTIIAb?1N7@y-_aFn0zvd8pD
zH_JPIr3~Hd&v`Ygzlr#Iq^Y8GzTslJIToLic{6Qz&zw7Xl^)>A^hy+Zu=Eto(yK2S
zMZCFO#?xyXtw}Pb`dfeC+85998JYZ*byrjtI_mfXJENOM5%?{*Q3<PZlCPr2JM@Jk
z<xJm$pUIamGK0@5AboDujyNz6n1}jH705U00F0hAt4{FEV~#}L(Sp_{yTd8SmMvVO
z#;Y8$Yy!W|g&_**>(-J^V}gx==MtVvnl?Xm)#%ejtQWlgkox&sD3Puq42e(T;bghr
ziy2cxnR2smX$wOFJrGlCzw3>Kd00%W<nxdu?s{E|?Wv_+`w{QLO4kNYh?yv5wK*#7
zsk<saMO!94@?#X-X3^4(yZf`>a?GSReR9k!6i7iX5(MhdjJpT0?|CaP2tAe09`L9Y
z2m<vP#@#Q1CvNUXN#d!zKTfn{lCZilGAwrUVP9(59{e0F-z$acbV>H*KPCa*4<7j%
z>u$@uHjfBV-4CvnSShL$*qTgXl>lWB<!tnSn;%}qtte$BKT?f9T+Z$l5ESv)#qG9B
zrCw!POi&AAnrPAR(T+ca&EA^KTu+}(yXNz3ynP_oLp_ErvApTAdJ~LdKw8jJV<b3+
zxMVAIDb~fK91D*IG_M3_E88Gap?XwL)m>RlzkJHuCKs`0%oSS4cZ>|Ds;WvUBT$h!
ze^eL>%an=6A?wZ$0OoV-;)svTO8s!2`2EOV*GX_7JwxL!r$iP$?fm{wOQHoSw2fm;
z65px?XjNWeMN+c2t@CL6L2~0tMQKm^{F81G0yh<ncTqpv!Ica*Rq;#T&5}qY++p>=
zcxwffXdZ1eZ^==sT2baN7LknkLFdP3YC;U+TK+9<@UeF04I}U&scWtY`A{3@#vA$O
zg|UEG>5#mjr<c}}-m)2qW7QuYoK%ZI+ZJ1kLz_;qKq4?kXq&kjwH=!}_a#+zbKX8{
zuDnXsiZ=VGUXG2jKJbBaTKnc^a{56#uj{=)zXqAiY)8^BC3bDjg$03gt6n<@AIj+6
zDa>tmH{vi*pxX!d(9}PgMET#z|F@5_qW^F5GYtMi{#28<ehC**TjW}hPFu!W)Grs<
zHUMo~{95SrlE6tOrp4gWw}kbmrY+ilkpc%r$waB0DVvd^OGPSGVXW-2(wONxuhI}Y
zQB4&V)ri{C-=*9VWw=-YcMi#g$A{l;xOWufi>Yaf=&D9$@=9|{Kef!pA4-o@WGcxY
ztg~Ds;anui3zTIRJeL+&N<*t?&n3Z^-j)hrDG{kk(UlvjGGHmLsc;D>UMmO`{|r<9
zcKtI<{X#|OM%BCI2Yxn;LIi$3jG{D$I8u(1<xhOcg1Pq`-$#lSEinZuCCjE%)V#9=
zv#DpfIif~N;4GmM)k#WGO1`I-Qz=VusLIY=@aW1GQO|whh^H%Cvg8yf5L6;j#Nv=2
z&nrDNx?xdO&MKDQw`lmpn0t7rd_yacC#asKjC51*7?-IkGpAHq(y6$iz}TR}ShQ>z
zs3qb&YuS)`nA?>l=DRRcQ|o_tq#>ORV_6rK6l7TzRViti7FD@7hfJg!Imbk#%3Qq0
zTbf$j!CR`Q@^pi1QHp%Xav8^4KKO~vS%;`-*Nxf*!C6)}FX=F-Rit8;(K%dC&2^TD
z_3VMTd~nc!Ncup77k?;M6B+-9uO!j0)EaE|g#Ow}cEZ;n-nfo|-}}0pagq6VOB9?b
z1Jwk_Fp(y%OS<@jr*%*4>t9&e{bAkws2q~pu0O~FXJ#leQ_Kp7`3ZoM%5Hj@$%U7{
z+CR!}v9v?V?tN?Ls@U{)Bhf0WB7dB^dzKaSo4@$r_1*^5d;f8HXz=PHp<8I1WSUAa
znIwChtb8vEHaCJsY&bWySdKO~skp!SCsQHY*M7~q6qBZgm0Bei&o%*i8`pZiT2>dc
zHa5@IQ<FPGlaqB9yW1aYgQvYCOP)}@nh%p#IrGO_=0AHiY6%Vmd-Yw@+Su;RHeEKE
zp4Hq8+%V-;bf6^^cGOxVcoWrkuwv=DMwq9|zL#bXWy6>KBFm#I4GW{W`RVb+Scy^v
zE><&9g|eT#G=h%2wz#&me5iD!#DPppRRK$!Q&n0OeM!|sRdZWGRRt?nSyg$iFR!$<
zl*yqawX|@kLaRiLEc(IGGFIJLfk<3%PTCp$K~;TD6;okN)m2fUqfiecP{nRe8&l0&
zg+x)jqf!q?VosPt0aMwoq^ZxyvKXH(tZdV=nI=cFH1=(hZ_zpi<=oSux8mnWRU-)t
z4!uYmlUZ>NMgB^v66xIX)ZD@l>REOU*#u>_Swuy>aiuzOXb!1yG^{xt4s{i!t2wWW
ze64KkkP*uqEt*WF@Hs<82}VU3an+l^M^P1J{gSG_nM13ahT_Vk5|iI}Hx-X+vkLTc
zpD)U_^5#QQ4?S->iVNn;ZgLx!i#fx1E#sFd4oev=!`<XwvVBl*W?dR|XVv-U<fepQ
zihVGV=7<}l*p;4U1uxopvynpv4r6#J^c19K(Wb;R6sY^c55ro?QcI5xTivAJzN->!
z&f06(<8!(<;pUqgGAZ;~tUs*~j_eyXW#*O2R_bp1%1!23fBWYPqlX&o7?=onfCcJm
zqE=tW241s(1FsRC=HmKjjt%|1uu;#{17HlJ*Fsz)7aVT^lHtp9*4&`Egj!|jQptuA
zG>(}&1l{W!Pa$uCk8uOjn5kk22QpeBN9Ob=g}qLxOw+R7Ch`p3t0A2fWF8WI675k&
zXCXe^15)k&Mp+?TH!N~80Q-n=+>kf3$RBgyo4M(xrm2zOyOB<x0->i=dw`Kw-$%kH
z@rcPmHybYW!R8RxZ^uL|@PqduclO5^7oCE)Q!YktUhW|V*U^l=MMUEUzj*=oIUgEC
zc8~{Iy%{QMfExzJP+IHshPlA8U_rKcFH@?gu`d@XDTi#V<7URKz@aZ$v6_P9b>5P@
z_Yq#(Y^*>t<4)kvpddMdm!#kYp5``N?V{PXa#k#*AbHk9M8qHR)Bbnz7yZ4ir1x*~
zvwHqR{@_9gh=r3gEEYh-7&JM;D;2r^+pZ7TE)#)6N?Ea0-fz9-2!=bO9qp_XEI~GU
zZ&S60vGUs#%`LXe4B*h6Ao-D(<or{F^*P?sK3naunQ<L(2s<mbLXceO%@ML>r$~M|
zG&!7aeC&xJIiHuL%VWgxCEml7nQ=65NG~haTaf(8TN3#`g76ZL=a|i*FFG+#kZsV*
zH0o(A{XB)|fX#8lY@0eOmhH{sQ$+d=9?u?IEmFiW3^^<sZP8nWal9m%9wT%v@mk)B
z_nU2}0*9QlVhIGvxx6K9A0k#S@LG=8F2jLC0$H*8-jb(J5&Y+P(wBJBw?>rxMpWX&
zY#(-6Fn+&fn{1B65jxQ1O+BA-Lou&}A`90SWvxC3F4+ny&tlz3z)mSTp;d+H<u>h;
z>*3giZ5sZ-rCrC$>+^hE->JWsPDc|8ult?O&CC=M{yVOjp)#cGcWN_}ZAjYhq-Ms`
zAET+SiiT~AOuF5OS4TREQnMeJ4nsXC#QCN&8K$J23jOwJJ(LvsLb=0GFUa)t;jXc~
zhtXand>#5BE;s}GRag>P!>|nbBmzlLgranV%;7b8Dx@lO)NJXa6BkCzcADTdpk+s$
zB2NumGZd48Z>hozg=pqA_S2!g!;eukF+FKy*=P+LI5ZWL+;KEMl%ewYv?!`k(bwIC
zB=(P3N~F1NScLl~jna}7)Uj&dF|NRCOv7uTsSP<WEWm4zd^VHNGVL0jwjn4kGq|)r
zk}hLyQBy6Wqs>rDsttKC^w(ez#31OCj3wm^9XAYLr1L>t>AMv&Ts=+-bvMksy{~!D
zt<#{uw&+ZLFA#0HJAZU37cTR9E-0_fI9)>D_qpbCIkr`wt6{~xUOC3mYjO0ZcjwQl
z4rWw@F^m+$np<$nWL;h5rpw7%eXkp{oTBgk4azd)gxphlikB}-YYb34V8YCGOXk1^
zUsUXX2w$?-;s^1<*)+{_+x`=Kkl<vV7hz-(9DA%_zBIdL^g{`IWZ?{As&t)sV<x0v
zZVP+#?#y7lpWxJ051H1NtZDSe2*D!e>*I4Q#)7H?0xikW18o8I@_g0$)cHx*`lQYU
zwn2|&VFFrz&MDL7+`ZWUkGs2Iieq^LMi0RyxI4k!JwR}GcXxMp7J|FGySuvvcPF^J
z`%ChF&#il^Zk-QsYh}87rn_fnYk#%7)6);WDYjJ+Zhf5dbd<aDvVeyf{#g--V>H|m
z$37%(fq`SX^pqH9fk}GSA?%x^$q`OQ5sdqLi(t|bv{r$IV}|wN@*&!KA(vy4caFy`
z70Ha3`wy{rNea$vOq*fss{=QK_b)cRI=fO&6785a6B?I^?WjH}UA-DNtnD;5L#sD%
z?L-&-TsO3@N_fB8uC3d-E_!r!>K^&Lf8y_pJj!{8;~$Vcig|}-?ektSy_$F@X6+n2
zfqBR1Y$pl*)Y(!2^i^G*yn=U)*j%l?!gc-f*?M@a`W~}+0Pl(<vrpj;%_y@9qX(q{
z8i>M&NQf0GyzMrvT8}_8K$Y8YNU4o1&@X!xi9tFTGNPaQsOd@Ai6k*#e^s$W=p3rG
zEmEU#is&)GQ=@}}05L#lr;39pGQeP`nT|j<Kv9;fH1cXw*08u@a@GW=3Q-}jpm*}q
zX^ztvw@F%+tU_VI?1bzj{I1Svfzu?TiB=W8LSn(_B-ClX)mW>^T9vIrW5Mbq(rNK|
zpw;BfoJ9Sh0zx@9!LndUk1L>@vTUTt$muD(oG>ea#fU~tV<E<A&!IN6oDO?9s5Zt^
zn>CScnDkm`S+SEiZDjv5U^a!uNYWlvZG$Dz>amQ++fgxZh7tNxX?TK`5!<rXeRS1G
zW^Gb<T!&HnDbdU5q7m=g5#44y$nFmg(M}SGUrl=m9EzPp!6RGtfjAVK33<C7_Vu1R
zkumtgHTLN^bY#OJ*8&`3(uoSYiX2kXNld$v91;_W4!a`um72upzhw51o>E>ly$QSG
zbw&!VEuJEtE>xZ>GznEkmFycdiMsyCPxIgM7yp%C>)-OT)BPjA)gTa1oW<UQeTF6-
z+i(OUpLJ~79$JgiJ3-UPnSJmYh0Dli0H_v`^MsdOZ?_+K@xi-#Zi09TL%Viv{F(7Z
zyJk;u--&z@P4+n4w6&wr_ek8-v}08ESlqNWqS^MipUNcTAND{}h~tdJqx~f(;%@ea
z?EPK^Y2%xAt=vR561oDPgS6rAU^)<w@!gr237F}b$#0cSZ4b|;qNk>&xF)creGa5d
ze3_;&ciZ=1oj06=*e}@o(zhlcP4aIlnMU0vG0)mB!tDy#6*9~w98H3lW>faYocG!B
zIUF+FCOi)eO#E&_>Za6oJ&&pFcpP|KI&C{0JM9xWb+|S;EHW-KoF?2qXWpI`vu)($
zWnay}osc$3y2-0sUEVo$y61Sw2$-NaAUiNQNO$OI+0}HgW^YPgoxnY)ya{ude3}<?
zJm-Q>HzXS%NorX`t=wC&?tUBL-g!UGbee2AScf?mdWiK{?%39Ls%lwW$3B;ONc33k
z*x7LMvAbybygu^W>%lK=m$Z#S54w&XKCBwGvCpp>7NQSvOLhsWZOc{_Fbg2+JL<#i
z#q5*YlH3~G66sazRqLDHvfMh|!r4mS66tH{ZRvCCb?bZTed+`2Rp^`To$X`lW$LTz
zt?P5>#RnV&9RLo3dEw}~n<kfH1||-F@Wh>9qP%3(30ZY?ULa2%-M#smlBUiQPK&oo
zic|;TA#)4Db5^RfHys9IPz}z==*K1tnpD?*ggc#3FH|_FHcc3;w-R(B{yO}o{PUNx
zTiF+)(=>Z7!(i2LTr-i{*d<IFRCZMMUlYGD)Pl4IXpbtUs;3ku1a9~@uSEDY_#a#;
zP7@k?XpcNQRyOk?y_}*&s-Es{QKwKkzLZbb)zS81ifdZ=)nmjyMUuucDma_O@$mk(
zTyPy;&b|6scZS~xQGd$~cGn<?Hd;~z6zaN(#}OR9!I66fagaQCHUSmEl|e;XG-~+0
zbZjusz27ykirDq-j4Kt=t5FWXY%MQc8t*6?A}Ic>NTC)Ti%Kyqx`mSCK_mR2#bNzU
zQ}V4!G=1?mi|D0#JDOTMPnC?bsir9o82>N+U!p;k!Ic(1YuepDuQuui3RTq~HdR$0
zOjPA+0w2e%Pn#{q#?fbn5X)knIVuEo_B?ruW38&=SjP!w%nKuh?h(voc}=X1A7N$s
zAG~VtK3!PS3n#yMRl0*!l0H_I`+Uls-L=y57cYWU21=ig`!qdVRq*y(^ZYumALqNy
zo2#lgwP#dtm~6)x6m;x}kBhBxiSCS$le#K0+AWTqW+NPD+c4L{t>e>1#!q>+jqU1M
zr>$Ap+S2;Qk9dyv?H$_O*4nLk*t#^jX%5lsVcLY=Z5wc(hfXR&WeN9Q3zS^0E*7;C
zq=iavyEMGmIMOm`R0EpcwkSP+RP_a?6HPE2^xK@&jF#i|q<Zf8v{911d21=FDJrAB
z>8NKYRE%5Cd~_dcM%g8bZH@}p@uLi2RS(9aZ^onPSEzbWj&jyUDyBLaXOzHtBsdie
zsktmfjn=$deo-<}SaLKU=rrak`Fb(3b0~#3xtY)BN#GL}bkp=i@17L(`(hg7od;h6
z`7-0ckSFG38SmkdDUgbBN)nMI*R*q(I&^9%H<_HTOi)ZNV?lplGYr)S|9s<K!=XIG
zaa!7@$VBb5?OrQ!zSCsWVA?r1W4IQKS&Q03SMWD?BGIL{F3vCHWQ62?Xz)VN!n$0)
z6hA<@pst-RMH$8;X>@lf1S^Dd4f>ZCkQcSG?woGKd;8z2zd<eXs=mgmzWfO7WW}KV
zH5zK!;wjHFumB1J5mtQ>FyK$J^sGCgE7nM%%Bq@Z1(yh)XreLpU}9-eEnW@%La0ik
z8es*q0J)&M8qnb1uoS7guB+9^w8XxYd<NZ#;TiLWVToor=nSC)*J$M7pAnF;+ym+L
zM}CI?mcQh${F?ukpL^#Y`O#m1fL15r04sqjwS77FInt-5#S-L^8L$Jv+sh;!6VgUW
zcbqS{ZF!5!9@NWQ(hjs4iPF3qD;Y<b`yhQ6fTGL0jT@S0Ye%R~JF^ka$5b1<8T!&6
zz#l7lzMX{>d9w#cQ9UHjrMh^L`<4wpjp|vrv-mghQgX_QB2sqBnshFEsvKuGYWL;Z
zn#a|ghBacANSU?Ek`-sBTxl8W6M6^r_ze!rEoa}IwYjn~HfeRy>tU7wXWyLV+LGUr
zwbp3$hL%Xq<ekkLgU^g!mb{&PaSel)^qd26jfR%&oc%Kli<Zppk-7T3jZKz0oHMm_
z(U(b_myr@l&O>$jxv$DZQ62_BVu)jfMmML`S}D+mqyqptRQW?qYHGJ4vd(Wc%no2q
z5@9iJv=xExpe$vmw@&&bZ%}eZZ+69;+yb=o)A&Mk$1<GmA*n|veag>qek(^Z!pHf%
za&uwZ<j5V;Z-<Cj#k^{Fhr1}_Gc}^4g+r#yd%7HI(xV|JSa|b04ZwRdI}Mn7gH5e&
z^zt{gs%R2Vm+=DL3uyxi!1tsc3Q<RhmY}G{7qxPVff0HJhdvE1xVm!0tF5Ib;6a%=
zBS=EAkY8p5r2Pd^Q4wS%$<_EkK|w*jW$U7WkP3p00gw3u0~1jWYSrnhFNS|1g}p3|
zDn4wrxoErCXxe<~l<=A>InO*gQaG6Nc~{7g9D$q=F*XFf;9Ivvt^EA;$<E_P+>EyP
zO(NN*)<4DsBz*<jI3uX9Tmf<nU{;?7!xT_ff>WZGKg21IB+j3l_tmIxok-X%nr0)O
zO)v62o>woDPZ0qL;T<_7AMyrMDtQOi9Sv#5;qXaRu&RiSz|9@G1C?SX>4>Tr#4DmR
zWbSbF)~mN<R`5tPNifE2*f$JeI9c%LH^bg74n{IpZ%i@B&`tgY&=DIVZ2!H77@D3N
zh~daxRrnb0p4*{ezu(UayQ0-^95wS%t&SjC?g|Wo=w}y>HASZ*XwpP@dm{E&Jf_4z
z5&4jl*#7x^bcA|#1~IUQLIK*f*-76H3nY_fRzrljjygn<9p`{??+$}+4Gcwj3v>`V
z*rnS13X!Jfz?mC}>}+vIkXfTG`@rh&K`T6BA8*0$2&a#bM`U@jy!OuR!+|2kIB;9Y
z&Ip59amQDA3<QNQJll6qIH7F@S4U#67bjy7FXMP@b49!OWG;IezZ}9-9KxF&!V}&G
z!)|r-{0!1Y^lKQHVynH?b*I-CHO`FO6}@kWUiu!T?N=`f*NBcewdY7uOPI0*vn$Cq
zbs<Z<g)lpf(Tld97ZQkTDWpbxf58_fR^An)>_7giXa7YMv@7gBU=QAR58i)|s{1;)
z`#M4Qi4tj9C)*rp9eYX-X^S_9h&WRsr!H`(IOkX3;$bdluTg96CKMH7j(aaHiY!RT
z6&5iFfv6~Behs7@Cb9jFF{Z4~xj8lpK`QaRpvi~}=l0&m<-u>Wq>n-wpF0Q?aAl*<
znHE-_Kwif2WeM!xTO;|kZO^rzP7cWX^I#4ecG=1fv9@={zgh1_H$?CG@E~cigEyX$
zcj1(Q@YVTzSs!6j0)j!*B?PD51xC9Dh5_>h$om3jd;$F3{FvSRSk<zis^s9*hCncT
zpLbvwRA86{AeaPTn9piTz%ZY&TH%qu_AAnDc+c(7O@hfK4~FiN-`T2I`r%e%-w(d;
z9`@S8N_SHP@)~Vny5da`b*cYc+^KLSqa6yql=FnnBJ*;HyX_;=jMCY9AO;eX(-)7C
z&#R{ZDWy6xz+Ou*wGn*oh22F!^5eh^KjVWNf+G;o6^SNXf-)pOhhv203V<D=B_Ohe
zkB(VFHAJ}w!i?znF&JAsG2(g(!>E%zD)z4Jhc(RT$4Qm~&yPq3CeF`5R<HnV#HS32
z866yGPrwVc$JYpn`lAsVl|u|89!V6P1NM*nEdMQk>0kLZ{w=>i(m(Q>uK)pcAqPZ2
zVT~YG^2LxS$iowc2kg*+#{Ep}M-GWZk`LB}kq_3FkPp`DHTr42kRRF2njhKUm>=0|
zy>>^olrfiALsnt{Ws>t#xkEI=*CWoI`kvJ3+quNC=UUVp*i!Hu73k>CZ_lOCt&-j2
zot_9teF#z^D#+YV`IQJr69SI$+m*#g;&H7)<it*8vfy%pY`xuqw8P2a6?(+`L$Rt^
zL4`RS<nXB34W?8p5pcPA#b|G#*14NgO#XCM2Ph$AC5Sp~1fBi**r$T+CFu7(e)(+t
zKb31-nT{$vX9P5UfbUcg1n(e46WLM>BeZ`t#Ncz04%)#b5V(?#Ms!6V7H!8ijISml
z3yEAwCsud<qDD9e>?T?aa~&rOZx|+vZ&)_v8z;CkL7;U>S-ojqtx2d_2}!L2o2UW8
zssY2Q0imo3pSTK?xC)uL+P^GN49i{lg?j_oT@%$^^Q*fiuDd3PyC$-`CX71{Q74W+
z)h{<+R7hdY#2stotxVEWki|P}LYUvc^w>e4(M3x9ql)di#?QdYe5@k2zlZc``;$p@
zt7Pv_%;>rK%R-h#w?l&<$@$W0YAOjZT>;?)LhSIl65t8Je?zn#K4>vB$4QVL&qlks
zc1v^RN{JdHD+HL4khjHZ3sn`u9DQp|))uHD`Kcj=Ul=tda%6C8_YA7l*KR}}G<1mx
zOf(?M#NV3YE#s5TJCk*Y)~Y0^D^vfYUbbE|o=lxu{hK<aI;lGC3Kb=CLfC!CeHh$N
zxKK*LV8KNpHX)~6u3V4YO~I}(ypYVFnIXqQbV3pOW;L?ZM1=$2YE-GIjQj2Nk!wnp
zB-f-YX^jVvY5+^}mL!d6t3Ry<ob^3w0+!@XiO*@B(b|4`{L~t-)_181UW!9xs)g+%
zXA}=-yooe3-e5`%N9)UgU<n*U=4+%NC@+H#F=J4q)`J@%E<;g>6H}&uSsZ7K78vC-
zCWpW2f^Nrc#}$<`Pn&bjCsra=3R2A95bq#KkJ*(FP56}r*;JZ`Phdc6@lDbkd<z~f
z7pWI#O>EHT>m7;O=LCH4j{)$P5IVo%y}R+BL3}PD-VuOa2@xLqfPTY+`0;`Q`(O~8
z6OQRst7cXM=yhS@{Adj6DFbOFN!-sx1l|$D-W||ho0g8k0H%jhpdAz-Z^e*r#ZYgi
zK&fed`>fe+K2zTjT;-<@P8EP`u!*f~`p0S72+!`{Kl0E&T6n$hacd#KE>S=;dqH3%
z{J1fzi*S|{@J>sB?iE2jDE+t-dNL_>C*gEul&XucmK1PLOZZL;Lz!12wTX3CaJdE8
zZB~Eo4Ss*5_`*Bzy9nixqUx+o-%qpcq7+g28WpTF-0=q-2H5YBFPDa9mxfyhl2~lN
z*&YS3v1PM4WmDsMjK)rAAkhV(g`so7#6IITC<-S{n{YB|VHgYsG8l|uLKzG!(L0BO
z?DVrUabvIz1{@8*ntV$pH%4I!3NaaE+(}k6{=x(pF|19&9HTa-jr&Dyc%4i##z>k)
zp{vXQkYuP!RGYLkWM$GwkvE2@3tR4sXLv~l86zxA<><vRkftX~nH|I2$8qp`0<?UN
zM5|<AOI{sw*e97CZr9&<J&=z2(0q8JYnv6ww0$S{L%Q+n_e}CRY;|TtvJ0OZcUB>U
zX(@B;)ZV$-)GWHWgT}9gFXdusUzdbvDun0DuDStxM0J;7Z)GtO;n|X2c#?lB@te~%
z$3W$)ru56+Fg$NxnS^$st?(lBc<NkwtFblNSV2GkzAh8?0zVMO751QY^=7a&ao9j7
zn8Zs#jOVHHb7C{8hnI@j+fzl9&Pyjq;HeSkN&r(#d@L(IFbh@g*8@PX;v(!BUg+Xw
zrf~CM2f+RL$J?&Vz6gCO(ba57|Fd?W5kzmDYUg)9fCttuYG!;I!etqTm7n5b?{)Y}
zIXlE4t$*a__;2~k{>rcZZ~4U}{*nLr3<&6FW$e4bmgmh!ed9}!`KC|d`w{i<0S6KT
zqC|5$M2me3P>2&QfyeKOI$cZ2YtvA{mx25aP&$$`qhybON6J_?Iahe^9&P{{TeN2Z
z;zr*URu|z}Q!}RiKE%xXPYuzwgzXJ~emT!=hcDux^#v5?BNg95cQ@my+Z6;ezj3e@
zh*HEgLeKlvE48=;MmLv=t*FP-nw`iIJLJJOH$_EbSV*pDl~m?i@ux&LQW%9cH<c#G
zIJ1R%U{67tgPEbrg5`I_s*A0ZxpHrb)pj689ni>bXDX2qJVP^sX0FYmf^j3tOi3V&
za#Lv{NUboerG<!<OOu>kttpg&F8f=~Odu)}p40rA&-YRljaCzlp^inu8Vwg#B~=ch
z=T2d$O+!drr<SPIUZ$!2v&}t*89tdLD$`1!$t7f(B>*-myB3F}=;evWq8b*^yK)Zq
zKFCLJivWuQ+SC??3Ifs7{eQE49b_2nkl=9segV3_3I0iX^6*0^LxPj~`-SN0e#7|x
zPx5*XlSC&=H8({tpRrshHE)@EJVu^T%fWrGJz-!*Q7>_ypq4VaSM{5|Q9dXsY}5<_
z0jpvtYfP_ax{-vQw;s@H7K>GraG5HX0E{#R2cZs1P^|2C;Azo#$@dlo$%%67wv4NU
zHqol91`Ectr=_oD5nh}p&jt@52QYP<jz)Elp_XWOozWtCp}qnvsb{;)0$ct!X_qEV
z9@VuvQ7AVf3?!nGss<DrK%JsuliWOd{Q9@UawD9=TZ5cP9v&JQ-qTwlS7KM6Mdw!`
zQ0v4i<qHS!Wu9FmJPgbnoIKLGznr%lZ{p`VtsbJHWESjjlfF~(FmSqkDXXBgu=yoU
zOl|Qiwu`W|7OlL$SAM4Pkqt)<ZNXxbW-YC>7P370jyVCqup+3WNcMWZbeLyW?|$^S
zbsD!V<-ir?x>(zMky@LWFu*xs_7<jsauB2%-uWAiA;;Tdbfo(vLI%dZ-d;r}Y{kj)
zwx9m(7jDM!?q#otM5J=6(B455qo(&pPrZD*Nwi+WqQJ_sb;uDZ(M!anyNpvCuhjVu
z?^EBY3N<q!LgNxIe7a5Ct>lX$5=1QWs*PJ)zmS!S_0L!^!LUezmFK1>yl-bg=x%d%
z<2sZOuIH&Kaz~fc^pi!mvq2#Sv0jZO^RzJxGeUef0=ZW3w{r2$SWBF@eJkYZ&F}jA
z-P!0KxWO*Nl6yKn4#ms{cE9eK6liUxL~-^VkAF*SVR1VrDc+B0ah8ZLH&Ni(y|ScW
zFONA{8Z#V?M<!>bOd8XUN8`KmYzaATQ@*_)jdHz=TX1W|Kl<2om3Lj*;hFReL<uT6
zq$QTB@zM=}t0<tR1_4ydwMjV7s8#8S9`gGxS|jKJ&{EDRPSud_w|5fMMTQ8|EWhMw
zzz#O2m#=G*iMElXta>$g@{jqU3F$N(mPQ?{Ur@nLUwI+1nynh&VIi+h7zcj~Losnm
zgweTSl`T_y*fmNZ{iv`zN1Ms2Rovvpz@%FJkP-^`2nh`qS&rgFO2NcM$F{g_n~PCj
zjJ6AI@;EHRZ8G;iCi2L-gkNh*Gs$1#{J56Tvvz-)G0?D-@=1GK9h`fi033RTOWX;i
zskvyPvZ)W54z5*qzLcSTG(}{-rV=JP+r8Br_WhBc`@iKc|0}=RzvY+y_(y(cdLW?D
z!)=Z(O=!m}&O8=fuimdh!AD_(6&toS(b@cvX#*!On5c)=8YtG!4R9K6t;aBhj<0Rq
zzTqBRFxMgo-TuCQ{r=SIKEMG`zS)Lk^5S#8Kp{wF-87I1huKs4a?^H1aU+w%b+AqH
zpE~n0>PvcR_9ubleVlgRs;y5#6i$142<A)wxE*G%Rl((TS?m%7)I!D4L0nwdZ<;nJ
z*>|+mIbF<^!e=OFT;jZJ`!D9{9N=KCFY=zw+aHT|m30`5e@!Q%nmkSlaZixKboo`M
z??AibQeG!!uqB}OCXKH7bt9ODx9GgZI>x1F&%`<91ow(nBCM-0_l$i=d*fXha8*Vw
z!elwUGV?j0o4dx<y(jpMtFOqA1)gdwJ(1hS!@zAL)xr7XtyZZ`@}Xs*^K<GnT$}Su
zH}V6w^0y#sWgBOgRbd%84SJqZUA0)tiN?V^Db5#9)PtZb)(+#X5^bMukB~ea-<9R!
zcVyNi$tujl&#>(_!s)ufPItrs&>zL;zr4()W@vT_@8VmlkK0|~P?G`{l%=|Gr-Gm_
zmdBdPkszQmp7awFkz##G5kzlXKX|kGBe{f0&Ku&sB#MBp#%T0ha$P1^aAivIK?yXm
zX!0J%ZEohRVntmhmH%9&9y*BAi=VYV1R9iFkxxChT5`S5ma)IerXA55IvaheFR=NH
z)pc=IQe@7S7sW7OCKdm3r7&x;2{wnPt;In9Zqz(P3a{9ePx=w7++y0$YPpecvO+Q#
zr}JGWtDdE4!dv^nhymhkP&2(o>SOk7C@IefZLHX|B@9lLr9;XhQRS4>)x6y>X4N#W
z#>lzFCErK}Jc?5xW{Z>4e8;aA<fdGj<$8CPw6oK7=<Gf}vCXBavAxAh%vq&(5Afji
zu!35Y^0x98lt4a~sGfnD$9pqgeYtif0Jo$AmBOT(8nkCIWCT##-bSo*Nl8Sl;Of|G
zo!Agp=GG8VYdqomP^okYs(V1k5|XKsZeFa{`?U<))Q=LRD+$|!@xdAnm4LkokAYP6
z#*T!L{)8=Zhu&RdsOHa}2x_b9vEZ*!zl*lK>+>t8!Rp{`<i4vvbsPJ3%^|qVql&$5
zxu;an=kgG{CfM<A^x8Z#UKy{;&~=Gl@4n}xrx4!~+`KF~et&dBUK`nD&P5yoeX+v9
z<Mc9>(1V7l%CKbai6AOoPX>#J@u85os^)vf>+gZLsa!|x6q6GYlL3iUnXgIQyd^b~
zpF<Kv!{zRqIgCgk>hM4Rq4PO(3hvPBnMAebnmd8Z=%67w`g!m+z@#9c{GD2?qA|mw
z#In+n=+v-ekaW|CNWy!*#$;$Cg=^+y!>&T5)_bIKKME9_p*7FLM#t5$=nbmL$snl2
z&1R&7(Wdmqwe?`Wfve~Uzh#k~!aUf;9*|>^<uAL3fZs@3cGONzSmFJnYc8x8m?FhW
z^(J!M^Q+gUTqJglA%eJ419r7kEBAiEoe%nw$uh`16@x+r=sGO^8%`>F`eE^;iUF75
zt7o!@E&gHu#RO;VJ)jY=z>%028;6WDHr|J9&=&Ee-)FsbWiW;;EaG4>j*PTJGzcIg
zOKF2Z5IGT6uIcD}CEg;GE(fuAFiI(~mt1vDPECET!xbiNTvfP+2Z5X_6p{7p9#-O1
zsGz@TGsiEAEmC1Bn)@X!Dt)K5qEG=<B3QHunWpn<W+>NVBRqHkp{cg9t-_&cyx4g+
zS(ln<HU#he(YjUnn6%7)09VS1UV86(kAf8hI&wSWK~cWGNq4^2p&cr`Q0Ihf6SdSv
zqdrYg^<I-O7IEAB2&n%ksr2%&X`~-_Q&hyZbiK@;&B);@3cc5`c#^(3U3Mp^GOfNX
zBxxE{0hLl~>M3fh$tT#n+c?q#pI|Fey}NaDs5G7#E%J~-3#5Xuq#E(DE4bFwn@$`k
zB2ATK`y)T!f6HI-SANxh%dc4XkNg)tKtL6oc4r3E7w!dGVtoL;<5GJi8yTbWBy{t&
z)T$3#4>_F!vQ<>rA*T7lmxajB6DxvK#w2`cr*x*XTxT5F5x*}4(z*{BV#G#r43Jjx
zBEDMC)##BdETH|cA+9#<u@AG{fA;xR<D|#s0~fzycRmf3_YK+U`<L%d-$6Wah|7aB
zQW`Q6DpK0glGc;pujA`K1Vem>`{NHUhr2+F$zH&=SQbg+rEhGtn@$dII?G_KSBp%4
zX*OQsF~8@IG&s%N=zKqY&*`PN8V`nuo28l1I^kK}XuMii5-Ef0q8)qIy|Yww&J{k-
zxbAcrtxKaeD{W;b8ELh#6<F4~7{UE@Gq`CwKcQ@QgXQ5Yo<uMJqu_-**-_=e^wI*;
z>Qh2nujXW()sP}xmFMxjg{w|}#l`13e`p(mJIgY}s+pNl;jyx>WJDYy_I%{l3;%x0
zEyt@<;Fkg*Rrai!Pvxk)Bnju`wuLRb_q(9M2EX6S-R~l``gi#hem`RS`)~MGD(l;T
z8(uee*FlYo%X*rS4U}cey-tC<>by6tCyofL*$aqgCwol_3Nv`wO&|*HD<iffzd;wy
zE?lKZ-usp`@AJ+ZmnGzn;US|Vo-!IQdwY1a@5{%B$KJ26AJ87LaY(%aA0$gRMlvJ3
z0<v59vX5jysN4(^!fRXn>l{@n>y&h=Qe){e1H%m#vvjR6DFq}%UxKjNc&p%UH`t#l
zX53=z9l8c_P*Gfb%teSMzZTx3HErKm1<#$l9DrZ%w_1|_toATa$UE&^>~UKbTP8AK
zib&066+Qn7GhucA(8YCnl>0=LXY@SLZcA8Dm0&rx&K&iXRG<i4`ifch!qYKvv1a07
zo+&pXVY3*|r^F=nh-Gb8>E?N-Wa9a1{Di3X05y2TnsIjHQMdCZe&Otfht_N1GNkKF
z@}f>4wyD!b{y5*v$9eqx7lh7PWfg@PPVrk$NzT5#N>o4s7;RkM+{Eb|RFTZxA)Z-I
zW@BBuM}r<6KKI?8ox{>`5ZES2yl1#+iw){=yU<pUNf95i2-*jvf{)Dge2{c`LIO>&
z^u6JgjcDgPP`VF*jm>I@$Fj`s2Cq!np)twf$NbCZJiSshaOBU=i;`aFmTnbIhB?z4
zV2Cc9Pg1Ks&65BMe;2wz+*B|9or0Oez~U>dT)Z<HkC=`N$+vx(Pz#}eyYTVJyJptt
zs+3w2$$pHBZtNzkV@een?if1{ah*}t3#WO?tsiG{+>@GR;+V!fZZ;<G=Y9eP^}QNQ
zGwH{4S6mNuGE#|fJl{{vBP))Y<HnG!JW}f86BBCekT1SFOlY;5Q#0k3RjI4~94HM_
z@RGa@invbKGU1Whuray8i)g92%TOWj;G*#%Npnj`h&6QZyz1XxK`1ftKjTO=y0{LK
zcF15Q=c2RrAe+^0xB@$O(Z`cwNN0Oy+A!23njr$`#n1Vmo1t@~NNI$UMIGByEXH+z
zN5Prz^5#p~4r?$&@g2;e-;LDlk{N%GUVH=1zJ8_<g)4f(l}%Pbp^Ql3fXZ~xAqG=!
z9)=uK|Mdc4Xu;j2Bim@4U2Hv}Eiw*+-)POQ)|l5-Y1~fF>BU^7I(g!Ddd^_xzNg(K
zX^~3hBI=$fbvJuE1l5yShOS-C?O~xkzdl-NGLxA>-O$YJwRv=z$BI7ZNTqO$bK_!0
zS}~Jh=k#Db(9KZ=4JYD$fQ^Y3I2P;hJqLxObJ5R%L;=^cDfnxt0X}czg{zP8j?>GS
zG08dyBIcI-=j6&y@oi7URhTatB^EK`8%~REBVo=^+x-nxHduhdJ9AkY*{O!S`a+uo
z&c^=SSH7qn;B_k2@p2CoBd&*pjadJcvl72ITv{^s(>Wiak!>3yf(Afu@_70?o3YX6
zUg+k2GYnHz-Kfr)RUpaCcVNwqF*m+61|wG_yB9Mjd*(m#3;nnJm4D?|`M3P)CjZEv
zb_oQunJ9=9WYwhvnE$vJ>I{5bTGg~U8smXEzK6VdYn&{9HQa5}g~y&gr_vw!!CGBy
z5rlXgoGZsJE_g-Hgb#>~frA!Ami?lJCAJV8yFkvIGfdz2Tc*$AIxz4tCL{+ckM!^r
z$mW$g+>z3U4!=ASC;o=T_?Bz6-qoWg7jHlY;}?N<hgR(3P!yMVQde`|hD_Go^AXiX
z{$f%POP92E3SsD~Q^#C7`jCukZ`-S|Q=!^?{XpZ%1cwX^oIYuKd#QKBb==;m5}V5r
zN|GD*dQ#`}QzPZUjtnKYwT><K<9SW(b2-n~u<C;r#Ki4o1@VJ&yDW{H=^~bP!>t&m
zSXz)+=iqpn-(B1kY4R%;o)igLcBPJf2@zXYn?(J9o8mYFPAOU`d{eJm^n&^fYxl6E
zthB?p=-R@$-Q<nF5HS^h7>6)z&?j+n<R_G<2RChXJvZ?<`&sX_LLZZHXnc+Lt4_Hz
z{ED_t>*)90lv9B8sF0c>8Ee?gt1%IU7#ay_S>VS3?X!X4Gi^__wZn9;u5v{OS!ibl
zSnn=dmo=j3u4r*XTs0c;l=_l}I{Z@rk$eUC*jY!8LqJ=EuF2=O=?&+D<u-i!Fo&2`
zi6~c?aqFb4IZYoa6<hvSYRaMP`3TN~_uAY-Q8J^EjsO?*afMU6$!d$MXRtbfgJPCN
z=k={3hPU;6Fqtorcdm}z)a(!CL%lzn{RlJG1<CA-VHe#y_TnPdByY>2GOkuVu;&+t
zOz2=wFp@t`Ku891e^E(nHiC0py7P1@@)lE!E;|`!Z5ahqRvM+fp($$D=}IguVI+MO
z@9jH~G#{F$$zsv-?43iZdhKf~oVYzY(q&}%v8ZqGD-M}<ghEm2Xuse0_q80^OqO_S
z)aXU*biIc8OP|gts$?DQpt5xvxAQ?>i5~XDHp)HcERpVkEZ^+vIxC_-kXFJnQOEYK
z!62;ib<`?N*gK2^(iQGkXd`Pw2S<A&J*&S-8-4Sy(2Vr#1oQ-dlNtn!jI5s-dIDyS
zKZR@zECj6VjGrkcdZxdRKkNQ?V`66~V4-LGe;$8I|K$I9rYB%z{nN((TKeDf=Q=hH
z0v2Xw0v1L_0@lygnLk_kQ<IgEiGY!Xk${PT<8S_N8O!H(41Zf>W+GtzT+7VPM!?F<
zNWjASr}WQ_`LhqE&t93>ng1^T>5qlsPu<TUaty5hTeAJxj^(q)pHfDq&%I;f_-vEq
zZ<>vR;cqz$1JmE-=j;9Kk%^syfQgCafAyLF92aJ$&;4L#(<1nPAH6?2{P*a6|4t`t
zX6a~TPbX}t=V&BoWME@xL?>xvZQ^K3z|PLZ&iH>b3<M19ObqPoJUm~a|9LlD(@)bs
zr|Ft+=$>S&e@LWReKuUK#l1kRawXReQ9*(yu`k4pV&|&a`N7ZM3kRnMM(%+Q9rTR~
zEWO&ymtP_$9-{sfjogX>OkEvv$^F1v<(d+ZfA(_M@o>`+_5P6AHn|=Oi~&^r8v<UU
zRNWjs9*}SI1zQ$`9Zpe2vEkgN%me&)2{Vv|o0E{h-cZi%JW!M;D8UVFacLz(fBy#1
zDYrY&dA~nNn1=S!%~2Jw_9p0<+aMTCC-j?ymJaZ0Cw}((_5e)^htB(X11}JLm0rbJ
zMjBUR2jlGu5fFun0m!}M`5GY(*Uf?ICV#n%{`qpF^$m?raWe!#A8a;##mV6&IK%J3
z=gscdXQwphyZrAi8+AYt+P;j9O>KE69WX;afW4~z$5(Ad)AJecpe-u;^r^N#@{9hr
z{8fMDSN^yBy4e57Z{rRG<TiAK53Y1*0s|bYY;$_PdVRfa0}s4rHT2xdYISyMs;cZw
z)ZIhr+nmJelHN&koFt6AkKgm!n;1F1E~A{#31qv82UOv*y6}!m$ekW_=9c_9>g!~q
zaepYs1qeD87?v7gRooh<<+*Za-NKP1OCTQSr^jKGhqv&f;_LjX^lrqPqFLe)5DYZR
zF?|-wpdUwN`;*`X6zU*|1C6BJ>z7#JMVL1NKPhtRLqg=0Y4JQ&y5Jg|tWnKS2Ky0~
zSWRli$XE}=2@^iJa_Qb$>MFx07r(D=TbT%GWdufSjgVg`w2E`BqSuGrW$lndcJN{_
zL}h9m&kQXv>LGn34msF`hUkKoc|cw+rR?zie9V(yY~3H@PoA+-i9Uxs-})pOzypM(
zNi%NeeKZU6L7$}?dA1)PM`~R^ZtYvJ?FzgDc6fYO3+FN6gJoJf`CPXZSBALJo-Y+=
zCR;zcBBKC>KHp?07NNg>NItDeOt~^XEuH1eC|E6i2nWA?hB{7BA$=p;N#+gQ7kXW@
zlD*g36V=G^H23mZM1!E_On81;nnFk9eL4K>P1SwHGs(aQa#f~a!e>Blvnj(;{hV>>
zCgORPpUz&zcW-l{SdHz(c)dK$>4OZ{1NXb*s2h^*O;;PPrlaW!$7srL6S9Phld0np
zJ!dA^>NJ6>Ixd2Qbwu~$&E>%m&V$}fVvrAHk}ShF9f4b)%KHz@;EOxqcoy<r6fMhS
zm)9XIH0RT=x{pnXY~SDCyVQdWK{=&aX(m#P$ge)kGwQ4t##{f{f&b6U`z9AHHN*BM
z;+Hzb*EXKtl)fgRaxoxZE_DU7z}J5Jq0Ef|zK{nYkq4L;2MDWvk<dde_rqHP=h8!8
zqgDj)>mOl_Wk8NZbC67Ws{V9C6JVkq`i?sV<7Mm44v+k-X*nk!AACiYm~_LK3-v~`
zrU^k(M?Uwo`e2$y2y%VNWFuZxn~lIL=A|?YP+eRZ!E<n0duWDu`gU$^jr@SfHtH45
z&8&-mW(r`ov|yO)W3*g1Km2mN81>Tpw#Ir+9c1Jfo*81ioor~#Q5X7oc2d8Q5oAo-
zn9hOF0nvfNfyRONhFvrzsy~(IYm?0kLwC@}dn~}lWo)kTOZ0;NrKI&{d`?(><|D7r
zQ{ACPP)W_AXG5}Stx5m%2BOF*zdMw|vzS(Mlj@AM<zPII!Qq8_MC*t*$PM$&n9J=6
z??tms)P9^yN&T|YwM-?F&3Nj3nR2D-#{NS?BQqO~T6=L#PG_a_mVfGT>1gQF#&zvX
ztlNMP0PM+uiD_mwmOBLM+_h-ka_WScvVfm9PTV!ph@fIcYnB%D`x)@Yj&?JBM&LSb
z@nLeVDLiCxX-Xz3L4DXr;1NYfa;=H5IGxl{hUmy40Et{o2Dx;d|MwGR6MZkW&2`>~
zY(kq9WO(Si@bsidzb`llE&4t}=~;&ozpoj3DF_Rf2SnLwS#`T!LhX#!a)qQ!fL;M~
z2jwkT?D}d@$}XeuZS~0fKp*umOa2N_lIr?2s_M*cRi%Bird2K+<v{J1nNeR!Y6(@D
z6<7$sR{anJ9oBT;%DtjfQd^lp0dKdHZXsW#yX~dFFCk0xb|rNFsrO{0);U~$OIayM
zi8Xb3r(5n9QUbBLHbBoLF!lxBn`vtyQF#pMF)ze6iB>v2@}S78uT>wK{)Z;*Okx0$
zwrZGP_d6-?SD5MrL{J-Ja}8fBGKMG-eQF-0I$k8En2z<cZvsl|c<<}W7VxK^BLa(Z
z?glmmUk6+XyWLh6o$ryH9pPKcN{iRk-+*mU-P>`uI+fu~jP#!)olpDS^@B)#2xdEI
zbe&bEK#LKEG0JVO!qj?~zwD0!)w={afH9VpiM9nE_uNyi{E$y<8}UK07r1~ufQlsg
zBfrdl%U}Ihex-lQZ#4Oj{PLeya<w!QuZnVgSrErTk-5w6DkJ-C>EgKcdW!f8r_#L|
zv~S_?(zZHG-g4&`?^4Z~q?(ru^TJBxM9gs1LM=!8s0OhpEDVFn|JA#hN}QfQs*ePG
z<fn2xr1v0jjG?LoJJ^*J6$FT;{vJQlKumc83~nVWy3^(iu}HI2Y`?FkxSG47WPQlO
z4SbrgLL7Jj<ovpl0v3CPtXQ+()=Xzh26c^4v;G(%Szil1(g4Z!s1R=0z)woXP-j9Q
z3DB;#)%E>Bj$N&7GB2V=w4tWX0j<sYHM&S=*Ti~hnCVA;ENEYtJR;ymqyt^4QX<B3
zeOEt>Oi0>vL@n$PH1NIi=R`jFW-d(v$Y%fQS$P?&p&ot%Jlb)rwe>X?Tx&kMIaufL
z!22p(oO^eOCZ(nav^d7K2CaZ|G@p>q2}tXFstnjlMj`Jcy)1;>vCg?s`>gkW%vL9H
zOx3RWD8duqnBGCC1yxv9nPN+Kvwz3|cT<_G<&uaaA&C0M&xHfGByZTw!Bp#n?+F1g
z&T;g9%#9Fnf^&+fmd=VeQXjjP-h^^)+eV*unCh=tmjP%Qzk95>L#(b2Z-1eJBY9^8
z9@GK{UeID4tCn~Aadch@S-gfSs3U#5r$|TQjwua0IGSxYoXNa&KIjEa7LShun-Pjb
zA&&tCP=BjDz|FIwO*f~KOMC$dRa|=^32{oc299x7q=P)YI3+j(%F5bJAX#v3+^Ua2
z`6*@&0!___NDHhm_tS0Iv0pNSot52J|NRXE^3(>Vz93fo?PRt8s2skV--Q8=i$-Ca
z5Y?#hE7m&4_DX+2wq(2S4?n8_G~Ri3`kx66azrC@OV`qD!cL7ardD{I8n&gg9g0WU
zsn%;qZZb{e;v(!wqD{?$3Bs7NhPr-_60fDOwZtSLwT-MRt_+TR?7#~Z@Ws_anG}Vv
zCO=Me6=}?1-nD(DNW`)T2ACs$)V(;asfp$d#2RAYP7yCS|K69mDU;oy4L3}T<K{=D
z-C>^}6`h<nb)l_sB6ckDNU{i(ka39X^OKac#Tf|sY8AkQ>W5l#WOkjR9#M>k6K~PU
z0n(79$;7AFTkVgn=K`@anoe{|8#)_cN7-+N!WCdQ@Dn%`ms!k*-Wo5L4nxI%NxCLN
z--5mpr3RqSG+rH|Z$R(NqYpChtZNCD%Z8y5qAD^iFfBDLG%dzdUVzC-zGAk96*}LO
zY~D{9nt(z@o~TeS_ehZ_M_q6!S1-@3z${0dqbgZLj-dcB&CdZ3br0nXRSyNAz>u4h
zmr|7aN2&`NP00lpXD7>SedRnx+(R+q69LJM&kfYa6Jij85kjP?i_Y~$OO#<q`WBU#
zA`v5SW29gxXDDwdn?Kt-V|uTcY6BM`kt13tnoGfr62dI-1(3EMRz#tN@&yq0E%F;H
zMh7IKz!s!1ov@&SpxlyKdPJ{y0va?EAY>4e0#>o4h!7W$NXdd?4vh+k<wp!x_m76i
zOGRLWrT_%`7m2ZB=~G}pBlHB44^j;F!;UR7-=Ypch0;-UW<O#N=mgxO^&g=4K&@yX
z`V>BfZ!3h#n8xzTc}gbaq2SBC#%#kgk6cjj<Uis@y!dW=g+7pbOT@hfZEKZ!25(!1
zHj!_@t|Wfj$adv6)d+fI8K^40W(id(xke5B$aPKGPGTOBV7`UHa*x>tD}Ch{xIy8~
zd!!g}VBV`k;msK}A<ryy4c&H~3VlJk*~xCexgs7w<~xDz-$99z`!0S3Inaj!FNc%&
z6e%AryBB~0FS{mlMHEVe!WXKSO7~;c9{=lG^tN{DE?y{MXdA_O?j!KH3)#3WgpzmG
zwsYtzxphG^VB0t}jocbmec_vRb~BIZk)S4ey(3}eSM^rJMNk^<pJf!CB6g?)2`DPE
zIEBsMO^<$P3jb=4PjrK#xzP_5s6Pxd4GKUB_#?m4f6HI<SANBR%Wo0zkNiJ;fq<Cz
z0L&wP*#p7NzG%)oG^gJ~9n3}@OesuePfg@bi<U&}NC&h-xlv4HPvO*UWsIGtv80QH
zvV?2m7U+Mh)&}HeEi8)E*%U1a*Cgn}3>b$>p<tV-uueTMDBOb6JpFV+;pV$p{&}9A
zGPYis?S`MrWJ>z9Aa5ixbt+V^u!mKuiOZZ7qKe9#6`+dAoE5B!$h<{3Mh&03jbMfH
zo-G!lDqO>C+G~(`1t#U%$y9+tgEG#CjCUicFck>FRTrplHzlgxL2g>k$1Kk*Ys4*t
ztF$0bov(_(yxlS~H$^<Js3s(b$xQu25%jB}+yp$<E2PcTR1i5lRwB_Txp)9LqlN_e
zz8s1I3fR|@pS_<U73C0^Q3$Uo_QAjA=YCh0qZN{#`azv66@$u*AYd$SIMtZ1kUvdY
zFhe??Bbp;6{`onHxRfQ9CzfqC3vx}J5lSPT5@t8^vO}q1Hi88N7)KTU%&ne{XN9J+
z$_DgGuA1edetu4vvoiTbatfxVh|RI&!S2csMzg(H_z~x-_=YJAQRJbaq()}rag=IN
zV8L7kh7k&}MIv)NBd$?Lq2|0oFuQ(yY|6feUUQ7<I9g=*2tP?K9=$3q?!AKU$&lmc
zh3CE##eZHui%<XR5f3lt9efRZyeZ-a|JEh+4!)-)`2ZKRDeMNbCl${ot1a@>;GA)z
zvZ8%pL0*;H?tiUQ?1A|t5uYUM?YD&<Lzn%Ev*#9{mGg?S#}RKL=bgKJ=qX$`@>Fje
zc|);lCzX0LRP2HDCS%IV)sZvAf}I{^w!noyf6IyAlN`*lJP|A#nS-Nb;}Ti?k`7<`
zk^x`r!hRw0ggA-_3lY<oOzLZoKMF5*F4O{H1i5D&-==87>65*3)~?X-%MIfCrIdSO
zRmmfxDd$}|UPIPexCLrYI38QJQltfLPhF|?1}nZS;q$ad(QD@o<!%DGN;Zygi{|o4
zyQEv=jr^X|ghV_WJDu{z?)SjwFxiRE@LUJ>fC-0W{)6Stx6Znt`<MHt`{xOql@o<C
zBSjBfkCTVY8W+=x6ORtz68k8dri<{L^-itMS<fQ)jD4;_ZAk7@V4Dz|gDKxAe0um(
zjNk8!-LPNjl|UpHfckoUy?<c*p5yZL>U_`P!M~+BTHQoH+&KVy-Z(PIiIR&9#N(Yg
z_*us1{%~t{%d+aF;k6pn_}qAFd2iJXUP-5UaDuCTa6)l<?F8@i#0j(b%n7~fWdW`7
zqzqqiT|upRuE9{hwy1pgK+|_C0i)s7nWL;Dp%+)>Ry@+wY#U>Pc#I8m;`LSFuCuil
z(7BQW=mZ0>bef-j?>{sM#E_Q3swM~5@VD6vr4C-airhhlfRFUuv4b#~6XMESM$tl1
zXkias#%iEDjwP2i@#&dxKcg^X;ar7jY_jsHy&|omA;|+TcQ4c3qt3Tk7+k=L*;9&N
zb{ObnRbS7<$^cBOrK2^jnCW$2Ms6X4n7B!P_-D=^VPw$e8+33=R?c!ZP(MMMaa6Ik
zWeXSCnX6tS&e$qffwScI6W_%yU}cP!=zHyz4p1(XQC5{-mCn?e`x<}-0Sia{-pxl1
zA5aT8dH$IYL+_di-_)32xDYkWKYj=N6pISH|AU|g;OU;02$2tQIp5(4@JZIAwZ=AH
z8eQ;B@zfv=n&fhXq|`qFsiArA9<Q;w^LsnILXv^xM&Pmpgf`C2zk$4!lyE8U3?0AY
zmTc1nB?BXglZaohc7gQmn*4wjIBw!hg{>*XUyuB0Kh$*a%zKjj;Ry1c#Px!8)%7KQ
z9g?2s?SrZol=TPi=}^|q76MMt&~GPIn1k#KtY*w}-!=juneMvFV~V%cb(iKVt=RGG
zeLPT#WFUSr{=6NR>~PU~1?FG|!)<_=lqmkQYtZ@5RUhHo<Ig!rafYfOFQ^6|<3WD1
zC3_^ey+87+{<r+Kf8|&BxBPZ&|HzNo_jwI3y$A5KlYXR(5nJRYoA*Ke{v01jy+3?n
zFQaL|KsBTh6f<AmV^t{b6qMG~SMF*!cRlVE3nEMZ@oKOFh{j&lB{(nBK3sYruIVnK
z@|>+%J@nI{4!ulZkEt#gUYD>=COv%h_j0IA?jEsm4qLp@mPa=pO(2Nh{KQY`m1%fb
zfdRINkp}~|BY_{WHgiZH1-2xkMz$Q0&!~r8SVQmX&2W|I4Z&NKkC_;)P}T#FWrYPK
zc5z2GzSs=&<F+t`?O#nMGni&#<Jo%pE+HpMinip^t)g-+#MndM$+oOqAvOXwdx9@L
zNE1d((7H`7(OrQnHUpH&ST{+%D~BeXkkNR*T4C3mrkK_oIWJ*G=G}kSs8=99XO?sW
zjvQQ8xP}egL7@oCkBn!T*Up#87m4Fs>FYyI9r2c#6q=Q4SayWbrZO)any5cj{Gj=u
z-)DW~89jRx8`Lu<-+lqEwEgDNhp-mF^UQ%6`FIY%@AYa%hwVdb#>ex8&@=q@N(3u4
z2q7dzJkE9!)g!P??Fx&BKJ+nUt2xIV)S0)nG}Oy5B=`|`346}Z3&`rZxkQ=BFcEyB
zc*QvwqWev<*0AB*)XQ{;Y6squqUeg~-Q)3_B_uJ%HmWb~^cy>FUsdhmZ&BY}?kRsz
zmpt$D#bys%f&jN|+Um!5M~hY^ZAP7uaDJNMWLjN5UD_`k^pZ)7!*wBG@|7bw43-x9
zsilUNRPkL;3u$E=?l*3`H<J5lc~#-ZL)w@uXsAZU#wHBlNqi`Ei3ub5@-Cj>8nV$@
zS!rnsgA?Pwbl0!cQ6|^g85^_1e~pJ24CFHx6c6+Z{(5^pL0#KspzsK)bN`hKx^Og=
zI*%kA&2Du)Gk{5&VPS1w%Qj1)Ag&goNhw278Cs>Tg~RR5OQtXq?>~=Kk#Nb_ph+m0
zl3V}k8X@Sh%@lH9Chk3}qGG%3c9MESqC&MtO_#uPT1_%hW+zktO`0KAwID93oTq5a
zSo*!d$pB)n(KJo6B);TM9I$SkKou|F;9ZWeH06+k>>1k+d-dB-B(lb1nW-mB+*+8Y
zt7)l{jUgh$T*_bA;I25{x`1mVGdkO_9Lic|yI2LlN2^?-SMJGJj7e3bjBSt>!4pEq
zF|VzyZB0EI$Wo?Kuo4>Hn7ej3IE^Df8|U`Dh@6s%jZLNN!GCAyt7IjfpR$aTtJa5S
z&9a(Rh%zHJrX|wBc0CSUG+CE#&W=G`3nqG2w_V|`Yng5|lbXTBCdu>?60RMTdP!)9
zQel*Iq*H+)#j-^5l}5^tL<Jnp<j5Sf@y4S}JQfGpG-tV|Y(auUx@Hk4vorY9ON#Qf
z&rwec21H3TJVcSk1$llAm`J=hOn5awyMu{q+C0WpxMIRoLOGEzrd=X0t@f(Mz2Cx=
z1h+3Teg|iay4Q_ez2A^0Bktw8IEUPU8QbQvRAD%@5rNDQ$ArPct%+(wLAMw4h+klM
z_}0n6kkr8~vpUM9Sv(1KtYkbag5vrPSDnQ>=~uzykHj6_@{EI~0&dgsN;<FXy`eCV
zeXcm?%&YxtnY1Q0;+w&laViVTYmPmMn|<q3Q;IMbl4}z(4y}!ODlNB=#49B?DT^WR
z*;@T}`nsCnS6mgJLuBtHVmN5MH%AHFkO;6h$P*8OjHvxQ8t7{!VeK%ZKryauDQ(Wr
zC>d&*lKY2O-!$_hU%I#|Od(n+?MANA9B?FB)6xut+J^hW63A`>HVYce>hWw`1WtZ0
zEchqy2GOvDHL~qtD~d-Z4WlNGMrtW>H$5bg(P1^8kKi`EB!1ROtPSj+>%Wdb*K+V0
zkL{3{T`RHfz)RAqA2*b?7fHxuUF+Ik7V)XBT1bc!e4iMPs@tPTr*RhbuS{_OTl!M<
zP2Bd_$vuPrm9%e;IGi3zq&>8R2qy*2)R$;8Gg|r!#UJ@K|6BgLzw*ofTYl%0f8>9f
z1OkfWIoI~#ef|Cs&rnis^}95tZg6vc=~jLOqIQgZ(01?2VV^g8yUX?^D)Z}k=bNOD
z9<vJL$5al;|Do)zVj^kwzkwr*>*CI`xVsMS?l!oyxVyswi@V$6?(XjH?t{BK``_nD
z&c%5zPVy$5bYFGVR98Nesp<Ou%<nlS;!X(7SOyM?x7(X-6|^sxLp(N*^c@IswdXkL
zAL$7%(`rMHF|o=wER!fH#jNt!V}FtkxkrtbN{xbhQ)=<o);zZ~w15gIOXbuDzE(#(
z{+zO?TWBucn;;sj3_>g?qW^YD_~U2(@8{x(e5}5Q-qrzJ=1EQqb|MARw6)&^DeSBg
z3zpF-<@aMZV&y>jQp3U2+Hp0kEY({8Fgfa?=_Vg7f^RJkciX?d7tNH@VyONBx^$7q
zRB0R$8NK$KRt4_U=Cu9x<WFN(y1xYl*l(VVo5@QO!(!7)8YV5|?e}G$hCJ0C2PWM4
zmx{hjN?At_=i?7Yr?93m^2a5}&<(9TC>$M%M!JFYX_Kv6O>)SS^8gGtvq&04trXt+
zH8c^lYYeFcI@>F8{OT4_%@PRW)NfGvO>KGS4EaBS!yNZ4H07zXed41FEO6=SL&-6G
zUvKX0M7@pm_gV=aRb*HwXX3F+vJIuOpj4$J;1fGUw+SxcIEa@OZKGRCKYcb9<bwe{
zU`^I}qj=@x@~<qbBcma^(y&oK`OT(>m)s2oCzhxZcv1I%-EjG*w4^)OPI2!QvL}e)
zTcmz^%&`qNlaZpQG%?rt#o5@@bt+gnC0pw!w*IIJNuWx!OdC6uMdy8yVlE36i&+1X
zpJ@n>eSUj%oJXgX#>X>MHjnFkIMD`isn=n94Vn_7r{#+-Z^Mb6IF=DhAFmi4VJZxo
zGs2onlJ2yZ;z>xFI-bMDOv%>EEM3wL?kI|Mj)F^6C(*TGE;eloZ$wr|=r7JmRWAU9
z=w#-$mJX*8I5PK0HCZN+G>&9j^yng1!-VL(526?)tt2owoN~3{I>Nfgb3H8pX|@n#
zTV+>h6W-(1(j9o<#o^u<08N_wl-%Um9+)4hHnBDN9kZ7+u5hKbo}VOe+PM)jvN0#~
zt4L_RjvN(lr_z<;#Y6aOi|B2DNe7Bx3LfsmGmcAniFlE6ra`Tdv>9x?Bph;vnqB@H
z>$WK3{^#$!bZ9GBiXwCg7;KFNkxbMQ9d)Bl$T1=}OkA%qXrdgg)CpqAoEN+x@}bo5
zNzQHuhi$%(L5D?cJCBRJ3z3gOQsK$y!!7*Rvw69x;1Bw<sw=AzCI?!4Vm{w{G{4zL
z00*PbYbgwJ<HT9FmD{ACmDzqazHL{Tfsmh*=f~xlZCm(#)VcjAmsjRWbA9(ohYCWG
zN$YnwzlkEy*ATB6YgTHIqYc`Y_2tuAdV{lMEiuSaM8W^4e;xbMWH*{JM|S8JE`_<j
zdrtG(9v3j1a&$i|GkjF(g&t6Sf>dRc#8Ia#%kpUK5lx#opBmd;A?p5n!HUs!bIoZz
zu+gP8Fxt!NGP*JgsdWFuq-3;gH#C0V)X_!W#!Cd4p)?fZLk(J7;1oaK74k9>!QEiq
zBtluKaBL*QwF|G*laqH;veqH_EFhB!AF(KvlTx7^24Zrw(s3;5{>t*6$yfqC;`XUz
zKhBH40@*f&jYINMa<HG;c2yW@9HSbvY$#~CvHF|O5N+FV%{OR06z2Bkv8F4TrVhxY
zt(0XO3}S0r9d+6UKeR^=iA|kwP0uNBD>NxA4|*5VhR<8+#U$P}nlE%SM}o_q?m5KL
zT-~Dn41wmT*jliuUGONZF6SJdR;<v~yBJ5)6gN9ry4<5(I!LS>uv>$!bCoXfbYxuY
zz1v)fp&>I64q~UVJlJOso*~0R-a$0x7b1ur;uK6fi$wvljK+(ZbaKhbl@x!()fWRb
z&OxMlN0C<K+%OOMuS!A8NgKn*Szr1=%CA>6u48rN)p9yzbJt+@Do@_tQPQJ9=>5EI
zNL%99rFqgcHuO}wz(ZLYJ4>5?<Tv==@;Ce|ztVrp@164>`SIStz!((DxX%J?3eU77
z^0`Z83zd%Ru_`J{R+V$ksjV!5%E_urZdMvgb?F58ncWh$wPI-tv$eBf2Qtd@G`IDR
z;irI(F52d)W-i@XC1oq;L@`n_c&Vgur+L~tR>}MK!JtlZ&kT`wVz+)9uHiR_=;8i6
zT*?p#kYhX0Fg`;9XZl0$2=tv05WW6~cKRqBX8W3RP+@C<;u3%FE@QaW{NN2YEOTSJ
z${m{#??y=pl<8~!PE#2#(kVZhRjzdFm#B4)Tz^=Of8Z>Wd}kHqnMS^5JNxT`Kl06<
zEqkrB#zVZ_rgR65PCaRE9x-svQmIw>!2NH&9+Q+i9b=XwT}s68)A(+C@MZhFLiT>b
zGQ~+`f9AI7Rp;q0Js@NWPKh%fAMFvvPLdPH*)#+H^vOjXU(t%>C_!qBsrr&=Rad?1
zX$3cveQvf|;5O$>Vf+W6*hN{w^Ii1#rzk_$8^G+I3)=dIqg>5GX-%zm(tT-dPYtWx
zdyTy`bHeLJ2Wxu^xq6qlD3doVfh&efjda*HdXXln_5yT4NI6kko(jV~wBtI|I?3|r
zg$U5ktECv?z6q#`j^OQhF{WrwKLTkTXvEyzk)k*`UcI8~e-qF20M<Aio@&(dee(~!
zxUnn@Bo!-D=p~*ad5ASvQBUw6XSw;cOytWS#TSqwzac)F&W5o|F8ZhHQ<sIco1PC>
z`qnvitRXWp&09>gi;TuV=VtHc0YB3^CYpRvBTg58ukA7wP_JmNe2A+(D?ze0Mk^va
zAv#Jlt~gkUe0FW(ls8}4E}Gr1bM1GER^GM6F4L}4A43A}1he=h2d9T!D!Y3h+b;4m
z!xO<4-%)R_@j1Wi9}vFwSK1hS!^^j?M6P$&F8BQ~LPv(OnUr2XqwdyZf2XEkoW(g-
zt#Rv%FCX~rE^;^`#i=y#dIJc3aGy#zB^(wWOs2o@+wz4)nm~(oiD!7)HLmsPCytu9
zgDH6AV%uAI_YpWX5JfDiR-R@woA{(n#sj-|^O~A`xGA>&R{J>iI7~^)D8EfnGXuEL
znEP7xE<N%XCkjP8s&3G;xgTLvZ76BE-(X_fRO)DU30EK3Kl-WaX05l?+R3E1w~gqw
zoj3|`r^w7&GD<h?uQx(e<=C=UE1CX^a)Q4M?8{5d!y%Q2`Sut-%0v|bzwZIOOp$V7
z77q$vUbAdKBG-2}jf%r$kpEPgwPlPki!Tfuu6yKi5f^XJyB|$qaro{YKVXN)7kAZU
z(n38Z%1GR`n#)(I?wGNw*I>46!`ov0@<~9Nk;qFKVxCwLc#h>Do(=pyd+Mz0^H4?~
zOfDmXHhJrnR11asvc7hPR5c-|=25A}%>e0TJ8Bw=Vw<Ud@POaonN^@DpAGZO+(q72
z^KJdOiZO?DqEf5n+oY08ymHgabseCLwl2A1eJj*U7E;TV`iX8L7{P2}C>4hZRb+_b
z=!1Th+K_Cl+iVHWPcDSY2csO6H$mAEW{4lzNypDCF+LlV`V29G?^Fit$4(!;3aUuZ
zhmqRcMGwv_kTKOt(85pA)jz+em<*q%v&-nV{3Phq>7`|Rj31<}w`(1ZuP?bOiw3p5
zI2oI6e9s>?jgtG7akk!Inq|HTO(Hg9vB==2qbgi+@~ADt2;gm*jX)XxK{}&0hAqV*
zf~O~CwlY}mT$nO!{PTO4e=6k~TFwyp;%{XVm{N|j@zl1xG}=g6)SCzrqm&H-hv=_&
zqFK&M-P$?cplHJkcNKB0lBB9>X9mM)axF$fC<mV@Z4SoS@AYPjc3j5_HdN#F_e|3D
zsHSdv+LrH_Iz>)CYO8@=d9J75KLX0Tcn8xobhVG@y6)?O@M&eMBB{)Dibz5e#W|Xq
zJPlp%LN2sfc$Si^TfA|#s=gl0Beis!3XaN-^D$8t3yuXD{ap0Kv<>2kX3h9Vev|(#
zf8)RMEB?3qfhzxzf5Hw7Y%`6tV#o@-`F=JqklO(|i025~>2$%)Yag#zr*j0r>Xb;Q
zd~+B9$dJ>?C`uT?OjEKgbzZYJGM(Q(dLBYuE`07hL)wC5)UOqyIN3P8D4kZO!syT;
z)ktY_J!r_<PR2^=zHc~NZbDud-fk?g_0=#A$Tj~U$;t5P{`*UxyNX3(89HIHK#A7a
zC?C@@Ln>>duGr->DJ5rHg`+sH^jkA;XKp(aPv;kffw`N0ohFd;b?+dndJgl{j`uH*
zKi#Wumpv`vR#$0&r!9InFUGk`-NhvJPOZVmwd9C!gm{3hm4yvsazkA>!VbhV1|_eN
zFya6s30W){+^7r_v`UwOUgU=|;!o6mQdCJ;G7J?Fr<qFttDDB;cP{;{r_YxH;~YMK
z+ZcCuskxaewiz6&FMH<ZM$5O24OClKuJnE+UYdo@x*uKDH%ZWb(WbqD=^B095%VEA
z{!1+0fo)lonM{1iEW}y#T1l%tuY*#Q71nBHV+$sw&ln5X_}%4km#Imm^;nwev5wKd
zEGtXu%t72D^AX<hFGum&*zEB_4-v$vXDN?U^i?W1yt^dH(uJIBa>4T=X>EW<3vy(v
zV9yJp=28cscXWP54`X<q;&{dd(`*^LrNYHr+oE_q$Z<_>ZTb@ExhnPotu$ldK^r9q
z8vu(`AZ(`u&_#}DX#c1qe+d+)gvY|UGNYJ|Bkq@FLAc1CsjipV;I1btm`v80tDw=V
z@x`mM8g;c&k`FtkO+B(gUsHawo*^$q7cY*QL$7I3-e|5l3Y?GHd?_iF%F!sDlR3IG
zLyE4_0#mBYa@DN&-><p74tZa^d8j-jcfRXC2r*#bb9tU5RgsuacNcMY$&#paEGOro
zm$a-JVI5BbCfj7p-Zh$r*_`Y!--%DCsOSzIMr{Dg%N^6}PEuh<cHMp|n}|Uj$KR}M
zYV0(>7%Xk#BscixOdm4tIBg6WyMKNNa}}><;Z6B=qY_ZUucet!&9!1NdF>$VMFV|{
z<!>l#-#ZynS>b)sJh0?Z>GfhAD|Pnvl_aALn%G5!_Whvbl*(NWO-(>;?09aM+hg-h
z2_H0ru9%wX){+||4ij_G&L>}FY)p|33@peh=9AyX$E@e^$E@&5Uk#%a=LufP&WTRs
zy9LIZhG|Yb)*|vL^fl8*=>@va3LTzh*}M>XJn^waRm^6NAVtxt@yFNNwBaq2e2W%K
zRkgAfaZ1LfV~K)?FzmSxM(w$uX7k3AG0%SFpj9BJs0|xVY0W8%5aEi!<>SsIL<=gE
z@z{mXfhuQ~VHJdf)wRK61+3v-;45G2%rd6G|9pp{ahu|G%kY&QHkjWJLnkt|8t9QH
zq@75jp6PpJl&#DpD`g_8M+uxhQ=$$aU~WfmuhA=4U$5uGt&<z4)Vnl^6;%1kO&8@_
zuzu6L$f3|Qj#*PSYQq!5dXpd;G*~%zya++3$^QKDGrN%#%)9}`=aFrzaJC#)NouSl
zXdANP{Kw~)3RzdO;6_QS6!%^>Mt0R2y*();+PN2$-la9T<W7zksvZ7rH&QX;-DxHn
z{m9GA-wL`a4h~XT^KqD(i7w1-IPfqiq5yiC(;v(*0!W<Avb1nqjU!5Qrn(&^rBjOB
z`K@*I#wL+6NRH>CkkAsEYf4Y^%5D&P@<oKRJp$>=12-&o8}{5lMfjwJ>k|S(vEWJf
zf@DJs`W(Gl7ZC(P5#VpB0f!{TSxt{HwA7IMziGFuHm=oi!@!|dE6-EBlx5FfHe2bJ
z7EbC4PEq(etmVABO()uRI@!mBNcW5F#hfuHWEw(2Bnt<vln6Sxf}4AD=S^wB9`zdP
zrkn@A?{%OWRbv=36lFXPh+;TnI8jXoIE>gpYXV5i4IodXj$zI0;$)FY#|*Rg1`#i8
zRT$M?Nj|PFF10cZU9JVtu;n7hkALL<@xSG7`d5C1|Caw3%zxy6tpWq{I|-8}SCz}*
zl8X|lx7cht!4SDb)Z}{~pfdUN9KK)bMgaC^CNVM62Vx#ogOj%jbUX6OJEN=<FMUfH
z9R!BahE^?;>mG(KB?oE@aoL-z*s=l!m$UyoLvS3AR<oX}U$%H$gh0|FbUx6gHk4gU
zJl+n@<8d-nj5l(PVasI@<)U%UI6l*QEiEQjY`7_n@18wXmDB6C+PMtIYw4GG7<>QF
z8jQE-QXC)Z5=sr@m-3F{g=)eKB)(mQvk@dNshT}0e^_MboG)zYAStdY;^`?L<Day0
zIMrpbyW!BrTGstFj?ho9-LK;gZLBy-+`i0P#4Nja&hjU}#Z)}W7`HeeZ58elhUhT0
z9AdJU2}UQWX>vD`7!Pvsg*4jsA)NaFoV2<7Go;$5)hk&H*#k{xZXfqg2;7ns&jSiX
zWj%bk`ne{7mSWQEiqC%d)l`Od?S1?we<7vA6=ZZ$iB}#cHd_WOJuVfih#O*iUy;2-
z1bIKf!~}L0aB?c{tHy~?A*Hxk0ZiN_LY{(-nBUe42yC(kxl_x=<<%Nko;=OTNYw2s
z^^oN6WHv7La%i2Sf-%bJUaat_rK+XYpL_;DySZy0A%wDV0R~EwhC9>El1)3>K|tKi
zpbV2<!y=OO*UXecRMUZefC;Y-mDRXiCI|tk(EA|1HYkK>gA{^FW>iN`Bn?ll`nN_q
z-Re#EY`wUSaz?G*ZNWB;jwB8rZxBc{Mea&<UBizv@=O+vAxxd5!_%d87G;(gs;V~M
z7Z(c&oyP7hF)8c3)Pao`^H$gzt>swNKpox2&$5WyLryFyw38)hlh8#|r%+3u-qXIo
zkm$5K*Gei*t`43?V6m%Wao^dKX9PZE@M3OXTlDq04Iw#Cgvgw7K{NUGF42+Sufse>
zxgS<g>|(iVGuDk}$!6-66c{w+f0KKaR?ndt>+u%Fs(%Ovq(coU^aaFqiC4p`Wme^D
zw^~=vE2o^+P|8zr*7any`!D2ETIF0p#<)9d{K6i7=f8B2Uyz2Lv{KSTO!5dyLvGZ9
z{7jRk$4=%cZdAB)3>3_3C(kOWKYjXHV`5xi?k`e}+Xxbm+T3NbLf7(2YOPbvUz8N@
z+&)q+MT|c#)6vWyPc(((FK)(jG#$oGlJCF6%Q}sOv_B7W_=o|0UHBD3v6D*Ps_0=X
z=HVK>9!#bo-wJ526((KacuSAqhs(f%&wryFQ-)VprYy-fGb5_GgP4m1Iz*m_E=6)f
zph`RnN%V!+EX7+idqhECGfnE^S6gXmA1#&aov0Q1dx<F->8*#Tj~jWC{r=JpF4yGQ
z0VroDn8<1@<6+{=D3^ZP-!0~wXYo1UZaUcvRo^?C@AaQKsNruRM5U1!r=0Qv_nz#;
zlDIaUib0LP+3r(bQQF8XeBvlhp2S)!=~*+MO4l<XRAaqyusjW|bpieOW>*jayl@`o
zWk1+vxNWs+)~y#cbr?tX%hnC5?$fln@#3um4r~hd4;5Cvhz2G#jhm~-UG;f39Tj5x
zty7<<5>#{i7-bo)n48~+OwwaLpA9R&?06b*ZSurogQd)Y0Ca=9Cd=Os5ecnker=5#
zfa>#%baZCWyn*0$B0fY!)txpCMKUxubc&wZvubJxI~kPI9eY(i5H1}ArVv#-Cx{nm
zYD!!(?8TKw<QJ3YhmsFcitdd(nU7$_Z6vy@EwnrOq;Z?&4XzVoa9a`af}?f?BIQke
zy$;L~zkgN;gMu!X|E(eIV7`|@BL#xW8uTabbra-L5Ur%SG4A-H2V32U_xtjqhUK@5
zen^w-3intO5P|4WR`Ckx{`_lPjB|quaVh?9Y9)RB>XM}<FL(&LOJP2~Xq(i2R8z>;
zv&wxuQPVO$u91rlRLzEiaeTD?yupOCM>B1%lj=||c_`ALWjpm<5?k@*xffsgf8@9R
z-|{#AE5H1I%OBPLANhxCz`*K`+#`HI$fKp5&o}1VE#GhG?TdTtGr*VQTBeEug$UMu
z3IQ@3_qt&IDEySS<I%j~%Y6UUuA>RFrAloHyM7)|s(ot)2=pGIT#ZZSgv&K<`QYCc
zp6@Wg%bb}=>sLt4av4JwrOp_b2CQbhhhJ|x!#4qV#k1Q(k9D|-?2?lx8GA8Eal`BQ
zR@IY!vs=go2TTyq;-u)M#D?BuN%>nYd{hqq{nN0L9dAKAMJWe+B1txW2m~SH8Be@#
zK1yOD_EHkLMR6joWwP%Xi(<MT?X_tG@nKTw(2K(=ZkHIjO)R-tTq$jb%}cJuD&ni3
zjae=#11<T&@vhc;itzH`p{~?mg7pgWMvyRR9VwsphyV#P`_L0H{07%ja7eEBGLz75
z6DE*Q9GnBO2aNd!Fc(4lnB5`ON<fv(0R^uNPP6__aoU*F3+*q0FPUKI-pnu^uykx5
zJ5RjGrprI&>r|R7zgO>cPa~qyDy%;_d4DM%Sl{s74NwI>)6pYz1Ehe?8)$P`XvJRN
z-N+>-z;Qh3Xc%sgNs|4S_aV)%$XU5wL}y9|#|6J<O3U!=g4zb6OswXh3R^EF;t$9l
z_G&fz7r?n<veE12t?QC(74aH!<ccMNEa8e;|ID1B5r?a{_tOB8zHf#muB1IE?#W*c
z_oXN?{7ukby<U8>42}%Fu{h3<_rByOG3c<AwSf06+MX}NY;<mflu5g{gwZOHD76Gj
zY;QkGeh{PS+ypa@o3?SyVArvA=nc^hb??-5<zbEN8@i$(l7IhxvzN3e0tlgTF_YR6
zZDjHvmD4bQVHjY&3M?dzq^0QDar<4k&r6?Up!JE=&@skUW_mKAL@yN;s@pWJV0=}x
zVxwiM1WrFIkVjVh)Jkt#pFU1c{ma`)QZbQ@EV~VIdT`zzOU<!Hnx!9>s$}qU;CfPn
zY)dv%ir2MyB#}*-P9$u9!@>|IUddyn=+TmQr2NU9&-KA!+j}zqQEdMWRy!=4fv=Ko
zIq3kUionYSqy9{6!=i7V7Pp!5^USqUy)`>dlqW+8!#=2OA*lflI|3`CpDxRa?ey;=
z-DX8@iuIskS58yTuu!?&Z#6Krkc%dNcoO3t6H)LjXI|s38zo<s#^d9^+yAbVVe`1=
z>S%68INBUD^J!ct;=}`2iJV`Nr~X8XD&#eK+9;cI!h>{X%-Q@cUF+4k3}@z-%;S$Q
z)NnNTDKaG6nFfZEhJa|Qr$ji)?@YkMpgFI<OW2M>HR5B~8{Bttcf--~jM+Vf=D+RI
zLiBk7hQFLkC^`;45v(Q{A_hy3ZXoEm>oZMPy}$orr$G5~I`k#Je7^s?Z@e^xN}jh7
z><8f$X#L#}j=lu9QjP!S;Tuh#ADk79xh#TN^EIpbEL0TK%kj^q7W1rZ%^4$vnaC+)
z9r=}falZM$v%2wndc3;(n9I)yys1gumILEDdvEdyZ*d3z>1;&?)Pf?vRKk_u#tmkb
zo?~62c1PW9ZjmqJHcTkWDNDK19_~yFh0Qk>-N6h@b%JyxsXF)`FLi3mZt5^8`t|&z
z!(|*tlbZE!c`ja9(1G~f%@Wx}*$Eo!nIu1~ecj@$<H`?%`v`s8!S5_9NyaVdZGK2?
zv{+2@Hj|ipzHB5dBF`RM{Lo}2-6;Wb16FEH0=jEleCMyNG^VW>H5UNpLsg%Zrb)C|
z3#*Vem2!)p@7M7LB2VO<NQ>obDHv0{Gg-z9*YV~+b8D5Gd#x;`q}?YxwxV;-%bU8#
z<RUs1-(=EmL-~-#64xcG&!S*j8i-x^9PauawK~g5@k>)rydA0ReHkcxt!VZ9%_s8;
zom&6tOg}^cXTO?`yttffxIM@h!o0Bw?KL6fBaUjlg9B~4?Dyac!pW#^Aia8pa+1IW
zI}ELVomsOveLW*S;ZBkoOiLW4JYrD&Kl0oEZ~0sPm0#|^<xjBtkNo$4>p%8$Me<H(
z`VIkyX-=)B4Scj)my6Edlqt>kf{)JW25WI$9ELUm<ZXa6h+o{tQvykiTk^~$i?I#K
z9o1q|RnG5ExzQ9lzEWDsgv_T|km-2O44zdCeQW}dc-Up{VT^WOMv#j&h8>u#w}tB>
zvT!~7Y=~ygLb^Aj2sc5o;*S7y33>{t$5pg#&XW~KJCD6LOZs(6Xl|Lar*((&MI*3n
zqG@HBnysKggS}$+<k{bnOW6ZT8)cadw|FG}?<LWfJu%(wtFgR9OE|5;CE)mQp1){C
z9B&z)g#2~9BWc^Gsj#i;PnsFs0b@G{l9~X|c{%P9-;nG<6+Z%A$mG#&1@J|%xU>xJ
zw!pplXtGU~pN;uFnbYZOxDeHG8@;cCNl0#wmF=D$s9S7wW%rzn>x%WCr=~A|x_o8&
zUk&WV)2x?mS2kMs1^mo_Jyj&zbZcJwm7KcTvn{{t?m`-`4>LIRRZgn^7B%Ft(`<g4
z3w+;sgyhsgpDr@`jQ)GEDRC6_02_zg8zz11lW{|p1TM`Gu8fPL`2zuHnz0zdt87@c
zW(x?>js`V_R@^(C8M?eu%!Z})7f)ifjXSheF?8Y=>=dZgz4SFuS2zyS(^fEHQjMRi
zZ8)zNM4TYIipaBi*G|Ds#ZDCrhUAccTGyRG2|>W@eiuSPFJHH#c#g5dDUi$CgtJ1;
zNXuT=ya$C<mqN`JBtU@YyejqGr8ebu`vh0Yne-fB&-fn7cAUI^OV6<7bL#!g#Fh#}
zm+YO&b5Ha-XgPmRj<U~^81&vkRdJ(fj^<(-O74w#6jl4cd@6<_kigRrnyq6l%~_I9
zx9;~X=ElEJ+>BQQ=Z{dgvsFH8hqTzT#f9j?vE16OWv3Wz&)8-(Hp5y|%|JfKA&1(c
z4N!~H!e!=$EnYgkv8dXiKl@Nt_i^G_gJ;@7sGfv^CzBxpIr&AaGBd@lms<|NQLQ<%
z<Gh$W3WVA*E3K@-sxK?Zq;r#d3sLO7eMr%HOe!?rz}S@aoR(n%YnxUGsp5~a6;U#l
z<R4lLj-oQ56Ba9(qskZ0OPA_~78^r??i9<N+t5*i{J>B<5o-%|;CB4R_@M)Qh3Eb@
zz|UcvyIdl(%A36Qvwo%=%~-2sApD(p#81{O$D0-T^rx=BG6Qk3KwCayBMAD>y^B{D
zCbiZY%e?7KJ$s5cekOWa{iFVJa*MgGR?BbJZ7U_+?}uiN^GMJoVw&9)EZ8QTphsUH
z5!f80tCN@s6lts!dDG&jiw)!;!2CSwDnJ0BbGYc?$Zagxq^X7+vtFb?u=g@Y&ZkJZ
z9mHLpw&}XfQ7aFjNU5$x2@WQSI_a8VfEH%LA0i^rkBcou+PsL{Lb*DtgQt=Vax#t)
z9*k<6az8&<F%vSLMX6TQ?rhDj;6<-KBqHvDvJV)tN^W`Tg#L8Vb!9SnTTfV!Lqo#i
z+csj2koTO7^%3sP^o}{(u@#ob5N0I~SaQR647l^tUa4|2g)(dm?{w38g8pdbdXisE
zVj9)!)h(?Ep5Yiu)Se4h@z@d?PSqCUT_!PAr8~7L)#j%cxmBY(*F)7)+wZ7qVP3%*
zV+zA$?>!-@mI@{w(Ieh$DOupG%%`w3b{3JbP#5vC`M7__wV|)K-d*b$T51CRHs4zW
zA#`Y$gt*W=d#ZOpT6}XJ{@N&nv*<Xmtnwbd7MGRGN0Y!huWnL%r%^5!Et}C_{*}B@
zJpX%|yik6!XdcT-fyv)AbVk_F--+H^A+|eJxz(b1`dd9PHwV8SmoR@2GTs8IASe0r
zX1{$6=^*83hTU@8{4k86$`D&**74C_A&bbj!f-1ce#nFI3>hBK6P%pCU&~NlOl9}H
zmPryKT;_8Bn(5pBcc))8jA+UDu4j^TY=vjtn%N<@gjAQl>^tv`Q@-}qokt}Nxc>A%
z@;m=;`CI>$U-rM{Pb2-0{Lg<2<!aNnWuD7^C7wAh$p-#F@<>PV&z7^`yQ<F(3s?8a
z&10PV)X`HPXX~$^=23w;qM<u9wGdLetlgE^*zrD*#k+J!(wYI@=lD#UwQeY(-G}{6
zb3ftZ5twJKjcQI8RLDtPshXwT26IRecHcUhi`ZCWzLyD>T;8VC>;ExY;QZ%>%$i7|
zJ1cXbF;VpugO6MKR5AQAHIl7uI`^zt(y6m)$LS;zBkd;|{0VZF!mHRHgnJ6|{*dWh
z6e?U4rq>6mv`ePt==>{r`D8QkZpD$dC+|AbKl-yi32}T}A(t+Ra<dp8ehQ)dDSF+C
zj;|^W-e_$!V$-d{RTovm44E5gmrs9iZwX$uzh8M@*|Ag=B(6d`pXZS0d_Y+AV$YRH
zorL=Gim9;u&*R=>V5%Vi0pGt{7**Nf;$CARK>@s4LVl-mG@++Go;JWviXYkg+iHZn
zH<t(e^9?AdM}a)%JL_J89oUt0HZ*^%H}bO{USQCu0Jy-!vjdhR%L~o53aU|n@_mnX
zf*tskuofuLTMt?<#~aBV8?+y|QPRQrf;?tWXyPBj2x%wR^~Ia8VA8*sI2Un(+z)0W
z@g340CBbL(C;%ow0FqzSsb?K`d$JFO>4j$qB}g6jnJOWM(hun!<Jyzz25JHR-DT$i
zwHUME70SL$jW+QOumF$c^HW_gldtD20pRaOE&#>f)AvN7FGQPaODouH9^jRFZtRGP
zstNw8_`;N+pd{axpf6tDJJ%f0%+iG{t&hYl0PgMYII;`1)1F}NPYmOu9yG<6>+*Xv
zwC5~N&<~&gh5s77$AmDV9(nH_x8^W`c?WBz0Ku6bs)PN7c1M>A-6f#uqDO92t%pzc
zksRQULT(4um36a82Lel|Hhwp_Mca``^XB#7yiOSP^3Rd>MRAG49F+-hqeRK2SA3oC
zIm^9-7VJXcYIFt@_C@T#q$33L`UCF`RyqrIe227C1e*N!&M1(?f$4-`K2+OC<jDT~
zs$J1HL2TwTp<~5AvVZqO_LL%f;YxeuZghj$LCHP}Q=1252$pyLT`Klbyz(MB((or%
z;D>xyz4fsEiIw!lm+9r}b^mBg0I~V)D5$<iA;3CtgCERRx(jKe--LL-J>klL7!(WU
z%k@HXy^nes)L`zP1Hlbz@dt4u(HpKMbhHaJ-V-DV)|C-VAnOb9&NT-vAjZ8K@$SwJ
zdci8X_&cDKBosE7-Tj-fM+yNM@iE{}Osgs0U!E^PB0VS+(+~oP>28ol-Mu1oIV8!`
zsN?3p4(hXl?aX)AfzPg3UHHQM(DIclNF;uPFgVix&#@fvslHPj`x8Ytb2*@&3jCcc
z!D1>@=uQBfQ)t9+CUcDcms9GlJ&tlG<hzL@4)O3kpdd!%dAJ9K#TUoo?}y&SC`^c5
zuMWt-d1AVR%u<-+hkgIHFd`*M4j}-aoNeThZS;~E=nZ?V@{4qH#+L}<@0`w7RHc4m
z?gG3(<hp+bocA)bp%1MXF(AxdT@?H2Mxt}v;;jH^oFpaSRak^rVRPa=5`}oFfr1Py
z0P+abE*|po8SXkh@^U2-4_b1o*omh?6MDCGNg$fm6tV0mkLpNwa{R*veIPYCzGCw!
z!%vlNZ<XAp+<WU><!PBw0yK8FVw1r4^bBQ|7{qkDViWKaHVKtF*xi^y6U?<r4;J$B
zINfr&Q9P5mroVUAV^L22DZIu`4TQO=mKyckDEbhW=J<_w!uT8Rkexac6W9xk!~Fj^
zU5T@l37QJd3u^r`DnWn9=Zf@kXn;c!ULlBmRU+R13L6%%5Fx!YO1FSSmhTGtkNj@`
zTmH6x<(K(y`Lmb*BR|z47+8KcFB@#>aXVFqILV{yjxMSba=}>$7d{CcG_w(%-j~lO
zK|NhMTgDE2{~EnVSt(+Xdl@=Tp_1DOp7xzh<XGrjIy`e&M}nW%R2}&|C_<+U?px!&
zUJ_=WW9J&~d9gvt6j3BWQ4Z>6i60DTjfH8eZE(Wh&o#VW(=b`QqL^qcTEhvmt_yx0
zZ1fAa0i(b6NWv+k%t5|5vktr}Yds1}qR^_1CaiIDi9>1`5!Z|L0-~Do0QA(+$COP?
z1*pYZv)crD-C*n^TS^fy5~m`)veaT`ZBIq#;jGr2b*cGyF^#|Sni2|CDz@OSWHh~S
zv@>4lnu(J88AAFM%MOS4<g8?C1;*}+A88-vrnMk_)T9es=tYQpNSCO1Y~=@W{oPWE
z9ErcsCgQE}E6aRc69106#yVByY<2lX?t8`il<Et4Lc{Cp-MQ*1rS6{x(#|40dWFV3
z&9Y84k!bd7XYbcNhZD-Hud}M_>U2>B*6S15G;QK4Ka@Y(HOq^dtW6)%<XK<l<^CvM
z5!pydchU#BF&9D7cLxDkxT>OMRPY9dHD}UJ6M`njsH~1`Q0Kw|D?Smv$zzZE@y|<3
z0Y-dtDu^8Eg3}9B`(FRJPs(Us@}Ziet`RQ!vDW`aaa@7QZE)pe*8WkAmt)0~8BHgR
zWKB3~hdB?lm~GdTAuzy0uH)zI8G<EmoUs1=!9J#?9hsE-ts$;ZE}s+o+A3&PS!!M2
zFl=tQ9fu<S!wrVEJmKMLbWCk)z9nlWJOn31m-Hhyg0Gk~+DNDk<(^r_OQlnAly;2k
zViEnKXgX<@6t)yz^XweFJ&*L`#k<mTdi<r28E=x0FL1n+S<`|qYk#Qk&W6~gdjG)^
zCkU)j^zR#FU*{^j{7hU=jP|V<@y$tdtV#o&ObCi*RnKx(V5rI(4v=aSb*(G%mP93P
zbD7&$-JhN;kNwK@BOk-&7VMzKmFrdE%FFp1?rdB0Dy-8xn3h(FiGSJQB_0jDz3qL(
z^=fuBi)Jrw(l-xt*x?eyuIEF}eqPL0#dF79t_*#q65z*@Ix2L~u5Htzh<d`9xD&0D
z*@fQ^w7HD}jDoa50l85@n@X(${0r-tXPdm=hDlBh8eo(kT}QKSKDU1S5e(blrLqeb
zhYo$shjjE~o1-6w&W)T3`0nwW5(3Xz{8g|>$}^-5#@Hv;^h!~of!GLH6b1+l>8S5V
za9?C8a=E#ALwJj&s1yBgFUA9Npjpi;c>y;0Eo_7EEVynj0~A#|NoQR6yZ3lXNRnV3
zk3LSt>=0#yFK$cM@dy>C`k1c;YAoh5_Knm)#t(5K<Yyd_M@bA8B)4ryY`{t(st*$~
zv`sOE7>F?Llc<mm-svb=Qh*BUf)O{Mi(i*wMdYHoSWTsq;2T6f=rle(eBsXM;3YNu
z7sQ(4k1x{e1o>KGLX)488V!_l-D=VEl*U`O=^bsjk_PK_TPxoRu5cm|X|Pg+p&ir(
zDHlKnesnyFa~un}k%$;0x=J3tegxUb$d8LD$(Jj&`300&9#ZBV#m@E``rb}{1$N_A
zb5p%?H(R{{s;V@0;r`&-79DCgBw(H?ylkjY<UM4sn$d!t;%{C?L8`e??WvwlDUFkX
z#UJNL3!cld%H4pb0iNbaDTM0Ut*OgghHx>R%W$N77ZLCV=+{?c)Le8UF)tVykn`$|
z-VdT)%>aUnRY~+Hv&D>P-coTo9-AGoKVUucr44;?bGTKd9eAk_y*P;wgaN|a3hgo)
z-V%0hyev(MGu(MU;Co^g1igRM*!@5?*d{uQoa55Y+w?(4Y>RC(U{_kh+{6fAP(#B#
zUYGi)1%+O32Um$Fd>H=9&CT(ZC^JFB?HyL?p#PFh%Y{2ew7vbZ|I*4s7{aA98$7gp
zX5p>untKx^j+ay2HuFq@9>plzKJ#qG8ugF-UjJME_J8G<{%`pUBK{-4rX?5{BZuA(
z?{dt&e%ib(%IUp%XQarC)$D@M4?QjDG6*{(tjPHYgN1G!_FmYnaMygyW0@c9ZMc;p
zZauJ{=&&Euk?Y-}Ub9ZABGpEup4b^POpgZakA?tbBi!ntLU(%G0p^X!_8Vz}VI|(5
zZ#S;*jP9IWM8rM%!^^u@yFt&C&rH5whzI|K#q4kIBs@PoWB6t@?8J<~N5|Su3BGa>
zw<gk(c(u^frDTXaI$VI@8H8;QUq|RS<Zr>;Fg+sPXt>9HB045FMYi^d$cXJJUwAG#
zz0sdo1X8>pPv5HdnRobK{QQL=m}bDB<$Jy%FqMEI_WAb;_ZT1<*uxprpfhoS;dmoG
zH-iOvfd#>U1^od-%>IIy4TGo$g}4QU7y=Fn$7Bx%?cpzkWH1AZ(*O=_1r}u6v*Xxf
zAYfn*X<$!la1GhBgJW>bWpK@AaE)egjb#A#h~~=+-Dhsh!~_P7>n}udZQ<X`+hag&
zQ1g}P7!t7x9MKjE@e&-72m<l*Zx<kO-r<<siJfo^NtX=KA0eP${%MX0pGgxQ#~A{8
z9W00zJP02w=<fxoe{a5jFC%!+5qQutSkTjr67ueTCUOo)=NThKM5{%*$AH7229{|B
z4Cfva8UP-|2oAjshUohRhX4lA7a4~a0jC2V$6IiVBDF&z5(F7Px*UhPEt>w^YVvnD
z%y^;Glm7O4uDS>eF&sQdyytgPCGfO&jKZ0`<BhXthregX+`o7J8ieBC+kVX!_GkoY
z5Q~DN3IXi|7BuMJ>)B&KYfuBj)I!AcOkr?+^>1$z{CkPPgPOsEoSu2)gHRk@y;Bju
zpbPzlAPty^nU28_IUt}v{CkOdcD@;06ZY&d^z0b+?7;Qx{B1-ZJjn1C%ptZ}l7U;M
z3@nJ-UkG4;3Xb>+76j?vOVYEmzRx`4!vhV8Ztx8f8tHxkoT&weX$2Wa2MK563yA<Y
zqAwIq2N+HV6pnXDlK~-K&)?@k|4+Mr$5s?P$hT)l|M-&Lz#hiH9)ro9fXN-1$(@ji
zE40~3ydz`02c`w0=QlD_Dh!S@7&Jb35SM{Hw}Cwv(=(63wNK9uc+U=Z&yHNrj!#|6
zFB9UMSXxQA*0c$V=2-O}1B8F(R|^(X3lvie0@E|D0oXpc2R;)QjL2^;B1jcSMCi2h
zh9RhAvmTyC*iA5;cUWN}D8y_C#Hl<?%?R~<?*?SfTm}Mg#78jbKhQV?kchs2pB@B`
z_b)zzUVa7ym{yjKbnTF3#|($a_2Bl_Gl$G}Bov1y2xtKq#B8X4rZ9gW3|tHfIs(6R
z-L->qh(bK>GX_vxOHu$R^q63Kt2QS=M3xdyIZEUR&E%eNzW=o~usI>)Mc5HRUyNu6
zFrw{E%su{xR@0l-BgQY)yGLMn`G)vbE-*NU7DMn4%KVE;WuTvB20f+u^f~R~clB~t
z4)%+UZofa2_fcGx)E#!)T~=>%3h9sfUKj1>qX)a!^6mq9r8~U`%Y8ZN{g!AU0`7GR
z^kj=2c%QNq^W&CC>Q<z0-`~~(kaI<j!D6+77f**)>#I8)|9oayf;(Pl*BJD+v)O1R
z1hHv+Erpr^b%z1&dP>T?ZgN`dH&^2Yg}&$Vkp1#60dM{d3mJu`Xe~`USjdhj{S~6<
z$5$WNew?qdM$)BfGEg>FRJOm8HI*pF@}MJ0gwZB?L`jrFe*Gd7KXCBNak`u!`&M23
z@p0$)KCwA<t2@ojxwA7p6DO*EcK!C@h_l%H!&llA23gMSyZ&lAdlJd&5c71A`7>lL
za_HusJqVMIftED`1|qV)r9x_}`3UQ$u&LN-S5-!m>W2=sWY~Hb8nO=;50jax`CVNd
zi;A{k*;x~A8@ovA!$kO_;P2lxKPJ=b5`iXSq2qh@+uv<b4nmWuXiH`%{*mABf6L$T
zul!Q~Eq|H7f8-Af2LmHQhs+PcklYlLU0b0;)(%_UkPqUuj++HF05h9<lswuc8|h-R
zs7@|Q0x$`XX^v1vCg~H!K@ER9h8l64UbHUjAv%%^Bq-@s7};miam~0-ZLp&P)oSUu
zLaWu~Cl4CpM5Ei5i#5NX>mfsJs0*1ZTe&Fk(Mv-M6?$qVy5p2Itg&tCX|{-aFw}4R
zZ@`TwPpVIyE?<cX^}<!q$YpAOi;A_EvCU<%3@uAuRp4Iiz_~<8JTCn`BUkFOnb%HH
z{kNiHMSwB(D&fkYHd-D$wEdS`YmX$B!w1%3US;mLFNL6i1PlkFUQ7mESFH)kK3jep
z=|5r<?euNMC610elmT!7n7K*0gBX8fSQ8}Zb#V09IFr-~&BHy0{ZQ|M#l*l%Q;dJg
zc{1Af1?)}jg3k8mb&w;*rN*V2oje+3X3AkWGA1jQ$WQs?`^6TD`?_RMO6dfgHrmgz
zu;KC`x~*$v>RTpy1e`!JxRd;g7J9xGrRi1+x+Whv-}Re;Chru&`b)zhQkaSC5G?nE
zS-DrSxj8b&?QD}tupjeA#90^Va^l_a`B#JdR|L@sL>Yso<Hv};F-S5b@ul6XW0AhB
z?|dD#sk=Ghei|&Fx~0!4(PvwBzTJW7P^L79x3`7VveN*S8^)tk{?&AP^gm@0PAu;p
z9NMM05|q}`w<`PFCpBDzO%r*F-!$BKe$MwQ>9slUI&yDZUaqbph|@cB(=+(EKOTGc
zbvE=DI=RT}7xo_S-j1>7T~YapGoHq>XOYeX>%f+#S9SS}e!-1qC~YsLl+(3jP#XPh
z&eqz2l`<W}2_FH!9QhFQ5ObFTEe*+#GI+o*agP}gOJI|$NhMzYB0a{+<5zV~O})7R
zQL*QE+oHe`M#8Rfn>itgvr=fq@KmC-Tcf1}O0qKKqSMvKh{Xd)Scculy3U5mkP7fm
zUevU>q@z2r9A~=9QlS4tbO3l1STu>stxAhipYSXnv28qxMyJ+pHxdi4A^OI_LRBMT
zBvBUClr<%+y})XyH>Fz4+sNTEf}FK8w=#rPAYT#(Ee{pHQ@*MnvFMIqH>+?x^orEi
z%UMa?TqJ}~=oJj7i8-c;>WEftUI~=FGAa{-GJyFF@w*{Tna+m<n|6Xj{(;KPJj7WF
zSfefRXlv*WbjR8W<uMakiX+ANM4@75@qGN{hYn=*!xO}tTqkVa96Y1f#b{I**Q;MP
z%?gx%H6dT#k4loum5d(sEcu|-lAW=yTBolI5mm;K9A746@wtzz6h>UC?8Z(Mu&~>Z
zE5kuDv2(K)r$M@q^+~eUOD(c#pj*(aj(ca|(ttOQ?>%A!`%<d^O0s_8%abS}R#^$c
z39WF7l@&|lD3%=-tkSqURBv<HRc~G7^8%G9A($ezqK#rQT-cw9N_}saWb`<ZFG%sG
zfn-S2&qd~LS|`2@6~EDH6C9bYp_#+YYQ=Jtfh13$&mX<0Z<&8jYlVb|!N9^w#!QTw
z)J(4((LdGra5>aAA1ZZF!NrbOE-fJDW6Ux6j<z9h=hiLFgX@s4tw65pkLW;ICtsA+
zk!YbIZIa+-n__=PDuU&j!ST4xbA{vk6_rwK8H3D|x2;<SIX$fCF`I~Tx<MsDQGv`5
zFTmU_@BWu6R`wjGuYx8`S}1?}?vT7Lni7ZoD}XhQdc*k6O-d|g@T9%bG2D+$OkS%n
z;Ln+A;&%#_8-0+`VfUEWreyuB%(4z5)SPu+g6xneN6~6&(y~RgVhQzR^y1xwDq9rQ
z-E97?lBo=FoZJcJttg4ihe!wi7Pj)&CBCGL(>jHw)|X*NSB8YqlPgKyMYhIOK->tt
zpF!1RqyWQ_m1SKVK)zXaMlel!c0HJOfiIR2hfotI9<I#FM;We+5^W(LA!c1xvGtWc
z@vC@9k@CX+-mA_o3bR*)V%f+)@(2BI`8)rWU-G}@ufF?_{1nY#V7xcSSTSDit~B}w
zjr?;tvMcCyr4kh9Pb!c1Ek^YhB<3noXE#9J6BY|6(>biM0&*LvHRbNpMyoYfiYg3$
zS+&wKPdUAW))fvqm&N(E(uKu_xmKd$LlQTYQ5j1Q-h7_=<^4Hc+xoW}s)M9vK@8>a
znxChZ1?06qL*z^NCSVVGO`qJeu&QNTJ**Tj<(j*aSB6usV)U|#u_DA|)D^m3vtj`k
z&YRb+X0>TU#Sa=<=}bA2=?c(>EOF>*bn7Jx#90ERB_-AlrOTE#MY0U|Cqxn1V+ST2
zw0!aXB@rM%Y4P3Y((=M%c2tY(kHwVC+t8R~d>RVAy=9@D^!>yVJ@Il~PhpMKoJ<ro
z+O$QM%G#2u{nm3|Na&Ht(&aJ_LTV2wv)08Xm<c3Hs!3D#tiZH|Oc{W=3U|(!pj>_{
zYvP!*1$u;xnJ3kz*$ss<U((qL$L>Y?8B5aK#lrZR5mO!CX0%)UYPPH!fONE3u6lj%
zp(xCDph)&vHV&T(HnEP2pYE`XcfQ?aTrV~&%P;=#cC)m!JDL+dS^BC8i&2jPktMgR
z`DG*K`Okvk!G~57mBC#qn`C9?WyCkA^yCeDcV4U*&Sm``J&UkRC>q_*%TMd>bf|*3
z$__{@Q=SEG2^lTh!e#mnqL*n&fC&HCY9dK)T#{Jgm~`Ia84-1ey_MsS@KnY>LrCU!
z!A&)eQiYo*xf6m69!g|1DyDTfLOGfyCREKV%_ZXsrg`L>ZSH@Iq}(kQul7sTo7%?F
zDgT0!##mLxs=ha{wartZ&Yi#JdA=#jnV87ma*p5>`7A%|XJjPOqw{mcy2@;|Uf;hm
z=}IVl6$kxPg`+?53dd+IuPbWH^32-ZRUN}p>tOhl!A>K&t9E|)YOyje4J13HW^Ij>
zuD(XY&LY=Hnonduhzq9)*hpVC)*Dj-x!>BsO%^7?o^UQpiq`+E=p&i9bV}+7QC#nh
zQz^1utuys{Ajq-3X)T;J+vE$*xu92iV3?&WN!<SXov_zRP8OjSIWVk(=4peyXcX;<
z<nWNj<MIXv<nH&GJE~C~V<z0&h}9sIDK?VZyZ_p3XFhyZe{cvNcdHZ9f4$nNN5ZnG
zQ1xyRkEC0-n^-#NbcA)ak!GEWNQ&3yjivEg5#LUn6K|1x(OO59rLtdI?j(y~opW|^
zTR~3q77N(ii#LgJ#OCGIRQ;P*-fmsB0mtp=q(C-AtE4N({8pKrFWc<%HkEZHPeV=Z
z*jn=tJ43!l_W%QP8zWz2!~xNFz_M==eyo5iuL&aG*ss_2j{Z3m`3*<E%fyMokA}A0
zBa*Ec*S$!lpmH7!Oa4%{@Yt-mfcvXnSZPIyOflBeXo9GANDy;Jnx((=13J~MOay?1
z<-w$CWH<>|IlZImv9iK?tOmiBA~W87$;8c)-{*883xNH`i<QHuJCY`R>Ki>mOT)0H
z*D6-zcF^%XY0Fa*#RVNf&^GWEZp^zjH4p7X$FOJ?q{z}@S`$Z0r)xXRokB^@n^v;P
znTV($K{FL4s*zg&6fa4XDa`V2`8GQgSC?%8s9xTa8=p8nI_hL$Q%A&XVqhh=+yDEr
z2=Xa*ZRQt~be8Qs%VwF+Qh$-ps!ZEX-V)jOlYDL7d^xlw>ZeHtEIwcMw`knGvAxl!
z3AE+Af!lewd{clS&Z*lO@-8|bng$j{INPksCg;_U3bT`+^T0ly<cpYN&fVetkMB?B
z=v8<5xj>1}7rT(-!m5hM8Tv&4zQ(L>W>!lb={}06T^xHM=o0Nl<DpgFr%EFSfAI+a
z^zH)JZ6cd|OD$*d)T#OPUDAi6bQ<enmFCZ5AQy!IJ@Uh<wvS!`zeM?T*s0U&1TL$&
z=3)7?*r`+NtGBEVe<6R4S`K5;C&rWCTf=)s4o`A}5u_d$SBf9t>Ca_$2=PDihyHK*
zyZ)75;=ko@EdG!D2ee>d-hXbGqXya}WflFj873@0BUip{VKwfdznDke%81XZDEwHb
z0c|TKGp`0oNnS?&JdnO~_v`ZTz7Jur`PIBRo$2|J<a+vW(_5_Pm*sK#z-cAlO0h2A
zDev{Ta2EMltoKAjucMW6MkkSS1X>9e06cgevl46$+=FrK;Vsn~V&)!L1{(!DYE<e~
z)PAnMn%Azo##~s`4tGu0_8GYd>@qaJ&wq58M;_>2iC&Se#dIimp;$h>EWIpQ*}XQs
zST<H#Kv{79Xgtv<)~~$4OkTArw2fZfA~mPs&x*gm-zY?s!}vfnZMphXjcYH*OjJwM
z0?rMb3>Fu+&O;YBla0+X6zV2NYENqxnRUd`Z4zv<sF+&hsb=RcDC2oX9xKC7<Yi~7
zd&-_GWzy7pB`YVF)ji4<YTHal@oitQOD0K~)2VnR6^^y(ov9q;i(2G0+*@8KuPt`Y
zOBdy6(WiY*aHly<ead2aBy$%x=ewC*!F8rQY;CoRW8K-BpKLl7<qcV%_$<%?FQ>kH
zO^qpjypanKEW6p4{U2*@0oK;GE^1Su6ff>j+}*ucXrYDT5FiwHcQ5WxiaW*K-BR44
z6oR`25AO2QuD$L)>zupSIp@Foc|P8Zd=VgXjyK<&85tw|K#*R=h*~E2SbgcE(-TAS
zbMqNUDmeZQIC6GJld6_8a0h)nnRp{AKVx%Wa{}$GIgv#OC)!HbxHWwyjlz`YkHA9I
zp!e}b?gRWFoxFC%xi218?q&xL9#s3*(khCah(1mtgP4%ydY}3P({PO1FhR(1TVbGo
z5Q)`$Gqkj7{lk!Eq0BxTtRgq017}J$NTs-VM;A3Vw^I&Ods!6GiSV2hS%}B%a0}HH
zYj~Epco=w9-tTrbSFYhW+++@F=DC^WE>hNZ{}`vQ-<4S1b6GCjGlLpC*PF_8i2I(*
zJR613J=INR&3DaL-)gy9GF@Ra99bLMP?o{qR|d27w3b;sqx?j@(Z4GnE^6N5-STiv
z+lx-9!_yXiBh;wNFht}%dFIMn^Pql9#rJK+c-;DUiEArQmR1dc6}62toF+=?CtZ|0
z5qs(3h%rpd8ydY$Fzzl7<MrG+ZP{MS!;{b86z1~0I#n6xeebRB200BRus0GCS?eYs
z>5g0-S`7<53AJWPS8b`eyjtB^&E_QGyyGlSB}jDb9MUvi6t#y8O&K4gH+pXxbAr<z
zhhllF9+V(ftB%Zisr6|4jX1!{ZksokRGg;foTX&16R_iilzv|C-WxYv?7jovpAVgU
z)T7x^luLVObR!s+N@*m&$F#X;<HnMfjBF&7VY~Tugj9Q=@JiHO!#H|I<feZ_Z?iEK
zVSH}%zGUk4=FdG{$dHE_sfzUGP&ltg@sEzQ#nthc6Hxto9jE$SPvic&MM~2w`+HgS
zH7^K&%4{KHQx5oUG47<Wgt2$GPI*xtSfoj#=9d()U}~jPw->>~_*0Y5sQ4#;C%Uku
zkq(4E!8vJoLGb`Kyu81Z(w?7u!oyid$*)%Il`~n~#QXuvj^}GN(S5;6$-5EJO=A5K
z)gg<YO4W*s`jcPP(nPvCs-h;D>YKc4U{uxeo8v6@1^m)^M(vy<KAU?*JsGiyX8>BL
z-~rl!V4*WA^i<Sft>M#X?WS8+WC=;@fI9o+`FtV}1C!IUejwdkPz|25YMn6KtUQj}
zM6eJFxRPA>7T>Z|`ZJ$4yL8GeojKQfw%FdW-d=dODeIla#7>+RSU{~J0&!bTyE>0X
zwaC#dj$<lMOe;m7W2aU{Sk~RsANvF1VDhBO)p&6jbM?H@=G(^sZu^3=v$Zg$Li_SO
zQcAaXyHjs(ocr6`TQz?ay#t7G5E?|~)fUb%>{eD`CnlQ9I{5(6o3I<}5_dy^N%x{*
zz~QD?&Iy<OiLdIriW@h~6NDFJIJHRkHyhpF+H&==Ooce7-gIUk?&`yU(1&5WCdY|`
zOxdfpyNR-IveC8{Zr7rWORy{Ngo7o<ytIun@?p>JNpsZ=$aU3*mqgqz^N0Su`N6-<
z5BRJ3n>GJ5Kh_N#T*&bVj^+lb1Zd+!i&5OXXX2<q<LP=X?S@x(OR;L$i|RfepWcad
zzyYY}vEQeK%(p6!>rn{$EryUhH`EH5<vooTM0PEWw38>_E#V3)A>aLo>FidoH6?$b
z*muIcCbJ$1I51K!RCJ!~TL^C|B2=S*Mt5-{xo0^}k;V#=)nZ|qp-U><kfqGhE2tf~
z30#OxsiK;HB%G4b?!Ec&p?o^|OHmO0N+OZ+lAR8<fsPS4e`EGSXc96C#Ys}@AP0}N
z3oN>Hxn;ktm%{|@TC9=m8rky8d-RCN5*iRh#EX11-CNxz|JMJYGv}6V`$qlp7HHzp
zW|(Hs!uYe>z6Y@q!Y4LIQnMg7=T{?aLXRn0@g7&7S?ow+5IfqkQTvjKQ_>j-dN=4{
zURkN2zE!U=U9g*bfc}UwwX>!7rIa;C1Pa#?KVd<qH{UiAvRKb<6dnLO#!6sO&x>rB
zh1=sKH8%m$UYw6J<5iDv4wRtdgWrI4C!h7`Px?_z%`&~v6vgo?2?~E<u5}Mg8#5!=
z*Z;-|6wZdwGJlV$c3u6lH1THiOb?e(hmqsW{ezfVKbY2hB2@4b!@OlzmoT9C5_QPO
zU6*CPw|Vcb$9)z2iBt&gWJQeqeQbwB#oK#x^$Ps>?}{$Z<J(2MxmO*xmW3~K4v{4;
znU8gPYrm(h(#G#oAX~y}<gnE=tTE(vEk82h4#JQsSo{&X(JhN3E-cKKO$%^3Eyy~o
zrk^=}L`SW_6Y&KEcZjeLEp`^v_C{RnS$61JLvPJ5CtXH;n28f?T7X)6FKtrwCj<@x
z8g0m!*z_V_F>wJ&bX`935$7I$IZ8j_h~8)+&O-*<zZmj&)k{2iLbpM@khXPjO9}P%
zRY@)PgLZR|L=aa7oDf|`8q+R=19Yak*cQ5vV8n&Rq6jIH@w-ORxq1x&F3!aT<`~9U
zjpeTz%a>1dR(=KIrN>hYCk%{pP6`VQ3@1tqCqWFJ_?JY+J#n^4j#-sjUQ_UuwvD%W
zh<e$5O*1Z&Zf{V?+e#*J*AmaZG)Q%;Qr4b_q-%3*DD=3;9;vb~GV}}@wnT@kb+}xG
z^9CH1>9q`+dUEQQ#x9wT8J6IjKD@YFqH7x8#XG%*Z!OE8Iy=3_Y;BV)*EkjU0t(wc
z!*nB&DfioUgahv7Lj|{75n4gwQRe*}O#0}|7l)_92e+WpZ!nqbvK-jW_Kla>Z6G07
z0k<gvg<kx)f7R+59DYyx;{g&c7=f?94kXRj&OH)X3;&cVWl|Ab$s*y$)+(xZ*Tv_9
z+gqAJuy0})&25#cJmZxb9m)9<8h*-8dG}f21?PYRfS`je8-GIxfKLZ5_Dgp{CaRvP
z?gFF3t{d!AHOzSId$Cr<L}XXU)t{qx>OHQJu!5ofLIn^s{X}rZvmg*X^M#Wbv&YM3
zU39MRB5OpIWO_fIlXcSCe4nO96Xzu6-04yS#PFe6{y@`_2s&!J?3t!&3xF*@zvWHk
zLPPRvRQlY_S76kh5>arbI^x}5*~e#6%pEx`;=fRVu#-tjxDI}UNG3)psY~Wz<S>mU
zMvNxG=z%7^jLe6m)4_g;6#1-bTFzJ3qAJ61&kkhlz=ym7NPNjl@L^<*54W8}C<Dov
zFeP<7!f%9t4QunzBHgy@3XW-62nAi7ew1`Gct34=@k($+?K@fH168l6tycG4KA#Ti
z<1X$Jct2(P06(I$>Ol!Dw{IiKsz5)NKmmqZr)G2*+q_)0!6(pMvFCf*8zEp!w2Vb7
zV!Mh3<^3$5x<uZIcxlZRuHD3z>=0J@ZYrFzX^^krA&s(XYZOB;S)IkLKxK>}o+yZ~
zm}11-KaG)JZD?ahP4W(R7eVh!g-yNoI#v=p1t-9uCwK@ynt+l+U(zVNFC61{a-T1H
zQY^>ul_`lN5FvW<m-!?A-u&Nxn_ud$=5I&;)BK@saB#n#P^wh&y&%T8TvrVi`+mRU
z_%*U_y<A}CQHW#c5uySXrJ0`Ohwy?B3~u%;8o)$Xa5DZslPmpBLNk%Hb4Pk8tUZTX
zf}pUKTKq+`UZs5(hCnqv7s^10V1*lkD(w3XiF)g^;yOKuD${JF)Lf;BplY~ow^Ipz
zXDE9Kz7hcuj+_O*%)aa<!9#bGXLc<h)q0^D>71M~qo#a5U=PswtfL2lS!T7oqqx^B
z^IlJQSod!t7NevPTA7zF-8T89oO|6I^~&wD$AWa*0j17Gboou+l&AXaYn|+M^H`6F
zujLAlQ+ekoY1p6ijlHmQ5apkJ6M0boLdu)*26J**adO$Kq}@})@2;eo|G$lO-B_XU
zuR#jO6@e{t(ru70*4*owv1c4Xk5T(OxH*D^LaO98E9BCp(<L<+?St<K^}vDC<>cq)
z!FSKP?w{y+lU0JzSqWVFU!P}pxuYJnMY%*(rEgZm|07<a^RRYqdg}tb69_!<>U4tl
zAABx&u$HFO&6CEQiD*mRyRbLPqY6F001-5t69zSA6XoX8YVHu6J8QIAoGofdr01Mw
z7luHljg>yhj0H1qhS3Z8V}N7@bXUzg+ZRGQS(D`%#V#)5hSL_=$>{(_`tu6jm@{*T
z+e6&7g)!b2Lyzu(<2W15pWXcNDc|soI<!AN1qaU9pflk>gVRf7Y9FKKF19XXz?x9+
z77~8LM_E(gIZ4R=z3H8nnJ2P{Zif4t+t>vobf;&nGnVPbci|@zeYki8lbx%Iw#C<x
zxuWe1E=a1Kgf4{XKH%><E7pfhv7Nw6!4f~{va8DzkblA_;T9C4WgHir^?JV6?jy_T
zr<%G%eK5zbORc9YEeI+VehUM`C9_~IP<^X4*KE<sv+S|Om<6I^zAwE;(PLZF(sJmZ
zeb`>Id?p8E+tX=vT;<v%9TlF~;g4KF*nExk!vPD{H9MZ<M0S~EsR(x~9+^66UXIt0
zZ8b6!ybdWF_Vtce>Th(&T}XKdGIqA|vQr|huA%dSdNoZw-#-Adca7GRR=T3xkJc8~
z1(Dj^ku%b|=frrLgHr;+7EaW6S@{=fdP2D<sKQ?MQ;1gue_{I1&8*yvcute;{0$Tc
zM?}17&HHRaLgsOkB)}jSFmLR4YEOR9r{)(PYzGH1nOXJoU6Enj^&#yYk?9dzGr{R8
zWA>bGZAIr`oxz0yx6!%&leA;^#s<zfzVw_$E2f>fn|Q1wTMAA&gPxEfzGwnkjx|Z6
z)V}clWs(IP5``g3BXEJ4<{mQADhUN;*|Uzhe%>mf71#|Kam%Vs-zur!<7%sEL5Cdr
z98r$}C2A(8>j-qF>pBGwe{Zm7P8~M@;V~_Ft|_cx+bn)Lu3i%J2v(Ba2v%a&&KEB5
zpn&0d?+krzHZ%nt`H5bV4168TD_aUtx%J+V+XnlJqkt3fhL<dXTKIYsF{oz-ouDdR
z))|}67JP4by7~iK4J2AmfY*ebM|eGW22!ad!7(_tRTOfnUHzea8W^;UtN%K=+kMJC
zb*TtO$HhN0c-z|c#Xam3!7c7&$H~06j{s|jY{lbVfY6u4r-4lywt7u^K$3L;oe<XB
zgMgQ>3yyLbM=yPcLSr<}3?`pUG0&$AxW7e+K4XtQtGpJe{k<2q+mLHL$CF?|@%d(h
zsD+f!zF`Bu-p<y5S?0T9!yW!P`qgIzHbSrGzs&#j@6F%-+x(J$HGfa%pXN_4goC@X
zLDfRm&xGsg;Cq}8Iq1md*)9HheeZA({43vpSAhuMut|NT4%wJqTnXEQ{csN5)e*fv
z_bx}h2J;`tS0JVPLMmRQ2O2N49;#gu2_bJ(;HnQZ?Jo1Xkb*wrtx&6@|FOa1mh6J|
ztlQ@*;2$S;zFKhnb3+p{8^|Ch{S?ou`LeCcareXsjn=+fWr+Bg7hY`!#MxGNhXo4y
zaQLDHF@^l;5K&$I@~{5A;<-|*(uvSv4x^txe;;WqVcq8|awxIl_=&6+i+IYW>jj#{
zo1R)e&}y<RakxZYE#KmrI(*-D!J7K-dNu1#WR~0Zp4~&QhA-eyV3eoL={%5W>lyzK
z^bx;%8xfROR?s*2&+*{cp;VixU8ymN_5<L1c`g1B#;VHhcY9kRZ~YwlK3n}D@q!c1
zq&<D=Fgd0nZA_Bp_^Tm`Fai&@+5Hc~c*8?7<6tlz{o$X&NHp~*U3z98fm_uirSoQq
z{Pq1Q<dAnHBM8ssoTBCVt}e1={o@qaBPYW1bMklipJYiicQWiBUV5}wXCLMs)rNW4
zN38Mz8no9#ccH0ET}QatQl-qc96~H$>gZtLdr9H!1Fw;VQ4L$C%GJIl!nVih<(3b8
zBp0YB?y4(nFJ3#N(|GsN>;Zk)Bb+bQrsXf*-U5yp+12#{<17J;;i{HYy-)QMcqXU6
zX(Oyf2%lcES3iyt^{&35*AH?>ZL#iJfE+%V_|8%gfUe8C=Oa)M^kN$MSFPqlu-N)%
z9SHYW1=f7eKO`XbZNRv=Pj*xqr>XQy8`hkenT_i)o{jnxV*5tZjQI5u3)K|M`Zmi2
zR*&%ktuBtxGjCqBhN;KSj>FTj+w(-8;1*5wJ4~1Q_6ez<=y9H2FGo;iXiX1V3Ayvy
zhgGc}(C~C|t>&^*BBE^gi*=JP)*9j9<RdlCd$S&$;Y-x;rSJa-%Zo$RFI(VY-_i8B
zIk;adJ^L&C@B^kgT$sZxA|Byk>9WrU5{yiRy!{zWb<A6gM`0~*L@7AgZ^%=n|4r-s
zNOm3cJc_h8yEnQFW1H}wIC8+35Bm3@@(m@fN!QZ|^-K(8E<GOr(~n?y!Vv$8OAOVQ
zdI7K73ObO)ZWVHImQ$z!<g<8Lcib(lLLGC1b|q|RjHv-QEbU0fx&g8k;{2*EuXI#a
ziWxjq0?Laj0OXT&U4#MZ*{{s8^&-SeFuDlE{!LH_=0>XgFVBx1*`>LJWpYC`D<|2U
zYjWW~5Mw!QMC4T1$>KPjDR}J+-Ij4!3Otzm;YrkFEpZ{>Q2rkfC}2<^@mEmFAFMMw
zw%lsxB<r~SxJg(Q->2;%=Qw{Y&se+NlQN4!7pMX7T;;XaOwz1ts>io(swc2^TjW4<
zT?}Ndz^Q9@azR)OxX46u`Yz`}_E;Je_-KDb{^QX02b}u~rHMb?p5NUoPPE)Re55C?
z5F$&h{zZTnZ_Lv0x-+K}k?%ra!IdHBiSF}7U*}IjW8r(2eT#wrR$S_St;91|(_L{^
z0{2D}wo(QDGJpKvo4@0?`6d2p{vqc-%|H7Q4lYvxew4`d9)6K8kT-HALVuz(+e(Z=
zc3n$Xeh9~Db?aS=JqnCiq7#X$<jubowgkY~wFHJ+#oPt@>*W-N938+ZjN%&on-o9r
zRA$|+T(Zpi`-{=ldWKuofTf~CO&qUc@nX9g2I+q*R=QYef2?BET*5K$JYME3Moy3+
zqhDJAmWH>Q2wHRGT3r+)MN-C$Ij=1M8N*xEN%)ESsS^hQiX+~GN9f1(9P`3iahNl>
zB7%vuFm3_9xl(3Ko_$@jqs=T~nxBtnLSQwt;V_~9`eqp5{T)#7d1^W1P{6{MclpCK
z3Pu4}n?#v=1kL`FZ1^jYN!7;z_}*NRVJS5;J#(`QYzcI&j|B%e@FlJ|zD&2qEJb7#
z;Y}?^Ht2?=<nvPJ+K}y#ar)CW%TaZFgsJv3Hd3q4WD?}J&uPBPuNd1<zW2}Qq-sF4
z3e;Ryy@bETwDO}!9FoEIr?(NDf1<Ra#)kT3#&3w!;9Tfs?%}J~%}`x+6xmPoLQe;m
z>nn&!101)Gh=tHuzlR-SmINi}K5Kbe-XZ#lQu(|2p}Y$TPdm{ejYZ%~<pFQ^&u^!r
za74R8-D`VY@+X4*^e@5M-GJgBg-3{_X1x-<HCG%~{u#IkCSy6k*yX~P>7gcIU8oCd
ze8%9BNJ9om(&?@TkmVB$`&aRy*!c-3v;s*Af4`xQxIB)4y#>EB>=Bf>W+77oEd<>u
z3aU9T85R9;=sQBOb)`ZpD5MVUp0i5-KcIefL$zf-G(q#ojuB+lJy`0}h{H<OGZ=Jq
ztlQ#&|KBweRk%Bf2z6B=DvAK=DwHKf7^;w$#b*9=!I<z0S+8ZVB}07a6kbsyWl4&~
z{tuI@azfML2q{O)wzsW_tTLmJ)kZfV=jWp&?e@}#si$D%2XOd>o(pT9aEBH-=Y_%=
zt4jqUI?qZwjnK3|!o^DaXmCvZksb-C<oB!hA2IAwNx;gp)@{@>9gdfBq{j)e=n4Bv
z@`23SnN-Kn73z6A!cUI4BH}B%0IV%D(R8*fRV`g8bs~~BGtXDeM;4H~IsBvz#E>;)
zidD5`m4K+`bN+<i0fp1Oc%JQpkM<6Y`0J~eRL)<Cp02zyXiUF&S6M#Nk}jGKP8Ss^
zzbUzJ)LvSGUEj5-p;T&OH%t9X(BtGP$0{nwNc~NtP$E`9@;^f=7ARTx-=Zh>4kBC7
zIjHWhcF3UP7)Tc<S;$pI1PevO4j@;+#|_ZMpbL3314dVJPHgI&Ajvyma||lf%(4n;
zqTY!w_+K_g*c<~3Ip3%0?w}|cCkk{<5JVR3T|W_~Nw{iU<R})>SM#JvHn9|*oII(Y
zWrzGSfAZg(zw@{G#s6ylpNxN+|G^m!4)Ij(_W8I?g8Z!L<g6Mf|NU;XsW3;WblzEC
znWPi-<dX57=YNF$o$%z+|4*Dee5AyjN$6{nJg2T=jrI)LlQqzxxcM(B@g<S#^RfD<
zHqX=jY-=*lo2@z8|9Y?g%LD(K>Q7XYmYZ`9Xphb?_Es-Ztd!Y5@M>;OIj7%OBFyKK
zGfn-;muoAt7TZG~@jpsTCIa=%A_}?l{^t!-F1h_V@@E$V-&;2hc&j?S4r<-kcO*m{
zEvFef+@)N~U&3%!S}9u8{4YWeL5urFUV#0C4gCva*Lo&V<#@6J>$YaUd`Vj4gW$-C
zv%pq&LLBGYhv{#WBjtOi@ex7{<+gMKZZ(71+N#a8*V6V($@<Y~)B>>sB4cKN8PCFn
z1fa@DDmwNZ>SkK#edZSWtZQLf!arcT-w|Cx2UHtt3Y}D`Da&%iDJ?e9mfB_bpQS=&
z-)YILDq<#lZHVp4rDCDBrB}<F7<sp!`X_p0^{)@#s-g}QiD_`t6~8cqWR?)ds`yoz
zef%FLDX-fkx?|fq$H<eQsY<v(Q=H{TlV>aOLsf@5N&9Xakv2L;Y9<3c<o%oC?1DU}
zhUo2ue7)v6FTL@vtk1BrY-h>=NB0@?XJOMZ2Y0kd*Mv~eXfHFOAg65Q`&w<5u%-2M
zHJbssuSt+H=B?=B)-f@F<#22T77U--j<6hn8u>DJFG*MFoGCTJzO!x*URUb2nGO3v
zgsa=Tr<zn0dhMZ31pX{Aiq||D#0B!rb?G!8)-`THaxFRcYBx8p7&&orXq3j3Il{eI
z@==_|hILg;Ik}RG(<gL((^WcPBaX}#5+&?)^B|T(Vze_3nw*!mC2xx?K0@_CSn5Vq
zf0b-ED4xt&uBAVnq`A>-KIXIdgU~ZFYmRPKei$-AoVf|d?R=odDL;&J1JM#2#!)8D
z)D!Qn^3|koi1XDftWR^BdxRYk-IRPIPOPR_qt`%brdGP0>%f^3i+rPH>>S_`yZQ5Q
z8!za1-!uwsT+=_^^~nJ0M=N*;&qvE=kUAwx!ET<9W`enON@juqbxJ0J0X!c~7z64Q
zAAyNPjV(hL`;qS34^^bn%pW{RXG$iY#pmd2(jE~jNo%kf05eWUcI0qnH@x@bxS^|}
z9%spR&!SISJZvbrS2d!$l~eTwTD7JR2j<Qc9cH3{wF2w=4wb6bI&SxT_`25gv&anO
zQPc)6m8$XsMvdjsl??7Rjt_kHq;$>BzuH8gIe_htUO-omVOPRQts*S~$C^m`!#Tv|
zq}4N@)|vIHX8INYb9yxsCWQ(=_t@p8@|)8A7_*W0@{v8=(`D+X+Y0KV;sfF)6{{lG
z<_l-E7i|(C2UUyOz=d3hR&RrBar1iiGY|VlYpdg7sORpdC7|i8W7}1cHLgc>CogiF
z#^JDSTjMP6Txv@Oms~4prKC0}bb|x-!O9JO4~L)*6j<s!rO=iXC%kJo>XuXu+AK-n
z-!&X|(@^@#P5lV=P7WjW9+bhvGY&)bJe0xMGm2)Afo$V3Y{78;49>Z<*4M6QwE7%x
z7|N>t%lzqoZ~m^|<`?^``KOltG(VZ-<NW;k<uz@^dl0FEs|$^pl`Fu-7xDuIGAkw+
za=x!?toMjq0Xizkbf|?H$@Rhl&xf&7<^o8dZJfg|!VkIMIo&o6=Nk;J_Avj9)Ld9G
zSFfh@O)>zys9S4}JlpZq*<Hbj+wfXKq7K(~`u*H+%|fa$cF>9qu|(xs=im&Mjowy&
z`d+P)joDU~r}MdQfq;7@G{N5|I-@SuyLo-r`_44MbN1afbL^sChLfT@a;@wH%S?V6
zc9PUt6@z^NM-YSk9z<>cmUnCQ2#<cyevO)-)TjEFdwKIr3e)1P8b|R30*j<Py%N(a
zM`Z;9Y8apqNZ@dzpAB0Hy)()px_N)vmfP3S2xsA$lTrV`c|%>X13Ql=ODDGgrk9$M
z#*ue(^go;Jr80DaoE-Ed)L%tJ*X|lvXl@QizvoNQBO|yfk6YqOfo8wIeTu8^7&}&d
zpIn&IU7!<w?U^m(xvR3|2B}|si1xX2*vgk^lsnUO2hUCv^PCmQw(cmFH%%0?{A%8C
zR_UZ|s~EdMk`_ZRROg8{Rfl>!8_3X?#f1EWI<+{H$zw=krL6n22&zl~n}&_`FT*yL
zFwxBE;{&d$Ox^QlcCUW0gdGfFPn2=1hfz#^6P{1ow%PA^VIj%OlTF(MoD@!ZCv+g;
z-9XE^oUA9Cm^u?G7FDn7-T+!K|A{f{;LoG7%y4FHYE*x5{>j>fzj~D0zsUlgqc4l&
z{Ya!;DUy8Oo_m$PP-G`gQLh<+R{+qp9_Z?Po_UBo;}u}>5co%cgazFVE>+H37v0Gs
zL&^q7cio61(RpX#e}%F9v4@b{`JK|?lPFPtrB2a;M&9B^@GFREmcR$){2BU$B5;(E
z=-ye>a*K`Hd3G6e&6kbwhJ6azR-pl6bqzRQBh^{uR0|9`f0&#NbD9)B-g)clnB#WW
z;&x{Mxn`@sc1it=WsBJp)W{tb(3s8IuGTs4;$;$yx9m!?56^_ex!1JMVHx;7g?!wo
zYp?}O%vgc>!6Y&=T#Y;mA_AT?mnu1FAt7n2Up$E@TUfz6GCHL|tX^w7WL$7iZGoJK
zS#+M;1ZcYjpb5(2%Exq%Uw)lw+AFzCvr%gya`#~IpK&^jXncPu#S%7Pld#|czr-Qv
z{N_@{Ds>92OAI84uV=#hzM3d+26fy{`tnvm#GNbhXz|9jWGc!Je^c(IBg1!`rb{NA
zWg>>}5sgYM=TAIdk#!XEq2{llq=r=6ppA3~9YwS8JCllR9!VATbze60W_0BrntIU8
z$J~_cLTw5!L}6|k4NAF<kHL8%H40uQ)#*_ax<}CR@$QOCTs|vbW$+k2DG%b2%Z?Z~
z8N7?R@f<gwTGo7=cx5HS^IUN8fu+s(HU!kXXwK`_qO78cYxFpvhSFXy4Qn@59l99k
zS!(xw5XYotvi5DZqlt77G_7oR!Pw7rZj|`FCd*L^`s4D<G1*uuU+0v+;;BRqQ_8s|
zk=6+9&A`m^is6<No`C9_bt;<YPA^ED&Yuc44<1-nm`}}?g6lQarc0~$Cjrg1V{&Ph
zydeDxVdI1a^91f`L)JNs2P@-^{Z!t)MCe|k`+nl}-NX5(o<8eOpyD28u4<^`U>t$5
zE2q}CNoLhu+>{M8oU14XyW-G!vpUv7`xJ*^+SA2hN>ZcRUS<>I!ICTm%Q;gV_%riT
zoYU4_V5uG|bk-7w`k*$&eP7jYvWP^gHrpi7eYoOQGbhZkH}1$gP%_9v{8wldN<4m0
zWmP55yZwc6AJTokL*wrFt+nX~NV`CyES$&#_Ms(W^GA_v%?@Vi`8LghU9MH5Vy_8=
z9k@T<-L!#qzO8ptWP*;p;i2FKTi0uDoVMa`iHX^duNU0d1M)Y$k7S9-9$eoTdDyfm
zKf4uZ*>wOzPk1j6BFd0Eewjc2@6F%++x&0-YW{_oKh00z4hM&IZ2m2>QIXaxj&X2(
zU<9N721`5loto)aB5MVYsCk#9pO&$U*~MH6uIO<WebLnpentzK8tE<kt50MXmqN53
z|Jg_eOxVDW_Zz$gT2ArS14+KA{ewwgQ|bGYT6WUa7EX%XLHDUN-k2(a<z~<gg=~g}
z0vX<-pAmM23Wh92eU?QwAcOOQ^bbYGSFv@{4(GvgDO)umGATtfIc7YC$sdZ0Vv1&{
zo?0>(#>mX%2=FL)MafL(U2mv>TXv@MuDOf6A{ca12Go?VLW{H%;s%S&TveFMi#Akh
z0V<^mD(1?N&>{^G_h7M6M3F`|L%dq|ta4?`+qQ2M+{JH)DXs%e+P*Q=7Ri({$QLt=
zmke+f(+xAoREPd#D*BK$OI7rt=w0!^*zYSjdR$>UL=;WZ5EDh_WaTg#NY=aBKbnBJ
zEQQ>@Vr<tqigHD+qQ}cDjfoWHU?ZF?jQ|r>^5nEN_pE196w>?OwzLE};*jfSJ?;0~
z8l7|!QWN!p;=1mfSMReLz$V6LVeVq{(2y%3_6%c$T&E8VG)i3tp(HV(gV=&pwTzpy
zIQILYjd~p2WpDRGC(07d)rR8ksFR1YAwn}cSyMu8I9n<e$TD1veYcnqpq#NVF1Kg^
z{EW`mJ8FT}$I13gx#a8et31ozvud1#O{$Z5(KI)gF2j%371IcI=-a8mYO2Ubn@UT1
z2i(pdS~3-e-<Fh&4G<1n_3aT3myPWO4wa3S1P+<>g}V(E^ghC<&mwRruh+tDC~u4@
za44&{ut3&uj(s(AHev!)R>}1~V$z_7Je!-KwBJN9{IN}wz0U^3Vpas^02ai;Ci(=!
z=dISADC@^5xUbQ&VQg;AV{;LU2B#zd>nJlw|B|}vVv%OJkU`h5nNHfye31a&#P_D?
z9j)4j)R~o-){(CXg0kt+tqcO@l8tCE?AGzCdSh5D3_s$yq@{^v^u@e)zzw=20b1eh
zQo-ov;GBV~Xz3E7pV{G;CZ3$K+#O)iBPPEjbLRkZ4<^e(VLwO~D=(_e5InPD=CeBm
z4OyEZt+>}+G-g)Wn>-m>()|=TVaiN|*|)HsP0cAX`lh%nsZd;c;61%q^jFPc-EaI3
zi4sBl4j*f8$Nemo7XT1T>;;*zQtSo5nB``}mm;YXEt7PTi3OPjOG==FhItQ=b4+)$
zaeV&8Ff(_(gSQ+iP%7gJHF+uX3MF|ovk@h^Q_g<c6m4TRolun9%WQt4p^zORLal6W
zI~Yl}pd$6@AY_BZv2pOSG*-tlN7u1oaAy!qQn>@mY96>{7%s26g%M2TvD6lZJspf_
z>)MhHZ<EyCQA}u>$YpUXlznUlHI;ZY5>6Oy3_`xLRBL3#I}}oDo4rc_{@f@j0Vnl;
zPC8ZJ<>5?heE?r1jP`GMJ2uF$n%V=brnZ~4c(-`(zNG_C3eQk#(<=kJ&!vdENpWs)
zoo6L$r3=ps93ij==2|0#{q>h~bXRoLWH>W&W+G<gH8YHs6!WH@XXmmh+)hCKd~T;u
zJ6hwZo|#%(TT5*3z}3-@w*)r@A0`B)T4Sz9KRytcm*e?Jm$oi8J!X`s(nA(y@1C9^
z-*|IWnXl7QDs18T_!3;C*n(%yl$zh{`)Zu0=!(W6E3<rTe6#WNccbA`ju#SMfo7(a
zPZRtO?)o&^*=5=f&`4H6N43si{qg9t5!8jT$`KjO%j6Fp!!+6s>UboRk6)#Q?PQkD
zl!vwRUVZ6$=ZQ>K^(>dI<OKEPPSXLb3i3vluL`MO%9=ynb?R(dV0&l_@LtLqN8NSk
z6q0>hY@^g;kVe~BeTrZt?!i!_mY~Jp1?&EjE7-O^!Q+}b!-KwvEx~8&Hu_=o!eTz?
z<_M0oOTuLu6b0!@MIkJ{53eqIW*giaq<H$v{KbE7{+{3F7yYaG*QEb6|1BFF+~eUU
zWd~{7w*>304I($ka?;|xb*yW{8A961uQBTV?@HFGRP8Vs`9tDTyJY0_sA(%PsRuxr
zF?d@W@NV=!--QUrZsl~5-hmS^-CaI|NHY@<wsN~jW%kBy+|TYo!jJhhH!pD8Truo?
zr@7V53fAX_V2T-pI$6~Z3@kOA2J-AbTwQ$cGv<+ot)yLq0N+i>WU0=QRjN?bJ?^(E
zn5D<^k(yHZR07mv^ba`=R1CS%!6kOuVUfo$fpCMK6}_MIG-(H-TlapCNR!jYUTEH0
zl)4~wfQenOglgp9pf^2a{sW=<`RoH$wc~t#Jp^1MpOg)`HLIXf*{jYKf`oC!T^M5p
zc6U>TZKeSm-kn;kl(+!tAK5Xa+74To;}LpI3h#MCjT2m)8Z{9td4e|pmD`vpER|cB
zK`gevaP2$>4!hT`S$ccJGV46n7Iv;Z)(9Z@Dm53*WspNoiArGF_f`Tx$no<_w9LbY
zIC~*cYsovSZ1iofj30M$)uG&~m4UzoBQ67gg!1maAf$=E7Za+!N-W!G=PmdWp>z7-
z!!Tuwclgv|lyjW$*jkLs`B52+LG#pwWLC_un6PT<!J2{0k{2b!u9>c0Q$Fa-L0vwm
z)*^aCVsl0}outaWPpCc-ic26u^>cr-St>pOI;|T?viS&2gX=HvSw|~7i3KIW+Us+}
z<(;<zLxuY5OUMzUAgqWe(vUWi#~(kKo?Rm09o_BgYj&$%?0Fy5#kpWB3*;#2=8o1e
z!RZL$X`+KtK7N6kRcsG9vaTQ-2D#2{zGud(zfPCfu!w|5Eem;IL)V^qpx~`iXoW|u
zVR}6MqiB7R(G9hs7l|6Q;cxrQx+>csB2cmlIkf9uJrwUYFX+W&>aMCN(Bofx^K20%
zjDZYUw7`QHES3#@EZZl6jp*d_f;(Rh`wAp%T^zOwC~c?~!!B0ns8$fNWgcr3=MMCu
zk)B>#dzYLY-1*QsHtzSOO<3ct7sXpYinw(Z9I;7&o_V_(e1a_>J<(XYq|&`{^;DUS
zAX7o^#ol38TPH1K&)%|Qla?<&sVqWUiB1l+vHrj!P_qda-pxlG{CE(F*6wbDUsBkU
zZ1zt?_OK@s;zH&_9u6<j%gUS48uC^G##VWgH?zUGxKa<;BwcBw;Sz_W#G##Rq_k_l
zUp2!9Vx8}JN7Nn!I_;v%NH#QMQ-}L(YMUc*jrP(U7c^;SK@9};%c{3@Lewc4Ux(%U
zH}efnl;Su$2L>|qalL$WR!Qf>W*X2h)}9Cj2OTEDgd>;y^CdkG3eI#l3O-DSgQ!4D
zI|9L9FPvA?4wY3L)it=$5PV;#a1{uk^{zRj`f%Ffj+|eGX^9?Oo2r?YU6azRy3K!1
z>C{T%RNEYi<F|i^=NCl;mn8>ouM{Rj2WBO!C6pY<4tk%tyh2}bzLdYkOYackTK>=y
z0N~37$Q4E_nXNyr44exn{?cn!qbuP8{P0JZ1lQ@m6#UpBw}*5B3Ax(o@^I8^6JQ5d
z(Q>H>jH%LWNr=AqqK90k_iC<!M1s!SnoK;=8Z4~ssbNxd&r#O(T#Ne{mQ7StZhME@
zw#K>CeWvSmHk>Zsot7Awv1;`rKUoA~e@I8#xps-_wd?NfkOph|aps6!iMGG>CgbKp
zACA6c0c2iKcW!2058a%zm!FdS*4~y<j;jh-Q@*oRz$sF=XFT5kKQ3Fy9vt2I<Rd&~
z^V>-IuWK>umsI@sp8Q^=#9-A(9md}BxV4Rkm`f8^5ruU5SSZ%Um87c(`?V<-PZRR^
zk#z%+XeY{0*C;!(H~WaV#Y^<Ctxk&Tir_`&tZ_+)<X}0hF;fZw=2aXi$It>f3<!Oe
zfRu8+^2f^6C3d`tl1w9bZpH$QqsNKS7v;+S-u%74%`fs-^Kae!Y5vH^8-#plkI26G
z;BZukzfkS_jzpk-<bL}^x%?7qQ~$|*c>WPey5kE`O2U*eDGq1@D10>FU6O34Wzyhb
z+}85Y*-G0Gs;<$d&d2+N7dq$}qaYHi)u$pEtvzRXKfYN0j9Q9B>n{t994y;h0%pzb
z1y%?)M?-fb<@&Ac7KlCRQX0;s5L6biBZ_ayt$LUnaOzj2FaJ<Vp$pS{Wk#AJ94y9^
z?8>;``%5N{CEX{~$*f?<%-r`G6yx~?oH2k_TCV=fAV@+;wv%KwB>tV*AXTlQUYu6Z
zS5}qd+#OFor2JJ2SlXJ~6Nisy26_-`(j{V=LXwz?$aiMFRJCh2X1y1XNb|=i_9BcZ
zd)!8zpq8Sp;-b`}e{{rNfYTgT^PcXnu#h?1ADiBx|Dpu3D{^D;+C6hE^ZwDl>3-YN
z>nXAn^&|%$$$5_ZF~;|jO(Dm{Zg}en3nvu|oWlo6iZLNQlP#iL5aO^k8zH&xA$*8y
zy6N1T8v4I*LY^8rZX+=AJ;`ODb*OmrqTs><F+MPFECcmJZB*c#8JV<aqDC`z#MtyK
zj(P}93o3gl&N%R2Vb;kZ6Ki)Y0CoCN%^gOknRxHGoQ77nmf6d{k;+zJm+KS6uc7|Y
zH%mUt3FaYMXA}JKGNZzmv;%*4jbOA$S}A?>OGSsnCpv+5UG!z)RWqoR#=dc5h@>jU
za*F+{(O_=SJ?Ac@pxtCbZ|MF(_zl{IsGj#1&ck-T=dku~d?;(S9CGalhhnMLUC1^X
zZyP@QBmZBa+}F>rZh&KF$HksAcGmFZ!I$W${8Gg0^FzQpx`%+w{uLgGL!g;}1b5oE
z<dKgbj0<wGlz$>JY(I~4@Rbn|qmEGdss0ZPde4CVd3}_5s}WwfJ`;+2I`5mV`NJOB
z%}VUg<j$t@!sC1mTdg5~gMtZ8m7OGpvmujes4(3_z0Y&ctzI}qi*{8My_8XF^l_E5
z?V@W370;$35pAiAoGf|8G1|hd80FJ<3~nH)(c&#v9O3dTsLE+eXu8_i$^SBWvOape
z?kMC+A`j|~nL7GUP3>+?1xqPP)lY`X#YF24e(Jn^h9l@Hj{aJkF=ZLZ&Ra-R+rPqg
zbLWdeTf}bXLQ^O6ACcsZ8iHn9hGy&cn-b^VLGD$o{3k4-b~D{8J$nNcD)oGC>-iMx
z-#Ua@)Il`t{Wy03X*rsB^bb;vUAvw|4<8gtG`pIl{srbuIwENP28vfUZyCwj%h?bf
zA{#HcNxSuRebKnY5R#Yo6rsN(pQyV@q2ym-sF=D1*zq@r`}MAZqK~)OZnft#|8s?A
z+a|`Lp<h4?6qM4hfXBD<R65OO0-nUWqkt<%%h9KpWy>SRv8_Klu(b{u=8q`wX-F5Z
z$V?o_O<0TXhrbgwf^WYBf6)Bh6R!d0D@ULf_uzPKOG*|M<KZMEcQ(77p7HyAlc$Ft
zB)W8i*8svN8Ty9jFo7swHk6CkaQZX>wEPoU%gslYb*m=EakgJz-yqG&4ie?@(Az+w
zWP^|wIOnkR7z9l)6m4hUvXm*u6O{)Xh$^!$u`_PT_%HKU|GoM9ew$zTujW4}|I_>g
ztZ;AvCo0+srE;lLAtwU1AleZ@vPu3wV|&QexJ$set7&KS^43@zq6p$&iNpE@<faRU
z-&eFf@>oQwuiZ)IyUuhmM^lxTd^K%}y!^?sZ$<aMG~YUO$m3mZ`)9~qZc9R=9Pbm$
z<t}$}fMu$KD)#~_FZ4(SS1Pf7<KPpf^DBD<evshGD;nFE?BKM+ImCYg$`)gv*v~(-
zPHdz)2sXP?V}2;w(5by$qcO6>;%p4rp6_yC(Zj@Jj|od0k$S&Mp~pfoDz)AiEQA*g
zr8w4-Ob_d`$8i1ENpq_RGjprXiH}fXtzMNbEvX@uu8~ehZtv5@3^p?4L#?+B5kmFR
zP@ZG%;#Qtzd-^(;7Ve^rH^(DGj@jjrX6D{FJX0g>T0(?nYcgfUkL$^Vi7Vb9;bx1>
zcjV41HV^3w`)l^wGV)td_m-|V#1YqjT~oE2mx=s;Na|TpZ>s)#@c5Sum3Ga`5R+is
zad_;&?)Ao3LoZfR#{5IArPNflh!#M$+NU9*-jO2ONBdg?L(r^Z&Z(%|yE=Kpa-@tt
z78LLx3sQn{b1DXpi>LnE>XeSwne+;wIignH6#q>N9XhFALPLksn;(SCh^2t$F%w?G
zeWUCJiyGMor=qbD&e=kM;DSj8$E*)P@Vf~a_pB7)Mz@ZIX{aq+>gKwtJP>-8GP!52
z`>syp_9s(bO1n*+pan-*RB|`#FoiiTm?!MIfTo#3D9Mt8m-f`c{t~)ZbeLeVSP$#~
zl7y;mUbgUyz+!a9dsVMbB}6>k>s*&aGVUYfb&B$Zp+xo9J*is_TM1*0IE@8Ot8guZ
zc{^p&+j(T89_<>khJ7A7L1}ntUkcF^4B`U@IrqmJlSo$PX2Mc4cCyr`goYXJEowGK
zG-fQSIVW}wOUn2MUfz_L)sDE{+>azJcux)h7xFC1<ETL}<Yzefl5x7aTu3Sf08~IW
zuKp{^pl5766H;q7Ug}udpECldvYXjR9s-+>IETK!za_3dlohzAE(ya8bX;u!5Kk$G
zclz+XL|A*(f)KR&>zLh!E3*B@mMOCHi0=vQDph!I?8lOZXG*rTUcRQ6^amXdw?qd$
zqc+y+I_yLjD_%mM5sqGwqU~}T`{Qvym-RfTTfQb?G;wfBBn;j4MuUqRZP%^MSu#z)
z9#>T!GcnBjyZr|!8AE76$$Mp<g4M7+&6EX_qAK@u%aH?AJmU*jVgF7>>HXcp5~Pe0
zriY~^^Yi@@;#O-*L(769;%aMqLt>V)A=f*&jAnYKlK)!cT`H+7@jrGkW1$G+L#Fi3
zuy5*DcuZaYXKW4b8ux@gVshv1f3E*l&KMe%sdb9hW#c>w-7<C+_;8@hPqpwTm9<x|
zKhmi_9_hG=EI~YqhVsn{q2+6+QA8E9Yq)C7rA4Ul4tk#II<;f&f)zyW6?iwVI+AxN
z#VfDhw&1}!k90lH5cx1@b%m_Z%hlw4v`XWPA@=O(-Y<8HGSJJX3=Ye`sdLho6gKvs
zJ()t#CPUsePd`o{oxCO82km}#g_QJuqKj;!Dj~a5(ZZSxzgJaPx>4RL(*B%(#FXAE
z&J~DfruK<C`H&~M@^LT#02w$I_;m6UbEx{`hl&5WUUShMYW-$D^v^Ruzsz6v_vY{a
zZGNG@n*UV)PxBY4!olH(bu#LMB!uHX(Sv$9n0kp!zNfe#N2vS6nRLvV^f0Vf5;B`e
zJTb4pl`4@C6zE_)%8B+qc^G)C09)}?ikgv?$Ecct3+AZqS&V69P(INSTd&l$TfW{a
z+sG3YzyBCJ$*L`+NF)4re+iZ-zGk7-lH>U50nHHxYr}MuX61zzv*!DSrL;cM6^kmq
zAzKbnpe5|1DQxWydU$W|^1$EXEecy2y}3A9K=p8bwzTkFb95yGdRTAoGQ-~jB^If^
zRlB{u>Oa<jF)Dkztixi@PQKg;={^Hbe$S5cF4MSoHF~x*K6-I_B5=pe8t{}=>E7J^
zE*ngWbUQ%#EBZAb!`5>ehqYaiO4nQ{{8ini9UqePL)6mJ<AlIG@d4VD;QVL>$bF{h
zP;ieC9)N7P4f{^%JZ>v>uXt=_^1<Vrd!bQ;Fhd)|Ga6UN0YsF0(luhSR&}-YzNu#S
zP47;U_E>=1jfp2T?0V$VLjIKCqIBt@x(%Jcv@%*XC<xFqzu8LUkbk^{s5Ojp8i=DH
z)qOVBO#!a*SlW8(+^m(>I??)YJ&;s%C|B+!jzjt}pg!VuqqnVMkc1aMmsh}g-IzY;
zX73%Ps3!log&fbdX?kh6h~B33E!k$-v$jyZ-HfD}v>Es6l#iG%xnH><24inm`n*KP
zz{$bu_SJI@-MC6$J=w0Fx_FMfgM|YRZ}FLeBKXO+)XUcAC{#6c+%-cN8I8Q(p1*uP
zSbsA&Gs9^-Fp_>X%3tk1DwQ1Oz7^<n@dLT*<NOJVaHpyMUG~NIc>#%01YR~oHwm<|
z$yKwLHDTL{LB?DB%3;JcKfB3o>4-@qUq!M-;uDKR!bvmbhFZnK3A#{NEQiqLqV6q8
z(V4=_0Fm5zaLz3l_GXl)s|zcPm2^k*I?_J`2&eq@hJHm|_uP(inSjzbBuz$~Iu(Y!
z0_EwCg%v43aOWoJ-B`_lVa?MNZGNY6Q^g<GBu(DT*}^0WMbaIgDqbWvcenN`($^&x
zRZ~yA5+0x0v1t7cNpTDFntaf;W|z!w_syU@m?F^Q<Hn-2dEah-8EB>#NDQsX1U!CT
z%kri8h26v(;fN!yAVrmln(?<WrTyJ5KzMCagwq_q^O^h<Z?|WTcx84a=e5t|8PQ%=
zU<*lqek%Q?YVeTY0|GZw*Er}oq86IgXNN7FXh8(SgDxzV2%($kueckd+|*f<Qkg7(
zep#C-SuxGXSxRDQrl4pJ#K^m4KFny_HCvpGvL8W~#khXixt37HEhQSqB)K4=Zizv`
za6$@0m$9Gq!8n@{{+3WZE#|SgXqe4u884+F7PUUr`WrweKKll{p3EoW_tb%Gy>5b|
z0kKfTlZY6&dIY)1VwDDW`&t6a1>e|GI!Yn|C{K<RZyPb2-0>H;SGiCrncjweanqSE
zF4@K@x76QlUk~U$D*5e#iSR|Xp_>RmzVt1F&2)~@H;|R=;H2grKF<b$=t|?(MYh{B
zhm^D*hC_mf*#ZdcCrlT9yKIq^TW8sB(Q7+eTf&WU;fu(TQt{68dU>O0D?4mvLZKjt
zz$hXHf;Fk)_&1`BZ{0W1ZgBFnc%w(JWx``E?3kn@Dd~jKfs+_D20?4z0^fef^WUIb
zd6~Zb<kX7gdiS**$s{3vwT1Rqe7lX;YNU3i>wQ&@@#1L&9k;v^EDjHTTSpRZNtPQJ
z;j2PvmiEm8&!}x;D_&6VIg3B0UBf|7hFRv~sT9Onb~IU!nT%O>)M3x-!1m;1L3^Gh
z;sdzryp|xTN;#o`)aNyf7_I|KhzM>GO3_03n5%Ko@%}XiIV!!5s5uZxAah^ZTC5l<
z&KDp&l+XpY4J)endFvp(`G7bo&c_(~VvenMnQGh{pFz(YVkLf=zv=JIKk(c9f`2vt
zHQt}*e~||V_tTD6aXMa~?<)qcVVrm~pCV@(M`mny^xJnPI`lS1SwmDcQQ4lvjT~tV
zZ_7g|2~KyG3!eZ#beShTkV?{<k4^TG#7k%n#t<=guY<zQr4K3ye-=?Pe@$8QTC=5k
zvpJAC970zwbdc-2=$EQH5p^T(hWWGjwJ^apM6B57H2H0Lz)h$2mL(lI9`&B%!0KE7
zoVaJsu0o@sE|GCIqjBvq&(r_-%|ejx&q{w5BBlfJ(>D39>U6N^N%tQYHxF~_$|hkq
z39`Q7A((<#qHkuQ9+^mlyE0H^$@Bgkjh;+d#2TYDzY&@>i@dV%2JryIyx)G1dTU@j
zP0atL&#8jHPR#d(7(>kKxYAGd2Krp5L6R!|%1(j9(a#Dk5K{Dsa?D>*aUy=583-8_
z^as5aW1Wy-&EX4iZQKgLKJ|4?$IGHM`$oIN7uTNf+zsbYrJJ9?17cHFHq6=js#O8G
zRRKW&&f@J5a^VjOy>G&?FE|L@YhV1x=4aE#-Spu@`h>;eYYBc?cSkXOUixXSKFIQc
z$>Qd`Vt=l)&N^zwBxeha2~1k&fiC=WGuc;5>5Dm%9fY1jEqU0`!>GJs;<i{Gxr~o7
zgg`hT7^rt&BAf8(ah%~;?L=_X_*v$8PD&y7g3PFbwEB_$HcPVjxQ*fc(6wQ*?Di>A
zY1ciPW#0R1GE2koMg1qTnWiOAi{Dgh7{-f>R)H%<YQ8$^YMXHHc3=M>oXj}OKeKo}
z+v0<&>-^KmiOfB)t^zu3?%?0*BisehL$9u{?5$w8U^<y`s0;2sM!pOv;jr#t)l+em
zUHl4Jwsd7E?q^*~sGe;RwjSL%Mr*+;?iD;4DItdqlpEq59<(5s54oQ#mJq;3Z>qyC
zUwdJhk65qNSHyd;fn#b{FAi^JsBgvYsmw<+Hb<)uZly$0&o;}Cre-2;J?{ycL%iF^
zr&~RE<c%LT8Ly0ZQjL%HEwD#dz!hV}0$ex2Wa~jQE@kkQqtEetJ;`H(b+M#gKjo3?
z3gJ7Cpre+lEX)e08*Rf;k>a=kDdTZZqi4kzbQ*<RQv?iSph`*b$a7)hRb6F;nDpR=
z#%JMZQp^U2&B#A~;h0~OTp*0aqP9Wq^wX{+t1aamRba5-G@5Oc%jbQ}hgT1u+`B1P
zG3w+|@F=If*g@gOjjOUp)Pi(0Vf}kwE`dV^LEYk&zWVoAbNog`-&|dL9rautX%`EJ
ziTEs2d2Tt33r?uO^R7Lv2^Tg!f>>7zBWfdD_nFn-HM)ZMWz*i@C&p};h|EVg>R-9k
z`)m5j+pH~c+$uSzH79wmSlQMe(I3b;(>{#cb>9WZJ3BYKU!pi?xCf6qL^ViX606Df
zKxN3`bzW<49|tJ*^R>N=j}7t2WnvvXiKxnYze>QNF}aykm2T1L+^3v0P}?HughS;%
zaG#aaA|*nLxq*C4J*Iju-NwKYT|PL~y>a}3U$G_zHZZn|#IG8OleY1kUrdXdb|54x
z>{iB$x-5RF@9`*-Ut11us-KHr)*;4z-NUx^_T4>|+u(*>?H1)!|A*BVSJk%~^9<Dn
zb@)uqgPyBSuIkYZvfTx5=JN*%-B!gQZ)>qfizbUoT~un7NV?4bKf>MuDz0W})JB49
z2<`+3?!g@b1cJM}ySqbh2_D>nyX)W@+<kC&_u)=*&imhc{_n1HhbgMMy1TmfTEkO&
zHobe7CLB?SmzK@4Z!yft++yY{lgvqY7eAGOw#eD#Q80~WWsW#lRM$$*FtST?EsGzt
z*Q!929rAL;Mg7RP<({&micDo{eX&O>?AoI$cE$I7-nRiyLchw;=0Xj><L3`VBv}Tg
zk*bzSS|+RKW0#s3hH93v_7OMe5MjY3-DwZrC*rtDd5N}@$!eU-p4(DQ5ge`UD_;;_
z5Zlvwpn0HiCjktA`Lgl%5%&>FbI(=xr3oj1Gr*zpJ@69fVCiAh?jUPpm&dszd0FT+
zlZn)x3Y0F2<6L>3YMIp9U~o)x|JGhGE(Ub8Ynl1Gwx{F2lYitd`FZ}6{BI-wkU#qc
z{7kOH3TI7ED*$p)Qq#=JuJ+dJ(d&`+-s$ZfPfBQ7s3zB`NQFp62AznFs7)qnZcJ{>
zcv9|o?zrrre2P3yky5c%aocr@{Di#SeyRN1q)?HSxxD!gC!L4ei?<Bh&8f{P+4YOX
z3-uyBcW?K=8NnBg2R1YPhscYRag<HTP08_`i`fh1{lbfz3+Mg4i~G&b`^gu97q<I%
zxOg9q+X<D(J}r5W7kWzbn<-0MjzXAOk8b>QHuD|*{j<V$<R^K@w(HG@m%XzFU$f5a
zXa6^~H;sFXHygk9=Z?2jLGX%Azg;<p&dZ{wnN<srvtKK3?;9|C-}jv9CZ*;2)md=u
zby)AP$~EQD>NR@}3xw?#**3Mlx8IBhvh{0fn_EBMZ`A-z`LCV|Q-`@Y1u6>XwJ{ZA
zD!azMQwc1!)s<%`CZj3FnvMTh{NZzg?Bqvtx^FNza4En0Hm-62<>=1vJVU>Q2RE2l
zX_{%9RX@S41qsx;PBI-(5x_zR670Zq=WK8+ap7Vh$1w!elgczAn!;ThAL|=jB(zhg
zzb}thduJ8cP-|38wn+MhVf+rS)~T9%k+ur4HYoFIc@ec{VVJmv-|+c&x*^;EklHTR
z>VsQNdxE=p>!ZZZ&o#<$OC^lgPwBwYCPgg5cSKLhhaOM9{NjFri-PvrRlJ85Ptbjh
zOS3Yb>^;#6K%ei9c5I=*03S6-mP&g9dp>pJZ@iliH_gYlp8Uda0!CS{T&josVNXAs
zym~6BGBtjrDWQ+>hyj;8^MRF}b94^6#rs%u9UnQ-Ova;TLtg7%cw!s!a`rO0<_}R0
z8no9kMRr80iZy?vsVR%`NSx1kO$y?{P{5P|rb&)tr>yo6D!EN`mE1mAPD~x!A1dPd
z%){33OeHhrVsi}<7L5u@r`xfAz3-h;<($1gY?D1WWPqs=xfPw?6Ctj<@#aUfSuDVb
zk190I?rX^z5>U6(vNO~Ze>QH*Lbei!Z*4?>^F3*Ks@8os?z*S9oZHF$eyN^6-b32)
zW38XanKVEneO=@IiJB8&5@f_<T;*@HFzg{abN0bg%+GzAD02<lL-pC_p$?SFM`%`g
z%N!Fl6&d0@h36r05Q}~`DVXKr6*B=4^NX>!`;{&Gm75Zj(d8iIXJd?1b0{t=_w`u8
z_)O2i+xET1+;B@I@P<x2?PgIa2LGJ?YX5-d&f<h?A?^B_q<6__{Mq}4uMF3tXxYA>
z#!DKzihruYGtMR5qkEJol%=CF+vpI4r)0I=JTU)WxIb!$ScZRYRTIt&<Bo@_-o73M
zN9>Mm$JY7xs+V;bo;nFl6b+2F2M@u|pV9AA)=6ApC(l>xv6!9sFZSp;_%nV(rKC;H
zh54D#w6XA-Wp<o>aO@1$popo=fec%ziEUrGsVYk2mHTaBx*0b_l*j692kBA>3R#_*
zDElrR5&7JKb>qM>H~K#G+CiIyCh_^g;c}nZbwq)cKj^_E`HHCiC&_K_%zUPYr6=*x
zRDv_ynk?G1+82*?aNC-L$3E_OCA}w{6W=_X1F_LErWvXq)0dy|rXNsb@{vv>gxJy~
z4}~^V5+yTFG=<PO{84he3<C5-MWat;?g`4$i8q=qc@ONWv(=`1y;0VsW4j{8^Qay<
zIx@3Z8$a{+-d{uC5DJc>%^(dV7ve-S$S@ITrGd!fzhD49J%x4LwBnM&PN$Dkm|*~5
z=#*zxZ1I|q$5PgZ&&>le82o;HXH~Mz?WZm8sh?fcxk;#LGcP!*c$(xfa+`u()Zv^I
z2OFP^+!T_*HR)h!t7$vPscEA|b6v0(uWlA+Edi>Y*ZinyQ_lbkf{|NIyk&b@mlQ!;
zBqeTJ<XrHYOJYIS7GfQvZn;|E?VXetLV0$|L6R9XKuQ;bU`OS)v_`8vO&9#=Yqf>4
ziL(p*Kj-{C|DF7!f634NALRc5<M$8w#Z(|5Jfj!afZM<iC%WnyBz4dFG7QFOJ!zUf
z#H@E1&uujZi-J)oy~Hu8?-RyB7W5xDdd|=8jn;9s0$=s5p_5Imq3;rEP!?&82&x+f
zIP?jkY`Qq`SNv@_8X-r(^4z}&d!h!e1b{0;qk$7KxPWXTc2B|m8XdznN30dzMkchu
z2JmBb(i_&WR1JS7;i87)p=KJt13-HCCII1fp-&>jXVgc9Nkp@LB~c-Gq(w~KG5n&n
zE}%s&NrQgU))Z%{&xoojbUuOHv1aI>=2`xta`L34vMkkUm~lRkCGB+pp^~qCGIvNy
zRDhod7fx?MSsS19)qrxk3FA=oW2iiWFWk;_lcNTrV@u5Mi(7C0q&)(6*reU`hfh*F
z>10({7453kS83+E?A^buJm{(lTK3YUkf_fv(MopVYZRc2)yU2eVt<FD?{EQsJHQM%
zkd)FqiKJNxr@@g5ptI_X{C1`sy5TV#_oPZ_uIpctnjUs^RftO1J}LM;E?_3u&kdJB
zp14E!{br$hT5nFukCN^+sr*K*c3KZ%+7GM0jIk7{zqo8}Zl|~s7maa1lvBR7>?}vS
zs*<X}vzU0NBny{nj#<`|+>RtF`3DgLi)m6IlneBLH2uKnn6k=Ro^1gayE;lC{t-u1
zUc4)2Qhk1y0p?n)Hd=9K&_2nLfjqH7EV^3nY<}@>_E9$VBTH00ZdAP=`9i{x<Ycy@
zT)>+}6rd}H-*ld@>zd?NZ}zzqKW3J5mLR9S1o)*g&XU3%{Mim<m5LVm22?r^2)vXu
zU=vUn$7P3Y87QsEiB;QH7=OnOnUOF{A^)kYD$Xq;EztKt+$S_EwbECJcSafi$v8Rf
zyDEcn<kT{yCEjoCG7f*g{NF;u>B^s^R`MDZuo`quMY4B_`HQWpmL-NQI|HRlwOxLc
zmWdvrTk@61<c(=slpf)kl&1~yiL>*aIT)gU2<^!_Zozb)PQW~-kyEfhBlymDqCAb{
zWe~w)E|P?tM*8mm{?18;0YU{M0lxR46#g(`{{FKY^D2O5oje0iHXj34<12&)ZTz{~
z6`j%s)#F%6urS_a0IM=8wNj`QoJ&wECdn+)kplWG+L2N!DdksT%b*-cN?4Sj5M`ET
zQu8SHgdBv2bXb}08G3WrENo$<J}uaaV(&>FbCfI&VXX^oLhY#8Z-L)vV29>VZ|;P>
zCIj@~d0~m(yCQ-_3j7V#6qa(n*|Sr=(+R5FX#doV&F+fk88}UM5ELI^TWli446)g@
z0egXrXe*L#hiWU%-Sn>MqW~8!GH4}m1s(1#0QCgg#OZ>~au~UhbYWhfPHG&rF?aN|
zTULtM{A*7RSrS-L`m1l}nLl8-D)@&~k%2zh%c~PQ2Lxu53S@PNJh02um~#<bo(BX3
zPWuNzaWxY*r=ogext{815MpA(Z8M;LQYS>#Afz{Ps4nmC{t_9qOOHBG&4n!?aNO@n
zM%d%;dBW(5){|>Z-D9@M*416vPUjFAPb}|<E)o=P5E-8(Hr!=sXaQbF2H}ZMNN?d#
zjVbs$R<T^Hi)#};R0`^uudnx`H02kjDWu{BEeIw0JC*uHHI17OuR`ZcPeHc!)p`Bh
zzqeo=$dj15x+^IB{k<e1pJU{Q@^rZ)JrPVzu=4Bcj--3?(xEC{B+Sue)W0|}<Rz&9
zl$qp_^AP6bgaZStpt~%p>AMXzh72{h^_Na@H{FVP(Sapr@AlV@Y=iHMz0mQsm9Q5?
z6toEnLjta-?Z+Cz3TL;E93rjc{MR?qpep%;+}}-QsWFk-+RJEYe*m|&48{-8t}0m&
zX2C6@AL#$Wa>j6reE@ryDAwwTy&e1nfAA^q;I8Hg_figXPmNtR8oH>P*Wj{p)xn*L
z9!RsHgTDp4otRefhx`Noo%~~e$<Otl<VRxrhy1Pd5D<Ih9r6{z=FGB?+pO<753uc~
z7`pSchVr!VB5h3=S}8T1>CC1W#CJ>hc35#!^jRv)`<opVqLjK=4Ql8IuK7tEBBeGh
zHqVEUCg3N8xY+m-dNx1n%X9JZ@)0C@Y<lcy@NKcs8F8RD4Jq=NBTI)PF(RfZNk)=8
zU<*q@3onxbIldOC>ksbc;GR&w*T&OEkSfYyv;VyzCK-uS5P->#&iPe=_JH69Cbm0l
zx;wf%I%oY|6g5m#GYlne6txA*$8p0i2$An81Ky`An410w*Ip9lcxZwolG1eE=sQkk
zw)%`BVCRdXBfXF*oBsCJei&WN+w^5V{3fKQ?4!c*VWO3bSYk%*!U3Tb(|G+cS{VcT
zOeF<<c;!f1EvFV8t0>dV2)#r-<LeCGx7f<<!|r`x?Yiwu<_*rBw)yU3;wphb!JED7
z{2AWJ<6|G!)6M>iiZB2I(24<Qk!6~qLu`)W?|gt-#sGX{3WUuHBUJdtQoH;RYP}ig
zO4tcHQJR3Sn0#7J9<uC5sMmR-TD6h|l^)r(iK({T{Px!1?Er1BM5$tG3Jb2OKSgW0
zj^`_MR;@SelbfFsdPPkd*=G^R#8$d2&JFu`Iw%}B6qOs*f$-vSb$TQEMxVZRm)`ot
zb@11URB#4($=2)16@Me)icCY@sY-usOb2?EGk6L<S!N3us};(ruW|1ubqN}bq<oD!
zIbn0!yMB$ap}DEtj#|w=4u4Xr6PGi&;q}Zbu$jF+_0WM_z}pX*No<EQkIPSy$RahQ
zJ6+VV+0U;@HcFAvFjp<Dv5T%`6+f;eFNV^=20Y15%&iCJ6T0+0dVPCl<_Y4D$iHuC
zx`?WX9i7a^)<&DnzsY=}dH!^I4l}Eo6Cm;C$r^9OhwVA=Gr;V~!!#Kbz0$fKLqg{P
zYk(N*1UO!NdPt?bS^c%|ws^8)`1*VJJoFa2$TK~60h)~iM@di9z;TJ2H%wd0@dwF~
z1pO^(_)vO7pm$-Vdh5ooY1iC#oknDw{pd$!f;6}A!+l`Shu=)@jDsndKF>e#h{TZc
z&ne`7@I}6HQ+3LGK0lbK65DUheCepV!1qlAjnb6#yZ4y29a2pMwA7AW*847IjcM&M
zO{M5TNfiBbs_%Pw<iC=2y*^y$%g9yPzIivgw4JZ!bTc?L#Sb^=U1mhcTuWjzh|Mp^
zb4Koxc{BGNM9h$3;2;1)edCe%)QiBkoa4fx*_sjKcTFTbj!fs)*dA8C<jPdt9(nB)
z=Rw}En0H)pXW5!n@mA^w&NTNo1YN(Wr^Ow=Y(G!U++*b@iQf7=G5ByAUOQtO`iY%*
zs0-U24j-f{Jh|pP@a8bo0d5OGdS49lT~xwGxnT-S4xKkz@FHcHox}!>XFoCXjFJ)X
z?%$6$Hn|eVPCrg84n(`)H27FE5R9%g4-vGO>(C5l^^r6Xy?u|cAo4VodtVn77YOKd
zYeSqXMKXM@kZpt7A2S<eA@@VZsT*i=X5yEQt-gf$k)q(47Ht<EWs*;DIOyQ5`od#P
zLv$lJLHA|~_z;>&PU;6chge<`))>fbgA!9WZ95@9QERxbjRC&l)}T{Hi{#O>-!Llm
zl0&=&WWOZnG1GLI?yLz)k$5_v)Y?m9|4{ZSJKOTrOINU5$(e{>wW+)AZH4BW2Vlta
z<GMRVwwu>F-{#TvHN*MmhL?N3Ycr^#8S-md@zW!bLoK1T!W0s%fJY||0DQi&(=V*a
z0o6=HU2PbIA!-oUgAGUhrUuX1GwG<C(%a}ACQx4ufUZGQqlRX1VjZn-767V7aNW3m
zGVwuAn@m&kOHy<e%sy)ySa+>+M=R-i5M)}Z+DOk|H<(F}soH-rHS^hgY%C1B;{0;+
z@n+v+?CX9fhqf__7IPi;WB+V6AX5X0C$wU+323I_m)o#cH&i#W^N0Mu|2z4||B|2c
zKgo~2{}1_>7$G2dlCP~LR2`0<@|&)8uIb0UU=}g7^3xL2^~AfSI{lu24K7LfZDXAK
z``Ts>^MJZofDcWv;1%Fx>f`a2bAQXiLy@&fL;{Up2wxE&n{=hob?2+C2Niw($9eBa
zrG@jlZs4j{D-&1jHV+!_8Rv>&#8)O!KrEo-nT>-j+c3C-`}!Q`#H&zn(N}OqPdVe$
zec}N(x#zFUz>=6(L*5Q|&*axneB^>=6sEB+OylJ2jURaq%Pu|~{nm@5AL4()tYFbg
z=44&Z++UyLZgBdQ73kx9^LyZgH;QJeEv!CAA=ec<zcR4Bf3nu#61+wiQMIiC)E;ZB
za6CWN>T8B_lelu(DI6AMsQU#~%w}{@cfS?u*k|z5b4R|=OkKXd*VHz6GlPPJ;>b&H
z?Bf>Y<f8+Psif)p14ImpuX;Xb417j(rYrV_-7aXaq}F|EV^z>MnJ}{>H<3j&UHoFH
zyc4EC>Ty$-qOjdot*Wj?y(s%r2d5L%Nk6hWTenaE2r6tvZDLSoY=D1kfm7@e$dx<W
z@RVj)Ur^K`-dRx<t-JKIV{AZRD*sl#jfb7`%KO&%L{B_BucQo_z21(GWLlJd%zNU3
zgZ{GVw#fY`buTlxAiMf35A8Uv-+UjQbY}F0SKJy|<a&hdnq8?dD@U+rCe7f(>3P+a
z&9k|V%s5~`(39>dC1YQww{gh5{{xr$=X(w7U4OaV;=n_juhgj8Dg#{Eu|AA34Xrc-
z+9VM(?6T$(`|a?SU;O$@i;nuS_eYuN$Gl#PGu^HEa9R`WY#z{=8v>)*X8`gGD!5Dq
zE|DL&LN^a8+6+z>?I8TW9p75=%XXq^tQ9)tC5!Nvnq0PY?4~-L>Ew0>6=pC6?5!l>
zEiRDE1UWN#9f_@#z_2&D%<;A`>L?~ug8vfr3w^cyf{cEGQuyVD{oHWZ3>n^D!N=<J
z<ohae^V$--2w2R9dxc4VN)0i|rP@RwteXqkn!hEmX_s#==2j4n#n_Oc>%sX}Rm_w;
zcp!CbV1iyYdNf5e-}HOE!Y(OPLvKEX*dS<0AKw&E%J-YtbYik|(aHK9z`DJ3Qfr_L
z5igt8ZiW|ZyvB~{N19`H`g7(@xPJgfbujCym}AK8mV91vSIMn<NNWEevw45vb*Kd*
zeIxK0)Z2Q?#RLCWLZILh?a@80pXzeB{)gXKXJNlLZMOKg2Q<Fu<V$XE)PidmZ?cMw
z$VUv#e!nfjDg3PQ8H<X`aFOFL2nrGN1a{Pk2JN|%*a|wzMfBS!-)p1cFqg?R!&U3Q
z)xWo)k<g}REY$1Y-Ev%J@C*mmOMuUZEwW!_U;HnXMBt*cF|ct3Da%9HmQn{4qp~sP
zXCFQpj78gF%=bjQeNg|#IaSf8Nq|OqqPU$KtYg8KSX~wsiZS2sPHmv}$Bhqm-`Y1g
zYshUU1*0(QN-pYyjn_GMN`rgcDvA?daEaf#J-#|6N)6+#_EM@x9IuMPItpxH|1nCy
zMlwMa1^pVh2i>mvBZ8J4xHU4kn++>Cn(3ctfBIJp&>@Wc@o<1Wr(i=p2Hf=y9OI-K
zY{Y;Eqn~i6+*}1q7T93~9#3}(Txf^}8x!6N;{=`oI2TCm@wzm?A-dzF-Dm)!t{AYd
zY)fTxto=wA#WzlEu&h_hokkZLIPH$ISrNT}4jcd*I0RK>FN)jj!Fs0cAr~V6Dgc#-
z*EVmko`HAh1?qqs{JA;U7za`TxqOo@iF&H;3f+|+8U}*kJICG8H`k)z-UHXPb{Mw!
z+Y5k-z!|Nxf@@uH?YR+O*hR;mW>es1oOtVGFQ(wI>z3eX-QcjDV-KjCO$6&?-eKUV
z=gb|V4?2I`gJAdlpVq$Hyno0)_TR}r@t6D@|4DxA^nb|DVgLaVENJK*aA7cj1OL|b
z0JXUt&4ey63^ryAfnj*PoN0Cwk4)goiCf<1wRdc~LSGjB7D$*ZahXW-YA&HZYW^`A
zz=mQp4!Xl14-Y=rQwBCFS-`D1w_(2AT-UwOPpv;dy@!6$d)4b70|^MKt%8RQTLF*e
zka7w0@eJuV+-|>MV1%&AW%VWeM`Ctj;Xb1Q@-X)v_bc=_jx4^ugn@)m_i=Ek3RjMJ
zOJ#dlG%D;A-7CqR;Vy0QxQ`cnwc9Hkyq9|D18Jp<Ho>KW_H#2`AMTbA8k{;1*<33S
zH>r=Y7_;6q6oaL%MLEvWU-v^>53&kctBen+Cj8<YBF7i2(N31xdC&0A2YXu1NdC5K
zamSt~4qeS1)NLedUvZ{LH*}mf*7%F}bx#<~srkPa9NH~zACh?nW0>PkRwGX`C;whv
zucN5N5E{?~zjJ0y8%j{idXEBi(bP2t4NY_+lUx{7=j+rpCJaq{^mh{yd$J7W$j)cF
z#=dOqMb7#I`g99Itht!$EBhx~u|<zHkt?8)iGm)~NiB#-E$|C!HLS7OP3xBUEPM8#
zwbC`Mcf004!KXtR6o@UVM^>+Xv@RE0RKzyW(hRP!d4C5LS-tCDZB+b`WMoj$1H?ii
zk@V=UZyVpgN)g$T<lmz7-WO@7LO-slR1A0}1cZUdf%2n+^ur<7hQh4WS7;6t+oZ+*
zp1^<@>faNttdsa*w>X3v?Tf9+`<4)~9ZR7dO?WHllmrIGh5BY~l;%}f1FamVTCsiO
z$nm)oCZFX+y{Gzy&NB-mzqOh9k1kfEx6GD%e2DF)UB@ZZ_PVYiO5|q2*Z4`!x^BQi
zq)fLAH=6DZt|XWkxkAr@V@!?DMW0~DXsjm*4cZCh#@60(1{~o_7kPHw+)}KfoWYiY
zuViy7ZkRUX?KG#aj_p7lH~H7jtszP!r;Gg_bFCY8YHC?2u1|%g9vFq(SUNo`<Z_E`
z3zgFUv?wvUc1|p$({d(Edr0hvrVyA)AfMvOo)kCGEu=I|kzc(Nuf)GSf#@K?6V^6e
zVER)K6J|O=ASp4RZz$e@H3ru-F@9%Qu@<v`XquIn4}moxn4WwjXQ#H7UP?AGe51Qu
z)ZwQKEt#E3YH<5-E&fB<2)?q&d}4#Vqm2fE$MLWy{PD;WHJMnUe`kO-1SsT6<bpFf
znnsu-PDaR%Ha(s^eb{toB+}R^ab2WQ2$)<;DP={e6;RY*9o=qYOtAXilxx-{y#3wH
zx82<hYpRvp;JaG#mfD09sPVGhxnIU=OIS8%G+x^sPeUN;H*60A%T66sVFtIMHidD$
zT_5MTc0EvZ+DPaQd9lM!??lZZzu$w!^)D&j8C$y_t`O?))~{$*M`o_@60gg>u_^he
zvPBV?hH&ITkym2BIw;5#Op^<~u#G4Zjn>*JMiA0SDEf>xoCgX>#pKmq@jnX8C6NrF
z6^9ctNaTkO{;q)+OwQi$F!&_SINAr#@*(Jr;1NaYCv7JT%ry%a3rUcG#5jyeR)!qP
zXgTteV+-Mpa|`0loFn^hJ*tJ=%3DWh%XMl_MTS%|w&L7X3eEr$HqM7SV{ECR<fV;u
zhWkLL>{Yn&UPUDh6J7aP7ANkxL2cbQMP*8rR1B4PsY2M&v{Eq?6&sb<Bg2@^A8Ew{
zr3eM3g{64xsyHQ)LKc;pib|ue72Px94Z@aMbJ#bor9{82tCq=c5nW)YiIm|It$nQq
zqD+NuqfGtL(;!96Vc~P}NQ3{6!jD@j@%e0AaE<baIc%6HTh1qOHVCTE(DFHd8VaF+
zd!yvyc|&D60J$s?U-du204eNP-E$~Oaq8bq=2H4QHF6Sc#sXt=gw%uplUQ9Xt6H)&
zx~(awzUIivB>26W^79_YKU#q!f5<=e-^oAum;CJiNq$1Pf5@+h2>~JGUDWiU;pECy
zp>&Fj8iwbK6D@(|drRSP@q`>6@dP2lw09!r81T80{y>IVl*_Z+vss9zFLIU`M_5N<
zx1s=1Knaa=B#7EZ$Q)u05d|6L3!x`$fzX6|reUvL@H#0T_#v^Mw#a+Q-}}+MU~k!l
zzDX2BVMF~6yx`c{Jl$NQh-MU7J@|-e<@}x&MrQ|6o~I8vCs~|47wKbX2pc|vLw+1-
zuz28w&YKSHdF+*h0_7Y38-K+0`u%!Q1PBfUr`%6+8e2&5Ci*6d0g?a>hWTyzL4h1V
zTo+OIgF*XjZ)|;n_nkSVpcGKbM(Tka)Px#H?d$7uwg^_vt~b)tXFvRdNf&hAbH7;o
z!Z+xo>zNk~<)!S?H~4XG5TX6}?SAgScY!@}zmiU5N>LIK2JlsQc(uo}?z(xsP>!nm
zh5QT@ka!>43-X2Cli>WgU}^NR?2ViF^jCcZqb+?Ac(R}9BH=*@l$aj^Sw1CVh#<HS
zEwDo&kp+Jy52m2VB_SsZwg(9G-8!}F4(=+XC@wf?#EkGHw*I-Pp4#Q_9rlbaL@B%6
z!5H%{8dn|nbX%=$=dYLJ9;w%_2YZ&L6w#HY0(#@CRY`S|p!}=Y>ItpiS{L*`KP*X)
zg@5tq9*ZkVdaHbKtCiuddVyHhSD1W@yCUDHy%PLddX;rWeDhZ1nDmQUFl6@9;-d6x
ze4b{JV!Scd3mm^fDRnK1^s&N0xJrMV@{tw=ls6sZLon_8dC22HGtM$af4Q=(PZJ9F
zfv^5vaf96e#)Ls-L6ztPDwXq+jqAWrnI2!?%0Rh_*3wof4CPMcR}4?zinI{GtN1N}
zyVwQW0i+;#$?U{e<Xg5LMM3Dm?Dxq}c;UIeu#Nq-6S>)^LV`w9qs{DSNCddI43tmU
znRK_XKhjiL(o_-BR6nPw(xlCcf3A?2syCdf=ivVwsuAM!bC>I{GT{p4hT3Nyu}7^#
z-e<1r<sN0t=%xRcD)0GQBCOmc1v_{hP_OB@LOr0z4M6nc28>`=Hdw%MxMK`bU3OS5
z1hJUYJdn%jvclnx^FS%kpnLpb6WUbEEBtF1Sl`qG?`(tmsATW78dlYuXoq;df&S*4
zQ`qYj*u4dq(<)}YfZLKcAN-edhAWJp>j;Vv<8G)AI(uy!9-^aY8yZL6Rr%LgdDk`)
z`*cwIBNQ0U0>h$>RFEqx0gd+>)qsiI>nV+S#S9Ywv6)8IpvHXc2L17^d2m(U`;H;k
z8n~|l72;B~Q%KuWP}wG(y}qG*y;*Qb-iWVuY)|VmCtfFB`Vq4)S;kehYPoM}`d)Hd
zqo;#Q>(!mmMKAo%UZk1*nK4NW(~DXs**W_@cRr*Qc5(i7Z3#<n{lM=WncJB?zC(;6
z>Ek!DCT|0kLh0l8zJWR>f}aq$j(H_}zN(wgw5-!$q`td?&VbAcX6s6zJf=9#G2_QI
zgT*)dgl~q8Z}xr1K@#dl>3sBuHSD>!Y&;?`H2~Nm7SAXd%0b^%5sx#ZDjBmQX1*`w
zI9x=L9k(N#u6cMJ?_E8OJUkMgV(>OA#WpD+7%QOpUEs;%W{URn6wyYGL^#IDHN`6@
zXE(1=0btr~$jCgKdz!3zV#41?_v6Yh!DQJVDO18tf}fdmLawJ(xR`vP$G<U2&@l+p
zF?4YsRpq4b<%K&Q<Ph={W1J?4K1U_3C9T0MX#enm=bz;w5!<F0-i{LAjuP8mrO-;M
z2xO5jS`CmL&Q%i6S2`0aGHx-qmqN9P7foLco^OWsi4#?d5?5Lcc5Q|R{19b|5@TA0
zWPJF@_l<!WpTT}G?G4KwrrMND4c<x-X*B>en0xAA?oOzw!=kB!psDj&Q-?-#O}xHU
zV(Q3n>WCv3V6zqDC^5`&#&E`9Pikq`vbxY*6~|W@`iK02?eGvB5D<R_0-44t6%G7b
zwt5mCLJR_e8nXBg`FG!g$&dVp{*Zt!u0PaIk6lZUM~6d%?|^{#6D9P&M=ALm1^s_S
z`SB529vyb8&*fiHhQLu;VIcm>zh?2T8U2|HOgYT--z;SGXC8kdb#Xxg(!mk_W+7Y%
zP{1k##BqS{kquK$6PEp}wjhm&(a7Gof6cDLx&1{&Zj;S6Y_rpjNp;ip<TWFww63V#
z%7D%WW0&eIu(pN7Q7{;!V2j!K`W|k9_6B^;&|<SX(JZ;xJHh>+<J7s~3wbQ(pj3_O
z(njdqW^>@W(t>9Tdnbfa1%bjufMQ305Bz5CE@tk|WPk2--djiFNYdk5yaMQAaJtV8
z#n(l}*R9M*s@q}r2qtti_lV*{{c2-Ju&B#gU$PGf&Qc?t_+b{<tFW>X(|FIbtV@Qk
z3yBXrHg{jyWg5}@6gwQbBPMj@A$H)gvTJh1x=2-#mD6*Cz*_!S(UxbC_8uX;SLe?~
zE~6T%_6(E;nLMU!&RL+q;LXd+8=!nws}AXbEzgyYVaMF64iO=om;Yh#xAKp|nwMX^
zkpHXU)xIl$n{$=tlJ?>w(t?#&aY!Jt6?Jj-UuE5ekLaK-DjdR&sjMzac9x5e$XcG8
z(}Rz=`!BCC+T5Se-(A4P@9dby>Y}+X|GUw@+k(|U;lZQu)`axXsf!vw&&xm1&&yMT
zUD;p(2P8waq8<Xz99)|Vo<pLb^52ocM-YfC{i+a;6a%7QmaIv_%!%wQXQquZCcx#E
zyTTlcFpbY=rqk^5VL(K>S;6GE!sYR7?5VUze<2{Q*Fi-4@$}^SU2Zez^&OV*hH$?i
zBpMAc7(k@zjWy4m$0edG|AKb$U=z`VWhW|l`;daUF7FKul<dqSnMYI0%r)&K8uf+H
z{hkI;ytIqBt`2p>I`2_kSMrX<r0oFTGJNy$_0q`w%_xFp5t{vZuv$un<H;w>P>KcS
zSF&Dka(2-}#a0sq8iOFgt8e<2T!f(TL^hURh+0u)Cy~yZOFvu$%wh!o8%Mt$reA=I
zfFgYYU;SGO`PIj(uDz1ieR1p9MOobl>TqhZDzSEqOGKJ3X;P-Vk9kn@xv4_7UrfGG
z*6W3WU0adw^@49L1geRy14KsQB0k=UpHRk%d2<_*lxsk12+Mxa`9gGKPF}xbGK3gY
zWdijXjthZX2+b4<5C@pNt{Ae5dl?ECg51#GA-&Mv;ogwnLAU2}#Qj=kT0U5ccU)sR
zK(5Zd{k}Y{hWL*wN+giGx9r$*;czJOxOD*_cD0bH>lUYMD1$;{`d)E}Fs*ys!uEoG
z4|amOGrFbQEfIQS=`)Et23vp`*@p+l`q0ETSVn<7!T{nlXug7%+^f*ZYx3RL?(vd)
zJMnWrY``1d1&D6)8maotY!Z~M3X*!HQ_uE%tNXo9Yqqhp9&j&+0(|pYB)A2Q9lXlr
zT?!VwBwWc+h(2~)`D|n-`N1llPl%jX$@@Y8-`X98Ti{>)6d2<e%-<&RU+u)6Clo;{
zk7@@kRWAgOiH>3|P*%R>FF%a~lvy_}%cVqEl@*f`y```aTDq}E5o?+0isi-1IJ)Xs
zN~0&`oPsJ!2bE*H)4;o3De{*{1%ir{hbKG1yX)K~L*a=)nZj!+my{}B@$Dg`mVQ>j
z=X)+c;&xA-XOSF4l(Z<7R>8iRO#38RYOR7=Z()*vS#BL4oFp?{Q!9y~%HaV;M?qQa
zTI>p8k(A&(Cp#x=KBGxBT&kvAFj<Htm(^t{iJ*SJ<4~TQ=szc?Sp6i)qxwxsNu{jA
zpFP1<^o^jDGbeOjRI=ZbTCVu6WcGr-A|gIUMM1HeR*F_tOj7kwnFl-<amnswYDskh
zN)7fLe1H0|J+X8$rYD4OFy04(j?7B4h4<JHS|&|Lzc(6UD?@5b+U4@+w?axp?TKiq
zaH??T%2<{E`jZdT`rsiVz**&w{Ew{S4O#Yw<U6f@C=QnYomGBNh05c?u3p#t=>{PW
zQj!r7`eT7#2oR9qpMSjw|E=FZ5PyB(lmP+p?%&S;L%siN|I_PVIp*^KJj4;W!yow{
zIc61R=5LN+{WGgSv-?+$p$Z*33KN${hX8GnfO|ng*#G}$_RpXc|2F<#Gh>0U{~HJb
z0^@HFnSb{~0P8pK>)*xyPw7V|4b}`u@yx4B_T$shs2hn%{T#&k@I_vsU<cxnpUjdi
zn5YN(y+0Sk)aynZOWEcnbss{QZkTUa9r`|L2pOYDl(4jr_V=G5&5#aAhNy;+hN;!Q
z?}LifnAQEzw@Aqv=-*|uTIG{+i1dk42>%i>4qjKYQGMW_-2>?nBkAjfZq{%SHp}3B
zq3mM}1E9NX-fNX<dF_zVqszjxv{yAq%=;m4QFyyD1Vb(t5#M~@{@mB4xsKj9r1^HB
zsjV9+8AcO!jLu1BTUEgudz`SW|KKyZt^6&v-+*s#(*=j@On99IzV(bIYz7?~UDT=y
z(0ZpKK`KthSmo0=eDQ3NQYl7pBO|OGI$;!2U1cM8@AF}cqmQre<2xUjMY~K)sK&C$
zkg)Gx{lDsZNk2b7xoDBrE)bJ1G>-TlJo1H!gkgj^hS7$t`T6}?*IN^SM+qkGx$%2=
z^Yb=dIrOR(Ztlsh7)N`r30}`j0yX#|s^DhM5F<nwdJu3B#0AaLJTFHwA*$`){Eh`Q
zd8fv_=<3;CDLfjy-3b_{M>!0^2MD!OSz#5D=_gve<3?OHZ$*yclz~c+R_aooanTPs
zEWD>!`<<ejZqj->QqF>qajzULBkw7<u$Q(M7m2nEQ|JYpxzW&*js6yPi8_m&t_pzO
zyu*JL$#5%fEZ0CRw~q0iWbD1G+%w+*?y2kRI6=uTWSkJ?X+2&AgioR(&;a8!JGfEI
zEr3wY9A;h;=ABi=dp~}h5mjKNU;B6OiRf93y(gRTYPr*QLb$MZ;;uz>FZbZQFuoSp
zC^1F3aIPcfnzX*sE!29XwG2(O$?E{`4Y!?HPGsTgL1pC`?0t?|P=&9)1JLDNK7rG<
zMfIqfAzsf~mRu(BZ7h_dz6F+ZlPkO1Ey%KyK<P>Vtp&CKGS5DizZy;Di|@u4fVKjt
z8FpuojE2v;P9*jXk5O(Nvdet%QPu)){!?Q(-XX1vd*1|{#ykvS-D((fJyzSoyxN-P
z6IQ)peu_(adEccW1unN~HWfVLGq-ubBG@dSU(ae|)aTVRR(Yr<PB${iJC!`5)(^r2
z;cBQYdgG{1x4)wwbXB?b*|24UJY#bbiq=4wO*g70q7t9B@qx3fgg0er-AmKQF*=ss
z`;vol$V&Cpdi=77$<k;lei4SiUMB(p6dlSy<ue}tGJW^n3AH_ew+E7?<*b?e4bp2=
z%+PU6Cs#|_s<vU5^g2#VNKK1oa$OY?xj_XQt>F}s*g`4N!ntgmKxS~IKC{U(IXHhS
zIqkUzfu*gaXbj@SijCajSvp;3v~a?8yd-?`IMWi}`Wj*a36P0oP|BUFH)_>7i7iA7
zq1$suX&u|-0$o*41fy%k3z=bYjCFmWnmN){2j1LzzptlosnK^Mv$3wL&1O>cnOAL=
zrKehbx_(yNqw~}-Ol1%Or{59Uf*}9%j*%DCP=gK(?Mh()iw&p0gH4lvxQ&w`_Zsal
z=3n&;!FjXcmKEwIU+uK8%VueMem1Aq@@r-?N{2lor`phU5#rFD<@0A6ZGzZM5!J+^
zc_e;f--dXnY(Yk9E97O}g>rn{o_p*;nKGt!vH3C}Xs*^A?>|?myg{r6D}VYM%2KCA
zD5#7y(U`d{!YB3U<7Tos+oFz1uJUTSRmI?T={s0z3%UL3R^^``UPGWOb%p@h^%j2A
zqB>;sVPv9BWwOXquGAy;vjs@IrDfkuE`MykBlO6L^qV|$(eQs|q`D~o_Abi_CZM-6
zs4KFvcZ;mmrdS9d@po@(?*C5y*}vpx`A_mQ@cu)71ZoI~_p!xupH%s5ah-^snKJA%
zF=NXbK7C)z=lGe|C(x_1K(liQcWSZVzgWbP&JkgT%&9Gk=03vyF-u`Z=5kA4CmXz6
za6lW9u<y>piTxtb1MMPS1BH;&DnM-%*5QZkF0ZEBnDt$zyqC1(mWNAMBCT$5I?GBx
z-4O3kn`x|jfWYyw3JJ4GSjsHiD5TVKr4}m*y4mbnA-zNUSw{<j2PRkKsm3x;Zj{PD
zqXnn<^F6fDs9C>5Yf_b-&uk){u0l35R@lPbVCn?qhq2x+%xf|IRuAd+!ZUWPNVaFT
zIPN`!bq$x!66uV!Y`cz#3|Q<`yRf<=-)jc*l(c<+tUVb029MOc^xxk5cjqisLb0vi
zZ&Au7(rEj6pBoqub8;!A+Vcg>mSNVRCfyu5TTJrpr1`Cvk&aiiwgR$}DWqm}7h~a`
z<BlQ=c`hqGM}Gy~W1CB2nH|B>+>@9O`;$Yzc7(sKF=%v@EoQ08{d9M*c$-SrHV$Zh
zcMN@>ZB7Gw*O&<TtVJ7OrsWDb(QpET+BExUd(yd>cfA()s^0f}1jHuhGIfNiO8eq2
zXvBcM@s9HJa;&6CMwn#Duc03y1H@b7XYdw{J=N6yruuENDX+tT=V1G8q5;BUWunxs
zo-pK&VaDJ^d+-NU0MeqaEjNs|1vkUE`C>9;PM!%o?i?%B>LM#*Hc{jE30^avJ*83{
zX(}I<w1?!8E(&8>)_jv`oP1r5%&YzqHR&Rs@HBcS80IDuM0J09+m^F$<t8%F9hfp2
zBQpAwj%p(|8^C0b&On}UK`Et$T6kY5+l}?&sfN{SREvjXm7M;MD0<zmmp42Ia?@N4
zaX^n~^YFXz8M-(@l@IlO(`E6Lknjumej$4~lp2Yas9MusXkGyib)N_6wKkfdx979V
zxGjdU2ic40J-TL+MI2Pw^l7hgCeIi2%JFIw!@eCMeB(xs3F?$)Gc3s)?5icf1^voT
z_URhIj%JF}br9(f;a({IDL(O%%i0@wT>H~Z-BkukO<T!oe_zTo8R?X@w(>Yn61<fe
z!ms^QfcW=g4*vb-y#V`92y=M(+L4CY4*ADfi$$rQs~*NJ3h6!l3iew2ch(D9ENUL_
zEp4^5K|Eva{pb7@8uh{L&}m-DqP|4sPVeS58VK*NZxz4At}BvQ9A5Jt=QEhS82Xf(
zpuZeN?6%|TWb3zVpv_ZhF+QTrkE##!2S0rt!Ft<FV@tLI8L<Z?<DGlIVvm%cfAMMD
zjd?Tn$=a=aQ(ojeLSpy^nz^M+e%>Op!~_LAInrIC&8cZ{KQX8$Wos`TyJ;EuKbJcQ
zp|m%}c>>s{1U2ny3m=#kR>}`S!=5SZGlDATO?wYj3!&wYp!D0&;+c7p8f*`y1(KpO
z<#kbpf{qDI#Ip#Xy5E2%Bw@X3Q2$hoLmQ~w1??hG<utph6TBrj&hcOc>>FTNO#3=w
z?u4kK)3o7P?bxiiWo|-~|AN-79CAbFsQC8VJapIdyzRLOLk%&E<NODpN5%9qQdG^I
z7fyr2d|lU<V{R73bVDN8LM^7J%w_50pKi+OMw#X*me&<(ujDuI^%9nm<ujW#Ys3`{
z4M6`_Wp%r7MVkhfN`BS0!PdzvbPnl?<<`}#@;Obl<(Y%?JfFyUeWUK_?zxq^I1kM_
znfDwQcOu3JwS*eqt7-{a<gA*+JVNV<SH#c5IP@d$V-)jk7tGNX<L8$>e}#iOmTi`8
z`QkTvPZ@t@ca+`zxGQF8;150(9U@=;(1?64V^hU|<c(Y2{My{Oo=o7naYt-SawV;k
z#{D5?PD2awf{?Od{!Vzu<FvYh%ewRwryj?~1gLWQvjPMDb&}0s1*>uX?%R;V4%Snd
zU1vxJf|A!<BaSv^RK1TXuT2^B^*bh;&U}EuOgO@_76&nxS)IQVaT9m<pKl}l|DF7E
zf634MpX6sf|A+kfa}W>=hxd*+Ex&ZC!%y#zldXjxTxQs=qg<C<(JQmQad7!rs#y<0
zeOa^Om8^nqRD!GwXvn;aW~a7>hBOgPw4p|ysh;A%2(t=niiX8l7(aEtv;A7DgZk_9
zujNmh*6oJrh`%_E!3QateCkPBN4DU~_G3nVvIq8xAi|~zTFd~>oVso-vJNHbhIXbp
zGOLN;ZraLOG}DGfemSRZ4N19c4zIEirQHUr($jt(QThDbE(x}jfPU|+E9+IPB5o@a
z*39bjiC*8aV-7p^-3MzK|5p-g8CYUlnV_=ArFn+xeWQw{iwG*MYyTomq)ivOrXKEU
zgPaCJ&k)TrfAR|ZJ1g7*wTO_Bif5>!kYQC6!VmTcZ<f8vWk5j@K^>tLd%zr~zzi%h
z3a6G$b@oaHquxirN4Qax>rXmez-n_I+>6hvR=03aC}kD7U67gexAHmZ#7$ias}l%g
z#>a6&RgAT_?m5|6z0hVZQ|7!Id;v~Fn{wp?iSL`k2t{Q{tG2v;qAKC6ER*X_QP$su
zFE|g+iWjH8vptyBoCpRFpU>Y^Z1-;O&T5P<fO{=@zPnoO9rllr2O3r9rHXxC_2n~p
z{fP|5s@p(!HMK=ggea)?JaQ?uX&&Onur8Dx+$&md9JRjZ)~k7|uG0C`3oOBEk);}i
zrZyK2@1*mvg;OiQHaU;Xu@32tXl#ee@ZePbLR_%4nCaxPvII7zx8<+#Sx=J6HG7!z
zp}D1#ca^jDMCa6#EhiaFvinVR0c2jt+Wo&z96B&PqtB?tlQ$i3XNYR4p19WDdqpsb
zyRBxOeVe^qWa}5!$>uN0pT<4cL^+I-w6&-n{CO1f&a^qd-)Df{t^B9Ws0)>QQ54MC
z4m#TLukO13GX}EAn$b*@3Dwr?9J7=*=AF-HE-6ABiCc^~ZUo1xDr5>o`#^?d0+%zN
z+?+T!EAV0+>?Q$c^~`gQ@K5<OHpk7jm}`}jEJl;3Xqm`na7T!4Uy<?9TG77C;-Lk-
zWpfZakszSp%C*Ld5}VoIdv9$HD4lgo{<y4vMy`ij4eI{7{o~o&ypL<E10A0|rj_YC
zBLP#}plHH?<bBd)qQh?=250_^0Q@j7SjS5H!XWPNm#tnL&TJXGcy=OkxtER4s5{y>
zntm(QgFZO!y#UNK&hfVMQ0(YPVhntnv;wPABfboE!}fiJkhAaC<)6~2_Jjo@xeFbV
z_L6=eWaZ#xQ=N5}mGOrQjV8I5P{FVk+Q&GdI*y8Z|7xq^udo<SU`)Q4${L-dB{?1r
z;6sWLN=cNv*a_7spo^Eg!wml<Fs4L%cd5mPr8DK-Sky|#k%4yQk;Sir;GHY6_WjXa
z4PS3-N<<bV)kW>+l6TACMrIzKvl?;jk7>2&Qw;B<E9OVqSdGzbH_>sGq4Vp-evGs?
zSCvcrShETMK}+nDVv6bMSCPBrf}$I{U+1Mp<W=|YTBYmPOhjAV6ZZX!H*K<Phjht8
zPp_^SC#LKNma#;LMTlA4`KUI+9{B-X=#*nDD=E}%G1sAdubb_)Wubyw+;mTm+gVOR
z2ccQS6ZTw#Cr6@L!l;Uo$2_s^{_TDD9*iP;@Q+3dTz&&=upS?c<8;&>geQU*d$aGg
zVRSE~ds#YnTHfRLobTd0!ix7-xZ((&rG5~7!I}tk&*<FK2w^wlqcco9i{kGz!r4Q0
z=kIY+i|5KGsK;?RnagZSah)weTcmp_Yel-VOj}>NcRp}Vq0X&1+i=--wF!kWckiNe
zbqZB-8?!w}cVVlZYp|CsN^kJu32f!P6B-m=(|Hbv>20O-avNk>gYg9Yx{*0PTZx5D
z{LFjI70%b-7yBB_wes}@KvYD)?d3OUaa;XbZda*bA-KRYiEBi1hAR@Y;o<1a&;;eG
zZ5vgmck&Z?Un4sFt|q2r0Q33F;O&6(AMy+Tck<8wB|p=DlAkO8AM*1ALO?vv#iU24
z-W|rQM04K}bV)x~#CY(TF@8K}-&@(|Q4K&6wlIqG;l^E3x70%r52>Pw#zN)51q@h*
ze#BjA9(<1_ZLZAA(OAT8x#^iWZEoKexfE?Gp~&1ab@mmdklm9IubbfrMk1N1kY!`&
zmWBY03-OB}zZ|TrJZznnMl-(1iUJ|mdk)Tuc?IlIs}omcSfn|~!AgC}ZG}OgzQ;C#
zgw7!28dhj!@6zJ&25(^WE9$rE(#!H*ywx@LaWdF@c2wTLt&V}nyQ7>vk~@w)F5Fp8
zSuRvKnP@el!NA4=i^1WXvdfTd<;ivT5eFVz%M2&vcWCU4Tp@uH_$fr>-P_T0F;n`n
zSuWbJw1f%5WBB=mN?SR;`P-h=awO-?ODqL)j;p9yQ$;*`K|xQ*gN7IF0wWGg?!wu}
z>L|L?I9vtY4o|PJRR@uCblp}@tY*gcg$|1d``$hUY#dw!ptGB{41{jpC&0LIr;^^j
zG!k&`I77?7osGBoR}<HD;Qg(vnE|O1|K_{F$w=9ux*K6L6{;x`=d-h&o6yW>|G|@y
zOsQANqQch>P@>X#=5)4e8jsNpw5*m{hVRfJ#`O)kte;t)?=0St^pu_}@sad`Tw36%
z#S_hbTukrN@%VOT>QnkSvHEpmT@{<zsmfla8PD}?<hbx#7%1!7+br%$X#1zTWam-)
zq(*7SLHn%66opHSn<}RmPnGkTMTD#Fu`*}>(Khegk;T4rQ6o(^_liZaNv4}Ojm+?P
zTjpNj=Y7Q@fJNlBZ&49VTeLH5+SPKie{D&1^f4d$_*1&na$@G1%&rYfrbG$AIV&f5
zdg<F+#PkvgsDD$BxwJ&#VGlG?)r$er5`JKU&NNFeUEbmW-@5Fz&pg)6%QQW;$c+s;
zM&}oNC`@-<DKmI`Xi6*eu?g?+U31rpsPa3l;=DPhb&|nXvfTe-<fi4hKW9I`{>yIU
zB*T`q+b)%oeyNY1nFOQ9yN~`ua?8X^^w-o_jS&0tsNJvc+G14VU93O11r#qzEUDLK
zMVpaO5iA<JvUvo{7-dt&*4owCCCJ1p4x344lq=qOU@$oiuTlu#Wu5TH;}(QZ|DejR
zSJ0!BRFKH`loXrg%mb3^MLgYl;$2q7YG#XpTzu}Hyd6=1GFWk2C&SdWSzmsj{7Nea
zZ*NQl{=PG$Hl%wcw}X!G!}jVM21VybKho`;SZRt!_IzXI9V1izYwBL+OKJT495)u$
z^q>6F&<S0iS%p7kBCtsORNTY8=D3F0Ya5+NWs(HOwf8Rm!Y)a&NQzJt-2M^rOV2=i
znzO);HSdPuP>@aFaN(Dp8Ps&$G-Tm79txinZtB;78#w8vo5AU9X1lGIX7cH>X+2gu
zNxQFhtZ(!HhF3Nxk*9zg=t7C7xEsNrZ<6O0MzX^k!yGK@iLWtA%&)7Swn%LKHoJ|i
z-&T>d8L!_rWzv~~#LXa>Nt~)2vC0$6b~=U}R|ztbqqowyvSc=-Ga_ZS+O@-cVxDQ;
zqI}|b$8T$x9M-pB7g;^4__g{o_kH_2#$}vltl8W$(@n-!ZO%AW2F4tm$|IkDXc?~E
zRMN~3zEU;)hCS3#vi>^$n|zV+k;jAZx$p(S1LK+9qt+Yg+2v8ygN&DyDW$0vXP5YK
z<)pn`0!Xg#+iQ0{v3N)H%8fF1((hcdR#JfWEsjDMWb_zJ5eIA|mrPnud{c;LcuRN@
zm8|rZ?3Qw+MUL=_KMI@p^7$*M+V}bCRFQ}3w~&YsrR1-=ph)#F>M-{(sQBOO)OU%>
zSh1H)5ffKVFHoH?OB%jn`jPvkh~MeS)TkFz=`fK@L<*|EEz->bmfw!Vglnz~(HpL>
z##eg8$#lPBD1MJpV>%=JUPJjkuEU@FmAr?UgpK3__JGUhaY`Skb5zQcrX{-%AwHo#
za9IR@$S?Na$-nTI{EYueegU<A$WJc@0ipkv^mXyPZk>v?oj1|QZyc0CZO<tG?)jT*
z#Fs6fT&Z?)<$h4WD|C2|m+(RzNi~W0)%nv`T!iZlJ+=f%E(|&asYD7{47za2SjjC4
z2MXeIptpAXCrNU-4Z_?nk{uM;6q_eGMHJuTPbu)slzwew63F#FtFf}U?@%M?ebx3R
z)9VQex@>#&X%AVr{sbHd;=c41=p)&R6(ZdCdJuRJ<o639*_pV;dHD9i<@ddFVB(_g
zg$Tsh*|&}Z-$`Nrq9Z&UizG!R9`*s_J0_XV5T;|WckWl}*H9DbV)WAQ{DDv1d05DS
z8r6dJ?!o@{LI)whd^Cm+Jt{fET>p!&y9{cpX&V3x#oda#yE_E8;!r5=?(P!Yin|n-
z7K*#O1d2;>cbDM)@jTzWKi)s@Op=p1IcMi&W^?V?&F+1Z-yptTK8(0%@X;be9l5Ax
zgjdRKaXY{_hw>XkHtB>5Rl&<BRv59-E2v&RW=4uVpdJw;vwh#J5Q~>3V!}*<h)yX^
zvW$!|>!F~X>=(bdm<YL+7iLN<hDdWS&Nv;w_s9!zRrYdNBQ!&ss9b@2p6vm{Pxsa(
zHlQPUr|?B4+ff*3kx-u14D@RsDT4XDk<w^~yL*zpbcsC;C-1J*0Hh}Rk`&g%%sC%P
znCN$(YXFKsNtWJc!U$@V_tY-S5w1rRS=#Op>W~+Vw1eU28awjnUDnI>i^T4vN;B*<
zT)eczWIGzni9l~J<$E4JDCuOsj$iG8vSzsyteihG$Iaj-P8q{pO{kZm-h;m(T$@WP
z8W<mE2!Q!Jy4#5??>hhB;X#!dK}(ZWvug}VGvM>?(0+4*MM+w7LOr8!WHU5IO=4wV
zQ{a8%n7CMhJD9yL4#&3$9|7)DTuT%h4`t+`GheIi|B?iCfD{s>iMkb?a5kgFAPtEy
zE=dHE3%?oDj(ctBMT@IP4iv)EeH!?Ft!L+zu2){De5JUp;wOK_JOjINW?vU$DiWcg
z!%ib!ELtpKCcaxC^``S#EG3DRKrQBINWnCYeM8HPiCY7&Jk~eHCV$?FE$dOLXzh?4
zHU=(cZK!AnYskQ~`>Nt9+j-Gzn$IGe&462p&=JoO{~!iw$b1KJ5{xK}m=@~?_{fm}
z#`nX?8^ygG{KyM1a<P36cJGMm23>cAd4efOchSHRkES2tbv_4V8ScS7kbeZ^4cp@o
z8BxAkc>M8V56sQOE&jO71IikXkO~-<FvEBO7|OJ;tH*a+ziz})AELc!zCXO1bOF#Z
zkJ3bY@!NFqgQ_GEMF0|+#~r>uSWYRl+jIe#GTxYRU^Ak<AI>SiJ`N_3@n(nvTRNqP
z$kQ0ff@<IBiB9nO=9@RQ0!TnUG;z0;eDj7qwQtsVCrl%~SFaRt7n5wtY*B3IN5d1K
z#8=F?(@)v;mmG2X;zZ*s&Rn=#R_l;OODNrttUF;F5IL=vh;jR0iN?*xG&8IFE`s8Y
zTs{tGh}%ab8c!XAj@e<bNXn$DW_**n>Rx&#s41PWT@&K;g?$;ZDkYao_$nSFWr|!o
zhxePr6dmIZIjt0=MNQ{>_tN_^X(TkSWlP_vAr!7-io9S-UowYh1Fyq9^rU%QYlFa^
z=F>SqV1rycWLmM1(LUdP-veJ<JK1{geSY2WntQ(%?HJ&Dc41k0Tj^*z5-qOkr|1`Z
zsqn&hRekwR>v{OS;9G-Ii1j%ff<QnyS<5lJAbdN#Z$leYC}rqQ=&T;?`pNHm-juyJ
z`~29?W3Fd6ylq)8<K|MH!6$mYug|0VSl>f5!cX$wRWe_id+qf=FU(a~Z^`CWB$ty_
z8UebQ@#qK>&N;Wu>CEpdqCdX%!c<+q#nmwcM4S|MW3`-q<OPu_{fH^pL9O+*iMh0;
z>Z!Wb;lVNO?=6JL1$<ho16*jGeqM-Bujo?H=GSICHb^L_kTnS?1alennlV#G!F8y&
zr5rpw0}lbV>}pXLvXaxWgOHWh*-uC3(?KzHuAY5DENsHRd2!AWf-35eg#MBL%m0>t
z@n89w|66`Zr2ojTUI_u=q>N~`f#O$*EwQEsHM`0mv<gflO~C7_$Bsh2KNX$UH#RWp
z@-@zHK}&-+3%~ID;wJd1sy*n!M5=BD>k_g+6j}>MYvNMB>dQ{~y*Sn1H5|Sj1AMK$
zDrEKB@C%zktNZ1iw#kqS=|R53MZ8j29=N6!+fOU!qW1Y!Xat`G&qYm*7W9kwYe1bM
zPWfo4FmWxqpFq!>W}7#}o6Z|Be^_8NTUMYBR*8d<UW3n5^%1IA+DY_6JaU5MJ;SPc
zu<sjtZiS8fn?D`=x$Q+c{}H6?83KOT{K-LHdJ#^KM+$TP1ED`ymz)-+IsF&x$tWz`
z_@N_fN<8AZBq?TazcAXKX^7%pW^ZThWI75O&00{3kqzl(Jyr<Z=uAk_A6mHhEde2~
z!tOUeoIf1FrlUh}oX=#8e6>u1e646dVSa%M0j!Gzv1gtGCd?Yrrh2X1UOWULe-5B0
zK|_fSf>HXK_KIx>R$`YX_p52pte`uD+FhQ(&tU)V(jka<(ea3p>K6&96R!;;-+Nlj
zBt{y^v!y&~O&_!kR?T3|(a~VuKTy3Zd-4(#7p!}X;!v%*AdM~ot_D9vy2KsZ$8Z%6
z&<I$upaEQ2Fx>%{;)oWzvlz#o+?l=*K_j{2`ZzIF4E{N#PU88vu7Wx#_1LQ-3{sj$
zAVL~v5y8mPTqn@c0`fEzzxWNS0@-)zyNM8u<9CH3@1b-1%Nvw!p0yuQmIDf}{RC4E
zF(gK{;5M$2kt=VIQNEd6M4dOX+s;)c7o5>gcLqKW_!iN!H>5r9%c9z!8dy3g+k$N4
z{WI?XBtK}G8!}G-Mb>B=Wx@Bhxf_B`Dr@PrmRCT9k3t6hV1|KgO$NS9hWNS8Z??$m
zrbW*-pK}o)u_)VQOeW{<h88=)aYA2LXp1ft3jGu2@q9_oB67=uu8<d*FI=(I-9Svi
zw6y9Ww!qSPPQf_{(xQj0OkA5ACS-2kw9q?Wq5_FhTGIVjD4;xW;BEIRR0mKnB^xJ|
zYhJ+f5Vj9D-7?%X=)*VRt?||G`xAUM?jSQzm;mbeL4&pX`%t>Wh6(X!UZK<ikBY}-
z6`33F2HJpYJ7jkso`|-Vjohp$Ze{yJ8j#Zf6^Vp|)+JZCqSyJgNy0p<ay<^H$oWV^
zfv|EC&$ilYRfyz!zp9@_#dD0;@lv%u8jQ?UM&ThAt*I$B2xJu#6BVK5JKt~5$1_dj
zr4tPITEs~62>PaA?&Q#aGR_|xATEV^OlRTk+F$;X%m6NWj1I6Fw3{4v!r8{#BYw;N
z?mbLT_tSf}e=yf}>uNf?C(p1JojvwGV1kfue!NPn&$l7KAgsT;rf+8)@%crbK^!PE
z$kF}Fq(nqr^~g}8cD}pLgwlnB*#KNWJYMLHbpX(b`=p<RdQ)3x!U>YUVa!^Qx@MD6
zMusiqk4f{bVVMBE*fQGiZCp84l%4@|SFXJtEGJ<24+?7^c{RE6<F1G38UR<QHxn?8
zs~4zN*UN&{C$I-5sy7oSh5R}qt(o1@g9rN-*}jAOhS{!C*Hw!|(a(P-U49&9-`p{S
zMJ7isH-&+Jag-wWwQ}z+os?zx!c0{?JC2cm)$9AV_2Jk2vJz@G&NF>3D%XU!^i|xl
zPJoMW?L;t+!Z>kU-`b*x!&pzb^lMUfl-4>=2BCNC^s@w>CPIo7x9p9h$~fiV7?9kG
z-62$et^(tPEx13EKBjsCTe4oqb&1xuQ~Osssy;?Hg;dE%rty*9WK8d#`UE=?FIf(M
zK5XfetcN(;oOPD>!F7DwqFi_1+F3uow2qTnXWrsmx8HJIZ@YxKh`Xd-f5(eVPQmi>
z46F9K53P0u+>yX<m<aB5PWe(5-jl=+_$tecWmIz}8n3%1QVG*~u}Vo_0lcdvhg^Iw
zZomAz*DxzoCe0k<Cj-4(+1>pkzrz2Pf9YTOnf_aT+3x?yuh0(xF(~u%c`OkCd(to5
ze^6kI!8qB@O3wjGC(!Qk*eArM7eg*`zln{dYe~na4~dIPgaEm0><)k3xEV$?G%#zN
zB+%aZfwi=$i@vnW7-e@$pLho7?yCDDw2c?Lfg5=`;BH+Ub=KQVQMb@6;4;-r<1*Gv
z?m}TBk{#muwzcxv`qn-+`_?`_Tc#7o)&Djzx+^Dfv?A|yVBvG?@d{z<mLOj1ntl1S
ztEgK%#gb=*_%2Tu7B*C?(iD=wwX-YXTimutKs-49);DFe?{Dq~?4nt(d3jxB{kN5-
z#ipfWJ3+g4J6}6EJDJG%6{Quk$_l87#fc?7omQiEvv!kqhxU@gRIkAb<R5}!vR}WZ
zs{YZUR?93^(D=Ecv6NOW6=g~1{XO+qWj|YUpAKn1PD9QPLrV2eO3x~+d0Cyfc4dVs
z58aQH%0C`bwU2Y+%*UxYa>;cIII2jEe5FKcN_3Tnr1z1!U?Cu7XHfUuhHDs;-~M}Q
zbpgySIS#}9wyo8tu5civp~OZ1!jz;K22tN@aI_p|SCnv|V<F|0;!X4eP1bkELc>1Z
zX}BvzF5(SI(vP<hSBh?2T~R>%4N1;RMK|QGs5t6LL6#USB^7Vvk9{8}I{RV0B6dYt
zAY32>;B+x`D4Sz;#Rx~S78&-ZPt!ke2w)pZzr%d2fu1Qj{2F@n!12V@6|=uNdWh_Y
zKR%c~o%z6#6~S6me`(HTc<<Qeh>&#dy>=~5-W4-3ls;X(GkVDRKqC<G^6G9}<<RWV
z%trcA*2j5{A4O2q%Dr@{#B@t)Qt(8#hf(jY$v|tLetu`7+Z|l6W^osn)LJ(!2Sbyq
z<&r5U{rbc2BAmJe26z{IM86y+;iqDi;HPRHrrqOd&5?^(rS}|J*!{uNYf*=?Pf?x1
zxYr1l_U4pBY0+>Xb4dBI_o}z(@DXs`fn@rW2J*r(dU}>XNMXLeiDKr(GU>LaGQ)_`
z*^FK}8RaVd8q$pTdL(>N7`9g!_M_bt;$orI#?<XssSCR`Q?`RcFoS9Q*h2P)YL>0S
zA$<vjSyes>h&)Z}{vMyt9T343qxlM1;lt4t8eg2+O;v0ZtL83Y9orrHSFyiMI1*cN
zfq4cS3C&oF^e6T$e33i3&NQ;$2}zNzL^&T$`2)O$Gf|hF$Zuc$1*RBWw=3<dC7}~l
z9r|@$ou&3+%U#zJTX|mTXukrtdJP*N+{drh_SPXfyNo5VC9z=l-$&neb$R@)Ia6QN
zQJrfCSH|4z>4or_n~Y2B{iB%?2$tnm8fOY{bZx9Ht$#7+wv;>8#xitj_;Bi&1+Dy+
z;;}Y&y4WT-mrKOj-J0H(OIK@1T5oUR*o`@C*V{2?3C^BwZ>h_+cEQ008uH+3Hk}ro
zaPjl%q)_`eCcjxvC9Dh8C+X<5x+LoDCPg0HGgna%7&<phsR_NiS`W^(FAgnplqn}#
z)hf;%)83CsHZ1-e9o_r37N#>T`1_ox2@w3vAmS^t=E}a+Es`Cz+ZrY@MykgT3da*&
zJ98J}RAMj-OH*Kn40BUS6L!;IFr>~cH#n$^vOw4|pI=}`KW_9_yL^+5-H*jCdtKx9
z#-_6-pT$L`MFlJ-8`dNK$SaMdxWoY=0r=P7G<BbKu{7xWxi`MW{AJi*(p>f`wD)ep
z+7-05uiWMTVQ*=FV2^8`Zk~6>F#fIT40Z_&T(Pga=aEu}-KS1s_N13cm88zBvgRrx
zu8RkfRK_Gnry~5JGH1BWIO~=l>8&`^1gE~tpgO27=Z|UZC$ik>#K1FuGc;Z~rL$MZ
z`LmKjU6T4e<XEt5O&Z*$G$=8nLtV_oxK>f2&XC&pN7}spE0m#wdi2+Fu9|L!*d`j?
z<e7?7T1R_TAr1cGhE4k$nmwx9pRxX5t!c-J<$leS=&3m@ht1e}Bp(O-BfrZ3mVfzQ
z`5FIPer4DH$bW+h0dX2sHzK^4E84Ul(wTX9?xb^I<NIAmf8BVpCjJ+9E*)u&<;ap;
zme7juc&>cCffS=roxE9zo$KE_3Wn=F_dC14pUR9XryL0F!jDe}p|#g7Xrr5-OWzuV
zObi_i&8zFGlPT|Po^iZ$lB_mpo=@HHi03TQ{o`K)Un5^zIth3j>hi*KIqzKWT+Id*
z?~v}~?-=h+?sUO8EF~zYo&FJ&Bu#Cjz!BrLd%p16986LtD*CfHbr2m$OXepNKg}N*
zqT~@D%^GTfpMqc_jk-<Bo8*zEW$IA`mh=!iNhRk;x@C)Y3NX(Cc!s6UD6=qdWJw{B
zVy*Ev*T%PR1clS*wVLhot-qJ5M=Y$G^mO%B^xUh6tMsdc%nCm9(-9QcpbXP2KrTSq
zI1e;dHjMKB^@wqE?g)V?qAo;c;!`BK5HRpjEGxG1$~qsObKrYaOgurBMF1eVe8+Uj
zan-MJbk%p!-=d={zj6djV(;6<pR~>Fx9!cVW&ij&B;eVxGUm9$+Zr*FBp6kM@0=(&
zl5<S5M^aAJ#wjnjhV^$iY;o`F@@jIbIhf?Y>O9I6)!K4pX-8|5E>RIR4C$69_9^F_
z&h*&{nn?aE$rNTyALU2FE(3^wfzWEOnU9CRX{OEIb8d8nNbn3ljs`eCO|`&(m$ddd
zwTT~fxt_>e{Z1f`o&<#8V=55)+(EHCF)9_O0n!F}gQUQ@s33FDx0UZRwk{q=(!OmR
z%Cg0|XFWNDaVtvGx#vWOM8^tlH0e#VEGo<wPIl=aK^Z|1KP?l#g>6aBkY)Q;HkD=K
zzTJVkO&+EEgx`VP0pLLV0P|N!1y4vtuT<^&!403pgn0@1fgJyuwk%M=d7*W_D_WXQ
zuSz3nM4Cr{ceHhaz_PMFtwV+)2W3L~@zatL_PD_sCvML3-nR*f37qZZ2_DP#>jb@n
zQzwsQ{Rx%>ZkwFLjw8B)xdpRH7ld6#?W*1?Xy3F~#JVz>H}8p;2tiARV7T`_^2B#t
zlxQ{RwQUpQ#ce8vGIeQYl15P-GG>x?uhV+_$tLCrz3h<%m}}gzfGTjS+?--DhxgSk
zOgT=44j@O41RKZ_Eq5DyJUBn7;S;~!G5zwX)0A$4`_lxsPqr2Eu%A@6RSe%~M#AIJ
z786!{{TM{HA?(%*2VQ11e&z+bS(k*fODnEr8Y_HTfqZzHvBCpyBsC$lzO0Zw@3i|b
zuZxNT>Xi%F$M(alFJIn}i_3;Z3Qgt@+XwjiLV;|uQg8fiN}YnchK06q;eIIf-*yjv
zFMJXr&)xM74f9uJi>Z<qCWR>rRizT-@`5igz*|5|yY2ha4V4<&_-bS-;)DOgw_yKV
zW!TkF-s%CF>o;BYZxfAceG`!_6%i{{)!`El@W-dND?bbLB_h7}Egk>Ok~zs$bfGOM
zXGL6st@0N}#I+G{_&tmZ|I+|(6%EtJ_+caHv$&7QFj>q6oOWk|zb9SIjC<BG=|^uJ
zdyJfEYFXAZilXlY$fh`3Hr4oWuA(BX$q!qFC%MA(w~7(IT=wp^gAoVDmWv<!NVh1u
zI42JR8)*GSdswP;t1LY6IMdk(2oT0Pf&cqzgk-EMQreCMBPj2)?P=E$J2YxVWP2RN
z3gdebL%QaH*<Lm69yKxDo6#!dVVT!vDrbir`Q$X$?KL@N*Ol<(6rqS)evhPtu7hCt
z7q9nOzE`R-7o_f#>C^~))o2z=K#Sy%ZkIlQc?vnxgUQ{+s(Pls%|E?eFX@|=QW2*q
zr*<GlP&p(&Ka!xux)dzwtXkNbT#ANyl2bYE=qB9y-k~ggU-OdTZ6SpE4Q?aZsyjhk
zr`xAmt(yCIUAgdNz;v&RN$r`YGR7Mi)dYOujJIv#X_BjCVTZMT&A;ygl#wbhA1xW0
z-Yq(eMT=bs@w6GfdESluN%}Wth5G-Nf8}5K8U9=TZ?ylB-{v<2#C=~ZwUDpT7;u5O
z9{y{HM~T0@&HOPv@Jj=&Yy+HZ!}}N7Mjx>8y2xg;;J1JztGvYJzgkr8RzQqfC}x(v
zCY=VpgYQ>~<u<F^2koXtjvL2&nrm0o$GV!0Z=Tk+K<53&$YV#$GesP+v*xfnDx?ds
zRvm>xb}cKkI^>1i=Z=S2!MOVcn&kuFwll9E`$L7NzX71~IBeaSgGa-G{wON3mfbn)
z&aTmeRX27z%uFPV@Y_F~-`Ea|dJUN-lO-_@5Ib`Keevq>*NQ=QomugTsJ1yTi>=m!
z#~GL4K56E(t2b6F=eV=@yF>9A%`Z<(a~t9l0escuf{bQ4*&sKYE4Ap4oWfsamDlIi
zv1AJ5XM==2%C0b9kBK9E2RF}&Xb2*_vn!%6k`=MnW4zz81V~<1^B)mn?VIxd{vFD%
zCH?5k>OKYWRCivtIk*kwdm7-5PrnJaYRiq}JZegRl#88g>TGyr=QEjobM?`OmDe!r
zt}{z_JJ7=U-Mss|mTq~1qRhjde&&>(0CZOlG@pJM6?Yyie9Q^+8^cun=(pnBF;*Ft
zEFH8Zb$KKAeyuc)MtmSS+4!k{;^UX#-zV;yW3C+Yt|~YR`FDe<K}I(YOR3yf`7^*k
z*z^i;mBDNYf55fIg*pmjpRMDIlyk(S3BQ2QEQcOl;qxhHtHPp>&Hde!OzEqVks?L$
z@2f=txq7u_q)JnS%+RP~KW$p9pXCS8<==8>Ply^jQ}0l15yVtoMdRM57wt-fdI+Wx
z%Fa3MR_05NJ9O#c8mlzU#@eKFWDI0ZV9(ZR6hRu?X}a_>4PSv)C5xsdeq(ap8L40f
z#yz!ptm79Q-A2Bl9g%YV$?`j+61`zL{)E&!_>)+?=K@a`;g3C~2`&YFK{_A3LL_=p
zI)%CU_?O~@{g1tYebeks1VV6<_jE}}pfY<z+EVw2bo{G*vG<pB{C6+Iu>s^O^pEK%
z8x$QB@Xj9!hSr8E^hx&ZW}LW*ll01ENN9=Dk<*28hzHiB)CAXL)r8js)kM{#*5s&E
z8`Bm<)ucNmIK?;xPs#C>-)?o>O+@E8cPg~}4qDkDTg3_WN@Po5Q$N%7EA&vLDaMe-
z8Y=T?tHzppUR`*Q4J|v)*l~q_3|$KSusD?Z_<5Tc8jZa8$WU5Kwv?)Z+K$SOW)9s3
z0VPygoYPoj3%wxB>1%t_V1pyAo7IBFS!-Ozb51BrA9tT(P<E=(aVz)*nM|1^K@?Bv
z%hAEX`huG{tTBLGK4-KW$@F3%&<<r5z7;x3MKVK~ZvOa@0ZR{>lpOQ=#Ra7t{u{$n
zhbi%;oS34Ry_kfUshDdoa8pGrdPLo+F26FrGruUmKEHfZr&m!nL1D&-UW|aH<javd
zNAcCyv=nB=WEW~#hNOM@!53TG9$Kl(YZr#{Vun6}GM!}#`{ZLpfnwqr7VCI7QGriH
z=}PjJ#jZ0jM@eo{Z7gebhs;+v_2wDWBS|*+=J>WF4GIkkO$yDs+7)U1X)tM+(I)iu
z&`k2oj7;UswoHUfKbUlxSD0^Gx@Tw1mTdX0_$~O2tsAo&vzzrA^qTY<S8G<AzJ~_Q
z7tBlA)^W$0zW|m6CIor~Mg&sjP*eRF{Pyy+KN1uL<jR;AxJUgJ8<e0n)3?yKu574k
zbZBsB`uNYG5@lZ6w%)z_HlcCQXJ*;LzS(1Hf~|0)dw|R;Ac~wMAj+8R4YS|qg&LOg
zW2^E)9S;5RG=7jrj{11s?>Mr>u#N85Tn4uG=}`kr-ZH%-*alavfcjp`9iW$Rwo$)f
zKP@`0=8OPFzqOY;^qk8v^nP?zE%pJxF1s=H8-v8zJ4k5u2-A(^WhGVUWn%?+SquvX
z!;O@aQaJ(>Iv&Kp+i=x`!^mJO7wNf@WZqwB8Yi<@T*wQe2LIgiYyEHeSO1lt{=end
zS^1Cr^x_Z@Ka@~rM{NIj)Xy~?E$R4HQL@TU{&kbp@lOnYT=so5sC{y6V~U|)RG^+O
z%J{ML%LE|DyaxO>#ezc9jlS59NU&vCyPird+n^zFiOUE5a)u)Gb{F1D#4ZCp{o;R3
z&};Qp@VF7i_d*=kyPubFVnuAg-pvrh#rwk(scau=-w?@q-*kTiz9{@K;xKGlB1R&n
zFFnExb>uV08>#KW8c@UUyI0AyG622~8w@cVZ++W3fE5Edm!AJ7ldynpNnjY3jil{=
z$3Cn9c&5AJt9suJ*Mb##ITbxr#wMjTF!D=#Cr)vuKmLVrfEO}AIK6KUyr7L`3IN01
z6cF69iUElLkQe@Xrt_Trhl4A>#P*v57~;si1(p?HMJi(*ke5@6B9sf>mGj?)0fS(O
ze)k)OOpp>G`}mK<Jc20IN#3@o?w{6#pB@>fCT~MjlWns<J<<=`j52kkcN}>Dc8?O^
zz9*|p?qI6CH)u?{@az&@k~NI=zPw2JCGE<@DBT2L=9+jXY%wgy>}2-(U=!$jd7$in
z-|Gz*Dbl2jj4+nGzv`G?lqYkQCte5uLuzb6jr~Tw<?L}bA&w{TWA%c4aBd)?Qi7hO
zd1HvzH?&H5Y+f2N*}k~cx*;D{>#_9Oza4FjRYC(oo^fWPa4dHi=_%+T+26awp4+Fn
zlWv{+Gz1Ww1;Bgb-S|NZ$KUY|ZhY-D04M-Hdf~53C&H4kOkIlE<MyE^V{L#-!`|l%
z6xfDr1ffYM-?jEB6}U&-7D1>p5vgb7VccH0-s*zaXNsj<;f)8|q%BIH<SUdUN7v4(
zfkp9E@+9V?<d)dWt}E~DcawSjIh#n7%&BB(rJ?$g&D+iAL1pKA{-gj<g=0hqt{>)0
za7&;j=tlSojmzQFLI`88{+M(BQEW5YN_ElR3C)`z3n95Oq%U_Xi5|kfrDfrs`|8;y
zLBHtSsib0T+d0z-jnyi26`W>pd(X?9Lc>OoC5+S0E6@PH)_r&3e(4Y(O=sA$C!M<$
zK@Y78+OuHKO+c}jkkQx_@ygZe{qqC+CB&t~$927bde_;ZaT0359LsvgwYZ2_9lE4x
zkxKTCA>CSPCAh9fNJ#eXXuFRE$&w)C7LTw732jPk_HT|BUjr-NP#P4B=JjVDytU@U
znz-gx!^5HHMZw0yll`7?A!s3gvp!ZBG9La-kBKk}sxXG&93i=+n9HVkq^+sCu36F4
zqB#*l71{RT&5?BzKw4qDl_AEBKcv&`62|8qDV3E*OJ*N3yOG(>O=#qu`jT!^yb-=n
z{BhB1S+I9}A{|G-S$}m-j9b~MZ0Pa-e*yUJrdD*5Ft7A#a%C=`G>N~<I;GS2qF1vC
zT(Yv8GUJWfI=|qsdLdTmSS+!jb2knd*1n1Y;nS|scN2eBW5iqjbT3#xR-yDm9LGH0
z-#Ir}6^d$a{|I$<Ii<R(?loW<S+&6)OY??vydeSTfc1vD_|YapUbS8%ZR$X;$Gcqm
zh7?&^-m@_f!z}Tm_OiE`EC56A*PyZBUx{uYG+!J)YMQA}<^d?Ol!fJ>HY2XyF6+DV
zD|{DgKPznC%v-YdSOn>ssG{WcwwxE-i5(9QX8Ry9kuuvl7Tze5l{Wmvb5m5&t58CB
zFNYLi9BsX-VYw7l+J)4Q)`W%f+~~W2J}p$S1K7j({&rws<QydMb0-6r2iT5t_PoDB
zr;lP5f4kC(9|r8+uu&!@e)mLe!?oknPczm}vnqrLL<HahAOIXJxT}H9u8J9zk%fq(
z{F`=GKzOib1F<FJNdFe@FO_6OVOyU-X1Ml|(aQ>7FSzOP!S&DkIpWPpOI}zc&LMdm
z7X2U*saR+d7}k~{0_6Mt?r>vPLQ-A~4G>Qa(g}6`-t%P(?GoI`@;zBnsUM!fnCGt@
z2l~RP$$#Y6``_}f{VPA+f6H$a{~!60qaYx-9rvD`OGP5}neuLD+d6{24C8Q<2wG4+
zIk8HcZDQbC6prVqxPC1@RpmwDc4b3LS0KeQ1gQ;1s=BJUVyK=N&+2wuyG%y?jeG)_
zAa&acdI>$`9~o~O{s4*s!rr5=+cwC-4Ih;wR_Ks?RO%;ti!Z)vm}w%6ZE=Q@bM@3p
zI-l;;E3Hd7RmCW6X#jRPPm;FE{XOc0)U8J1Z65mgKu-4BkqjG>zE=_H&aH8bE<Y+B
zi3IW^M?LwsVuDx4{70#V7j~|9<zdeJN4|<}zLU8<XUDLd!)xkGy&citkBs1irKuMx
z4F)J5rP53U%lZ_t+78s*uVEeMNr$5EOB$pDYvYI4^c^Rk8>p}F1~;w&c<hARps{dt
z4gSPN{B;v;KTH=?>E*DufEf5Y_7?$!PJdE?dlxhmEVg4v9miH$>jcnuH<xMR!BRt9
z`VE|_d`HmbDN92pRU4nlW*Nmq#H~~~S|smx<>dVltzP|Y%qIKSXsTxM6<>n-ru2dX
z#$~1`s_s#RJD#tbeyJ8c=n>uz^ts@mg<ebnsoYND(nov^KduI$XcD=Ekc^;owv}17
zuW-5kXdkmpVKy#$v@{6PMM-)zdIie@Z!w$1e-Y{huj7dQ8qpfRlB`!CaZK1??1<#y
zRXiFSitlj@x-Sq$$(A8d`mHU{T<o9VopfbC;Fsn)*Fo%~6cjH$sd~tdC=?*-i+^Tb
zHSMdC97`ZOey#m8=bZ9VchkRAIb`hYLUr<!*Qju6qWwf@ZstqH8~*TQDaQ%<dc+gg
z<(E0C{wh>c8tsGjDGwAqxHp&<vE5f6ShtD53H&L3C;>~+1LUz8<axW{&9rdju^uri
zKKMuO;p!_oD~;yD_pxqu&?v{PJ>!ktpc<(d)PjPfh{$|Kr)l1>e}=u^XM?fw>yBaH
zL&!70pd&w1Q*XL+?si(R&s}Ta>=b<V50~EVpeBr|0OD0xho1WD9)7PT{M(D5_-M1{
zpIjvAWx3jJPJ~yX&b(3(9izLPVAK`}*S%ik7woffK>1IfhiB8nGy27m_RWu^;OF)g
z6BvuTD_V`s?3^{qcfwggsvTd4o}-#KKbOgjer^E3cw?{URxT6HZ(Hh_vKf^im*z#?
zT?C83E(FDIcBomlMK(K)|LS0A=wdRQ!?Q(c{aDpiMJ_+wkGO9<c(lth9KJD&@7Ljs
z?mT?sFEH9qD&oD+lDOO**-;gCAn6zENl}|(-e0~MAmdML8NWRmnP#Q@D01LvI8a}o
z(9J&$RunFXmf`myblT<tm=@#Fp$@JYZkOe;frJ8|B&}Lt97LZ@7DrqRkos)_&Ec*I
zmVu;}IBMRp16+&J)XUwF(LNDNEyVUD5#Oks<@@hz>PSUBHqX<YJ^3ok1-MFoJ;OS&
ztaHOGjgBs2xq1yDUzk{yNj3mN*LLA8xx)!|Cv9ta?M-=@B*r}xh~32|fliDM%$I^w
zu8@A8h=y`+Q9afzEOve*q=)=neG|C*c|pNQ67q6MtoZ-UdG>5q|1YH->all)1|no&
z-%a(vv9%k%SM$*ArW~8C7dCUEdvvuk3j2aq>re~2MlFQ4Egk^r<<kTQiCM0&Su6i=
zvn@XowoLDLU>I*<XF(F>???g@5_#Gikz!}8mXF&48v7yEYwNWeSf+zg_QYHQXnXF>
z!Oi9ZS3HaSPcF$rikm)8)aT$s2Ctz3e<n~Y*DD?%{&t66)ik$6ZEB;Z-Z&%J&M9-~
z-zMEi>$9cX&mgT2d(2T~zU)X06;TCP`6WMqN*!kxp$wpfk%1|dsGjlp`|vhhpv;;r
z>^rr!ZgMDP$N&@~>50tm^($Dz)*uQ?1EhAueuo7YVCiJgzM**4rk-XulK(U1@%ymP
zfcD`#e-#Gl)B|-5TnGG^!5!PZ+zUnCtfI(2@|*l``PcuIpZ34yw~+Xc{9Szz5Z{>d
zUd00-mtli!6PPOkc~SZi){s~igWE5xUNHat8ZkUvdE4m^%tO47NNnuQy-Rr+=C^`F
z?qf6Bra}OUu#4X@*AG&{&e1t~rmG+!j2~nH@Y<m{kyhPf55gK^=E9!uag%FYgm&1p
z1K5Xzx)l)Kygproo`1Cj@BzboF<P6q9C2*eNgc5#v4+9a?-+UoQtELcz8I<tMT*$V
z@5sP=$QLX0?PJM-t?`6_LFbIq@3|Z#J#9om6Bd%oC{w55P3#Fj9>!R3cB<f*?>Rsh
zrbzK1{P71$tFG~R%wIz<8{2bg2xy(qXg(<GLCM08te^x#(SGFuMf7e7<+HHdg;qz3
ziH{$$PAyJHa@zL5nPn!ITafP7g8rt4mo07!cIPYg$b$ntk7=5NGmViK2KzCcmgEL-
zkk<K1qzBRhstXBUN1@z%Aq2NN;)P(jJI3+~droD9n<lI%Xe8>1clr(RfbSH0B;dO0
zw|+6TPix2Tj3%lCErM#_JVj!tI2hC+6N&I5rQ|o40sU;OJ?YPBu>ThqYg2Hv!O`5{
zG!?X{)MDVLDOh=pP)<UdPrJFm>Gdmeba1&dEY&B;d{%Tv$n751qiW61faYW`gDvM`
zXwM{|%-FHes}ar*&)FI+!*d3Z-44osBRZZec$1hj6nzyeHH5Ga7|@+_UE(;6uiRXF
zG1&1YNkrJFMTzB$a_m=XMmV@Kyl(wbxJog02|DBimC!yQJG8+WY`|QsPcm)W(hg?I
zOk?e1wFts5O_R+gM@HoJ;2MYzY_^Z~rs~{m{#ut_^$MBXnX}+L<}G@U)com~xEd-f
z!YnNMB9bwvKK8B@bAzUpgT6fWSI0#WaYC|ti~ajO7-2bZwoOcEHm5i99M1&I%Z@gp
zbuTkF%UfaIl4z1hPonG}1K7eA{zXVkk;6LB7+GuX)r34*6{H8c_{ibo$kf}`5mUeA
z=?u0HV~xaHL;I*5abjqBQu5hOD2MUR*t;L;J9$$iG*(&)$dO)9CerB~%>q`L*Cz!(
zJ>8Ko=?R&?BiR|jO23vGv&LEppRmL9$Y%}`T;WD$o+2sN+Qr~e9%4_LVJyQ(>O7-^
zV*D014_-%0Lvjl;9@h@Hlpg>Nd`OQH!h?h)A%GC&tMEKiCW#hW>4!KzO(HRF-RXDi
zaI~myb2377)~kyJh4-NBOMc<O*~1nQv`g)E6_^}gtT*Zf<mBFUyEE^D;Um$<7&^d1
zjlzNq?H3po@NMkCv)@1Ae&?L~=3w&B_yddJjkjX(Scde@S#obQn*lDL{3x@x2yxJ_
zxNB{LcVFRA!mj8?{Gf~EgX#W*9`BF!ZpOrxSHBb2Fi!%4vdnH=IhEK?dezkNX;W@5
z>u&juDh|}J*GiHjuZ+#+;HJPUn+q`;VpL{J$hjpPTw}rE+EZ*$%<WF|g#Fyxcyk@G
zS>q<5-Rhgg*{BAw*Wd+bgEs*sW93c1dsAV?L~0e^&fv6*&Df}60BKN@%!9VG!0y2}
z>GA7|STEA!*&fQ;U$bL)%EoS}iArJN%u|ohH|0e?kl$$Xgv#FWVBF$@CfM<;aiy0B
zU8yI`$A2CT&2Bo@V~h1GrLv1qCwwG@S5tV*V6;G*xUhVDQ7Rffa5UMb@8BgRxq-8K
zfL{iC=WQFPju``0{UW^zT9S?_BTM*LXCJdJfN0q<StHvFNkSC&XBcy2Gv6s|aYzH-
z`|PZYd2)?#NFhZgCka4X%=cmk3YS!u9#-Y*2Z#j1(D6gant^LXC);sg<N^7NNkYDR
z{;L&e-ce_oQ_smO{hj`dEu4mI)Yg=}mZAz~gYE1AFT#UfS~ixyJTxY$zfAR;L`h&#
zmaMK_--M0m-b7Awe6yAR-oGy_on+r<dJ{e)58;`z?dGn^e)*y*dyYWAFlDqFhW?NI
z7XMrRjeq5*`EU7c@Bbq|{YPwS%%t6~3{<j7>NB+L#V+)%)Sj3wqiZc(;og&;)eHQ2
z8|jaCUVcw6PcM%nMF-lJXN?Q%zGsd1-rbYW9UGKa%~<S6c@(_gM{c8)hYuf2hiemL
z`u5SiaBZ;RcG!MgeO<_8<veE!>|$UN>0wg-teq3GpR0nRvfg?hY%Z3mm`uxRg7(=V
zVv;&RzHrhxa?5F&a1{B52Z~WWSK;u-E4j8h%`=>LANjNCBN6E-iZJB-$Xid1yodH7
z?JyS1lqV{a2=qaJKieDutm3DKtgZH-h!QJj`kP;S{NGQhH(5&=Pm?<rF4?Ec_m^DY
zZdop+oY=fbTX2c!8&VRgMAcxZ$UP$fSbFgL2xgB|CTPb7;rrZ|kaIrRE<|!@A(>P8
z*ndA|Atm^~yH7oFJCVv&hm>!{8egL?5<G2u(tfIe&x$Yj2ya8!_(x0_5{LwZ%ndTf
z8pcnMNT4(lmlQ7GBcP|P#-1i!oV6`97U7UJDzsvXS@t1Xg?$wpw%+tue3-T+DRTs<
zhpc`zb0^LCG$FybLY_QzBeu)3so-QRY0&s_@3&!m4R}D2+X#Qxe#0Zj4Fq8GU@U%?
zU^Em{65mKGx}nv|4F=k=2`rk);EVLX@b!SV@~fgS&B-*1@~bhezq4nZwEtl)Hcg-n
z6bhSXxn%Gn=GhR73*<F!MXpT$l-&DgQ}$+Ra?&~>J|rp;HoTJTpuZ#jnp5M(hJF`}
z;oaPY<idQI$oU65JRzchT>P2QYdC2*)F=AXPMk)e2M^7%n>jD7@6BAqb<>{U=@QP4
zheCMVd@l<-J@7AiHsW)k_I_%-I}~Lnp&jDSKom+ug|uk|MXE4G6#>lLACW`5QHP_V
zhA`7BNCr^xa`fpE*0@eIe9(<@F!oV<&zroPd!jf$eo?r<`9kda6&?WT){qT?B98G?
zgGE>)A@)a?FDA(-uH(7|$UMWwT_oKjx^ZRg&T=Aax(Nrw;>4-C!(Kna7q~1SfgKLv
z`d7%T_TiT{@T(~EIML4*RK63jEwKn+=bz&byrVyn_G$5mDTVsUZ99Thwgd10*oVnm
zwD|sBNJ1&6uh1`u0H{vV_w?R*BU&eQvS;DF<lv(kLsWl9bXQ5-+Mi044z4}SOOMF)
zY(s2Zd15Rv-!j81tYBX?VxB(BA(@<7*5TqS3Z<Y10$C`+xd&6pHG?7~qv{!uI=jz-
z5P89q4wq9X!kVILcy-<FPy99bul!Mbrk3?~W9s$~SDrhSZ|kZ0-%Q}Wle^LST`-w0
z;O~sB_h=7mht8(83JA&H6W4}sX1mkIK?cq8g=P!kFJw0dTL);vi?QFhBK1|V?>%7`
z?V!6Q-$kO-c?bUfc_QH%ef5VL5H7MHlXEw&$GY*PHEZu{9FhFnv0;45HV<bMFtw5R
zC(to4B%hS-dg3hK8tP75SR`WRq6e+FNDIUClXl^j;iy19jtBGKrS2hP3yF+q=u2)k
z{8d<r046=dipkIv6mRSd1hkb9eoXw@Mi$X3SRSd>d9jHz89cCr(aA9P5v`4T=;YQW
zrWQ}AANu1v7C3-$eo)^?`w&;O3gH=d6HZg~JDG%2Y*QThK8$fa0YB8zX~csbG8pr4
zMf~pGX;;*W9n63;&^X!4SfYaAb?sR%I5o*yXF2-I=rV!W8{d?xfhXUsk(B-Pg}DaF
zAKBx^6+v(k7$X&ATw_}kF*<R{f49PCb=<SUeF`{H@qw83g3}{D#WRU-$;{{udwX!<
zsG2t6Bp^cV!XE}&BT_KA03SAj+wg0=KRO{<7A-P9*q*q_WV|T;4u!;6e#cbG;Fy6~
z73~%YgL&EHQ_SCk4-Gy->oPmSKipT-EDPti*Qka0zoJOAnpyVzQq`5x*br4}zTfue
z74A;HCs<lgr%v)+Gj45L657*o?53@bBm?~;zxDr?fAe4YssCGk=kou^-+2rHv65c=
zE-q-s%9Z5?5KN?R7%I~6EU1UNx5Vt#@(ryp_bR1PcReG$JU_)0Mo85uGeTk`S*P$Q
ztkoOpN8!CxUE(B1OS|}5)+FxG8?h_&Q)`BxphVR+WNMvp7xm@)G?VxmRV!m*T7d&x
zN*boXxQeYv3qm$D$;ZMuD-roI!E3go?$va*bxE~RYdAu0+yokeELslc2n*O<h1%xo
zUSRuFTc54D8$kZfRciu!nUOpmHaVaFyUszFlHhQ1PlwTpsHsm0L)6&SjIIx{yDx%w
z#*|KAZcSb21oopM^{^cMw3e+3gL0E*qe3<%@1?pjC%3EzLaSl%%v?DK#ck4!VJGW}
zz8SYcZ2FkGOQRx=?+KRE_XOHLi^jfdQ=8vgZn;(u_`78<kS~$haA}4GgDj=bB)fm|
z%XjNfnHqA-z$3>R!;q<gz#+LNMnGP^xU`y~cU{{zYwvE#I}Np()`Tj=%&h|Ujz$d_
z^J<lq&Dr#TWZUn<^B)yFC<6W%C(Q5D%Mix}UFF_kzqP#Zw+f>XeeHTff^o%<*%^~{
zRl|S9G}7E*!2KTC9WFJf@&Tb5{@9Kg%9RNxS?;S|U!bppu|tP`kiWuuGh{3XK#xk)
zRgsf6gpZ`c2shJTPxNIO6SF;qMY?`@DoWZspz`|2xPz0Jd9S{bBAphxO-34&t!w7T
zA|m3(dy^Nro+uc55srh`1VtEZ8Rm!hqIEbR8lYBccZqHFr)OW**b0qlG)PfJhsecp
z*xuOt6T#t`tavm0?hM^4LB}T)oh?#w&kz8C9qc%sQ|Xkr<2U`3H;6~JC#>Lc+f9>{
zs)!f-UDr+1O{^(X$?UMUuIBMgts2@Eq_n?erh0x*%y%IjsIN;Xx#9alUMJsmxQ$y8
zo=g(b#dAY4Dgpt}esE0DIu~vG$5;%zlX1g$+H5O%l!-ZbRu1A-2a_0FvoD#LnR(EH
zA!V2I(|N3OF0a}lF&UvO5B0Fm@x54d%q(uvqSxF{8W?HGy#_$Psi)V&Egcb>LRHy>
z*GTe-JHHxK9m$4Dc{(Yok5H6kC)xO$u#1yWo`Lbfc#UV4%S1P>RHyQNP$uVAH;|7-
za^&}g#sSDYq+(rYX}~ych(@+!$}+-K(pR%ZuHXpPUcN&l<2iHmOvReKsIL_mzO*)}
zqPmgHla~v`CM|I87`ncgS_DAh2u11#8NfIHIek<ijm(_`8?=VK>H!MidG937aE&^a
z>It&l&k$fZna}FRq*;S5a;*+S1B=)-&ocPBMnH?uF0O5bTr(_!VN>=};AUr919zBt
z3vS0{s!a_lO>NT>$4t_|IG_eMFr;_B=1TVk|Ax~HTP_cVomCH=`3?rd8<*gjLx%{q
zv-_7Z%JSRs&>wez6*zbiA5XjY^5;tqV*B?tc;C53xM0%Y==}S8>ERBPtk?v!0{2~P
z)3Z{yIq`Y^Hyf}_0|Afm;$-+x-aYqJGX$2{O=hiSI8D#54Mwvte~5vsx<o=89}<Ev
zoqppy1boJ663Fu~64yVG-LsHBr>Z<2%!H5mHRUU7y{R?b!P)q+FIV^FgJgFUa3_%<
z@tuq81J#8*wJ|}{pW?&R4rnHoSL*0XCl1)s<cvgm-9%=-@Y5dbcj$8Vi=20KU2uL1
zI<!gm^mpwTk7MP;i|7ExUA0Y+I4$hc4{`I5YEd;<9%V!cUn6Z)yWpAa1VIT0q*1IX
zQAcIWHYu`n>7#{BY^y26clcJq-Dx9EtD!)NFdU!q<H8%b;fU!xbUOnm+#)xj-AS@M
zC{n1rKoZJrrn%crdstAgP_KSX1uXu~HlbB5>8|_XM{~}_b<wM<Irkf3RB;M7q~kM~
zXu#}adiSQFk@g&OXxmav8JstPoEo`j=sFC0+7wI;g&b{2XV0^$E%UOXINEEjX~#dc
z^B?)`|F`^G|H@DG-|~AJ{zv}CKOa#(P3GpQQ%ocoP~6#{Cy<?>P7i_vdt}7ABi>@3
zcL)&DLO)hOPG3fOtCu7|P1lIP{)i{rfRhiXA`C3W4x1@`Ii&6Xi2?9K7%Fh1F*Ezw
ziN!;`iJxeElP4l$P5mHdrtW{3E)jp~{z7yJ=?DyeZf%3{SuBm3$`(6vL$5DFhdW2>
zLUDWpXu#QqjH|X0yL_Ab{V5l^T0(?GxLwo%LFBMCL?fG^Ci{~}JsG72BIBq51S+g<
z|B&OA<y7A6H#&bDNvc*dol_(V9~Q1V^9DX-p8#IbyXChw(Fs8kE^o04`XK;E2Yo=S
zsnGA}8X0|GvIp`Oc%J~xps|(wCHO~l9T^%n4!x2h9Pq%E>pJPQ&0?sr2q8g$#e(R@
zCk5zf%OMA>EQmZ{HQU7<Bzk$z(5ddBx7BAGln8$svkGEg=oVa`F?z~3CAh=dHhZ(+
zJ|!zpIL$s-ZTn}z5%1wQ1!ErkD>QP67NN-OgEBIg$+hn<AU(mwN#b1_cy>4T!vC+Q
za9uKAB<A=jf34`scBSGEtp(CcV^Lm!TB}xFH=SGZF45%<1W-p@F`ScpTcQgki+~Y8
z#N2kIEs{uPf)nOLLHHbE@%B%r$(!WZCBH%o-V)kFVvSu%NUHL0n|gC%F~jj)4kT|w
zX!@(jfKIr3@aKhdmlr@$*H8Cf<HWo1-DjO9&FJhVLPB1jX*q0Cg9Xtli5}0DxyeD>
zEPp)cOY9OW{icc^>lXQ(BeghgR3Z0r+=YFc8c@e6oS?Mi@G{ew?~Ag`9kCq~R{jWT
zH|m?6Kn|a&ETe;MhJB6sKe>F~)uDSuZB&v-Ubu%HpN_mK2H1fMHK=Pi<vgDyttoaD
zQo0b(sPh9zp9m603%H;k@rPL-{n3|}5AGpLB&6aRhPx~%R1mYwsXS@#Byt%!d@0nL
z5>A4Trp&~Lo_%i1r<TYYm=CdApi5N6PY`#nji?u~?0yFB^*GZJ#|V!FuHu6!8oXe6
z`pE*~XFfk5NNf;S`XRBvKe4_Z!HgqX&Gg8U4au8Q2%6(ilvAM<;1eVY0!J=aX%9mV
z4@QW}OvMG@^W=NWtX^rDIA6M=P)Os3lilydHdJ29<rC3jgvAvVs!fc&CAp3%UK)bm
zH?}H679$WP-s^@dDDv=!qB}b$9C3x!(DPagdC$H#ryT|qoGKKRg{&Lg$}rz4AvFl%
zKWaeUf%1<io%5p)y<-lUQKTt&V}a2sD6lJtm5#mro7Rg=xZu}AWnD8RZZ?uiM|g`3
zt5SVQjXeuVFA^<S%HxZJZjpMRa=r*tOfV^K`DDivw<$7p{<%qF4&3Wws<7Z0Tj5?W
z(^v!$+u+%s=04%o4tXdkZmBiuq1crAr#R)kYP@I_G#V#*tzUv*k%qxyb%-JX7cu#L
z5Rid_6C3>XK{@yZ#SXRyh~FUugVO)zswFL3CItC9fY-{-fzOz=F0E{5Yy~a7rcPlr
ziSwH(z~A`XLnh70BW)NMr-L!D<<#@&!X5PXed_d<!xJ=J{&kb02D7jh-@ly7pOf>%
z(p^B<JYmLkQ`(7_$+ov1wWGuoMmCpe=!?BoTK^jamnAuC;H1wK09hFIb=>IZz68$r
zmj(`89^zi?nlcz3lzCt5*_FpPy5QC1Z}o#4jQJaAcVP!4K$53vQ9t3qW8GlA<3MdK
z_(^+z-?>VdNr?h&NJZGwk2F_Y`;>50`xugZh;N1w&Gi|eI1_81F1dZxCp!bp=m?w|
zL)g(@{?A4tDL97lV@V{izBI-gLtaPj4J^Q>C;Z^l2eegQVP*ZjZw(2`=DfTvgfUNC
zc3%@s;mmoRXe11YUIX}s8Kc%YsFkza!z{SK^%OU<o4^3pK?lyyMe|c=uthymct_AN
z?0@5#J$?^HdMjEHm{t=W-7{a3Js-F&{X5R@{J-Vj{#Sm=|CZk$>p${8A3{JVqEYu_
zp^q@s90hrBhWvek6rR0bSW`S5gPGQSKi)SqqzWH5W3AIP`8={jsd`NAiY(D$(Hi|C
z1b5{aEc6RC1Ha<aY+AHC$UdYs&HraEX`T@;`m0C94b?DZaE{u?@PsgoHzC?1#-VSI
z1?R5%;pnCfcEpPz#%a$H*j9W=rdGF!tz?D09{ZJ1QxZsN?(G58n{NAaI_h9#P~OmE
zpbE{-9+UDJP4eMYv~I6ms&`F_JgfjMI`<1#BJb|V<uHM_kH`!>*lZY0^qlzcVEEO~
z`)$Jtr|5>>yGgN2#%T98VNybvvCi*+ZbmaVGhQL2D+|zT1@H?s1TTq$qh+nb>vvrh
zY-l!~;sJCULQye^j@6Pg;`HHgdTNX(fZb0NKY(2}Et8#eoruKA8mmYNXpsT;pLYop
z27gxjwNuRqQ*}?@gs&i+GIS$_c5&Z46D1kC66|L!#dM$tTc*UJ<Va7V_3JV*g|W8W
z?&6DR0^_X|Qv8lpSMVc-nPi}WgLHuDp8eQT4=}Q^Rr1z}nB(~OIKaWYxNczpOA5mK
z*;W81aP-T~PQD}4<bljk>qXId&J1s}&=V`zYS>hKgAjOTfyWa9q`5&0m%~SOUlC=A
z?h*=`KErsX!&ObP{ERCjWlU0X4w$q5oE6#B#nFKT^y!<#O0X1npz4M)@<R<GO~f_*
zNf5SOz>ZJoP3`t=8(oFVP}Bjsm34P$LL=t>`wi*iJdxe*7i-^|L|<C4-0pHgSWP0J
z0~cRQL%5pjS{I_0IWQL~&s`+wO|4%n0VIA-sPli+-D8j>TNEJR#`N^`v~5h=wr$(C
zZA{y?ZQItgZQJf@WBa|>x4SQ5_x<0fI8~YVX5F}vKfcPyx_OR2cLg7cRFF5l`WsdT
zjI_WRM^ARn3UC-F&<*-;C0XRD@3P8GvEie0AhDXaZe9iUNpJK@dNFl|P6<g<F9eBR
z#;J|CBiW6sHAsws1o^UQP&^~kJ+Pk2lk{gSvlEZ;L|&xnOyKTnkV17`0vhemdv%in
z1e8COCs)BoxfO`c3iP@}K{bg&`WDY-q(a&`mv{nqvre`y)G*>_&2(|q`3^gc#!#T+
zM$QvfR*+=qkn#xI{BPyK%A^}hxViYPO7m}K`pzXfNfW=%{lE}FG!>U6U};rM5trpI
z6J;u4W}<!lKr}pzRF`LQPkNbwbI%%@6?8}TF_^0^BpW?9AtH++pV=q^yq?IJi^#<1
zDbHuhm+*YxAG4+jDnv5z%vY!xn9uIkio}<Cl%qrw&S^f0^;{jGFsX#dCuEb)b<W3N
zC@7fAWQLStH5Qqaut4V=nId(H(#%<uAQu^uOWAK!iaDJCyGL9Wn30l+))qCO5y_*I
z^D3R-v_<0-1ec&Y<xCbm9+W}@a<~~|f@VxHWa7=-r=vL&!ow7Pkz4GWD@J3?^v`Ex
z6;SU_Yu&Q~3c46Wg61Ia5jy!9OpTMtLEElPZ9!O(Gr%T6QJqc_=wo=mRQ%3*Dz~+-
zO_QZT+iuiovB!Z3_}9MoYqi}=HyZTf>$=sTETdV1I$xyC-l20KV?jk7uNK?bctEiN
zXMjusZGjy5Lbg9%%@1mWe1K{~T7$Uw1@|Zn*^zMkJ=C!D2}4OU;&+2yS6T>4m?U6|
zg8PfOT}4m}U+A78T?K>LEi<qt(CqK+{$#p7wx&8a%m`TE(jdit)&BLp&t9)C7kiW-
z$$n!BLfr^o!vnGSbM$m>=K>oSWf*Lm{XO44SySFA?hOGtU2R%mN{}R=G3etBA|^$M
z3NYqx>3&wdlc3)f%do_O!Tkt&?6wVUgY*)oEp35YzG=b~`JO?Q2Qm9|^!jhpT~oRa
z)~FvBO)KdlmGrXG&eXJ}LnVQX`78CL>23h~v%}hA`oa27^f2p!*WCT)D+OK0(Z#jJ
zV}-(kj>0v~yO91~>|5W{x(#AWM_N6YxZ-j9i7CQd&Jp_a(?{%(X{Ecs;3IHc8zT@G
z@nb6EuWNp%|CWF6Z~5{6Ex+IJKk`=rfPhw5?~KCZK4Aemgy|bpL+AHCGIit9??>a0
z$s;N7Lx}_U>z#eb(jTaYFJt4c$!hzbv{O39boWa`Gi`yhcN$Kc-Gu2B%D@hRFOLP^
zL`OB#FQ1yDh{hYAx7bFvR6fr{!bji0lHMWTmh9@s7v6Lj9%yRIT3=w9s=bV7@b6Yn
zJXR%&N&Ca<5Gv@ErOIm;7Ekq{8;MoxD})w*o_SbQJB^OY%8~Oa$;p(HnOCWoEtXWC
z#;{l8SG4|6*=}1;;IPNV8BuVhra55hSg6o3qZysDx{TlRl#IGVXPaEwXVvi-YgJ?M
zyidA|S)nJ7vDmQ3$#Q&klN`DLbP_keM!()a+`U;@KW2BUMBTx&ogW>t>Ll&G9bX*X
zB-&?0kK1+84nHrhy=FUJJlx{D+3?V?{ThBQ(3qTPqhezddH$6_Q6GK;5K(mx^`VRp
zLs&b{y)ix_J+K%{f{kMGGw9r2-k++tn(w9i#fkzOg=~E_nAvHKYxMlIHgy0Cxo)mg
zxN&i`0JG(-?WGWPH_@EEbR4_a@iiGcw#nfmRvpjR=M8}M2s^>NdCXqN*~LR++Y#%O
z8aLzca}CxJfpzwRM=*vtVkz~a<f-+<kWx|ov&bTpMbNs5<1J?9o0P0`pL9h0*DsGz
zYTFZL0m{esQq}!J+3|91$#Eo_^S}<$d<eCp3WuS~Jg1rELXDGxit<Gz{r5QUP)ja3
z8AcWJ5xhZITZ5C>(ei>$Rr_)7*yy{vOwExDj*Rq)#smYlB+95gR)u`5WP-ym&6)en
zI`S0w!E_g;cQa<Ioc;u}!PHp6)Y`$p4nA^Y@o~z26@yL240C-riz@gL<Karf&CZ1z
za=3EUxvMbNA=kulx^A}W2!n`Z!O;w4x`>-NXd?Z%$56#}3L(oO%m?v3w7o>SVNwTe
zl;IQ&$}zAcm+wgjpkwVIV?Ga$O!qDrFC5tK?<ONq3FCqzXU$2jwa0qe_p~rvZzf`#
z;s~;FAqYZM^q=Fq6NUR~PpU@d<!{8dSPX23$aPXz{Dz0q<9QZus^Z)S03BpF@7E5*
z!vxy&q(n2LwA6{FI;jS%gBa*;n75$qC8bdE*gQo$rHni!bfuuaH#i=_)(j+)K>ZAE
zY249^0`}4Z>^tf}PLluzKmE+uNzu{02xnmh?F}uLV$ZhVOFp}{<V&Gvr!eVU*A0=!
zTo87pVtK#I>Q@CmE?L+DK`vF;A)8Yk5i$1`9O*#7-HRJ}p2&%uqGETBPL3g$a&)2o
zi_kkhvWWDiZw6(q&P=te*n5_DwD<`uAXrh|r+_Dq{>9*(E^%S(o}Roo`Ru?r{U!JV
zJaLHvAl@cXe8O0kvvka)C|5mqRuZ?F!y;?cDQ1&L?jF9$uLNN3j4V6Bb_Z8l;s8jO
z<vt#BIW}(=KgvmY@#5xq+|#_EmKFLebjw?L3F79mzp%VxZj?u#?J25c&y$>Rzqfy6
zo}MtgKrJjC-LskJ&>TZLc6Sxf$O(9<=@fzAGkHbg%%ijWW1L84ibVpXyy9_Y;jwdr
zx!h8(Lxyn_5XT?$Q?81LRr>BzMiSA?56$AKCOTE)wWvBeh}+fO?Y`dJZivg(Js^n7
zS6xGi%W)p##xcIq{nJ_OL(r^L#5!w3RDWw6zFKj)F7sG85xcU!vOYcD*xL}0ack^c
zZMmWws)(i|j^`Z9ms8GDN)a~DK{sivXP*vN4qHek-o8SYse4faJu$L~V+z$~s%F|O
zC|x8vLy)SkQd=@@bLwy7V=yGhOC>Mhzi$hZqq`3p&A*+dM6TXFkx~*x&TF2>K811D
zNK`U1Ybq;9o55m|h0bF#55eHKSfFK!=#rZ%kG-$NC?1+&2gJFDE|#O4f47pgDPb|q
zSI>Evel(Vub&M~!V+ykcwH958n@ied;~dua_)C7b|CWFMZ~1@yTmBG_f8@U!0RqZ-
zuQKB3%-mE)F0P(iDm%S*cu`x(0G<RYZ@cTb>rm=PKZvNibk?@jt}$ot4k%K44A_G5
z(bf84GqUg}Y@i|3O^pln&U%~<Aa*&}%A=I*P(9TtV01dvMkaD%a?fynlGR2sd};!y
z&k%WB>}0FHEPu7<-jI3RW98z7-F|bA!5O%555egJyQk%fK)nCK<p+5h>rO~=I^)iW
zI%{x`COx}%&q`e}e0HNLC^L=NQj%3bVpo@yS8Pky$xE}n>t6e{()F0g9U^&J0w7Oa
z%CnU1K=vN^;U{rM14z~suAVJ#snD)eabSCI{7Ac+KLfZ^SF@Z(dM1C!ef~kdSME%t
zIK6P^P?_a9%WkdPEOfC$?o_!tD0A=LoLac&^NJ}y6L^7Jnhpl&b!p%(h_n`Q7e(K2
zy##RgHr|tYg;|`<y)Z7#m;lteRI-<jTC2KBXl}jOwTd0Myo7XiUS43|!C9u408U*x
zThlBpxs$VMZ@(uOSKe~Oc*8N>noJxFrU07Wf5IQ~p7m&wlf!Xu>^)jrLrp&RL^?UO
zajZ`d?rv`kw7qF~Snhthg0-}&OjG=!>fqP@WqpGD@Y8{!x<n;G!(*^Re|?DJByoSZ
zvrJpb`fTCa{2EbPs+zd@&fKlBrBh|NJ(*+MD=TnGVWDPelWd9mOzcc7|I*lrVC-Y|
zBQ62+Kp0*mG91H1dCJFS@AGo#Gj-$1r=A9Wg`|2pae=|{t()y(3+om3Am!kmzWUjq
za<>eF$F#YS@T;`zv7R~K#dv#^_95Vv_Rd`wK`Ou5l$)x^s3ESaP^!WIVNQ-+>f|ty
zOYIj0u{*Tgy~+$le)o`_(!Dy?TwZstozuO`Vau%OnXM*zC(f|a45qDQ_-4r7=`rrO
zU1IH8z~1OFuAL@wC;D*1F%@f7)TVKi*^o6y6h*#I-`6NGU!(X8eT_oxplNmPyw^hS
z4jWaT_qdya(g{1fFtZg$U$})?6}D;q)i7rZ*b4ar9Pw6u?9XTD4T0}K8ZutZX9xox
z%Z4DhZweQ?<rjhli*Jt~@@E7Ozt}J24M%Wa5-zr$PjC_po()%UpC2w(f=_VPKSUD-
z-<~Ms&jKF)>%>!c7<W)ehOi*@$3(~*ydWV#$R7Y6ekz}!^*8vDpZEw6_C#yZk|}S0
z0;qWC^$tXc$Gr{vns8%l_CyHJU*I7`p1<N19wPWXB*5Wo`{;oHVbNQ#FAF!;w&E+Y
z@bH)5V$<Wuc47nxvF;x65hjmB2(i8*V=G#ebu(JD<@eWNd_4F&f?vVUCm81!f&_yv
z&ln<V4;QQNT@?@x9@|O~A{mNDPvrk6;U~TVdx+=?9{zz}$U3@UfhSyS`&&rBow#5h
zM2IN-NP=x@H+pOspCCCHd?}V-fjC@j8J}PoID9F*;Ql2ZK9hgQI-+2KGh8e?pWr1l
zzC26FA1^+^Q*d}QIKll7JbY+>O*g!d@vqa20Tye9C3u*NM~@5_YaSv>C0LMU81`1E
zbi#5u(^y!y2m^p&*%@x(;OXytQp4%-cm2ULJazXi>recXQPy~M$|JSNGYj|7@bkCq
zeT6rU>_Z06q^TRXt{&89gyK7+u09oq=$LNbujjIw(!U>$vgAC&dj}w~925<#C$`5<
zaJ7&Gw(vX_lj8gVB})Up)4dbdC50{2<n$Afg^J#<O-SE5Y$n64-lsxJ_He!2F*IK2
z_zAHlbe`v2r!`J(y``62Be7a|K1)wOmtWqpWFyx{^+<df*RGj?k5XiO(u04368^I}
zA$4J#Y$)xVRl}RCDncvB9_(Uh<@v(3{dcA=Y6IdyGJNFVXA?y>kgKycNA|_?ueHYf
zb5jn>qdJ50^(JPUU-}oEx6i@oYov2vrTOO`7i~xeOU-BT>%OIY5FIh7Hwb^p@AcpE
zAN(yp-oNFKqWMRD`w$?YkAS5c_st&6XO9nGmYe8~)aEy}frBWF?x`!xXxu+8!_NdC
ze+E3rXqfg?N48QQqHa?^kKVlu0I_6RBjv1-Dt8zkX-l^(Z&W^yCJs<nkZ!p*T_LC=
z3V|I1uAc!sbel`5ZnbnUH`>0tAM<C~5ukJ&7z2{0?}O+3TqEBVrcUyc=2S66Xl7mA
zLy4ya>#KB%MxI`Ks%I75Cn|1FZXJO;rER7u-RCNvo6VRfa$E0VCh}b-V6Jhfavsfo
zdGUrH3)JI!3Q8OssEcP$7vHC@U~?BA+=IRQcNHMtC$3N^%VAU&G2Js&7TSzY-e6be
z0~&mpXCLqVS46xECK>{pW|>!|c~Z3wOjgC(O<68-I~%6X>A;Wi-uZ)%RoEp(#-r{q
zvGeyF{iJ8fUN+8oOpYlt^Y0vesb`7mF|~>)922W%a1;2J$l|T1rAG697^Md^DLO3h
zH!4;tS}X{2RjrnhC~_=lJITtFMV*oX8cqw?%c;xCPm9{hO%!1l6aey5Wk?Ge068zE
zveV+j(oXa2)oPd$|5H>a(f2Z#a)Q&67b$Fo;ROgM`Aqrl^10Ip_Axyt>C7X|Q@^$n
z>QYB1H7z-n1tvi7sO*wbQCqHc86~pZ$|1dJt-f(OHcai99M;4{D_HZs^15&KesL?}
z<DoZal+OOm8-mOciyO1gX!gxfM~2F^N=IVzjq^vS%k@-8yvvRCX1|9U?$r^fXN=E|
zz#9ebA%U}1d(_*3kw<ao*rwH0?c?g}`TGO#YtDPP*Po9CZcE(S=+*9(;q$!*h}QzI
z(T@#otL)mT)uZ#f2e8*XuMz2Hnl+X4@&~3@SdRWKYm-%$^K|DV?ArQFPU()d0k3(h
zQ|?1%hxB%;^(1SG=Ek)luXU?4?wuxwwRY@vl8vZKh08f>lIHrg!HZL8hxYcV7OwRy
zYnn$jmcfgQ2f9!BiSCcXEnb%xj%Dm!7^iH9;MV>P_{+OXQI`acRj*#`y(p*QR+=;)
znpVV*;La<c@?F!lER(5~`u-JrBw1N_K1w{&U~Qq;ygU$)Fyz=GBrs$NB*<lh$XW!7
z2krc!&Aep^{i{wE#)sPp?!4ZCw~<e8o6WZ^AFs&+&iVsNjwuF*t;g}nECMLhE)?M(
z1c7pWrg{;y%1^>*B%TxzsKh@I1I79b^}=FkJV_*xiy-C#(fcIzl4SA5Q4W7N1iJNk
z>iO2lsuEJ7B>j*GH0rb0tE`b$rFp}%gk%1h9x%~|qE}ucwOsXKU0);dB)3d;4*xT-
zvyWS^+m@G=6bk_cQY0Y1k8X!#$7H9)mY<a@13?<nB%r>JZKuPQuZ2_-ff`aJpuCT1
zr_ENNg=`(c8qy`8y^m|B>zdb<loJ65Qm7Acr}R4fTGExe15W#Ab-+>|<_^_@EY(42
z)XxNY#Ij=i!~o<zalOPEbyWgSnhwNG1%6-q7pj-a7ps?x7wnhJ7p)guKs&(WKJcaU
z#p~t$1$5WhF1STuo#=z~66G-@a97(d+m)A-6bAt|Tx1}Bm+pq-#^k2OmA`{f8>Ko#
zWzb^R=_bfkp@V1><toHw&|}x@#`j6qlaL!FJ49wsXTW6F;U@4&-jk>+$yJO50wGb7
zu#-?cPEnkkDpl-I9=)`}@RyqSLBZGEyAkoaq%sMZxO_zg`y@?5*b#}_SWhCJ5uGwB
zFj1$1Hu)SynV(7g1+t}G^StJyfnt#bLv{X|0?rAU`)T%6D{9Q6)OF?O#O-4^b;ajI
z9%I~f)#oIyV~qzutx=jPFbQWPeD*b1_`#!qgYWhNY?9W5EJ^8qcI*SN$XF8d_f6S^
zt%+HZ4GvK3C0Y~L)vXDd6ZiI=?K{@BrDG5e2-(!6V>$j{A1Ja(NhdSxkKH0amw8Hc
zQE$cAj5hDD-C{pidCGLr@aVQ!y#6J>?|;jG__zGH|CT>~?;rV1r+|R;gi%a{UmX}&
zgK}86*d!2#p59xEAod>P)0EQ|_Zx_%=b|!%V7RJBW({K@BW~<RgeF)gSnZV<)EH7V
z1&q6+I-Ee=&WLXpsrD<^(i+p8_F?D;xGJL;QGZOP+jsO)=<ZLrIoS55%BgH<Z4k5&
zJwZ5a15d_r&*0AM9J0P^#U4=#`lI!<?rNHWOvX(bSn3E$rm&YtW{9#X@IFTXH_<v8
z`|z*Ju=)c_2&u|v&m`a*g(ec#UxXnTun7>2^w?{R-0!s_C;)wTiVP)dFJn>wV&dlH
ziX$(5CDKSrPC8e$CRQ?XLm!cPFPK&D%$pVd3gu3GZHgb&>TeOkp}HD*2qX4tW-lwT
z#;yfyIHB+7qF6X)!6LgiKSU%|=OZYcH#1%^HM}!$cUokl$V97tEyb9&{-E}|ewllj
z6D;;A_mTKEqi}DywD$zIKGPj)z+<xf+5HUQ>8~LV{!rR{<6x_=h#_-?Z-Wr{%6UAF
zKEld?vQhzUP(=18J~V<r$@#4(Qq3n8Irswt_ah7Xh!*E95m=&b?9;&ViDFF-dhgmT
zyH?+zh+FaEhR>~}Ex&O(%$(;Krp%y>Ae1aBu!Ic-;v~VOvWd;2^kUxmIhLbUI{U6@
zUNbCFU6iU&S>B>Fa$Y$sepT#7-h+%!JRz>YkWA<l&nZE^kdaJlG=^O)vrv-kEZnmF
zbIh|`kTh0&u6v+OsQXB(Fm+Zl^d0+kG!7p<#$T%YPaiTmtV*0E5l88%2)FVosa0(J
z#z#z|zxULbc*d-B=x6fsvx7Cv3v7+UH(S{tXrnQIF1ldRkYCPE1@kz&c&V)X;K#h{
zc*ydh90dX-yTGZ_>8=7Wl6bu_uydkVp0L4UAWMm3#9m)d=IYS@KASp-(_81YCPnXs
zJ`#?tT}QLVO8q^>S!|2Q7WBY6lwB3eSY-IUswbtGth|)(&?19z(lCBV2vM@>*WPDD
zgb$X84M_voYX3frP7n=f5_=wjtn}~+D`~Yszi~-U{j}Qe#7m70!jh8oy!7vhP7ID<
zvRW)6EVx)skWLmoYR$^cU~i6Vjv{!fE|M<a(@v;QsQEH3%P!d)<~HUxg1&8N`SRBF
zKp?&Ra4&+p4dDHSv<L|uK)cM(V1{B@tYzl1EaowrRTF$TjYV4UZsxOG&MoBc<@f^|
z<n@G>9SUYT){zjaz~C5-Rd9I5&Nk(6&XbkDc*e{&VX}Z>2Q5<qwNJ*8O$(-2vQM&a
zyTRMn`&Y&c%_5Dz!wd2Yw5?dTSU1EaeN!jY<Gqa#j<=pACeYQu_gzY9IFs<TmWNrV
zm8>(GPePqtXKz)A{-J`g>sAR3QL@eYrU4whuJK4*BvGa!%k`C;R?5<6`XcDVJf&u4
zR2wT}jUzSrr9D<Z0t=4D925dBn``5x3RnR8AfunKAY{BAebq1-;l(q#r&1S&PG<8F
z_7g@2!PUUhzQxUCN36?^mK)1v=HoV(8_j0=<Bpdb&t`TtG*9o8EtYhT7%N!u4pc^<
zgDnnqk5J3E<ei_Ifflyd);&@!V9g6Q;r<@#k;>(6MQ&AYxo)Lyg>IE@`EKQI#crQl
zE5$}iGxn@oIfKacg*T~5L=qVKgK;QJ2DjrL(t>!ClyZkkIz=e&YP0b`NrDKH{2_uE
zwFNP%Nl*nuW`m0QSQ15qp+pR`u|y8Dk%sZ~`xLY3sxcpwiTwb%gI=IQQLsgYvG_1u
z=*0mH6=uagWCiAmr6&BQC(CB~2NjM#zoF#8me>^oFQ@$#{kx`<0p~lk8LT}&(8SDp
zRM8|dRCy*znACVavgZA)YBE{-t(OHfw}G(mtXa?Yqu!?w6P?f|xdwOE6*wnD5^3lN
z4kOO0-dKxd#e^mU9rRvi;_no<`uF@+Vri)(PKHUT!%l`(ze?~(f)OEN&+(iHPX8r;
z;D5`1^tb#t|CT>B`5*Z&=zxH5XK{Zi`bhftg}ivYycQ&U<aULmgemI_$tzb7DibH^
zE6w<-(lM_HS)wPO6DTQW;lV_ZSR;raFN87(I8p5O)vQOk(sEXdbE4;Qz|jPqMh&D#
zHkc#e2Axk1B<Hq6-WdG28qx=>wV~BgL$@+2qn=Hj?)E>|5ST|YY7%0unAQq&E{YD%
zYg6Fsc9PE7YlT28N<;(VYPE}0X&l}a-oMJ~`Q-Wtkn3Vw)kGx@rsXk|61RomRA`$^
zS?Eb=)f8o^D%cDKxrFlU_2J8dTVVS&R!ymnW;5zzArB0Z;b!$R8^1F^SnTI5%Dqbq
z>}qI=B=0($t6gD3BJy19>B3j&Y8+-y8gOkxa$g^%Y)vDoM^Ht7Oy}}^y9XEYNudR-
zB^}RD;0tT;Z~b{ee?b@2+q=^m`1+fvSap2rm<EyJUF$HB{KW--%G^>n>jzxt08rd`
z!T{fFs96wV0n6MEA;M^~-%Exd25;hq7(<?1LvP?idkZ7qBi@7~-iRaKj3eGqBHolE
z-k683a11&2Txsh3Z#>~vMpQfL*ai}$vDkX&rNHfd$<iq8{mtTw_JQZnYWL|3UR;@B
zbVdIRiD~_i8;&i=VqfA-E3>c`ZD`TL;Df21BJ4}(_Qdh7KHhSCD1P8Ype?IfJ|vK6
z0AJEs0}cHJoc&-&m=G!JV+C7v>e>7e_5t%NPg*e~R5kdWNx_LG3c#}-O10@<`$WyN
zSxzHR?*qKCLNbO_jjU7)2M5U%5~x1Fk5elftV)W9B0s>7IKa=PpBth|`jv$=B=Gw{
zpL|GQQAnV1NZ?^epb;D-6&&Ok{I*P~=SZMM(@px*#v8o+qf9oWT@JW{b9G|w_ZB~z
zd4Jjv{l^p_vluY0l%!FAJz9*R`fe`7!(Iecuroc#b3ZTJ0JmeTyCEu9AekNH{9o84
zc10OPCKF0K=Cm>%{LqJ>9*41MrW$lO%2pcJe3;-}rfa^qtFG4~YdGflQon&3LS@0N
z5axx_p?pmh@X)Nt1M((x*Q-_~LwM7tRAeiiscZtBv32AcgLutz)i?dr%aofVk_6g=
zlSDK`ZyYRJ{IU@xNxh|~6)YC$v6Ub$bOpTLILx+tXh(XGz=xYMR5!y;V3Y<~>p5W}
zC~d%@3RR)i)(im-25um<Lj9+Qy|;wdhHmt(wVYt5r518{AqOXLeYa3Wnykv@-zlg3
zf+(**^eC@>Myh4ON~v-q_o;ng+la9$Z`o7o43}Hzf|g3MDk}sAnxHe)c*0T*-tw!f
zYiS9oRqFy63|h0&zDfaBLXCkVf-m;3(jHFfMq~?okBv3tOcg(jAu@zs5p<3P-8Zq1
z(j<698%5&LF{B!aYkVTFphE9Od{eV92ik$_?|`2&PXrE6X}(PjM#;B=l$ajsm2bGv
zMPGGQjbirI>o7;uBU*i^`DukvA)F3nF<m4JzEH<rR!Nn;FbjWya~jYTQ&vfnz0ioF
zj(8fOEE8E~#N^D!fmUSjW~{q!tiNxpxBrvYzMjt5f!5f8F6@rh{*KNblGYw_!BrOX
zzJ<!YgWi1|hD#faOB<O>8=6ZSo69;H=kXab%Ntbv(8QreU)vevk>;s|;@;1j_D7d8
zdVFITh$_&SF0`d?NNxJBLAoF_R5b4mUy<vGHh5?nKVSDeE1|PoD+&MUp&8wV3)3H~
zt{7oWUze%OzRbMoqL^h#4260vnUa{fQn@>(3TA|>P^(Z@#8#oq*~Dc@&*Wl_;~FET
zkJCsEferrVsZ;EEOu40|07j|CafcIAaD_${bkZ{!ONk4a%97RiRe7byVL4o;uz8h8
ze1HOh$oqoo?5a7X*>4OXb&*K?%5ve@vQF~EugDZGd5>mRdc}>D{|e==kbA|oin@vV
zYO>0G;931?u!Ui;_1$0##Q-<B_AmKE{#*XzzvajNxBS@>|Hyy82?S&lTpK;S+&sKY
zqI>RZYNiH=szrLLHT*H?g6e7r=l29Vu7m&D@p2n51UEXly~4Khq#Vj+!2KCrUnGlS
z_Xp&rU%pcY5GH%6P@1nUk(i0TCn<>4tLc>nS%?-4Puf4U^;>iB7ij6I1^LR9=ehVs
z2?ro2Yd+jv0rynmy@aPy3e*%^J$W&ok1-`^T2?)qIS1Md%}Nk+j+ik+cv^HdLHKJm
zf<XGrA!AZg4plDt0KbGO@I-FDH~X9>0}m(SPMgDfi{AP-sV?JOV`Q5Nm0c@WjV^i{
zlM<63^xq(Lf8<u0TC4^&71}jmM;2e0fj}38GKLb*A+7p47nCwa7BNuSD)~tHX!!{E
zDELVDX!r!5fbbRMg_fWS$sriY(akGkkU}TY7RJu1n&kyBOvtK0A)STt>DQp)2ZaF!
z<9Eq!8eD}rDY6i!!chmpcQJ1&pQJr$=upKo3St}LA{Euj@Rj1v3o+v26(#7!tK!=C
z$=oEQ3T(;v!xGZO<>VWX2$<sAM70X7<(uZUPJaOs+{JXnIt#hwqvlmkNdU>;MO)>w
z7-caCp_76{1q$_MZBH!B0uTxXDd@x@3kzpQ;dDz3O3E8l5E2AYSil#h^;OsBQ)AOC
zEvG|DcNwYuTWnV}neC2V?7c$4t8N|!o?&P*2Cs)qkh#+m(-H@gn+>r}ieLGfeZQSH
zoi)Yd@p(lOt9nKH1<0n->6EZfl29$!af`u~heQ!-VPC{s@BS+Ca2Ozwyn#s~ryJx@
zuS>KXL7VS1kbCs@Z*##q-L#Q=j1t-40Cu_(obQa6eUuj7-~e;7=|UPux^j_sD6&7w
z8QlmYcL|<ND_zG`n_!7i_8}Vj)R+7W`r{Rriqk1Jolbl#qHu2jc5i@O;U-nlO0w8N
zw#fM%;B_9XhN!(GK_DFv+euk1QX%n>x7BpUW1Wkuj@Zs`X36nwE$TZ#MZYUKnhfYr
zJ<?D;<Io(^o>|Zh<FIQ|uWQnvtGX^H6<yW=ZPtO>`fA+IK^L2CDT%L@3`6FF@7hB6
zmaX43sCCB<Y7Wf9cr?OTC~njwii&vjM!+Lz1Msp+>w~{(Fhy6Y_dHZ|wE~z*AFqb$
z<3x#ibOcB{Bs_{VARc%<&Yc=-y4ieEiv5PKp|nxU&u2B&sz6MJ*-SBRGoK{8Ah#l~
z#vYFx5@E#4;;J0w=@Y5NSqj@{6;3MmN#7HI#k1%|(et1bx|D?}91?^^5sXsn)StE0
ziY*nHDKrvs6S+pc4`S>EpT*d!GUO*oj}jn9i4MZ-rCM{><u6Ge6Tn9a3Ps(@I90UC
zs}q|?JwVYKzW3_t!$H^e>XKT~G9=KcqK%@Hqmg5fqgz5NL0f;9@o(;3+WzdeDF1Y^
z0(4(kmB~vY7ha<T@fH<-|15M7LDS|<yA%#h{7}?_cr?S__|&6XFII9q$I!H*t{ULX
zYb%EDACalIyH4OVG0=gXOwWWLco4FcYCY7HsDe%&fMW{RyORd20FvWgI@%2NRh~KB
zKDkR}nk9$<YEP&N(>C%YF9mP)NH?zq+)Om7s#+g-bc-*Pwd_7w>fU5@Nw1W2G+tS|
zwC`=1_v!P#g$+ESYC7T(ay&8<KJlyX#7=LV$V;$S5B<nrSuJm1jd6W7bt$i=kV0QF
zrRbjCWxC%li$g6dG<Z>Bj4T`4eJu&vS6m;_*aqKB2AHrvn_C~d6GYx9o>7m`c*c3f
z$B}yQouy;gqx3aZP(-v3Zn*5hWknKWX?+t(`UsV?pypKF*emo7u6A-?pjWR`Omlwt
z2pprj4vkLj5ZNDED0_omsXlWRf21J}o2jMmv0+m{X1r9+;gi(XMRZ3hhEYt67G<ze
zB=3yY)q#Cn%DGj6P-xgSRcNNx8yt|IR+G|2Iq4o?XhJJH?_;U0ggW4#Rtqc`{w06J
zf6IUJxBOWDmcQWhANj#pfPfCvziwn0Z`p0t-YQy?Q^@QU)!sTrzCijxqcK=8>UDr&
z7M76*8HkhezX!Q@kzp2#+?-To^tu=vSa!iu99_3oWDG|eAJDy_DdU89S9WD@O^t$=
z2>vF+bK)+e#KZ<|%%QG0H?NEPJwhI@Bxq2lZrl}zI}#lt>|OEW8&X+_V7{oNhJV}u
zWAKn{x*4x7!NE%a10$^?p6uHOJ$V)hQg`iVIS%kV!Eg6(;vGydB_cq8A36WCK{gub
z6rPt0<bOBfUd9M0fs}{?DM93r11l2!F8d~%2vml^`~PR-{vHdG*GpI4&y5tO;m!j7
zHo9tl@UN8+zo3ISlliud50y-Nod<1!sPkq7hdIbGsyJmLE}Yy&uuXqWg@ay<n;IzO
zD}-_>gDrwqT<=u!gyKOIV2&96PLr%#@d4;r|DI_Y7;HE^3O-Zmp#9VfQEAN%HqkVz
z6thNfw=mXT!5HGKETxO~U{dG@9{#P*fxdIaQ*l4@+a&andXZ@~`x2?)JgZI<D-woX
zilNd}nT?d;th}leo85SAnS_10<>|?Fg;7lEJZ*)FfoP4GwBACQ3e_TiAvk`_)0?o~
z;`Mxfe3H6pNc_|;GWDQ(IG>)O-U_7M#AW<EE$uyVW|jZphQ6%@EmB+fp*k_}+}zR5
z$$@P14g8W6mOR-J@>(!{I1PKP`sgc{AHVh8Lj|U{&<^ssiR3A=Nrys>t>S_+&8Czo
z=T~YuGcaagHYvz13N*y4H17uOSryo%`(;drqT|c?U&;o?P~vLu2JTni+7Xf8Y0z}n
zD?{6x79~ffu2ii?;dP2DXCJA`tYAA!VXw1}8>Tl+dOL$a&$O@&ms7H5D&FHdGSqIE
zJea$<jHKdpybBT`EA_bzb|!4FsBGr5GE8x{{A9A^W+=>$@19|Y9oi}08XDF9obG@&
zy=;b~<93~2ylrOI^(SlKq?qd4Nazm_6}wwm8j?S;_-wrZGLX13T_~H~&ifm^?Tj2e
z%%?cl>MVN#Tqs~3c<8!4mzY0ZnYr@nDKJ&ezF%os&COX}3rY85e4MX?4Xw8ht%Dp+
zgyl?3upCNb$d&<OD}qb4ir1JfOuEWOjvrr5oZhE~X|7~eTZAKb0yK7;<Yb7|+}Cwr
zm81cb?*&pFXAvj6A3z`JdS8`EHfyNdkzOn39vRM1i8(zTZhvR%lm}+fm0p!OmeoJ@
z<Ux8)x+Tjsnk0;huRTpN_R%}7r4#U}NHo`lw!}}HJm=X5MrkWqSc_#Dy*Mce?4BRd
zDbrXzW|7_znu{IbseD!M9SlFirr$4`V&;ijt$#kG-owO1jn_jaVNI~H@4#nyy!kDW
z##EVI#i@h#ir2c6Rg%(Z!T6OBXgJGNaQI$>=VW+LTYAY|M`QZVJUVq>R6X-z_^WOR
zl4)BHK_&mHTJ#u?hFLY$j~SFE`@75a0dZ;7Vj8sPxtkRBT=2@Yi7|GIQ;z$!ONK+-
z^by%#n<>R+Z@|d+jVQ_7sLx#!4ex8*`r?B=KcQ5+ADxXp(Lh@0X>IL{(s6Kmw<!c=
zo#8Xlmnc^U$5quga*SV=A2!&FoG)W0J|xNV^DdFb14{M_q*F8Fxi?cjqOHd#O<#A0
zMw2<S5-brjS92NK%cKltx3ly5+Nxi&OxxK9OnhGvk{M{q-5JkYFPsYhl0W9Z<v;yf
ze$0Q%UsnH*{D2f7pc4=NHcn0q_p_r|jyX&bBF@ad3rqVly&#9g-}{xp=Zm4xi-0R{
zZo|7gI`REzCG2qH&4debZ0L$xa=p<V`(F;-(B+H=+vZ239R22phFR1G7c8^I2~*D#
zFfs~n=6+|dE(@6BuiT(P(q5f<O8TE2$yUaPFc_TfLNhNn^{^gO;aHY(UZziOdkpfg
zCzr{M4$V-l**gr~Nw4)xjY(&(#GZ2$MyLDMw=oAo?ODrjaC+?IcHMJkOELDa%t2qp
zOCp*$6K3zrg(QMem|;_5QQ0aOx@QeMvdPo)<;`Uvc(#|PD(`Y$+Vbb31E6=<VShO^
zL3g5QMf|LeXq}2QCMQ)~5Et%@qUYap<I8`}21fo4z?qoGoji!dFpfZ8zz%DwSbXCh
z6yOq7K0An>I{!IkgQ02RY`aU4UxLGI+E{@JO*Z2MXYfL)y+~7`K9ei8vjRp{X0mkL
z<^E@FFmm`2U&{Kb-NKC;AX12T1cBP%u{8}!lLvdAQrqfwm_M)`*t_35(D$~dd^U)F
zuzy1`rAp&;{CfS-VJ$JFd5x~+VZTazB|RKO)$HMM^AM^SZxdwY?UHKg=yS_?WJETn
z{-zZiy0s|Ld{sB;F;2v{xz@DTI{^wZr+{Lq*=*PF+J!Gwnz7l9)vkD@pY4)NL*w>%
zzH8^^v>0lqLa^wLx<CKc`k>}Q*BhQ5n{LeVrj|ZHN1<+Y&xX!Zw~}*f-Tfq$l}du#
zfLXh0wo%dgike-k*1n)>T@%@=X`nDa*CSy!RK9nv5Ntiwc5C>tD*$@xbdgINA!dMv
zs1!kW0o|FF!#|sFF2dQL>QkfQ^9_q7KlWD?CMZ^Z^o-JmqXJ9hiqBXjGVan_?+wpj
znqU2kT(FC!&C^D&P}ilzg?dr;#InAI+s0EL$5_)Px3*QV#R+`+WP_9Y#mahH#9kfU
zt=rv7<^|>>jRuMBNJ$%oK=4Sh!!S)|0S5x+dj3S_uuTHRd%a2f#Z=eF^;fO2cg8dR
zO<Y)7t}cC@49^0Y8Fq$eDbKX`?Ms3sstv}cq`|b>ujLu-%()luv#4IU%S|}7p1jSO
zzf?$|uFyX>CJMQlJtFNHT$nl1Yh2Wx1L5O2DBo9xhL;a!OJH(UoHe)-3F<*JZEloi
zE$1++(3&k0r?T7~I2voAG&m3Uk9~nV?*TFsYD|Buj}r5^$te2kSX3Y_85=v@JX>mM
zuSVeMD318*iMgU@jJfQ?YYzkI9#QYTg#1?x)JW#7C}#Asmlv@!=kA3h^GBAbq>G>(
zk1Ukh0Y;|sc6oW3i?gcEJ<08EHSYXGR#y4hGbTk#lF`4cvFq#WJu@>A+l}W>@9BaX
z5g0hwObUz3JTmLsjES9O#xD=CkR~wHshY-?xA(FQ*$1|cE$%;BtoDOgk#%ZJrm}R}
zbnTZAR7O9f!1)_WG1JjE^x7tPU1Y6Q8E<vm9~G@X!EaSoxCn?BnmzeP3m!PqX`8mK
zg4GnNS2#M%o$W{4|5Vx$m;0o+@LY`;o{c9}d%Jn6y_kK2CbiIWa9n%*1u$!TQjHhh
z!<_-eOmp;hEc7ky9R9IZg}PR$m1VAO^ya^INo?}!G>KIly{eLL*Dq8hEnq#tKHaoh
zB=wQ3UX4L&eO(iVh9v*_K6F#B{u7cU>#C8h>2v*g2RtlEdIGkiu3IYcx5N9!SuhWW
z=CaA^Mx#eDaheE?PTJ@7{$f9a2~}22b@QHVv6Y8(_sDd{%4z5Q%?$GaCDdBh6((&p
z5|xj4#l{43JqGx?np~SYjZym?ti$YM#Epq5LuBs6cC_gn?Gbk#^ygHrl%#p_zV*rl
zhf$&+rc8cxc=60&e?Rg;B&2m4#)6c=Wk>hHW*KI=H=g*}Bwwi-c6|HlH<94w0Kwqb
zHZ=cE3wPIcj|HeQ)YJDH!N}CV<WKl-`Op5AALHNh*O>exzt1ob5CB&ZpS{&0dVXM^
z2dsnx^J$=OPKOE;35(VRQ1u#FtkQZs*T1?SV4)hWJ&YwYg*?RFq4o+mG-s>V(Yaci
z0$iW05_oomX=mIz(7fKYbSzyyvcp`edyf|aB55jd-v*?ntZ0sBCi3mphR>*j0hKM@
zp4IhNmEg&xsH+FEpQp7&BH+SL*xpV%D<Q8=e-`#oSGya~7EGn9K50swt~7DFltPwc
zHjbJcJ3lf9(W9eX{uI)TUY=Pr)vh7O4^<;*Z)KmvU%g&hpY%N}LQqMc7<|Whw3t5@
zub-H_IS`57^Pg<!OfPOuH>8hu5yQE$YH`Z3>TRjD5%3eB=TZ)GrION0d7I@jEgXd5
z$sQ{dMoGkVXCkhP+hR;EBmzEF;XPdf$W^jWU{fo3ZQ5~lm^rp??UVy&>&YBeUbDx0
z+v=>F{z;KixT3s)gj)65?+)Zz*{DNU`_!m8+DokK4#>H8A$<e;Eq;+{f}hCczGHiQ
zt*#N>_BeT=v%y_66rXK5OctNi6dvW^>gMAix$M_9H4znZNRy5PO(wvugRMHlZP*nb
zefB)=S*;9vo;NgLD!h=&!!+`mYLe?Vt-kep#N!}S%l;y}VBDp3w&)@ySxzo_ZT;Q(
zyg@O3s6QI#VrE%Ox;+DtbE_86lk)LPX;f(g;B*|VRGowwbE^9>uK$=nD&3lE7bT-J
zxwgU3Lw$G9QP7(YiLf8YREesIi#h%I9yVh`yy5Yt-2SH9FHl*R+~KaTT<SNKyJ8`2
z>E3q8w=<h}xLEy;i<(se-(hw(&+er_30qYsHh)#F!Lib)Iavm1Y*w*=({5c)m?Vf?
z!}Ymi<4qJtEEcpRP(n@S#*{A=x`F}g4lMOCzE+Bm7Itx=LC*ACKIEZ&dcn5+K;O)`
zJAHF^)9b9EP6`ah_$FxM(YWmCAAcr17gEya`v|%&&Ekk|(*2NLAd!d<ZnZpfZ0hqd
z*ng=Ze6D8esb;P$UVTc|yjbPI`V{OBi_*!INzhbrzU|p^d2+b=ldJ10VV;cg@celg
zwP_Nq#iVEOBa*H9rrR=II$gu1!sq(F3CAkqwW_jAYp%m7O=<TPnC$~L%A%b4<|LJ>
zVPocS9*(B?(j$>$k(-!}Yg20Mc>Q&@^EX|5k&E2wLP(8dh)brorEZJC0W-FMu%<1J
zBDwv-*wt9{sH-f1qaO8DA``2EbK-1f!r}4j34ZWhr^hE`f%U~sv@Lhp?Hm;UVHa(=
zk<wn@@lw9zS!+NwGy6N}=Dsi2ooFJ><Mbzdf3-Y&{4T^aeNI%VD8&66K5NqJJ+Ol`
zh1!`I<B2qaC>+F_r|Cnx-3BU<xo7+=HHSSuOA-!Oc_+~5pNbec*!DroDuccy&+aa>
zd)@L^?yZXS4b2W(`%0a_{OaWKt#)f8g|(lljEy>NMLG7z?-5Ly_T<&D?`G5SazRvm
zOId4I5AB%?%!WfP2H-H6xSbcbix}Vzmls-x?w-f6uZS*gIE@V(t9yPrAE!Sziq>E_
z8jT~(#{U#6xDW;(tf{19d^YylM620Xf5(KS!9K>U#m^lC+q+ofMy`gTVc&~?ogH^J
zoc%4B>8vlujk>>1;<z02xPG#qtcN;jTGy>L;gSR+$zig^UEFIBURr3?$yS~#;m9NH
zsO8gnd3n5=jtbLlOEG9MKR1e4jH5ckP*i#qTGd;Ap4GZ<mdp^NJ`RlL5d7hvUpF-r
z);(!AHO^(g_=#lWVGGa5*+r7m<hQGvW~x~bH+On&?Y)7Zg=8?2ZxrF&?JaxOx4N8o
z@Yy&yYxGD(LUYDbgMaFkw0%S^qvnr9NW~eX_x%@S0|q0SCptZP9C{eqZ7;!{859xJ
zPpDr|iBMp?+U&BN@P9^iOEgOsbNuSvsY)sT$k2#W{wY!9rPx$WLqkui1l9OU{*?cg
z|NL+H(f=)f6XrkiLw;pxmN`4m^r?9TfD{XHyEJTRs;n;RBDDBO4J;ZdEULFmK9<J0
zU3)5x(m2cvH2AE%qXSdCg)!esyUD#YZaHiwADt2CXKNxXljpUMe2j+cKq2ZRbJ_lB
zj9QPwfL~=BixVi28s0OEU%3)#7lPSeWU%KbvwA__t{E6&mu=JM^Ryc0SQ=GA<^HjF
zL)4MEaXB+vv^R|6Mc8xh^z?{q{WG1%imcMar)=k1fTjAProS#x4?428`H)6${)yD>
z;I`q~Eqx3D3MXhmMAW5)R&%+cysnYdHB?e!VoI};WPBV%iy<Lt1DU()a~`Vu@@!6!
z`)Akt*je^?v%uM8;V}OAolbIahgw%nsMuyss2B#kh-HwJBq#4Lm^Ko*dkly||6UlW
zJV<?L!Wad77JZZucvBM1poJJ*)dh7l3^ZU0bpi=Q-Hos;xL58g#|%P5kJgX94TY(D
z6D|g&%sceTaS)<dNVU{A^ki);m1t5JH}m~NpU2~dOmhrjhIDF6suh)8+#&~q8-_cb
zXrHF;C<-py6Z6|iN*AJG1}=%^Zpu?=XC75*1}P$yXt~&{`E-qy%Uqr<nNFuG(aOPM
zY`%5P?1<&aQ=W1X5=NEv_dADG=L?D`Nu{(jjj2D$q2-Q~F{j!q@BrP^O=NKJW}j2k
zZ+&3us5ZNlCs3z!9)yoECwJj@sWAE`iG9o!ajH&!I;TqNxq|5ukFg>}YjbK1Sp7$>
zG^+5k1I(Y35%Ch`V_OB}A9w6eUm3RyE3+rECOEPLzk5k6AVeD4x^=0u<tU1?*;7PM
zw4)O7;L<phnQ9f>y-a51RFNz(U(*8t#mK`1L;p0gHgs^bH`25Ed(%eW9Qr3c9W5R$
z-rt)Vc=YtlUpxQz7X$78yN{mb-+jzq$1*X~;W5#(eT~M*%8JLx#D>Sr!15Jzc=XIH
zcnn{kUp@2;c&sdpc+7wGevQGzK>yXs#LR%l$nq6zOkX_=cuZ_`T6q8GjQ{%T-!taq
zq!Bi=bTqQ35w_HGG!is2urV~Eku<V4aWutarK4qH`ky;=cyug`bPV*|+|WP&IRma4
z=NS;5@k)!=Q(jqwR!zhwal}&T#8UCpX7SbuNtL+`g@s7R2xe*;KSLnpA(8pertS2|
zLkP%sgI?)N3V>^W<d?LJlb(*#MvaxURAbvE*nL~`JmMxHqdJY)J3I5-x;iT)`Sh6D
znB;ooer#pAfYk+x`Hf4TA~&PT&{|re0NOY73Pg!XK1Pv7-(~KDvQ5nO`?g~AwlrS5
zbuV!YxJi#F)!SakXaQWt^9K3{<^yPmPdcZ8`(8WMx%%(+MWFVN$dSm8TaxIGG2Rqb
zaNXOElgLd!8+{!Ka9tV$(8>#mHFjr4T#fHB@I5cs7e|#fZWh7|K=U0xazeD%?OtXz
zc&J4*)|t<FF7KNTuysMedz?gSyFTvgRj9g}UrK)JvNt6+*pB2i1zu5nFRSr7hYd^4
z;cpkS1DaDYVD}oCMLx=2$WsT#O8{b>;;@iAVtYuedIVzDj9}ke8CzYmPe3=FO5Fph
zP?A`iysF8dB{q21uCU=KwmQk10B6|*n)V{#m6RK<`>J@&u&vi{B$Tx^(^|53l25@2
zBqVe^kLmlW?Co$>dD6UkbT)(y>cDtia~01tWyhWBtaTKs^2$QS6X}jHM$QNHQ&k2S
zv<Ifln(gNFMj|m=oC+FZm$_=Du-7q0;wSL^cAzql6vqPva;y~mgMoE}XL<)*dIQ2B
z>W&_89^bSOM4lw^&$?#bAJ5xeaEo%cVNQ|Em^s~6?sb33pYh-FU;HgU+P~#*pZZ_&
zg8%{jIyLS!0&UVVzyHk{6pf@2&1MGe0j$zb5%c3yFQ(F0s?Lrz2p4VuR(B4T+y&P%
zE<N{9u~XBbt}EuDe>HA&6KuEU0oBt*YY^x`<9WmFmO*z2_97Zw?Rmu65EaHo!SnlQ
zS9#PE>@?I_JreWB_Q!+o4Nt8NVMIVS#UJzBhi<EW(Wh+i9iyi~pS7S^S_I)fQ8WmG
zoui+9(AOV6nkGo=x81s<E{}~^Lm!%6@6&kN-^xGMm?HxI*RgtEgZ*E3cpTvR<FG!;
zYf$L|>GXL1=&}@5=7>OlzEV;Zd}UDd6{7_+?lG%@W8Xn(*(!n!EJ#zY5qn0=MJVF$
zukl1-586-+BlCa1)Dz2f-WhR033!$I>7)J&@is_<R2sfHkLi1e5QSC@Fx&Q^H!&~R
zgCZn@9?E$CW>Sy6Y>iAIdv^8<i**W0pAS4qPdALEX!X`X&E%ES!ML7S9a_)|lt4w$
zFK3@_I<ZguEAUUL#ZMx>w@0B5|Lf1~mwTm&Y!;Wvb2X}okD{TV7xcN}1*ytRc?GW4
zvO0bFXF;8nfSbLcC^9N^EzZ%ik%<vUwmEFG(jr%X?P8_!gc-S?t&&J+`-<#k>Q=xi
z7QBb{iYiC94f)W>Rsu+sz?fxaLCFxy>V^7EJ49Zp_BUiiUW&6Us&OY)d%Bv|QI)fL
zkXU85%kC=`FUAozWws5=AYSqv(qUto^8Dct?bsH}<WdskmcWbV<xq;5%?0gsjUa1h
za^=Kq#8mPJhrH3^k#bB!AgNJNI7w{2V(`D}?IojuX4E&Wcpa6SsG!D6Y^o}1mM^H{
zV2H)6z>wlW<m5G)7+NN5TPsP9cprzfxhPGYEKt}{nkLL(LabCvH7d?8yC`*S!RxS)
zeJd8O(ro{PgRn(~js9Nqja*=ca_#}KFW%HU<Nj{ik$*L}lh#xtyfcprigO@<<%oDF
zvirL!H;|RPJ#)?8tr`|Z7r&;fD|MDxRTsi<>dYGAM<wSGFCj_ql*6Kk{rB=__H)lN
za*ckTBPu$uMVgv}!<@%LT#^snE-Jh>b<_r$9ZQY*i;@z&ZYCyhPh_;4#=v3qmH4B<
zTdPXe5QY}a({xa65fQviIcYFiy*&q8VS{=_B26kd9x|ZHiyd`f8zZphG3AvFb-wSn
zO;~^lk6c>Eg5p2MD@s3vru!~_pponpw2-%_qf)~ZG^wNPzGzxnG%bU6p*ZS<=ex;4
zW)lT-$2fg!ub1EwZ?v^6PKZJ}B#5>bUP}WDU+y!3L~bH~vrUNZhvJe>PS|Hq=bl^~
zr-UO5>I{&$UaoPb{l!kAbVnJhlBsA_+q_Kn1{qJOm%cyAdmqzuUxL;U`tqzjSHj3b
zI;PxOq95YhkC7M*4b}Xx;rw$QbtkG;m@#|uR5a;$fCSYEgqfi9i89R+I7QFGnbN+2
z)fW2MnDMUGPDkQSW9_)4GJAn?!r3*E5n4jd8=??IclcbCKPAATX4EQFvOFP+vJgCe
zq1bRqu+C~@CTexadb5RK9dG#>qK}V4lgTPMc>rZ6UoEgbJ-=*1Z*HxuZOvWa4At@R
z$#Vlcu~K5_ni-1;vK>2eVvjPe68e8Ic9+3%qfw)v9kXMKIc8?&m}6#U#x^svV`e*M
zW@s}zW@ct)W@cW`+?~DO+})bms#9u7Kh)~#qo=y1_nddkg0|F6wOVe(JZ;#)!S;gk
z!mbMbj)(V8j-ASl4$m(uK}82Sz3%+^>%>gQQHym8uuE|bUyG(#a!c+mP4iBnI;HiR
z1*j^W;RNxolxyoFKc|I79pRQeAf}IqIlnkDO+S&~BK{CBBt0}(wWhX$eY!0(Q=eX2
z?#8EM*jCy`gk=~2hlY-V;gOOv1*ICuz5cZ<KYj<$(iL%sSP<Rn))NUD-||p!DFu6=
z)RG(1)2~AnUe7OQM>RM9gI{x7zi3xH#-B2WBiC$qk;DbmYZ}thkmup3YHy2N`SNc3
zm;BlPE&uu7@?-p4{x1K2<nOx#0nuR}R-ak-8)2I!Kre=&sD=PELeR*Q&TWk#QP=OR
zZh}kPEf{`YBBYbs`x$ImQ$(~TULYm7hPKPa(oNwmyH-b0PN-rNWV~Og4gfe3b?{he
z;)Y!$&hr8?Vbj@rX9%O_HuX6TfXVd`$&7o2gg};XTgmt)bn)Dp0A^oANyn1<l3&yQ
z@Y{&dr97`O@mzTt8iTHsPU?*y_vMI1Q=cV^szKD*E)1nXD}H=QImNAqhOH^jI;OVi
z(Oj_X8s?N=Yr!;3q_M5vm2@MqM8)&%SvH7gx7ZM3*}|f={Jk+Uq}y^@a7#}G1+1g|
zJ8&Mm!AEqo7AL2@N{AR%GSX1IN>r$eTUzq!H?)0U(aLd2sB%Op@4xCol~WeCb@TbF
zuy2=UvqD`Vb~AP-#Xmq4yvsbM+s0pFZrLc+L|;-;@)3GUJ%(HoZh>{b1Ux`rK$c7N
za>cu+U8*pUqT7)q8;G=GN?j4H6ST@aQg5+RT~ih45VlG^!fugvXTb!+_z=CuTtan+
z2Vg)?#32PkPatKIzGgPR;U;(nU9xOZcE<(y2arQYqu>$a5O7Oa@d`ZBQa+&EBjJ&q
zlHMZY5uFlpi!Dko3PU5i`wc;afaserG<~}Q+4Ao83cwB60FS#tdO$wUad$yECt4M6
z^ta{OVk_~c-a_wo?j8$BgJxHlVgFVEJYIobK>CARL8>KqS3zb;s3rW!x+T$V+>JJS
zOIFezW6P0~c1hh0Sz?R1rO-_p5DwEpqJ>(AN=QdiMqWnz>Q|Lm6=eHGpH&}i%d=ae
z+wF5A!LQx+0_0m-0#N$u3}&d?INb`}O98deCdlIiG=%9gYEo)KYGS73Gz4`>8Zb97
zH_#3+4$!qQwa~QuH>N_&`ea)yep!=3rX(!ij$xRgXJBTaodSvjG`dj*;B!(LQsjh-
zNR+;jAq~Tz!0-xS>VxWY>*MIt=)>i(m{JMHe-l9ogUN#y4iFIdLYVcNoZpB)4oXo+
z!5z9O0LL%wxAY*95i-+fWd?Kd5A+xrTX2*oKN(oEDE>upGva*YvH(;8rY-?7qGT8{
z0irH3v248U;@}?&{m5|OJp7^|gr+c9eyQ0+6vbnv0;rT|;2iuS-(Wy}k$!^0B0)mG
z1=v87Ll3~{qP&YgN*pJ?31T5}i44=j=zja(ITXO#4GfTl#z)~L@)Udg_3XiC>PWCo
z+=|Vz4QhDtZ5;ti@|z7(6nJFZHyg-Ev=DaaN|bjj78N2LSgg`-pZ7XHQ%U+G@DiEz
z-o*TrVM{iEPr=Y9+npX+hk#r5hmdR3CC%Im59=FOH?z^}OaQQ`gWSL0zL&q`65Q$b
zhx*%hR_9-r6kAB$HZU(RFVKjJGaki9I_A%W=I)4F{N2{arWk}`hdI_@0T}^MMMp0%
z4@l16yagNClYhO?wU8$>Alb2RRp<%eZjbAAv-IM21ssK}_`|@5toXt3_LeK{qEppm
zgsn;mTj#c77w^KyH)l#%6Kjd0eWn^b+2~I#!MV!6vyJR6RYFIclpUo4nrxPsO@1gc
zU<78Z>(RKk((j5k1itH$BV@$y$^j_}atBC22h%?xq9x_lkspg89|P;f6(j1DP@L7L
z1jL(?lJvsaV~hu*h%S+pgwMUr2A6Zr<^E;QH|#~hCFkvLPe05<;gYu+Xiq+jOVN<G
z8e~sBOiQsMZ>>Tr-i8Oj9(JP8l&=tOg4{EYr=?KMdBxh3*o&PVqfpJZ6j%yjlBe_}
z#tEJwQ2ybo1zK#W%@D;G)dAgqT~O~=#cjGNSsG_cm*Za*VT+(oxn<d{9>5H<18wN<
z9>o}-AONG!l9S93CMQHef(q{BnX!*@4P6Zm#xFaGWB|QPAR|FP^KBL!jbA*3ObDXh
zvjnYuX|N;bHpesU8fJKa0)Oi-`Sbr<{)@lmNB_6{1ML6Ek9i9M;@BQ~4LN*5;Unw@
zzo#6pYOA3m@&r3fOwl2{6kUV3ryrkYOJyx|1UMO*DfNeJ-&Kuq7$+|yNf$jNk|K(a
z!zV-b3}EU8?{>wq2PMq>Hc+jKDol7N*|viu|7(o`N?r(QFcB6ylH~;6NS#L?QlC>F
zD<_H}K~6GRpomZjg$$(xIw9bz09Kbw{|a<5I5lD5Z>g$pvCzhTp+PBP4A0g-@AEwU
z?Lqf`3@`lX`Ve~hx`$6OAlEMR1Zr}3L6Mc``Rkf@*n{FCx7GieZCLY1OR!v~pd0$$
z14W0R8|0o@JWwuEh$G}0T!MaB@W+ma9G=ipWDV>dB=3s=-;*n?KKxch_Lpb@OPDQ3
z`w@d~qHX~JF8wb#k&_b1vdN;!lF5R}(#gW6ge)k=$TGx_Fw)@kU4j+kq`Ti%11ts5
z3FChA+ajg2upfa#@yq;167u`0cPr#~!Da*v0NE3CJe8#I5#flqCXeUKef_d09FHNF
zDJps)+$7{!s6*qf;4{QsjG<ilpxbEJ=A(V5@j>rgc2~L(rLEbbqEuN=K&RGXcxGXN
zW>KR0LcdtOOs|RCp&?gZqI1OOGa%97PCApWy0&L??A~xPLdV!%T5O@e5LQvzf{;ga
z996NV4b{@SKKVu0Qgvvt<W5`F8RjaP{wKzaU45G*u3~*|^Gt`QC{TA^eU>ufttJll
z$VfnkJZ)-enNqJ<JL4!tx%IY4#!w-lo%yr72W6&a+vrBMVT#Xl4Pa!RcBTDv3UKW-
z!bXqcY#?<>t7u+2UaWKM<M8=UNdWqm0xCdGPKkDf91g^PBH)W|NJb#S4-{OxpaaK`
zSX|%>h6nmH#+llo%>&J4gPX?N4Ufayjq~W;#MS8a#5&{1#<to0MDI1wE%o&sSNdH<
zwyi^7w9Tj4B-ID&_=LOuy_n1VO_6)<Jr#HE9dpjI1~{xsi4NSx1}}S@(bu-&F;6Jg
zROD0$h>9ns6jkhv+RYp4=7gOgEtgzQCpo?p%tmx5ajSJ}aRaJX#1Z8d5<7d9P3o)J
ze7lC@?FkPehQ$1C%?RB*)_m5S!D-iQ-G0ujEk?dlY{+GZ7wJYQl8(pBXRIDk6uxC9
ze-VDQt9n#dtg&HKse*GbmuLpG=o{16pK<?M;<<bqQNlFlIOZAIsNLg<rK&P#Qu15k
zvY26q86ZX(5DzD0YzUW(M<{Z`VE|LC+=%CbnUcOWl?yDMI;%K~{K`5DnQJnNPzC?R
zg!tojZsIEi8+a$5g|h>qp=#YNgT8_yL8gx#O#%H<9n7$zIT&T+n6IXShB?>?<MvL>
zHxYt@0q8y2bGMO}M0(vVo%4Rgc()Px+FV#45{6eH=kiSs>O?SfJ0ICi(nJSG@xVlv
zv5Rgt2C%siQdZfqxG+y$Y(9&}^_W*2-#2!yj}NZo{Ryy;W=uW3k>4B6x*;Fd0l1e0
z+;Gud7hAHI5Q?8a)j^}Xxh@%Bab-3QvHFnJm`0w(y(j1ceRYSE{8YF>zP|H;1x5w)
zVl}egBK_hv4l#x;L<UsErOH_rT_~+}Ci<@X9-x^|N;=(j*B0>%KMM>5GG!v5-PGA)
zMoY3riL7x~Iq1DGIB;g8G;eyUL6mNRs=;>ra=MgkM5XhGzofqH<BZTnz}836`jWOK
z@yMzLp}A?^2w4$WZi{Q_f3gL6yCZGOY>9YqbvyQWp+T8+unOtY)n<!-?c4}<9?-Id
zC-ni@=7Z1ui*s7;*?V>sv?2GNZuVM1s{!Q$A{)xD3f6fiU7j=cI1sD~3Qyp?Z)p|k
zWvk&5dVJ?g`qBU??t;+thHflx)-V4{5^f0D9_C9fEzF5-2V3aOU<_}i@i>31On0Pr
z5TD+9=kM=u^j*4}Xs+<<zu32+TO&))XKeO5B1m=mm@0!M+X4&L{iCal@Duax|B@g0
z-|}DnEkD}7<sUuyM}C|!5D=yPN`>=a1=!%~b0pU!;T}e^P8ewYh>7+3X*jF6{g?^7
ztPCy^zMH4TP%~aZ7sT<gx5J$mJ6^Z2fl9=QelWE^P(0tSHe5W;o-R*+cRUzkp2KE3
zP@IMXdziac+>ENuYZY|lN**5dO38U7h+l8MUA#JlAa3|SkWT!5pm@lCa1C{-hI?SL
zF>JKi=x^Tj(n&fAp5Jn-G<YUn#pM;2b?_z{>m|SJ(tGu{^~QgN=k+(7K9GOJd5ELm
zl$81aV-;n*vpOqIt-Rde+p_o(#rz0=izt4V6+43n_G6&)J4!M%7`Y*NeeB?6NKPjY
zZ7O9-m|1dS9|JC)aIVadJmUWM_Jq8rDDHy%P=Fl`-ouEHv4Qxg-;43r+8QNe6Enf<
zQGX7$QM)R~eYgY6g4F%4=3+G>JFz92!~vCUV47Pp#?Dh&NTflYI;FWiqxP>O#^faO
zY8>NE&>z@QBYdctJ@-3ysz+NN^sAlrSFEdy!XbVNMgC@!b@+9sWUDFzRVFT~N<s%B
zJbvO|EKk)#L>|_5!{cBy!V5+jC937i*k|K~Kbvf3mwiMoWOYXiRu`-bj=s2WNP0cL
z1K|qR+k3p8+(z}-#gOrdg@h?lqgbLDsCtyO)YKUGzbo(B=l4O!RusA3f>&2{QiWV0
zje+|DQy!PuXZnWU9rY8uEDhV!n=(R+?WU#-N|aA%>W<7$aQafj?bYi9;zdOPs7YL}
z)WCe6N+tja&?s4HFy6@MW9K?~$0unZJ(;rfN44%_Rh^qavq6Fi?O?(bJ3s?v`X+8*
z!Q4s1ErOJhl7njbTi$Sm^~px!u9Q+Sa)$Vj%z9$24~;tsqodY+05{%rCxp$_4zR<G
zK0lauwS2z1IBI<|n3p=5gH<C~999I~(6LxKiUn=a2*KF4G2OM`M%~MNvPw-pZ%9o1
zbJ{?vawHtH!lK3aAhnKF#KM}In#JB}WWk&-JX}8OtKIp{?V!f@<7sI|oJw+y_ci`d
zDMy>FO{ilNJ%S~GMoh%(!H@igSMG+EJ~Ni-RzS#o(f6sCeS5TMV;1#Ld4wstlPQV_
z(x<=zl}O9|p9=m`X-vaslwqo-i^hTLj5)TJ%0c{BKRiNcHGgMj5MU&@)5hHm^cDlc
zdM$%3BMJFw!^{m=72hhi-B-a0sQVMlAlTzO??ZeP18EV-icyefJAHsjJ5;+JdkW-$
z%|2&UZ*L`c8`sSvSIm3LyE|dBOsee#V_hW_gl|y0bSDlwm(LO@4V9fM!Qm`_P%(-N
z4n*1FvKIVcHTSE4O(K|KVX$Y1vEc2~<wVri&<Mf4^f!%h^6J$V)2mTVGmz)i2m8zF
zd&684xF*+9_R*P|DIB(0l$FM>q?!`c_K|UAhQ`VpkAsKHQ^lv-!%;J2M*V=@!Ngr7
zqxnj+Yc>_sBV~x02_qY0sX-<LaGLd+_euxy15$Xclw_{ZkG_-JNphyhRbScrz1<Ey
zrbc|E%%JZK)ofM%)Z9`SAJ)Vb^7A9cJS<eQSQdC6*F8XPX)KG57h7G-kDt-F{ldme
zABNaJbvbqnO~EL_XzBX*^2DI|PCPNhLK?oV3VW&#vE&K>Xwue{?S>>5#!cIw?j*x7
zo~dc50x1;xD4a4=g_WI3UpdxOFlLo$E3V9yQ%#rnYkP3glC9a<R^RumT$o(-R4l_r
zkkd{j{uq;+;aH2RFKA10UhsOv^UR=I**nm0NuaQAON{t}xP?}NZBb>(V48&2`Xa|l
zY2e6C_qbm7U7b(Wa3)FWN6{cT(BC}9FF(VX&0@ZC;ba*+BHKMQrC?yF7cZ0^M8^Rp
zWT!})6dvbm92Vh$LUyiH88si=?aKj@35--tIJiILI_VUTUA2HXYJKm6JHQ>|;zHI!
zCKENg5hX+%CGu^uV+kdAOZhY=lIXy{<S+ei`LF(#ANAkzPiOrjKT!q<NL2XQVKv+$
z_Pv^tR;6wIM3M9t3kjvds5#*j77aF5iOT-N9!s*`z^L;sSFLpQDQwOfSV@Zfss5_s
zFda6J2Kw@KnlnDnkgYGxO$!KE5~N8_aD4hLx4oI$#e>-7+mblBSZ%Z2Y?Owx_LS{f
zaT=d9jn|n^MO$f6w~VC%rr}m|m;f5(DdNXpN;N7~C@uw^rDcMa(<9eQV7zEr_%jgz
zmsoBVs`fSGy&uUSOpY%BR&wBllfkQwD5>p|)K`ae@Z=+l8Hp;#8CB74S61a;D-qG6
zMu9X|5lQo++#e#-2RyVjypM+c4L0@!yp>+bKM~L0HcrU4C-f2Ru1vw&N%JupcL87<
z#Io(vfJ4**m15i(ck!FnlW{!e`%w$yz4U!<bnFQXat}G1C`D2!OP;p~d3Kzav9kHj
zg_YE1*~%(YqXfz&V`X>e=iUStdJSirgXBlo#5m3LQwgQg$l|NFxB1olU03CiHeIcb
zwhj}W+_eNPF$<MH2pjV{u7uZgSJQrWK^QXb$;S-J`k?mg(>Yr{P_fAsBAXs8j4g!P
z_EOKh^9a0?o3MPDK&Mot$m}kc)2fD&TTUm*OvCjaF9>({%4@wVN*_nf80nuHje-jd
zRyi<5;X;6ux_MAl5&bY{0(HXzr?PtVW~Q%YSoald1q?mPdUJ)Pw^V_keBe$W)nZ!r
zN+fKXMwP<byUNb+?yO&Gh;<;gj-kA$yudI=T20C5+O?7T82pI~t1aq~{1spu`N_wA
zEU|95^-co)AYMiS5((eVWJ2v&C_I+7gSVw(v87*6JhMCpTcBK!twk<361bXT(PHv|
zjv}}$%2kWN$}AJyw5*Cy6=;Kal>!!ZX4*s=$q2TB!96Omxf;^3wB_)4Mt3VI0}X}L
zh1~gmQ>Ss5r)?^<vxbsE4<O7yEO>oPHOVGf31mS9AwLtn?}xMg;P^yq@FRiehNj*l
zwZ1LP<ycv$%Sy*gCU&Mh?aFW@$3QAzYBQ*Vb$bsbt9VSEr8dmLE*c-I^0yOjJsUm!
z)QPg2RAIi3{?_@eXQW7AOfW%P<9eBV+I_W_R!ipO)S7!R11r7@Mponi^4+VVWLD^U
zt7kM3Yc1~_Ut{)DN*o{bYn8g(&xzn1xd}eFf}OU&z#svfdw)JF`X2OL|0`lzJnIz0
zMUS7HYc&Gi;|ZR{KU6bf52Pj}=b^zmV*3jB3kvoM`oq8$zM7X}+)*BHufA~axv{}B
z52>ZHv6l8O84fWZs!vdoug_sA<)(KK$I7-c7j;xssU1*!J{Hn7S~8q=VpOAktw^{V
zHq__l7Q3k;7X)4(I$pin_>^UW_F7jZvKZNk_8x0>&z4Earix4$V$};QjLh=}T-d*3
z-CpVj!&jiUN5^k(HOxk~xE>8@4_OenK>7Hw5%ZEQG;3iZ<S}loAVk%Mg$91kDy%YJ
z+VEqC6DROo>ZX%;$PgJKMat?bpNm_(WGW?1OIZELZsYq}N`)F(SgMh%d+I=0YFvni
zX+&+=&t%P3XUn_&;<sAmTPBqux(E0Ad3j7Q%=7+!%oODX<*zr&?vYv*T~@-sFms}J
zjhj%mFNGZF+@9n^Fz}#2sJ%-%J+JlHpt9OUf<x(4UytIloUirz51Yd)m+>_W2h*5q
zHU`6k@B{buG1-0UtWGo+=7}mduIJ~QePykjPBd5OQuQ08wKw`HwLDIKPOKg^;BMH>
zgm$)?HF(vVT&+=)&zH4(-KRWc>Z-Ku%ixgeiWBip4gH2V>G>RS*vG36`<+18brcBh
zuULaz8FsGyHL!n*%Qf8Se62meeQZ-)!u{d~4TX2&-2{!;-#OiVKXxcsE4DW*+`Hxd
z^fH`3E^FwTCz4u)Z4d5tPk9dDl&-o@FN036?mlsC2X^K!J0()dPG#5q>I6%bT08fb
z{FVPL|MlPUqx@U`Ma6&Qj~4*}0b@1WdE1Iv*cuGa0kzJJxtRBWQ!nxAR{SxL7l`er
z4uCwW<mPz}IdgA)KD&NG9uP&{xw>x{FsYP{u%z(ciJ^-Pe#yU)qwElSZ&V37{VY5b
zeNFU;2vuS9tdx>s!BUT*?%4}-Eu~xLEF@?l5GK})`JHkxVjc1Wfj)T#c7%3je*AXP
z>!!Z|b>Fz3cCHxm9A6PnH`!yofK-}v$jm(BYZill(9#VMoeaJg{@KAoCP+#NV?s-v
z{i>`G#*Q(ifHm{?2qE1q>%cG?SjV4T)l2OXnp-3trgS;57ov-r(C&Gt8Q5u97Ibe#
zsK{WO)ja+_`-kr$JA6BhA(H)fHCkE5xx$%qrt$MJF(1R8gNEJgXbrv<vd_Hjr}-^P
zS&m3|uR>#)p2&cn^;cnka$iOIlCO3<v*CEAS#_;$ma!T^3&7-V%n|eJ!YGOHQq3wO
zer+AV!ae##Iws0?-tKFDw#tF>80Oi16H4n02A%p3+Gy?8$LE>wh+;GGr_9+?l6sz*
z%w(Rf1jWRQaqJ6Sc|MmJE!l`6Ed01bF^M6mX_6IMnDN}t#)I^t9Tt~l_ly;%ESJGq
zrgEFomPtd|A(4-SD$P&@aBk4B$q#xTgza)4fa17@{5bN_L0-}fO5VhZsF$ZuzpORL
z`_e=6V&ux*B=IFHN_FG0(DtrAR3M{Cfm-dDxi_Q0340K4>{>KA0sAP)$%DUiBXX7)
zab^`Om8ySx7tvUH;D=Y=?-c5A%R1h>4hj}W8y+{TFupq>@|F(s9%hVk@7L*}=`)0A
zk&2<S9deo?Tl2@x>nq3C`{6eX<p|wcm&hNFMz<r!;~CqIbLq;2CBd0;k&O$hfrb*n
z{g*Cudi^^JYk0cNONET&*B&*?Kvp1I@^1AOvz?_GCbNfh@YLzzG|AhEI5f_xATWOG
z#otjX=E|k`c1?WORzZ)2Dp$x~D~mUWpq6FEQf?S>-fVZ@t}ip!s6IUsU>PqJr*L|Q
z+AnOz{aVUK7C!&It_Jqe#g0k2^*oK_idN81<e3TKVN}C2H!F@F0weyjtyxSFZNW=`
z+YdgSoEczPt!l9(GfhqM=^)ndIe?Y7z-)N40l?bg#prZh9D~-^(JV$&Fhos}AXCHl
zCo%`vAiqT)UjV~Oh9FaRXb<ld9fh8ym{L>rN2<2j{v^FGO@j#*LyNV;`R<2zzQcCR
zxvQOr-Mf*CfTfDCyn?rWb>tu61erD70{!QLmSt65d$YU8>eGzD>fDZ^T+R;tsiIhB
zY*<ILJm#m@4<bjcMe=uuuQ|l8Ld}kC0;RHG;+)DQ!==dexna7UbFV=|SYA|F9$}J6
zdZpsY5;s~@ktjB<kMY;^7*{Mg&kuXDO@5+YFI33{Uh1Xa?uT;gOAcLYS=k7=*!k3n
zBYB1MB!(sG0puk(C=wE}^(txNv`H`qR-AZExw(08M?3b<h@utr+o@uf>Rm!fG7$<T
zEHF!r=Ie-FbiX`d)}d+%ocMSL+Vpxf$Iv`x?STa{x)1<BB_F=GE3v3Gqk-OP@y1g}
zpOP^<7C@z%MEbaBbTn6~T+4!fd>G4W#@s5ewkGUM!&&yT&>(WzwVX%-8_2`RQ%WKY
zl%yUSrgJ*HR2%#7`K2kKTNT`wF-<u!4d(jm+)E7Llnfkpnv-)bI{kKoemyf<e8AXK
zY|MkxBTezgf~7ZEaVD3sg+v=DNk8NqExvFvGjOYFl4LJz=6tU<UhP>B0Z0o()~7q{
z{1!lQr(+C->3VhN9I}%Ao6c^lGB*G@&n$b+lI62z5zAj>yd7)jDlySjsZffyMtNIc
zOZjOyWB~;nqNt0G;@)V8wqodc=<rUk@!+9tmfgtF-`d3A1R?1bgcMqq0%bauCd#!y
z+;FIR$)2Xfw>IJGBe>1sOLPe*#{DvL++XrH{<r)$f6I^jZ~51u{*hm)0|cZA5DS9v
zTPTc}06g&5uipX@n-B@Mq0obSsAMF*LiUEnOeBM(I>+VlxdmY=NVIn%hzb@b#edkK
z!Tq3BY~fT)p}*?<1`Qhg;(h;7QU5@K()lrYbL%sH^XhZ`RMB?7Zc%=rxzS+F6?QAt
z)+%ZOoL7!R6xFuS#?!v9>-gsTgV%KRK&0MlzKJ=!&s?z1ZiD)xYSkr2jlLtK)w(o9
zB3*W9Hhh>XXc5I=w=(L*F#l<L8&1ORj;SC=d6hl+dbp2-H%I$D@Ot>;Wn0`L$=NLF
z0|~~bvh`*o*8hV_{QE53+4O(L^+$LSUk2^RyPr(HVx74@1|oFYVZIOlvM8Svr<Nn}
z*gPNc*uq<W;4|-Z_IrMnI#~P>h2=BSw5J!l+3$voB9C;(Mlqr>l_$@wL|XZF>@)V*
zdwDaqy_V3Fx=Crt1X<Hso!i1)rfHekvvQ3S+Mp9^@mgi?!uO^_=_le`ME5jt|NNff
zdQBtw69zN<<)Q7Rg#4vvVE)td+UL8<OcQtw6~3C}_n47uE@hRUc7z|G<@em-$L*g0
z#Q`raIagJUu&^%SN5g-PK6?VDO2f`5(-$i06!J@qE4^iia{+fhW-<?$-QMey#bJS$
zA<|jG%c1kvW+vE2wr|qYmTggvWLP&bs4>y&2Gf8??hW^(cPg`=h@k=+MZ~xj>>&hC
zS#i$OA2Q3qI^b^YzAV^$;AUsv&Ey(|e$UUx(#=>1|DI=ygS>TGW?JI1O1bWMJ+e6>
z%=LlgZ<i=HuOlhpN@;)w-kBr4X)*?BS{bjC#g-Qv^G10lrZmK58SLY3*VWICa`ny4
zPmH!oK3WDEuUo0l<WlQMRr6Tx^K6^1cr$0|siPgR+=S*XRu}GF)O_E)O?H$1k*;pM
zPGnhekmq9&`1m<KBc%Z*`h=1hU(`F}^Uyvsqg=fP3uMd}s2SP^pNDp|jb^#ArUeSC
zwl?->818@8y}sZvXJtn^RWjU!8koKUuWgX3o22-#-FhZO)-P*g*k3Jo;s5__-cWaw
zLx%c_K{natitUE}qA-j|2<0H^txX$*5NeWea8nSfP|CkCj;9duG$5MTXYv!Ajdg+0
zf~CME8w2i2&r%nTT4tij=ZYna1R^gFs{$mOV6V%R+L(_q^nDTSDOH7Fl~-vA$PXfD
z6#2smGcjz*ttzsec`qcZMgAxl|G~-?3N2Plyqp?fDo`|sDQRD=c;*ZyuZc$Erk7&{
zJr=L7;WWA@j%I&T8X^7MGH1lV$DGL1kT3<Rxs|Qf)x?vNN|a6&o|;hfgBDk7-Su6%
z%&r8TDJWv%T~7J*>`a#+5AWyl<)0fx3({UOcp95tQLadic_&bAjH{4p(ng)d+-ek*
znB2PKJsg>H_lnd;o0kjK%N4xJ>5K5rZ!j5%e89%P)qIF(fts@nmgdO!FN<RD(Y7&K
zrduS!*f&gC@(9sKKnH5(#+UYs(aB0K-%@j?-c*sO9!)Uc0d<XL5j(Q8c<qQU!uF2W
znG7pX6i1PijH2pKOsyzvR_4z(6dtyjb2@QmL=YXuc*m4&;IUz)=p|Zi=1dd4l7ZXb
z%N?#79Nvr7*EszmT&4FbK08$3Z4?{-ERwc_N=A?GyCs-N4=0=(0cC9;xF(U!FK&D&
zkZL#oPyr;!vj@cQtbG{-B|S1<Z>Z<iuGbMr`L-jy%%^&nosM4ON|nbcdM7+y_@`VX
zYXq$?q_Z{gzK}94GDfRFL{CoryMhC4(L7|{AK5$p@flFo;jnmw9>H4WwW0^>E+0d6
z(#U4tWcGfX2~}RRj0V{F3U1a)`oe|AB*4vgVYK1kC)yhV-L@p^zvOTIZ~1TkmLKWg
z^6#|#BR@hl2uS3V|KTFNDi1BIXvdU_uf(1uZ^y=UTeW$<d}$?C2I*~SHULl8RQU*k
zR<}9&v;L@JmDk~nRYX=NjrFp-y&-Dhk8@<m)vwdgDGWpMkf`UMBNefg^K%OI?fc#~
zvhaKdf3D1YIi4r7z@|&>ca@7$pUfj;+bB)VL=$OLPF6oC1wKmLrZ~wVDJ*tz7@UEQ
zXr=b@PhmEboxYgucEWDHHF`_wzb^`Fe!8g>uq!F4q@H6dYn`U4u{1EC-b&LzqkoP~
ze>!5{L&q3HKz$1HYuC~hSNG=6p2ZlYg@1O{Wf@>6Z^$od9B#;_P&$NF8AU+DcmxHY
z6+8(SIQX|Sg#~?;C{j<o7@>xZM+f&iYF`m-=YVL+3H!-Ei9s<)dyf`48G~_p0GqgL
zz^`M?;ig`YpZh~eNhYoUjTGXG1SG6LiEnl#w_MQLw50|;9i8STb+4_iyttdS&Y-H&
zG3=1H9;UKqpK!q;RoYIPHj65&CB;`XrJy1$mP&#(6X#mlN!3_QjlGf5?3<vq9D!R5
zno9`#BgyO#YemL}UR8Ozxyfy<Oz?1Y1#Tsg;O-j9rgn%XUu3}~M+Y5!YmlC=phvV7
z_;_<iE!AZ|d>Y|KofK`qX<ut6@jCu~`qSZwjS>LL9oenLGDaJVj;3coz}}Hf!p<<E
zO19CvI^N`3l;D53usfam?d}3@FDPOiA={U!fFPP82viuN>$V!r&8(@bz5Nw*quiHi
zJxE}$2MSKDN{`=Nyzc6@wI=pUPRVsmlke(vcgYvG91cK1PPV$z{=x3FuUpNhCSTLF
z_DZ4A^}w}bE4`X}>j>l&P-7v-DirqDnA}b&)*)x%ktQk`3|g|QC@L8W=@xRQTerhJ
zkHVRBz2&P~ze7yF?D-OX-IXuNW{E!!Kc=GwnC7G1-J!*gCMIa4QAMJ+7YUa%;;c6E
zg?L;?AT8!<Kh0TM1TYblL(@uu9zFj`r+NawN`#Nt8zvYyROnMi*@XU77cOcg3Rvk8
zc7v#q(&x8(a>H$oS1S^O8>CN;8*!AFfKOBv`RM2LN_RaW`cUM&I~aXBw+$!RnsibK
ze+ne6W2p!aFnw}vd5j)=&L7B=7t!=6-a|n)atpsu7$GMuzMjxBe?q`Da<jNDNW55-
zPtbKM-lK1cxMsU^q2_#AkK5Z*bq<r@3Im@K&mZ0>2w69PKB8zR>aUfV(3_)2RWF-i
z4}bX~%}rU;r(u`$Se{I`j>O#OQMP**|CoOF5|Bvc*#6El&#0k#qOC!1@e^CmOQ8kf
zroyIF6Z_6b+y%5bZfXsCZ6Vj=d$YA^>52kwUJG?|rND!pW3<2nxZ?-(+RdbP;Cb-m
z8?568<eE*62X-^@;XB+Kxe(zPM7<ELa?95>!ATzEHIzvnu(hVc_Lg$%6II4$#mS7I
zbNxfS$n&AYMBoxZ^M&Ap;h~QIIbZIJprcRZ`HVr~KJt?WQ}fgLR8X!5XtPO<2VV09
z|AXM6PSiR1%5hW+yU4@dVLRj+@vcqxUq{z><O@1Kn0nK6v=Mp$w!X=%7C0f#)Z-oE
z1)O6~@gS{{9(sRYlg)V%cI*f}mp)vNI$yJL;v(xieD{5h)M0m@O*_2nnt1C)Ief>J
zWzTydcEm?+Fja{uf132-X&%V?JOPZH7vP~c+M4E68^&7j)LYj4uRd$9>DZs1EyH)6
zN0S**ySt-04vC{FJ9Q2|<^u@tOLoJU<mva<R;;g<)T-=2bMr^wzS605<P2f@xbVgN
z>}grKcD}W_g~bGax#BxkLI10rM&QgoySI5d+g1d#E{;QUz)V~9Gr_g?o#@<4$;r38
z9Km3sm<%opc(nRslNbf>viA1(WJ^|aTOM>#cwUv1))KAu>MUH-&)W=4SihYpyfp!&
zHbxn{yAsQ#m35kdYx94}-}&G2-~BEBw|~ojWb=>wiDw`nddU`3>1+uotgO!ARWnHZ
z=q4+c@G7PI5t_Bek>>2gd5w+92wZ0x5jVTid&Wzh`w}MU=qKE?{cflZ!v<OBi`8Ol
za!;oSODSyQJ-TeQ^zbELZu%&Jk`Dd4humXF=1zF*wByWHt9HXm-jw6aW3hY*^0L!=
z5pYS`jW~GGCNZA%gVrebjfTTCNx}}8>*384^Zj0S-GG5Dx+L4CX2$MdBDX<>>S}kx
z`jLvJ^kK2kkuL3h%elo<si$$fKmE2FOKdKzbijRklfBQcV!4izUUJ@HPGrC!LbxVh
zx^Wv)1ot>>MoT_;KHa|0q9Op&JBs~v?t|T^#fLl>Ys2w!WzEOKW?^3Xn9gCG?1`DY
zwoh+wUgf4h7qElyx-6IJYnU*Q8-;6H*F?D-b{ll+lX)F@8+seLQqhzlPky1cTV;kY
zGs0>ez8@t+oPJVeim+$0XF7(ypcg)~ioj8~X1(R?A>?Aj5UbgSDlh$mrQw8zE;gNu
z+9o4K5^JxtpEO0{K^@04EGmPC+6H$@^O%#hfy?5^H&wfZ4Oc6*z#5?Hs9iYSs1m)<
zXw|*8eQgL|Qhdmzac_Fw8+2{>db&mcSm@LSvp{N)bQr)d;*B~LUKjmClvXkqP9rkf
zbsSlUQ>HUqvN%oLJX7c&kpD;JuIT!7KUFcDdt_Xt`Lkok?48jKumJWIr|=~`V>~<r
zDb6(*{i5auMa8{4>c^OVrK(JEXoKn1RCYQ(TDWp}xW#Y%P*wd<mrz$1M^HFrl+I*O
z?9!bKjn)-txc<-2cA-7JbbZh{O=ISFv&wPAjhD`aVRN9fr>uZ-F}=NG^G&i8yQEs+
zv}9d44=UstUZ5?EQ(Bbmj~Mn2fZC2|9q(?uL~&0+QgU$;H7mQ1oYjcM2&a_0aDMVZ
zwXMT^p`?6BGcF-<esHd@mu|hh&m-Ro%0LOXNdAxb#2=B$!an$VlZp9x>*f4r%AEzd
zC22^8b;@l+(B#!Z8!IT0)-)fZw5B-)$kG%7lK@dyoKzrdCb&|0^&Jo^9)K6#H&eqa
zB#5<urO<+;5dF27T*s9=lqe?7Ki;CWvRp@_wys~dhtE4&^QQNN==drb$1Pg&rm?b<
z+8eF9=rME&Ehvy_b;>pC0fgFY#Q|dYl^9T8&Z;?Q$TwVBq(ZOhRZd*ahZnvd3hy3C
zF5{|^OV>k}z@fR3$0L8^Xn8n4d8W2sJ^H-;Y|zAJrTxcgiEM%_nq23Ggyk`s@a|pq
zjqA1kz5HGJJrW)p+Z=0F(%sCRglbr7%Wm7R_TZ28a@`zs$F2A)M^3o3#CT|JuF78i
zOgt=8QtOD?pi~{7>!0bJ-cUw=!lzd223&I{g{vTIN+t!7QKMVrbPd0i;fauf;5~yX
z#{iANJi%PDE(38>Toik`K@@*Riru0rGv}9TLpwVSKgFmp_nna*TAeB>wE5POpVgP+
z@Tj)#bmQ;|Vb!fu=jpC_vX|ODNvYf)OB@#-V_ecds)}pft+}@xJ0G+#dfh!_#;tM}
zdSP}v4L0*bmw1Dk<wd+-oa8=q?J`=^PylsKX(0!eDF*9ER(6=W=t&0&P$PXB3GF4*
z@KkU95+C`~E(d7f5`An5=SoL-3EsKWkO_DSM@Ua;uyz84soDj_RMM(PkyIJE(=C$w
z38OQKMYsG3bgD-vRNCd!7|PA<d$8vn67`Z&8LqL+Fzfqz#Je4lFIgVOga|Mnx61EX
zfSEp_JI(8t-koiTt7g}vi)@khJDTnS_hS|h51~OHa<hWWBx%vO10SnKJ1^I0JFokr
zWX_0&o?@%>`bN1GkC)>=4;7*->mHo-Z5Mdf9zJ_+7arW}_w5@a-GI=h3tgO>^>NV?
zY^w{KYFj7f!WkiiH}U*&uSWB1Qc;@vvU*RNd9|#1Uh4Zrfj<X*f63qb-}2x8EkEMF
z<-Z{QNB$l$5D-zjmNP^Pm4}RTt+VL!;B8i`G@$<h`iOKUX69UCNx*AB3$2fgT58p3
z4aZdMVV!64qxQB-Vw*q<yXbR&JC}ZsFo3IuT;C_c(|Gtkd~mAQnsyot)6a<TNdk{g
z7x@o4Z(L)0&sW9FsF->Q8C@yPWzHzG7${CUn;63&$76dWalz>}YD1%X!s9Ww?YGE>
zHT0$VCzO2tp{8(gU>#j19Zxf_-f$jcjlxh1Mgn4UW|Tw?J4d~+H5*`5m{fEK^=4V6
zWK1csRJjHy9I^Zo7hRy05t~)Rxd)&;XvnO2H!!HnyvC=DEM%z<n~k;CI4Vhe)w7(q
zMaNuna157X1&|>hbJVKZ7!4}(R16<-#MKQb`y9Rjc~=rVW7zP9F4DptpGBVWe8o0U
zR6mYV2MTT@wQ9Fg-v*1l6TQd1PhzZ&{C}s-3?QoM51%XqK>`up9S8jdXMXedaQE~h
zQjfb%#lvIT04%ZBagW%!xeY{(YvWHav^#W$Fx1y-RZ?r7pXnQQQ<N*uk89fnRMt0f
zG4Yz5m69|?i0T{mwK@hV#_HE8oIGsQ&+iEhSAWz$B%>{bN-))sQ<-5|V5V{Z5p_ms
z!Z8~E!8p!K=c9GgxPP_QkDsg6A0UoG7CA<kLF*v470?-QjMEb9&9Rg4=pfPcd9T?)
zSBCTgjN{Hls-wqeAe2i+>XgBbb?^B~rY*&l3V1!f<bp1{?zS+dNX(~kl?U{xb3XTS
zIDrMCs)$quR-(6Suv9s^9i?9HKN)z>dw#sO90c!gu>179x*YhheH^|je(~tUZscSj
zu{9(hw`Ex*T;x*2(?ZrlDuZVW2nr?()Inrb%2zop{(+14Jrkt@jt|${kpI|E99E~2
zrp&YMI&wH80bcpM#9BG8R7J^3chO?&Ffb4ngU(ZLD;$=c=JgWqf+z1n-D%?F;qps6
zh1*oJ@Kg9a{j<T<T)1HP0=>1`wAavYQWttRS8=0am!sPPdU_tEweshT3-x-o^bV$a
zZI=>03$&)()wD&bevNCMTAR@)hl(>P#{OsFg{(s?RAMXD7?0q(FfIJ^wrb^w1pbOb
z+<CGEXYHY|R`Sx!JH_(;<Kf{IJ2>jIozMwKwU{cNW_M?;%qrkcb*3U<EdV|=x}hRB
zC`k=iJ1b!sf1LOzHS2L*tdRg%;<;|4vT^_I%uaG@BJC4|<)LJ;Qf&>fz$2mY5IQlw
zf?s3c95Bzbg=zKx@zS|`^YCTfJFV%Q@0<3OGS{rkDA9+jBP|IYecF|Q6O#&oVIcF)
zV96jBMIKu{z$-!|UYX7<f@TA2D>KhbwB2UgO-6$F0V4u(zLSTs^hkJqagp_|`)*dN
z-eT?tlgebwRJ~%w5jQ67%AU8Q{rF@ZOdMwxvon(uVBy$3we4671M%f|(~Xczyo@$y
zmc^P^#1+K@yL$T#hq~YLh4a-Q`*rB@h%3>C({XGS52s9=qT9wV$mPT5U(JdWnl7`8
zJj%=Y_Y;Q*%Qe9@Chl}KCKauE6R(|%luN{IQ|*`Ub^5_IyS}Fp<5?sd5mr{Ygl(?x
zqmk~b$uZLn{UJvjXcy5j)d}9><5v|*F+S=dRL0Ig;O9iA1%S#m!#^5U5m1;IhMomw
z9VMcb>yZ5wpO2lFLk)z^&HJMY?|VNAi@aDw=xB1B7rryPETK151ubiTP|CktkV=lw
zz46$$1M}-n*EWdF**lEn$s;7=Z`$(4Ng3^PK4#rWMRvv5iQXoL0%<=M=CxD5dnX<w
z^qMfG4K!AM5a~yAA5o~2WEruI%tW@fcu#$A;C}dik#B2$OfD<YuUL=a1qk6pic|tp
zx>=V@l&G2zeZB(wiJb7N8`3rNZ%3+SlQRsHOwgScCb*ZrKY6EneBDEFYR<`Qm5A9Z
z)>kcmnp^Q^l2(^J^8QQy!T*;3;cxj7{w@FQ!awpiJ%fN;zs~l>W&F_p!)-C-kQfVh
zM<SnDJFDFvuw+llv_WW}@|&E=Nuai<7L#a1Q806pf>PG7{Gj$UqO3BWul;vs<4(X<
z@Tl<|_9^QrP8zYM$^lQf<%ns+8Fwo~W_4cng!7KfVm+1@&?)^L`@|^5AcHD)*GJUG
zOY{~EeZ3X<4r`ghWsp&ZkB)WZ^A+~U`b5c#ePjRR*0@^TX8tu7m`F`#QQNd1%0jE_
zxUe639^dL8TU*xWo-t{9;Gmypi415_WDBjao?Azfz{Q}mDiquE@>!qQegj#50G9LD
zC5W6Q#q(V4>I|%(&kH|`oEW@uoZ?#Y6!F=-N!>Ph(?O~u-keLetv{pbw#Zvx2S%=<
z?KT^Zao*{UtA>%-WgLQBcZ}hGd8*R|aoF`KuDC!UEGzlNK=VtYXdBigr(JjzEL@L~
z#`i@y%oW5N4zXMCl7ahkFte;4=4%Z7Wy2=wlS6hms`M{N4kE!8FtY9p2AHs3@NyN$
zf`QsHMWI5cpi4Cq{%VSPx&q)sSmykTu*-_WGx`daD;_T@<)5`GC|*BkPq@1(3|`-k
zE?|{xey`Ky$qv>nt(`8c<|@+lMkk|JIFF2$$;F6MRpT^oyhXK+4ZW`dh5uKtEFQSW
z{wSN%$Nu(jmyvI*G5Q-IHr*~nJ$Chn$BmH2p{T+5#yy_UKhczW+I~gjP;WB2B4lEi
zMLB78_~zNdMfJcuB3$M$BVOl#Pzk9feZ!=yJS^!ym+!CF+-q0z`D`ti=gjq2l#}Pt
zrcF8H=UH*)S)u3A22VL-7g&6!XV(BSsGLvh0#>DrSGj3E>iq9;-^@<<`<D*7t$6Z3
z`ko60Rd!Ap3J^l0Xlo4$2P4dU(9fXEe3;Inb8jtc&&Fn(Gyg0M^1bN&Ng_rz)UcZw
zX3(H4NRZMPVmat#DC3rrbeWzutcw+d^^xcCQrwF*+nK1lGFcXzF+Q@Hk|8@ooswZY
zlLBT;X~et}T76Etd%K}{W3_xD<e{vFo<F8UQ<_^pP#*bgSGHpL=9h9uYIsiV&`;Jo
zy7*qlIhg)t-|sCn<~7=C_govX;c6Hd(=oI6q;nPDsLMx$_Y1$r|MJ`CQ1;HeOB6N8
zl{@Bbp2aU0Ju-_B_?^02f{XATo5V%IUe6rW`0ohtwjfwr+3&uOaJ<1N&jZ_<Z@*0a
z;wIrXx+vd>ud+suW^5tHyFdIK7IRNTS-zxdpdqRQPX@|93fVPH?C(y-{vh5F|G#qr
zv3+u4u|1%2)8Yr{MyLEE6psInEogfnStt4m$7D)v#w{Wa@f~xNrXHM8kL%knL*#`a
zhKvVhy~6fBMoGTy%O1<*ftDvNux~^iAXGVFFTz@-P3y3Tu|Cit{yQdGs<vKm-ZI{#
zub`Q~$jv@DGCO{H(>^)v>JopjeItfqwEuhYD$RHBh#C^(|D7WwChrS2;!oml!~;ps
z15uwR_G}N{KE-E`6X-K}&$!HsK%O01(>p#jdUMf8E;7zN7!0}%KpF{563akWsn*(9
zsqyHudk{TOv};I~*Rfe6b%%}wj%^!@7ze~)>KloCPeJ-WS95N?MV2xD&zM3Ikzyt;
zOhK9%4KWkhcsaDFdJjqY4O@FRQSSD95RnR<N7h{w%3x0P|Gg?ylOo23GGv_loiGfE
zXhCY0NQhRTE;Uq%IVS8|0`yeK<{h)^8=MZG|H8yyt9Q^kJbt2SSEkH(R{h~ft&0&D
z#IB5f7{uoN?esX0O#UgBCKq0bZ7vCSV0Hy}mAP>VYa&k%RYx0O!yVDK4}#~`-5m+X
z6Nl1(tlJt{_a*YS(>R@bar&41B(Lca-Xp+Y@{jzt{EvUj5C3oZpTqx=KTiMz<nMz|
z&1SVRC42@)OV&RT&EXOIKjV!hl%pl-e}`nNx)m^lW&enMbcT3z#wHmkT2?E}XMu+r
z?&*Nv=I1p#vVH`(xUF$<U*c*z&Ct1*q4xkLwaxs`-J^YN|HRv9Tij^V+uzZ4YNvDm
zgZ?Eg>1}MJeIHP93b47UX((V)y|3wT!~A&ppYi?U<@*OY<_G!GN9^K9?Dr23%$pa?
z8*<DWk0r3SQy-msKKhreBr)l^j+nemUZw_)0$P*1%+YmL;f;xscgb}=DQ@qH6%5Q9
z|1$ho6BP|U1N=C~*W~FJ3grojHZ9$5Z8WC`1y$ZL_J^*A;+3psu3~nLMam~4QVhkK
zm{=d+?%HuYspxoVNdaan{=iE{Ym(uvh(@f>@P(U(L|(yI-K=Z^U#?6zl=AZEds45u
zEhnlVOgulwXfQ~?raa?M$651PEuWxy{G?@NqlL~DgAgZT7W;7?3K0htDT9xDdlji_
z@2)#Z85P~DQwtem74!3a5e%6`N_!KaclDqVe%g4GMbKdNxRMEjvl)$KPYuied%+}v
z&uMIHkT&F$NTJNyHhZfuBPmV)?-hq{tfKONEs9gcXQgtDky+!4QiR4x%*o`LL;u>v
zWMQ1fx`zpXL`v&xjpg;0%s`ddDHnM%fmj;3_!VkPE`>}dWBb1&>GdX%je9ke(`9F?
z`k0%}@HS;Juiyx(zTK8p3+yeMFTV%mJM=;~!FM>pP0sIMdkDb1p?mbfjk@oCL$G&>
zeTQK0{;alH1<l)1X@s{9X8a9rsE-p740BnxUi5~X={t9cQ|5cH1@VYh7O2}3eu>-)
zSJ_!wh2RbLfpD_Lx(Lz{xUl7N3Hhq?fga6bj(z8~+)@R@)`MQO_oTv;Yvs?mh;Y$`
zFplz<)P1cP<AWK+7k{j#I_l@TRTd$gs&Lo+aW8pWx?~m$M7KGQBkgqF^t4P4LA41n
z6>k0Sv$_=B^KkJORZm1u>5n&-b^VgI&|J~hH=oEV()3}U5N|`g*!MUZ7Srzhqwo(S
zqt0z19ycZ4G(`~)VcIsS4#&o)pr+Ltp1bGbTRw}7_*W74*Pxx#q$*JEY%<W_vS+@s
zg@AGW=!BuO736j$_<~Fb!}(M65Io6O)yB~|h;9-smJmW=%l;5@@uJt8{GO|N!;SRz
zSLP&ah2Q!jONc{{-XkH`hVA#R+872b>p=Cxv@s`yi+zQPZ(*C(McI*kRp5yNtN@?>
z8(sN#(&3J>3y1dZw^Ca_6Y@KMI%ylnDb)pld#^B`R>mDM9ll|aLM?+vnV$cTDu1x_
zO;Gk;K~Tp@L<`&;6fH=dLpbehY7)V(`Apr-CmW`!zYr?|@Fr2*yObxfpMPRmNb5FY
zRrq>O;!o>?zy(<7e}fAmw8e!B)c^g3FJOxSlxfR-&<|UWWbp1(q!GqCNK=nx^=m`d
z83SaEK23!G6~h<%Tl#t~J)%{ZI6bDfG*Fi=rDVwPqY-4auXDEat56R;V3&rj-|+l`
zeJc^H0=+dn;P8U8dL*76HoH(h%c;gvpCnx&ReBt%AU}(#HdU+8z2WJ*B`=v;K~IC0
zIUnI)xyphU^uS)xb%Hm#u;qF*+L6`+rK>RibpAi-@GP$qlUGJ0sxBN=Bf-~8rQOf_
zyL&im=yQ3THB|Ce9f|hY>&?WlueN%7N$twA%#}@r8=E@wf9{??*;v&1EH~41#r1}=
z>AcwD+l;<MZ-w{q<LlwN#3=HOyri@A8@p^5t2qnMCZep!vmI~~Huzte_m}(=|1JO1
z-}1x#Oa2%TzJKH=r2_%MR1nJbN_mfb1C|N!5r2R`DL?DKD0W+sLzWqfo>{nx>YjG&
z<Fc((FGY<xtC+o5JSW}5|7vqS1tf5pe}L_6>@MNEeW2@A;(DAdnhnUPbmZNa$1jby
zJTz|n-#>gpNM5WRZvssYU?=dlmIj{9REG2JWve19IbZaTy`|rw-NqN4#~1H?Ky>Nu
zcjEcJYzUyF2N*x!XS^2>%YXF8fa7Kplbir?DSv-W5@dh$wdHE=LEH3SPyhPz6YDn6
z!i_EDMDKg|Fc+N2p(t(&(U2KZs0{TY0mA7f2zg^C{MDu}xL5$mA;|wq&n@SFUol6$
zGUU#j)ieKGF`)C92dtCPXw`iAarlG7ZnRJQpI`QN-Z<fIa5ux?Z))bZ?+AuN(f(J@
z`Ul|0(lfGLCi*Kl>tmly8Bn{{I+H5m910x1(1=|8m5=d0;9jF{D#v-_<c$@%<-kp|
z|BJS_0IOTu_P&wg?hXZtLvgp_E$;5_?yzuoin|rJ;_ei8cc(Zk+~K3$XWw)7z3;d0
zxvzvdNB$W}26@)A@*7#n%$#>*t->DkJv6P}7<1=kq4pHT9-{mws1HdWr5d%Qm90JZ
z?Hx`AE{BCtOYh~dTE3RjjDIB-dF@MpUEQ(yuzSolE+5T6gE!lBOiwpXv~mA@$WD0?
z;iTECW<6b~+CR813DfXYp6EV5&Lqokhy&Jh)su+VxK?mhwNhbIW!S^<46a_XCu|pj
z_JjCV5fJXd#UuQp=lYH?Fsqa4j*2!os|(ikj}zt&f(KNlo7xpNGf1bK8Aw|ew5N-}
zgGAq1sax(f;1KEcS+%Nmktv~4&+HZY*rxl1eAu>)@G*^+-3}nkuj{7B-`TutFnS?p
zAO0xaw#Exn(Ago7>D38fM;D@s7lJ07O54{!16btRNL`hOwzEz)kUz``uc!WRI)6k@
zBK4Z|sA5BH>w)cb5<GxDtO>&h9}uDCxQB=3z0^Nw^<rEB2%fb~QgS-127^&ug)4iY
zoGvT^+AH(Uj`kn99@?YY=O=Hu9<;^QkM=zX0F@3Zhc+#x8-$HmUS%DTT22c}!GARr
zqA0!$D9{GW#3aal?b8w2+izvz9ww1R|4W|JMbp`L_Q9vr0~@c=D|T-&)$x6<v3;&6
zr%2WLkpD2B4ZDTOCI7FO2q@h1Po#vVz2K3q*(gXXTfU+^6L0ai$Xhr1;k@*#;OOr{
z`#%m_ktD3i<lRn(D0Aslj;F0p_>Tgde3~i|89KtBd(E+`mPE>&QA)L34RF_zgV+l;
zBhCIHpIm#Q+5hjDe~J1p@~OK^l|wrEacZ0F%9WA#R1#@;e-l3Tq9e5BmV@)?L3=~S
zn5|{-_+uWj^^geew@(rY7D}z?%edva3(7Kx%C)TTLEi<uQ;oMEp-c(@fzfSDB#Q~K
zkDD-7h^zP{8G@5Y+mbRX>Fl6qoR~4PvzTEykoz>|(bp*;^LTi0<fP5(?dfWq>Gty;
z(2+HMdy{qy&*6^C|2B9D9J`k5=k4s9Gck#~SC-eTpRdzT-l?xzPiI@+Sg$R2>pxyU
zIy+Y7g%fBU@9T?UaW^ka{)qb6#6&RNp>Y<Jw~eZUnXfS0d~mqpX1;Q73#y6jewd}%
zs&!N$&s+gR&*n|Plh%Qx(lu*~pb0nMb<F^0+=H|MDT|jj+h<%?rDkQRjQ5ND(|=F?
zhu`Ff`z!e&F8?Hd+FOrp{}S+*bgEL*vQ)-OoBi=G5<o5pn>yQScP-OlUazw2nuUKB
zw+(Q$=+kiE^{9Xb*f+?W-VCntH7)nwP%oESR#vwS{htc;(NtVEJ?`*LjI)`tRI#*N
zG}oEa>-knb(MUP-2zi5<x(>&aV68{Hl&@O{lT2hkmh*m0me(!G<jBEBUQ}l!owQo+
z8FAAuyDg3lJ8Rcp{_neZxl$;sYSm=Yu0szdL9f)t{cDUqeSx&x9xUhK44~-0*g?+3
zACBYXaSL-kGHb~EhjE+jD`nHJJ1>b;v1&EnR>G@Xa{b?Tkw+KKUEYzlE_8;Q+`f2N
zT2-i`vtGK;dCy-s(RJMHO}}WnedV{fuSxue$?NNt#ML49qet=&U0ef{zA$v$;I!0u
zpw{%5vW$7Vi1jz>yKKSkEgkOZNUtDENv`a#8sGQ&?em7VWOPs*n|bl$g9Uf%*>ZS-
zMEUUhnAx(WgRciU=y9b(?e#za2^x_<`h{<{*urSSGV79mue`U{RbWm_t%UbDd^y%L
z<FivL0_MjwGRLF2RK1S$k{vGPGfXeixGqA@zuoz^*yL&?G!_dcw}z%cbI@|p7$E!E
zbz%#(LNEukk#Z2ElMn=t2o^Q<gJD3CpMa;E_?6|?z|R5!di=@n9(zD--{Zf7>UrFF
zChpUV=)n$VL^Qzf<A|`sX7{GGH08tKL(KA#=`P$D-(b08dE$J6cp~$JEa)`ZbYO@i
zGU?$2T5(_%^tjpbX@ac#!flc?Vz<L3b>=gG8+RMoa%zHF*&3;$v4*76sp5BT>FNu(
zD$tH1R))u|PU0vQ$>%&&d_J7C8{(2)#4w^&L93%W(a0(5iFZn_MpT&78{(40c~m-9
zsnYr3h4DWVv#%_EuVDmP!StO6K#@DtbWoijvs1hO^@s0+cdT5c@xvOUMd?p5YYOK4
zC~{W>O;1*V*;AAEWnnGsq<kSNFWhb=bXz($)5QpK-c554O=W1Nl+v!wMH|gI>?wo9
zyKrFr;A5nts#vg-W6_77Mad0;R!q8S@C)SN^@I5;vq5z%hdFXck#m!#1pi{V%x1pi
zN#i<A6~&2WupEAqqlo->UGar-nWApEzdBg?Ll_N6<5VjI9mf-M|F_btHLCB(^go#u
zp>0Ck+lj{DK3<m796O{)57YnNCBu^8M+TcnshWQaORY@R5NeMx^dml;3QM7);MMm^
zN4gF5T0Ar@qa|U=p$83pMWBn|ALdIJirtjd4-$-UMOwKk;UB0N68}dcL7)1EVpuV{
z0#$*$WPY+Z<9~ICD^kn-BLDo~lmGEI`C<P`ez?Lv$&bDd0#YoTkDBl++;0)4NG)Id
zIiDoq-xk<_Wbr&j+;WrcV@j#OWLQ!~?3_+Y2=m7Rl;bE}mv=3s3j|%K(9U92++nM7
z$5Hw&=q-5*1V2tG|7{nuUk1u?gs#auZqfyut}$q5(Od(iAjSkeNsP6MtU^@w%dJHB
zr|)aq5Vj5TXD|j#){=dZgN=+h?Bv^hhAYVtcyV?Hjf6ed*cJV@yg^5dn$er?@bmwU
zi<S#(9=wrI*Dmx&-GfpL1caJw3`8K;tBpygrkq!rIR}z;Fn8y>tRg`5Ig!{S2ruM5
z<ELm)clZedA42de?Ck!3(*-GkO{@1kpbPa+q0WYGC?xRTo6T1eybJUp1xlG5p1^-w
z=$xHnC>$j2$GeowXHZ9}q27|MyxuCt{}b;M>Ct3-iFc}72BH5H`9IZZM*@a7?2&Ce
zY0s++``RMJUb#)gnc7R%=9mDAQUuTA_PxhmDL5YW9PI+FYscqw#`#Uo>u|Y%JbL|#
zh$edgbq8#P^Q>h*QSl?YFCc5B%xQ0-CF*TRzDwSAZg>M%RYw(J7m@!k5SK<HNsKyu
zo;d$QF{y$A!1zyQ2wuTBnW-lpr(lG^D2R$#GDYv-aA~fWANS2PyWG&(#h0B~9Dggm
zGQPrCx!I~u^1^sfx|-6`UKI{Ce!@K0D4XwSQfyWbNwJY{UVi5xgWYR^QYq4kd9L1T
z!KieE5IPY)uibjHRfkpC=6dqOf?nI>eCgkF(G*bYmyrC`_}!AMg}c&kwT1js2(%(?
z0g%u9U5R=h->*TP^M&00_pT%Sc~_$DbG*s+P$QBi=GNr9ltxd!k<U*&Jn7gl9g@ee
z>|{3qDqqX>EG`-u;-6$)Y2D<pUH8u7J8;|R@A-4D);d(y#LJz{d5C+w$RD!Ud)hyR
zVr}j*Ss@tBxur9Pw~G%F_G?p$K2ktBRcWoUA3nF}jhM^r%dmC5o4_mA{!DoG1Y=8*
zj_*t^gRrdLjw4QI5?n{O=l?KaA4|%n{(Ul+u-0?@yhPTr>FtJ*+SuyWN;w16v5Wet
z?WuI*u)*ZCeWgcj@MPkT)7K9?7(wcpK_=;sp?kvw_cK$wD>UCh+1xV&b=+EEAT=9E
zuNopcPbb#7sL(ZTgTXg!??CVmp4{}Tj+_W<O0WAE7Thhc%`=d0JA23zJC=qIF>%{M
zXCqZd^;m;v*L9uHl;KoYLuU2Lta}edEfcHMx{YDt$RraP)VjB<Y5P<os;~{d`*qP_
zuY`0(Vz2nU8Cu=%K5q`%CqjP>hU6YyM1M|rOom2?KbP>TRJybwJQ#2EN0b;a4SoeF
z##Ue~piZXND+wq@EfD_?@r(S+e^36W-{gn+EBR40{v>~yG6=|9IP-1of_h!*;NSm9
zUos(=6jh@8s<#@*QJ@^&rDL!UQ-+R~)<d>+ywt0!`k}gzq9jMiFpFx;e$a4$9IvO_
zP~uLHcZwnqi3}-vOu~y{h4PR;<0%eESN1Hq<1H{!{@II(C!L2*a``b-(fUk>EGsFU
zP<hY~LoR&Q<6y?(T1VB2n~q6&`S6s?1>deg+a-K=qS$`F)|ALO+I=4KY-wAo?g`uI
z3}!83HO*JV`9yb~_;lh3(amK)RQ)KE&&K}2&2@-d`YMWUZh1#*mB)RWyTNsS(_=m1
zy5ePD7Deg2qWUu~$`{gH)6eKiB9qy5E}^*sax9e8kRm^_L$J|Nlu+a_5R@imQ4lcR
z3=AoWp74i=kbn|sY!pyZ65SYmfAmsW3*kt5QL*a$gpQM+&17@WSZuVxtecS!>p*D?
zP?dn{$GuhlvzPls51tPG_*DubR@ZsL#H?)sURI;oNU}|`)LZW5ZA)_E=EEl|WqR_>
zQ<|K9fJbhza>n+d#jgAscV_j2l5)oow~K*37P)g%PhT&W$7O_*_K(le2K0tK@-CX>
zerzAabBQ71x-q`+vKAMTU(f99FwnSt@Qmpb^YDVlH)-bzJ<YnftCckx-BZ2f<V@;6
zB|JWjb#Q|}Gi%~Vow?9rDAwC7Nj!7&R7&;_<xEZ{J-b*~3p~+USes><KXT!4p;+0y
zU$u?CT|Lsi<$gi?ndyU}r#uW7)!}m;<I8tPw$nOy)(BA_q*g9>r*`z#WltSS>IU?9
zwBKbnA?!%3hnxASxz?xHmJRDW#uco@!-0(J&nw~w<3(IH#lMT(^SIHS2GbKA&P$@D
z7Y$bcA>*k;<M=k;nO6B(g_LLXJ>ezqPnXPfH?Mim(M#4>X{~z~b65=n=b!6Zq<#5i
z918EAd>#m9vP7QMLbK!@$sC8~uyVms>AS~gW1O}e{V(etVrMZPkK4UrI{c(!{6{zY
zggdsC7sy}gx!WNjC`IQ(6HQPnJ$T-c-7ajZ28B7f2p*p^L<G>xe0#fu&eq2=JiAi2
z5^p_NsoZ4WobA<!5>Srze>Zce>~D&9W@q3kFFf{{ZNBCOSB*bLGMGE=%=fmtoq;Ny
zTzwq9+$3y{`Ff^5?hFozeEqCWXal%^G)Rj73PK({Epl-{a(}oZm-$MJPf!rHUp#2Q
z`(nWH@u_Z!Lr6(YrjATeL$Ho4_Zi-)n$#`K;su=#)$8k1(RTmF%tYo><2J=coL*EJ
z2lKrNVHRdZ0?uAhp~lSgl8&)X3J)_EtsAB!68$_MsZ9zYTWvZNme}LKSAgLFElzbb
zWeSzJaoE=sx_P%}_dDVzXlp->TyS;kKu(7F>&pxc5EnNu_LXfuINpx+b6;DN;kVWb
zwZZ)wgfK{l`X_V}JUXz^J^X>i)#fE*b05KyLORKQ`t>_C+$5Ux$fzfFIaFwzu7ugT
z4|ljfDX1Pi!L3o$tIsu_NsN{I>u@v>GEMAiS9U_~J3oug8|RE$bOh*dcEH%5ws1NQ
zuM{_%v>fv)++?m*k8(0DkU(l&yhqdsW59M-@6`+Eu%z<Ewk+<H4!P%r&m-(W(Y9Iy
zHz0h4?9~iUR=_Z>4Qo-hn@@$WtY_nha;ZQ`)%Dv$Q;J3p>6%NNm|lW?bWIPs<#^Rz
zz`AkplBe7ULJ+i1xMx2S?4<f{0)So|?+~3%Hnm?t@bx13ZKVU1B8_Xc(bxunDdp^<
zP_<Ld33KJO)@?Y}z8XDW=eWE5nY=^AS(WlrOXQ`LAQFp|6*RD##{s98J|29>FDIG&
zVBs5+45fTu(o4mkgq2h+zV54_c$J_&iTAyJHrAo8Ng7(}H?k`9(nzR!r8Q_69*V3!
zhfuqVr(Jn}#79vxmiPr}I62K|M8<FgQ_a4HR*eEqIqW6SqhtFQ`PcuR{LjD15B*p2
zV<G)Xe$_${kgN24?}`_jrKEtQJa5@b%qqj!s5<iVZ-i~MWeN?1$_<3ZO6Be^;fMFF
zZ)L2`)duNo20XlMwZg;cP&?yrUO%y;NP1T-v)GA28EYo(<Z#qE(MGw_ftE<A#=+d#
z+9udTkxsP?lh%0mqq4T*V`9*0-P=2uqm3rP(gbA+P#SsuPVLO3nm_L`HaFX9x=HSv
zK6`zf>YA%vaH)L)d3(y!eOdDGt6VQ`B37=${PE=^ylp;vj-u(-x9d<%r^lRjd;U<E
zwbN^*Ei)K8`?Pjir>gl8Gb#LszIK@vmc{aqCFiOHEDbliIxS7BN|y#wsjnR;wi){7
zv4{<#d#>7^w3tM0=T*F^#S&$6WXj>eO8T29k}8hDv-+D7C2kGo+NE3c`fmvzL3Q;#
zd8S;`Bja+uyo*6ST#c4KX@$x@cz0>Z`LCkC^Nz7vEa61K=<#OELW}wcHo+-ys9A8N
zwJfzgH>^UAQ%4C!r8K0pO1sM)Vi^O&whp#Y9YV7ltU?)7#h^a-uw40Cxzw>#sg|`w
zHH&(#FsxkehjNiVjpADe3JWxErDT?-L@DcVrjYBpSQ=0=4LfTVcvvgw<SwFgsF3iW
zn2%911v^_L!>XQ#+a{jzF(F^W=%7FzE3jEH$!j)W2jW15u30Hu-DqDKr&%e;THGpo
z22$Kg_U!`J=Z}Syb*bWyDIMy4m5Jx2Mo;EAe@Gg`N7%(RiseT`k1R_a;$L&RVfKLw
zYqd4H;T9ve27v9Pp=MgK46MQAV09UFUOQFZ&*7qbro%l)>m=5egXWNm@crh`_2~QR
z1xNC!AM+37apV#pl+<gdbG0C6$akGlbTD==MeaT2__8oha$Bi~EaEQS7Iaw7`sU?%
z=rBfG?CQ`}j5HHOuB|;2L@unKXuHQr-i(YI%Ngd|+FEF_aA1w%m9og0XKYK_c=+9&
zXQM#x=~h=<X5@E(N~4aYao+8D*_Im7_=DTrcnwdbwmcLpk4LBpeN{z0w@0Yc+q}Cu
zNmWTtE>Pr|_RvI*--5cV_<KPX>vNe~C<cb|l~}Nb*|&CjoVq1zY-X~TzI6QA!lVWB
zRpnBrQk2qJ{eoq4(l?!tq8Xv;^bU(unXt+}E8($hB{&?VG+GtVdk9cIt8s6b6)Rga
ziT=*HGJKij_FSD{K=X69+FQ|%y`&Luw)RnR#Yrx&RP^>VYpZQtmFpuXYbrhg-7s8r
z>qeNDilw)Q%gK;eX2it@(qW5MBiFB+BBGG!hM#=daWV~EnTF!zv?GRm{NO1E{xIEV
z$DT-zqd8-3ZQz;5=dr}3sc?0x6{a6Ue)|0~f?CTuRmYLd_1nC772XBaP<@JD`<5DF
zC6x-3OQab~P3~o3xm%Uxk6el}xM#*r%=et@YLxL@io&^Px=v2(n+Vw}=g#8Gn6bsg
zn);b4X$wzdJe(T!_qbb=iEWtzqKQ4>)$$C^)>Z4}+@Se|Tyb(QkgbD?xO;;T*=P-V
znAm9Zt|rcGFTBQ)d>c49yRXIEz2dh472eq|DPO2?`yV;DVgN!Ok1OPCRwYIs)9R~V
zSe>nm=9Qf-jrx_@EbDG!>VnI(G+g4G*wtL(uG!RV;_B+v3+wv|_CLFL$KMk0=$uy&
z$}S(ds1|Eh-WNaU9IjNcPqEEXEKAJvx7Ee=)090FDG}8j=Dk{LmCbgMYO0j_igC^z
zE&?i^pWWGFSzkx|Mz3Y?aF5o*dB=z7HSTxY*3r}nGCEJoXtD~``zpxBUszSu1M?AS
zXDz+eh3Avq6X)uRvm?q)s;+6h=NgZMPUi%EL=0BXg=YQOsEIEVxv$A>eLn<;J_@vn
zG^GbJ4)@a%)hLc8BVUsDwwisP%i(5N^*un8)5*3E8p0`a`9=P%zbF68Z}LO^mHhZU
zf0AEB_w7xtHvcmVhF9A4c_6pME<6NR?yW%^+>w^2_OL%}$7|#)>(3TdO=G(hCnHN2
zy_WC<Bh19AmB8JPv@Uv0aKl=vr`@(m2}9VY-PTynE#H>|S3lm@(X2$JA>3i3>v8#c
zKEz}K>|II4QxoRq`L(z?Eu*4<mMYH*!-M84v9_MrbN#{B=Xxp;hnqs=B|~d6IKfw&
z!~j=SBEq#ts%_b4g+7eKH5-02{5g-{>$Oc6z!XQ>8Dd(P=+!E5+++wJM;Q|05uj&M
zIIhn+amAuK<S1(+6Fp4196-9s2+ODZI^*o8_CZ=&|I+Sy9I9cKzmj9Ir33Xj|G`Cd
zW`l6~@b*sDwdSUY#^zw}p}b<%FYpTw7w2)sWz|%keQk%>`59nJRXWq`f|tf}(=Mfd
z*9E|&`hvuVL)+m2MFi*+uaoh2*>K|4Zg^dz=oTqG?mR%GIsV=q<pQv8>7nMfZ3Zt~
zwrk$L<!f8@ohCT*bWd{__1V)<>UIH;;6-jbv2rmjs;fMqFt3E*SogxScNgp}T;Ufu
zr)^XJYz!+6KFYcV3>_8DcI-C5Uk=Y~A{F)2brgO~{y}YA1>2Iz?4UHFiNUP$V?>G3
zKxsr3<A&#LT<zp?(S@sY&O-gM;$#PE<8<+v-c*w^&2sN<RRtgmjW?O2dO36I@hqL|
z@<^YQ<;u>`62)QV+xu1C{&#r2>mV=A^L&Nfo5uL3eVf+!h+DSE!D)7lc)@9l%`k6@
zBcw;*mzNolefw>dzvWs$&+74Nz#m=)E)a`n)uVoO{sQ~tp(+owmYU?l{?CY{oR&M^
zV|zpq@%|9Ph-lBM1A4^4f%usAlaF_5I|i}QKe+IS?Dw{vcF;D2??OD?#53G+Gp}87
z%AiFqPZ@NWJO_bf2JHkt#e#@%ywLAucZ7nFaQF-l*Eh?a>(09-S0`B#HY_=yJ|aYm
zs01zNo^{=BQa9q(2a4sM0CC}4jAfGXBD>On7I#v~+^72!yr<Y4m@m*T*iruczDQlc
zo30$7(gATBh8z%Y7u#S&fze&XK)btlo~V2f-jIb|g`4A>^c(b>%nT5Ga9RExe&an@
z8;*A*o-hSs!I6&*-<>s0T=iDQH{4u7wF9zxa8=>xyPAQ5J>Z-5K~S5-s%LJH+K}yR
ztq{Z`1h1LjO`qB~W6$FRZ||NrK{${R{rvUbuduc6q!N5*UYT=+PY1&a5Q+T#C?Xk$
z(4rL{xW>Wm$nG47g)1iHGA*|mSim2Uw~77hsH1yQHe(AayVUfor?n;!!82`q%Rki=
zbOBYTk7Uo)XD=riTm(rRWj_18@agfe_}x4GDlfbOubF>7O1Zj%aesKn3+VO&P6E3F
zqPy66`1;S)`^5-|{IzmCay_J0=v$Eiyh|#*Cs1*^-W(u^0e}4ew-1pINyle;GaN|9
z0p1Spjo=Ng6Zi@<-Mvk6YZv?2IM7Cwsu#_G_R)WM6Sk3whd4D0c~mCkCx!4O8UlNu
zWY4HA+(1|mCj*wXznd-h3aE=;gqbP`lIyxZP}bG&Fgki2n`zr<{to}D$LG?mA1uDL
z9o(7gHZ8`?@|}azw(#dJ0b2%7<R~y6mMsBCo=MlQ+f-47T++UkJ!(LNJ915ALM+bc
z@brF>v2Bt)@>mB2Qg6I_8o$hBTe-+I)6A5^-`z9ce+L=Skh5BIhsW$eb%mMhqSxg$
z+%VerQ_%%?>?xf9S6jeLEQT4L2{1AjbTJ%9Q}VruU5Gpe%!Dc(_EJ0PCva7XXQ<A~
z!mlFu1G(S@V2)F8hjbCG7=qc7>G4)-x_IAA&P{v6`v9d2E44WFi4V7FJMM9sHedIo
z-o`Pr*`%>8uxN)g2~?8W^Wb}X^0aFU;YnoegD23=x>*GCi~Jn@&>(CeAipaJJe5TX
z(wmk3J^>9P0s=w_TK0?lyT4j>{%+p`+SbYOi~4CXYf!StQ0!0xARxb@#Q%Mi^50Q@
zMfhu!SQ3|CQF>JVh;s54r5OU`cm3li{y3sv#{y9X3GzD&vHmp+k+}TMLf9ZL9$(+y
zDwE<c?~e6UpS_BXI*F3ussQ0(+021Kl5&l)7~WZ8YO0s4po_CuwJ&c8m67uN>QK6~
zQceEW5v0=g%Lj9Y$bUW&)O^i<>d93udj5IUpSzu_pr@`%*@qQ&9;ok`gY7LF!B5#o
zguaawb`F(SZ>nR*r;$F6xmWY!-qMcmu>+_fPa#b3osKqpA1v%+_P%^r#kYO&f0&51
zkTr=}PQ?tNf0$RT^>7(a4lWKmPe;wI5B)M-COzG~d)<D$dz-_P0-*<bU$$Cp0b8Dp
z?=@|VTNv)^fI<$-frB<2W8dRaie+3x4t8iJzZtS$?N_%=>J3`yDcQH|Rf>pFTwd!q
zC8v9?+EI$LkAxsvB*P?iy?q60yApuBcYK-<Dm|>%>yxSF+9S&J#;+>gViL9EC?^iW
zkN9=Qde7YVk3kUTBgf}LlkJDYg4ael4@@3UX_I=9UywB-AG^I6aH3#p@S>e~2&E&U
z6cmivUyA#&0s;^F1+NWq9;#%YRg1i675NF@iY2;4q>7)a`(De-s@~D-dE4`n%XtU3
z@=z@Vla;Sz+U3}pZQC=RX5IQ)^YH!p%gY>0wVCuYdn2S~2SmMJavZ0G(U^Qnjr`9t
z%O#YyhGKY(d6l-0FNPE8OJ|PH{EtyDE#5~*TI+R{fM`BeR@%?!G)_v5d`<`hY4NRJ
z2LHpX!aC@FT!DO&T19l}%wQnG?9{SlUjgS23jE!q58O-s*XtC~Z?`DKpxC|Xxr*)|
zZ80<v<~!?b2{e&vblKj1MEc-u1_Mcdw;9|}P6l__WNRci_2JgzqxE^aJ=I9TRkRzO
z>wlYqO;9TXo0{h@8BRa!XLYT^=+^WyOc6}>QDt<hL`|JlqSW}{;gwO3Wah=&b#wx(
z{5#UIMe`~WdDn|A2tIV(Yh??}(z_UD&>cw-&IFt4A@;=&vJ5cjl3);VpSu1RQprAu
zno}qt9VNq}kd<J}|8f)T4p9>tYxYH%;P=z#oRjtPB9$Pjk^}Tv$1rm)5!Q^{)B?rn
zc=J?wDTNX<aaO6~0;*Y-{NK*@w0W1y2W##1(W4eO0DI-x&+FCJKb^Z7Wf#(O-UiR?
ze`jXhGtGHr>N2q~1gWUI-?t(P$@&q<2EiT&U<dUuQ$N}#0Gfu{HH~yCs_9i`O^Od|
z6tC4v9%z*Si79**1>>m)HO3ER|L^5-BXh2QKLF<i_XY9=(+i)8OHPzxXkQp7gE9}z
z$T2rUI({<rf8^}b&h63GPiX6<_6SwFK`lKdQ(lyCT=<s~@hB3H`*!~dXdgfIW2$+9
zuUVB#uOlxmAMJ*vdC`8=GS!-`d~LKHQ#{m+fp_Klv?B3N`gvZfVBd1@z*51neyQ>U
zZ%Qi*PpW24czJ|+T*hYK&hRFc*2nVUe8(ogk4fUz@ET6d`5xXa``;hVG}}*~WLdP6
zB#!LOesAN{RQoY$Zg;9#Q~jS#sVRs!$F2`r3}3J$|9@m)P>bNozn(Qc;Cf+WoFaSa
z`s=fLzw*K2I5bGuTUPm1|4UZ!1g-c*@|}kNnhz)*WwD`{&fiG>Hp#vyNC|%WrQRkO
z5YV^3KPG~I%wJzXe*4~11_;Qze>neThVongxz`^#W^WQ2<nV2WU-iG_m=#FS-#O;p
zUvmt_<6DkNl|=@52K)537buABe?GD|@9&B1AM^k2$QVIv-?sd9WN5$lkow1dFmLnM
zx9J~?|1o>}Sl4HB!V4TH<3FZOi6}IiiepI~<Wgy|<p0z8b7UbMCym*_!Ps&vVl<_S
zlbOw=?=Ma~=Ro-$%Htq*U8IO#m##5rT$i*NZi!<&LMCJTBbUdo)i>U1j~!*tI&&}d
z7OzQl5(A55JIAQ7&M=$=o<nyh#PtdTi&Q&~7dTw^5$Be;<KzT@u&B&>i-Ab*;Y;MV
z-;sR+U|;3b3uTt&c8)3SozXeD!_vpH=I*DRF*&)zHMfZ?c+ttZZw1Dq!RqEdlA16j
z>oa|3_gXmW=g!2Isy`Y?K`ux}o^mGS<c?0y5E~mKHQ9@;xg1ErH%|Vuu$1IQ9-8KH
zExA&S_@v~FvP|BLvE&3TjT=j$;=~CToWD@c-WfXDZYu!G`d^Rlat&1W8H@~Z&CJ%*
ztjeBA_Hu{~wg!?pn8>3d+H8Y=6(F_8rV@Ef#50ikaWkqwAupcSE*KzSse`<X)q4X`
z1rS(^uU=_?Ur!$*MRO@hbD8?`F+Q~&(Iimq2Fh+4f^fLF;Ez^5N0~_=9mfP0H;7ej
zLY8O9X}0p@>G8b6mPjb<t2+;AM;(^fY3}kjXjRX`mi#EoGQ9=aY6aQxRHoGc5lhrm
zBUJH4jour~sx}cz8<geW62>g^&!Ro;eCvg9kv+#=d|gmrA}KYVoSK;SRuYX<5`U&7
z{vqUV9@IRZ%i6r=wD~P6v+Cx@myS$Mu513*T})$eIF#JXR8SG|?@37xUnz=iF`@on
z*Y_)r8ksWwHJkW*?I*4uC4(<Fa%CBEj3iBQ(A15)>(-d(@5QtpRaIH_s`@2#RR*LZ
za{Z-jQ$jt{8g=%Q8@=PjpQZMt7qJT3VHJ8<;#O;C*4;csDD#&#Jb*XfTr&Fkeem*X
zL+P!yB+~At$lL#~$mdtPEs58$-Ue?L3Qyw|waJw2b{KCWEyh!#+zz7K^8E<A>0GnW
zanUSk$!NaJC-FOTd-FT{YEs7!DnVw0<vGii98^thFL;$mWZ}ed__ayyt6mnA5u(9j
z4r|n+5<NHjf!|kG`KxZR%*JhRr&pe9+d4jQt3Q^Tmf~9`#4GXXB~U3h(cM>W=I_Yp
z8GR;u9j#)vlz16g%|b#_eI};qNbxLhe@H6xs+?6&)-k?5H5Fvq4*STqI7q?%y^Xs}
zs{K&2GOBSBgU(W;zuu|hsbDR|?)o+NRAM8Ka;jmy<nZ7y<v>~xS`4HIP&8a&sP;T(
z;H2f`A|f(pfPpS2fb}C>LIhC`T~_!LC%PhX?<+3WqLOfTF(n+~W(YnBsH6`vycjr4
zK<CV@q7+&;%6riJ7oG95gNovc?URy*O!xJ}%*-#JdEXUVymx|>UypKg<g>pLi`pyB
z@#^^SEhA*{NhP_h<pPf}&PA!`F7IJc+I#@3MEj}3992gq>73*)kLr7tcOD;x1H<E3
zUbrnpxSRs{(`1OMp64X($W$n08@fs@3iEZ0Zb8&LKC^c!Kf}Q^6Wpe=mj+*?6H~>B
zJ0U-8fatx?_0B+O^nv;S5(+$y^N~=()Pm%x44Qhs0kQEbCmsJi`N4jZAN;T6r>p#v
z{N+R-AR@X94DYaETi><9!-EHvLa;~x1XB*t`t)9*JHZ5f5I%Q;c7J*o0!A3~PB+tV
z@RJjWW_KqU{6Eb~S0@4dUria#1b(BMQH^uwI!J_7P}S%I=(8_qXHDm)4bBZWU1T5_
zkc0sn8!SRrV&StcIuIAg#ej<q9-$<0Ct^-%gP;jhD|CjSr1nI1HNtbvekD$PRff&Q
zM!+kF?Y&3Zj@93e{HPeVKs1a(R%L1T{>GOwvK$4<pr)4?1B0=*R5b@944}72{o`vD
z{&1*~#^wT)@`w7qus&n8iZFG;Ewq@5!c_BXFn4enFd0x8aDb1APx~kSY<>n1A1jNl
z`a0cZ_3u`63-y?m8gTXH5X*CZ|Baj3XI!zK6>i|2F}Q<IQzwru-*=EZ{5vpJXiu0j
zS)p>v4G&$i@35)}WuRUlb71^nM?UzhEQ%!sOJF`POT-C!6x*r<rtq2|wP0RwEgPu#
z!Nryy@C=CSb{RJw(A(~on$eL*Rd&2LVj*dWPf&N*$uJ{=p5zR8$>5)y@v4_~NS_dZ
zblvNqYMt`B7~j?Ds^+&e`GCwD;4Qwqo!Z&Z3x(B2U@_1iKxciH%tIw14ndrJ-9K3@
zP$hxL6y;QN18EtMv0+-lCFQdQ;PG#ZbEF*-PBcR}Pv<$b1Gc3;X#|`pN~Ay9wKGpZ
z`0#OUBfmld$r%U-K*VRiG87-%vf?wgcVnyQjZEr|jK@Cu2K!id=5=m=k^$M~^*bl*
za*ft)6=PT<#XgHw@!9Mw?Suxo5ETWj1g!+m^JVN*)x`(?4wwwm3ek$NflG?!`=zs`
z(@-}I7q?B@NMsp=9fTdMan4j@!#JA&7?Fy80(S-e01obB;_KV#(0SSU>x}rzcUc=W
z2)q)E)JLw<qVuTJR2QBB6C0{Ehr9`^BnL*1m5LZlc=khe=gV~0)4e{~&+6Iaeo+M?
z;2!fQoou2BB1+ICLJ)CZ|4w3CCAi%l@0(5jM_?A<Zk+GQgy^LP>2)#q_4xmpd;SdE
zAY2jAb58KCED)#$w^@VPZ9*47^g#GDal7I2v-51kcRi)2ut;;nRDm(hYWIgZ_j+M{
znhqNPvBQDNIM0Y0ig`it&K3u_$+Xd9)EP_@fTRLVB>gC(2F$A7;5X_rx!7dB2c~%5
zN%DD;6Y<3%5mAAA$wEHG!{2?t0TMH92;BiuuJD8bcc6hlaM)c4YB6ooHOP|ncO_Q$
zv<r)B-^*)s;Y_+9$NZj;dS0&eULU@D0~R{?j&+D`Dv=)Nga6iDiP^197tnUtBRXrd
zKjKSp*aJxyuzJw5cBN;78Kj_yXgPALYtRmr#stM?6tyg~+x&(Q>Ujyd<u=?;QrUbH
zAlM;ygFg=nq|B**IxQrV#Cg#ePe1GPv7*2gAuio&oI}ha!xc9T<g%F_vGrBz2zUqB
zWKp&kI@WsRX#WVxhznofF^BQUiB#*E>oB48nMKtZmKKxBDpmW;KRm-pu=f!62|$OO
zRIVT&zbc6`hj@o)3uj9+kubH{CbH3HHckgdPlr19+H5Y6$r2GYJjxx*NF*5KDv4`6
z?Acr2X_?}?$h5rR5A2h3Af(L!d&pB$m@%6s_J83Ipo`&nc`>|HHnT!IcqIS%?BG(g
zn@h3u(_w!CBR-_nr3mA$9<g|@8&fko3`mEy-b}m>rsQWsQ^cu8$@^~M7x{sIPk!*<
z<OlmJ`I!y=B)^C{2#C)+{P*y}K9n18Z1=&n$urMwd#K!pb`+u+Q!bUAf{d>nIs9^<
zOrOmT`~XA;vP?j^Lhk=@)=?6)dvbZ+INlu}04Jw6^9p+?WP)Ea5ZAd0Uf2v7tBt!0
z(jx0qOTADp8N)D(h-9}dRU5c%Pk0Xm_k~&0uj@W;EGbZ?(B)k&*qh_>B+ZG`ij~}@
zrP9yXm}9Pv*fh7JwCSx!<y`(yeXoF#U5MB9^*;LAqq(y=J~g+FOBT%jLw4qRHoHeI
z)Xx%vq60jIxL{l_Q3SQEk2Buvv=h=CYvBemGu4vi{*ju{k9XOVSxV@F70`<h>#8wa
z7*q<eOc+#vZ<M*I@lcq72qJ0QHfPMNH+?8PzS>B>cJtY-ZMv%@J3yzDB@#rkQvEyN
z58!6_CMi~r*vFt~O?aXv>~<T*!&ZcOcPR0L(9B`Mk6NkPjO9*>87?_b(w(HelB*Jv
z7sJRM_}As1xJ`r{l)IU9L?)+8*l}ml!lzK}F!CuGvB)rUg^9?Px(+o4Mu=cOpM-Nq
z;B&^1iaD|aR<Kbea@JSylk%}S^J4PRo9cqMrYotUKjuhv8fOQjPJ(8mb3o(g8dEmK
zohP1lbF`#cqh;8(V)ct{3_6Mpw#^DoV)1f9rt)EuVk#po6@?z8VI1-o)Su0oM>L_k
zazf>h9!$hK!Wn5Wev+$^Wzr&91}E@|nvslxC;-7bf2Mek<&$ntv30Yh3cuJLQ-+ON
z7r;ViS575xrtACzdIHdj%azA!#kZ3coj53Vh+ZqrXaDWJ7?*r7@t$+-2;sn?(A;yg
zmQ)38Ue-S8zP&-js{X!%!6ckyvP9k14c8SbQCpsOp;9(xs`tetAkkkDr59Zws>db-
zE;9;+H=9&O|H&qh4?X+&WFzC|egNFM2g4E+RuM5@-sJNXge%Ct-b+_D_JyH9BJDS6
z#^Ouayz?#F3XllXIW0zdZ2_~K4+%un@9IlETkwF;KuRF?1l)e4J(}OE$b`+-h`=Cc
zE>uMkRs{>zb7EorrntnGO397Dq5MpB@7-G6`z)k;&w;(9$gek)#iSG9)z^X@J0vEA
zhVx#IE6Xz~4RWtgs5_U$e{3eiM|5#t-(EQNb)!iEYXdYJshuDE3gYdmN6!99CvFT%
zjO^W6&V0nBnC*;e?FD@8MbgBu<o@pN#PCrs)Wp2z=fq$O<|*CGA+angCC-UKiR`!}
zRh1&vIqsRMRA|ZE#GDV!A8S$i1@RleTZ-}l?d`WPj(JDNVm@NN{UCH%XjidwDYDtj
z#M3Go5u$g-*TmrVG6?edkj3)E4bkxjqHL?L_4}9}I>##9n@78<@+SfGNd|QxbU`Dl
z`gkZB5y|?cfe#qsCzu*^VUr5^0{~<)0{JH8&k3q1O6FaJ0z;bLER8Otdlp$k)cmKy
zB-d!|KzMR43H{h8cVOaJ+_dg=VL0k#&Eg~C!{sEXTIGqpV!%Etx>A|*79qahv)`c=
zEzbvv0zPY+c2Nsbk;QC)h^t3^eQ$G2aiz$9S9LBQCM!<$c26ipYV~|YWI!uyg^|=l
zGYENBc+5J6SmjtK?WDiz-3b&8XX6Fy7IL4Xq?PCwvKX@YYATHU-P~Gzng}(%HIhaz
zSdGl3h_4dwr)k{hB6f3yS0V37f;h!ekH#B#0yHR@sQ8$8?K{7P-HI=Ko8qkjEBBD}
z?#hIIfN7GM<R>pb!1~53;w?Lsas%F!VC8Lku4e7B?+S5ZHJ1K8gQ`oMxWB|#-a?_b
z1bjv$(|y33u=~4m`2)v1^d|Wyg>;J`htWDEvsqyrC%bykC@CjARjND4tgezk7N-%l
z_4tIKy9a1?;l|J}Cr9=JY{eF7>fw@Mq6LX0;z63k>2$T`Bn6nVX;bfYNaQhdM_2}e
z?R_8a)<E{~z#@^?-<hTUBLCIjlmFds@`L`B{G3>SlK;{Y1camlr+ZXR3`~45xa<K|
zNSWHaQiz07WN$3^>DQt`x`m&^`3kYPA3Vy=nsr4j+fcc`qSK`NH8N2pzaMIS8m4K$
zr4;f!`d%8b_IzaNr+Zf0`hq2+*{ONhNM@#N`lFn+OXQ>=mTQ!G5Hs9EwokaEa8oQo
zsXukOR%Jp9v@8_FCuH(tNFnS$e2NmDu8#!ruDvZ2Loj{Vf5Rvito;eExI19=9N%O3
zn{-);wC;>o^aP{3@1%BC>(C*jJ!>Cj`6qtcM1|{`d{WACNd1x`ih&dPI_6o7czFe#
z$;C;mt6uc!Xr(C}2N7+fYe=WlU{(!$4aAR@Fnv{>=H<P<3q0S|wd@$`k&iDuP{I@Z
zX1|unT5>j4ku3~>mDW{vSGnodH7m2!Bad8p4F6is0BOLVEpnJG!c!Y!G8;uF8b0&=
zu($qG3Arf-TzPjn%eT^KM}(LH;tA*jTv9ExZx&&WqcIhnwdC+JbSQjtPJ*xD6M_b_
zg`GoE{z|bG^Cx;I`KjJaLxuzgOmm?X2Dekg$9(u_VjrJ7gc?dKd)M_4R&&Ucz5BUe
zKNPn!6(hcGPX$!lOb@r){p<p_{vw<-mEZ{KdCET}G81H-qwL82Oi<<0ZQYXoBG9w%
zjw?+xVG#f25@-d=M|xnPE|O=8;2GsYnMF3$p{k{vq+G=^_f@$DZy_?oYS=m-Y%X(E
zgnN<qm~d(I)F{IY>8Ot|A5eycCkC~UcK59c=5EHsW_#M_IS$Z?TMc1JWidj(b#UC!
z%Gwd2HA26eR4s8&beC|<^g`i<(Bh}lUumFn(E(&TruHK3h}G&@KG#^Ndvf-IdW1Xc
z<o?d~MCgUo;_LELYa#MU;N`u=aLa|*;%F=P*{JoN%z0NCIMI-f9@3@CJ@yR;QUAKG
z%sJK5dKuDdviFZ5;Om8wC67+er7Gn5khd}Oy>xr{=+BmWKDMMJpnQD{jeuqBhT!)f
zg0Rs5I#dxRjgRueuo_h6VO*98rj)o<L?URD@w*{Ew>;|wp2TYno3_}u*e&Bs$)*;K
zC)G7aE`H>1G1W_H62El9{!rSYt{2jzt1#yN!McT8FR?<o#H6!AeX8pr;$g>6gR<I7
zTGZU)`ZZWsXEI4l#CtNUMLz<2n3qvXayxVj?Hoo1mHCIHw$unJoLlw4+necbBq~oM
zY2o@gt~4};WWeDv^iqh9x#sR>zlH{Pb$>UgBQgs}?~#X*)c$^rbv23mmN{4pX7BMO
zb1FU>bQqDlix@on`!HE~$`q5}Y9W50QjSwjBo9SA*3foS4qXl%4}C4GVkdi`7vjm5
zhG2_Oi<@2%Wo@(#QbK_EU4^V!QT$_$kaNgceSSu##K{NlFVNhJ6~weH^%>;&EjiB`
zv8JzMFBztWI{L3_EcMGv4WV;4t2Yi?Odc`MxsCIL<{h+L%au!&VNfTrH<af{9<{vc
zJciMA6d}PUp*O<k0lbTuw9U(Bi)W#P&Oy&r`)1ze<0#L^_cvJjF>M3dAA%Mnj*aw-
zGOQ}mNl#{PaL=3D=Co=07LHC3^vg1AY|v~L+5xhyWMAyhWvGn6&vPuvHNr(M<lO>Q
zsVcv!gc9v!?PUE>cWZ0?Vi|K{$X)eijoJnyZTIBjOh4R`{tQK9_qn=efw*O;LO;n<
zm5<DGQS1gwoR0=dJ<(IH-E#3liF3?;H|;{Iv>^RGg=*c-@&!R@eL8KSs*_<*y47qP
z+%9TqzUD_4jq+XXn3WT0=E4-Gtm*Ei&gS*|x=Xwx(89XurH9~4k3IR)Qimpo!0Ydq
zSbOeAD0`55kVkfV<b~ze0S@5~X|p{|(@oQdCo5+>ro0C{KY8@7ogO#<WuVghg<02S
zmt~jftP?oL@O6-!^xQpVU1OzVrE{_-@ytW+gE-p}4cg9YE-(GK2fxUF_xI$7_)UJ0
zzmlJC_)qdz41$0da^TEajIo%cUN_e)FB(KThozHPl+~;++C;+nkCd^$_1RM07i^@e
zj@G?U*3ccg`Qhlq_SzP~LZ5>*-CPQB9$~(wAYi)NY;I<NF7{^bF;+TOdQL2MEOu<}
zYJi_atK3_RFp9?#fbaI<qUid|&iTOhTw&~5?AqMO=d8~}M>U_<2S6;84Q+RXEUXO$
z4BwiZs^O@aV2I9%v1xdal1*~Wb(wDOhsdfsDmu!Ws$Na+w@w7?Pwk&hcvLuA1Sd9P
zHO~imIiA_RqEI^%ITJPHFRz}Md05-rQgOcxg>_R^+5%X`I!1R1;a-t;5NjkoE;yyU
zb!tiB?#nREI%_{_w`g!KY$RIhaNxJ+uX^1Wb2M3=Z**8~y3tv^KlOZczjbh_TJ3wD
z)6!et@;dXfX>d_#vN%RORd?}UoqQf#HF9yjZG1e*JO#bYUhR)`GrYZQ>_0K#9j-a?
z)n2$f7SR5xGEI0mdt<&#+RCNP>+vn=Cu^0?ZK~Vo@%b8vjSp`Z-hP{I$1cLTcGdc|
zsC(t&>vrT#-vZ7W-WuLbN9*~Tt4Hc>BKzRWK-zJejrZ41G}L1?m_eAjV-Xl9w6U5F
zsf8rlPHl0XCwyb{Fk|x3oS%wWV?zaVr3f>qnHa^p6g)a5L8WGQ=%t0g6T(>$K#}qL
zc#E;0C7#FLuv3^sNg7$BDtvrmWBK?=<`fM3@m~=^U$jmiapSdx=4CfA<)CUE&5^nv
za2EL$m_5g-X!I=9C~x0g)2SRO`aVErY1YBbJ)~II$^H~pu+OAclt7%XfQ>F~ny6LJ
z84@^JmvEZY-?JF>ugNbg`HWFaVBWA)!j>eWBzBDGaEf-No%?{EBSkS1u4v9}POl8{
zO@l5HcUsBrz|J^99l~lcTL@$3xjr?!QvMpuTK=thp*e#f-q6^q<_mT7phj4|c62kp
ziq7UC;7XB_<Fbd53M-=;;YL2&%sgQ6(VRjYsrI|(Fut@-0OoS}O=-esm$s&*;fV|1
zc=NQSAb>!O^Q&ExOYUgBDFIBM2;(ec|8ZDlJy?@N)WeN!6EJ<626VYHdM1Q$xFAN|
zElm9ydIi(7$wxhl<wWtiU=FQZC}DlZ7!Wv7;nbgTe-Q8H0y>^H5!`>1ZCt3ZGX~Ct
zKw8erbRpy7uZ)!fxPg%-&s2tK@r_I<XCG*J&oNdcxYjV@72Ez&)2ih@)ZEbbsFdI%
z;i6c571wY`)@fA`m9_PFN5SEdyLj&DdARNHB8Mu?`j~${{>8q5OYfA<xI^m%!sVp=
zvts&mS-sSAQGd=D+8*#O9jg9O9#H<Gp?7LuQ-Ujw&^5p=uMzNSreDn{Gb(36J)&j3
zCZETE^lhpR$iwI-ITDQxr$eZ>7j`(uOnLQr&l;hUHAJOmMslPI<6;V>0;yiOR>z~4
z-)d}3DXSR5Tsy}3(XMHD^w_jmm>KCnZ5I;llFWQuF$H5z%U26|8ncW2P<mFHx6B%D
zim>0%oN~#j>OtCyBg}-u>D%6B4%*YT%5|mmzL32c?&vp67QA+k=JQqhf<WLZeGbt^
zOM`FH*goQ1s8cQ>F!NQEw{Bgst*&2E<|6ox^oqrEopmPqbzok>J9GGQpYyIu!wh-7
z&$|GtmR-`{jd5K}$c>6VKdFvgvgggyvxy*P7BF%40hjI+)nyuc^2>_Ec9~4M%z@Nh
zY*=6LSE0e$-b}sm?8=j-8=i;0m&vz&OBRQeYZV`5Y9-&Q{2J}@r1}Z}B-aVQT+~gL
z>057ArZqQNlsa!Kl^$gj%bqEyXJ60={9akU!rZ6g_gkKbFsgXSjZAB!OH91gskb_(
zjc!raM(ON(le>TrWh;1$*l$Nt=D*DaQ<kSNT0C~@WX@5iYEl@b5Y4;)jT2!(NZO!~
z%A@z*-+{~nKT`qg_oxI<e@}kMU*unU{VVx}z5gWt&>Q&)2&a(e;0WI?F~6LER~6RM
zcW2JELm#05$hrKk=LsP_R;BDMYQ|TPR*@F>tTS7}0XbHl^^(hXmI?Lei%3g-CP%fA
z<MwZr%^WYwYL1PMW`>P#x#DdjiMNfi>em;&tU78?->Rx02l0@IU}S*$iu6L3txs?c
zJ5A&oLmoT6J2PbBld3z~&8TatU-B(5mL-AjeK1qDQvD<~o;quAHw#uX24gdZuQi>(
z)BF{$h}@z0j#gkal$C}UOuSGNwt?G3D`dP3pXjKyC+-yCl31iEKVM{V0HPdPm;ik#
zPFtDDl{|KvW2AQT#ISXIFOjcvvnY35P6nr9TxD>Sa&Xj7dAdv}sd5XJx~Rz+bx{Qi
zY$++$RP_v+ilXNC`xdZQ2?o)T=ASIcy7!$+=(;C1(DS;S-i82{Q?O&dYQ(u}MC-m4
zOiRPDs(`W@BQ`E?U_)!DSG_mX&?qNBuX9%SIN&KApe_)$$a0FADifM`Bo{ry!)~iI
zxoXdxd~_E*I}$j16{fntbwd!@t-DaK-f_Z)A&v+*LYWq=7Z^dffc$zP>PE_WK^_q!
zicQQ;YQr57_Z^2qE+TGuFwVQ*^h>Ad!6$?rtqW`Mcmg9abCR>JyJF)$8CGU5?7s1y
zfmtcOC>EK4(~tvV59B0XBl?*sjT_NHnYXbU82d5>D%z{*w;l(*KCctyjWOp%>CGUB
zrV`sz9s*!U8Bj=pO1%*=q%juX@IzTD2N^?fX!-@e+S%jlGcZx*ijg10-m}@ak**6o
z8FJ$6O2#V0FbNsI|0%?Y;Ku)zD2Je6SZ0EWd53l&g^GESyk^((bDgXggc;T#8Kpy0
zfb>uT>Jp{Oa2@4|Sd;JJa3m9wRrMEZ5iJONJl1&rVZquR=O%yL;S75U^A$1|p`UH`
z^zxX4B<XaCKSI_iZUw$RSHIgOih+`~FQye4gxVD-`G_<qRK!beFi`p}x9BHINuk?2
z4<Pi-2Fh_4>4Lx5cc^GxB*HF29zR~!0Bl!7h8v-D;$GIYnEb_nWMee@E^<KC85Yi`
zFR2QjeH4^q@w5oEgtV`M_pQaJo&*Ii;btK_cI2E~;#xxGS4K~bFIMPIF-s2Kerj;E
z%&v;pt$;Q795yenoIs!1y1ajucA=O$ws#>OC3HdR_E;qmcM4zC|F*byDwYa<3Yt#m
zgd{%`*%W5(hW(<b#f<g#HkcmKg{3&8w@6VC)^+aZZFj<1h$JO3$uN~TdDc8RDF$_d
z<0JR$81m6l87gh?N>FjreOAH7s(I{#G*>BP$aP{u&*0>S)&{v3?ls|^)Ez0o!MHXm
z%1hoeKuHcx3_Q5}SL09OU=q(Xx}7L@Axx0?!9Z8rEQS><uuDJ)kmUjXQ7zsK+ZME2
z$LIDP0OAyFqdj3`NU0WgllAU%51`vtCv3AFH|ViD=+PYawA84vvVOB&u?HZRIDk56
zbfV^Q+``B};1S`}-%fE9`YdrwW~;-!7S*UH3N^BT<1re6(i0J-Cp!LJ&q;gW`c>5Q
zt#>qRh7_W$V9G9Ao!svMBD0<Dh}|eCIUgpqYYUrm{r5lZ;mnnqsM1S0q7$Ha|9^a)
zWl$X36X-((LU0If!QI`1ySux)2iS!W+}+*XgS)%CE<qO8#r2W<>b_U^%m2g7boc4$
zIaRa!tC^b9-BC?27pYK3*w8X)w;_)ua@Zfhaqn(V$Y2+EBn*4qO9IcV_Ei<bC(Cx{
zN#Uy`8MWSOC?~=8niBPz)|+TAV=$$T`nQR0{CcjqWY3?YRqL(RSgO{b)+k3CxB*`B
zAD<=Nl9*yHe|m)3^;@zQiwm6Yfy%p%=R=u=3&&vAA>W<7wCuG2M(eSpe#}Go&N*Q^
zIlPCm5KfMe2it35$R&d)T&cd}&}ZQm7r34a)fy3-CxI0i7r3p2&<cBx@k91w8@r;M
z$dA}`kp_TzM_7F7fxltPoRbU%{H!FSE_qMtdVV^IfcTFboxpZ84p=wsuxfDq*IsKj
z_`lEm?`Hnz+8&sH$p7+R@=LM&Oa3s<ckikK5US=`+tfzSwQPH>O9B^joubzKbW+!?
zu-wW_m+06G8vP8I3^iyE8G~YiA&NUCL$f;~nIXJ>z)lH)P!Z^#K;jtR7~fzIqRaPO
zfgwL!RIU)V0+mZ!SG&nWD$jn&BlwZxoE9UVE(M)?H~OP?;V^}pjN?dVo_{3!$w2B6
z$WV&iQH)q9A*R71TB|-<7QmWHQtGwmu}9Rw&q<7pH;qhY5m{`;Nj&W!68k6EYBRV|
z0nD?(GsL!>7JjANg*Xq-<FG|{HdU5VfvCg(nP9jAefi=wjpMC&vQ=`m&((;mW~x#B
zeZF-(dP0S|$>Im;vBvA5?ccXXYB18*Uo-*jpOx;!s|?hRk)Zd~KMulBGb}H!sKBsw
z<GE+49qJ?$w71XdikDTV_vH0@X4KnM*l@IU=p^K6D_77<yXN2iO0b><KiIyrj4xJB
zYuaAu@R_DVl~C$f5P9$mS^Z&iR)#-V<u2&ep)5VuQMwN<;i#wO1b<3xD_d*k3o77H
zO3xOUZ$XPHs3X=akXA#R*Knp)8_mX+_O(28ttZ~UWxgLD*<#+G+M<rQ6{2>>B=!d7
zuPqx|VgATxw3x2YigijsvKF4UoU6-{`_Z^9!*R8Pa&Vhl;r7mR-U6gp(tw`@@mW=C
z0INE9wm21ryUf(e|6b8?JQTGGd{B~I<PC5Dn6mI_<k3<}*YAFARLwmmynZn40<MnX
ze<Os?JqwiyONu&!b9}0T?h&srFNL3Ziub-N?P^&zD4{9I(ZcUU%f3`e<U$l^>v1>J
zzHimOXca%yHwA%|kV<k&<5Hu}bxmv3%j~QYQ!FDbuhDA0R(?|+4~kT8a?=uRcE>G*
z&0ma7#$b3WwX~}~FuxL)*l>3&rJjOd^L5QfnJ<b9Qs9|GtHbUmNW!Xb(=+BdV_llf
zKAzmdAhU|~yoT``?WQ!TL_GDedvIco3QSdTX=({)zy~f5rl+b#koxu3b#Ud0)r7An
ze)sejK6s#s?|tMXhbw-8hgsV$Ax9^s+I5GLYGaeC)~Q#(g8V&C@~)A2mafN00zjJ#
zHSLktO2R?D28+ZqtV6iCuq^y8qbCpSE-+OqKkrleZ4qzj6N}%uk;Cuitg^wP1*j#g
z=5D?Oquz4s_eaDNxf@KT;~Z-&z2{F)cYMg#*NRk#s(L-&_P$WNH}V-wpa=Sa(-@nk
z&cS<*bitsQ@TkbmvHC+Ch;60kJGy)1^K{QogHf`_N#gT2Oj_+l58CKE02$e-wTPov
z*c`;q2>wBgg210#4*pg}VwO=*H7n+K60(s|*w@*^=}vdvRtjqDVm!1yR)#%}3^dgp
zSGs(Vr{IMsYTge<zYC8i+yL~5JzQV!_{E<%xmVb&9gdxmI-k@w0_Sdb=G^#>vRDV1
zZl0T$BU`F0Ps__rC>r}@XtJ~!B1Rf1uFN}Y@<QcK39%weex;*>d@4n-_kIKCR;{9O
zDm~L2=-Z}C4kI>YavnDD8vQ~V32W9$RYvCzPgvq1;&*zQ-BM%Z^-@6XQ*35q_1<mG
z(wlfb0fl-kxf(O)nKqA=n*k<h0Nf*QGQt=H`eB*C_(J_^Y@vCzYb7JzyU5WNav}*h
zgOcz6G12l#r6jdPtW=sQ$i%moLakzNj?>u!AQn6D=xTUQcW$&z1En&N#to@Jope=I
z>7k$fl^O(RP(`pf%Gs&r1vFn(FFA%DEq$ld_dIPoHLJTjk)jFh`9vqSv`8`LJ;6Sd
zqWH3mem>Ll>OPZhp{zTnn@UtK;P>nR$g1pM`O~%SM=++sQD&I`Tos`@TjRWrG!+@^
ztZls8&|6;R&Hr*gEfs$mR_Xf*!;}bIo?+fFp*~;#0qC>Es_bo&$<BX6RWo9TFv<98
zX`j43X;2{_!Rr;Pq9ELLW;K{{^|YM6N?lGOj?cOHm;4|9H~ByRL;mOgl3#xBU-C=y
zzI$hl@%Ex>K48u{dt>3P=6~Pc!18SR!7P<}t%AvV*tAR^jQywAm`3S>l7-#L*h;?k
z3mb-7K)vf3;l<*w`mR|o&o#D5%GcNG0yVNYz1}LJO7vZGjAtIiG3EZwG2J13BfsaC
z+c}m*ZjFH0y0T0Ej+!U9$OpG3x?YOm0yfTsmG9z{7lrN9wGO@)AH2D_KBQcqJGa>>
z>y5Bb?-jk%$9F$`+HCwtwd?J!kP@4eyPil;DH;Ti_=>UR08C0rjf^c?YwQ-6f@5U!
zrfoa`@&29>Pr&xk%ZqiA6YVGwT=E}VaW`{72qLp^4Nq65(O1^oh@f~O+op1QR(Kh4
zg&hO|OB~8(q&|3Bj+Q9nCzXA}Is<2RHWRwsd4vv0di&;9ktDomBwSQBq+5Nu^KV{&
z4hGFnm96qnHnlp&>Rimv%;gPcY2`Jf>U(9%UpuhgiZMN6mGxT8W+Wt?<=6Vy-I(%s
z9_DeENLrOQ^8if7ToleyjSns+b<;O7e|4<9jFyAbD1^3dOBcEZh6CMOpl@848H~s9
zaob~k5?a;)uUf9+r9pE>I@2=OKdLJ|=J@DXqFfX?R0UJ*DC=#J*@+;ne`>4(wX(&^
zyylX`NR-AiPSAt+sIP+~^9mnMqYrZkSRDH;AP82(m8OBIl`q(9-CR}(qhknFrHiHC
z_P*8^+pyWkr20R@`0~XTz2xZ$uT_4tY)aoFH18r$s5;ZJ-`k1|pDw+Fd>K4=<SOPX
zlDgggQoQy>CL35pUxX7avzX$5wsaj)64T)wPWy}`@EWA`Gs?*q5Z(a@Psi;-3ps2g
z2mUT^@IGw$hSdpqGF?97GJQHo`nGP4K15*NR<r5FvRw>Sn&J8Whc8aas7&ln&^SYN
zm4bR1%>4T2@%f(sw0Rh-5RV&jJ?#%xVz8X4phV$q7P)1_!BJMe$W3kX%91r;_~t>X
zi$?0T<SQoV4=84mCaKWOrqO9WYmWSU25^lvf>ji_-NHOiv#T9|_?r3H%qgIvG*Ohp
zZ~^)pgzPEfs#=AGuVtKhceRzSKY_;F$r~kr?Xcq3HO*$n^TH8P6f=r6P<i1n-k!#1
zlBOI&kpgm!RB6F`o;)a1ep{6RJm1LK+ph|*!<k!dQ{Jb7$mI}$GlUpwZjSA6x?5^1
zuUb6PrYsi1+C{dP7}*mG58S^f7J3&Uk1w2k&E<N?5MoUNP9)9%yix2$HQzp*Bq#p$
zVDF68mjoTTf0>qgQQrtugPgX(RP4%M6j|aEcI)R|1HNPlH9rCQBQEcX0OZeO<`<g3
zGbaB)EMQ(^eMI^7dy=LIUhpS#+X2}6a{at%=Cj@%p;fu4f4)Q^29w6fz+8LzN~GMr
zkMUqokYGiTO=dm&<TTd$Gk43#kqPo9puTOff46b%pQT|pxgVra@ca473tvt?l~sV|
zdk^>BudDU7St>l<7T>BPwaRy91-VY2?HMBZ#|q6a`Q^kbP#=|oW_k%`?GFswueCjw
zSRUy3-jFDbbX4?ahu&|zs>T!&%~86^^=3hO?2J!$)KT7Rf6Ypdj{87>OeZShB0;4j
zB9b3ZOspiHVZ5NZ*ES*f6Zw50sXy|2{~c0NA`L5i=Xgy9*99)=4AXEfaQY&bdGkUR
zgxfr$Zo%XE?F7B5Ma?SbWA9A+=$hx3hlIu3xWO}z31>OEo?8!}N6!n73?4|aXERGw
zY1W&t0iNJ3b#G#cvikX^c@JcGsEEIf9jdRTh`ai}nFyTC3Fh_ROy3;L2?WP8JU$}0
zgHc2r8}A~&Im;6eC3;<co^7ItiXP(g@NZs=6aVqoV!2h-A0~w1zK!D4j2m^{c2{yI
z{^!%_0LfP;4gy26H+#p>`VW7rH_Ot!zVT-{$>@(cqNrpQQ`E9Cg`fYD|MUMQKkPr`
zfBG-^Rnz_@f5FYWcl4H}Uuk|zJ1V7b#-Qe>{30GtG=t-}tc)jiad^ce>Uwte|8_fx
z(vmMaL;Q#BG?&E18594H>zmL<M3<BZ2inx*7DBq6LFwpkck$OdEg-paWWfJJH~ek>
zb8Ayl<P^g)S?f9eX)($1pGfW=o;5}BB^p;r-JaWgyAtgshIS%b%#Gc*5wEuq&Mtgc
zf1)>Ec;~km;%n04cT8`g#opqaqrHWGiuXGBEdEzxdDHNA^|*U#hEifAdl;I+BF~}R
z-&#*JhebLhwr+iX9nf|3pKPLuOm$SptMAiwoU2h@kS$T#JMY|4NODleyQbEpkyq^;
zd3Kmf+o>8Bb7i^hRfK6GjC^1_4a(aXc(a2xy*UpF{%ZYi+L?m@-nHJF_CoOHi8SoB
zdpjqv^X8G|^foZr{B|bk+kj8kn{VD4k~lE&@lUb9)|*4voA#DZc6-Toeb$`zR@~_C
zj@!LX@zu9=x%f5iZFlC#fqVUoMI@&5N+lK<q9_oVLV#BELgQW?f^5Vec26tBk|3)p
z8Z4vmjE7DQonS#7W=efrF`JCjdIWERwnVG4L3%@bX?ZtY>tVwmr$J7wMLMDJtGz0k
zu0K=D|BzhSHLj#ZG_R#%P*cBuQf02G%J^iw{EPYi;86y`qGjKtl9{>O%~$Jgc|2=V
zyBk(WHqJmE&WKGQwHA6W>V8$PS*ejCA(|rL9#LGSlsTNrWC?S0R#j@0Bl#g1zBEm<
zIIZgYVzwtn9LXyD{Gy^TrV@g#1RE<Z+gt#kwKR@SDL{p&d^w<$8%^~ZAu(^I@&QA;
z{7^JtJoihQC^~x>_3?X^C3hx*?-{y3xgVt)gj|(eW81SIzF!lKs%MDp0%NGFevYKU
z0ST_v^B-`9uhp~v?%lcPLByq<DJnkBB`*^~&%mT{6li~_MA9}2Ko%JsjAG25l4zzh
z`n_}Uka)I$ux_TT>pgbqsATczD~u=f{F{BkJm)nKhcC_Q%BFOhs(6}NT2(wxNkBTm
zlR)*5Rps#GO}b~HC;6xXMJd`cvtB)u*u2?6@d_mS;Be0Y!-^wq(wbv}S^@KWQgPDe
zzS6alMNG?QXNAF>;_adH&N`Z$&N{D<mxfCJmxfca2d|dh;sXLT<Qx$fW_0RDHw^rX
zh+w@NKwlaP&_=7Tk>o*BuWuCvWGF9w9CF8>hT_P$B~A-9|2k+xbZc!Kc1O^4c~8)l
zdq?mtV!p3dXq<JNHL>6QeFHL2w@2Z^lNbc|hHL!O_$Q2tdkF|i*p$xPQ=(<Hu#Onm
zczke3XIjTlYn&ogJ~_X+w0R_Riw7pH#~pF3xukix(CQ`o{zF**%Y}I1%-X^eOr@(h
zB+DihTnVQ4N<E`&TF7GcF}g^FNrgEU9XC&%bWlfPLvo~e&ATTIC$uCmd@>);()0y0
zq;?wYGASC&iqvCue-Vi&Hl#il)(T{%m$C`Pq7tjIa17-PC=u0+*KEV06RX4Q$6|tZ
zu2!!pSt`ryX?EP2<>U}d54jK7qQ#&g52>rU#B)TP$e@`BC=903_=A0cJtmK?%=D_s
zgb&F=%QBV^!#0Axg!I4tNyfgiq|nkM*Hym=ITB5bW7O5G5IdrPcY?V%-D{eXMK6FT
zi=Ki2sCz)oJC>wi>1v@IjWO0Orwd53CUqin#a-<k^XWbM#pn-x>;5W(=c+Jnopzz}
zKGjl@4+|wIjn!nilE15krm0sP`^l%f6GO*|4+EEo8)`XgWNmuaTSPcE!o*doBh{~r
zK4tCqe(|1;y8dAFPTbE3`N-J*ZTZ2*7>0rU3$!-rO)wvA+S!y1wA((1<8S$6W7w@m
z(Wlce`w;sYfMZe<+@wci6Yc}PBa-%8tuIExR!+4a@&F{y?|mG~f5{L3zsdjQAM!u`
zm;BoD|B^o<<J~)6N`k)TvoODMjVIr`59Pe1FUaCZAwdqOQT>D@Z+(^q#<D`i86o<8
z#+(n%7o4MiyaX;^sb6T!GEwCXpK|Vq!08x10bJ(&bxm>lVVwiI8JIqPk8R)d3_`ZV
zx5RB~ekisD*L8hK_7QFSHP4SC(ETLeFJChudw~IdReT}=zb4&LjCp+H??Stid4j)%
zC;-OH95M}-H$yDKjepNB5udo6DBBdW%klW_TA=-ww5f4xU{5jiWe3*)Y+G))8idkv
zGA8w=%&b^qG_!Sw^ybX0>uP$4Pl(6HrojdiMkhvi<MUu*{cO4})kKRV1GAh4<okk^
zf~GI8xJu|n7!A?Na9`)%f2#j3NT;Ci|3q3}Ww^BAl22c(3`5ej7@_N{0djOU&_x(y
zF!cuTR^5t!U3;83>#O^-F+PA7CD@KdtHT0BrPWHHoWC=2Vt(}F{S3{5F4@hkHyl<Y
ze@TRt+MV&!jPVuW0HHx*h2C~h(*P$Cq3}QyEDH;wFOm0z+dh*7_151=KQ4cf;~H9v
zJ2eb=O?<(1?&7wAGRJ3UiG7WV+LBPs4;|m^^MenD34L99kBoFPIJ7jRk@(@%BXn1M
zKy;wyc&LaZ%Z$NEK(K+5nTa`uOl%@FJ-|`P1a$!ly+$-US6x$PuBF&jCj3EaPMuMY
zu%2MMN(_j;ji89T>@p!U<RW%rDm3SwhiCxr)PuF-&-IOB>^_T%np_5@khGR~LY|i6
zDXBU=E4k|)_KWwgx6Tqc(y<)FX-j)MRipam%Ddy2X6)khNu!#f<#Dbyl{!S~jP*KH
z>c%$F2+8^+iw2R3>_!t99&iKX&6#{8X{Ib-4HFvhk_m1k`-mGmuFOJso3a}*60={6
z3FdEIw>r&QaW#$F;{;&xGLgGMp+4efDA7HeNz1OS2KH58+0_u=l>G<~W0ATy+U**}
ztzm}!C=Zjjv^N~YeYlnJ#r!_2#;kKKD$jn@zK+$Su`R8@8Eg#c0(fZ#KIz`K+N89}
zdt+`xdAxJphy(Rb-|pV#_+26`0X!rKdZr0SdO07AJ^cA7UPbuB$K-djh(9R#|N5FE
zkQ7y?a*uflJ9b|Hh~=a4`R4O8CGV25(n;$Do!NZXSpy9(<eFg!Gn;T2lW8yZi3hKp
zR)2t-a8#Y~MdZbw?!EpCL78q`RSm0LiVZvE?4X&byU646+WvReOw?eOKCrmE=(eV)
zySRHD*L0P5XXF@1u9t?`6-Qp@aH1osC^YE^*csJymMetWH;(cv=}551vWr}<4N)>>
zoWvCwv7#>)t4zA#LOOE@ZQioLABxoEOGsZlgS^oQ1G4e}iZZ{f47R*X3ghtgci~DH
z;${Miq3iD~r*}QNNUS@a*+h$elumq8(MP_4I)4q{;{K6L{;_p`apI#STlCX#;?t0<
zgee=k-VEFER1m9#Vd-j8{+>QvYLUB|lCAwztz)#t%XmtYEh$%1Ros#LK(WKs-%-q5
z41er#ZjCmVV`ch@8dKxOquM5z4yxbH@G13>ZETPBkyqnJw&Cm7)-ZHm{h%BHrRQKe
zWqhS)xJV~&V8UH}@|`Q!g*EIQTbd|xrx<dx9GO$ZyXGyl_s!nEd}IKWr-!fi%>MY+
zMng$NfdK5nI0j+(>64^jJALF9|BCYHR>V5Cz9vbL-;jXYfZJu~p3lKI*hb6dA*Oq<
zgkK1M>2UQ=pijW=MZY2pxzc;^jiGwe0N@j!MeaV10126gK2hj4(Ld>%ywyPuaAHVb
z-hqiBehPAcF+TkgL;aNGfMk4%5JUc?`6HakJvf;p9M;FQZkU2tvqA|D%egUFrCzL}
zJK0N&G|pTk)HBrc3$t?fI9zZtCJGY+xshH)W`UegrZeRIHOnTL))lA81IiI1<QmBR
z;h#EnDF2)MaQ~41;lJcJ{O~XN(J9`&lVRhgV!Sd+{1E63wGD9PA64o69IN-8G^2w4
zqa=d@gEB+!LwY_YvanAImM0z4RZ>XKA}U|!N4wKc9G$RgnPTO5^5wj78e9xp$Qt*e
z)t9ghq+3ZSMa#^@;N7@%TGkyCqPRFwS}x6a6yZ)8cwLc7i~^CF`@V54Vlz4vXV#k9
zL=7%IXI*D}Jb*BSia9+hi=5xv1C?+PjgZ3P)cRDI3#wD(V|j*17Xu0uT<+)h3#gA)
zAwaZXM}6X!dAY5Xk4DQ$!AA8WH5Vc^48A&;oBN>TYqH#VDx=EeuoMp?0y8HwV2B0V
zSfSRIA|2EIUWlN6W?#1cH|PiwXkaQ9YbF+}uLg_YF-EIkWmQ;JosQ8sU~BY!jry@@
zCd8EZ!Zc=y;ie9icvQy`X{h$+kP~^#E~;Y|XIG*x0}^p>$|ZX4Fxgf$XLuc_G8k34
z<9#7sce4PL<^*Z&7)h-T@rw|zFS<9?3o1kaS)dCbm&g)A3kjx8Le`|moDA8ke!n+L
zyfvz`HA>c(Bpt#a9n65%AJre_7$3KbR@g?jAsQHGN)ThpAG1rdmCQNtC722>m@4Tf
zmAS!~r4!Y(NsL?Njb=l5vJ)56ZdqS^zeu#GNOTpdAU(ye^b(-p<NJ6t6IhfTrxWHA
z=JMfZHIqy2>1a@>j5iJQeT4<Nhj;~XCpyBL_}jYP+R^p2C6{OsJw-=dYS@)5QAd4b
z$ki0OxpM5=B055IrNxk|sBk3>b8}^%oRe<Mu&XHXKh9>+N1=f_>LyOQ(=u<{n<i69
zgX5$dLbjNIz4LEKv;RM4`hSh%r2m8!iTU>gs<i*-&AQV<9QRMy|1YUUA4yTYT|D+^
zM9N85Q?!yspL8*S*-1A=@Sp2Zy<Jarr$veVZDw!tWO<veAHln?a9ci!=qMnDIItvS
z301+Hn<g484bjYur=l}x{`Nw<Q&({8csiNjl;2<Ozb~LZ5_g%?2BSew7n5j^VN`;p
zMcodsO9ezJOOVv>NuQswx`MCDCe$DXsy<L(wh?MjCrIx$#YvT*LV7n;+JrSC5pxjL
zVckC?#3InJN=0y%Nm?28E7i?~%e3xvKSTJ5vON7#c1#nb@r8VU%dSB00)=3&VL#0@
zlFq>#qB)faYY?~7wMUHc%<wdEpJ5~_H=dVXRkHr9`!QK9^3ZYh*5gPY$N%!hFvUf`
zB?|q=Yc#{N<^zki)N?P*oWNJbR|RA$Q7PJ_hoGmS;vvfLylH{2B64Brf%k1;8gjZK
zOs*(oF&8lx`%Gpc<OX1wD^!m;(XnuuNEx%yDbaFc<r3%Q&`iS*Ues13+(AXT?4q_p
zh18{?=wkDt^MbO9<i%Vg@bzMvIX9F%@jS<U(Y<o;T*opLK^X@-)o8+qJWO-GA_`F#
z1ypr~`PG<(<*ApZYMi111ql_{?(esCgK#ni02qSpeSkx<%($|Wq~e65?=5XU$<i6U
z02f4z@Cv67pErnjqW|#qvN)x!1<JG@LybfD|7aefft9n)@gDpuhS~z{{%{>)fQRje
z><#$O(7>ahSTDyb*(+Gc6a@gc?Bf5rD+QgyyMBh-IU54`c93*_*v0QLIz(0*J<Amy
z5({#8cYihtvn+IoTw5YMl!Iu<#O+T=%tHGbY&sIOBb<DXc26<%cEhCkfAJgo0#x`z
z^C+f>X!AD=n69DAc9k!KI6bxa{dmuiop$s`I|pPoaA^~LX!M0%-1iZjrf>n_^Of1c
z$+Gx8LieQr^u=9Z5Ah*d?T$}Ux7LnFydb~T!6n^2JM-ErrDg{Ss6V;&TR|+G5_9u6
z)98N=<3xn@%a{5)o!^^DlmegBvHw2vWBzaQ!~aA6`~Q;Ptnpv+Gri^Tl8SXmP`xvW
z#%d-RCz7vU-icwQ(F#pu1j|X5?8L_lPFNjGGfgYU>{UvZOv{T31i;_E^{zh4=bDC{
z4&fZZk7phdq)NbxpLsiw;RtY!0OOU0#i>#N@k+Tzxkpp4=aKuGE+Tq~{*j+SLHiT?
za_mU>iX4}1a3eV{=4=mH_J(V?>w_3dnDJ=sES?ktYf)4QPswI6gv!wOOa*TTtEGyF
z60>z_rE}`C##(u-SzD2PWN3d_Lt#z|JynFq^FxBkdlYSyRh0H%-C(}p=U~5J!#=}4
zras9&%Ra6?QS!U7uQKidLg&jU6<GS>YeH+Hyx)1v%7wm51Sg-@(`+G!1n)>zS;oC&
zVC$6;!^A{U3Y8~cwS1|8uJL}tduf4H3}Ga8&_}-sQSUBND8@nj7RZPwx6?Bnv5!sI
zNc=D`_`F@?&I^s~7c3l161=_bEN;nPws||I?-y(*g0!yw;}kn}kop1nIk-I-s_)y@
z)ZO)jG2o*kUiV(6;Q3m?#dgxbHnkJ4-R5)nw@A4*Of^SbN2Cj6rU4DpkHlY4aJ^3x
zE`swf7UMhH<;LWZd|>Wq#-k8ky|#W}5MwI-q!f!M9(lPL5$GJL4@QX7;~=?;(>p?5
zc$=>~2>_H3dG1x_5>d7N_zL%+Cy(gEc?W!2_q2W`5(>86uF82e$L}6IvxPA-zpE=*
zi&)|~xPE6uX{6=h+dOBys9VDewnCR6+jq5wze;37^ju8+3^b4p<ZmeSIDVqt^$su?
zS0PBiOdI8`*ew9p6BG#5f}_Fm;l|~n1ObHCwU^8gX!&a5iIyHT_^3hG3Xi&?R^sWF
zw+sh?@VJVj9LojSDH&@r)<LT)7f4;3(LHqC#;kJ3vd-Q?*-&F@j;I=sOF;en>>xz1
zS;xM?^MOW96MY}YdWxsLZQ}U+xI)AJg#3i)#LuqwMwq6;D@W|;-JA`+|4Kzrc7<6G
zM~+Yp!NmksW2$bZZ)o;)lX>=<;f)70P0KjHy;bul-X&h?eods%W4U?uGdP+f&xm37
zu{rT^Y?W7hL>P>pxsCo|0fNSD(Z0hq0ogcqTsPY|z^>r*&(o=r3y;#U{~o1nFDzbh
zn{8f>L~+&TI+mvHSVGjJt<lljw(4BCWhETH2Vddl&Fh>;gyES+Gx<Y$#69)agI;y5
zmu0Wza5#Cdoo3WM4e3Xv8m~?8t<J9T*<ol+AZhq*N)RsxH3^QA#4N>tB7)}BQlO3n
zKp2X(BnK;XMnP(u*`mc`sI~Ixr$?W2D_{sP=Ul~HW?13A4YIWBg+3d&M1jCg_Fm?J
zl{0Hbeg%%_KZH0s3TK#?Kl$I6qbh2y7-US<LI<HLdXE4ELrQUN+J!x{u28NNaQz4@
z(Q*b?P4+ETUG`HNK9YrI?dt2gci779y<FCTN2P4;KS9{YI!=|esjsZGp{WQ#7Ncrg
z_tO)8yGi35e15KttCzffe=eHzSU`%gho|-Ev58N;cZRD{`x>iOWR}t*tK1eUt72p!
zS@T>v-m?IGNvcj`@BDoG5ZhV7?N#`xeD=852}nlJ=$UqMY&}`QIJB(2vl{`8j|ob`
z8l9%Cosz(TnuXn}n}wh@!|x_r%-_Flk$#ukcE*lQ9`ZJu+OBqQvf<BGsC;R#vA|XP
z;*u+>7TWBVxiFk~Aa#&9ZX1;I&|oY@HR+NGw>Rk8LMBKxOQr#)v~HZM&q!CWUbQr(
zn{?O1TjWYqG3~_=U*(z!Lo-%iMK7*8;bxt4gKMccp?48q{jfjLFqom<aO?(~vFKWo
z2yY5W1ky_`%ak1qvcTvt$;X>>+aEB~E=#Q^5&_&4)YsyeCfzsYO|>uY9-YXxUYJgK
z8%_HX!W}aU6l(0a4y8!O)3LG~cE8IvU*?$WioW#|MV}h2RGqS}WD8BmTK!9Y-2Y8}
zgn!6?_h0hcSpQ4@injtg_uthms1)&9P)DWu>vs#SpZzz8+Rs+<o8HQZZo^jnE>{L<
z6EssxM#vA4gPCbMF4Gbtq(UWKmMK)+>Zz$(<}or*OLbN^iLYhDIavL(({LLEuMv2%
zT@iS476R9$g0pt#Rk?9)JP=x3G5l&}8>fww+*Dd{5WfTSiDqmOghvp)=d5QAXxUAR
z<Q5rw5~66_S@Bd6_u(;$ii(`fdtqmkUl}*n9WYv|{=C2X-fOzA(90%|Brs|{n?h@6
z+Bji$LGws0j$<bj#lGg7Y0-qlH-9d%T;#0PKn+7Z8LL;#RHeMvV51&L&9Ew>l;YCD
zobSAf%GhC+_MzQUI$)#5^t{cqby3#?lo&BaqMf-|1=03Qh@m#4@egf4H5F-`ua)M~
zBGY#BXjGGJtWb$OY|y@;6jp_8n4jWmaMggpu1a(9x+|_+tkvhrSvBP<#w(Vpw@sgd
zPeYW4_OQ2CZ5ZENM<+PC(FjaXR`p;<E3p-Vvz4<58As5ygb1szHV7>)HwbgAc(!|$
zx-{r+JZtP#J2i|LtmdWn-(k6Q?vkEPnXJltBD)8`pF*;Ce>>%jnBl&7?RuPbQx~07
zyEl#4@)YhI2GZ@tkE(jFO71cfdLbPJ+7>bK+cZm@?c*JQ2Cy4wrYaharcN5Pr}S2J
z_vu$Z0K|A~qAoTZ={L@pM$sq9)+I+>ceUm-#SDdR;|Ofx<E>j}6SYTV*SSV@U+^u$
zi6XpmReK{s-m0hl=2bXV!MBsioHCBEoQjJ`*)Ucu8ZX$0Q{BUH?xILXkW<%v%fEL~
z*R`bmrDw0h)Zv%4{g{1gG+!~GnmJwC8ez?w_Zv;O#B-`C^GqrtjhCa8AWhz*>L_49
zYBE{Riq&&q|8_T#zi>Jng#XgsUKVBj+spGRB%)$!N6hqz=jNwR$Hw5p?}2P5sm7uj
z+|a#Ew5yZ|zNZw{8^ME&LuZ`Focjo`1R!AW0AQ1Ps#N`$eHrvo`4>$wX$rWhC8wk^
z(*cMm*)|ejB!gYaZ|X<2I$ve8=}P|9e8l-=mu-;kohTVBS?U*EzhVNiO5xBbA4t0$
zP;vXGQlb7d=YHH(84l9D(Umn$)Q`%;MGk^n$_Lqqyv*#5+KX@oMCS?P$eN2-21R?j
zw!@6dMve^yw|#9~`^VU8sck;_EdHgtDQ9iaIwx3q_I8N`kn+Iq6>qKpvX8pn-M?Mg
z2HrnFdBvKm2w2EppdTPD&jM+##E&&QR1G(#2pjhv7WTzYK6PBDQ?`{|n;-Xg$UZ=B
zlwPQoMga+bGIV{0J1{)wJD@y!JC@DoKn+Jgvu8f9jLAwLi^d17Yh$+{`I5-$RzUY5
zW$WZ3zS&CX^$jvV(5Q&9KxJ^H@t(YCx}$ei9p4@ll7Rz4(AV!T1~yhzaSwM)F6w6(
z32d%vXV?*5E|=9=m{kJ%oZDKuyyrL+bZrED9ZR0$2laH#1mJY7J2ww1Hw-%A*KIn%
z%i0x<ApeEsvmat*6*rFxLC-OJGWBI4f<Rf~Q;IoK;YK#uTLiUoE2;A<^)rjqZ61~O
zIx6&IUy4m0rS?`T<EPe&vW>;~2v<bbU5|m%pwutG!7}kwDL~%5IG3SXmW9><k20{-
zvi^+swf$VTlz;U%VmzYStu9%+A~46&IJpbhD0vpcPl~^-eh~cG`g)f<qp0XXD-P=H
z*(?tB*6nTeeQ;?9$OM;gFm?a}s*21%6n~O*A~=;GlHFTdjWIQlort8x*^9-%>LYL5
z3l_Ay^a~Q~$L|k3kk#&mUsIIQ5^HJL5}S3K#1<A(W^h4Nm#e_XmEgctN^=X4tQWQ)
zvRK(}HW{*8K@ufMX)E+Iv^ps!sgLEpvj+x+&0(qu8_rhmHRSa1&Y&=t+i)K@n`_we
zuhfiJR~{tq<ro^zN)}fh{5JnfeuDo^e#C#sfBRqZI}!d%{#c!N@5T%)xM3Rl_GW7Q
zT#CBqT&6LVO)Z2}S(j2P-H+Kh)9hT2g`riaH|;!s^4xOpopKs19U^lF!mr}TI?YWT
z1s`BB9Xs{8;)(LtZ2KEVku-0|8+MW)sAiNl{>dh(+b%a;it)1oOvHd3iF9BQg78K0
zlMn{+Xt*n}<+#;c*I3it$`6{1ImO`}mTL&S1b-yuwBT>#Az<RCRc{+No;2Av^|)*I
zx{8yzajR5BimTG#4@8OwY9rQVVV`mzj|Bhm&8y$m`k`Mb<x2U3Aqrn`0yWZ(OofEg
z^DgsrA96J(5&1&VYAYLV%mC`d`!G_H$~pLrIV4he%49Hxf=5&~b-PKweAp%2D1DoA
zJIVSIfA4wrz7;|-_mzu2LS0LH{L7$fdEJPk@UnW{fa9t_ky-n8rU1G;I7cAQEY5f=
zOILXr@6Tiz6TA35+`Tg-X^NYsOvAaHS;^Qg^0o@hw$^Ev?w0)$k>5h0Vq9~Nkl)AU
zjaw22@&m~pR@HD&P_<gCu@!B~X>mo&Q6^UK=a4U@6A(N$#@g+9`F19$>-yNsa_|{W
z1^8ed5Nrj(u<?y+E-^6PoKc)q99U1N%FSJIVE&}+LVxjN^GXZr{rU&3=^;q6QN4gY
ziQ3%pH$3-Ln;T%zr)%D)$*kH#_(#$$VHww4n`X0ubH3)^AK~`6>mS_>pV%wb1FjDF
zdxls$igqQI6`THz2>do-edoeu-wd3`rdQALd$S~`I<Qime6yxUE|>q=z#p*f2)-w{
zQQ~aI8LP5+rA@e5$2rfV$f*MC2C+Ln5XoV?O}(XRE=;H-$uXI=T6BChp5<P&pd9}_
z?MlvQHPbv1#4HQFNH&>0ywf7(Y-bQT?uxs1<gyO8o4i&TlmmzZv0+d%+uBBbu3)sa
zkLvl-eo~X8TBv(+k;7KVcOofOW9j21Wzl|M;N@u%XW7ID_Xz%Tv!+mRpyB1a*KlCs
z<v4_OiYQaGDxIJ-+k8_Sz3j4*u;wx0QUkOdvTK>?@I5O%NfWNv#`A91mDhr4pSMGx
zDr`N8RG7NTUPnJ<=d-&F@H`B-Q7Ep`vjSlpRz+EYP*!kHzc-rHpNUMOpSlzm6-QZv
z@Nqu7dt8T{JZ2A{z)Yc>w|hHC7Xv9-El^j*g@O)eSE2%cU8kH-2(4=yS(?c`mTW2j
zy&spSVjQwmIhG<b8#{`hnID$DP8Q?yAJ9)Yrq#{rL5faC>h&NWr|So{lPCwIIkNdG
zcNQ0!Kaa~h7&!@cTrL3VP_LF)ReKi-f3c(SQ?5*cmybf`hbO0VjAbr}i;XQT)u~$(
zYJh7&cfEZ8u(6fVg=!6H;kHRyNd4$>jYgP*bI;#y@wQdnSYOy2zeW6^+Plh2w@Du{
z!tq36?@)Gk1--j!Ms)Eolx^6K_w@ma!}HIBV58vh*0a4j;F+k=5|A#E+T&4jG#n>#
zyOJQ9I(k-Gmi-dEx}f@f+h}IyVcV`qNloC;Eze67X;oFtXW#_My<FFD{d;J~Ogp;#
zahum8+Ad$=Ez=@B@R`irzNzZCw5;=RqhM|x<Z$Lo95rTp`{EE4QszuYULaQ&<~cwQ
zQ&RSl`S^`n{3=Sf<00tO@G4}Vxb>~L?rE=74Ob5k9%q*yb^vX?DB<f%vx_asx}rA-
zSZQ6vwE$G4VjFC&qNI0@eQeocDQdE(Qe;C)L!u<=T>ulQRMdb`7)#MqFMcxR-dhZs
z8mmBHUq2YzK&b4im^$vu7cFJ1#Ln1rlAfa?sKyuHzrP|sz_;*(JpVKqv-18L%mil7
z`c$JVZ@zSBqS4$%1-%vCFUJ*aLF+1qM2dR@c^F1lr*bC$I1_GdyX-5o4Q(N}3#8!Y
z+%_|}`UWa?H~SbG?mBVY^(AjU1yjS+g%d6TP3MF4j|}*7!m|pA2zv97zvL(R-{eR7
zhx|AHCBOUZzvRdBdG~HFXWASa(S|uNo#sQrfbGOQRGwpyvu>Bo+QAxDHLg34>r{rE
zaQ1xDq~#aNe8Fv~BDyIASD~PEJJ7eeGu)ke)+u8=M>~Wo>?rO=n1=|8^mgC&0p$r@
zU#M-(z09s}Rk^;x18@`1z9a*q6MmudKgPN6IPKaFc#oS++O~NEahgUvm>I3w&Uo=T
z(Kd3LpeK&#xg%ld59qlkKUD?}S3JZ+j5Y%=VjxnRZgkFiNNY48aN90+1$u`22PA9L
zJ-?qSJnQ$IjB069#CHpe6P7W*Q0hzQn7WHs!V{YeY;4`6jTpTzt?E7KhPz2Ev=|E-
zs>xWA^|WVV(Z))3mtzUXDs<PCzS0)!F4huj=(N_Ds#gD2TdXD5P_wqsB-GKiwp#wW
zreJMd0&f?H<M*It9>%4ieq>hzQ&Ints8*HZW*vs=GG}KG3$0t<PPZ-yYC5$#fDP;c
zC5}AO0lRJMy|f<uc&u(4j}cDG`IeZG*K~Q-n6cK>y_$9v&cC13B$9L!l{@1drQ2X5
zM9yW}aiQ^Qc~$NL&P7i86Qwtv>(#X?q2=ep>(><I=Jo8G5!&aS7=AR|*o_KLs_tW5
z30jMs3!Q8)6mRZw=diK=sF1UYK-wq|vy}a^Q4(e?3%gMzZ6k}sUn*@ku5@@fqvgz_
zscUBK>y$&k=d=7sP+VMTedc`j1ci|DjVRb(L4?#Fi?k0}nvN+@!`L7h`|~vlYkalY
z=~~KTkfB*Jb~(}9yLxZ$z6bb8@rtNDbKnBbQSQQBc+G-VrmJRF0srA;U7vYH4ZU$i
zy$ap^&BiSvyaZ0`hL<()?Mp%xh~IpIZ*L7^eg@*YbubU61vqP@6Kbv*Vn`F4+P3!3
z1b<i&b4N)MOLQd-ZWs!U%x@``5Ei%6)fKT>Csh-liwtjxh%pd%)0H<d6(`tlSco&S
z&9BRQchwU4t3@{k0bkSzXrgSbwr*e|J@{TR*yc!sbR;GNUs}Y+L_SD0T;#@8rP+%F
z#xVZ7`<#XRvyt_Vgm}gh0oQ`y9y|VT^@H;e>jYJNqVa8qs0*=7ZzZM;o*QfPPb<S+
zX-ECnF>&~14!|>wh{;WSYnQbASt4HTAI5K;Rk_xu3r_m_#$)QT8^tC%|IEtU@9T&%
zQg1{??BnC}ttfXkkvNs)C1rBkGiS=~RXTQ>hClMbWHo88*_!R}gSpJWvTZ4{f6lhi
zmVf|afr#}<fxe<@m^;=NL-vTtE%O?fdz}}i8{}7n7hIbb!;n9siB?)R5AUT}?qy_Y
z*RMXzB54GE@&^vYT2h&(V5Ai!YSL9{ZJ1PPY}B?*uFyUw(j2!YmL;Ygv;H2K2)}w(
zh4cC;YdEWc-WsJ^=c(3>v$Uu|_o#1!uRY$fG^xS!$o2RW-}rS{*7UWT%;B~!su`v!
zh%-`p+o|~nz$YecV%~wCKEv7hM2BE;*mg6~VSSCGDXIC)QD9e(2{3q$Pj7LB`$4C!
zW`1cPAR=R+%8@3*9vif!6=9G2>g&~eC%Y}+To%z9-r8J+bBhDoUBCfxbWFNp`<Og2
z-C_VA?fov|FU;3g2b>3pP6@*?BM6=N2BN|V9ks(dIbM7pDFA5^t5%*<SKn^wW+!Dx
z*4*lb)5j5#3E2cj))@uNCicATy$5v0)(7mV9SGC1IFc^KAV$ty_U!7()*fN^(qL%*
z^<&n@I~nJ$wosp*Cshdd3$}AobI@zseHz&IN$H8;-5KK<^Q(UqYZhbHChj=JxL?~O
zU;&V5&xDi`be90uPh)`S58M{qag24cfHqghImSr<=6GSPSw1xMRHsBQX^ykoW*4t`
zNocpMojj+_oD4pcl~i_oK4hn7+b<hG&mOL@PNN>(*64fv?p`<HXSX{D8z-X)8U;>a
z0^tGrgVAVjWdQ_x+nQJ$F%ckt$xr^j$&dUG`LF*=eqhkQ<S#CJ_imd%{L$}Ez+L(s
zUtsASNH)dtuFGlFX*C#hcUdbp1xx#(6Xj`*tqXqu1O2^|M&#OKE~R~v`!JB<H2!up
zXeaN|@jjlnxNr42R8&%J=GZGihD<yq?<+MVA+}a~7h8Y7o*;TMf#v=eK(m7!6n{nu
z@EDM`?k){C*j^kO@R{U1H9j>S@DrtA{-ERKzwz1hsqx;PCGr*V6~Cz=?UkP8{Osb4
z39TK)3hXoT8s9(bo>F)&unn`M;)%)XyYap~>-FdBPtE=3NtnB+yQtjP=g}_grs-EV
z3+80aFTh)>`Dh~vLl*dwK$S!>dmDb6A-0`b@qI5@?7&ZfpJ?Mc`dMeIr_S+4bI*R5
z%<|yY<vhdcphn<Xkr%Nn2@GjERi-mc#)a($TpBgYxDAbduZqSsQB;Ex^e9*(ckiip
zy@d9NdrJl+Ka0N|dff55M7d7}DDl%}B~1Etkm@Jcch%!w(gjde(<mEs7IfLE`|8ee
za^-jFN%#UMi!~Cc3&cvoP>Qxx0a6m0pF9S4ik<MTtV|<j3T#w7#R}AyE02{PByNO(
zMc*nUu>F^~cHj5W(=29B5bqW`iSH(`P5Ib`s+%J`>D{y9#Hk>EkcMHZ#k-+osp0zO
zXhSc-O9P$KgYi?wl<eDWjnd6~pwBs(0scvvpU<GxewrUmb_aAcOv=01vDD-&zP=vX
zp2E6CL9^<rpZQRP?fnF1_I|uQFDRsb&x8#Tz(63b3Hj=$*#3=ADg7_#q-pIi%xTZj
z_`WyzABGEFLHAg=CY=Tz$FIM}3}0a{KR&Wa@V8EQ!`Kp<y)m~ICAx?+Gt3y$RMG|P
zzaqHZ`}v5v{N6LF^{u0^S*>}q<{Iq{FVMK=>(bPKUiPbVW3u+dd<}!cwGN+G$i@ME
z-Wf%rv);sLd3q03`7byJL9^|Sv3e#L2Xh{6=;M3U8~3%vrut*_%CIA&(SyejnxB%l
zHR{dJYu-0F?!k{x)|-(|0%mfjpe7&V_qS-LoX&C2o<Bc1rEu^w@JCTy-K68ZngEEb
z^Etq&TVdN_DFPj&9sZy8ADIO`1uD5Z=wGC1@m{r_tjj-vZ-`qZ8}$7<-ATxxl%TMG
z+I-K9e2*{s^V4ydQfWMqskDcZuL>z$G=`)!X_*Syyo774^5w6)cSM#6zqPbTTqSV}
z2ujpf=ucuF@}Fmj4vJlLxXBQt_VVFoOy5!xlv_w3-!5uJ<q~IiWVpmLNiatsyQl}n
zI@AmawodiDq>Cfhwckc-^&^KWoLbw|^cdXzY!Vwscy`vmdF_6<G;G%ACqf!B|4u)m
zzH@Zv^Ogxh&O!TYl#Zs$$fJ7lmHv?)#^Yx>Z%jD=NAup#WOvwP7bzy8C_14iHlZjc
zK|n?=Q%)^YQ0)b~_EM(ylD76z(`0wqWVdd3#Cd3hkc`GB93N(wMB69b28g)q$-n%d
zQ+xfs_L^dNA&Xes2gfGET+{?K84dJF^zt8l*D5}$_dW61qxKl}A+x8>WE^fdHH*Yr
zPh{bVR|AsN4WqZG2SeCpPXq8R_kh)eD4iayEp`)56^`zEec3e`SF1I{b;mni>dx4d
zs~)*a+SWHyy<odwJKp`_-iF)hn7)+S1P!Kw8hGI!xW8ot>wegOZ}ai$`wIVOFQ`?h
z)_1^Yw<*r?)`d>Ri5EyVuSYlF%+n{TaTP>^84gqE!SUEQ`gZfWJwBhQz0!M3XTg9k
zPS0;W+#hd8r3ZdywR=4Wnb2fYYaH`!3Q#XTc_?JIYzmzjzB(=+2%MhWW)Y{KBaP_&
zWN1p>$}vc3quxJ9yqolxyki(D8~mQN_%X>N=qYKpQoeg&^GoS=?kmop(AUD-me<I&
zJgDuBKkpcBBcTMm#NS_B-hAf`{5*_RJ=DsNpDdq>Baw*u!O{uzLxRdzhKetm<m@l`
zssA_mQT`$S)qlzF$MY}wx8KU?6CzR3FpBfDLQ`=l{9v$HLFS_0g?U@`@SZF#ms26s
zV&yAWKr{w);szQ9jE$0J_Cws%Z!%^|uJ`q~??DUanwFZ`nbpMKka6BK=UQs-;01R0
zN(jwP41JP>zawKqPWcQvJtw2WvUp}?JqgjVTfuB5uYmuJw({P(V4~~6Q3G?o0}l6n
z+MuDb!4aRav_a5sy6Q*zWBB8Qn~#WV0U^fi3=VgC-v|-dC15^0&%|_vNJ1^{Yzr##
zqpMJXYP!1k{+Miz<u~|UBfOvZ<TrEBHP!yT16hYE13?F`|Gq0har1igr*$`bC<xwd
z#QoP%zO?Vr+y<<|-6nLXJ_5WCPW;^_c|YnJb7ds1Z;WFTI;)(2EZ$mS{wMblT29qr
z_|qIliYEKo8vv?_Gozy1=fbsse1n#BoUs--?Cv!UO6OlNd29TUVXl?oPU%Wmyr{e1
zOuf%FXrsbcB#+y~_Q<%!$hzb5jJ0ui@mI;WV*R?P45DPkSzB$m3m+LD<|VrhhGc)=
z7S{cQ#PBG3*|mHmS`*jA;VoPGwU=<XNmjuAL$w5Hqw87}<yRwP#sjpqKQRZ3j`UZb
zI?WJP3d)LcNhvSq(%J?tVNFna#9Aa!ttAZ-KR*6xXmVr$Ol&F+d2i|tA>K0Gbiso&
zwTGbY$nAcwLqAeQ<WQ%29%mZ~0dt#XFPEfS-cSpV^Y0ot2QNtI_&LaSF}0zNsaJAT
z^|;Dl2VPTfPmqkO%`dg#9CcYA&VkvijGQqm_@?XG%_7B)ME0$vT<E&o{;U)ivf8W6
zrg_bkgEyu<2A&w*Id84(AZ~1(9!cC)&GK}18}gQLh6wsqP>a?&je~||4fJJU&%oaV
zy}(>+rofNYgomsCY#74+T3~^ou4|^2O0gX7r$yvEYtqV;hZU?=wSmf*X;<biuGr;%
z)fh7?Fh@Bp#L*$&TKiq;rTtc>0H05k(9@zytsst}Flq87G-)uyX1)S*4Pa+0bI7Nb
zhRS>90Nm87lC)I&Tu`ZY>RGmcVrN6Z4_9+ay>+zOXnm3A?|Y&<O0N2p*dB6xpV#sq
zgFQ*(1KR?2^YDHo*~^}nDSA%>;f}s<s6>6TFQyPqSsIwWj3#`R<-;FQoD2jP?+FJS
z7EA%It%^UcMx^@#73}?`=Cz4zZSPnSXIAHjTnM5rXAEQr+Q;V>VFA1=ggbvI`49B6
zx{4yq_+&oI^*0A^(PxJ5O6?3%iVvI<feSntk(|)N1&x&)%xC8@2=<x|#H4v|>JHSx
z`X{wwpTUW&G87X^B&*M`bSb}mpjvy|Uh)(1R_wbvdb3uTgKoZdS-ylP3au0!c)j;=
z8wL32NyApYzWhp5+Tr$5gmcXC5e!4{<v-M)Q##R~Q95dDm?J@YEYtevBO4~;#k?u)
zqZ^hr!mUl5=S98-+4uTdDqZ!V>b{+>LN;;;$4cGB9&;U+bAU4$dA)bv3#mNp@Vx%_
z<4g}CH5y&ieN5g3%gU!ns2jSu+Qb<L5LQ5kJYJC3GMv$Bu2)MkaGlaY0JFajsOu8N
zKD;s3Db-taI__|W-ul|Zr|tqmZyoGuFwz`D!$(_h#8DPz|H2|PAF-UHRjaxN5qYL&
zPyuNmqka}8YIYPH0yR;7wbVhivi%*n0;`%+AHkM$U30Ucfq6*IDV#RliPN4_5z#Rf
zIiO(SzFj)CA^D7uiG-sbgveS6i*I-Q<(k6|J|p-++gRShfOP|xTX=~8M=1L2<cqG&
zF`RCWgU`O_91Jc}Kp<{Zpcqb6P(<DfjQ9KxYTkqu7A!fD2`gSqx$b(3FKf!|dY_9p
z^bpMzv#J7|aqR;kF|E-8IA{KQe^OD$&$fH}JMPYfvdG$&lJMw-y{=3HlkS~*XaLSV
z2pv7u!H@4jPt~E<n|Jq8J%aj{KgdpO4PSuLf5}h(zsZmK5BVYgC4cbQzvL$~eD|)`
zmS4LmP61yp$T-q?uMENdd_IWd-v1mU3vVNE?F16!uJj`DBdUt6ZE}%-KiKO#XyrVH
zlH+k9C`xpZOyB)3-`@F-l|Smv&3|&6CBWYPuJr8tUErC+U1F6$j{_c%g4hf|&|Sak
zP9E#;dKXAs!a3Oy76X4p14@u+IP)Z(<iMjkj}Qq>4UhRGt4tE+035WI4T&M!caBF|
zS&v7pVJ{FbO|2znTe>M+lh9T6?hA3=U}e~{rH;I-{y)6kWl$qc8!&2McVY3x7k60P
zT^DzE3-0a?i@Uon?(QzZCAho0yMH{-`QB6Y{(0;CI#rpfneIs{Nu{rJPv3nHKpK`f
zr?5X(S=uOet`C~?fJl~=CfspLW2v5~wx)z|dWJ;AJ@z8aFIHQcirCAvja}!bjd}Pf
zxd)`C>2U;(xdsMD*v^pafci3xcEsBm-7g<upWiLLmC<jw-P!}~)^oUyRgO(9Tx%z*
z*sJNQnyV|TT)!{uE*z4NkV$YH@$I-AIre#vc+YrGcrQAYyt=*SyntSkhPf@zxhVu>
zUJSxg6?n)@tMF<32)-#a`z^xKr7vA6ztBU3=REqqZ4=prnxd8UVb#buhUrX^2lXj$
zn?KYR^GC7hCpXKV+Eq;oouV~`w-EsF8xS=EIIghPk<NV&ULP*NR=lse_HgQPJo6w7
zu`>P1rZ^7$9TA>?WcnA<{|U9^yz$GQGCKr1Vm*J)4Dt?=5o9`Ib|lLT0_Dz3T5`f?
zN*CosPn((2W(M(!6y>;mp2z-K37*Xbx?X~gAwOcSkC73~{ye$pb2sEI&1)!2uM3=_
zkZEdSD)sQ-Na|Ld6GdChB=?`g8!gD>9*NJgZ=YpSCb@vWOjD$eWY0vIp|k}|Q^|)?
z^${<O51e)OHnukOT$!PqpCxf1Awc2Gr1|CTMID{}h5bb>7AJ~VAV?^ACiSpvfMuYn
zhV!|i-F=65r>z|P_4$_r79A#^A;jZ_bkGfke%XMfvY2t8Ky3_}Aq+<^PK<zFryNlN
zjO4d;IhxtHa*Wo%@m>`@s3B{;DqDVb>RVXy0Prn1@eYFTwVOrP4guefRB~_~d4@Dl
z>#^VMs?*6G+r)EU^7=37MWg-h{#N|ddxh<BpHvw$q_Wecp!0>_N_|4Dj>4)YtdD*f
z;zd5pc=bL^hN6b9AVjj<qNygY_a~|Lv(l9{1s^_bBS4J(mLKy?D)@;H!a4k4i%A#c
z1CAb4_f9|V&YAg#4}!@j)o2pO#6FaMkjc!s&Q!-_D#F;I%HGM6b^I`oK96#A&yPOO
z&2i+7y$Rje4q<#7<@rKvJM~`c{AHC_rMvkt_wk#-%~mO^jDxc5XU4lj$GO&HZ3`Bp
z`4;m)_+PYox!=>ZYDcR=tNYRHgafQ%7=H(3R*qMy#5n(`0P&z!x;TjnFG9JUBX9k+
zpqi})HfSbyq<t3^!~f#7X^kY)iqQ5fTCnEEOqs{hB#XKiW0H9iU_n4RBENvC9Yhvp
zkE7uvkFu9=5_S?skETEt!dRT)psh;V9Q0d6E@AXqd?7>^wNOO3g^WZ7^=GEcg31HL
zf^ST2=uHCIh%}+Lm?|yok-=Gn*%huyats>ULUjx_TCsc?7l57THwflni}yxkFHSCE
z`?R%fp;uWot=d+J9uQXT>bDBEiaa8Q;|CnCcWhe91lwY)a7J~B<5E_$Yiec+fOKgj
zi0i0ty{R7jbq?VY>+$C%$|KezbcItzRw_~%q{wie5A)k4lB`!kdezBv!<zhaWPRW2
zWeR)#V>!YDZ8_MZ!FIVL$h~cGZEszSW?8J^;rnmGkfhveW<1R~*EzquQnH=HGBft+
zbDan02U?eGkFJ-PvUxAm5!~Qb*%l~m?+1>DZx2SQZ7*2$HgzwBFHu9`SGmGc=res%
z45Ar3%ctBV=wUbg$Tdn@l*@hQHRu}Df>ekhce_SsxdbD*fQXO++OEaV)Ueuz4YR}}
zEvc_x-AO8)g!}IF|B;{Zf6I^Zul(2lEq_$rf8=NW0|wUAyrfKH9oQNz(CL0z(6NmW
zG8fj?-|-hQB)H%EDuA6Jix3cHN`w%KQPZ@IcGb#G9pxIaS@CNvt0YTE7G{ZkbvXWf
z`D9qY=5`n2n&*bQKPxb+KZ|ieFB&*^p&r!m_rOiX6^mICZQo5O`WV_>1qMMjee~k!
zwj2d3z;Oa{g6!vBVirx7RaRyek8V}C9%LBL3pW&xX!kx&mH`2IAmfBtZMP>OAf0NY
z34#XlV8j94cHLpvL3!w5)tBn`1dZD4`1)6yIQofnO6z-L*SZe3N^qM$P2VM5F<dd+
zl6}>N2g27Zel?6}?o^=Q=oBrS-2Dk?FY6AH59=uFuxQtwJcd*)bIEHG6??eP&2(?_
zaB+KSf9VKr7ws7A*lbw;t=jZ}vzQm=b)$2sbFbq-2LTHY^R%9RE=bSnu@>IF11e7K
z)~4ExH;>{Rbdsm}>VanmUv~3{0(lPk;adZ$r(3t1k~U>_f^06JO+q<6rc9-*!Mvk+
zHZzB$+tfz5>?^CFH`c(40PPTX_Omi(3d~a!wc2PXoZyYZack~#rndQ4%XYMB2f_`o
zOXb!uQki0lxx2{$Yp1$a<+Yr1l?P;49eG58FQvhA-pwn}P92>5_K>ciV!O;{)q=L1
zZ)IyB#baSZraPk92#%`ag*iQ^J|{KpG6oDg)!Y$(M_`Jvo+Nj2y9>!{Xp`$O5$P8}
ztK{i?<^$*IL>h&{1pkcP(&YUR?-IFRN&AwdS*#^WYSc7|mI@6@RMhduq~Mi9aT^Ze
zVPX{uT<+!dDjIZ7Z5ll3`Qy_nX2JEE%T!L1Q29WGE=K{Z7*KO6^VjBI+Od_A!08Z6
z)Po_#J)s4JqlkmJ6W<Jo77J~`ESXk;i{0keN0lg(Xb-N=)SYGSXKN5lOAiZ4_^or)
zyLFVs*NyR5$W@Hn2Z#9<1li{(5b0AXGr<NJ0Na^-Q<L-jYd@UxF_=d~@7M*pp9He4
zLFLWiVmg<#8chNbp}hDV$+6AZq0Py6c!|V}s;-jw-xtRb9jPc@#3o$}qHQJQ@Am;u
zs<#0Y^oi@{V&LN$7(Wjv4TnL5G2x)_QH$gS&MIF=t~LtqH8-!P$!o#``k@equQOUA
zF(s8HDJpHH&WTh=B>joC`s-nCm5wpgs_3i1O=>h~w$VcFxq7!kz?r&;Klkk-?n$39
z(-Eon?RK}QD6+B)iig8{yzchme|f3`@7ob4v)E#@)C;F(M*JfrEyWT_WN+7V>i*b)
zWWH}<_P2o8t&T$K&UEDFcPu@Izo$Gyi_OY4N&+P*9zq=X=Sha<<eX7^Up)kuD83&Y
z{hF_l^LGeDPtu0e@_*FlUt0Us_9bU$Mjo$fp+*X7euEx-n?#PB;1NTY^sg1NBgDM4
zA3RF+(fTI6VDq=?Gn8sYf8yUjNsn`+7ceM3%qWuY(W}^}rd)%L8MAg8{=~|#XY_ng
za3R^>GP<yx>+2-55ky%D5VuvGKB>lvW@LpPLy5V>02|1qc0%U&8L7P(=&PX}ZDUKA
z2(AW`yM^|(*dz5-;Mwr==*u0p3O?@UwE98Y!j_;aXiDm+poZpen&r-e3dY!HF>sC+
zZr_Dh_2QTy3RZz~Y%AmYV4cwPWnN$vs(t2f;NDt%(*X(+M0wiRGH?sB-wUn@Hh4Sd
zcAnUKqral9aCefgad(~!W@YpbSUBmX7?yFF8a)P^%n}s!t(cC1@*BOaj_EE+($y9j
z6JLCRzTVx?CYs+G!RM2&nKU@>p%+4~3CSx+Wi}VDseDg-^}ud7!cJ6D=K)mZ$|_oA
zx;o`@^Dsu`LtjckNAw8uT9I@WPZ}L6YO)!&YcMClXzcwkPU<z4M$eBTgD4~0oMyu3
zgPh@m1DGeZkPV!dX=u%>%Y_Xmm2PSDqIoBwys~N-m60l&UQ}c8PXEZy`oHBz{a600
z|CT>N^*{2*tbl<DO1TBIx;!qy7}$KnYx3JrcR6;8U=Yjrin6e`DjsuzqX{sWUzDeg
z>gi))ZPj^KogYpFU0LWAIatC+s9%&9v9#4gd}vOb*j00!D6bj!te1E1&1)_nz!U~|
z&!Iu5ZK#l#y$8INg1uLKK8EJsh>oE+>4=h5c8|DKS@wz1gt2_|p5zfS4mD9;%@Y8Q
z8>N#iKhL`KW9L7|&rWGw%KT3-?TD*w5RX;4G8SxC$hSEV$7Pqtd%Tf8WS5WmZn;)j
z0nwuJDE_jo3q_X{ARxQc?yy>=7A`QhCPVFSvUUMrbcTIdzG%D#SaLT5{@}pRD=H=_
z3aa%#WB-eD22e3~!?i{HcUb&K%SGp)j&_apj^~d7F&I1ef{$nw$YG_y9k-47Z#3sK
z*b8_tGoCY85l7U?E41ekdqFa;W7Juy%)sSgWeuk(ofE>cmypeZ5MEYyPo780FT{)K
zljcp!x{A3`p;5qeb1JXR%z*E+v%2gGvVUg$rp~>eXoi7DYdmP`bHoc8(B1B&Z54f~
zIvtP8*m(e8eir|8?fS0{tCOWvZl`jM2;$TQE9c-ncPl{IS6b=z)3;(@hAQ8uvd;&5
z{uj%?+mEguRqO=@ayL~lDF-kqMKC`<!Ytxnu<Z@{rNOvY7G3#YQ@WO@8LkX*&9EjP
zEK_}Pcruvw{Tl_qE;B1g20s2yG%8f^G!|f)ELkouqkKE3u&U0kn=|)n?CBgQGhGdQ
z)r)UnAx+zWd||;p1zJ`k)-_n%n`$EZz9qolvo}^OcXl@lRzVF+Kzbmr=tM@_y<1fW
zSL4o4RYh_{Wx|ibgXz-gVNW-&ILl8UdVI$|CA0)C<4v+|<Lnu?*;#7W0=;{)ig}_J
zXBtdkxXNRl)rilkZK^RWc1!`E#hc4kbTh}*T=i~^bTh9b2oo{RYKUjm?@Kk-YA2^u
z4R@K94Q9N-c9u=J`*R2uSziA0&RmPxUg4|<&SOoAC&{=RaIfRuaytR?pl=9u_%rho
zT#u=^*{L9NPm{rWtvO4KLD-#p>@=P{nngV=Tq$f(Pwbs{;KRqEjg7%8OJ*YGO@!zr
zUFj>sJ%WMV=l9o*!%wKo`<H}_dJb3shW!^y4z?KTI~e9Bln_{juXDFXw>v+ZE|YFq
z6t3@@Z-?*y)uh|kyNbz|u)9CyQey1jQ;_cO23I28vnljQF%V)4*9JeczYTrc{jv`p
zX3!hx+waTh`=wfHq6=aY><2g{!FM%i(=VSwgR_FMf;WOSf;&UpgWZE8KtzE>fy+S1
zSiFVt!LnBcC+qi`zLzbhD7cEyk@snJfj0|(Y^O^zeCY-hkwgZv^D2H$RWRtW63~%R
zgP}$SF78vnf`#8+OTIHsX7uZqK(>E0KP!-T!xT>oo~+$Tm4MHh?eO$NUk(KD@`rR7
z01Pf_ZR#HuJ<e8;_G7$~J0?0eyobDJy;r?Qcuo0C?w9En=~k+iY?d$BT}8P=`eRSU
z91J<_aU5_0qn@IWMN14yfFi}tv(pFe!J9F--U5A7$EGgj4frnQY#z94QR7h+0k~0X
zQ5{iVqJUA}gV2M%J8%iu_F9fwc3LiQTq2Z_iHcMxREm@{RCSaNxbGvcBW{WPiLg`{
zs!7V6l*!7K#g@gWRLcB6MwKedEz3^JwNzVj>=pNtMywLKs2+aYE8~@O3$UxW#o4xA
zQ*U|h6^xYa%k9ByTSpGidzXbB=|hU!!l{z}epZ(*RVZTwD^Xq|a3lDpEUXMmX`@6V
zphQzr+nYvjFb&YseWs)Bo1vqXDgbDS{RL=MPtwtnTt9}xir<FA4u5VGpWDpQ=SWVC
zkw&&Qm_}AzVhJT_ff~YNe!GFW7K7SbGNr>%-N-F-iKdLkrdDE9Gs(w@PIJ8u$FL&l
zANe`|xBO`T%76La@~6T6M}8ApFfi{?8#U~==ibJTXw3mT@eGNJvQv|2Cf1XBgv(p?
z11GI%I~KAiu!}4w$>{7spVi9#x^YfqN8ch7e<&k=7Zbt4Q*Ig?=RaBaGhzC?bdx|~
z&ZLMnrj=4JP^EtK$~Xb^J&8vt&li%FEKvnrx>~yG&#gxDOqqn`p0jP{yy4}PP)yqh
z0AIr*M<n|oGLAom;&Jw(SBdu*u&jHFjm`Zw5Y(e!N?|B63Y*kFX6QDh0NOr$U`3{`
z(m2+`TSZ6o=-aMiu91@LyEaNPGOP0p+*3nPL-<U{{*v^tWROIaL`8k!)9h@$i?(yX
zzmOs{`5^B}*?%DKiPxW<`xq}mWv)oo|MnMF+D7r!0TqMdoxLBBtKh(YaMGZxU{!WW
zxmU%qpUcW|SwXJ&b$fWga<&lckSF0FUF}{L^<&0ENfx`nqh966iYg~9{a0teG==pu
zviZ$Q!n>P<8~pJTnC4><;S8g>74)4L)eHNcTcE}Z^V}0wKcA!>Tf?i{aVEbJ!+ZXg
zfrOjiHohGE!_*vU0<HY`grYlfKmOmxx&-p<a~(++H{bJX>i+Da=A^EWYp&lIa_zp`
zfdl%}!b)EXV!XqqvvcI#2X=GXP!;ha_>2w<6+|hDvdzy69?`?H|2}Gj;diq}Q0Kpr
zCcHBr&HX)y^A6iTq1b`V=aVeJI_$KbzF>@cNSpsd%i!eaJ@eJ&z#lbRW|`l8vL4!z
zYk#*ec3r3dMx1FjXo13{>d4~ni`2(=cd|lT40_O7VHr<?569kyz?EBmd<h7VVuE@{
zmcIzw=j*Z_PIsGb#*51|U!h~s6(7GQ138AQ`?thxig!G7LDoIb$Z68CiAXv4jiN^n
z$A+}ZLiu-$;#1*iA7;uJ9pl~%pa|x+@yvuRGks<m8}64kDq=MRKJ1(7mBI&tet~B;
zcNkNkgVKcMG>6i>WNZ4Z)J&e^og}+N@zV+_pY*e8{s!y(Hcmf}K$@skr=Yv9f^obK
z!h=S^IKiIh%qw|@XqfB*b7GoIL7`&FQGyAZ_L?+>f5Nm3#YaF=w=|I56pv*d?4PG8
zzRDUR>SlX>*#n3h!BPauXQYDS2NJZVI}+9<y^iu+v(byt@8w}%ig~<@brFHGB><*j
z2or_(q7r2cv5on9Gad~L?X#R^_u@vp(u!d7lOA~p*Z|g_hn<jTQNv1<sqPPibN7UI
zC(+fbe^|8%)?}Y?r(F&yAJg<8$9L%WxCNgnkMw3JY9rH4nNlFUXaB7i%kEV#eC^8R
z^eHINr8xICR|X$gvKsq>KKF069QGf0SD8AV2nY1iGqytf+yPW)uF9ZmAK$Z_q_F|K
zE0<z;j)XWt3Xa)c9CN)W=fve~gLW7mFXcMJ8Tfj=R!O$ROj#NX@d;)q3R%7*7qN|;
z7v9Lm$R~I*=^5Aeu-g@-l@(_F!O1$`Soh&l#JCFcH0qdbue8E6k6&3*Pw{5!@eJRL
zMRQ}xBRl*V5{kQa>x#F|F-%_>jL4TJOvJmyaM*#jG?VygpWzdEw;MV8V*W0k;l@vZ
zNlgl)7<*cBIx#Yy=wk{YD>cz8of#2xjs!+->AMdb%C?wmAO0)P=?n9Fsj(+7{V6~k
zMxS2m6Z&$H8&_2N5fZh<?dD;sPpDlT+D?#{;Zyi<mQNHXDCCXBh8{uBVz^ahrkO?0
zqZ_}1dEY^N;x9wCq&sBftJXA=>FYsU*6(-r<XgD3@RodrkBgEw8~O30Sr<AxN&F+j
z$hNU)6vgo`nSW@utPL_=z{f4cR}F@A6E^s-epAj>+MzbIXTCPc?O?W>yJo&VJB`dp
zx|1E54Cm3Aa-Mq>Z>i&6gs3LR?@^N*FZxkbv+BJ`9v*W?k`|u^+W|;m!Ra;+;%Hgl
z{T88bJhK#xv3<mOAE72;hXIxU$j|$~<wyTl{)_*XKfCKc@|W;|fu-y1?fHZpZ6f&)
z>_bIw>f}AT#BNDr4AcGGXH!N(^c13C3UTn3>SQHFc#QGLe(e{l^MN%%`FTWKdlNl0
z!$&mn_Wez1Vb>oOpFYk;pQqjMndT5mP7uDRIAMTqh+egXuB>_-vh2uf5)Er%>iL&^
z*YS=nRDW0H9To?axi`{F)ZLexu>rIg_p1z0a8WT&aT|-(JLeI0AD*UZldqOzdS%u;
zORZ4B6ICCfZ2Uy7H!p3t$}s?0^es*VS;hQ3<O*l)q^U34r#m*MY$GoNQIR`3#i6p~
z%XabyzQqAVkzxbyd&9%BN7u~Hl>)+Dbc1P}1-qjBRk|E;6oH>)49v8IBpmjVxvO#8
z?406)u_Vb+IE3Q*afNXbQ6X`Xz3n%e6D}PGH^Uhl2R@vica-0`dFq__T=L1|QDIVX
zSKe{|0vbKheXL^(sEMau_B~<ckLo@+yx={2#*m8Mezm-Jxl+t-OCZso3oFA3@TmFt
zfr!66HayqX3(JTu<HTrUbN%!(G|>yUv8va)c9jh(RvwsOU^et7M~oWe6?H$;x)+%q
zyb7XNCmbeUY?q3b5$DQGzO0sdK4**h^)xKdA-A7DEIE+=E^cT8cm30>r88ZgR<iJ!
zC8@+vN1JZlk<=__3BF)~^k_kKJz1pk#7lRVZIU^k)MU$`o-o>*MfhA~ZGN2-sFHO$
zdn3g964iGsNgeM*L7Y9Xg4PV<CCSZvU5J$xi0f51pdH<)ycuR=&^53^dIO)Gyrp!D
zaXE=<0~Pa<vvGu<GtPLEozTYOpvpR6`^V5e&&KF=17nuy9>}Av=pVTME@$3A#_My#
zr@Izu0tvH`+~(3`Zi{aTsi@0+3VwjK?6Jm7eFCii8)V2Gn<=X=_2;S@3N>Bo)MUqs
zH4S9?{2XVnQ;bcn%J%=%yojjX_t=+_KG<VE4*%T~j13;xMg58B(d~FGg^yCO(((|s
z%@o$uR3U4VIA;5rzeA48cl0PeD9bq|hGEm%pmt1K4MoEjmAy067UMGYUfT0JSI^AD
zJx1j>A9yxY$qHPUce{;@r}cNqRHlwyV3Hw6Jn1U!VKxS5TMYiSW=(4#hbe-ddRSJ{
z!#aJ&ui6tBC$3#Mb|v#8WP!RDv9-9_<**O@DZ^0-$C<Z*vCmLUoKUq%0e7s^AMSJ#
zG#9EZg7>naI8s}cc}NU6qL$jHnsN{HCryMV*_HNLEHxtp5|~01{=baq6)=UwcOT4T
z`A%8vmAAQ-OmhcM@7ji_6XV;C0#Cn9c&tPedRne8r(#Z6);ll;E}_vKunaImdqMK%
zU7r0kD)QiB#PX=2AkQ=27ld~=F*^{1w^aC*8E#Bl;nlahNU>Z#XlmjmbGVV8@fy9?
zBKkh~jxzB6jU(rT#~Xk$K^C{w@rUT7;gaK)>J2GKvVXc~{q#LZhxFJP6;iO;Q#MP+
zwQYAPkT)#&bCqF;YQ{8M$z3hIJ@NCjYcq^P^~LD0V{Sy7w`6S-uiq;AJc@hb9`}i|
z9v~~~Z3A;@BJdr?@;LM~5k->6zuX?njlQ5sPDA8peXl>y?}Kh<trO?rKkg;mSCdwT
z*>f9qs`Qx-JqRr}3tW3bmgkufkxZJ~N7SEb^(MI~T)w|!zP7_UY!zKPyyE!3Z2qhQ
z^WtksM|-{?lnuDB)#)5MdX#QCxv@T2w{ehi4zxcoP6;o>Dlj&I#zOkYQ6uXn>&XjR
zxul29YD7g0YBB8tYET3I&MQy3s!rJ+98H+`WK7^5A+Y1^+XX*Cf6g&9M{AEjb5gn_
z8q*HrUfWeJ!grFU&eMfY)G93C2Xli)wg>4kBCmEn)MZAHlD*Bk>bJBXImEfRM%*7%
zb_gTnUjrVYLnq9iYc;la*pN7`#V)yVs2slVMQb3>om^%UdoAR(48Dvhoc|-g!2gyX
z<6rsD|6Be7hyTc5S`7xa0p|i-*iyEX!h_XdoR6=u+(}0X?xHU?Y+oZIm+ts|yAGeU
z-E-;WisqcOE<XaTae*4CBl8*mK$%I`BI^xD>$}pDoza)-h-ETO-V8_^?*Kn=Jcw8Y
zZymkVf^_T3NON-FqqKnX;<?)KqB?tMez=F!$i)}4fSO+ZQ}5hZKY~qRa<EBkPI3No
zbjAg=_KepY`x3x*GzB3u>Cl3*68@2vq*XwsS~9F`uHU7adn_Gq@$K#n+Lle0HD857
zl36=sK$ysR_#>@hGC|#n;-)SsBXiu7DUD#o#F~IlC>qa5nkVed<Q?&I&P1p=HzSWn
zmf73K29^fZ4cVSz82}?KZoEUZxF*ZI9yP4K*hQRT#SA5UL6=kCAZH`OOU|kT4FYjh
z52JbTWi=>5-)~a4rzu`e2y~UN7Cr6ct4wB;)ps92okjz;+-TOxfO0ac>yQ!vV;0ih
zlY(2$EY$wH-Cbn@_2r3}S9G^%oOKby2UyU4q?)3tI-TShr3lLAR@h_2$x(-)d7>`H
zqqK%85nWz9-GOO*)d(YPLrz8&VB7O8ZD^pDm3ma73V!r6Uu4d#7e@@YZ363Me(wo-
zLNZU3X9Fy+1cG>6eDgzOMrVhUKpo=9=`u?D7<V#D=a(nS4mF9jyxoB&Arzb#EhM<#
zA9y(Y-s}=<9$QCZ+U&~C{8Nuesq(SdHFWTR0dh>`s)V}61r-pk4qwVplxKEV!jco-
z(jwH_)WgneLn;aY(&DV`FSSSZ)Jw+a?G_Slre0PR-$*`Vz;^#o*f-&;kGZ##?EG}p
zXFdogGd+^@92qT{AF~}c<34dnh9M3&LY#&&ygQn*A7M?<vE*OxKF*@8EwP{|V4<k!
z8>zj{n})2)(&|60*caMg8)-RZ$~xGE8HaJt%)I6HD9%V35Cgn=)dC^chAK^3P}D#a
z#y^T0H+D15uTJIZ;!#?;q!~Tw)s|1Q3CY_fozFzS@}e#AKt9O3%gVtSkD?i&r`E8O
zaWNL4Y++uHam{X16nFjxostn(6zo}$j(#%+c?e^Mr&aUivG&A!zVK52z1U#lM620y
ztUBn$ytKYO%Gk6oDAMs@R*uDX#oqydy!ytU{7gxHM8ahB6%A3WV_&?PYOu#>;O@PT
z@by?OZLP`D#=Tn?o*N%K8#X48Ul(mUF4u+Dw8h@+%tSnLoib8kp6r|IBs&BQn$3D(
zys)}@C?4Vq>Bw3m#*o_=HsYoA4%-hrbn4Rp=v*pvRLzPmUL;8jCPDpUNz$uSyp=9k
zZw#S^mnCBgbtuq9FdY}%n90e*H#@@jK9@#SKH+P}7M75)&~)+SFNzup#o5W))7ca>
zaOXr2fT?Am{qaNCPzfM<_p4W$ic{f2;-RXAS>gvFQZwQk=TYGLd8(rSL$2rcKFw72
z3?wmB_SVOb`!AS#f39)5#~fO=$q&njx_;ClW!LR;@c#{1XLQ5bEC}WODTuwV575bi
zZ06hPLX;BxfX8bMJLL=38rKOda$r$UJdN(b=rc#zl~JqmL;0&6UC<o8Cc)kC5E!dy
zs5;FRvM!M2le9~jsS8Wg7(5mu%i1R7Y24j7R-=)T$l4Rc(1Q7I51?TGbcb)8=QUc5
z_uIy`D%OW|tVQn<Lt(e;FT7=a_1O6Ro!l!tQAMnAOqpgT4g*?$o=tDib^V}MAj(D^
zw<bGX5mVi~6wQN;TGl~p^e}E!6HfMMLFEI<_0`Yxp3lBS0jbGesxQaWJwt4{IQ~YG
zZ2cYIRVu_w@5AoyiSpn|#J{J>njxAJ?R!yY`CDC=WN&Rm1pCNQQHX?2b8<Juo2Ib4
z5bF1u9C`@5W$C)>F~6%`*Y{`%@6yG_H@nA~wzJfqspRk;q~0{(oxf?%2l9oFkrgEW
z>HvevbCZ&pcZbIz!s<f%M}Cq2E&tDd<v;sx`OC=vBR|JCFtB@rP%Bbb9aBaib}bh%
zUGQK*Qa0T!!WNU@tvgm06%c<Ik*WPIh=;<8KOniMMIR-Z8YzSr;hiaiZKB2l51Hed
z-s2EUBAcu?8l_`pGk&b*o2wXlw%y5Y)GybhnL}fnItpCu^p$;_3PAMu1RO|?(V;NZ
z^3{-j8&gPa7xLP%7aORogUq+zS(7yOb>E63MaUz`z5?7E8mN?WF2zmGSSY&r;}n0e
z6XyD-$cN6<S8+zcSG2>E9>#iyprLa!Zf>+&zpkN0y_=K>@5!*~3RCNT6NI!jv!|c>
z?^%cbR=?$!wGvE+n&^(vQndMx{19VQM<1Yc&3mYZn!1m!tpe1J%3>~%Q6mH!slOcL
zHaRU2RP|^gyuysD4h7dRxU-e<XSuNk%l1xPLKbi7u`3@Y{3!jErc@m8Y`42-%hNtQ
zBJZZ-7163XN&TmzqyeslSE_FxYPYnS`}3C$y&6b{;w*w9>LHV7H)YxHfSd-$j@n^$
zBe#6RYR^d>>}6pY1>Bf)5$FuSAz1L;5GBP|*=fBUf)?J%=$*h_BnO%wV(1xY>YpL@
z1e(_7MjBQwKZc*KgCPRD7E_23s~JR9Y&o>>6B}M@B3n!|+%91XBrm(x?_pc0uQ?@H
z$_-xpP8T~jbJWT)az6&{sh(r6F2V2^r`Q@hfV?akOQz4FGe^RlG_pm3NA*G}A@6Lv
z=>hw#N3Jpl8ogv%Wjt5yNFN8f9F_V9&<-LKK~0lYkhAWPjUj0-D1(hH=$=sM!AN@f
z5%ekKx4eGR`4>Haslm{4wt;<HV&i@Or?2y%v0_haCvZ1w=HVfXJb29UoroQ~Z8{tq
zQ4T&?70eC`JY3o`IJf%5n+F06LhIg=1ewV7FX2DLr(A@yC1?W6_3e?={Y{ew*>NN)
zJSJC(u?~J-bs_KAss&7$eGxvVDR9SR<?H*kZjSPFb9>0z=A3)|wfx&NK)<eEXy7e4
z6YWVgf;$MaL52C<$dWa5fDXuMo;~q^9&*`hYS*$7&6?ztM)z<$_8H0<T2Ti+E|hac
zT}004d+zrkDdd5a1e=<weD$Q+=}9C<Md=|;?vC^$vU^0R6Q_d~hNT?c3Nf6XPuKz1
zj-9jt)o#Y6&$ztr61@3)I=L=n8Uuq3@(OmW)h@=sFIKKxV_7>v_h<C08VBCM`)m?2
zzCrz!zM(M(LANlFlyjE<%U{WjCP_GH*mVA>7(^$k*UwSnmB_mbF9x<#P^uP-##}Yk
zv+&^tMkME-&Yx1csQZKSoe`=oo+^!)$ooC<Q)RdH3<(n!i@!4-bP?RSs4TOjfHxEx
z*T~PDjDy_!(JoS_Z@UmEC{{NI<kNU>@qLrn{@g)X>(V9TPF>5~1aB+}^E%Peq_?Cs
zPcSXC*Vr|lrWz;ALJsK5I09X(h1J-G7q(WG!{ngk80}&8z)n)juUGrd5ouhc$)34X
zx-F2k6Rl9XeC)VyIMi0yta+)hRlSJ%9`O+%h!x}5j=3R}Vip{P#y0FaBHgGtUvQ^r
zLj2r%@ayG8oFAC2&KQ*u`zXxgdVor_U|vLP;fZry=k>S3H$x|Ki6htBqnf$2s3u45
z{CKu$3bb)M!#0a#zkBZ;!gjCkXIbnJsa#MdC`cB;d#a~Mq^BXH=bI`*pn+=(*Mu>?
z@AeZr@PAG#cw-Tp6{nqXf~Ui^zonL+&m-e=nXBNRB%gjaGc2mObha$r&(_5k4+ah&
z6EzX8_#pBT8aRq<aJX|(3wVb8@R=%#5o|;*s9;dP_ghXd?qkoGN7rKs9bc(gZ2XgZ
z0XrJ|)V67*8llicI<_4j>);7-4Iyg*2pNh3K()x&j?7ksdon$AS6!~<$apF&&C<nq
zUvVFJ#I8-met=TfyxWLJT<A-$pN?o{GS{9W8a!;PcE8>h2{~7If^2C1kze9}%a8f5
z{HOmdfAz|L<Og1WfpJ7m=!}jW@fWm8M{>_3ldIl!1n)*%yv^B051o6<cFNYu6#HE5
za;H!w9XC&63RO4@d}!xjbZcaBqge(wF~64YE{Qq3YN4h7#dexGbqch`v)oH$YR?}O
zbXcfhiWSYfpq*WM4mlK7feMg;m$(V=CSq08jq+Ze>=&e($f3){hq~IQt5yvV-6Uz2
z8J(F$&EZ09soj_v8WeH{jk1MF!;XjYlZS|$&F}9PccQjx3RO9WcWeZ;7F0k@wb{AX
zl~Z*5uI<o?(lO7BRp7%*PrQVCHq4m{4}KQ#!K`Tgn%*nEJ$Q!qnY-DAJI6(>ct#h2
zX10<zp@?%t*jZbZ8Pt|w53=vv)12WO!ErW`=(H~q@6vjbdLoU@bg1-{y@;WjNc!wp
z!WXrY@o|y%t*e7!2-3_(@94E~0c|^|m|n?fHh9f*OvKR9A|1Y^lWNtlH6#%(1czE@
z)I5QwmsXD5U!UJG)>e8hFUlC2V2s6n0H@AQ2Y}OY;G5ssp@IZ51A^gV*K(|d)fFpK
z%g%vBZKP{ehG%&jVMd%ud&Miuv0MxoHiMZ9yX(W^tZC*TapD6`W2ZJ!oTvR9^re!m
z`JBK)y5rj9UtEO=oV*!Ftf-M~Q?BP?Yv%MEWCxfc0ml&Q=slc|Rr{WzaMGTuRG_bz
z7|a_xZiK8zIh@1|vsKf`4-N&7*uky6f1Bhw`D~bNK64I#W-=$-eKHpD!YilG0JA}R
z77lpMriYSNPa$wD>+aIqz({}ZB?yzYc>Gb|Lc|yJ`ZcL-OZZlL(gs~bg8<QQu7)FI
z6`fV&hVWWz*F@KaS<+P2&a~=;7*L>mHhJpjHajB93sIKi_A^RU(5C}(HZ$~8{uzlo
zxRBT$argT|8m*(ZaO2bq9AbP;3+$WTty8QEkq<vkNRSTvL$}84Gj|+mHrJvZ(h?m6
z)#B7|T38faNiI$z5Bx<2Wc7z&;Ff8-bUm?fMf#~LVRSWd;GVTBk{60z{<o~MJU+3N
zV?9|wdy$o4^-*xSm6Xs<R6ft1Sqn`EoCk7&OKe>Y1-Pu-$&Y(y9I9SyQyPOa6w(b4
z_{#OcU#mHc`c=?Yomy1BRr+N%^qD7iH(b6|k1lmf()&;A!9on2kbPA9UlCkHygMnw
zJv6hpVQiK}+EWWfq)m%=0=F{qCtjAwQ}{*J%7*Pn_^~Sle4#kemL{`bUw7$Y<e#0$
zSK**~OlmxRHLzn+347?DtrvC}D!JfWD4u83kRylkhG-k6V?~!*#^(SHc0q~7Z4jwf
z_MtkLL|S13`=6P~IyQ4?^V(68{*Gr>5Bru=@Ij~AUA1<LxHe<7AfEb4({f83{V=^_
z6SNN*)wtL3KfC(C^ZZ8J8{~ONn>R1Me~HN)5hw|0Z-`+zS^Kl+{z#$a-;_3lQGEpI
zkw-WPxd^qJJM^{~ui62YTK08U`GVUp@-RE*D3%Wr{%HoNfTEX-S==RTocLs;SBJcu
z!TP0Ry#9iJKz^lICeTp$gKIbNl2c<2PSQBmSld*icnP;%wAjd`ci}KpFaU0|C}+bj
zi>27czx-{}X*uItDhFQ2<xlnK;?_nCXU`>E2*wJN!SGhR)ZZ%>Rsm3dGlf}!i&CZ!
zc}1q!9$_XAEXIMfVOlV?3J~e3D~ul5dh6&W>-#kWS35P7Ufbn-xe0I=Z_vx!-H*>>
zCLO-_5&a)HLsFAFf7dd*e!s(Sb3~nDiKf4?mGp;&FJ?5t@Z_P$9l!av?uxus*GrW6
z6;{J((QwHq@vf!+|J^YDkzeM2%a8T1{3rh{e`EB2<W~lPf&G7IUKO%t-xiVi7EiWp
znbSfO*1w9%mEpO+ddLF3<s8;xtGV&Y-x*KE*Zyx)=@wjEaa9RmvlZ4qpV8Qe`et>R
z<=;pOkTXA+RySPUwCZ&rtKZ@EP32$l>ru0(d1F|OlBQ$-F;1~7_jAy6fFaLMvzQCj
zW>Kg$_c#6nZ<^3Co+tn<we?wamvu;%Xpnft&J&&2*Z2$L4l-OGhI0@;@PK)@@KDx3
zyo)HBsBKn46fbbEY$&lB@JFg%`x&qOdvb0KRh06klK{wfjQ_I<9J*=i5}U7uuR=L@
zlVRW$IDW5xPA8-S8SQ&i_1r)DAa+7v=n3B2Cd;4XPjdJN{cNpY(u7UjTE|tZ49@Ol
zaV-n=1W&iFX2W7s@b&5*iCm55Q6GYhX_4SZzXk~!*S<ri;yoEm##nJvv&1^4l0R!2
z&ij3!vr^@ZgE396wBI5as#svpmBip|`vkZD&=D<5(;J4H8q<-6Woeo92+(lu>k^U0
zAu31WgMUN6El2%aJR1mEHM37W1b1~9I5^}kG}q8ky(38rKO~ujOLy#E4zQ|fK*IBN
zMqlFAt&1FAmz`o|tTu50|GzB&1|l7^yd#pN1@wYq$m1T7IiWQN+dQv!4EhsMiwAYa
zdk24Q^CR2Nu#tUvr%RkhMY_*8QTZ^`lfUEv@i;DXc2I-Ljf`wVTl{**4U5=kV=anY
zAXS6+P6y<Wf1l8~`y!D=K#E1XEuKb&^#FBSCw%cu-;9+Ikd^WGg7g;gdxys1#13Kl
zG)k}TS9>zc;0dPrxUz|auD}K8>%K8B=<)cP1MTbE3kcZ>&P$TBS}*+|<G@+_hdjF)
zzAviNgI{yFLbIHAQWs^iROUo0t2UA}^z&eZF0}AHB#etYw^G$8y{C)k!pK#ng?F?r
zXymWUsYO-b3+Q^zdrh7Hyc$_AKs*&rCPBC{E@@}!Hopivn-e_b*P~sl>;lzfek_G<
z6Q)l4d`fRGegZ$<G__}%Z;iW%@1;bYIcl0U$Q#;9r}(+jF>o5}>G!Ug8tdM1wt-vR
zbPbW{Og@he`3fxQhD!%YE$u)<DS-)9R(bB#<Y^DD>`zyTeMp)qip7NA&Ra;-J25CR
zT(ILf$Zn*nTEX0iZlp;CTlQH9xT2swV`e9h5wyD?we$i<oP{+>E=1z&Xl;381KeGm
z#fNC?ByyWvRjAx+)FxbB3^~rw)&=ob>4BY=Uuhf>V(9N&!hjrj{S8?|m!f*Dg&#{}
zM<TV@3S|wZQfnB}N8wZOWGZ7nObnE=qAFt*;@fm`x~B6`xjoCa-GaLQ;QaC_Qt#Ih
z?);{wK}7=y?1YP@6UKiCm-V532OfGF)ZwLb$frKBZ8PONa+On6*rTr;ieF@u&?}#=
z?H;mLwuy>}8oI#RGe-D31?+2R#x&Vg6fh#TY@;UrvJkC2v6k=O9VS8I0;0`K;`?)9
z?itOF<XDO7!5U*Y4CDKfQQkj`{qanb>)aFtIy{cms@ClEKewW48X>2q4k6{d-X{-N
zjuF{#wkz)QPs&NWP2|ISFZhi{^lPL5B@$ZMmXks(iHK`j<u1Rth~B8>XeFy9Cf7I=
zPB*HUii|F{Fomv2>=sV#BWIhEv8E=-<X|ZF`Mk@T%3QXjyNdZ%2<@yBWuLl6hJOCz
zapmn8-b(;7;v@RyPj_@1ieF*=OdR}{%(voXcvh`U91j~xocL~9ksFAXdtD-D{Kpf8
zAd0v1cU4uq+n%FtrLn}<cD7U3;knF6XXj9(ZXBkLl>rbfgA~z(r^QWB`R^I7&@DF#
z`1v8_3@uORT;;V;6Y=ADJ(>j64vvPaQ2)v3Wb|X&^6_&<o#R@e?mm)W`DR$jBl&|v
zlS}M>XLuF<xBS@u%76Ud^0y2Azw)1efu;0Hq4VwJO~|S0^9tzeH>b6V7JK+%(%!UZ
z^z~7o>^a~_Ttt7ayPnYJ*6+kkXIZSOCLs%ddY=}MIM~U7=1J>mNbBp|sfpyGx~c<t
zZ$N)w)^kLqYz&5!qjEZgOz0#U>nmiu%0Z2j<Sf%n(Icfx<E7JCL}ttgyrwX;3aofK
z<8SGlPKc4b8PO-!P>DJpQ{9s-GonCL#)*y{#BOk>evlQ#j{n>^H%u?dmG?}R@`7GK
zDPt)gG2Gv>JZ)Ok&@uu$;}G{rA7s3&=u@ezP2^x2yocbk%VpzAm|#;jL~DvYft(nj
zV^77T^)Y$qG^aJ;ue6Vt%N&=I?DdJ#S{S>e8k^8JtPr|S6LKbXM&I`t;=URZ@T%?-
zV@;QqyjG%gvq85)cZ*$$9pfg)GD<0{d|c=V`4CCZ)K{;8Z?h$4R5Q4@xa#^kdLv};
z9j~y@U2nI0|Axc4qTiYA2^%PW9z0Y_d`hMQe`IETYfyWOr?O$ZP2jV%EPePf<}%H?
zsfWkJ4J+-S&#v8`+R&cVJgk=OTbHVeGKpcbCatd$fujC464i(}{`J(sfQmDiXLSEn
zX_#^>_-km(bDZ~GP2PleM{iP`Dq;=iNQ^Lf4>hy={owSfFtd@Y8wNbb2B05KoHTCd
zk=cjYp_!Wt!o>pV+++*^<n?WVlDKBNrDiEh@_vyYLFu;F_*(1Qw;GXkB{w|LQzTou
zjAUZfKNz%FZis*=5Fhcj{<97<+0xj9mS?=s1$!|tdB!*|^j+nWhKVrp9f2vSY8f|P
zgIM3i=pH1!zx6VknNNx3hV8W~^wNbcauU|$7k;g&7W5W5Zku(HxfzNh`+Mi{RJ=bt
zQqPCC0wuB+_}1yk)?i}$+nXGo1FwbFUVHcXH(r{NseNqG@Pmdw&aT$3r$l%dju}B$
zOi*DbCePI+1uI@x<b5iAGl^A5NOs@f2KrilZ$jz!G`d#iT7}QO-PZ~tQF5s8J&b80
zzG3pwSnN$wZ|F0RD;uLHCs^W-pez7iczc*9`8B~)CbLiSt4!LNfvwc(jzkzv=-@SF
zMMZG7_hLd`J?@)1oKN0D9mSfTC$tx1nwQ+W3Mb1sndkb*9Mny!D{XD~c=lC$(yu*x
z;pDOje(&^F>AjVqq-k#yU|w!CY;5{=&#|JJAYhkl2yuH0`!swCPs~HX%EQmC-lXld
z7PG?|^~8yX`vJJ`eQH9$7KCKJ7ByxwDI7#Fvmu7zPN-T^WeVNZszP^3aTaxImpIdB
zh?VA^kTw-MA9P2A1?t`RaQ!g~aqDDuL$*A&cy;zW(+9EzNh-N)_acFH*C*n&fqohP
zUdTa!`es2gz~EU_7fB6<uOMa+C^EY&RB;jGl0(k>B-t|0b;yUxalHKpDY{_`!!k<l
zgzSZ)HO!@OFjI+hX9`K3@~Q{vOK@?h`kM&6;)x+tEBP5{WMsGB4?<ajw3t6pRaseF
zS(1hR$|{Gm_(jQPXUCdFhbM<|R`6KwE+h@Tj;@rb)K5ZTp=`M{=gL0#xVW{9cfZuk
z+%K&hvbcv*Gg4*d>BGV*Q?5TXLUG*imeUwuQFyMDsf2jvYd^<x%y4JIA_p%IocqZl
zn5fd~wNQDc6kJd1qO9`PR^U`#j=r@A=^fn~H+(caV4&?lKB>^4>{60dS~YDPd{IbN
zN<pb;RDxt)o+h4oqGaS$ca>UdtyrOCaz}oL`pj6`914^!%_y~gomY$;*ZyrWC*vgl
zQ085@#xmP+Y<HLME(fnnJeOyT-$e5(C#;zASi~v(N)E7Q?R<P+T6SFUoZgXND4`lZ
ztHd&7xFv6%@hamiay$f=iSW`b#SRx0gu?XvnWaT>3#a*KrLV>2K!i6j)bW`u+bWcU
z9v*jEECaJ9e(*tH7Hl{$tQyjili(x=s)Mx}<)1#k%Kw%h=U@4c{#*W@hyTd`BjxkX
zEZFp?TRA!|i%<x@{(7u9@Z^S3hsj&gL3NuD&2W`|CtGa;c6>Jfz8jtSYSAEf(Ji}2
z;@59Fe)2gNMm!m@dxOC3YPfP!7|};@`fu}p;I}F+Wfsr%u4XWu{dx2NDbRJBA;F?>
zKlh^pQMM8+rzQd%K41GQZ7|hVTC8!z>zysiDuN5p>vD1^ILPQ3&}*{=?FyL{oGgkk
zK7@c85gb}gRF0r18da{y){NHZm#NFP2#Y{31z)@Qiyd6%Pu(Ur(7gw_8DhWt&K7o6
zPmOO87O@+6`JEe5Hp(;qV`$UF6-ft8MC&IMFgDsSI)bFvzM4@gh(-7K7s{}h!6Hth
zAFi%y3c}uSq=migw$D}RIA@o9;zw5;j<?~<hZJDgp{jegzxl)Ff_q(kNj~vCQuu?Q
zVc0?Vk>}$BW0+y-#m8irPbwM7E>hL)pzoeS?-k!Tly3~?V_@4SCDE*8f9?sl0IF*t
z@FRBlRH;BY^+TZ*e3<1$G4bQLfs*gzbr4Wiviq?;$G~;uv+olXYT$hNF{bYm;xxWC
z@T=}*LXm3Ly+LrV)Zn;%ha*%bPI1F*&(Q&rJuia-#BCB-x4yKs%Q={FQ+c4`$knp5
zntHD9lGrx9wzJ<tzBbCKlRQJwT5|r^<G9B?BdY}CMA;aAq+$CsV=fc6;{tH_RxWU1
z@^RjwTFgy9`nh17y~_h1@Ui>=Jz7<PuhTy7qd#G>k*u)rOqZy3=w(m%;vBgCKzZ9K
z=OeMF{nF`pCvee*?#_3=e4h+(wsH%kS?H`%$(wx9=<=|c2Q+X7j*#E1vpnVGpKXn6
zpIJDqI82PSOp~dS4%WXIRJqkG7}P9ef3Te-IMpoB)GTDyEPPpL+?L&H=y;tewAfh4
z@~rSWqpR`)xLh<`D6*ltcU>(%+_j>)XX_k#Ip;hO!*l>H+tiH%g2G`sHXJLwfC729
zHhV9h2cIAAkA-N>FfVXYhzyuo#h6KIxbnWA%}C{x<w*>r>(P-{_y&Cj%!EGc#ocPO
zZJYWEGCQcRd0Bc==K#@x=ti7q*)b9jF1}yL=`1o@n%zsMB34>gtPJ0+##vM3F)YmI
z)Qe)Uuvnx%6pWi02596um*ySU#(!o)G0{j&v2C(PStiZLY?N&ttoAqavWt(WN}mzH
zb=YrV;m)boT&+KX(s2pe&)-X8ypX+WW#Z1)x;d}j0?|*{HeILW>?tK)7Mq>0Dn7$k
zaRF_{Pn>VwxpZ9KLDy<y*Doo1S1EgZ21y_0HloWbq4(>;9v{lnsd2Okj&EM#&B5sB
z1%WT7TU`?OiuS&7S`u1lcH?|?V`0tLs$~6Z+hnB$Qc6w&=>d&o$1A;7l=N21)<i}!
zOO>8vRxVz3^-^!%5y|@bI0v;3OA#7>6m@g=+V(r4x_G_6yo#*aTXUctsMwVipR68R
zJE2vroZOd&Y;0UqA-{sZgDKBW+%hR2B3?t4=)ZsW37|ZWz7{P(emC{0r^Hl2pej27
zQtF}26y?*4C&I)74V5{|@zR(8DaeJzjCzsPL6q3@Fcu~DdYRP-9|wXw%Dk38Smn@q
zMf8Z387z@m<r902^_Y}7+G*OQ*HG8-)~!WE_cfLGH5C?FEz3#+JAmty9An>^X2-X>
zZU2_y@&4p3wuY|jrA|affDKL+ip4c9!`dpgO(?~TLJ%#}*jltLFU6ICBQNFL%D0Ux
z#g>6CDxS5~V3(eQH3?u+db3qwmt^^F5?rSYw6$heWr4|t%~p&AK5co<k!by-RgwlC
z01uSwE(0&WG4TQ507^}PlE8vex5wm5y5sxHsx5$W_~qWEk(217#A8@1lP8O(aswOy
z7NA(sJGW&%$LUGzDcAtL5O|`rV(Znc(*VmBfUWdmYtSt3^qnm*U1`wPqFLEVzy065
zJsSU8e%ycMKm2d`2h08=KVKFYn0`A~dP}XK6N7_M(J|IJYu(<tZFH)(*_IAd+d1?@
z>e3v|s*Ukn#}+tK*)&j#sq7pUF_mSShud;qESi3zJT_}9_A;b3`@<$j^-=LL{unn4
zexj6jtK~Aoo#68_2K|Ajsx<3~L2asde}?|CT~UVOZ|QBHwXE%1NB0u)Olp(jG|)#q
z&kW{ygn}#wQ)cQhrb+Bgd)iKh6R6ZAGaMv*m*LRglDjV+Cx5fn4L=LPw&k<<g7Ek&
zYH$4bJoRi1nuZYi$CTj@J7G|YY4<K1q!eT<JOmtBx+Q%|#y27;6saGq90wT=APy5d
zmVVzY9?yw~>5p@7m5<puE+#InJ7t$S)wR01RX+x9gy=5@Zrpf?16M-aND&7VZW1Zo
zK-ZsAyWTqBWLIMA;PaO<?I`7fcvIizZ>-z7EH}Me@fZ7EZr-a?qj!n*VDW*2-7379
z_<>fvA|E#rh8RnPDyT^Pn~^g`m>BVWBxLnsR+KZhLGFS{$~NU}#!I(_?utp;(UYH1
z>Kz^HS$nfwhq!9A9r5d-d-I6ykk#BGMtQt#7PoAe;SCTK+wFCCi7csf_1H_}Pl9d1
zJSkmrT5f@=q^iThz7i!0Vf=|21?YB48i^`jOX$(a{FEURe+LvxQO1Xq)fQ6|Wx=R!
z5p|AK)`rU^D(;~|D_JLMk|?<;>%@xfsXhtoE6bswiq9S#JH#rX$qV<Hl%`OU#g)XB
z=8IJxm$niGn&)GMCX|Mn6DgD!m!^tUXq2cBMVjX=htwZq-$jZQaTX&GNjWKG3c1gz
zJE3DLA<hXJDs?E)#fsl4dkGt}@WcO5pCw=sdz|~hA{0=TV_rN|8dSDLl#W#*5_W1{
zk40l&Tw`87R5DO@MU<RYOcu6kUYkaJT})vfHdL0YTt8G)Sa$S(XuHeUIFbNN*iIbV
zF*7qWGt-!vnVI64*^b#BQ_MV$nVFfHnHghdj(y&}+aD|4t-kN1lS-rNp6TxSQF>I}
zUG)}8XIim2@UwM88a+%&vvmbk-a+Zpj#Ir5JyP(zalIy*lFS^6k}AE*D1aF~*BIb%
zSNg1$ph!C}eHE;oyAT#<-LB0jUHtLKsmeJ@$9H7v)$GvC=3MLb64ZF-<(1^m)LX?o
z>NU>L(dT^Y4OCU3=7p7{@YO@b%v@CQ(beW0Ty#~{DCeb=<TBMP#9Ul-)-l-U_+1p{
zR1xREm1OvpWBN3X!#!!NTbmPly=&qt;d{@^YI({KzI_|R0iQLl!`cEZf)<I|Ale}u
zZeRDK-meGV3G83JE@ULz8QXgsG=mQJ417*21@7&SO=Rt(y#;>eZ!L>KmqU_;v?+d(
z79}qVeiCuoyU_cI2p6!;M37^|@cOy48*=Fr)Ycc>AGnubsr*ccwceWnm-P=~&ph#`
zTPGqlxfi@~ncnM);>M-C!;%JwaroZ+Qm(gmB+J7O{38hNx`c7D9UWx6kI%8EM<)t3
z@%BU`(e7(RAA1QUT`%D&mZv#`Oer@N6EZKGjL1lR1Y=LPaOG=q?Y|7mcT{va*xQ%!
zK0+FPi~u8D$b5qUh{qnB`Q+-E4m1r#y2N51lCW-wnFmA+0Wf2w7)X>DNK|wI1ubEK
z)-YKo<kW2vmRT{=q=+F~%vf#)k{eyXL2KCSDM?M2m}z#zkmOuvyFCjrOD0n43nNL*
zlGq+5W-K`aiHsf~sX45#DXi@K%Sa^yOK0;?nRBexK1uD0n0ZvhkTz!Q9RmrjE`XyY
z%+?Wk`QwE1Vy5X4L#~*y_zWbxdH@V$lF{PAGEzXpYed+oEAsL#NzI~|X;#FLFJ^2Y
z14*bZ0HHMu&jFeHn8a~SY%eHcNUE_i!!efojKpa`?4T@Sj2kochJgfA55UkIrt6B_
zyhGynaS=>n#~(=C;{5wPonb>Rn6bDFB%FGHZ_QzAA3r%Eahw#}>xdWv$BYeSAc@ff
zfSSViT#!8uNUlFFk{>Zdiy6DfKvMn9z~cr38+?Prq^fZU>-Dcbzy5#APw=<=hyRv;
z+~6Pii$6wn(zAqok8KtYTO$S#Ad@g=fOcLXtDM%^($&FxmOc@XkAz+4gj>?2MPTH#
z9})3{PvoRy5kUflcc7Rx;kwuM1DdE9!bf+2O*9qZCp#fc)ZfBaccPnU&%<AK{69ui
zg%7&QA96k~2{a%I8rIybdtc>0qBK!aj`$-*0ZgU<tjM1TrseCvE5p!Yw@~rLBuqbV
z0`0re^u#o(0B%?OOU3~yVBI^M)wm+3c&-R(W|Ch+l2l)0WeUg_KjwGUt7==*M<p#x
z!&M$Jk5{mM{bTrz1biH--Z{F<t-vKl^0gZoTW~2<5}4%9W=WiO1K4!d=3!c&grDBA
zzN&lFE=m%TDI%Xi*+uU3V+d76`UPRtomSz&R_wu^Wo}tuZq-mw2S%^xbkNE+R}Q5g
za6|C1J`PMkKKcSoV2=+svFaFFZNGQ5qAf~#KSs5hE$V7NLbb{%N~>US6RQq|c^LLb
zC{R!HrZp%f)SVIONCLSz>d^zUZ~Va`%U@!=x4knw(Ku0)ej%*hI8&36BP=SbhB?!x
zASK))i$0?;cntIA>J%2j)1s|s-Q86J@$fX2crV`KPY^-SG6W{;p^smU+sDAlkEGXG
zotyki{#*Z!Da7YqFs!iMXDBS$PF;SqkZuL85s5BIEQnkqxX54!t^>+0K+2bRVwi$1
z)myMxL!Pl8sZ6luy?D1!H--YQaIl8NbOHTG_(@&LnvkQ!km_BPN3`laG@9@>hV*5D
zcSqbDJrqlDI)=2ifoDe&u00G(@Lq<Dr-6Tt)DU`zx!@$WsPF=Jk4)rysJY-Rw&*ef
zZ;l)oddQpLG`47T15b|pzV*;I!MklStOdRtMG^Fny2B}KQS${JUVhf^p>>C^zJ%mu
z+eP;v*H6{hR`X!j&s^MM_n?16uN*(QY<acOk6Ao~cNg6V<2;aaSK0WOPJ7S>VLz;M
zwa^A{Kiavi^2qF)k+ntnMD3fFwQcdl?F%y4!h9n4O*Poocw+a>+}z@PqBpu+eT`;%
z(({ekJVbmHeG3yjP<T{%ixfO$e3W?ub{<r}!nY6|wql7`ieM5D2Wvb6#FV5|G1LHd
zN)mIZcVe_xQAecDK;N8BEaHLiaN}4_x}>mt<KRcNQ)I7xfocOhB&dF32TeR=iGF4W
z-3%nkergBp3}lObZU_C*!hJViR9)UY{Do*siF%V2hqEA8W#0VEg$YZGdZ!hSvjA76
z);zt13QLW8n-!O{5LcDf{Pl%%OSgKj6`wQzdquB2{soYwLcPU`(^>GnvR8ilf^j`(
zOF7hVPfZvdO~mj{P0*`IQbN9|)l)tl>F9`KO<Nfe?TB<uO&Lk)h;>a%8L`cX_BE}R
z&O)rq{$dTNj1hMzL=(rv3P>)(kxXwYvn<_^WM``L6lF`fIx4v=?3$3d*H}|~8jxRl
zO3^w>P*ZqH?lpR0M!2kTAOB|`j9U>QPH?E(G3-?dA+dK)!LbRCSYkxUu?~-PaKyo}
zErW=1M9Q%yGEQYr6`Q_r__re{gV8Suc2A^Pk|C*ch}^MQmm-<Bla|3Rv2!@lF;SO(
zaj4!gQ<sr*D9SN@jjr({n>2lm!EGqhF?o&tVW{0PYmE_cDDe6xA6?8)?sW<ugThe!
zbpjv#<WTK(1|K8iP{egy8(rm4>2+EggZ)tYby6Gs#Zc=tsEv_u$l|*BBN=8y<GMaF
z(Y|fV%rPW`+G2RwF*<{ma75y|+M6T`XA>tgiebP_Tq8Gqdi}`gmdz8pJ?bJ#K-?fV
z>nU@2{?y!+(<_C4T;JUO#;Z1FdGgdAfe9)taEx%Q`vB=i!l{UR49{Mki83vIY}h=3
zyFbHPJbiZT_W_(!0rzNz-30St+Ra$jIK+X7Q*86nYrn2B1AB6+&A7{fr&D0_^qT26
zj>Z(;vCM;SPBG1kYk$da{NM5u{w@E(zvZ7r{YU<&H83!Xb56t*sBzH)qnj{~F+O{J
zHpX;~@sk6&n+lIjZ%Y9d!gPhP!UNWu=BFNSs}2^EaZU`)v7MwUHkn4g1+kMjm*o~?
zz4{8R#d6#QxsxQ9)fSWW`g5&^a;OE-li0f@Ph<Xikk({5=7P*g;@t|ceq+gyHGQ>b
z!FK(AY36=KV6{qawZ=|o`IGA}{6U0|L<J<?3jE1v`_L8W(;!z8-s;Rgd22s&%G&r<
z>eB>Q8s7TM0g$0W9p!TT8I>21e?GdQaC!C&`(D;7i9cOE%St@ST-@uDDw-hSfVU7h
zgSCkmQG>M^1JvH3<zhGnR&JB^PtE3(Tf$l}?c4>_8aH7fVD@V=V=yS0cFH=O!1R}w
zqBT}1t+g;DMPM}vBkv?7NsNyEIFM`pb_98I;_pcWTbMds2D$;!o~GT7o}MC%#|f}K
z<DznLnq%2`c$>6dMOx%H&p@)t@Sx`Y0ly^XmGo!s#AEq&h4pFSm)k%L)5~X#)nfK6
z?Fk$?qQ1bs19fkoxwVix2PfVI%5lAm7=B>+-If>wGK^I0r#!z_Pg4T7hIGp64J*)q
zXQKzkN&A7_VJ1z5lQ{Y$cP{WEBX;60ZQ}W3o_S~`2QBzX`N*rK0@xXJ9>0UY3aYdh
z$`mN5E;JCa{6J!L|6s!B;K^NJtL+Qpr-0<0e4*Wa509xR<bki3Sj^&ZlDi-W#L2<C
zW$$-CssUd-qxbjd%J<B#Cw)_bxSa3t%&d|eadM`tPx#_Ql#UpKDOw>pT4Is1g31|X
z{>(Gs(e@@LyMoy0t#5(uj}Oz|@dmm#Nw-3$_um^V9|cy7bnzmtUV4i(v6e%7`8QY)
zL)}z`4zAYr@fl-X<^TiCsaz6hEYX-tHl;=ie^!1cUl>!`-#M(+eJ<xx|A}rJtm#nh
zuI^1cCv8YxhoTi;PNuGW!b+Q(xF&6sU#F~9T+XJhO`C~sp8sxIclPqzz0`X|@gNJ>
za`P^5UIK<*wDYQWyKeoBwNV9b<8GMB8*TT};U>>xh3|!dpwyj4pnq@G4=d5&-A7kF
zo5o-IQ9<l5#<=$Gxf3aKlzC#um?r&aejt*%znXtSopM_Ayjc`6xXnnK2nR+t2@$VN
zx3)0CLWqn1S{W@aME{aI2lR1`nJpvR)|oq*^De#z=h3j&r9RUSzsZ+gL~kO(&%KX|
z0(j!nX@^__X}OJscz!ii03<*-67pwOF}_#=^YBO#*fNyu9IUe3FuyR8H=~h_Xv^sp
z{if`}>D?;DKjCjd<WpI{CpAU>1iuB4UlZxlRa^YB_$sr5eT?1x5!c``P*VrG0!h&Y
zQjV}Dn_Z1P(3w5)jq>YgGEZ_$3aHOJ^*II2-{C!Em>PJ=drj0p4#Df!4uCj^;5|n(
zSO|59VTVL)qd3RXLFEtTx8_E;?b{pQ8|Kqz)8p-K4z3Q2Rx|Hd8+u=wADkLyb^3II
z&aRU#lMGwi^V{;52<)-#u^Se3`gMZOZqy&tEneE|+v=A-T`X>doc`kM!R?NIVmh-J
zjDi#wb?vdVWiu&^JP;@2wQy$RsY%DOpsdotvRJGc#Ine$){IX#aIjinZoPa~PjK;n
zs0v-$eHv(dXf)(#`Jt|RTt#u7v`=Vj^b?bh;XyJmgM#-w%fG)ElZZA&c*diC#it&}
zAah`6%`D#EtV=&WmAf+_C4GOu$+x?sYwMc)1%-_xDJs9!wn5m3KN}>eP)0c&f1LGu
z_;$||hCd%9tx#S#J$wB7mWjU|Bs^JUF~fSI<=jb7VKHA@9e9ewI~HA)dy2(7Azu}L
zipD!WQB`}2$2-YT74gv#9IL1*J;iCA_*RvEnnb}S$A_%Y&w8cXhQ!!Ud!^k6<a{6D
zfLEL58fUY-wF~B|OG5{W2^rJjkR)TUkAI!;vC^t?N1ksRLcK9z{!4!I|CXQVZ~6EC
zE&tNsKk{c^fr0%Z!axNIJ5+7S(7}|LK>tWngncs7qZ6L`D#OIqi}Lx57-dJq;^^~L
zHdN9VE*@?&(@%6rDBD<aU!^palhER3_~Em*-OIs-zqc&}?A4W|2Z&osFT~XcsX8Z%
zS}*v!1hJLjo`jfq65)O|I)&oEnyEFi#WL+f<|AO){;Cg|y3Er+P*X*3OB+<HXNzf?
z`&4kscI}8#$RJlM?_#x3OfViy{%XiThq^A87_%te7kBxcAbO0s@Fqi2KN7Q-Ki|X3
zG&<3p+%$UL!(}S=oedI^B@1H+4+<-=%La}k#NTR+&0P2w^I!_1@Bs2IRUd0KZXwYe
zmyIq!etrHFVVD_s>#r&w^n)o9NrgCYcaj+P`GyoJTK|=8Pe{QR!!d`k^K0`|mO;o`
ziiut@-_dNPsQ&E<Co$pk{i<bY=R7&<Z)G5-gkGF)o(us9>VXRfTK|(1P88dW6e;3$
zn>LXYBV$dIeV2qMc3!faCq%41@xW&jWb50AYCM$K=wZo0v;nnUo;>DnIBrUe60>7@
zR$NwT@oeK!4&NaUplg{{sQ}uTl;xdWkGEes`i^dKSQ8pcE6u)pbC5*UaPj0^xDN2Q
zZSK^~Y#-qdh<9!dEbBIWH3)7KM3CsBWEz@8<`fYjT|Ev84ZZvs6q<Z_NqkWb4w-En
zS5MzFz+sKUE^K7Jf&ZE51t*$=&`S14UrHc-sOkWW3H@H5>?s2p+d1yXw06g^w<(zA
z9;Ty!Q$vB<fu&A3aicOpg!rKY+M$C^<1d1Uow55Gar+t{pYi*PKlc~o_7{yzJ7G_l
zTQ)=Cv9=9*#Ul?1mICo8(V~eer4THBj^>5Z4oS;41)h>1tPNsiA+dtp2Bi@DfNz=p
zRP0MN`vII-=TKaJouEPRy5yHyY7+Fp<3G6<biRFg1G~+X9b?ZFFxU=!+j?&o6hc4r
znmXq|Ah$dd*!$yv7sNcB5}nmNu@vI-+Wb2bZ%tb3ZIxC^esRmK@_N1gK+OJL!QIW<
zLiajYsN-iWBibG;`*kqSlL+FIh*ZavOvjW&#}tu)WgKJO5GKua@TWak@L^2ISVlMs
z11ymaCWfb;$3580LRVWMcshOMSIDgQ-g=@5IE)~T)PQ^oEiHZZphWY;%VV6XgEIP)
zu-9Tv+%8{J(kqq1s#IHnm*8?kn<a{dz%x->d18dcCH(ua_Aao!Z4AVnY(8p*{#nui
zZY|F_0es`wa8vrouIRGf>z`$#*Kx0D`=nYi`;=N)=tRpu(8-p6qLVC#`N-EW)5_LB
z(~7eMBoZy7<hGEmR$Y?~o?PJ<(=Uoj4IDw^73+J-NgQ|UkH&(2>!<HoSCTXj;0j&W
zbN)0f<3t$d+#r%535220qWUp?$Yx=56!rP1&3Era<P+^7F1)t@0qFWZP#8~$iC&CZ
ze~Z9qhzod#E~Lw-zYA#+>d62d=7O9i^5Gk*I@$?F8P@`RZ0+~C60!w5E$XsPqx|Y`
zgCmCgpu~Pp657zaFZ^G)j&U(hu+~$3JbsJy{wi21RZ@UInb+UrE6N>g&K;qxj=uA(
z_T9bvB(eU}-vd?{E4q9I>qf`8>;h(j6->Mbkb-by^s!2VToo)rH+9pO#;MLG8{ksB
zNOfglPsg4Gx0dgz9Jv;^I>dBQsCK=n6LR@g*c4x!%aZp;Z*`Ka(;QZE!30){L+Ijs
zD8!a|`1uqwE@}xSE^1jhPOeP~FPw+Mh0OX1dw71slx)#GKHmFGPMBpOJ#G)zo<<^P
zpjZmSIDXhy$+Vf;w7J-{*|KJht!CM|W*M$#N492-u4c`)W({wUU;{~nkAavV1}R1%
zEEHu2`s-CtkUNP8A2acU5G+_rt?tiCFr43XT~BFYH*{By&IW!wL(+Ud%zHKYj%}`r
zV}f|H&N70@-8ZcdZpj88as>Zgf!+SU<tP4I{=I+8zv1<d{G<e6U~)de))tA;5ILcr
zF)(jv#6e;4ehxd<RB)zhS}yAG^M>=9thtclUE21C1s+fvnTT7teeTQ>uQ~d~i!|!(
z!i>DbDYgJ?mB?c8I_B||XacwP>h2{=TNVynoyhV5jyqKc@`M8CeI;d&sKWu+-TbQ&
zce_3uds%0%1BHX{PC?u=cxKTYgDEEC4hN2`1G+|U)^Fw&Y#OPh<Ln2}HwhjCd=~ml
zjHw!9HV5!GNgji376Mgy`}N*QMyW|=%Skn#%iz?-Y2y=@M~t7!ztff`j*ooXuX5CG
zE?ZM4psh@t9I;2Qg3%5xn=J29M=mW=8>6Y9Go#H9P_2Sdnw)dG6Cqa)Ppm~q3t>_C
zWve2wa7R8+chE-85-K@HL%#uEE1iCxu9hGQsc4QRdDH38XIzaHzz548L9~Rr8}8o(
zDg+e{VKW;9Jj!<jtsO@?VE1H{L8s1v?IC)MXT@@(^+&#QC3Kg)lO>S9DMmkvdh8&g
zhY6~Zy(xx2ikj^ps(oyHd=vF3>av5#KBj4kz+Nt73JV`b?@Zb-rP43faLIrCggf`l
zit*==?vb#1mKPQ~hyp21pocl^yDWgKfMlFC_JCXJ2AJo8z9TiiX`a=Ry~+k76Uf@A
z`z6kI>HWO{^WDMEd)4g{&Y`Ff><&#B<NhZ<`ZDW}Q*6omNYQ&Z5--Sje$gS2!!YP-
z2y`_J$~K++VmcXQ+4%T#sNGXVgHX3!Wa1=R(_&0T5aPHn@|n8OmuBrj+p`Pm0$xo0
zdIPo%_xB#RC7PnbLNTSx@$g1tDqHI$s4AHOH>`K}<Gl$vB5MA}3l5X^VuI|(Mc$)K
zRmVi-e03|el#yR7#dI{fW*XdT-x4+UH6Z2>OTuUhq)S>#Vy$!1iq%V^p2b}hGgU3-
zMeme-=E2w{;gv+^zq2bxshiBZvn$D|tEkqcRhXA7TUVr2VifgThiexY&sAFIe>~PN
zjk2y?DQPIpv~FA}y)O+suHq?)E{#7fYbif3hB}V*yk7Ll@>_p+vVSR%AaZ=8@T~F-
zXYQQJYN^DRAh9{;zU$T-(m!O#e0X?#wLhQr@C!u*1!8Ww2&Vl0-ryZhaP-Iflh@v>
zF~nrI(=M`@gN}!Oti~?8huy|kA2pp@&-DzKdIfX~`m^2ui>Ic&x0ju=HXqFlmllPj
z96uFlu2Ofx#A`o;4D@zH*yC#`h}~`p2$#2}xmVTh$15e_1OWz@;@7v9>CJ=!&9rx6
ztCwQq0bgAvYad;dS2?LG2ZuW^uXg8<&I5@zL*Jlo?8vMq=7nTHlHNyZ?)5n|-NdXW
zWH%F5)UpEGSO`SQ`zz#$A*{I&)E3sxVd34u`z+6cpjz^~#j(OfKwBnhwPK{}H38M>
z-e;_n9i{uNvRWpL5D&IN%L_hI2R7Wmv+6OAfdkXAHZGlkbK@6+)|jUe@LLMF+<jDA
zL9<C}^NzlIT8xM@&b23avI+LX)Tp&UyN?0arjBEs&Ew!lt0^faH$>-r*$fOZp=Xb4
z9_Lyjps%ap9*(w!TPe*~s(kbfvsX;Eg@p!mBVDY9yrh$1XR>^#4XjRw9%iVIUu+fj
zP^<aF6?*PXuORppn$W%~X(PIVR!VX^JVg#U+ip>wF^O*DJbi3Ar%0>Tb>9a(l3F*Q
zS2vG+s@63wBF=oDc@CdepFM5uFLNyJ9mhzTIio5em<(hHS@;cTy%3nZDx$P1`6u;b
z&fxFOZS92%MpTveus<*F;f`ER(L!DR*t74nkW1R0>iXk)d4U&%3}w_OyacsrY}O}?
z<$xsqzxMoZsvcg!87W^$DSE=fnT$yy|F5cl_4%FtTYi$i<=_3c{CkZ5$X`SZ2KIk>
z@&C7nU7ur<Uu0><74eTCt-yq9KYCGGA7ABPXw+<~q)Q3pyXD|C6~kE2t=+!xc|wxA
zi{QWB@ry$u&T3xhW>~4vywE<g`c{!UIM0B>t)!?06G9=U2v&Zf+QG#>UeGb4-%`GB
znQBY63qbf$8(4OY;+1z6op{`v6t^hZ*vS6IXKe3m#MrwSH;_fnaBxOA*$#bug6dl~
zxRmPEu@HP%y{JsEa+kB~Wqs`B%PBF3ETmc~usd``mP;3-kXdA+({cy#HOD1JSuRz`
zy>Q5p#G~8IR@fa}=DqdVBSybmfjG{NCB*Bj@Ih<uskH`QLf<+%mD4$5hhf~pY!?dj
z0HzjxGmowy-M7o{or1}P@7Dc|wa>k^=CE!CZ-}}|_DMUUnkfi5oGs{U-!3;IyYV_a
zeO76o2ohux7_7${UH)+99KuQcxvO1LGAroslLyMHSK0I*K~IaGnAuf#O6E?u9k{LO
z@An0!qrQ+6;LH~e$Bomsut|E5NxiXtvVE+dPG2y$X7Tl|W!t^qA8%UFRwo^QM$w20
zXqK?Zh-a8Q)yeN*bgWkB8o8n`UC7#OJ(=@N<w<N7_-2*sy-Q1m@K68~p5}B{2$!t^
z6KRK~Tp6;#MI%)q{U>Xpg*VP#%K5w9{EiIdy>9x0dSdK8MjL28U(K{RIJ;H+WrjTT
zxc69WPy5O2=a|9SxCUb(CvzJs;%$lgpYv;Pm)*PLyiE5RbKyy)>Il~dE*4s&)|Dr>
zvX;Zlq@K>cS+|!s)69Su(EexMw>tgWKkep^USgzaQYi~IZJmoLAb*218!yhB^}Pi2
z*3ehw`$10L!iJZN)yfCKqurkB?IN3l7GlJ~po6CNfP9{XkNDS>yBcvh4mXTBKO81!
zuMOH^!nINXlHD3=16!N#5A)M{PuKHl@wL(b+Y<HQhKn>W@e5BLZ%O~6u7+`q0mwwe
zD9s0JgXstd>yO2(a=YDN4=I+Ch&7I7ZEzIeaT0ibZPyj5p$IB;{E=J>O+091NK@-L
z$A4emFQ7jIDyVN(*16ox%e`p~_xOOvMZ(Bv-hW3C*!7)sGXAX*gORnN{zraSS%+3l
zt3x#p)|2&gi2q{hoOZw#luWyu&yZ~H*0SUPb84e+`NuyaZ~`46Ei>06=YY~FLoh+J
zm94d@p<KOTt$dWC0k;opIuMbdLb<5#yid)dfgd}e@jVPdsTM(2xKeR)QzyaW1U+)>
zW+$WMvfw^1^JL>Gf$Uvn0&LLdyzDWQfQXhS@UrZYWsuimDwU54)Q37&s*ZqoKj@(E
z9vF3ex5^n|xz2_nNHJBJ5yhgZZoO8dmc9_Rp_g(cftfUu^?LSki~rp(cVL)Cg3T_<
zLQXx~a@+3+-I&LXSJ^`9im$eI5>fDq&m~$pbD{m!_IhDwb8X#VXC=EES0|x(ZflyW
zqx!U3nZ7oUX36~wl)!90oI-#vk7>Z~R#Z~O?Ggf|Qn5lUxN5*P9|5_0PeCPM0{A^S
zaHbze-ajyt+S0&Hz-iUd?eY00Lm&UXNUB4Y?j(Jwj@*L5X82jb`)QRC-s{#^-%Gku
zz{gMb*06ub%FAi8Y>Lx&<!xX7B}>R(LI;F-R9~=pmgHe>Ht}X^br3Ax2r1~ZYPz#@
z@7fuR$iXjrZ}aqv7~ajC4^;0Sz)LF=Gog{~cm$$A=bil1{N7*<k?W~}HKlEkVe-eV
zSY5+f*-*Dx54**}X8jO$@-O+_{#$<1zvbWgxBS0%|B>G~9}Mhm_(l3*xBR91*5%Kn
zx@&t6tY2l}o8cgJ-U40c_LZ^FtP6GDJ8lI@SMz{jUP#(GCe^D{2E24cVeqMRO(ALB
zAM5QusOck7m6~)nb;j@)PjVJ+KMJ;)jvu<GhzW1j+aT6u3O%YU)S8EmaI8pY-85$|
z?%G&LJA-Q$-PYjv(W|w@+<b;2zAaDtE!K{-asbLJ77p}#jh%qqnbWHSgz{}Yk<x}S
ze4Zq~Cymz6H$cn2Z&R!uzI03tPbF*R2ymJy*LTY&5+vS&@S6Bu1nTB~k98+EUBAYj
z$E&7EfpwA(a<b>yhk5Po^0n)wUKrn|P47oi5(UjSuY|t1o?Sn7HIrC$M)3Rj`kuzu
zhMtkz#lUrH`g)unRiq-IbEU4^{)~{gvj#bC#jn7JGL+P_Oip_SmflOHoH=w<t9a^6
z8@yMMnT*Y0^B!hOHh7l{3U8VcyFRNW5}*rcEc!XPw}ic&tm?aS*=&G7Vk<7HM<!{x
zF~xh&DbJralgLBJ1n?wyo>SkumHtd@o8G)k@0yB+?oRGb9=DAhwB1U)NidABGrk$V
z3*NF%Q$`Vcah5T%8$GPGE&Iu9)%Fi3*~ArwVK<)*1k~#w6fXZ{pFk{?pBsK;v8c~;
zV5P&d&O%6C;L%GZxPn0k3GUtWlS3{IdPTi@L|Pc!8ROe*HoZ&h9U*hmuTBh&x-l+f
zt?2ck`8hQiPHl_v9<RJ~cp;(Mc9tyi>1`qen)vF^KWM+^_b%{7H?|39t~yM-Ra%ep
zR)pI|?0!ON`5G|8=KLj(j5z^p29@Yb0E!YdOb~{)aTuE@Ws@|zQUd%}DiRW4*bg-7
z8c9?DrWG(@Fy2@ZsG5kWsi(9&`E~`&df3e1b-Kt*^_qBC+f1DX#nr^L;(z4Ca67&^
z|C+6=gatogL%oM7hQ4oQ+e8^1)W4;A)kFEjEs(P1kMnJfyRkpbxQGKX?k?_{gHhUw
zN}P{n<jw_27?aF}Qv3wMA^l#LK04Nei_dB14?>zUy}hNd8-`;|0Grsjz&5c`A%Zrf
zz&;-q(o-sX#LuCJlMCO)h59fvNMf(EkRO?eERuQW27Ow(c<AT%z>q-I{Xq_iSsY5&
zVK6ZwUJ?#Or}%nUvL7GIgChZw%#%D%^%Y=(^U4cCC|`=6eYHf@_@*_Y_T)5e)JS8)
zD=06~{Mb!!3v!ED(uvFs3QW&MorzbF${9I=*wvqIe)#+Qr^6qKZ!n?kw}NRGMs*YC
zL`f8wvSkEcWc6UQ1jqBoZmZ}7Q2Q^jsl;k^xr%6Z$~aC)#MnLyqM;=tx*9y2>NzEx
zod2<jELx5*+=<<Pm=$fC+~K-&{VL<Supye}IKqp+QzPj!xU6pU`{CP?ZF+!b2HMkn
z^~`FJT}`pd?)Qo}CP8DE2Y(Fm$S3#|$5Tz$^jvSX#PeT14r~g+&+@i#GtTua>@Qy>
z-hz{b=R<p(Zpv27VSfJ(=`Ba7@nr1TE>OS0m!o8*kV*gTPMp3P{M)|OhNq?mcA_!p
zlsjMdrRX6LQO6)kecQP(u;_AOB{(U}<~75ZG2Toc)6C?S0{CSw@bNg|!r;y~A#XHK
z4l<sjj<JrpkY&LN{Mn<f8`*pPm3pEhFRE_(2hlGaq@orcTOTiQJx-&a?5HRnXPu7r
zt;CLgWYSex%>H}7#go{og{4XC%IdO_Q0dWK=$i_F)yUE(qrtWTTb=G-aXB5qK3&{5
z{zxkV+fMfkwC_(j+TXA<G-NR|ApYE?J85*(E3EKvd*Ddc>C<kXuMP4vGh<_eTbOQT
zM9Ai@UCIUDyz-KsgL#djjG{|o(~QQZD;z)HH!mNBzSJ1xl23-u7IjN3guJT^uv(2$
z99->nBV1X)j++0iNstm_as)2k0-2E<gi2Q-e%wKcB@35XvE8MvC?9<johJX6{9gYp
zKiS{%Z~t5Vi{yXgC!7ZZLwl5U^8h$9oLfSpm)#N`^w71IG1VabUdf_>NXzJE2=!`m
znAYRL!03f4ozLh)Q4t#OiH=uVW3kfJA}Z2Z<EE|3R+X2&mdJySEAoXZ){-1@(+R-c
zM6OsAhPxV^49mpn){;3g6@umbd`$bZXXrxp&JG=FAA@gHOF$DY*d_AFr<Y(SCDC`q
z$K7AdRvF!Aryx4pVK?3{f*;KfW#dV(2gFFK#6e1Rh={iFMKS0n6~hL8COCf4Yzcej
z<<FtZb(j$8+Q~fS#~GNIWjr-q<GJmrMN!NzS(jhwwI=$$K|MwRE|i51s7VbO!+)o_
zs<1%CeYb^v_HfoH_lTk(-c`11j~Le>Ac#>-ahVK6;N_yA$LC_&WAb3&4(tl%USG!k
z;ctJ1lasc0Rvj}COll^!k2CShHy#%`iiiqk9G0^qUOgIszs}m|T+Xbh5Yps4o|u%f
zTSIOD;qAkw#pqp6btSrz{yU~?HD-MEjEXba0)o5``AkC^q%oc-%Z@&=6rkZ;m=2;%
zRh^%@6I~Z0z?9i()`7ck?gkY1@4p=HjhE$#F+TN+9v4jd!czG%f@GGof9U!P2`cY=
z50jX9NO|VoIbqEt`rdSalZhmILm5^{*!ASr=8^ro(Xn;-tB-D8@w)6}foro+kqEYW
zGrZR?>a^^}#znle97WFs7sVc)f}D*UR=m2$`@X;?iN)4$$dc#6t?Pr*qZ>2lf}oZw
zhgCHY=?u^sAF{nc=<0`8M@5IF?)&I(|FqHR7!v(p6HRuN%|&y^l>mM@!iNP&uA<<i
zkxw$VXYH;#8l*)nDtbcPG616B-s+8PN_CYd0PE%#tZp&*$As-&OqNG+Mr!&Su1#k0
zvakqLx*Myyc>*ga1=F=3+HjpNS2O(8U$Us14InUeo?5NEos>Sk;Y1yZI<90aZT<in
zKP1r?tPEle;1%RQqf1ex*CYQP2-G*(z7F5;yQBb$`9F!9a>h)(!#?#-PTVzvwPc#f
zseIy?a#G;}zAX!fp%1|xKrVsFgXw||fc4tvFC(^mLlw%`h7md`UP$~LzC3|P=Y2(H
z+N0yATQ7hqX;$yu32#RU?$B@wq@NV>E{=9T92svrsNsFd?+eceVzO_*vqI}F>`SK6
zi}u7|O|QE9G>9G5GF;^lM|$lzGTU&U99}QVE*(>BpJw0PBEN3m&uQrll$`$pca*n@
z{xF&FoL`t{ip$^|t$z_Buko{xH*>k<MskXNsH`TJNgG#Z&(R%>MId^K-O;lE5xJR+
z3jG4d-vUZMMaqI*oj3eB-#D>;(GHq_YEYcp4RddBHR(#EJJp(lUKaD`jPbh1F~y5L
zrr~}rWE96s$&CVHWU~#$n3Tb<Ms$dsdmBN@bhObi(cB-6sXu89&5Zm3py%+CQ{3{$
z`hiUJWhmrlr*?GBUwF2^?mCkf+qQ0u9jk>sIFsg6-EQW0{I7*MK<fyxPb<h@&7QG(
zLnHZ74z~~6MUyjMcFl+vlZw2<PC^*k6m`Bb$WV)XGK3}qy98tT(WIa12BioV2Zl$4
zC1k8kFy?A;5KBqKr6VA6&p1m<o&vZf;*IAEB=79SWdcHU?XqBCCtOB?s5oN8XDM4)
zTUJ=)^w6Skp5Z9`n><PnZd{xQ)vuQ01AlCVvS_##Hgje$=lSC^$bnAdP0~+^+AAs=
zMHh1r5P8Ro3UiVud*;}$wb!g+Mfy&y+v`}H8KJo&xS}W8IW29IZP}T8udU1v!6$Q#
zLcBR;tLYw<qSkZQ`!sFg<rt&b(TrjrmA5VHzt=+?=*H&(2F4`ihNCzj8Q3|Sg}GkQ
zMEQ0edr&)8lzW-!PbGDlM=Qa_Kg~HqM~6O{?Q_m~EAfNl>Fme^N}Qhh=uj38uCi0m
zj;(D%vinT6>#k50d8-K79F1MOAiE*_CBNT)%TNBd{9FH)|4!x~`GNFcV29aFSV<-l
zW3=TpxtioeN@Y6+i(&XU{Uf8cJFi)-M-SM)as9immc?rEh)HnyV-HU>h%gQ^{6L?C
z8(CD!G0;AnP-tTrSB9)3M!Re9@{a>KIt+fYBJd~YW>Q^{$iGHw*)SMe-bP-Ch+1|^
zSFlD@P!TqZeoTo_NC@v|YMLZaM26*b&>6vMnE_Emmv~#iCL?#EYVRe&@!5##bh)#4
zY14VU?qc&8buHx(DOLN`oZ#yDqU+($*3xP~lQ~Lm6zbpT4hgCC!&f6;2PWNAYdSuE
zU--zbUvsk5)6~W}aX$#}LKDKiW03ANBW`R8)!WE9%jO(-)}0q=(EXO2#XU?$EZF8{
zoX`nR7iaSD0<EF{F63vz-Ty*T3F)Ur6E7;-tez!#c((~|fk97eqjnWGQ(=LTjMu$W
zW?5Xzs2zGxCt%H8r*3rof}d#xf~Z#8CD0hT7Cjbz3OkcAqfy1|>I9=0z8HdsG5cof
z<m_l>WcPQ~-q;!*hJ~4hh>7U$Djy%CxRtH5nIogPt&y`Cz|6$n)QnNq?3;zNB@r73
zvw#3R%s+>_XZR$@#H=u(1wTBY>rc>$UxBX*i^LKkg^Ll=oRu7tkcEV+W();Eymw6S
zr~dAe1bn{jKNN_rWU#8%v-jbxy7f9b&ct2HzLWcYc#dK{cz?e13>edzUFZee>SdJ(
zNSR!odlIZ!ognJfXja`y@bMvTkARZo8r>$Pp6S^b>fVMxzUZw(tumYME|iB*1Mz$o
zQM`QsgOWEJ7e~7Ms$@IV$<^&=6q7gFkGtbRvT7k#m&GP0gLwwkx1%_S7=;N8Gw<uZ
zr-O4o(YZIpPIdn|niB40K0+x|KrMC=m=%eYaFQfrcpVuFE7Hy>AP-F!1zY%!Y+}C-
zp}iffel!a)*PNsBuD9=E0}_>e(Jv%iBz77ySuD}K!XQg?>s8ZV?3VIqeql*ODV(&5
z&@=?;RcW%C;CIghLCu^-h1cYXLy8-YNFzEe2F#(*r9w<bM!xyN&n7n4DmD=LNWnjF
zl2x$U`Yi2SXDgddG{zM*1VDK+339)=LN=8u3X0_34vk#ffjrpjK4TRE7Mny~&@Rl+
ziWrQnDe-K2_1US#C~k#wQOyqQ1Mt3^t<NYTy4>1MEA<Ye+7}z|(9acwxdW4eGR$P>
z|A&Ub`v0k6aB*@mvHq`C!c4@>#lgwK_V1Q*>ILnsqPFtJ{a|hr&nET2VHeNFW+x@%
zpEOg$?rdTp4P7UcolhSDEHgu`3!qY0!gJ{M>4)fN3qx}d7Q@GX@EL%Ykids{K+pRl
zNNF!m?;Y*;$NcU6>EPk6Zqnytl-oY&W#b0amN>*^LWh6}pRTLVZ$4M8ws~tb5@^qC
zzNxG9k@K-tjEP`zIy@Yy<wz?%n5@?Ea;-l=pf#RyAEmU9o=C`lf2Sb3?3TiOSF03H
zsm5rF)8b#fsEyq@z*e$i@chVo;l^yX92^;y#$U{1zZFB+c13UU3cpt0;h@wT7u^$j
z&zhtba}|oKQSlwJLf{d_q~7=~!9(VN@%g+Jnqt6lfE6Q_uhZxWC8=kv>HTwL<Ak8y
zc-zJK(j%5hZ6ou7{bImDNC6@%Pqn@P>{&3ZA=760qy+w1*<^qit@`G(8QXaw8uP(0
zPrb+T?<936G85ivfj{(x^xtfoyr#y52O1Jslhm7wjP6i0zGdMucYyC^7IM;A-<Op=
zhg7fs!HxhL)VMzZ8F+ayPq67%lId*p9gq2?DNO>aIt0`yyi40FM0M2M-|<GP?6u<j
z!)xAWT_(T!^8Fd9AB-mGB-*KZ6Hq1nOa8$BmY?Ep`8WS9|MUAl^2@;fmEKTfm=W#5
z;>&a$Vj>Z<f#kr&rV^9mOHP;MtUg&s9N1Gv7sJkKz6yK^X|ZhcrqzaDIn&<uXEVNo
zaINTpldZNy7n?2u9`F}9KP~C$WuyO+Epp{aMU07;wwW?0bkB%1AWU<v<dEj0HjjDs
zV1M<vXJkz4J*_|mJ?^5ObgI`;aNHPl<`^)xEc(4X`zlP&y*7BvBc|?WHOB}<!M|G!
zJS4qmiuojtKewB(LD;tPB#%Ev`J5;;Z8EDr=nPQHXboKGExu3Y5SRw~$_Q@L7C+h8
z&R#S_z2}|GpTDeo_wcRy6?ayI+g*5czSkt>Y~D|_yga1Hcs%!cs9}~q(>qbMrkp&i
z-DFW~UNmg3XtXEg+wi`f@TzK5+unI5y;bUI+5e_*&u_d<daujT9VhjBND;8@%rVm#
z;<+&P$yc{oHt%|=)ZV<HA0cUg)+{YEL<H}oC44Lw!|!8w^kcTS&kpEZKLr2tzJ7A_
zKTotVqvI*_&sqPyaZRW<$E19uW6KA_PPI=pTUBXzG@7BfV<0s~muXh(TlNFq2;CMf
zy{n+A*p?@K_;?AWA!L0^*0I3VCD@$ZL>1%tAlLp$$_IC;MsXAEc3*FE=YDps;~3nU
z#zZf)rNaW!+^pC-WJN-DZvN5t_e=h^{gOwEhR=29)}V>nx<X#GTBTt)T`=uhPdQ&|
z;T4@g>g1M-H?d$8;{m-lxxwV*A?9`YD@{iz;a1Eg<zu|;AY!Qb<Mp2XZFWUa=X+t5
z0b|=Bj<5bq>ao^(OM#A0h3|Ck<gGypyn?@tIiie5Bg%WrESfTH4{P0Li_qjNKM&Vi
zuBYGcg_w7F$F?pA74Pd8C~uXk>m5pRPUef_Y23LD1A_IQ((`*#sFaa}oUUU>N{Q(E
zX8EK(<fI{pxIB4HmfyF3wfQ!4Yk?vK&YdNU%f_vlaY;$xJTujEX)^Xzn`lomKPmVK
z?K;E|WYQj=Lt^20VjY9ar_d;zqJCcpZQ)ip{Vh7_L3wwpq+sBt@XZCmq}S0Y1O1!D
z*0N(`ZQx{4iT{T3d4&sPbkJ?k&joi8bXFP$OmQw+6wCx(@U{&t<RabXU*$O+csKR9
zq@!zQ<FU=$W&AT=t%6`oo0IEq%8>cU63T$YXE3ZO{dVBi;$osIhK_1-V$JLOCGg9d
zT9y?*D(HS8j_>PIEsQaIZ#cxWY^~}YIau(LlRGa6(PIBp|0!@~4%pCe^O?h*XjPA3
zNdHBcgrJ%G=PpC#SNHW4+qHyq+{+&vy~nN%KBHCc53#+J+BiKJdLef@6nXA_-#D}N
ztV8OJg53p@Wy<yg5D3#Fq<__ygdEFrEE1S@@Y&l56=TvvnaX4s)YXk7op0ZLOLkX7
zzuVqSghc@_cgk$$zVtof1n;zTgH%=cvo-(`fSb0uw!gpESj_&(fIFy?__YlE?9a_q
zXEp(1wPI6t3B}JteUvblWMwF<j2(QsvI=N;Xhhh)BnV9(6L(dj${gLYQLSlp19@09
zr{+@Y`|8&U(K877mve7`O1Y*4Q3o7jzsj`wEF0riQ6s03--Oe`lHMl+`ZbM{3abiq
z`(ZnHQ^KAz-E7_v@$F^#V|v~Q%0&yT40fPiIl4V8qy;&{`HYce)s9PW$xc)fg44ox
z-uU(J$=?yP<x`;0*>i2{ES3AGYNlN^$|FW9>4pjP<2gtTkC>CuL(bW!ecrZbiW)T)
z8)|c!+Xg=?q^RQR8@e|b=ogZBBX=;1WA&Zj(WlSB0T^sy3ZPT_bYz_&mrO09T9@@s
z1_-X@Dv&2ByzxCdcT3iHOU&njHeB74W%;wk&%{(=nK0AL#Hf1-%5GQoZQ$o6f{)kd
zrzzQEV#g;q0=;xy(o@#(K|i^Xh21SPEo6Hk#HJy>{w06tf6Gt#xBMIbl0Oct_8<8j
z{K3G+r8B;rk3crg9+%nL935F_t}dM4)YBIi8889Hwh3nE4k{|J%@NC8q{ls9v>i$<
zIih3IwbRlAYYXev$2m3XUmg#RvDshBBDpyg%Asj=sY@Bl?Jfcv(tP9xyopOm%6h11
z<du+F<%Ii@j_o%OP0HBkN}#bt?gkJhL^uNL92S<ce~#1G!Pw%|Jc)29UB;nccJ*_8
zqs@@pxhpHxn^HHR4T$L9Roh91YV!I5OLdNXraPVbIrjWu=Et-i%_(`0zKCmP)k!t8
zJ71_%U+SFt#Q=9Oyjt&RMneuwfwQZ#i(I(_zm1^sNsoFu#8?qDz}?~AhIJrklgi&S
zMFK(_7q^cmrBgg|-XhYftiK@<HD@$M=!<#S*U29QiP_A?yvB;88}Ryumfo~9{tGKY
z<r-^s=0<jwygJ~vbzWcfdB=<I!f^NJ8^l_nLX1(fky0H%zrL15sV)BOkEZ#iE+apa
zUUe<bnTB(cdD#%cu5MB~tA%4lDZ?5Kh$`d`lJshd4IflyjXW3<0tm{68DvNO0Z3Z2
z-qzRGJu05HeTQ0G#bGiQ0})ifA^vciViPZe=sYwk&N(49PAfs+=x@iNjL>wpq~K2j
zKZs<8=X$kjL&k86#j{1S2x8_N6s|e$k5AunV>hvuShPE5uOJ}j9HbY(>l-k=_gPvh
zYdA9%H7wxd9Q<B0kH^wjk3H7O_v6)!$*q=&hxW3#Ta!t|#g*!C4L5dZP{cODI1tT3
zW}2p7OF4tO-;;Vl${_^JCSQ}Z-<n!os#+O{L9H%XtqaUori(SMMk|!5mITh`aj5}S
z@-(UXKT{vbFe?DfsnhZ-6O1d+;FafOm?ePA%5zf8GQd>jv7b5WKpg4<8D=?{PBfML
zq9kJ=nwqj~l5rdwYJLh)zdQAS6tg;zSvfMvH~}qDSyfVrK`a$5UpX?Nhf*vYjWiF7
zp`VF5M4A}@G^PgTVbO_YqXp(s{Uk8}`YXfz%;`k)P`-^P(E#F6w<+HylIQ^Gs9Ewa
zC1Z)j2&vbU^JKQ;dZ>d%fo#;u`I50c3}Q8CQp#k~u|#5RXb#GK(#WJ@b!Z&aWy+d)
zVR1cl!BQ}}XtBxwNu!@4jKT6S<!Ct6s?=!IO=xs<?#XDG%6Q2;l+@8u4yr)H{6}Hn
zMgF5a&_4fB99WtEC=F!He-r^u=0C~;NtN-Ec2uYZVs|c-z3KWTl)b6?H}f8afDieP
zrDzvY4w68(e0K?8W4^l#kTd@=0?jXJ2cB9#d54`^KXC`0T0d!roLWC&2Z9=uyu(cm
zO5DMwek1FjRpuk_C(L(O22$p^>jDFn`6&8xmH9~eKT#7T?GRHFB<y^mzL#<6M0?3Q
z`e|H=_8?U)0rbjWq8C#Hx>A2uUL);ipgvF9VW4)Eb|^%1lXPfBYm}-M1?uECi2>8|
zo1}oa`Ax#Wll&%mpiO?0IIuLoNg8;jtV`XGuB^+@Z>DS;zoSh3M$}KPY@4`aOwABy
z9D#-@?ck4Qr<}pqZ%#cCzoSddAw@h(!0`XSbjZS_zJLFJTkgN7{?BsuJ@tQIE^F3B
zh-?rFqP`PZAQbfbb10sj8m=IHOdOve;bBcN|6E?U!jr=qwt!L&T@d}H9HAh|Umdxe
z%sRUPT~$ZEE;3RkusHu0IUpijzK|gzOrDg7Jw^EwPp~EN^yi!>z)b-4{x9<qc4T&x
zzvKu0xBOIp%fJ3_`5`U-k>4!+Lw<5=q7uq9QMUAfc_llHY1tfXKs|sRFdJTg{1je*
zqJ}C*Ttbp2%NA})GW{jz3a}eC0C{F2WD+J0b!H-*8%7g&@9+!w%ZINhqbRZ{VMTm~
zi%<zV3Rjpd!xHNbPns<#1QQh<8J>cM3<nU8j<i2Z2ObWIbXPch9rirkq??0B!l-1B
zW1B;lBb&A&njq|SPwa@AKRd@jLK)?Rl#iT`lK+vT7#BE<Dl7#E@7|O8^(DuhWdON9
zjyZ%XZAjcsodgy;H*5?*Va<vnh9ahz?k}m32TLIbX%#4?Mg$)#Ego#05f&WghU^m3
za=EMe5`Kg=tz`WYYb}W6qi~Bq-Pqk%{L4NdeEwHu@jd!<GQdD_^-%RC^62Zdk@ZW$
z5h}}D=8;KGOqf6(gJ13nl&V*jwI8`>%n?$3yUZ;D_9lgA#F1Q1r(&|8${BplVj%Ra
za3ut4fxkYvXK*AVYCGVTWEysE-y`R6=#g%k72rqWnbyK5b}PXmAa(m?dKUl{PLK<V
zQ9eV?0S6$etcn5<<E}pC`~f_mo{=8^0(lj?5>6B3c!j${?aBys8@|da@+$o}BFNDL
zxS_6#)x{r881hZn_(F|4@=n{$H3S~1=jeoeqi6{~63@X6t0)|<$knPKZwXncplAVF
z@=hnRZNZf2$vb0Db6B?~m_LC}lg~9I9vSCEgf$@PN%AxP(#D;B0;Gpekn(V1ErP9}
zMW(~@gj$*~eIu|0pI+|f5-eiJ3hhnFLXV{Vk||XO3aQL>us|w@A7J-in7W(?l!mFJ
z)FYJ>Y0IlH=5EV`Cw<w)5st8`nJqpf$(aq4C;zKSN9hQ$WvO$-gm9v=D@}^$Gy~uP
zcL1j_^I6fw=@E0}@w`xwu*%|0lyz9atYhJH)GOPlYL0adH9)OflhD$UNqx;onMvLD
zBD{Mk>KAnPlJ1oIF-x?iEfa>vCqmKsX+Z9fCUzu0sw#3MKcXr@BtNVwMx-4?B4jSD
zFlo3qfE+*?F#YI#*jvm&XITmXPmY697hbL;tBO_^^%)*v#abv>colAn$eNaD1aZYt
z2)y|4$1gcP&G%m)Nu~r!f;b=<w;|%|8B?F|8mpR*7EFSuBtAvaHWxZ1=TtD8!H_m4
zRm&ANW2sA{1QVM{l}bfzSq@GPSzap)EqsEf$fty-M5hF&#0FnA4MvMi4^RS_lc3(Q
zDNjnWh$CT#-2!-yi}OJ^EF}OKWJ==>hEd&6p~C!Whqal#N9bp)?`V(64TOd-1dj-h
z7>|(mmHw4e_vFV0U|HZ<pCk+g;k<zj3X1Q%m&}*Qmqv5mgPS=RTmoPlP;W48P^-k3
ztzEobt3{m<zNn9|mlj*_H^tG5<KTFe{s!z>2k!l+4sCF4U;gAQpSXW=CvZnNo9wxd
z^oZS6m{JfGg!m(ILmf>y4vVjlg2_d|Iq8Piw=~GKncGGBqw)l-0udbX6JlBt4*?Us
z(<vvt+nW7HHV%|Cn3qu};!<FP*K`AJ1JM-1mmgk{Hh8U(Hu!G1i`?fd6>g_&px;fX
zP2f%VP4G*f)~v@|);@P&H$j_x`?6`sH}AlI>oT?Yc~Qt9s=1;^ca?cDu}bfgE`lzk
zEjR<j+Yg6i!;bP;RD4Vcc}HC|?#*iQYxTk4*hX%SV(e(AIg&wf{k^3v`@5|6+Ihbu
zzxMaB%#%L@cWX@>9lmSNtP2;q?+2a+bqtP~e&z3xnKplHUQ1s~-72m(D>Ft9sMEcB
zUuoSM9@*)u>1nm+?6n^!F!VQiUK+m#*K6uz(3e;R`=$ClO_=#M*k0ExnE9KfW&4|j
zCQ;jB$DAJVRC%THm!q8OG>+Mp>mD1N8q_#dzu$U9ycQbz!$usuV4h}NWNFOp*>5cG
z+0&(+*i)4}Oj4KJOm1i$W~s6D3OXIa{Uv|&f6Gt(xBP4WmLCrHANdu6{|9St0bDn;
zwdro#F;mQJ$IQ&kOfkjG%oH=n%*+%sGcz+YGcz-dlk<PK=KM2r?$oWTt!}AR>Q}3~
zrAM`;Rxbd+%Tg}fi{n|AGUfQ;BJH?>rubTRNp&w%k!gw-;r`P*$m@<%#7!hM<{4g%
zeXW<GTwVt-{Dgcd`8e_%1u7jqD5b8W*7C-A4PLdE?gE`#r)Oumh<XgpkVHLkaH6!t
zc4+LlL^GRs9T87v;Ui*=Jq0!71ZivPrOPjp{=}%YikLq2o%AcSH0Sz9NCiqk4S5+Z
zo$rULq`fWN@d<2J!S=o6C=qPq7J(Mpi?fY^WfSTsq5kSrny7uo{7#Z_gc1me<z#bc
z%sMuCeW!Gk+tY?Wc07z!dc%_QhZHEOMFQon646O9P%^7>OQ(%T&$NdW&v(;oDaDwB
zlrGssiML&yxEAc(Ga6*e?p+5Q&==!ufqHh6f!f)l<fzNri!p%K_5n8&NvbpBPr`L)
z8sw>%K`0-3SjE=M)&BAM5zx6m7QR@CmEoY7_+LU!fp*ES?5LWSIo)3;>}g$uEH#d5
zwRdAZ3x_uZr6{BKU0kCShGr&wPj~UE`_4L<wns*pYui^5`JAcs*x?5B@syVyOp6hA
zDnG6(JuIRFV#6{Cl?IvySqeT6WDGF(VeT~3L8(ME0r~+L@yY8%)S<WGsDxmHWkX>D
zRe_)a?1S8R8~uhf`LYiT%g0Rzo&-A!RO6l83G*AZ5GWsH2Ea>)QV5n0Q0g?$L8L=S
z0)&D01L^zFcbe!Re}_~A?D1iIhYI`R&Id^cj1C6_5&$gdt@j%O9R?ZL*Bkg79y$aJ
z;2Fe)kM|qeAW$ox_BX6SU<M%gD4<)QRX&bQ;52U#F%Wql<W4vu5OF?&C_pcWEg#ia
z5FrqjPAC;`vQC&J0O40iApjU3{2_q)H^!2G2^1Ls9Nm1o@=9it?Gnibh7IZ!;uYWy
z?+)$`?GEA&>kjG;=?>%$=MIJq1P77{oC)v(=K<pZ=K1mt<_>6ue?@VIXZz9$-3rnQ
z+X~tW`3m~TcnNmNafx|JaS3(FaEW+Ha0z_Lb%}jRbqRAxx@o#ez8TpW+lkb<)5*U{
zzbUtgunD-NyZn0j?GjLl*NFF*P(Cl-+?{QmR^K3ML4Y=Kb<k{BZO|%_{wF9wtpcyY
ztbSRASOsXnYk+G&Yk+9LYJggRmwzb-(16o`)B_~~djV*G>VeTf(16svp?#peSvK8u
z7;SKEXexu5!!7oLydoYC{%@lZKpGIXF<=0r(-zF;|JT)CUeQ<k&*;>?m*;;Iy?4A|
zzr)kkeVl{71}65h*I>+O52zgEk-9^>F>v}*8<#z@CtB(zRtGMnTF|UO)TOU=I#zP3
zcyo7W=v92Mc0|92=GlikA}|)YB}eqp%{$bdh#kQF7Q~wCu_HI5$2^!wpfO)CCSBq=
zX{{YuUdjqJiq5Js+9Ou!*dJ(#*uFuzD;JPc9`~*H6LJ51bbFIAz9MtYkCNJDRIOSX
zF;@e|<%Oi)iQ3IrP(8Cq;OP4K$a#5xhXcNj{m{RLDA((}E{Pf_p$etczpQrx@o;Y|
z#Y7#mxS>+%QFUy-vhEb7KB5d>TiKuLWU`t?Q5!aGXuLa>J=GF|e8^yFa9lU_a(-Mt
zb?K=?jk80&t_ph5-+2P9D)b|3-A=%g(vwEltJ8C_pGH5ihO&yb+-M=qppC$wBSdqc
zd>{kCGO^3fLo9e6d=be4ex>hR_rc$N38EreG*^4y-<|9|)6c=VJDmH6)VuoJSsCNi
z>Gslcw`?=!JuJ6KDa?!9?P^d46LcFm{m64HSJfZ#$NXpVQ~V|W%D<BzVd5Y14><z>
zC=-0o2c+4{hFJ$6OUpBq9Y*o*jroDb<#2O;981rUw|l2*LYv`@P!&)PNK8d1g3SeQ
z&FAf`e#fje>WgL0Xbt{x2GytD?cr+?i|w&z22NWC#%l@)7kW;C>l)s5HQ!do&ihhZ
zBhL(R@LwwG-eNqQ7I9DOPxT*a-WKuUt3cRHar+``xgb`0bWggX!jB`X2fm}V72bbw
zLnNJ@Ih8%dxaV@it~(G|;LW}Vb_;GB)jBXLL|fXh<sR3X^z6)D6zi{j=$TlkTzZ_^
zR#Yo*&qettNXkH|fwUk<eF8A<?C@m3Zn@p}#wTLg-NA3=Xz0oifq?b9Bu`|^jk?9g
zO0K$rAJrGu)8lYGtRudm<~9)zY_Pv;tY0}r2%#O|Y`Iu>JdC@|(`MG79PD*G47-6m
z+oz78em?ogUKluDJ$j4dPtNFmef1%X;|Ilca*ac*MnQ(d&Dw{TQkYdS#mEZcP}Y7n
z4d6IxlwqIIWT4hgO|S@NKB<+E(EE8_31faY8m9Xue^;zkU<UhK+Ld>-BU2*w5xSm$
ziI$0JNheg$KajV4JFqb;g7YSU<xnbRzg%TmY;{-~!*d)T4JMp3<B&^Ca))z_$vB3n
zKZmYgTJP-3vurd>k?HWd+K5aqDxrZr=HL#zYKNwu61vr8vaeI(UPMfT8*8$Mq*scn
zp*Pkjlxic+v|WwoHA0uLdUs`YD|UYPtoP|vX#cBM!wT|tq*IR5wdd;`LKk8aIl7YJ
z#b$=%nc@$-+%KLUw6{n1P*dLT4&9kn%FV`6Wxwe*Kv|EVpUJHnq#Kp&uWHph7N?$6
z1solLCmP>&%uDW(soHN=-If>Dno3ogj_>swWNZ!0SPVGwH(syq{oTefUSchUP6)R@
zJbPk`PA(1DEezf4jKIq{7+a4=FN+y_O2%O-IBEo|o(Kr^(&%NVc$$2%-1mRL^KNd@
zIyVmFNFsi?ENa9<nk`J-=v2&7YX%GqhtklDkJL=-!(vbJ?(7bPKx0^tiaVr}Ok1#d
z7C8$TW^`Fhn%N%BUj6RE&YBY9lT~c&!Y;x<v5aJyoWaaKtD165&AN$$Fqe?}S*^6e
z-l<a)dXTYnmuyrwKP0gz-98(KESc?`8NBU5qIT6A98HpSSsJ{pI(E7xbv}A)IB#5>
zoKTrarAzAr4^8XCi=<WU*JgmQu{%n+2^x&Ub-jLjyWNWL;zG1dA7cz2TB6VCEaSG$
zw3WV7fn6m>H|M|Ms=3B5Pe+*B4MZS7O2Y!nFVD6};!XlgvP-6J5tlCtVaim(3>Let
z$mF&Yrf{L5DqnRUv9D_kbL`${G$WKm@Hp51csO{7U$f5w+xU7pHgkN=R_$;auphE3
zHg=jci|$*HX{@&*7`lMNR=~v^Um<>h1VV~gN<NiNKa??hE2OZdscq46Z1Nj_DLp-n
z#!+rTE*-7K1ifX%xD2n#z)$adgBSnv!*y*vJ-Y#G7|^Z5S{@Loe6cGUg1(j@<O>4%
z)=)77_2>seHI)S*ZA6MvS>1Sg`mVG@w%?iK(Mo%lqAzuxKYk&mf43N+-EygL?pYa4
zus-`yzrE%1^i=Qerx?KHY+;3)2NgfGR&S;6!&WmL_a$S(_B$j-!40M!jyPmFy6<#y
z1?G;t{?4>sxWoaORgeP-F^B#w`#tFRy9XlSBLy|@Lel9a5q0&VzSNL2j#}Be!Q?1!
zy)<5tGV`+-4qX1(+C7fPOHxeDDX+A$Q|_HKgGg^~e{gKUNnt<41ZuUNV=(R5@&wDG
zcOV{BE90UW!_Aeie*+lw1I+pN>j$Hk?_)GokhFqJ-C7O)ZC223YpD0l((X(6d6_8m
z?i+}B4^M~zPBx$2L6ig*ld}f7<*6oee5MN^c5E)88j9W&AA&RNVZ&s_6okK=%*^^F
zJvwV`4&6HcA%DVuCO_q0@-P28`O$p;A-}`pr)L%)!`Z%jaY@HMOy-hpJ5ec|W-fyM
z__*B==1o8-1|5UT>UD7P`Lt@^_^;K{MHIP!@twWcScz-ernc6qSs-J~uQxxC@V?Wv
z^?JNctjVm#A59kTXPbtOh>T}45wQ$&T5NldKfL4?r}ooIO`dQJv;@fXd)EELQPK`n
zo>9G77s?EB!a6zRu%Shs@qZ|xIc3*ev~R9F_^CT_)N54hfU`*0S{!=5soJ7YBGqjy
z3U<wPk%&*reO`xq8vwF+SL3C@peQK1a+0-Uo{B#oAD4tnsrcxuFae2U1+Fh|5um@|
zz`LvAOHE7?z?0Fd%7Q)RB!(4wnA)+z7zTfO_}ryz#B_Cqp%TO&RLYg13#-cD?3(>`
z>4<BJT<9E-v66Xkztv>L<1Dd3e*P}P%;69cM(igq4k-ZY?{=~)E8<jJDDT4M@6Vl`
z7Z?(`a8!rIJRf(;6v#>}G4qsXrx-3V?$~T6Pi1zH&S7=KhU1}k3*}^wTO!hHl$+P6
zN2r)lcB!a@wj(2Luii9|WQauCMlIoSRlrrm%!w3}!&Hnv?0ov$C}`@Jhi)Z$BzG1D
zCS+N-gv{3u_{Y+6LbKp!rV(Qv)Jt~iyol*m`8o9H?>gOB)L#pve1d)hm-Gz}p#8kO
z@Q|Zooat^14i?iF>?Pq_z~A0W?Xe(gR}RCN&O&#us`ndE^{L~-aQ*GgnDz?#CUSqa
z>6p3a|1%?_T>LF}V{ywmnZ!gT<5da<=hZ>dcwtEP)pvc#p>Jzqzz3pgi7oG^ST<J%
zzwgiHb4DJo??4{7e$*+GSGfhULC#k|SqUl%r$Z5iS&53_YFhD}dVOcm3w`iODqO9)
zqkz~h<gBR`$$~LTlSQsM`;mm}e0kBc-RRIj(iAC<^dY94T!tLG^}#F2ej`OxDO>|t
zhXTw}@r2x211B@7h>y`Ca3nj)YRVGHk*&3}%kz@uyw9=6##zqD$+x1*yKO3w1AGhU
zPHE-fpGqoyKQ?OyT!hzm9kK(JA2%q+87eLt8w7)Ig)18eyZLFt>%G7i)(<euD{3QX
z11uI~zT%~B+emZ{A&*CU-m9j+c8-R<Jc(tmGK`C)D&RS0uA}17!V%rgz4n(mtkcKG
zCl6w7>nUVAJfj=y#V{^MF<adpmNubDO)R4*(~TWqZ<P#EX)Cj28`&U!6dHc8$FodC
zoz5VnVZ#1WP)FuSwPAm6I3;Ls*zV_(><h@>n(~kYceJX=;3>U=5jur&9xdYO1FO1O
zQRp2agu}kX-=ZYBk9+if@&9>RgEUiFE=$I(5XNJ#g&ZmIJh&Cg6zO<-v^m^HuRkXX
z9;86s&E?7`1HMov+G#nUeT56D*&G}0yB3^OE((<unlrnWUY--@`&z((QpRJt*qG89
zFp>%$uF>2!udc*HMlVnxluDi4^D6iweeZe>mNMhVHgj-fQ>ukHi@m&vS?xvG8g(kJ
z7UyhAS_V2wEPDEpjbYRMc}ja#|H{A#OK)xnTUnrX`4o*F?rXZ8&x9O99M)MM0Y|7X
z+;@w*5NIwrDi+Br&v!zGGp=hjtwmKAUE@7}LKfQ7Qm(2j0)376{%xrilH!U-0fB85
zzh)z+*)M0#wibc)3Pa+_PA0q#q)^;~U-4|#S|skAJ!Qs4$b9F_Z|mb!t_pe!&ls^j
zN2O%8IVZL!vAjLf$I+7&J|$Dv*7}9xhr>M0ysDg>OvE}_3^_w$VUgLQ_rab+F^rtE
zP6g*t^X?3KKfdbFehoXeC}{}d*KoX9cE&c>TIzjveK$r)MXsSy*dJsPVjI#SrKiFE
z7?u`A*cwl`nuNr$QHkccs&L-cSK_>t%T2Hh#k4h60C`dMeGOfYW0R@di$-}owk)L#
zbI&`V<M$S(w8Xl4Mpba;tSEJ`d^Q1(IHYA|bH)=7=-!Ifvc(_rr~GH~Q~f3X(!Y}*
zhxH%w$K(S5bb%j9Q%#!O^-8P3sj|T%R50v{6;=~c9Jo>?8uEMQn6bvwSPsS6$Kn1n
z3D2k-^%jGbd8|wscB&rda1LX|TQwrNlp!%km<_IK9gVwe9*Xj{?EQKSB*gt;Dl1iv
zeeE@r!-?9ONHx0Z9am$%AMkG4xOk$r2kLX&%1)6+u0~9ZF(R0C=OfJ?!y=gazQlMc
z_4MeR2~?8R-27<MgW!vFjxf<k#&TkgNNE-sHLZRIH7()*eZlIM=}>+CYpHKv>=5RO
zQoo2{OVPCIlstS2=R{K@#Uwrqyl^>WX)7;0y}Tc*8^c?&*rOg<LqDiK=<T1n68)}*
z8|2g)#I6$vo}w^-GscgV!oQyxNx9Bec&<UHIPPkt$js~@D0y_3uBlhE+&{_Zs1Gh-
z)BMPv8aS5Ku8MfTYP2jm$p^NV*3MKJ_|z?hOI^dGfkqjd(~#vv9y)g5J?otG>&xH4
zRWcMD;|3jTql7M}{mCIzvV!(gl~{PVP<x?r?R@AO#VpZt@B3m>E}KxtkHeAc#fEy1
z%Y<sCh8Z-yjiV&iC;F?PM`TkX)@a9Ti{6VejV{+EDDZC;lZtqnZQ1RRB~V7cNNT*c
zJkM=W=M1!=t%=6Y@=6v0sLnB~)~$?B<(k_12}~~)=T`*r-8}OAm)IB*F<g*J^kVY~
zR`Rd2gMPV1xAfD{Xgm=f1Sr3~TSE6OBrqkKFMQZ+4O8>Z&Zn#llIWM*X4Bs)&t@9-
z!|F+@!Wy}JEzBtE^g@B`Duu%W2kuw=uA$fCj0%xrKJ(=ORmU}*GgC6hSpP}l0F|_0
zMx-ln&pcR?DYKW5=b`J@X>-|CD(cUG)~>u8uR04IkGa(qUN6xL-<5+xmpU~|2TeJv
zt<?t{4b6Ij#A4iuU4w`D6qLEHbLzUWxh~kV6RnwHhTNVOWe3)PUKM_;t+F}Rvo$(W
z(#<j`G)2hjD5o{cP%Lnkc~oJm)YOH>N*+f0yR?&f6g0~=&#`n?Wr>K^A=Zrs1@%RF
z*OiD>(6Pi7%#<&pMuw_IUPskwDI)zB;8o+?5y?#vr*5UDG}I5tuXn^jXN<vTj2IXC
zGj?>Pm0Le_2?M(O;r!vTph9ECzsP;zM7H?+7eT3vx}MaO0-xz#;{DcE#Y;!BW2#>e
zDBHx+a&XMPq{8vsw*yx}e_*6oH_LRc9U<CYBq7yDDWcA@QO7~c*k#<+mT&2@l^>qS
zn+74C?xkF((Xb;1jzxYkw~>ERI@c?EJvbFB4QdYk4BhM9lmMN?vN^%yd9VwcBn6)&
z0_`r{=xcz~p-bM8JYwDdj6`zRBNaK)gs^MCE8tG0V7Ybga^>#Nj+w$J+4plNss6Ic
zG%*^1DmPpivy;`>RuJ?>GKG)Jf)%i0DlO=;MDPk!_1?WZV1o7)Ee6wWBgg#2B)UnZ
z^Q}SZBD=R!t5=7DiVxj6w_AMlXK$}4Vq*|woX%<JU~+P9d5CT)aKEUez4|nLtmoXY
z8+nxL@d?t2DhPF@8f+<QP3YB5XR>Yuv}p4WlX#36{}9I^D@urcr9jPK{>Y`@t$J76
zc1{bLtjcV=Op&bN>1Qf4l&R{yw3?Q1Ie4d{yh)PpEZY_-vLj}umc5b-Ixe?V;L7GQ
zUUe{Su^Ugf$}h}WUs{9;OhF2kq|@?k)AFU$O3e*GDJUTsgQtXnpF-+tiC;uyv)yzC
zq)Mt5yN@#_ARP`6sl=v#`;AYskDejtLviN$csFirjZ8qH7&KbO23G8Xw=HdrjZO@X
zK1iCL50RQ`r*yN9WOIMM>r0nvX-?I6rdgvd5GNo}8cNQR;bB+Zy-L*wxAYr(C9<m~
zZ)91-Lk@=I^~WM1j=|1C!;786V%LiWFjl{s85wJpr4;$!sg~NR4V^?sCE^TTDa`A&
zr&4dJFZtZv_Q%;$vHu}|#wYokK>>dQ0ES$qa`H1aPlks82m?S%!D#-Fe+B&C$xm?d
zm;C5}x6ls&ptFkSl<}o<!hjiXqk9X`x@D7YTirX6^mv7cw{LLyVqo4YxKPWY<#B0>
z>^28<v~Va4Q%zCFU2R7Ec^eR0o{kS^{Xt_<q>-LH{a!@c5;_`-JV9VTxSK=#LBHGr
zo4kN2__lw)LKJ$Zs!w*uK7Bw{p~mzR<b=D6E0defSamL2#m=D4rN-9>d#?TYJ;A?$
zx<Za}p-fHA`Q$udwTQl6X9`9CbPj)8mr6=VP9EEhrF^VdOHHk%bv3Zd$w3cJ0D3+;
zQgl@Wnn71aRJlHe9a?iK#i9oN$KvxwQvBj_S5ofdtKVbnes6DnUXVspHCIg~v94>q
znb^40{%l<3y<1YotCyLp1m+cz`Frmz)7W>qNfs8)s<q9L%BaY=C|aTF)M1mN!~_=;
zTTE)lX+7}Ifko^*F%el<*>z`hbnO?RQcLbDO)KftO9M*`DGF+E95@)2IabheYu+3=
zYE++Ne~pgI%Qg?C05K_$yr9&(83H**?BA!HeU*+St`F(w|JregLTibLb=-?8=H8@x
zm<j&EyTIx-HOULR)xN1M5PqS(f~c8+X6E{_y#GMEa5(Xj(P%w)=fukr^dhnP(15+%
zZesP4#Y_qBK$WuM7?e&e<*DHgRIh6cZR=Pc#j4GsN{~twjg%8<k)8NN&~J@Rc?l8#
zgKC*ZH|ktInO)wt-_$KN0L5styF35|UmH)OjY%$rFWJnyTbEd-Ra0*F61Z3;z|H%k
zvC7~neFW25JxW-6<?Rl>^!v>LsuT-Jzrcw3W*FHo?w4V#k=GJ<FPFyvUrkAO!x1ym
zNXy0AT=NcgH7NKS`||Mtu>C2$2Gi^!WyJiV)qL2sQAI7pt14A!L0nxHLe)wgIiX?|
z)zf=(YR~z=$IZTiijdu58V62Bg@!GXs?QFAEJIrm`^e9X=KIXZ8cU`j2`p5@;v<x!
zwrWBYR`7n@F+}XsB|m5zU*k(!#=!S!X>CK{R1-8_xyL!)S}$R~HbfZ{j2|mWm&}(p
z8_y*wt0txZ5>rrB%<hx&PAmJ2c}n&*b)BB&i5e=)E5|YP2&IBxY4BM#{T5A7^tj1x
ziQWjk-oDj{uVZW>@#2QcX~o`*$aJaR#e!Z}aFu0PW&lMtcGh$vsa)^m;hQfFcb0(F
z>Ga>=-UC~dxN7a;loIUmwKcn%8HyE@C4})XTU*6j9y=Q?bK<97N_nhgrJ7l_Ws!VS
zw+PWJGHEu{eY$S`E}rYK(<~;w^xQI!#=;u+bVji6x<s-!VO>NM8TTYfc*1HG6!(1r
zmfPe)$H-N;9KNI|3iTRwl$IhxJtb9p%6TNl1&7)`O{?ShC%B?)z8Sm$m^&!*67h{h
z-Rm_mYfb&&%*Iz&>JKT*!53Ug!i--MGyCyI>WV3ra;6b_@g$U#7?9~*wZk`{W9+5}
zzGHP3)TXRpSv6sfcl)ZNOEdla@rL_n*SFFR-)tMd-Et_Fl~OqCD-#`9H6*5&;)zjl
zdJf45w4H0ys31^{$~dVIml#UQv>(S<2$uv{A!_t{J_)zP;;?dVZE+rpyO_5SN&Zj<
z>v^+vG$Z!JVO#}?))+OHfYkr~XLeIn=w3h}rqJe_{BT`8G;PXPvXd^^^o)Lx-q$r6
zlKwfb5u4Lwu}A$xp)P@JZUmixF<+EJInRqk8A_CA#MPXlrb4n#L;_#MWBIWE=*y0~
zlG3q*l+3-RVhdi9YL0o)+?A0LnsE{zbF-2W&Pu)HV$c$md6=H))lu)EI+Y*ZZA0L<
zM2bi0-J+ApzH2NS1&pK5s9wK!&59)4#AM;z&7`w^oBD8D)Q8>S7JE^83mpx5>W{WB
z22U+#S`@#ZNU+)Lu9hTw^ErI`x(vn)1b_tq_#6Jk@PG0A56J;!Kox&Tz6bS5a+p6f
z2WsnN`$O^6=ykX6U%_v|1OR|PD*FFfrSh)|<o}`)LuUQ`D+GS)w|}WTuR#DpK5h9E
z{uf)^fvWzf?AHEoRnQ^uPnQ2=1AKp1kQU(kv-UYb0)Re$|C&CB4Ej5LyaWDj`@DSt
z0AK#K?SGCD{wDs(^)Jih*8ihr)qgFk`EQn;r~WD5r)6gWe<lBqmf`)^;s3u_2H1iC
zaDC?g6aLk5|EjrvwI3MmAImmFJ}ra(V_hd3P}?7?29JXUzJCS0b*KH;q5rnxmrt$Z
z&uaM-{<{|FDj3}#t>wA@lh)za&s;zNoBv+_{~UqjzgGU=N=Xl}`78AKwfEl~(*KnY
z@^ks|IsI4i|5-GUN22b_g$J6|e$OGcYUYgGuOh@6+OZy=nKZw;H4_3xxmk3<aMPoX
z9vF5a(AP4R%!rxGMhE$JI#MP<QGe}H+5H$<y);?L>BcJG<@FHdp3cV159ZMY%5wt_
z?<B{MOfsQ1T`keGH7%8Bc#RPn&*9$Gl?I$?kX##d0Z~m$iwxs-y8TfpRz2f+6dE#u
zuZB&d+B$a>FLY}21>(pqVTSxwz>Y(xD~ry2q9^2uuG9m><q5JHxM#+}yFLnMFOE7F
zda<oA1odD_FC6t?dYg`VJd1d#c2;0SXt^?p#_D${<q_gNs4TB$PD-k-W8~oPlH#l{
zbCzH=ZoNY!h^VJp%iS~d`Yc7}bDnp&bJ-%TK1Oxzd4+kpKjG4Qw)ZRL6z)J%oW_?J
zMH_*#y5<lWuc1d{)MZ(j)BTBI-ITF*@VCq(c8`1LYN<_)t9mo8NzA}v3!KXWspp3p
zdTVt|*&4WJ$lpu8xvNTzP(U9fY?@wol%kf#`z}3c1wIP$Cw(QNHOV}2fY?Ag4E?n`
zGBP}<JEkY=B+DFfi6Gw0#WW{${<9_bw}0hDa~iR@Nfr}K>td?bxEL2CTymW<hU)-D
ztuk}d1*AN5kMp7_GZt&{Vo+6Mh>>?>WKDwt29rqytdG!lZ;7z7Jqxt{YbyMox<Kg_
z--Y!<4d*FB<kc1C<$pWdsc{W~US*R+CSnFw`C%kPFKk*1%Y9ozr;re`n%Uldf<Bym
z;m)MJl8+1-!ETRPweiuedfj|M?aRzeSJ=%$97}Q^;rAd`li_c+V1FqUzTXY73u*nu
z^rUUC!Bc?ZCe3-4@rrDfJ$Gb36??0jNIOQbZ1A$He58iu##^4-Lb|ee=!3H9xmXZY
z>h;Ud+X46F311C08^ir`*yd2p8%=>=p_;|G)hJ;`G=?6->D2_Or3HeD>Qds8QEGIz
zL{;6NYV$5PLLkS$+P3sbjI2*^GXoQ3z(<Z*o)u;FG?F(E^=~m0GVd*d)G&cJGsKj6
z+rp`&+9Nc#izKpzxFw8h!f2|k)sH-00V5O~tEP!1erO&cC^vqI5Q_63V%pX9x}usQ
z8l<JdS<J`b-%m&<q|#v~kV0d@36x*Sj<wHDMa7r2S^_y<L6@?CJ9>x>6ZZELeB>|;
zo0{^H5piTn(fUZ!wF>6;Z`n3f<CGEP<Gu@PX&L5c8~o5ydSia0enz;meu^NxRf_SH
zXgtZqrs?z?T9Zl{XGu3yu+j`s%SX(hjDLoh;iELfj5Cw+rOXtTPVF(v%-K_}cH7&V
z<{|_f>l_Xj8+dFYO%_C^5kf(F#<zLnxuvz4Bnm~L6f1_+i1Y5b7gjXeile-oXv%3i
zfV`_<>}}KGRG$;$6L4pLQT|qt)v;y;0|V_YUKVIk{`(+^c`Whh=8K_OlkyPR=r9!w
z#r*c_^YL()@u|$ZD)Dg(spQSFg;x04j7TrH9!iBSkht4u0$!mY^__8YdVV@_DzACX
z#MfbrI~QV=sOV_C?-r)~cfLOgSZ7MW49wDD#=rWs8>-qi6bb)mY%gZGDHW_&UsPdm
zdB;SMT7j~Syws3a&m&UFoMkbM-`;LgFsd3iq1s~49}OZNOYMq7fFJ4lHLAnUm&}!b
z2y{oy6<}&jJ><`VVT=P++l4I5U70;#bYr5r5W@Ge#`#3|mVVch>%A-bN`Un&RDX#2
z6saNPRc=RXS`0?}^pnq0WzWSI-9Ie4SYnrj1x9wmWMjF#PePMDd7Ua#A+5tx*YQ02
z?oLs@2BhoH{Tt#xlb`-C`Dg!~{4|9B+(j;T000Z6N-Hnd>w2^f-lnG&nMgep3%HYr
z1JBD?&U5FZz>PK2swFy@qA)opfgEjt94`5fFISl6h!suwh7U+mjI?eZBLRA+DKM~<
z$1o_#>_|HY?ia010>MiSzCg5ZhWFhLH^K$9BdPJRB4rom=H@jJW{#7YXSNWWf&QbM
zp4Ywyjw(1TUB%968`<z)AHvU<Gcgo`oT+=KyK09I7qR*RgUx}vdQ3y^!|BYr_;Uv(
z6Ij+<*D>a8t-CQv4aS3K)4`0JO32oo;=!=y><uSbfr}p3@>+xC0n?T!?NI|(3ck41
zFK5IoPEo4*H@oN_tEJK&6f@kqjOIHB%|m&Qv)O5xH{9jUzA|h6)Tw%2hxj|?oW5Fn
zXSZKjFkCWzuNZNsm%02Z9y^D8LbvCoI{zA>8i=%GQ0VLrb<C13jT6<|Th)Vt57co9
zM0S2>)M&}i&P|&Xok%k^1TO<!LXLVN2@`kA3Atf#c1x!OdYrDZ!mBezm|A!TS&dO+
zU$3rGW64<NpyOI*_@!*`OWE9_=@q%ImQcH?;FUD1p^gKFZpnxq5xG%l282K;VK(LN
zccd5b4946mw2=N*Tn=Kzj7=o=4-~*L0Zsj^fLY=Y7n(ZP6CF=8YE936pT$#Mvn%~w
zWqR3_B<<;U)lIz#Jz1T1@?xRg1Xz2|0@L{fSRgLXIoHrCv@)I!G3NRl_veF?vI`}m
z`<&N2OwQl8H1bHKO(^+ImhMC{=Mt(fq@GDJ5XsM$A!F`6l#6e=a_+zB?;{&%+w>KD
zS9FmyO{ZI7-$p7f)H1ZIbT?93u&w&66f~xB7DUx0s`txN7bdHkWsFX~+{$bB^uG`8
zM^neE?d<oBJgZY4ZCXBDsBBIQIW$e%zxpq!MJH@DR#|oBi?wTxUB57_-M<c6LQAOc
zAE3ses;p&sa~|40K|wPVTj6TiYW`d!5U!jsZ^KC|>7qDwG3OvBRoYD#15qbXo{nL!
zt@J}hoyoRP!_Ed(t)+`aHJr@;Mh!Qq$4f0!&_^MRgr;Vi<^RLa1h%F<(Ka{W2N=U9
zq)G9U%#d^9&vPQTg*Z(m|GeuwF*y0c(=Zvsu<uL#a)wx<@vz<$FAg@4RfijH$U{_%
z%|u#bq6YU?>+%Ykh{fBm7Da;!O6=Bct<e`s#ciR-6AN?6=B-fnAETb{&h_1oO#|~#
zG1VC|?DMJj0vuO@b)dnCUvXJJP$#*ro_=0{1aEL@d9D@Z>te^B-M0MDc9vnQU@7I<
zypr|&k+dp+mk;977mJ3NDpI^WYZE}5h9QO2W|8;nt?}oPl+Wez9@x%@+S6&~LE*?x
zyp$oxI<G3Xr#8;3L74OI7S53_Rj1ExS55hD%k{Qk59U2fymoc=g<ghEPiCYzyXR-g
z>F!bN#J!p;arP|inbHoXmJ2psI^%Q3Y!9m#tIF?)1tLa2tzFt<ZPpzxj#ODs-o2c7
zj#8}Bt%F)VhSoTbu-+qA3ue5|XfLgw8CQ+pH|%`Ce>IFZf9`6uR+{QiV>LhazfX82
z?_5Na<KOR`>Km~LVBZ48@HgKseA9on77u6?_d>OUM!;XWW&O6YH9<oBTtbuz^*j<)
z{GJ)5`Yemz^BjpUc}G78vg#F9fGx<r^fRp>)4StK-75k^euuEc*B8b?+c$?n#=?d#
zrk)ZkISDsWn$H#ZpX!4~aUY1gKySi>^lxZUJI`KxGIZot1Pn(4<<<g@{3A3bgY7rP
z$EW6HsvIve7AnTtW|nhHta^bC_r%L<8n~NVqKzM9i8&lEo~MxKcr#0AKL;G{J=PdG
zUW(8C-oG9pTF+hht>#Ynt_qlaTM+|P<GiCYxup00?m_yrAHpEP6N;fU)7xUM1C+fq
zGhlUW4=4`L7jD!mZba^l=nwf}{xkU*{*r&@-^tIo@DKS3G(O+ne_G~yr&su}LKJ{`
z@~z=3ngOS+91zO~_b&Y#7m>U`#7T!gSC1gcEuI_@^`ri=$S~_S(K}uN+?kDE*gNmG
zG!us#foVFPxnAkTlOM2yAW^!zZ?K=4;iIUOlMbK=7bv5Uo-a($n>+<2qffv;OU7l8
z@NPL+>4{pc_`z&Y;)!|f{SLfa_-;Q)9|OiNV-bZUl%Lnxh-L?U<ZnTk9Cfzp1rIs%
zBkqGx45d(A?%idOj>#ggtQXt`u&ADOKv|1IY~gJo_*6!w3$iw9S(m(G#@H}tWK}Y@
z`XjZejKyBvQg|I;z-bWolC!$uyX*yAbUYzobR^3kaOdUA_1g>94tekP_babJ#-ta2
zpi6j9Yrn464qb(9(gNG4IrcvD`98VRO<ar1@EX^iRfZj_Y*T6hm-k}Bw}HFRC}W*7
zkf1jZ?(UTb2<r{PR*%Tb1deX?<9`zO+)z}s0>z&vW6kY{A54yLM0R-6hxa>PR8FTG
zvgPilHv%Xk^PHTpz$o=W)IpZpvz*EaR1PSdaY5V}ZC`9b%CPHYQMs3sD5Oa*<hqYE
zT*0#rKgFg|foJ`~&r=s<bBI3flF=1rui~>7+6KPALvaLX@cJ7x^+%m7MCsB<etNPt
z=LtX@7mVlz*1tus#qoWY8MLJ#P4atB{nijg9A){18)%O<YlrNESq#N6BIk93FQADE
zly^Xm=ceZRPmD*1D)!@@ZP<yg`cGOdD3N!31n*!klmCe~K=JP4vpP3?VNN!FasB3n
zWru=G<4<N8M4H@!kthtb2u$N!SN^7SX$I_~?GMufhcqc2V6nFa?##Bc^<{vk%OQ2M
zS^Ba*)!XXj(;N}8{FN`m*1hOz*&h(qk{gg1GvK|_CS!Pf^)Z0Y6U!}1|2gOLdR)LK
zP10V??!c>-?tuHecBsh?<OXTBQ5*OUR`8YDz!@Yj0%7czisAXKh~Wkc-$e&?-&_X&
zT$o3ZHXm{{qId9o8Jq9)ZwFC38W~fWzG;)%UmE}m4xI|w9bcA&>-qYFsOtFxjlU_q
z)qKK4FiQ6=G^*^mgAaEy(+^vi-I7d~+@kB&`rx_2{%xh{{Y>M-vD}Mup(FidWBl&_
zVsneGB?f~;3Z1Aj)RUiwub-x-Mu_{q;}z*XT99OIl4ta6kk*W~xVV1bsYlyUL!RHt
z(8{*a%*D68?V5aTf|Na@8CvLp*dr9XP-3I!^xV~J>X}Ru_vvf5nF|8$`y30)t_qG9
z;ThTBH94ziP`$)+rZ*LBF>vV)V&d?4w!F_3YT{KHII&E|H@NM@@np~7Lc8{(L{oEy
zHUWxVj+qN0PnVJ-*_@I+{!hi5crRa)S%PFome+uE*bZIe9_z)WOLh5a^v^BzaW*~U
z0UMPyTdb!RkFcCrp8uBgiZ;oGqm00;{@Tv`3O(YRn+daJ4Zc_rZTLDe+y79+`4!Q>
zB2p3Gi2TTBX3*8|jHu-+Yj0+=?S;tkT9l?(6U>uqlo4llwiv?R5y$01XmzvmG7lFl
zere<Y##7EDUynBUw6I(^57(IwZ9p^AJNN0?<-@nKeg|BUbDH<Iv-H+D&zf0u`P&qS
zYGh2h`x}myC#O1$1k?xzZ~>0ThYWCbsPGL=Hi;h<J~>GA_Rd3XT)BaXi$GWyTfu6s
zax(A@i{3?scml32Wg^Ki##F)}KXw2EF^{;7x|V`YKNNVWeqYh*UhMt|y0+G?u?`t{
zL=wc7tPj*>%s~x5SvTH3KB!+CSCBDH3kg!Sq@6JS-HtP%lm=f^rrIrevPXQn<A~0p
z&NH`O+6VKxrr{N^VUox{4(7;eW?)&C73M>PDL9aBl!DK-_J{mm|1<d+|B`?D-^tG&
z`VaZT>;M4M1Y8iP9Dher^&(&UT#&4`85`ooRY++L=eKmDH>I>HP8ap6q>>lD9;HI8
zm^LHaral9?+1(YcI5xa0#+vq(-3p)lo>?!_Naouk7V7?=r`w~3YHQ;wRME!!i#T3C
z;4}0>r&zGAkoPz$pIL3{2lDIm>x%fjpnl2JZ1k}WTaE9{K^zg~wT6#G<%cGA{4zJ(
z4ex^O44JcWYb@FJaBtpMYQ5FU4fau&`bfv_0!S<dexLuv$%Z;_pP!flvC-8r%scp$
zN_N3gUemSgk!C5V(Sv@WEa;9+XJ?KLauU0iCMTyAsGD`hW!>${+UZ$BPk`wHuAmq8
zzS?KWFemzuq+PS&5bhdooKTNMg}KjiDq+_iIsk9ee=fQ81Q1;|W>_ODNtK+pujn1y
z4oApFZW?Cebn_|UTr#ehFTN;_*=PyRmyivcPGKL%JUvQdS=S8r2&tI4Q%lnW3h3?B
z3wwr~hbJ+PqTva+zpAR;NfCqPbdstuZ5Vo|d;!!@=&#dFEcFc#2IO<9!bvXm4AeTA
zXLbDONIFKE)4-Ys4@)i#X_x~ny$F|;=No0!lPt3@^3HY;=2M^GVISh11_{5s6xZf)
zb1y$1j%!xoTY5Zvf7m=fFE2L4;hsA4m80g!buejr(_HiQSpF`$5f$)w2xloOYF%rb
zSx<_&k_QWG9eMZD-1n`=LvyM<T~LiTroY)Ox~4+%<P`7p1Q)w_T1{^`;yhyUQs*Ix
zWpQmPM_9iw$KE7@Wp)J!mV*;)(^%Ct&`oa&2ziNhb%i@9PH>H0t22s)ZV|pMd6}%O
zpuj7#9y-K)YTYMdJPGw|Mh^y@Nf5P+bUCp3*~w%jhts7?M7Zj_jou()eO)sznNBjG
zc0HoqL+yaB6U%kLG3))Ddszp(5=P|nTI6)C+XDIlE3q0Jm35ddhI<13dkscDu)aXQ
za-lFZxyfF6;2ZJ@ZmHTvn|)(}KHU;9Y;ZA_%FJjBC<!o`rPkbQGxCg6PkUiL$lgU5
z19x-QqK>Gtll8#nnHq1XxXUWNJ&1h`V64C01m=mgmqQP%-wb(jg7Q#kr4KA;O;D*M
zkW-Q~V7Rv2%Cb*~S5LpnC*b&)+wETQjs&XW`1GPI;tcC>gME>{(p=lY*h17x+hR~^
z_?43bu<4j^UjMF}<e16AH494&2o^TSF&R4VS~m$Jul2xFz6b~}NhENL;{Bc85)h8M
zRztbmL`h70KGi;+u|;DP>RCp~!8GX$l{5wpmLoP9thnY;ML{j+<b?+zhe<ut?AA~t
zr67Dqj5tw<AUjS5djsFal@4|hQ)l0jVo1FY6(=GGT{t1dJIEoX{E^X~@g6ZNk!2s4
zMGli`;q$(=*l7b}w1IPWYGmr@@BpI$bl6r4Y8`xBevX54D5QiV2;vs|!k=v%^-}(d
z<~Z7x5Y*-`<=$I<(i`3uS`|uAi~LX!R<q&M#Lx>ZLn@5vy4991E2)3vuW-TKwlX#y
zdi9W^rKIXAdE+L1aaDQy<E}0L;VBB&soOCgH6!D!_#g^q&>|)v-VRk2t|@u6udo$4
z=So`fTl%c@bD_j}w(2eqCJCOeKd&#&YvQ4iU5FL&Mla8MOKo7Qz{`;JA)QO$c|MD)
zx9cH7ige^O1Bb-Hw0>=H#_y6t^fv#9893JfxawGJTjIAUXUaFf#^86~Mt@I!iyUo)
zl_T;iD-M!%!4AUyqmgZXSFP7CZA9((D!tIBFCPNV9B`h$=#V0aJG&gI8vp}momE(D
za3BM3omUT?SD>5D*lg`U*b_hlBb~OmZ0lJ)iog*+HwQr@>^4;Z*b5*7n460**lV5i
z0Bmrd9Wom(2yA$e0m4pOD7Jp@9r8_QRJL)T0nn@8e7&*|6gGTrSrD!Z(gR(xM2Kt}
zd{MC2d!1FtZ1cbaf5?ygpUKbkm;6)zPJUkAf5>kr1OWWl3<46xW;+LukOdmx1s>Sx
zyprC0#I<>aVOuvSXspGvq?2OaECi1r*;E0=PW90Tw}Aov%n$)QK<cw2*=dW&_Brl4
zbmtY6O)C_(HSoa7_S!G9b;8HK#_zz`&^|e!Z1W%kESra^5k2=E@-~e=gfQ6gowkHF
z7DT7oEl7hvn{2??@W2BH-aB7x!axS>J8j|EXaEC5e|AM<EB4uO-E4$pV-Y+dvw;B_
z;NNV-W8(q+Q)jWCpDM9w0U|O%22wk1<t&g27ik7Nw?HEFHdVf0m-yu1usH$^;BGcr
zbHEj`g9bujW7<%GMW{b^M52IXez}(0e1x%a$6#xR!#4KW5$(L9+;k4K%9Am{1dfo{
zH1X><_sM}~I|oFx`0QAF?<o9fT{cMU0-qiBO&!wo4kYF7^9HD+Z4!LhRf0HRQED3|
zzyQN$BMO@pc!Znxj(+Er>E<Kp=Hv5E?D1L83=nLk&MK%sHnnwLIdxu<{VDFvpPGA(
zNRXFMFM^+^`4aKeIR%5Q?vsPZ2KTp$KX*X4aYtgy0FO}i-jUv%JZk*<+t^Qn1OKxu
z(w$eHn~Tuc4}bxL%|~>bS8f|FU~Ht$D@2=CNbHLsG$GRdaR!!hPK(*CMmjt6g+b6j
ze+~<@ZQED0j!u14n#ciO59cR=KwpksYxf=dMqKwv-8{G#|LEvw=o~^qILhJ1LX1Q~
ze7L<zM-_DpRSZ?|g1)-OF$v3i=!iB#LN^zgIPPwS6{=Yy96qHhAl!2u@u;8zJoF~?
z$O{LRpdNXormwnah)Wi3qM{9b;J=IIrj;}FRI%eYsB94r5~+^i<OuUc^syDVcwF62
zKb_1FX1Oe3&yw)I-y&$VO5{-0IBG~yrmjt*6bYNvq%krG*sk!omx^#3H+*gBo2&>p
zFeu_}8ZjbfIT;i)FUemb(u)<@Cj4}Moc3fRf~}{Pe1<p#u$Ev&Y>+eCiNz8j)X>vF
z4iXF#+9udkQIEt!)5S11Ke1Kiqw%|;MBIuT?V(xx#T`Kmh{T9QxWPmcj&pc@v|aZD
zA&dYD^!4c%l$JI>ITTj%s5p%(6vT*(9QXh_-?4$YXsPLaqM?c|RjeLRFx6u;=_bS$
z&!`Nt%t2G}^B3D3k`fX}c7)AW$xk9sE&P(7q!>*WAEWqW-_)J-7GFi#*gb@uoJ>{k
zgdb`dLRJ4oRlY7YnL1_&b;uyJcQG4cFhK`er8^VpCqJE+%r!BO5tpbu1|dcm|B4Jf
z7(8UZm?MQa8a$rf!dB?&Bias_G0k-&@xs84m;K@7og`7R#5lc1X1F`cHNZ)9iwG+o
z8;!p)lyEcMfHcNKo|#rWOCFPOJW%R*wjaac^oN=8@~J<)Ayzz2;pwa?vh6c+C~zGD
z9Ybdh6{_SZS$0JKDT|rYDYyHhJXgDR{nw?GUD+?>XZLTVsykwpPHM@M!7J;#-&e_x
zr;&sC2$v)bMH&(MbEXiI<y}HVZCixS#zlud_BDHLG!SY|{p16~&BiWg3RGmE>r!*K
zJ?Ba5i;mg*J<J8}Ftq>^@P4B-Vf4SlG)Wu{T?|}uxyI81or4g<2j}Mz*onyxi52+k
zNsdq&6wJWE`YRgwiU1wL0IGfr=*{I6QBhIqAHcHqHzp}!h9wEz4B>%vk+%55LjvQ{
z$$M!CQMK8Q<9hr}WR7w65M}03;Zr>sa%#(~Ty{fSQ8<bTv^X4t6@rP*f|`1Y`i5HD
zRpF9bZ6BLmdEwOpd$m=T`YU{!J9u+EP^cba`W7)~iV5g@olQM~@I#+of@9JYR9O~u
zsp+-yCdW-EM?90%s^t9Th~k|bW1YCh85pmSq2<u8Vn%BS&#mU4uigUT&N8)5GjlWa
z@}P3Gez`&ANkBcktL^G9-dC%x*lvA*Jt0&4AwT+mCO`9E@=yLd`Gs!&A-|s4XO{rT
zYt2*-iC-QeYdUy0-X1j36y&G+r91ozxBAgsWd2?{zY%gxXV?pE;Oz9Wim2VD!uGwR
zq7AaPe}}kV@%RP=p0^CDhfhuJW)a8<4-v0yBfMYity>?WY@kjMOJFLk>SO3*3`j;M
zMzBP()R1p!4YWlF!u83Z@Wf!2a^)@t#|TKq8*}^lu@(lrSZ|MmwhtY@e~>1Un8qTL
zfvWLkc@Ih#26Z-;6s}UC^wF;}flz@(+ZL=63b$_IU})|8vl|>wMvsk+8KS88%U9~D
zb99@K`^}!3npTPH8>Vf%aEVLu->1BEXnkx{3^-+QHN@V$xwju&D`LGAa;z(A)Blzo
zcQw-U>oKz->bDbv9e#N)99Ns0J-Z6SE6-%UX540RxUWaJ3f43vHAeCy)P3x`#TL!6
zK)bQ;Ng1KosKjSkWi~DxFpUu}Q>b-o@6oeaRNFfg3GCW5NzcViUDJ_#XY2U=(*L8c
zADooME2y2(z15Y|v+->kgInp&P=ZT|`zkoZC#Fg;d^Ev!C%fu<z)4*%1(8Kb<x-)Q
zdnON+n;Px+6viJF5}BUjs%|GED~=cEbm%w<2@nt)Ms&-FTvhB%O7k2kHS<$xb#UC~
zD@ibL@pWk6W43E|`p+%<wKxY;k(x0L8N-WJ=ZVJUJ;e;l6WOcbB7{ZeOje^xO(}<B
z(r3(`uOi|MoG~zP1E5ujed?YinX=q&+-QF1=b&|7TD-3O9nGo6TWpDg1@5RF%kdp_
z9jOD+7B;nIr)o=eR*F~N*H3#l53=MG%MDL8V{SNZI1xg=gh#DpU)}EHzs<fZt{312
zO0yvvF8ASyV)^E*6(q<~yRnX~bGg~e$jMAiUgI;0?ByHg8y=4YF@vIxH2?b5Gm_5Y
z%P7vg{g~W#d@yS3u+BmuYOOj>_SPDl8Et=eV=qdwJj*~-@Y{RPDBMmBMrMR8aRkMo
z&kOtb^%>Z6ez#&L!XeSCcfCy}r^|GF0xes(vfk)OYH$>p;AUGkZ^q1qq__rDc+bIM
zPgofA3QPTshyy0rGC~=Q5t@d)I9i-Kv*03pcxvMy%&wNhX}_^pP&#@qevG*oMe)4-
zb$GQrVywwbrcxu!s!>a+RjpPGIXKvCk4L?bA#OT8CTWy+xPHmhzF};MWw%Gp!SvIY
zV74^T^8Nm9m;_dQY|Vo0p4$vra<?fH2Q^xb5Sd7F@0Yyf@6|>4fo)%6yOQ~8uDKyi
z3{RpJ6cyuiP-N6)WMrmxEXSN<i)2_yQ%2&8@Mbsqyk=eAbk>Nw_ZRx$jI^#561_L-
z3GRHuB668QNn#D-{9nmbat=(Y8`XXi#jO*3c5@7nh!id)*zN$8LR<-F^fSF5?z<5_
zUhRYDA`%(>IGP64gEEG3l5S~gd6xE$d$#_d>L!=paRbvu8Orwc<Z|>Q<(LYXI3|-q
zs;MFUd@7Z{KBZ}}&TVPuL{H)w{>*KmJ|(`vcm;W;W@fzgO<u^=J<?XK7A;*kaS1w+
z3fcOk;^Mdh?{hw?$ULlY!*$iU0<O~b;x6q-III}BU66RY3wtjv@{0U6UZm_R>~&V!
z0XM5{J+FN+rG3EtI@tq{F@IE%db?nJyHNIga`Jov_vWBHVy*BoQ?ljOzWjaK4-6HV
zg#XjK_jwWmUfRdqkG-_#i?6dCMeE<RzOM9HRf%FFC~c?tkg{{jt8=MI7k+>Z_Ieck
zWbu8*iO?0YczMiUyhoe*@epNQw?ezb$~LauoVofk{pLuXc;4W(H~nT#qtU!^P<`{p
zq20_&q(FqJe!*JHVT};5BC6TUyC+_M{IR<tYEbfF72?M7O(~yVy_B`xl8a)U>8<+~
zT24>P%u_Os#NE_oRY#(k@~9vnG8R{VsAXen-nQfl^^=qf;gsq2X*XeBw&hM%Ea#Fe
zBr9Q}f5?yhpUKbim;4j|PJW4kf5?ya*|#bND;6u<3k^(G$W)))-t%XlycGLB*IKdP
zcHSdY9)6Rk<dGl-KZa~_L84_Mnz8Nm{q9EH8YZoEJ;g<F_B@s{nfO_?`f%)7eQlgr
zY3|Q90SqyWm}iNSYsb<<V;ah$7KMj~xE>q|a%06KlXiJ=j79o9{Y)9zdJ6U1>VuHH
zMg;|XaY^ZuRr&sbkzC3Ii?&sy4J|dUD`f{wA1w(riPLi=Q-`Cs>4V&kjCO_i5p&rM
zhdjg*?zhMzrK@S1szO<D>uKJRoJKQ=2?T0Gi3w9`Lz&jm9B0>Yg^v?ot(|fV=ds6(
z8)qEnv5fVX3hEh2!OY}1e-AeWu-md@EdSzmwCA&nk7f#wl4q}J-dSFzPOfh*e8=9r
zauQ$>SqAWF?1y#ESDF`1Sr4#tf?DVtehfw`%azGJc7YcWiLwD`Ftiv`kqqv=`OyQS
z>bKXchup60yhevf4?BA~QwK|4UQ+4p%B=Hj^KAQXRUrM`jOVebVCx*dcH8&hqP%D=
zDVCb2#liZs4oC%3$Mod((@El-q!06w_q#5xL+P!i*XFJJGBml0GOEmdjC;K}(B$eh
z8XEEG4s0ivy8>E~B~Ee0RMaJ=#iF#F`KU*Gy^63hQsD-v1tM$}h7+Sa8JZ3U^27gw
zwzq(aV_VmDNeFJi9RehQ-~{*J1cG#M57M~1li*GW?$W{C8+V%Ejk~+M%Z047_CD*}
z^RKhdzV{#F8!sPkF{*%`_0;@kRn3VqQfD_8o)<ZpU{a7Ro}H4a%*%h1>P^V%`QtdM
zSa6Gfg3oDv_PAE2e+B_T-jT_;J{{6F>qm^Y&Qz$L%MeQco{6Zz_%<_H3<bYP{q!=k
zC}dve6q@M~5>BrTzVz$l#ZS|qjQvTUP--y#LoPO&fwbIye0U;uu44BH*aSrDW#~nq
zZ??F)=^ZR2XwH0BW43QmTRhuYTe7y_!=N*zzZRk5Sy}E59HE6gu7&AeQs*+3ti-Dv
zQ?g&<db@q2Y^8Cxzr9jGW!6=sR<#~g6<f73&ZvE}H0@orG2x(nu~<jCQ+Y-;zEQle
z_UoQge@r4SLgKN@k-CN-LL|XwrA=Rkxw>%L_%ZGREPeBlex!tJn=OK`s3%K5AZJkz
z0P@LM)e8zkF-5hwu~ZkzVF+!9bd9o@ZtIse0UInH=l`u^aB-U{8d#2Hi87lJa~%L&
z@CZuHJKF4q=5=iHX_I^DtDH&B&ljfh<ag=aP3vzrczS3GZQpgfBu2XPI+2W+(PcYm
zOp%TBc1}^)PZcsZjqzFAyqzqbzDt2V&OIA?|M7_B;iE^xgoH~Y*}g2<;EhE;6@}++
z=uPJ&4zZWsipH!&m#FxMwdv$oXxS8?3tagzmDT|w7U3p)qUe&JE2A~mQoDPapE}Z%
zgdOVhrbv90F0`TuGIkK2cNAIwVK94=h9}GAR&j+#;!-gpwke8gWVk#4{TI(Hlq3mq
z%3!CQlZ_r@pd@v&JHl7+(|*smi3_%~{Bys>^_Zap+{OM@eC9wd)i$jIUsgc{m|J0l
zC&wNL{|RtWa8U-r-++#@=9z{Fn00ORE3+CQvug^-S=Jgj(uWU*=JgkCxGU_AjBUsb
z?8_%`q@HVLHhq>c2~{X^HLvI@OU)e(eLR7=H~Bx-=0!{P%6f=hxaAyYE0vH%Hif7r
z8BP9BEh1y+UxDh0d3aBsCueH{4)hYTtI75fzcs=`0{g8S;dd%N7i1cOCwH?4BOW5e
z(iAje4zx1{D~qJuyDZ)<G>Y_BK4?KVmJhVl4R^g17*(WVVqI<*a6Akj=EZa@+y`xI
zd9I1Fl&*?Bucxz=050Tq*UfYbMOT6~`!_N11EzaF8ayh2pCh0fDUi{}Q*Lleg5ER>
zbimJ<7oZN?IS5b{LQ^Too&>O;7dYi_7Jvw^d!&jow!22RcBqsk8fI9pxjh_~P1HJb
z%k}fAcOE|l_0~-{-sPR-$s5u_@BC5Bs!YHIurs7-SuMXL46H0zFVdKOu)Ixb%HC-V
z<$WSQ`QMYD^Edei{z`s%jX%lXIspT-18&;y35zqoleDVZ9=<5A2rsaC=NaDC!w^-K
zsGgB`!?AThbIoIs(UiKP?vXWKuAP+3Kb}ixt8HSlF&vKtVsPcF<QgCT<>xxL9mTQb
zuyv+AjorLsyu$~srmv=^_jh;cvk$oKVAFbBgZU-;h@P6&ageU?-JU6n+q1`e35kqy
zD6l1AZQVQ1?hYdNmib+@ccV7Y7@_lr3M~E1(m#m}Lr~jEpaX~BjUh22VB12IrrQGM
zO)o9;b#;V^>Xk=%yLAQ!&R2d-G^)c`Cn`4}w{feKeDG0gLS6;lsaeWRHn*8By57W!
zcZ6uVO!@xXc{p>*4?)fpyoBtp1m?)W_t_<@_}MSz>hsU_OiQo~=Luz48QrDLs^v$t
zBk86CKV~w7zVzsnjHhaTiSYrQK2oSmks}aTN}~LMu@DEnOo|M%Ko_mh&*3}dj(7<$
z`68lq<?sa`l3c6drRpsG{R_an4$Ql2q89|OG(y>Ckwz97!NjwA`57PVsq|{L$XI&p
zORkAI<C(}*yuO*airRCo1r_vLbyKZ#E-`RXUMDvDV$t}$=R#gPbmD^d<U)UV>481n
z!-Pe<7U}DSEaBaCLzEjOL64;OBa3N<SX8H1zWQVhKQ=)3*)3}9uXG@HdKjDqy|KO;
zoU#7ZhtNuQM6a*nEW^`s_7&#=H)1*kD2A<+s;G3Wun{msYH2<jOK8s0v*sQV7HFfw
zq@(TJ#xK|^`~A5OVd$~vu>1%T;%V!)YTd*i%<Rwh=`^iyNW0aU)OOy?xJFrUMp_Ve
zSJ!t}s~OCQmRlrW^V%H))3?a3La%3R&*Iir`=v)0-(RhwkGwmkfAuMwb#+l?S(|@Q
z)^5xuHle?9S%4*1=?**Bi~DRr>aHE^`qsfJV_(pE0&TQ0rcNiTNiO$*Eb<eBQQjJT
zRb^JJSsw6N6>4Uz(CBcQ`sl(=T6(s?=+FCe4`%k=Q7ZnHdJIt_huavQdnr;6)Qet0
zz~HOx+B8>x`9ZBw*73#IG=+&*?HpGU`?suT33*oB480ix=auvk)2Z*3e!;7&80Tl#
zc)lrS^;_nzCapRLDRWk#gT^)Ts_@y*Gpd<tPo!PvNktzg6<DF_YbN+O+I?K!9hEqV
z7}56D8I>%6dhw$(GKWY;Xt0m`i-1LDcl6FfIFfHn884(VNbV`JxSrw4BT;7{%l`6N
zW_z)id>T@+wSo51ACXNs8oEb3z}Z@3O?D55ZyXYxDD+i`99J&E@Q1EotdYz`nZvJ&
zb*j&-UPy1`k%87YJxd4HsJGT6_s_=Oo8BV}AIc4-!<#PAj|%Z8`;=rnGY+|WF6qKd
zAx2jDxNz1^5i`<Tkyupq14CX?L)&|8Fvfmd;uu`TBE<lMUOhqVu_xSWo7DM4=~=1A
z3y!0EmKKDa3iCAm8@`6_8-_zHbH6l&2V#<iftwna2eJdf#k;g;5rxhMom6yWYImR2
zBVftYj=F;-#-;YTk(9nljF<deAoBLY3V~-YpHxRN;#QHEJF`Y7nuPG0`C3rjI2$CP
z*)2Z1eIINjnlE6N(80R8Z*QyGuZ^^O=im5oSLSu^MS=kSo!>VQCQEAHX;gye`w=<A
z>tCM)6Sk;X?+mijew)SUKTH7c8KknsepS*W;Jq2iG>8=M677yhB*doBr*u!f)^KXx
zqNZ#;RfrdZ?~l#tCK6Ozp*FiU2umwGiemRH?~)t8{Pho$oSKS@u=N)r<FySm!VXjO
zWF?WjhLQ`n^_^hxrA>RpHb5~V(-mh7luIV2gr>xf6P9lLLX0YRQ=$`*_8I_<2=;7*
zkYOuVHUy=b>+j#8*c}|mboN#0Fr%={Y+m~Z9->h4<?Yn_^PkPV(Ska`vXkJl##8_I
z;d?De@I-#9zb8M}Z}Rv5mHf&Wf0EyV69&e@->5@=y+^w*rg5|4&FK`@wK<Z<`D+i3
zPibf)M(w9l%pM$l?uo)_XhTM@r&BN<93Rp;tymIV>=5rBUskI0_H_N>sji#&#x=>X
z-MuW*rIPr>m~$P<*q1{1KgMY%j0ejH9n>Lw=}kA?YfU7NVqXFLFX6pU;rTnXd(%r^
z#Lv8spK*n%Jnyq2T=hb_(h<Io`~L7|_2J|3!|N;Zw-4=oUhf`b)$40A6U9dRs{2=N
zW}hpjKSE@!o-bg0Lp6<`ioEk1Qs@RX;b7cS$BX1kTqDk?y_&@E(jT;u_@A=$V)s+i
z3L<QjxLMa(ZAslKz!!)Yp1&Svy}Uua@a$@g0@wK7c)q4T@;ntOreEv9Do*}cQldD}
z0Gc?3*?`#IGjH^A3I0e-UEB>AwP$6={j8AfdAD%pu#9xaPWc1XLX@-pQ#=Mn``{M}
zdhgCsoK%BstDL49U%9FDrXpWg^i4Amrx^7}T4z|c+)=aCslj+th>{*MtCNv(5Wmb=
zD5?(B`z7T5ouz?*4!z)7czEGEw_NU&n~jj5zAvm}oK%59**B+S6QYrydh3SD87m7>
z7<PpJYdV|IlY#<fjp4=LbmFNU`IRF3c!K3b@utjft;$mWVKvsCxbE-vr%dcP@qkBK
zQ_%PAt#f>MNoThfWf7h%%w{{u+W`tu+mcO4y=PsQwnx}dpt|Q-&6PFvC!hL7%gByt
zhM+19EVG)|<CY(TwiiYc$7;f@<s99!%H%FKf6}m=Mk@I?4Pjij!+_D@+g^41?&vbl
z!iX%26Ck&L;ktzpZ;>Q`1L>lM`q@}x&!X0}ID>I5AD<e1{>k?vGhucM>32AVC0u7*
zZJ&w93l;Xf_uiqjGqEQe?;`0WQnSC)62CLKCv5#9?Bz>Ol=@bbW}k%$^<JZ!JU+uo
zST|krTQp>@`viLS-2hm5M1%~<R2CBN_Cs#Ezy!XcS?Z8}Fa0+Fn6y?;E*L-Sm%)qQ
z>DkHs2Z1KSylOGukxA33?7i6}<CJ2JmVh5%dv}gQfdPDGE(nfoB}-bDq>zhpV3o-g
z@j(bMZ%w+GX~RQQS*^soAcNRG0M%uD8rD^q2@LPr`+28oNP?{59L}~?ic$4wjwk+(
zn2YmsYFW4*uS{wcAuy)@g`p%2ifSu-(DxUP)?cxIWS~{TEmviIaC>D*Y%>!$BR<Qq
zT#Z>%#A^So_`{7w<%0N=#6IIsr#|&IOXsv8q92^J{7T;ac?OZ-SDB49@htj<-5h;2
zcXCp%1BN&8dh7dvB0q;xGQLB4h}W;P1M53km%eke^94UU5|rM2QP`JedTwfok|aT-
zs|g+Zt3#%D8V>T1uRQRhEa~CT98h!h7tvw22_CKY*G>nOJ~+l0c|*^5gsCNc?By2*
zKut+GPk;C3GyV*GP1wdI^|MBKKH!C)=MXu3iv#mZc%iqN7(Pqz1kX9!<O$&0mk^kr
zi?`7bpy_|15A{h}Gz7zSwHH18;@Dp(KY9OR7R!BrB+orI03nZ(p%iAceeZf*p1mdn
zPej&5iS#ByW70wd48G^YuP`{;K&41zK9Fx4Xm@VGsR8(lVw2CAT9xG=HssD21WMY>
z4tW}$S+!}Dl6oRpwU>NBV1_07{UJJI%m*yAFn%dyXC5c|qXj7}{P@{agLvMeJ&E9@
zut56aW(fwTO$h9clfdYe-vkJ9Ne{aopgJoO-o6PZsA^_rT}~i8>I-!?6z5~5N=?8V
z><ct9>|p&*_6cJuK;SFJQcWpw!y)e_|1DrVUeI5#HEro}ZrsbolJ6L4ZDf-uH;dn`
z<1yMd+9HR3ue3@1_vGjPP5!>Wl3%0!Px2$G!oa+K^Ap)k7-17J<rUhn-(0!cxN2%_
z;+opL)!H2gVP!*KvM<85@%h`0z|Ld30jMF0MfH#&3aD}o)@AybVs||mf0X6|bK>Ef
zKDph!+@aCA;InCyjFjugh1zcXl6kwU1NHyt=(Oox{TN)I8fdFX$qLn%0D=TQlYuPw
z2GzW0ds#!oR`?6dPzua?)fN*v+gL;VjPQCVhG299UuuB(EM#KY$2o@ZriBvCE3-w6
zHlJ%P(MB3H64ePgZ8DIIn`K~}`t5LY#P6ZC(3=4r!@}y?bXk$>|2StJNAJe}^I7BP
z`2G1Fh0^OOo(~e6FHF9pr(~em!%drjQaGNZ`p@<`(L<!+l?r`oncqE>k*jxH7Wl9*
zmhS#&nH?<8vk&jl7r7@mVs6UU1ZEzapXY00i;Ix~lHz*z=yjKgu9IR5xWX*7oiF^(
z;Cm#2r2CSHX^kmM(0tqzu;w$GQik|~n;|TGm43As8dLE!t6QS5W^a;4v7oFhK^DB>
zHTdWr21fo;yB%e0k_cTZ9mU%hKk{=R6G~=V8Clmv7IM8uaNCdTV=sVm&y<TKnPtBV
za?DX&l=H}ZZk}1z3?ul`7frG9k^o*`*Za1O3qZyu>(8qiBNs=lszqYtV8dtP&lk^z
zO%|2$6S9QljFsx$f5>)7A9qU6hcMWVa!6_ZE$$25ElG82?;&yna!D)GqJuN+yl>4H
z-dn8sSPBU*LaevyL@Wb~3C=8oLsTYS@#g_yR0dxkwWicVIF(J{S4D5*GEY~@4*2-X
zu-5zU_MEe@g8oy-2E%;u7$}dIKtG5<{A61P-rH*CGQS{(Pv*LMDA*eRd&@lSwcIpy
zI}RAO{0pr?d&=?avVbG&c)nl}G4VNxTAhb}T~57)kF&gC7d={C+=tA36erMEI{aSP
zH?oiZE^m+rb=d~Co4`NB^K<cROeL0bJJn(CtXTcAiHg8pPmb1AC0&~1+DNhcbPSVa
z+cQpdu*u9j66=vB@%OpkP)*ZQa4UZ%$3`b*>liclgI^jt+AR0IItvR2v(ns$Hb?B5
zzN#lO*5WRr%W+t%EKVMe8L6{Pwpj@!Hk##H=_2GD0NZqhv0DB+79gDjuIImqO&5cu
z5F9=&_;4BKQC7a%c!PsCD*^@R?r+9(mIp`f<TF6m${)@=K-+H5R+``3V``JO6u>$=
zz?7h;i{qIZWc*Y7QP?$emxR&qO~LZ*engC;)*1hnrIs7%NAzEWQTGi#QQ)Ld#~}8R
zEu}0)n}aA=_$LS|a5@#h0W?<dM}KGhy=@9V$cy~wfa>0(qdDTTH?TSMpW+w|4Szok
z5a;bNmLS}t0g(bLL7`2{u?LzQ^X!2;p-%6+`e8U%X8F3n0bc~<IT?!033tZd8y3bP
z>=gjJo8ZUWcvLaSoL_K!AT#%s(8Xrvm?k9N3k`GZ66e(irIbMjCXJ2ED_Q@rLma!r
zcvmu0Y@h>RV<XK<R>o;U{3vV+q}@;#Qv-}G3ycv6?CBAV2j5rAZSF=+qlh6V*wZ-}
z56%w@Xpd<n|EHPue?y-7{B(a$exBdt@BJ(Jb)Ehsf2<k|%>VJ=T48Fes|$d7L_a|b
z!U{!ETs>w?7jB)-EAd&b2;vQ!6}|~&>!L8Tz0>H|l%$e!A1SB59W6Y=T^w>D;gO5h
z&OF7+ilb>1-FhR%1aJ)+mj3@>*-%BUF7<mhOj+576kk@PAsUXrHf11)1{zRB+6O-v
zW=CE3qek9p-f^HDoUhDzHq1mg-5gm80@g5<$o_v7XoS(`oii7}o$SF$wg$S5Z*pd-
zOFb{r;TEWhfvJL^x80Hu7r62Ah=ej#q{A-I867FahOmh-Zh=6ho3$%!wR5C={PM@O
z46j5|C^1l!!1+%6bS*fLB`#DIi5Qq?6IDt`zOvt6J`Gm#@XEX$zbwBUAGm%BPh3s3
zxpZEG4;b<7?2ltkeSQe7XeWylPesJ@OG0{Iu~LHAmd~p2y}D0Ty6T(eu@#fdtej9Y
z;CEG7;+pOX@zm3fPb+%m9!T^n#*Bbs-?Q?^7g!~}z?$Qbh9<2dbQ#s|bE}!SlWBj&
z*G;;OzZ9q@21d^PH+{}OuAaF6ymp2ZinXh={Z(!d)y&C}KwsEGzm+kgTY4ug;Spfe
zv{_j5e)<~39Kc2Pl_VbJcb8LynVifY?vPa#G2{yi{kN=A)Yx|9ZoimPDNp)7g8?MP
zTP$2TqM9C8TN4nUL@Habxn|(9Fb+bZ^#|bON5f=9R#{&<%3Kn$H5%4WzJzbvP_cFW
zgP7Yz<8>)>$;Iwywj}_9!PkJ%$AtuO&OraV^>)-s`0g*F7aPLdD;B>-*=LJsSc_Pp
z>8r-rMvpHvN3$&s;0&$<jD}@e;y8eEiN*c}>$G;wpk_P73~En0)d+YEI)67>EWB5t
zM?rKmG%1m-Vz=g5Dd0Dr6Iw8-L)W}qY-i9UzHatgE)SX950`u}$hX4=y9YO)No@Ti
zq{Twf;G7kMC9<4X+o{OOt`55cBn0@5mm)DD-2Yumb_x29kH=3U=Wr8;ETs*k;A|gE
zmI)PMa}5;7fNoL{@r!~2j89*N{dXo>gopEPyFNMD&EaGKM1b#nsSG1R`Us5k?}#5U
z0xTCnOKZuI8wO))XRSWhg<Nt$XRZ2gxpi86u$&#SmSYv@EX%RER=Xl5DeP)B{SRqv
zbv<5X0;_%t!3F0oW%`E@F`E97Jkvy7)Puo?1rxM%!Z5;HvwRKtSFQZcEOpI)L58hA
zw!cA(W7GUclHZbrtogr{C-O7@J^6WmlfUP$<Ts-Gll(%FFffnDeVG8pY0V0pC)Q_V
zTNLJJ99{YF0%6onfq#1(Wcg2d;Xsv3EHsC>EiTXLU57aumTvj4THAmeGKas2_Nl%B
z*I>7G>U;@H8Z}`WWpKY}MosF4hA#2RU2orvmg<;;U%{g3Cj1-)tZNHNu?vjt7e+qB
z!dK8b%p&4{NdSC-<738JG9m2hg-{gXQ}36JuSA&;x2`!aVC)}c*DJg^^B2r-Z_G=&
zB1~^{|4k7WLW5(+8I_k8`7;4=`fj38xQYbMzs&rf(rdCt3SSWl667U$!~kI~oVJXY
z=zi8T|D*L?05Y-lfM-jiZQ`88GHo2n@vL%UNZX_^qs+gHh{(+Nf0yWu1_G$W!wA^_
zCaLf7d%Cj$b0r>1#A2Gspl@?IEFhB2pLKDHsBgL|c!oK?->U{XHjuKi8=9d%t&Tda
zL_e*39Xa+slU|=g8)e6taiQCYpJJzbm!~*<m~$sSg&1u13R&WDF~+g{yzt#(s`{Po
zeV+3A$Mi;r$YQ&@iKo0Ie7At=<{#<J<DK}=a&&;`>%z6#ETQ;iNGABSC_cQ}&sZbS
zi~Ul?r+WL>I)Uu#bgP#hKG&BQ^fwyL;?6-a!yMs_^gf$Jq7$#`;Gyh+#X|OInPwDq
zc>lg|D~ZUCeOF*#RYdzwX&nNTKX6~j9wXE3<($tZndrr<f5}SM>a6|86%XDatU2hy
zH`mzewsF(=HX3(>?AW&Clt3_wH%zBu0I}C7Y@u5Zn<{6ECsiBa7se+MgY>m#<tB+r
z_B(m5<p&wvs&*!fmC2dWdX)1a*z+E&6@mA6R)>UXwP|}oTbyL;A0G!9>3|yWW0cTK
zTz>XGBF;9cT+Bp+#*f`nQMl&c2Sy%Vx%AjK-cGX-Sbil2cCdX`=GOdd$M*_@o9uZP
zB4luqG1?PC`Q?*!p<#XO9?uuFy>3{;PmqxhCH8#1SNPmrlN*=ZH#3Xu+s+!EE0^qN
zUNGc6C8W)Mb0jC_4=fsbwm5dXC|u7arkD@}4<ba~OpJ9)K_-T1=u+~^$ETk0JeLcQ
zO+`;><Pwl0vn|hd8fM(kFK@l7yq&(nYCvs{uG0IgIi`P!BlbANuI`i1p6g1cBnL9(
z&L<Nad!X1KXfL20Y>X%|c;iOR%bOX<HELQ^;V5rrQJ^HN5nh!uK3;vUT2#$H=9>OR
zObE_kJKciR8eWWqmeLf?G#Gm^5Z4SAX{yDLdWbpdJH4c2{2F&!qx7KJpj+|I-O1gG
zTT!F(xccD9>>&T`zGi7fm{MHDw(a=rK;m5CRR51T`X?y_hv2%YmBl?uX%rj^JvbRI
zuHwtLCrO1np;!IVdizlN_&x8_W?nVsL2o!b`qD4dD30Zew&Obnjk4oAz((!Z9fLA$
zyd7YfcI-CriTrGTPkz4N<p1?o@|!RGNq+RlIe_vWcV&=g8M|%x{}%P8h0kzLo1YH%
zB;f+u_vQpz0@Qtmc@vk5WO#`Kv`M`xerA_bfydQ{1PAxpE*M#jbjgsxdlHDQP%^Sp
z=ae;rl@8Gb3Zz3qLNF`>quu2mvLfflR52aZ@Zc`M`9^>#G^`niap9q);vVn8&6%%>
z4K*CW@2b<Q*+8kJ=c83VmetB!>2M(NE`*k<m{T~Z#`3I-eI6`EpF$NoFor2$2AM|<
zOQr4V)sbc?f5+1^BF%S|N<EP<<7!uM<gfXTYyg#8u8DB|WE5VmaWlw=ziissi>|Yz
zxDKaXB4k94=fPfeEl;^Z^QA|$kp&%p?N_5lA3wfz4>_h~C2m^Vyp{6OaHql*(jDh6
zp475Lqr!FE0+&t>?XoZx^A${9mkwF7vM7ndbtGPwHrdqDfq|k5yO~{emJ_RBbmp|^
z1Uc6EiY|{Sb)D9>(j+a7Njs18_0qYU`o`v&oB9e2ZZ9_Ti`4zxHU)k|&qnHToV!#k
zPi4jgeFm!lc$K7H;<d<3G!;KbN3+xUwfTC!y3t(hIezU=MGP*zy}F@Lh;w<!8^?+c
zODol0tZ#2z&ml?}(x=fI?Vqd)S3aVxkv35KcrI;&o9DQ20+uGNA763{$4FX<+CBMo
z`EySH!ue~OSKg^roE&G;Nawuz_@3?@Sy@f2pPMRIsr5@YGc{dQX@uDLZY*pyz06CE
z-syTZH%_wy!@XDc<H5~Ug-uCgP8H(>u?M<kEK?i6%!GJi%Wg*NTe|HsL^}BvDZ!hh
z71IM%Y|GrRwlp)k_P%MHVXm$#Bm#O78AR;PMfJxg2hUqevmLSCuIPS3V+9eBP4yE`
zOl}Q!3y}X2lV^iLrx>Ew2$XlQfIA`kpLaC-YmU_mJ?9$yF+V_ctGSHa`MuL_g^iF$
zaVv1Js@g9auNzaZ>0#13mX4bpep6%ri$UwQUfOc&{RG*`EUk+DFI+8KF%`A0Ky2q0
zAIAr@dashX<{I}VQV%pMf2Usj+~9-7xx?2?lL}28XCw<f0hnuaZ4JlI6QSNQs<@VP
z4@oOTg=Yf};X7rRNts9uS;Y-=8~vM$E-B$i)xN|%HJQB|mgXovtJ&}gyi9f*Vuu&2
zxngT>x8_U&h$p=l-0(_Z)HRy*66AU1Ejy{y9^WIIu)!(j%ILvsF0w$MA^f{G?uN7H
z^RCaV8b4SxvI|ho;&^oohIc@r7c2TCg5mmW4J+2}mqPB|C)hSWPNHmr2h&=p+f`P(
z$$RMsXR44KExfgoT4tIlbmj@u)=~$TPL}YG@JR-{xOFve#UOSz+F)Tt&6f`$gF46)
zA)yC*5BL>>A>WghdxO2~Fn!weuFf!~gfb|22__zAm^X+(tX1*dU3!D<{Og7GdkWsx
zL9cHMi#3;|`+?U+2OV1RoA(HsZZD&f<+?=XSv#*l;SqirQ`CpAv;8zG<ouEpD{Q8W
zQUn787q6_Fa(Q(8h#|1lhb>5_tws5>;N7$~rgFQ(%o}YRi{hL0D?aj)+NPGP`eLTj
z`DXCB!2Py5KVC*_JyF>UnSGu8c|PS!wP)p=2dS@22M3FhPek{x@;AAlZr?Wf1?$Jz
z1>)CyrqC7xreus!tPHMnW62G9TM#NVN^!N`f8eaXX<+Re+;6i?6NE|YJ?2)^b!TWU
zSaYhfiPzCsQY94c#-cI^!mLsnC;&#FUVgFQXaH!0z`F1Iz-kF1df1fi+zD%E4HleU
zO^Y-hFkg^_QypTG1Vz+c7z;iSgtOd3w4!u@prfi4VIRaac{h#G=5g(b=^b@9EjQl%
zmK0A%9q`9hx$k)caeoBd+ivBJ3E896y!E^I$N4YrMv?{nww!rpUy@QuYcfgSmMJDI
z(2kur89b4n>+i|W|C{{Xe<i<d)Su)(eVky;JB-pZv%5*yU=XvaLUhl~)UqVdL#v}0
zHzq9eh$+*$iN+ku;eoci80TY!XkQBDIw@uaAe!%$RHA6BS;ND-`3IT#2lxY~dpW-f
z=iB8?!PNqzzEup`@gK)(`J*J<OTY>3R*mi18PDoh^ilkAd74(;YALi6B<!Ul<}->V
z-1!qES7wO`%~Wz#30IW0#^2O7){@wd`-xZ=XmmFE+(VL6qAKi;e?718(q?pijCuNt
z__dmlM2R!?A9rP++#KRT-u-~q*xWC69fmoRyNa!`frCaJMmd-6;_d=e0%?!i47}EA
zbygf_F=Kyi_Zpl5^(qwDH8K+!BA4QR9rkvtv*u5clwF0Yx~47&4i2Vmj96@cl;!_*
zG{eFE2BI=^x%J$WJ4{D*C2r(Wk61^eePaBuiru{+%&O|Bfc@4Ktyw)CZ|!pQIj$vo
znya{<My4(O3i-&T1o4Bah|s_WLdlX0^4{Fxd+8DdQlhK2IN%B1RD+*j!(e_<;dDzr
zn)~vb1UKAX#^^i^RY!_m##Q2^t1kE{@J9~IA7M$C-PD)e=xWukdhsrMkUh(_4U6K`
zc7Wrq0u_oJS`;Dcz=5}fWdLz=gENQ1rtqqXUth!Ce*vLR(!g@`d<~<ommN2YJ|hCw
zi4!s~h2R>LdDF+nb#4R8TnXu!e2TueDt9Z>85DT$Dt=EvE>{q8%#Tai2Ija<nfMhd
zevd)EsrcMzuJ}FdxEv5Qr$$pz*-g*jXp%vyPE%j_LreMBs{(@%ys1nvL*qz7bpwAq
z-mxz^M7xSUg{4yP#$^g<j`>2XHIsRMl+Az+&frUN%mtcdVlj76U<v--S!Uy_X_P0~
z5pxr&teNbD2h3CUXo$Lm&{#pStun(y>aP1rIj;+8=+4yyu>nzHqXw8~u^wbhrjAn+
zTjx~+P2)kajyHAVO#_uVtb1FZFv}Ehb}R8$_Bx$0OGi9IH;#B+t_-vV65`~l@mE}~
zWVM^3;^fxXqFhcG&l7*ivOa#TPW+{8Hf73CGT*6f=5ow<o~NJ2^CVRbF8EgSo#GDW
ziVy)-mjl^(-h_?)@^v0Fci!1w`cA5??nX0xjhuYFoGM}xs#6?BJ4J>4J=2Be1xjPR
zuzSkNR=_jEn*QDG{^I%F>IAJuH49ddh2f~7_>*wV^cf~iRVK(JO^qgrmBm?vgmZi@
ziBu*qX^b2vHo+#wa~p*Roe>nZ8l#Etu&et(i9*NCD&ea)4MQwJ=jCEGk#1oP^W8gP
z4XF%uVe@9E+Mp87YgZ5_LE|KO@dQ=j52hNwPUXhQZhmp|$X@M8o48(Z=lx>V=PsGr
z0wXVsv8IOyW)GewHXe{ct+JrWQPlXbT3OAELb?9heNJ79gY(1tgM&=}6E+J3l!NL4
zRB6%NpC1(@R|qz!znD&LlNLzvj%@B5D*fbwq;9@AaE8cf8#Y@WxQ>w$-$NJTwq;&7
z{{;AbavsZn{4b}K>T~iI>p_%uRd-8N%5-YD8%)s;;@f%G579O5?H2AZNv<;PZwM~P
zsqy5jleh07nsn#0!0}|!fJB`*Zij>sL%ZpQ2Tm@HzNY?$>i7w~lSw@?jXvFwvii_D
z;4b6J<5Ta3k1}t#V(~cr`iecFzMXw?&0y8FpvF}j25^dmSJ3L`URGh^yF2Mfor8s5
zTxG%BOD5O*NRLA248R7FLos0Ez9b<h-Xz>chov`pQMHdiVeUqdRoo#j*b)TmxK*TZ
ze)hw9?%r#zY_fZS=`IAy+UFL-t5a@vcI^#Zf8e3(zm|u8r|i!sEmJkoSy%t9D!Y7K
zamQs&!|I|s!LcmWQKQRSLCrcprO>D|kCKv!^4PI*{#qL!*TqZ|7*<ed6Qfm>(;5r?
z(z{s%e4w&h-Lq}fDt<WVvk7$~!G9t@-`|s8;5Ydpe<i=O#Gm9Jh=YO2R=?R9Z|q^5
zh%1Lks5T~yB}q4jZN`W>`qlK;MXe?EgGWL`n%lPw_6)}@IeKMTcMaAIl`RebDNBY_
z4&~OYI~*03zojB~JI2AOz_TGB;LLvlWUFM&nN>*_oEPbo;=nyaK)ON?ZQuPVhjslL
z@XjeWnpd%h^u|kKQntc8YsD$wd5>1BUaCeUYeuN#Kyh!{<TS-zOgQR5an3Q<l2@^Y
z)c!)Y&Ml{>S_C*F<n)?WgLf}7myK63ku<+IJXf7z0r)l|cP=PVYt(@_G;y+(dT%i*
ztMGHt^hL*=!4ElqbUI@@6^Yxa+z3?AMvyG0tU&%@s>8g(ZOYETGIAl8#x<I-+mUDN
zCUvR+v16U~ZBZdFU(H*d4mF!Ie&q%IGybd?9dSBM!dOq^HGbuJ1$74>eX7`WLWWWv
zx}CCeGP<200mDkM-I?B|-YKW60A4$NCjub<%sG*6Bj)&n6X(6~7N_UVRQ2Qg5fv5(
zf)1O#DI3zwaP$t_=Jm6iJ5!EV0rh9OeLZfVm1Xs`Yd=VCman>0ZdOOKHd_w9T0xwi
zDJVX;S!>52r#~8?hj2dqZDY5^?z+3_x_h}foIXF5BR{9VLHnoWbZ!#Ic6L~u3CM6d
zH-Y2CCGv*}NDs@-H8Rr}L^Dkj%<(vABbC%o9@fww$QuUkH?9voZ-UN8grAL!?N&oc
zRN_~Voh%m~cy}KvMAEW$2bLyu^a4zDsfhOt+vgq{rJ2CW8@ITS+UW86aPs-8wSkjM
z$bON%T*1wRFYZHS$emhI%$WM4WT~s=k2O40KRA6Zq95*|EGmTd5d9~ihxT9<6%O?v
z{~=J!@!DY`74;P<vst|`ZZq@puD539nTjFW69)V;ia=haDN6>rcfFYi9BR^0RcwGC
zd*e_8Qkn6xVIpO9ktlXHH4%j^F8~?w12YdtB8e6*S#WWeoQ;Sx9}(_;koXE-Xsc==
zS`^4ZHNx^@7uiXoz6`<bNQma%<J`YI$_81sllt(ZJ91i=2^Xo+A}bemTBq72i9iI?
zqIt3p)3RoAz_UwycO;!I73P-@!6!#bnqNzn77iUW1FaS*-LZW#MSABEOX3;{wQ1c@
ztn{DFx7O==P6;;zG%wyUH!qi2%XO|eKR+A5*JUZJ(jylJ*B`eW$^#deYk%|<|177=
z+wBptAwZWf1Lu^t^QTM_?SD)Otzdr57flpwc4QZd7?ET7qCV%XzrUhLeA@8QPdUVs
z5$ffiho7$vlD`ddJy0^DM2*C)^jJH&Vr6HHU6~es<Cm`SgN*D=E*tR=)CANQ^oWQk
zg(53b!bz0{e=f`yhiC83#6w8OK<^OR4DmVgV{YCyza830;|X_ipSBTq&dcXyQ*=`~
zYdt-}1uT@(@DP;i*dt!A$R`IzS-+QU&Aa4b?BKM<Yznek(sL(XXuUY}(8MKMs*O0D
zm2lplG<J?B3Tp`iBXR00#<wOJ9j+5LxWHSb0*>lSbC(@wzwz4Ozg@PR^>MQy--p0D
zzl?C%x8cJyoII1DjSCQqVNeZf&KNsG3nzvyZKO<YPb268X#LpoBU^R3NFXaON=1T6
zogty43E@WEsVkRCn&0S-L~ap9+Nk(8FjG$u2VHzOLf5$U6~>dwwaM5(+Z$ptq8GmY
zo7%GhH%BmJ9rk=-gwF7T%S_JXUSj-sx-3LPfp3h3(WN6H(}&*4{}I}iX#AU<j=L?z
z%+jgxZ{+%ZP#gZjuAt@c^AF~z)Mw>M=gpHWh0}ogS#GM*y2`s-k_*Sbnb(%=g)=Ej
z!`m?_OU2vR3TboOI^fav?wz&cE=H{w7PJ!}p|Zxd>|y}p)(ACZP0{p=n{Y@~L^>zN
z+&8YULDa(STG34$B`ZV{pUD5=@5wLtoBUmWCBMhbpX7h72LnUeF^!_P2Um9Pt?DLJ
z_&C%sFKs1`Q0-j(IJw+Qr-~i{TqRKiu^36*hd!|*41{!|POF1rq3TQAC@vTyi93*;
zwGu%;MB?NK>hAu6oV*W$aB|e@?#@h3P7-$N574C%B<~pvI6ld^bvHik&6PW)yCtew
z=D3A#?mV!5ta|960BC_KvG^1e;AkIB+PDxtPzqw*-9+W(X%8O=3|@HENEcdGpuf9K
zP|wp<9RALYi=H9LTjG$0to`xaX@*3_`{yu|%IU+WwpKW!d$pXz2dTw}2`<BpF3IVd
zT$upUjz>WEYeqciEpWQ_R}*b$YdVn50R%s!HJ|qH$7#Bf1i}>_{7rnQIWtXU4?{N2
zm(qNcY+Yyo;4HyeNK)>6R^2fW@K&4Hu;X#Dku&JWBX~$y=K;L!EXi3B0U4<x%X7}<
zx3i&<1b$F3oIW$&%AqO&tqy7olfN>3(6u5PML?FS|5~>`9I~-Ein2Gq%MHQ2fOs*X
zmW#Y<&yK_|77;p53BoI2<?VZQPeS!tY91O~AFHhE<u4>5QSC#c@4|CdSOH$#K;vyY
z0SqM2S_JeMVtl1vdCMYvPe9>?8Y>8&bNSg6=koJ*Mk(8w^_JHVlZ+RR#FDW)YR*a~
zv&hddEEACEbo^;)uH3b2DCEVg&&OiH^-EFvXk(%%&w&l)i;^y)L+(hs=I&aZ)xMY9
ztive)2cA~Ei;GL{2W%nzVctvurMtG_e32pYfMw=CN?RnmqW2TDPm-^HXhRaRV$J8d
ztfjJK8fqhex6(GeU0%v&X9A|MBkb~}NU(XyNoW&=`46eZcG9KX_dhe-@ALqZV=M}N
zYBS*T4Pb$b_(DqtcVj>X!M@~A?WoL^>o=bDW+4c%`7%RPU33N4;S_dRjJd$RT;IiK
z)>rZ03W-@?S=V2L#m#hd<EyEGyuvMA$&p@UxiSZ>C#~m2cg7m$FT<%}9ehcOFj_?_
zA0h+kg)eC_{pC0xzCEXrhk-**|L_cl=Ie7f`E(fMKh1=LFOMOWo`PkZ^J4nlH^=`b
z1^zNK_#K%Ks2|x7eU4aBTje!F(pGp-+t0uhs6PNDQU5t)5PGs<fg|6_w?0hSr<*56
z%CMH3h;#IJXA@4bQ6(7~jD-F+w=F~JW-|AybL$!YOhr2vocdZ=o$*RU19}?*3Yvqi
zlXCw?%=tf6lfBiz2;tZUa%Q0IO@^Y|Q?}xni{aO`zfSO|>l4s2Ok=E&i<`>n-KGMb
zMV4Pns(Jh@6!?)nICAQeC?GeoVRFqUla{k}!se0sf5B|p)c`z{ha6eBBP?{bQ{-T+
zDP|^1MJoi^(gI}P^yG<h$I$$*%u_4}*C3a_22Z1Cigu<f6Cfupm+r<a`dtBpl0N)>
zzN#{AZ@%8taYe|3#MlvCIKHn<{*>5bWSKg;Y|=C%`zY36C{-P2WQYKHRe;2W<tYW_
zXyYMrp;m~45W9AbBQxl;qon)=y*qc1K;t_e#TYY{wPokp`}>2K;?G&U#iyiEd&O4D
zF8&f~N{j_PK&9G3+Bl`P@_bF@nBIKbKTY~KbFv?66o&Vr?Ro!^K9OJa@5%q+H~BmN
zN`9Y`KgsX*1qS9n?eHnpW_kA-H|ppmSr-nUcb+p&gx@#XjSn$)=}iT)3raZ$`3hpJ
z`Nrb7{kfThN^GEDLq%vPZ6e^GCJ$={EB4<=-X<C;?o1ghZyCx{H;dw};(8?QiDb+b
zQ4Dv^dyJ8XwKFf5J00zZxQXAXmatHq{Lq`q9V}$p%a$Go3g|l=dt|tnTcViTL@B#`
zHfmgt^x)Jnb{yIZZVZZ#Vl*P$%QOYUMh-Y|q+&u6fFS^m;(cLH+L#)SJ)Yla<o+E^
zxWk_F2K9&HF(3|&&$nnH4u{0F6QS+JFIp1cgb5@m3>?VdQY3^n07EV~_D|_ITd@D1
z@%Bwb_9`@*FR|`fI}0Uh=396G_QX?Q!k$&QNKs0BT>bp`W@KcZmnp}+;<a-2eV!8u
zu`p>&r1X@uhm}AT)wZ0?Dor>^XC#Qr)^&-e(K<!jIaS-44DQDW#^4CXMAl%?d)H+i
z51~vZ$y2zXrdLq>O8IvqXHRK{vOj>XeOM5Ybc@a!NRTHeIV|Fir?B<d57Z3Mop<3c
zls*{Bbdo$p51OaQuzrstD~=JlN%7<KVAjiRO9Ku&pBj`Vd5Rt6NePvEtvDn}OCthD
zT3jMYlMxv$FK!jN$$-@;mRTctiWf9bnep8pAlXjyQx|8r^pxj7I|A+d&WJ7l7+a8O
zqA0sePGYu#G*w=f?&z?+smbfAXz0$y*|kffr*=u&#J`s2(@8k2<rb5S#enK;6;;Bw
zdjMM8|7SCQfH`My5hbJesW)2hwR}sf8J1S(7`Ec2_Y!_(BO^t)7hued%%H+P&x)<(
zHQmVC){t-H?upk(p+hQm_YSOCRi#8uvYn3+^giLhw<_Ua*$vF5DLSPUef4dSGa$TA
zGPFxDdj3V4SJ+G@eP>+OWjT&c>~imCceP+9=_BB~rhn6%dWZ;Sx{(V$_`X?u*jY{o
zvWmW=xt5)Z044R_Q(aG#r-|y&*VA5K9HV4P_acZbgfJoLgfpS(1nZ!UtW30VF0(K3
zPnYV@w|5e^@gHR$TF&BmytbUMvOu2!fk5@=jimhev7#t#SXP2o4>hf+YkN7aH+l2-
zOhBJD$0~<LfW2K^xpdo<IQIk%)v}AO<>M&&-cH~GqTMKX?MP!O<#NwD4(bJ5O*y(Q
zg>D)Vdt^fOL4u~IHK2TFKs+92e3Yz!HkKzAr=QAla!#zDp_0v;lxxk)irTxWlm!)D
z{93mk^%4;2^F6x@?EU*h9v%obr_1uvuoJK6v^gYqom{E0S@|9<#$BF3(bEDaPEeY<
zne-lXJI7q>u5>zetc_c%GfI7L?@XJD4^-Nc(`Y3RJ1zEP3y<4mkMkGI8;+T88Vt6j
zJ=?sC;hA5E>Qb&|v8>2<oZt)?DEEq>ZKDIc`78-S9_vnrR~uc1IYqJq!P+<)hYz$e
zweN1KT(VnsT3n)ehAb>S78v!DhcQD0jYLGfJtB5$Pqoiu`5+&LYAPQBYxDB4+jZJb
zu^I7HctHSMMC9!(mt5hUHe6)Xi=ysyh4l3V3tdi!T92h;XuI>L7N$e#Tjb`hA~0HW
z>zuCG6h9dMV#$;5D+0^ALK;DaK1M-oSZf>S+S{58`TKhL#kIJ}7<A9-xQPC0Y*P2#
zBzJSG29Jeo=YYUT!r`N058mauo5U4<3fzOa8kYN4sDT%?WNk~hF*h7aKii(j-~IRG
z7y3>9j=z#WNdHgr`;)=I#L*2?XaTCMB*e~|)`LGuDvj>Ws79i}(wb@sws^F+)8SHC
zQ(3n469fSW!ZeuS^;yuHG5T@k^oUa1{;ZC;Z=Vh7zctk5xDUja4-nKv*G8wK({3$@
z4{?c)m^kE_Z%J}~DtTjlr*LJub>GG6av!UH`+cKK*KsZNP>L4*K}N~HHm@lhVMR6B
zd*mo#DET^hg;W=~E%eFJG9@p^y*f4e>}Mf0kUvkYxW5Y}w_Vz~^Gt;W|K!X5J3G0%
z&W(#Bm9(8Q#E>%7-u7U{)<F(E*1DlEi%lUWN8gw&*dYXj<yRzl%0Dq6n3ss*9SIrS
zcigBb6(bY+d~X-Y`24Ab^{=@hq`Hn{LAt=Pyo}myh4371ZC|VF+q=@tZE8<X+~O`P
zt+d^15oZF0Ly~h}+%bTvn#Xt0Wj>zDn8afDQ1aDB8UuKJ#Nti|0`#L)%mc!INWveL
zY`oR_pQYvNPhG!vgqXbyP}N_z;rq6*^6?W&h1op=j%iak$`P8Tuhp^!m;lt?%U<&Z
zwM&nrOaHm&H=X7G(uDt`Mh>~L79?x&iTC~GOw*A3_^^gRI!}Z92YB|SwOrw%c!rZ2
zh%`v<SFalgArqi0#YXgdpDHw)X(-nl-uJcXUW}V**mriBUb3fyLHFEHLF(%b(TC*!
z8zxS(U%~F+`jzG8P=({B8t-W#sp~kp$ELwk7)3Qzd|a4P6ksr?y}RjdekcHqt?{;*
zj?tF{%LL&|NEE~s(N2=Og5Uia==_=iWW|$$xTkV(cM3v-(VGca{0f;yQm3DSQr|(T
zWS|H#(40@us83Ll$9V1Pi{2=diLp6^VE<DN$?r5T>tJO!{Vqhk>4Ooz@y>Gw&Gc_5
zr&hubZ~tX6MQEHBDtXIhDlvw5Kz494(rG1wg4CEWltemq*D;c%`#y|2A=^CjT~fJz
zTlTJMC`yv)jo(;RK)PUf7lgU>jJkb0S5xWAr%o2qSt70zxFN36Q6gc~WhEL=b|8JE
z5j{Es4LZu)q^xd|)Y19KlAKd>K)jL3I(cUm-43uHAX1qS&ly6&hoVq-BxRm7UKHIm
z_X><jTKR9xdg++-O?h&}=f@M1E>61*;NdsN9Y5SN&Xo&6zdqdE*!OSPLyyEj+PP$&
z{UrCEYxZNd0R=kB3>*2edszoG^P0D2(Zyt2yA8t!I2aBGN9*#p8ZU@5<?2=x2Jj?c
z3ro||NP$J2Rvz_iqmXt`MgK!lu-#UbtqLBG+rpeFwhXv)O3FwiQ{AXOg&|Znls5C(
zUm;DUjYW#3Bfg>)L@~}5hwkn(;LggXj2Z#282ZQX&}(sBHp^Cm&`z-NS8dO)sUA;3
z_B&GDzuvojop<}{>GomkKxg!G4Zpa$2`=&S#Gb)XNkRkR<G3fM#*H<H%UHvDeXnUz
zBgeMJ_)Aiaae|bt_bTP>D$BjI4ledC?!YbHb;gJQU(S#PDVzm@@eT}eqt2+zK|<=X
z5s1QjR=TE_DF7Qsdm=L}GSammP^ew@90{36pJYnsku=rV{zLuSgD%0tQ{4TB$dw4v
zfRj@HQg8A7^a!VzTO&2awLC5<+y|`S`p2g_nt2Q662SV>qk`&mA;a=e*SalND%^|H
zt|3t;r^z#c_m=uw9^Aa(QH6Om#f}({c5VLK-*K$XfBZ!LzP~5G@Ne?B|CRg^_<xe0
zDF_DUaYs+lc%ZGXjm3fc0EyyErTjdcRl|VB56yUBTgO-}B-hQYLd)sE4`8gA(IZ8Q
z;O&@fOm&5T*}LYh9!P4sz-GZ-Nu4v-L^Z?2ZjEK_#BL2`(=&DFC3+=X^&Ml&7jXAq
ze>`9oUqmfImr@HkR-&nE+-ysz&H8~lP}9^|D%x>zov?9Te#fKTxk;bK%MXrV(G6P@
zE{6MW<~Cxd?Uxeaf{rBl7q#>5mZ)-FHHRSxpuv*>rgCQ=%t6Mz{vXU$Z0d~k*migJ
z-1QeX-GsRFT4fj%JZ0rpr(>r;Fo}vdbvCswk$TGGphmorYls<t_)LG%<z0kEpLrbn
z!TSn@Lbtet6umhKRVNmGMK!A~b<VC{5UjK|=ODI~i(U$K_+bZ+9LZA9VExSpyLtKJ
zhBvwqE(fQpb;Am^!wYY~ea>+wt8}DZn_R-mn%EwiT{Dyr1B0%1V3*Hoy-QYeuEK1y
zcfFoU^<;pwdtD_Cai>-L4*5b$f#v4|j`)kWRMmbzSFMUtH8yHPYgAn9YSVBs+d&1w
zD)#K2!Nj}wZ_ZENpVVPdIU64BS2Y;GN?WnzaNGgwYs{6Y2gA^d_?YdL9Mf6tv;4o%
z6n73jjzGB{JiB>#D?guvGXFUGT$+z*drx!&j>Rv+7RnmyX-}HWWw@;x4Iwx6bnCN<
zxZ0a)zFt0vR&nX2wR(3EtI&7!!D?!W;ie($QszWyzO?T0BJlUmu{86q*FbL1;}^(I
zX0Scp*U{E7*AWSJ<{E$b<8mSn8#W0EO#5Czt9Gf!UGO7@DYhcja0_46RY1@qF3mG6
zO`AZFc)u+BLMagYUVzx4fGbI6v;#l0;%ajWcf;SkQy<zA3^@{ID?M)6Z0k{mphINM
z!{D=JyVMA<wBmn{bmMHO0F`GhZe*@Jo8K|*DM7t0boIAtFj@QEuJ7xw51I>_U8wi@
zK&Qlk)k7Vu{=04(Op|#RW@9@J+k5JCvePxGC1_J|;JVHj23%^tlLm+GCZ!`s$9tyj
zCfKH6y_<)=zWu&=w~MzFNECj)LqZ=+yg$EicU;XF49}#Y!7HVt{QM#<IPkM#3-x0H
zNA4&uKa`WJ`av}Kl+t%z`s?>AFQa{#Pm-_TQt$68(o%SN?Xq`w6AqGDE8O-0s{_wC
zNJdUbRmi=y<M(_|J>>@w*2Fjt;v}^K<NX4WrW<%WF-M(n8f`x@`G+U$ypW`{V$8)8
ziR*&{5-)y^n3c(WgRj2rS!rI+75exdA3H)a;jaWAb-Rp|eTk47UNTP~V==^|$RD=W
z2na0>{OJ>9l>VO`Gom%4GXZUe8a1!|XY0Q|_S4yIEyJrbinnrRF^$_@SBt}E>Av5j
zb9rN$si(mT2*8K;`X#5Iu~Y*2r3%7_mD4MIWIsHZ9?<%3>?)A3trgK+5lo+wvxb<4
zV^u)Il_=x5Y=NMCrN_A>dFt{ry0u_}=|_!RO}S~x<+Hc4)@bxOT`#~JemUeGvfWy3
zCuNoAwO^}!H@>;?b#B1$G3Y<Q0%h%*SIFds7C5pdJ+ld@BcIEPRWc=b%hF0oi=_5^
zCmhBc_@IvaQ%OV}O>;t2o#E$Lm-`~u$6N}uyoAf5Afsj8Ah0+3lA`ck-lNB!Q2zd<
z4&0FvrVi{8J7$FKAr5L)9yf!OuIYPVCrFDVk2vLZhhkg8CqiQ#J{r!<KGezxkOxUE
z2Ty`zNpJ<xvf0<{x67s!nlra_+)`?O)rq{TvdGhkQkIoCQEs@?R{P(1$0C(sO(JJW
zE|LN(D4m&*EM&!N^T2Uze0M#$baS)#!v(MSvA4#)Ys1>GM{1*NRoQrfQTURAX*iL}
zVyxfpyfGGGbTw*JARK&8dXfArkv9F8sH;-)*arntHuet+C~Q?M6$u-wGoCWpqLuAW
z<RAKb@{9Z?f7@TlAKm*W`FG1<U`|yzrXvF#eTUE&&MnwACrbI_!#G}NqEVbEN=~}T
zg`L~|Jj=fDZ9I?+*MchB1v4<oeHq;seISM46YLoQz=aLpG|@h$1PXpvkHV70k4Ue)
z2JhG&BiT-5Am{YZ(X46ON#q3R9KLR<87$M})8Fv7{(ty->!3KgEnXWZxI=IY5?q73
z1$VdLL4w2J9^BnExD(vnGq`JTcO7Kzyzh5U)px3HovPl|zg}zg^dB?xRCn*S*V26+
zF7zUGVgsPWH=<yca;Q`X^Cotnl(`p-j%^^{9V2K=z*RIkuCFtT&a;RXjf*y+D^UOl
zRL;fek~{E5=h4biku+@oemWqNjN=lGo0p24cT052DLgHbF`cfEK1$I$O3740*r^O)
z!Qs+$(i(7cn_hr2RGeObG5q1E2$h+Iky9DN20p#TqY+(I4Ed!Gt2V?Jk9Q!x8r1}5
z=1SU7VAdsQ58sfRYFN8k!^?c(_R4O>Zy$B@qWu)-^pJOQk{e=EQ_KMlY@8oHFzib6
zA1WA|vNS$=v>Scx*zgK5Eui6{D8!$ZoyvFTB~tTlk0hFDawRo&2w+-@y!d6}N+_i4
zFz3saWVw5SLPCA)ttVdeoiG-u5qWh?a$G#Zp`I&Mx~C3xF#x}QLKkthm%pLXn)-Cm
zzVOExzB|gfc}s(RW7Pe($64VAHez|il^(}m4NknX%N`^tEBa?YQi0u&lD>GG@jRAR
z*Cm~Nwv+l-_*H}=aV;i)p0}Rh&kX#qdcvFb(ykt=@Gg4=>Y88W{P1i?YWJ6ZqddjD
zO1rc7{M_ni`MdFSex|mW1F$-OHheX5=kt$$v;=SaKFyu+zoYucx*ZNYe_sra+h_f4
z<b&*=cYi>B({`5ks^1+F^LOG2;Q?W*zoj1InWZ~R@zDF3@&QR?64FM~0L9c8nFa1e
zjvmX>MXD;?N+eP;Vbl*_mMVoAS5u0+S#lnedxb+)f8Jt3%6BH98rv%3_cGDUS1wCi
zDfOA?Y650S`DWEd{KI;t8LdVO{lVuQpJq)13YKqcl87@2KM1s=PFGlFWL+&@q%dZZ
z_9GF8sIw(SX5!@8MNzlqqVdgI=}IE31?h#c$*<$nDJ>n1eHglTOxTT?_Qy=SmWL}N
zg2it^v8RJqmP&={VJ&WY0@cslO00+0e$|}w&*@v|K0A{KMLBud@UNPO1Xk2}M|SR9
z;8C=8vG=0W4q@<EjLYt`4<O-%*!ZZ%b?L_90s#PPyl?N!bG>k32|zL4wRZvBx?LCn
zSf`vZTEm_!AM3o+9bDqtWuDz1(_Np@%gs?m=y%OYrc$mOsFpZ%Ek96Jj?+@nPo-K#
zxvm%(F>#p7c*gL`yQc<AaXu?QC%4K9Q|IBejQ(|QZB>j-E|S!KPV|voXBioF+Ck@2
zRl*h8Gw0L2ORk+*8tQVccvV@aE1j5<B<GWP*G5g=8g&@Lan3bh%1xHv=U|s(Nt+mo
za&9u9HcHfWuKY;-I7)IINi{S?ELW~@-CR+e8Cko~R?(#MYqg@;Gy{~?uJc;LqV7*n
zxsY-qS1)E*U4!3KX}i#5T6FTu9xF>jdqL4o8&KXcsN@!RLhWAOZ4<y-LZ%%|Qj@Eu
zED%dnk?Z!0s0NZW4N3#0;nWV7J1GSb)zb1t*hFUTd@3)uNmZBiEk59Ln-^~y<dd&f
z@y_|Z;O91YobR0MUh`n%*_3_S#lJ}iMBB{R)CDRUsn?df{07u4^|uY#?l-yH->-W8
z$f?<+*|bpNxpcmCF70>()E2pv0#X1mE-ipyK=9n$>4_WQ;{M{6%#rK{<mH>QY2;tq
za~uBH%CmgDD|9ZjD|jGuispjgG0^oFxVuU3kjyzseBQN#`mlMm=^E;x-c=4%ameKP
z<GHwYdhQbHiP#AXyftc0J4eNUddkLvrrYK%f?>dPHTv)rC<jazm7^HSAo+@7&Z`cS
z5vXwZXIryR38>%4(#HaP>9g;%2O{<f1OxcU5iXH7cYR3C2s@WD$U6Ta|J?s3zvRE<
z@B44^XZrt#{E(MHP$C{Zx3YDBx|Un(I)}PiPR?ak-sucHAO5FUPP!+lD*-DrM<>VP
z-<+-dtuuTd1xe)GoFx_{sMjZ_%ceg)K2P6G+W~yOi+!(s39WrKe?;ub^)Kic@7e5`
z`}1&leVGOg7VAlizW09dHSgS7x@2Soy}i;|B#I3B8(D&=U$GjRMaKPA7q4Yra4dwt
z++gmN$-JE&>a3Sb5cya$gfFR`qu_P0LG$C`lgr-zd)hmoAsAc)j_Mo+FMu^S_gJsf
z#(?k6{xN4ewYPu?fmdI@=CgD1YZr475grBSZ|PxeBqZ+rYQk6#kO~qSye!$D!hR+V
zjNSZnv}tYdVb8{@p&SXZ{b@UP{WtJ$ptHD#%9AV~yWpqSY#$*(j@O`UBEQdqdP*og
zB!0Tx1b#HHkv<}?HXezu6oP!Oq1jjiW~O^q?APomd!6Zx>8@=Q2P%_T&nVXvdjKl%
zE3&o<>G-d?y*q_2F^9rXFV23($l}q3+9QC|*{p<<+s|$+&jYGPzRYf2ho3zxUT$??
z{gT=>FGsFrG8sy8eR++U>bv6pzILii+RVqB+wc_xAHcV7-KmE7PVVujeq16(ZehQ)
zk1W5H>C(EK7byt2Z(XZOT-8B7ESR5}ne|^<yEo`!_iAeSdcNjZGi!TCl~c`H1O>W4
zt<a+oYWX#O2QAp~M*lZ1wFpdEFR5m{RGSpX2__^<^F{>5c=3(v#K;pkYcca<6fk_b
zw-qvGg$4%z@>>Xu!D}FHA+jC`$L1NUlQ1{d5ac_v%?;|tuCEscZ!tg^MBgHRQGqKG
zg-bkOit>vYlA+kNdW5On(ew97rQ|ntG6(#<$nTSW>(54aZ^&I3H-1conLD5NmTFp7
z=o*>h+P}V^d!Y<313Srh7>gbN7Gjx+tE9#HMn@-s;@Vp&HK?u9slwydUY~RGO4CwR
zZVO<{I<RuoVeSP$ikyY_JjM3ve_yju0UvXj6B}A_+nlUGpNTX5UOg6DQm8~cB>l~u
zY@0moE!;rNQ6&xq#!>vW8Z>9KoXj?<iL8;IO&pHfD$>_gLl%0H86UkDjcww08#`!=
z%ly^NS>|N=WM0M%g8gUbS9!rEwqse>i&C-Qy;4kX=7&__Wj4gCUjcUju{~bdcj=*n
zxCfTjJ*es9-UuSp*Y$!&sJ_Kjc8ga2wc(y`Nt|~CUd`_dlSg!;dFm9eOvO;(+M-y?
z5XoIF6Z>>c+^E}I5@t-Yzzn)nmSUC<%2C5VL@${Iud6b(d-jjg5=5ZxJlP`mXy0Mq
zSdfHvL!RRf#R+EB0fQn0ieM%GsCTfimnLpc9PS4UsSDf_QE6-&oR}8_|48h2mwu2x
ztFSPE^5k|=w;I?GFh^Q6j}y5^j*9DT2$lg?`7>kwDd!Xt8^H9+4b5_}JR)_x;L3zP
zcEtZvGVHEdK<FzaU&i+)O<XQy!7jb@o23dx2rlNGe178SW`6Da_1%Y_tjAw61#zrJ
z?>_KbqOebv-5I$D`p;j8OkG`w#xZUrxT4ATWsW_IvgRBi<Ll7@rI(lnmge`WR$14Q
zG${fn#;zR&KuOY!4R;J+cf$ju>c=EflDBv0{N+y?<DMKy*QWfKplEJ}3Nkp{ezqrS
z5$41$ik5c7E)qcmaZc<P$Y_S>W{3kFqMZxogeE?$u79OnK(S#$`Ir+s1n~|*yqYRW
z3%IG@T=}(Tj$EtoUE8~=pd0!A@O$;Uti<FV!ms?vy&S63??N_$IX%$4W2nC{s?g5Z
zIJfY~s4CUos2sa^1m3RJh2=MG0Len#zl7Wex<4?T+TO7~q|Zd?h!o+}zZZ;%Q!i5#
z9oMn@W#>&=K3_gv*44hDz1x3TIwG=5nBiV_kY4)67*o@?_|Y)9n!6og?VBrF^AN<@
z0&)IB{-ys-eyM-S-}~R>&*%IP`H4%Qpva1B>)s%jk%=MebB-qKizO5ax=j~V2(L_!
zWKZ#6qZK&#z~hZ9&pg65!A?TLNklaC5k%kt!pjUwUvi=c@pQ%L+AuuH>iH#Zmrk*r
z2qS94Gi$^5Y2IRjh2G>S^`e7=CsIW#-ea`H+x4VQ*@wRb99F2|pZA4tMHLa97fER3
zG&s%Y54c9#sIl-i1nrNyP9*d@|8n4)MU;8S=iS8dIo9uvMl`M|{M4OUTLRY|T3aON
zBV?>R<^%iG)UdzAHBmd3YRstTr`YtG*~`6@OhNIkPSu(^5LOhqZTORoOt?54>WO#e
z#);_ZiME1<KRC-aIIDxghtZ?GdH>k;>W;w_Xk$g~WR;X8HM??l_ACDP#ELQ@5c-f}
zh(9cwq+*8z_Hn6k-FU&-zkUDRb>i(f^<}Q_&A&*}EwDX6{6yT1lJA5n8j)c4FUMe`
z_BobITYGl$Nj`sk>3gh`8tLvH@?IBq5zRLl`O&HX6&=GccAQ{#7ivvSo^l{=rM(u9
zx}qD3v?{znB*U`mAY0^xSPj{U-?U&pndGFz3FS^jn%BpsJFPC&8|shNl+leN@s)We
zVNdTBB1eed&VHURn^_9Mb4ko|mI2DV@XH4l90#LSsN-#a5g}y~%zqz@RyCVWthZq@
zWfT7VeVA^Xuy&Yw362~3I%&Z?nNvy;dS8PZkNvXDdi15ni{R}l7xY2swjP9go?UKP
zsBBrT`+Y&%hDGlsCNqqKfWfguuc|l6rd$v5_+Q4IT)tR=c9gWWU^(9;^`qFvCTle|
zcfG(}4XsK3Ts)>@!Kl%*XBA@{_5?}|qarw5<QF=mS^WvyxJY4a{$9}uy&O=LFF8N9
z+^kGUd!MRSYxT9K;!v$!4ChJo|Gk-tCYAohxDLhSNf(dp!!<=vA4M#=3*Hjpjo(3S
zh=*!mq7-T5YK-nL*b?{t49rJG3g$?LNnQ~}dcS<XOg?hB<564Q+H)xUBr-82eq!m*
zN%Nxr%B-=nb#f`{QQCuZ*YRqYzjA(w@JHC6y#M75Hu;474kPFwJ`XLE`W@>R*}V(>
z-XSP6aX`9BiR}q~3rXN=qwbeSe!5Ibf1qPLL#V`GO!_y+bOzWZY|NyON`)H1_Q`Or
z@;~$NYfv+z9r5H)twK3fl@=ViLn^~6gS(|$5&C<D2Vq|@Z*4pTZ89)(!wr)9lT>c@
zu5go|y`Io2zE8)8h)G0pe*fwuTJ>1;ofjso?)wo8+6dJvvZIO)NwR1k05exQuNR!$
z`$Keq74w~yO=a3(J0A+21;LaBx*NH}?^2fp7ax&Pk3^w?_hTck&e+bkhM_*(sNiyZ
zL|^;~)6bLq^-5RXb-7oUW*GgKLtcI4<DqIF={;$jq7tF=&3T>>Xe97yVDV|pm}qHl
z&V2+l>v%spII#ti?~c$fQhm#I43W6*6~_3R|3M8N^2}8@z9aoYo7LCt8s)1AX=rCT
zxMjL!&&iu^?^GArs_0tW=tD9|1r4{ZOjgGl7KDGV#(YAPp{XA|<z7K5effOigN?r{
z=*G?lgdT2^S<cU@JECQ7r>Tsspf*KqM{-MPM}A*8AyOfVc42C#(RD@9bCrj0ccV1k
zD6tRT(sYA=J3n!M+Ry|%Ash=vx%Sb|-m7(C-m=9j=|$hp7oDi?omYZ_gfWg0s7U%+
z`%aKT&}KdHk3*!|^NC7ADVJPMJO@9{-!h#%tIiV_OH*!s%d@IyT`0`0D?2RH4)mgm
z^uk$?452HR6>VIahg8SorDsAf!S59_ahirj2TJk=`R0|gV!g|~p+fS-5YO~u>%_Vu
z@$VCvPT-kOG#kp&>{MBY3XLkHgpAMCU*ade87B^Pn@9PUtDa3j4?`-ybdLy1Qw3@D
z3HQl-#`Ix&`uO_(ZwL0Z|4n}Bf63qT-{dbo{15quNuZ$KagovCzWfXd4hqJ+HNTQY
z*2&%}P%TJ{&>xh&13=mCyb8S=MYcR)TP4t7jXHn$YX@c<f>C#72cnf|e2A*c*U674
z{1`=jjW2^8NOApv7*6(sHnKKMOkeDvqZcpfwPxY6Djv<pv+$N>EUWsWprKfgZzGlT
zF5(_A&Wh;D2yeLg(w$OhN}bpCzi(E3=C(3tEL`6r_Flmv*_%}@>6~6o&AeR`RkzDc
z-3_U49lC!TG9L*ZyrhhB7QuWKzV<wz(gmrs(|i8Pt4O7>`-AG~<Clre{<%|E@9((>
zk0I@V1d^-*Yk&QBw~SZkW^(`HM;#F&3_~XoFZZs^2u^>C+5p;29g0V16=v$+7ph1F
zN62Qm?r(H$-~4Qm7f<KVzS!$KRib#=&NT6LY1hv6P!^A}NO~G>GI;)F<n${vF#Og9
z^@HH~?>U{<xR>IL=AXI!$gRH5>`S;pWA6vc3s;wu){9|x`XBy8&F(p+680h91$91g
zEZlbN&)oYPWNET>RX`27xC@O|rPS6JY|Uf_eZV{4niV$gu<7bHZ*LHA)C+XJ7t0C0
z4c9%L9YLPSu`@mar@thP_<YVL10ZMA(wB7JYaj}yJ0Tb6t}jqVRU;@fm*AfUpcQXQ
z2;R5twB8^$RctRaTD)W2*}WOL`ctSXPyhaLhQQfDkli&wBf<pxrKagdA~i*kDKmpl
zwsz=po_;~8W9vZ(*v8v{Tx+2JNxq=7X{DB(U~&${DOTdl!YkpuZx~FJKy?=TfM(%f
zosjDA+127u<;^cJz2n||LtVs7>-j$Txt<y8F@g{v1t1+eYs23_*{JC0?P3z~rRI(!
zpA<xZn@B=ARCV=l{ze=y@$5})8CM*V=+AHXgQ-@6_2>EJ*WX(PpPJI%+cAIa0q`ta
z&_X4~RkutB?zJ`>-ps|*w-%+n(Ym|kr&^|7Fe6M4>e#rM)DD!QgGpyLXrT8-*WCDV
zWrgma&*OZL`d?B!)glwR&N|-&VsoU-r?|Bqm@FI3xbiH|7=WZ<R#B0^4oS#yV*K-;
zJQyZ~y)tsTi=qjsE_G06lvlS5@u7ve=)@gPjuYY)Cz7Vl{OEG$OZUHTAcAlx4n}4w
zYwy?0H!(6z`gsGhMeAz=u|3tUSn@A1RI|g+@`i9f-|D~B=i)GP&KOATq7(!#S~yhy
z2~(}`pXeE%GhED2$u%NO7-TN|!}*HkDf5Zn??F%UqN=t|+hz3ZU?c7pD@6LJKK+y|
zB2{gB1OKj<X`_Xtx=ZtMsrESc!y7>nh<jsWXTT*r#z;bBYG(H?CtV+qAtdT;#d*&q
z#IEMzy7+YgEL1be)CH$!VZN7}LmoMv19IGB>KZgCJ9~5QJnX^K@JMaAb?rW|rP*qF
z=n4yRFv!+@ib)Zfz}p;Za$q~BZ=-pLjqLQlw`%RrtUA`by6R56niI~MD>+Ub!b=um
zBZ^LK!tJ43J_eSqd!3vw)Smc(^1PzaSfP59IUL3%4-3LOJw*LOTpr37%;ar8dM52B
zk1yx*n9w%fQs*AiUYT@Hl6sza@tDVM49Nyq)Krpi00P%VBy$;7O&zaFj}|hIo+6q-
zwS-ece7<4bhW;g`I4#<5ZVvfwY2lLjR!4RQXmc1xE^cny-__s3yH9aXB1hvgO6ND}
zX{B6OUmwxv@RWpdl$80<EIwWsVvD(rwn*i6D;n4OKbzsd+mh=2hA{)ycm{>Vl%&^|
zOMWu^<rj4ecUkeif`0DXy*>KVhx@kHZYqLQTA!6#Kx)%<0Yi)*gjd9x_+<pdcvlLN
zenS->xF7#&z;_CIm|xQ$CVC|BnK}j6Or$wI=7QEzhPqDu_zflbLteYEes5aq)YBi6
z?k62E)5shH&R5@?Z<aKAi?bn(`t~VMavJt3WO8FulT~DJk0~~CZ`%L4=imC@<d^xE
z{N4Xe{>rTXkRRU;3hLF`OO9rt0Xp#<?C~pG7_r<6Y<-&Xr2c*6_~WJjj-RAwE0*&V
z=qvCjjnwm$>h@fC;5Eszn@8@&Xyx?nx1ncuAidf!5<o&JainH3E2S`;mPB`EYzqZF
zS3#uNw&U}BlKIMM)APi2N*b`iWrTbyald*jMXLp6X2_!Up4Clu|Buc?4jqRBce?Mf
z&mW_y21o@=mxvB5@Dj=1J1pJ1Wg(Q|1Gt;H*rixv^agk`<j1IKYWRQ_B+^aVD1iT*
zjmPvwovd27vO<B!bn*?prtXYP4DGuz&34sB#52m`%U$lA&LV$g4L!ljkgDNJO45p$
zv5JC?tVPyk+2a2GB+3fjyW329C%^t`d#tT?U}Y(op0k$uz`L5Nn#0(Fo1=qke`fWb
z_sv0w6D&~oee^5b4EG=S=kxCxzq-II-o8I?(smUo-=a2Bo`k`x-LP<;>Zx9(wYbKY
zIr$f+J&G)pQ?wm67M9LY@DC@p(On-n;FM{NR|#oSfs7lEnL~T5Q!f}%laHwnf*;$O
z{ahDb_l_{T(#C&o@xb_>&!C+1#WIM|ZeVXH>Jbypr7m5tc+1PT#*L!uL;o-Y%)}k>
z+<DmYP=IsDHjMmLh7)_<T|QaP4dW~oxkRmL#-7oW5ww)<8D`(`zr-rwX51T%;&@Y%
zGtW(cMX9<-oh+xGNPMfi-Z4q)Bms*qf0}ZOjOVw~@m#VV#0wg<_lMHTrAXbBg}xf&
zcQsHteghD{x8zol!;wb^H-5q4tSv~d5m_Xcvik9xKTi_vJlBPMV_;ZnQ-%bi4WxN1
z7@ZRG+7f_V4Szh~X?&Yj-o<*_l3)48=*7LYC<NSj^;tu-e7qOxGWNGdqB1_0*<uTK
zzFvX+Hfo*0NwxJ+iw!Io^;9oF{}je4VZ7WsbcVW<cn8V?E*E8(j7LCC!{70F+;*#y
zKOI<VBhms{zf^I$K2pz<RNmS6vJA@uZrsd`;!esx=3wPisNI2rkCfm`Us+3jyb92@
zVZ7M?yomB-X@@CaJJxq>UIM5D#ZLBle&GV`cB-_@FC87Fp@9UtX1ke9q|dY_Wlsx1
zwn7zVRzR=Rlf6pfp%&Z3TvTxN>uH8`8snYi(85e_%pC@Q7?HjJJNFN{K5vYJ_d<!b
zurr0{jBXkK?+0u`q9P{Z^lsk^Y^W~-Hq>Ju9;P4vzF+<(AQKm2vKKb7I{E35s@s;p
zdTgarN#O~6sPd!Nlm6`5X?nV;#-W%XxOPqqEv;0yZr=86YasAtMWnpb%y~$Su`ze9
z5c_P|EpoM<SRsuA$e_k!n^P0lq{K6*S4uq2Uk~I8+8DYhB&arQPg@?aqmQu|SpJx4
zSv5DKV3reWNqFjdmr<`IllPl-1txQV_(qy5k7xhSkrl*=fBmHs?ac-fYU=mdL0SGe
z_?1!*_;Mv<O+(&ioWB5B^Co`!OzcDSV|(ryb#+)|KW`TOoiI;P;Cac1<^1pMli=!z
z|IV$o2snfFSFjJ3vE&M59h`XBPu6}{$-xMZad!NJulgu1=FF3Ag`s7A$xUpBx|Pn9
zGYVX0CbpU^!+I%EzqR&vs)gF%W@Oh#v4{Tb;HR2*r<jcmpAgG)Yi%uO08y>JoSIj4
z*RMqv^SF1^-wj_l?ye(Obz~it)OAF6@wn%8%o>h(5qmpS<<&n9gCN2#03yhE9yXWN
zFQ6aky;qk#%%+Hm9qgj(uZL+rLPQ}%l>8$qAj0w=S1d&MrRMCb+m+W}3}-+Fso6$M
z$8bBbHe@{RN%CckeC)6n++23sMH;RluC+UBzdrd#FdvRtbk@`#4Nr07Z+M_&(6n4@
z4HptSSTVI<qeDbbzmDrJfH=zjRrS`FgnZj6?lv&@4%dGj#gkHaIqH7r3CE}~ZS)`V
z@BDA_fBl#IUH?t~dgcF+---eXD(^0_3->)a?V|XW(nzzG$bVSJV0Vfr%GM{nzI8YZ
zvNT-U=U08lunb{`?JK+)Af{)p>3;Q^efWaNe`VQlcQ<;2`@I4ZK=%<6z<r5cE0AY*
zR&%}7Wn{$qUQ*vZyv4D&^t3h%BFZ}v+7%io^&IFlc{Oxs<q7Jss;a%lh`#53FMz~}
za6{slE+rhkfG1!2^#^-yQ$6IL<t}*~;Em6#ZyKKX9im#|9C)-=o+!;yVywLRd!I}o
z;_zdo-D`UNIIRu^O+01)Fj>~u4;m=*SP_9<ft*r$`A+%uW!Ss|j?JT}To{eGny}Td
zhf#WgC@=)!pui}Yv~YyL37B)K0nso~nHgS3!)-4o_wCKz;6hI}P92Fxj>Qd00kaK7
z1DmR*h>7T?FHSx6i?n3ii>reaX4Q&<IPLuNnhM;;=MlQYdRb57+J03}Gt1UEQE$X=
z0z>v@rHXq*0zYES&Kmi~m#tlbhLy5#INVpWBOyY41!9?v$@xMz2N5UF>aXQWzGkI=
ztZg9C%+WbtN@MEh4jQ>3;qH)dmvYFFfeFN?4f#mm!aKiz*W8$nu8Tc~)?zkrcs$c3
ztG?l2-MXrZ@9`s}t<uy-vR%H%;U{)>-~ePIB0`DWO!to`6J#EO(n^$Rh{KA)shO;d
z05*m-bthaEo+N089YY{Fx@~Q!$_VGW$&tPyMt8ahBsvClRY&vOD{(7=0qHQ-%N9;(
zhQ)~=?#b+I7*+)1_?uI%GoxKi{{#W`2O_F3X5xSZFR;{TK8#_uh&Qo}6;1RHY+&7(
zs7{`mPWq5a#hW;9%n-B-F_eofbqRW<1e&g)JHpOsz1N2&MEp`6CVM!hiw|IAikqK{
zM&FT7Q4Q?voZ9M#_Gx?f{lYJ&a!X3=J`e|S<Uy;ILYIfBbAAcxlKivsJ>Q)=YBh$*
zhNq!y1GDT6zuy72gBYgc&{X&-)K`LerR5CKX2=gNv!(evFz`U}ZyuUL8vfiaQ;AE|
zu@n9r4s!|kk10qOe{QNi-H0&#9bfaW!)?pw9OZp*L4^;IN_VEzvkm?}XW&g<ADBcZ
z&!oOPbO_}7?M?aW5cZlg@JVFA_`~{CU2C3+QxCu6R%s>`>RqkHOi!#7cvTc^&M)yR
z9Jhi_O^U(rn<Y#LJC2IsBwW+qB`miDlw0Tpo?B?=CQRn-7F_0pRlUYg|6E=Su5{vU
zGkekK=S7g|OZ7d?!^=t3`Qt*`vO@)HzaV=&(1i?;OB=dk3OB@0oipQF!#PYSj|7|m
zdf5C`aHLhGIpjVRN#0R#5iZe~q~|QFucwt${L?93J=rPVouR!w(&jV|tlrkjm$q~-
z7*03zqxs9?PM}`WF=!}Wf1w8W%y+@@$m7g@S|vHj0KhZV>Zp`$vt8%jYqQ;G(wH$k
ztSO4mNTRnp_@rX*&Z7<wi0b&c!_N7G`oJCl$REzRV3BhKbaa#_W>l)|LO(*$bRcd7
z&#wyYk%_N0Y}hp()_H&YOMQVA0-4!97JN+iMx{BFQ$kYv8U{?Nag8tuRSy{x_rgtu
zCj6yCm`I5|n<h*%QHQE-OGs@d8mv40TG^o>x+$rP<(XuGe57tcG&C{JK}usaipqhn
zQrTZiTUiit(!hUYJ4%#a`}s7WyQWG$WsmR%b#N)^el+3U!Z$JjZ7+i!%;brG^CcNg
zRgZe*16PcN+1?MTtat}YgZTx6FEX!u4e<2(<EiuoDR%NTc66+8`%*VlYB#2y?5pdl
zMiDQduug=1K&qk2OZCl{`B}})K<D-e@3QJM%F8168^0A4Zb(Pfx#t@!q`UaI@$TeL
z<VkS_O>cWp>l32SyyJwQ5DP;3oY~|&#D&EuA+z<$^EbbIu(_1SN>xxkLCJAqLve?|
zu_b1Xt2*OyvpfGo{)7Kbe%XJ?-}&F<Z-M;}`AHF>prDFH(LV;y*E=&6kEhW%igr^O
z7ic+WlZ0*N($n?leKIZ@9!6j~qGZeuDR*Xg1$=7NP)eGMe>8k1Go;^2yDZwn*bDob
z!%|9piOL6ioj011pG_kIyHD~Auhx?cF1Czk>lS-$xzXpxaUK?&_Gj&pnZ&q3RC%W-
z2)MC&=3M=)@(z<J<&35GRA~_Xg*8FGEYN@<P0giEfknb-lzy~HuSR;zc8_RpJW-ea
z$M1Dy&<|(gqsLL$d_H=NLLT%niSPQ&lLffcBPuwf>?R>*8t^t1JDM=X<&v5andRo1
z8JU%?DY7vX`|~AQ6|oiaX%(CrLN?_mm7s9zd|=^XMS)E?Hc`2BzFieja7lzs(0mDU
zJGFU{%dy>pc$26hv!?uXi&}O3s$P?{;cy8QCkGDq7Y-bsQH3i?&c3ioIP(ABfn>R~
zWg!>!KXys9=*bW^b6Oh<b6Pp}W}9P$+MFfyHVQsUghZV06nuSQdy;>mA%l`n4Ckud
zd!w9tuk?j}v17{{iYvY_o<I$Ehf*r=#_7`OpA>?St8Wf$JCv#gLh)syBJ0FTid|Tn
zANGO_q!cN%W27fPVi+98+#88Kp<SZQL(;Km4Q)O#4~otf<|j06OUwpg$f5{;Vt&%^
z6q+A~BpygX@-=<w5!DE|xzq^ySLY6TT3{pz5Oe}mBNKY*(Xi8lF5w0F1)yZmVEaTd
zO++wZMZN?)^I#H$7g+`(2YL*Cg2OJ;q+pN#stAJzi&ySO@mU4w`g0(z4bfM$Uuwak
zdK74X#{<X9XoTWp=c7dtOexkVQCHBJ1MLvW8%TXd-LELu`ojL72e@1fq)mZ#0K6gi
zT67~ta9mSupv^A-TsLQ;G&1TpGw~0!A(%l(1<AZ2Dv_Tl)78X3(4aegmJ<IU`<0sV
zE)KKE*nCGNRb{Dw#m!*k{t$b_&G5vn>{M;Zt&3%3A9G2*D^}ic@gDS4RF&ohX?FU&
z`65?hKegi0eVKi^ek<%XB><2vnpx<Y8p!b6-Z6^vCcQamwH)0F_lCWxc4GeYlS8D;
zE^19?x%G00G=$`de6JUrk8ve(bZdN#YO=fX<a&c`5%`PiWJ6S!!sIgw931|KC(ZZD
zJ@)Pt2O8birKj42CP;w;X|ltV&P2hnN)NoTgSBUOs=o_9bbES6C~t0^=%6D{p*!{)
z=~4JiNoNmEhfv{-PI!=xC!<}{wR<Ac<Se`!&t)k8mAokHCH&c;RAS$Yhlpno#+BF+
z;f};K=Ojk20Q!xCm_;~wC^anNPXOV*40KQ5Wq`22GhjP=<cXaZ*z#l;@1F(!az}nR
zLJ39(lky(e`|;TMrunDYZ9iUlkIp5xB?^A4c^Tz=eSEr1u<;WC`$Eb{AsyWcgN5zh
zpuw=c1Fsme(EcGJF#7(3%KeM}dvOUq?-G8<3?hI1Veqy)0(t?^{y<3ggzKJdWwAWt
zn^IX8Fyp)S^ew7C!lp$i7)`_SnU9yY&V=_J{vBpp<o0&@kP6INcaQCl6no3=Pk6I+
z+e0_hn+S%I>F776B&OG<&FD=D{zOfgj7htK1dHUD62OCz7!<;Tv#m#iN`sm(g43OQ
z<yO|2!zPz2`y}1Z^ObvlP6b+65t%-Z_H(i_PU?-d==NMdZ>cQu{+u~ATZi1<9QSCc
zuKBF$rcWNbx?gtqD{q1iydD+DuAcd@+h}xB0^t%hr;?QA>j#cqF7x3y;q5JI2{0Kv
z=y7zqM<(=L$m!@`10m?~Q@(#3>YKOuzlPjTcb5qT{*Zb#{{$Y&A8p-ofF7$Pz`5Gf
zJ*CiZ-bPa3T<N<@S;P`Dj848lS<%>cde2;0tJy#a^%5gwg*Q#LP=i<Q1GfW4l~RM(
z+keP^^1sP1_b>T7{+s-rE&m~Z{W}y?bm|PufIAzyDBUjf<{7;7I}F>6SOZe)Q&xP>
zP$&G`XKH`wkIw?Xuv?#aJ+XA2K5fTkkS8%5(BE<{%jrH5kM<jj;~T{=`Eb@<QBjHE
zvv>yh%Ln-PguK4U_x2b|<13Md{yJi7#3v11EF72~_($@A(h`dNV||l0lo-l>i>zRq
zog}A;47>-tL3?HjA#}dVn(rx7Qg8LXXTEV?IgAhGeLGy{D+A*{J>nec-F<u!crg36
z*8?dx^_4Uld3u34&(Iu<$KY=YhWpyJ!7;N!ANIC&hP^kxMW6Ntc%a>z-=~jz3+Y1P
zyXW`H?i%rv<CwXo*YE$TGg^MBS|drDAf~ht*D&)&FN4h*5hjOS2NvIZBTjfEpuTiS
ztV%N%&1nFOk0tfKi!hGCKNyFf^?Xfa9SiFeRfBq}+T*(+p${aWU`<I*ocbz^=#`Io
z-}^h!c^dX-BJ0;~sF6~LC8hVY3@%d@sWVnCpO9M=tqz>?3Cja)pBNo2f<_4TGJh?e
zE$V#|!H5Rqu6%kcb`8~_ysY)>O_B}GRggUzYeW~yAW}t|FTnP|ddo197E(d*+NSO=
zK!~64LnI22K%<aBiw{3Djy)4mY^K+TOZC@$pes|^oTA+Iha>bS<#;zYf3+TcB2TFv
z)q?t5S}Uf+Dx;Jao!yPVCp6*Id%Qn-0NKc;7L9^^3}Y392s1!Mqd?pEw26eYQcBiZ
zXcqMLG)6dSASHpaG>Z|A+20`p_B+<Ua`__rJKUrFMcMkXg8H%R?f7kOq|T@2dyDs@
z)#?fQB0=l?Xl?gJqq*e!p{<nL$;OA>=yr(>haBdU`|C>fbn~Ch{KyDzqt@;1d9J>W
zr^vT<^`=ZDFxJY{bVjUADMH2hlk41gnUB>{ifj%lIw#c;Sd7t(CK|)0`k+3%VYc3Q
z?Tr_YrtmoRY%BF)`Hj6{gVbvbf|xvo8urx8$FkySv|U_!6DJaAdcv97;B;?j&Bszk
z6M3lR{c>N@Up_Xg`H@%*Pr2~4T9m2y8AQIeqCQ{St_xj|v1yD)Pb3gJz(D@&d&xN3
zRCIo-?;)?B)qYO45@lQyk477dlf6>iZ1cn;YExqvvHFX>!%$fCW+gytPxMfLVMvnr
zBWViK(owqx6Q`w^kPHXSkErm&SWMB5sAwe!*fTn1H{mXox*%qn)DRX^)}p9oepf78
zNrHM;S1frM0(Qdo@Udwrg-{k#S;!);3uuD+Pp()|694Z0ub-wMD*X)l-_U;~s^Q>b
zL6i>vzbF24$ystotR#p9yFHw{5aNFuFvoZb8=Dqkf_@uFoEA|CeK(2uzZN8j^N2h(
z<lThh4kM|+Uk4lXPvn{W5%~iLD6ConT&F!PQUy5?LaRFII}CXlFdHE#tSkE61nr1?
z@hQOnp9{>+h$tWsS(1K+9lF8w#JZPFF%33_{T?hRMdtWsg*z3mCKb5Dna_ia_fv&c
z4R^>@KEkwUhp&NfK|Z2TQWg0tw?fm-ZRFH|Q(0)a+B|*t2c1d}!dR_Z4|ot4J<;fG
zq_)_Yof;QIrYL1+fd_1}nvi<A3PZA^u+2}Rhe&>QwV&!}$RkjfQg}**g)$~Tcb9R$
zEKd|T#;4)3{6t}RLnik@u5cMwS*wyc9LCn*-H$XGVxw5#%Thf|X6!Bx(1meRLSo2P
zj0E6aith^zd0$;<oNE-VdP-dT4#AyCaZk|>Ax2{4PhsGOLHomv(-}GGUd#0Q!~emF
z%RG!K^Q^#SjKt&RSP-;`RL0HgEiKBVBjcX3E%P*z{G%RgQwq1BL|BoN7=|tSH#xXp
zSDr!juSQY7ClVgeQiZoXKZwke9?eS_8Mzd<>5tbur)Iv@m)?%O;M@pAA$8P$$ba#_
z$uIve`P=`S{Qb87A-@9$6qL@53gI^GG~0EV$&T1SC-T<?dBKV_4-Hmhxcdg05}h)w
z6=eQj@ObjJ28<f~JN#dzvMGU3^n*wN2fUp5G(ec|alc{JSlgS9q+0O1j>x20+rws}
z?3ul0s-^a+#eUrGKiyxi?73XKT^rNlU1xe=tOO~!sc8tPsqjt(MCKD65YDqH-{$0-
z<ZgF(z_Phj=;w+K-JsH^+K)2(V9+DdU4|epFeu;n`jBgYJju&&E0lA^eQ!`tl1jz$
z?83(N^VM>tQyK!ni0|b2A`5g=S6h34{zZUjo*k6$4Kpv%0-bV!a0EjVooWW|&DMSo
z$`cuwj6#!ks7xXA=`xtZ6F+%OtjxccoJy)pAy>-chJ+!>RE1U~X#5k{?1u22-XGV?
zZ`A*TTZOXl1UaIw+GyUka_^#gzCxr*5^fQ#_0H5yPiQsgD_@y9<YX`w80+p==C5=x
zsXx{U7$$R%Z~7DYzzj<;$C#vr+92x{%2l^Uo}HxcjqZD#prfEGB9o}dtPkYX4J^a_
zXSOWkoixf)zreO5g7g@_K=}V}7gt1XO$*+7^@mlv?1gz(C;Ldj|KR|N9T6d1I4G`&
z$C|bsNjP-#SH{uj^r+k*_#?&4y!iBZIJXnl^sG7-6H<+`iEm`>sKUANsqyIg<xAh7
zz0eK{m%fofcAw1Y%m=hic+;a|gIA7t)04h^Ws9d%i4cO9V+xQ%9hT^C4*8KkjUeVL
z^z-DDZ{AQbzoQ%J85qK@7IJdh7Gj9hK~W0)*>+^`^pT$cKi|cKjGy43(4`=m?bN~Y
zDe(0s@q7<bY+jE-15@t<bU*T6BVP+9oGS+L5XxqWXwkEfk73IwPEb3TgP#U*2e}5V
z!wJLr!ac($Lhkd1C@Q2-7e!E<pl?nwCoo$mF0f~T;`9{Qlxh^SlnsT4)44Aqo%oV*
z3*GGau6b(V$m`Opm6RuihfyzQF@D1j(&3iji{FJF#zCwmY^ej7GL$_HdQrpN;l(<B
z(55u0TM^O$gF(UDl!=tH6dXmquzbsTjg^#lGpF<RMqLLp-OtN$jcb&Gn1113&p1(~
zwpdkgU#f~Q%`iL6)*gqN(*_GkY_5cw=cZgpcJ@xJBK!`DFh?kr#Ipl=5uM0(s0LvM
z7nV<B5REP$dyt$29=zC_x6Topx2PqVe})I^z$PFkTrX*Z-pYSd-n`cuuZS)f_b`H1
z=6}{-g23Ff;4h9o4sqQWv6Xk<MSQjpi#`^f)z(&ygp;K~nk08&7t(%t|CZJMUR!%Y
z8(uxz^aG`&{ashHHH*SITyXp0!n`-(f~z-YBO_pUgD=3l<Mzes*r;1;A@G7Kul>BD
zydEsRhNkWUrdcSsz#hC=@M-9%0Ap{Q%(ZNAH9Z)sD!MH_7)Knicm7a&G*(vx@KD%8
z3&uQKPg=F>Lmjqj2HbAw^-gSvgSp$&rclemUUSFRdw%JiHNzNPy2G*nqTb{iFMcx?
z(|Us=PqY9Zuk0V)^JECEZtk|MtvX~d0aUTD46BvUI315LC9dR93YWrg=?g+D{$UsU
zw=IY6$`QNc+_XI(w41&4K8<UrOYYHwsK!y};zwH?&V<o)R)wf<8h3~z7tPXt5aA`I
zc$ToUS9cY9+v8Ps91d~mJ;n^zO*cZ8Y}TH3N4I`h4)=6<bn9Kbun={7WES;(+|cCG
z*V)qP*eJX@*TT<wh~PUXlP^pUmYImtd`(S$`O4VsJI*l|qBBoc|BKpkW6FAir=W_9
z6kmQdjH%5O>5p$%N=hossI7v`(9MJDg!JI-g3qKHbnBWLTI-Y=BCm-xoS>ccaHl3y
z=?f^9;Z$*Ch`}Q1_?OO_-+ZCb&@O({rN@hGlu?zYJ$DWkaq^E67Y}qx$rl^H;hjLv
znRH;3{_2$OYo*5~HdYHgT1nJD<iGjf<X8BY{B8eD{!#M(kUtLy1!XF~<XTJ49>fdh
z(GI|MECHZ8)&O|6eJ+K2C%SM<Q8sLQ=bDziJ$h>!)A1!!X06*9Y&vQl$>0qxgkrzm
z>UYseF>ml=s(LB%NY<R%UlJy8)|C*$N~mfeDDp`4<sS)!d62PT-AYcXd$GclJhDJp
z-W$PBo_A3qyVeG(_O8WaWL`vQNr+u4_QrIzK+Ag<h@Zlmjhp<|a3y9C#H|!^g6&8V
zm~<-qUUpkm@ICxnF7oox7?j<EIc&4n4b(!exM)|Y4(_oL><g-;@=9-rbJ|Vh$1lr5
zDW*DYBc0OgO6>7P>kdkIGN@$AX!%>}tg+MMy??(8g(ChT+)>)ca%twZ5BJE_avJ@O
z=O>^-&Pz04b|C0fYcf9<TBiGFL=d5OgA8R`I1b0Le-~cx3<-wp9u=L0hvX6UWqusz
zK>Rx3?=P#7URlA_0-gP6D}rsl$VLuFY0q&3CM6=E_XEX6Pu?7;mv3L!C4<+Z^@xvN
zX~t)})1=SEe7n$j(crTZaZP^;;vI?p9|sR5sLi`<n9g%P6ptxRMkV6nT$BK(T=^ZY
z4Zt@s&prd{TrDGxr6|r}?p#Lyu<~5no#>m$HrZ@-BTfgr!x+L`n!%I>!8I3|Y;Bf|
zwZVzuPT_{gpT5~1x^1S5;Zf%V%o5>60VwIlP0`Ssb!P~j)+>k}YaGxXQ_eaDzr3H7
zDvDE!x;e)MEQ37^r6%#6bV;rF&|4AM@z@8P)eK7XeGfIVS3Ym5Ii+&qTGs%Zvu|lC
zJbr6;Rsw%#%XB^gJPRzK>z1AI>L#6G>t>zRJLMm5a<pl(f`zqGEXnRZ&vU1)1>C24
z2Pg`u^;Qcx3IAl66FigGXrZ+6T6|)uaGn(K`D`Ph%wURO+RQ4IGM9wdR$PiXy`qkK
zbpE->?WiXo{Xs+AqONoppqb*Zxi7Dc@i-5Aab$f{Tp2m(J;)c?O?+Y~r0>h4NptWv
z?XRp%Oj7VmMgofgWyTA2;t!&)ZUw_F7H`X&5JGQoxQrK*qs8~PW{^%Cj+XMIX48RL
zx50e`8LO!yp7K2^Ozt@$LiYIzv_}Etn=Q^23efg?c)2LAy(hVo|I16~179(jOC6wj
zpdNsB@Y^w0UT6eLo8HtytZ7K_bgis=&Sl3TVeySZ-&^U~S)eud_d9n5{w=(*HR2ZM
zDPwV)h~~m9EMCgE50Z#BZteP%K%#dIbjdvvwB<t;)WO|4^kfTmFBKzVUe1NLelfT4
zwPqRIEw{0oOhgJ;fT@M{r9xBdHnCP||4Z!?kw67g5pK10rH<{NJMId}TT){enP6^2
zM-<a2ZgLe1<{K*&rJbpZX+8OXJSd*4L$?o$H;`NwEnB?&H9ca(zPF#Qq;~{>@I?gn
z-_&*+RF<<TqsEK%8>`~lG?mDhi$wkwBjK8isjg>@$aUSlmqW&L?DkEOQLgKtQ-KG)
zjh&5HSS_rpcy1C>vv*q18>q!yL9gY-S+i*oOSBdJy*c*tsgjps)o#FyGXIYa6pvM}
z-lcFxpr)A<IYuQ$&a=bE2~eU`pUz4eg3eqTVOE~QtgiibbA30f%zCBZVj9NR!wm1?
zl5Q&g!@Cryeg*6VqLzo0fwP%KZ5rV2sPR#HJ=u*d|3OufpTtO~+qlDVt6k26fB=4V
z=?klyK@0HC_*kbI_}n#ZMFv`LFnT}~xX>eb3np6h+7PKy)k%93;EGt(f0G~gIyJ19
zOENWk>)<;6^3y-gxsqAcZrXfB?G=(9*6a!vvnXJepPb)Yb@sL5f^UWaWBrj{lLpt*
zZ%rq!%DvHX;WbCT>yFdEmU1mL+kkZybE;$gP@0Ed7&}U47NeJumr)PDR9ZKczY%cR
zWNrG(7PVx&X>(a-ZTKsiwRpbD6UF_xG>&jybzj7X#wXZU9aZD<Tf=nJ-h*UTL&*Q|
zzsaxoFZo;loBV&~{zHCx$Qs`8AGnUAUl5pLV`Bu)ZHV(N=bKqYxy+g)ph{PM2#{=Z
zzkF9No_BBbm*O-LAp082!L!hMZVs+Gs5?h}9Zo2+iCqQW8`~<k<XrX?@!5BLxU6Ym
z?sem}?m+e!c9)o($^N|ohyKN+1MSdd(;efg(C~y@YolSL@0#Gu7REZW@<9X4)CCi$
z@CVIX+SLxxnTzLq#W8#BL9kxZWy<K|=w<S16s(kL=nA0~D@w9!O}#e4`0*u`%0h-s
zEp#fnfshLE5D?YdH#rcIh^&`6ocW1`LGp)Hb5}W7&nnl~7OZAf&{ggKlj9^{TGwuA
z(3!C?>%AMs^h^$h96bc9W$rg}v}@`LT42KW*w){_XYH|)1Z>Zgwg-A6VRv)x-5ru)
z5g&vD5Ch6rhq8gR-k6SzQsa8CVTH>pmgLbK3%%y0!@^AXZbWASPzC6CQNG&AO&~^a
zWZ-8|C58fZZmenPTsLAXJ=<)rLg`XBc{<(IY_EaUw4aLI5lJICbmMXy^r4`Y2=scQ
zAM35^8A)><vVoS>+EjmS7H~2mN8s#totNbrt7!Lx-{-or@kZkU#-KO7ZLdSJm&8lU
zL%$cfZ*8~vZ%W%*hggV6>*s<8+d+1A_9H9$3p?AvkwBbS^YoaF*v4<BuC!-@`=h8O
zuDNb|aB~7y-ZnwHIRqrnee3jyD#RpGb@<y1bDj~vwHfaA+sL9%I@6wiRLRzt+a$Hu
zfOs-^RbFhi@bU}4V^_afACgWyfBWebR@9ePLleu~cemW$xizyRKktl=w~vip-CDL!
z3S&4&s&!rSW##Wf@%K3rs?JLqne-ZC^mN#!j99F)Ltb}~8h<3o?xQyHk8U%EIz9b8
zUZ_I^1FHBcW+#%Hsaa)$s<~7F+9J;C%g*L;cKDHUH-!NPC|mnF)wOTJ*mfnS8g-f-
zLr(l<i_N^2L0;A4>;znMr}&M#PJ(*XX2M5H$gvaoPT$ZmqzmoB3VWC%A9Z6^2uTV*
zR>R3)jU4g80jMwL^hl$GwNBj)9zQoySx_fuJgqgFj5u?J-J@eZ1T|6cidk)Jhq!m_
zY9(vKVT@o3|Ll<!*l9&Mg+F*|qiqz(sbZBExX^$qf-=Gqtk^hJh;I16Td9c}TmC4Z
z?gPIH3v}(309GAEVvInek}WCmyA)OWT>Ww%*WF$#%W=1d3*pyL5|IDLI0@?!Tch50
z8*Ua((8LKu*6A>T$6)z>n7vS^Ho#BTS&;)+d_HMR%ZUky0$S<}5oK3*TXr7sU^)!f
zOuCh>YF8M#pZG4U>MQ-ORrOx7CLnODn#1Y*F@Lupy%QbU9qJf7Gur|`y|P3V`?1TH
zLDd%Z!CDH)yG$p!C`!&~M|$BRqZT6ol3Z@DWF;A6yEtAW8~bu`Nes>1Sn5#Py5Ujh
zAedOXKGUL&8zTckmqd;k0ijDp#?XOisV(YEl_I=jN<k$O!Nb3OOQ}<aSGqI4Dr%6@
zPd)sJP#;F|y-o1irI||jnshC<wLhx0+te*J?X(1{slB->?%w~J<y3r$zXt$agvNdt
zoRH>%In<Oyg}GFW)(J6pkQ@B`%X5y}h;l9q4@nxYtN@sWlF3-%s-pgZZ!>80o5nuU
zvr0X()MiY6+qddCRN@CudFp{-K?f=GFqNI^*fZ?$E;p>;f`A7NbZ=s*7M1-Uv1bt{
zRW;TQr@lhO3+dv_C*%ABniWr-CkueQs}pEdMkF*NPWqCv;Wk7f7ro`#77}_M4Ucoj
zSNvMK24fY^xBTDR$dc&DdJdn4HKpPE1U_BhRc)#|89927P|3i}bO<;zRUrPX0~qgx
z)NKf0@kx0q?Nzbu2%%;YCA*p9UkBCAdE;uKsZ7@yK}oZy-W8O@8Wdb&x8X~ftb3CP
z&lpV`X#EX%{B=|U;%WFqa+4de&lnD%|A+jb|4n|Sf63qS-{hYQ`w#iC3!tEkSEWt0
zvFA^}u!K5lt$CQtdfO9||G`T7`T5e*sg&)!>%$2i*I6^y-$npsg-(lwZ~$K@=Vqnj
zkYy(i)FHiE%<&eHl*y(yX9Z)+K1y0w%aE+ej5h}6iAvihYmCk04=IdqNES|O<5-o2
z^h}Q<fzEJmt<_qs3q1&~RAr+-(E2ytHJpHh4^~hNpx;BD>ZblizheAY*P1Ds>BC-7
zsO3wN-%XvylQ)fNf$0q(#sVvQ|Cr@Mb>6o=?=n(Hq5d`$t|*onLL^zY&%gqe>`0eb
zghaPvAbYzzFCc93sDWO*n>D#&!c8fJ0}7+oH1PI2y?)D#r(kj^<IgT!RmIXu$6Qpr
zlZqTG@u7D9!#0(Sni)@FjdJ<YTe_VehQDu3zhwYZ3y222+@{;M<!74sYeO?#Z4P6m
zwKOAcOB}>X0h{Pe$CE&BO0>d2U=pRgf<AO;Hh+ga(T%iQDsVRv1>VhXDRVlXWk(JT
z?KISYuz<8(Rr||!IwNai6fmPeDE!5(!|-Q8aKMnTR?CzoK7V1Bqh@HV<Pz?NiMHZV
z`bAl#u&X#=eF2xhSm1b-h`&-`*9Ikdm#Jbp$HiK*`l53JGjqYvRaczA6@|s>C{fPQ
z(|4i0vL?S)95BF5uOzKaA6dZ2fTbldYB(UKoZRMC<8=PPaBjo(9GSU1+*bL!6kx4M
z#8n0`<;Lcrti8>TJ-#S!I3oTN#Jd#1HdE`AgX{v*SXyDLopSsWNe!|))Zu;ZD>}Y4
zAn3OSi7yp9mUJ(>(PS5~y8Iu$?lP#2uI&RjQrxAuLveRXa4QbQy|{bP-~{*LZlyqR
zcP}mhio3f8_m}&A=lSq_c_y<vyR%7VGqd@fvvRJ#0m}X{lY#sum2ZsgC;fsdk5#19
z<IEKr{i5}wz21gLUOsY%N!yj-0C*2wet}Rtk6+Ct9<8pude?>?e)J_6tx>%!k76FO
z+C}8<sbLL|q-VdY^VWAO(e!SBD`>`iFMfRmeqAG^=*JkXO`xV@t`+wE<G5yx&4dGw
zVv)VMP>&<!X1KTN*Q8}4viV%MHfYOL6VIwwm=kYN|KSdyw1VGm!M)Q)&gUQ6_sB5F
zr`cNWLg{Xp&R_#P^vyR*S+|67n^*c<=%gy6Jd{I<+kUM6-TZ4{efGCtGWjqE3H*Jx
zdB4}y;Nk4y!bdB?i&te$W2=*d@tDzrEtE|Hd^}k<(m`Sv-6^kC@uYe0trh%K>ECE8
z&qi#h>HG+|)YOu%qVkc~Sj#*ZJ^Fg{3v}*o4g8C+z?#ozD>`L93q-*E&C*f**`o!B
z0v|AX<8aO65z$cu%V4m%78!V5dD<}xt7Aaj;Rf5%8q*OIXdVd*r#iddP}k)3&2-+=
z@mQ3>oDKG4QW2{9->w4G87Y6~d;IA91tZ4S+j(cI+a{Rj(QZ-G`87i~`nbw-*m3n>
zjQZ&*{=C>%H^lw0WdnpPQzsuY6N51Co6f7&6~nr7pOY%SdynKw**bI4s<uU2a&{RF
z|9SN)%WkDETYntmVd^o?t8);$zp(>WN=u)Q_|LIoW(j`H0hb+0-ke=oKwGGRJoZA^
zqWX_Nzv_;Mb$K&=f0UbEEff#;op>yq$IH+({9sGq)`>ZZqA{>YUi=bzvR|8<I3{Ve
zbNQ$IkJcAW6H^l=>o4lG=<!vwo!R$X*b0C|&){cvXNF6>7AVUrbE^I~zxXddh9t~b
z7R9$@xl|LiB0}4xbcg4M*^v^lAXpLc>pw)|>vrN4NFFRhEwP7+6|k?^``E7u>EJpX
ze|UkcjlV0v|LvDd^Rb9u?3v*-9rH+=PbcT<GVWx25QRW*CoL7B4}7|j4_2u9uJVYt
zo!rUdn|Ud}p5PaS^kqG{a}ZP%_A@M<uSlkdoKs>tSJr<Z`inoq%f~BT;kXuw&vY;0
zUNYV~t=&HI-WrdNW6js#X%Q~qPyd8hx+?>3e9}7QMy1Bs2cz0Jv%56dtmskW30LA~
zv@zs6Zmpr`5MUsasc^os=Rfj)*g}Llf`j^Zf<k3bs-AqG+ooe6LP<fvt-ve)D}UpE
z%fBf2ANfr_KtZwRy0AIVmM4{M8X60nX;daF?kowQW%gJLFlF`&@F%>W-qG@nb#})%
zZJ*Gd890dO$>e5z%WRfdsal+Gc3lx@49ncz(_!+6X!~>PjIsiAy!-mc!1C$vMcXdm
z3Bw^I#;K_pc#@YjgtO4JI}8b1^w^CX$~9Y0+#kuc#27V7LOH2lp(QtW9O`0t`vpqv
zq9#wJ8Cp*z|50A}rlkQ1e<t4@q#=YbJb*u?U;9zWR=z(e<Rx44T=4w+r~0cS<Sofg
zbB8hZOC$a3c0L`A|CeW)OB@DYLnVsf0Ko81WnwMT*btb4fF0zcrRAW`)?0b}-%%gx
zzTpEJP=buY)lp)odsR1^ooc=1_^GpSCQ$H0;5Kc1^?e)J)z5LI`R48CP)vIrjC0v3
zNh-l>`e=o6$fiDogZD;=eLf>Ta@qt_w&5Qdg+e_Fuy1{DeS53PtI4|?`%W+-KrakW
zYE*rKssgusCywDTxgUVxFX2MUTNh;NWaq+)-`=`k18KH=i)Bx87e)H2g4c91n2l-1
zj{MP5WchzYD#sSde*ILsqbi$06Z3QXy)@A$uO9#if$+x^28Pt6L}nlO6C~N99jPBN
z%KbYVLd42F4_6ADh60g)JR?10ilZ%K>IP5-<Oi4rYzIDVM_$H?Ml-?CU5MAlhbA!W
zAU+Iy%Kt)-H4?&@uW5zZh{zHoH;Ekd?c+)iJt*X~H@sSn0RPs61QQ)8u{VjGB@532
zBw+m7V_}2GiW1f9X6)6lihY)$owya4VkO5>lv$gX@x)g#n}p(vqCl)z)VumLu5SFB
zcNThj&gv`5D6P;nPv#75+psAllj;{GzeT0>47bIS{SrcMuGg3FaiZ(=n+8wC={(sl
z@Z1c;pNPYwaYYjo!QyK1oK_eKE>_MzVRQkdw3(M@kW}Nje6Rs+LRCCoZD_rie5jX<
z#2l7TJ+2A0yU*5iFj)8TA{K%v8}@KuUz^hod&&W^w@Tjunu&O2wPTzjxghHDK42~-
z?$AxT3@PUeN%@H>^*m&Uq=dbpJy~-q`^i9t2Pct-$n$+epOJJaTV!8hCti3T*dWX;
z2&V#}<~u*rB7$40P|wNV0As$kUj)`f413HtmE+mil{uAvq+WP|ZPL()FC!-KzV`XV
zs3x#++DI!J4giObFApcQ2m-Ob!2TWoo~T8LuuT)AAc8}q$nGIMq?snPPGe-eW)eE2
zm5yZr@<GczvkOkYCQ#*68^b;P_A5OX2hBC(;o}tN+n;BgDXuOHi!b=GM$}_4UXm(1
zOb}VVwQNgOK-t0<?~7PKW`TmL^hqSL6rA%$qNGy$+eDEH!;)-Ofy9*9<3?MDoWte<
zTmA%gsBAbxxOMnnOs<-=sD8j7b4aN12)jMMeHzCY;T~ElT2$z9sCgetcboKFNkEE~
z0>>}ny6Bbxm~Cm((wbgv`*JQ`qRf~I=>}CtZsJqvxGBeIg0Seq0gi2lZDA{%fxdyl
zf$f3B0j>epfvbV20l00AZM1F0ZToE@W0iPh=UyU8jUmk15J0{PJ>CdN&WcC8W0J-$
zWRBMAL-04OtRO8!abi4o#I^%}%;ZvYgK9)SmKwB|kGyaG#Oqa}^1Z5^@G=j&B)i8>
zNyQuV{sb~!jIj`IlHEi8k@;<UaJOnsMB%eD$*vCnNS$+%NJJq3LFPe?f5g=}$+27Y
zl{-B!CC>DPkmMMSe-6dD+#hey8!Pt4(z#qD%=E>J;Fy`A=kf(6_8iO+$C3UP)=>o=
zb<{q$%2j7c^QsV0BpFcyB9g$25wk^VuwoI*5{daVU|On_*0CRFoaP_XAjwjbWXhmx
zTER1LT$A$Eq=H8siRhTaMnM1fTuDu69}k%X+9$H@Pjj|oI>)O(C&{m;u4leEPk_@a
zq4PHU_1D{_b+GQS-ueJ$?LYD({%`qJ{*}MszvW*$|Bw8Sv`|pM#*@<OldA68tIKs6
zg<u}#FdqMpa{$=6XP(+U$3%?wJg-2XfH$Uy^y)n-?K;^jiE)f!@`Yb4_vh5*)fU9%
zUa`MoPCP4r8T@7S5jsr&X$ji;2`7sJvit#%C3`(@NKB=hpZttg)Iv^W6@)T;=7QJ)
z@(~ZzwWJ!O9HUNh%J%H?aB-4bjOaqI7r^;^IF6!pql7U*f80!}zt4h-mux_xkDP7p
z$s(q=xZ8#9u$@iJd^>@`N`Kq|_qy1|ZpGGyRsU3<uT+Km{qe`^=g9$r)`J^(-_E2w
zFfn3ifVNWvTTDC|M1qX?=+-=}(lZr~se>t4qccmd8{Cp_yLR*~hV6}&9&z<Ly|<u=
zR~w-mrSi@J)d4cD+RYg^&UcQ-KF88i(fMOTvlC`H_@;BZEqK|BI9RZ~EvU`+Y<Y7P
z$1e6*5#-^25dii_S(E7Ly9?^>U66LPtsVz5dzy%5A?Fx>__=@=dZ%B#o#Q0z*|Yqy
z{X2qpP%0s`WAhx4X938D_`zhkV?LOVz+C(b3W2z6v?%l3&^)q#ef}63BMUJRX9^ld
z(Y4Gs9XqYXaFwN1Ol`ttSkgj?!|t@nh1znJTl+MEkrr4r@s=iI8~V2#4r+B3O<c}Z
zXgw<>9cQaGQf*Ae7Bs*aFn|r4On(oxWz>iAEg%orS+r@k4sl{!3K35L_Wqcht{s_#
z2zEbeVrhoSBx{6duA=zZ_7R%%<j?w+pj4c~uCI$OkW7HuSpYrrm^u25!u8NErwHp4
zPGmcZ`QskJRSbaDd2H5p#lgAB#$^?9n`YSOlb-4#I~l9ub1P5Q%G1pU*qeQ|8o?R$
zITD)|SOjr|QS`9bwZKLdAe9eYAIf%(5C`6%sku?KAaTm0iHhYyCV|Z335~PC_Az#D
zVbrGR`igs)X@svhbLp=%@lNs*4HMCC*;`!~Wik2OC&Xswfh?fYnippvI`?}`_r5z{
zt=>_e`CcYpzP{OAljfAWR7lUJn?Bf-Ng3UdSsBf7^Ilh&u|0d+%uBkt2Ef%Gbr%3Z
z+7u#L=CG)}gA8xJT;A*F;0vn@3$2W7v$CO*Z@19D2bepbm}PgbT(m$QHm`P3`V4lz
zHW#lDcj}TM8nMMmeaJC75d)-hhwYA9<*MJ+L6Ym=O0M(`6}@e!;pYN@$5axdeA1y;
zoqwC=Y0Fh}l|oyK|J=cx;he|p>QPZoHk~F+UAjpFV_)iT7gDXkeG5d?rp=W;_@|p*
z$evw$4;^TD=0<xj$WI&{be;HDA1R)C79LM)Jn{2=l&gRA0PTE?VhVlyt7E5{WFR@E
zXE71LU3=iqR^<UzzwlczUDFfadh(Pe_)NlTy|w*Yrh_OQ5X3ZrSzlR-HYGPoK}@JW
z4sw-Hx@(X?xGR)U04c*FK3WX(Vl(dgBx2&v*hR*0i;@6G67?J!PU?qs2g}3S+xP`z
zP~c4^Qt@}(w+?!T%d1NQ&oIZEtFq2}>~oRBjpjpgGG|D}lZ>Q~FW40b;d?vyG9*G<
z3wk;QN2)*4N&m*|^8#?gza@Q%@wfSj4qjz>EqQ@}Rkl4>2DLubt3E~7+(r%hZg0NF
za20nPt8JBbed$;d7xYr_Js_vUG5s_+=ozgL9WjIF-Hf(gC~$!v#u8{yBM~T6qY1yy
z`yO0rdpj7LA8V5GCOJdEk1O~QYy?wL<NEr02>K7lh#<_M$$o;Gio(@-xIRQnI%8Wv
zY(u>qg(K$9e}b5QE<5Vxf{c`(yp8A}(%_Cfd<F5E84pGapBQEy9|H|JDhvTFO6Eft
zD_KmILQJY>iYph7qxb|4`27~b@8EN|FgCKj%O6j(smuLW)n!d4?3iHVnU!F-_aq~d
z8vdxO?2UtdoNaKSPz-{|U!NXjE4v<!sN%fXs{#HQz$NcB7;bjuocAC3QUAC6s{hJg
z|KIZO6#hqkLM$k#lB*?=s$<xF6X$F2@s_|6RErL~e2;-E*F*>Q728D1mY0@zY`<@R
z-HLQ}qM%RIGq{W5eUxoitqgC!D{~iD?d*Bfj4N|w(^VLi;6mk#JXM>q@+E(_{lfmx
zt5Zb;$?d$<5=B*9)`eqamNCs^roZjaU{g?+unY8Ui=fLxEFg5lG4>k9>^<d}a<HOL
zm8H^t>Sr@Xt@1rsQtg>^s$TeQo8UWTMy$3g!{<4FfsE7hn7xZN9E7-3u=a%rQQey~
zcau2rc$h;Z`A69)m}oV7Bje}{#;*mgjMD{I?}Ldxkwh^LNXs+T7M?|Bm2^?@5pBL;
z04WCPMvxdGh4M_u1)~CFT4@DkP8Rtc?-wh-yY;spEJgk}fX}IloIcn?_V`Ymi^E7Y
zl?_n-C|{_!(rMyVUu2?j{jLA#Ky?CI;C0Z{wSUP9*dKZz8*qIo+}CJOBjBB~-(jLx
zUspisop4%iVp&hj5j|H^z~Bvcr&}<exBcy!b`TO-$Wc=u#M``O#@w=H$J|iB#ru29
zgt@RlFh$4t6K~*t)0VCs=N3WSn+0=R6*LEL_9-Phzb3(#SRI(snwCJ-ng`!o2?73n
z^1$eYUQr7LWQA}q)vAG&?j3E4c>E~immy`Czow%wAvMX+^5v~y&F%ewdon4PZw}=t
z%OCaz=bW?iK5`Fe415;5A9PfCjr9wjX3=lC0Ya5(T?|{hv;s6IQe1cR1-i78P|Okm
zVV*hqR5y%LN|r-KwR)}jxQlEuJ4Fx|ujF=JLng;~zR~3!crQ!miWQnB-1Ah75t&{0
z#gdeUZrO+Otb!D!hk_LrqlBtqzU%_mYOclfBa+=QCyUQ?{B(j>S%0%bYIzMyLiz>f
z1=d?sl)gr)xp-$o+u%!Jw8*UdIKO;4Kzq*i*M?oZEq`NL7pvGIt}9)MJJ0L8B)zV?
zM}HLXK~Q`@VbSswy-=0yo1a9u<hiEwL3;sohW^^NJ?Oh9dW7>qBMq*~kK3?4D7+`i
zh<IPzw6((P42^w%za6B7*EncWX&1={ZM<iGQuh4=Qa)(eRPA)nviCnOgp&b2I4_)?
z5q@y%lEs^u2jAaU8Q)hGxpcX7>AU%+iZ2xFG1nz6w=%8XQwb+}`BZT_BQh=(X9^w~
z_uzVd>E!EB0%9BsTrU-`kMC(8Q9DB?sFmMhF3K&cEUK!Z)+M_F9Shd~@J&gX#N2~}
zNd2v=)mNy`KGHyr`-0R?u-|B!hy8)ptUSHg`H+-~&sKk8)nZ*^uVPtcFp|q+kGU`5
ztxLG|i6~>Fo#liXXjl>$OVwq0zGl}OF45R09~F_(oBm|BF5s5Rh~$LTr&$b-DuVlw
zjj|l$PO>=eIqML*{bI+Vt6L~D?7g5Vnej$aOV;=i*3KMLXGG0R;(7d8xHcBfOu~*_
z;v2cdWwsANOj$H@L<MEKoiW-X&T@}aZP2NivK=%-Z&is8I$k_7if6#w8|EU5KL)w1
z?JKViLDgfh_KoU2{3~X~^Cx5OIevpg1>0wKO+MJ;N4W9>f^n)C1J4gkkMtE*qC+!(
ztfcBLl7U$kJQXIqn$7@CXP8cFk;;b{i#T@GNg74jjErhBovoMH@>eNcMivi+?+Ow4
z*5#(ZbuF&hrWs`t`hMYBHxw?YGFKF3_`O?X@6McOQoOZ8W#2cukJukIv!U%`ncyzo
zhb>d2`#Xt>N5F=J=PQcyYPQtp1MTyL8LdVay@r`GbD6iT#m&Xjg;T3o{C)F5=mwHA
zBfxlU<9!<dfrPHa?w_yEIXQ64%I`ft-q@N*ivHdaK&P^kBiJB_-iDID>EvTUnwqpF
zaMJw#Dy2K?sPkO1^5J`oRGhv|rYS;YSCc7nAEqz5PEPzvG_t72g~j%@IEghT2EY7X
zilNQukXApzMa8A`ANeu<xBOrKmA~%4<v-H;kNjb8P*D16$BrXZ&VK9RcCm6^)#^@`
z35lN)vlzz{_M8)BWIxFzaM6g&Cdn1K{8G=zE3O*CAxWk2FuIga@Km)}pAusdzh&9)
zagW+LbfH{Mv)fFM->>x@x{}ompRySJaUvDhPEb}5!Ls{7vvk~b;4idobHHL3DE%x2
zc1IA$`t=w8uMrNJj`nDaMf$3ruNtEbW~1(2q>E43UWGrCo8npKlQl<|i}bx6Sr%nK
zHrOY53<F8{c3vQqEy><vw?=g2ee|dGCNiWN5C$9LMDXywEIyD$8k7=Qb#bIA5V^~G
z<c|^az&Jav(#Ejk#shKtK|6wy9c23Z?*_>c$r;He$tek}5vyh-*Qh|k%d9}ZK=KHx
zC6-s2@}+k1xK4D_RAv?miH4Hk)6Yb1HThhw9sRBH@0tR0g0|{!rWoZOa{|6*w$clF
zM5_jD=|A=NX&J^_W_8Y2D3kd;{yt9I3^z<z>_hJxXSCRr20Ydq+ITbyD61TEsek@S
zV#&oEFB8$Q<*q(t;+c|#kC^%s2D16tl5JKdi%(zIGK^_h>fF7kd0PLlvZm55!?ubk
z>~uBxc*NslvqGhS-8Offw(C4VAhDcfUSsRJMXt2jz>gspWi_hVMPJ_f1FbdLst#*%
zvt~^;c516;+gvMeGq2!abE5!j3lU9|E!|>a?%<w{OT(m~{IEDRKp1R3=%8GsS1{z%
z?HW8+96X>Vdi!;M);p0Nc?KAR%YZI8-`3i}5Q`PNH?28O@?MZO`z6CJ)M8X{F7tHU
zc@F5>@nDuuBH+!Cad|QW%n%xvLy^gTN^1)E?%W;>S6GB?J`^N7k5n~WvnDuL(<caa
z)}H>_W^n{IcSMqHGx)Ujbr4zroV-18)!O0b_(4@A#%!&KOj1*;av!u0@@RP<-PM93
zSAJD_TiL&Sptyz>E59~QG9Jzb<O4Q&5w{DjmKsJLRAPT}p>+S`#p<QkURH#CE_N1i
zOi_WetQ2uvQkH!x!{EYl^HhCIGe|S9qr0tSjb1S!Ra<5kiLhAdka28Z$@I1JIOF(N
z-yYs7?t9|(%JA9D^xU-O9ldUky%}FBsr(AznZn(NJ2Q_QV5|Dk$%dE5Ns7yAh(pwN
zEwB>Uc@+et^ioEHBdFRbzVn!T^_&vQ1}uExC`&r~u)=Z2$uQnAZE#xYR^_TLCwmri
z#&UKVi*qJ@$9hLLe6Xgh8*?Ucra4GBy|O7R?aTSqNT~(f0&Z)2A7fB9Gsrugz0<6~
zQU&}F*Q2^kC^u!n|L`N`#NvZcqGIEZV?xE-<x|4#h0TfYZf&i*x?07BeO|qZyXgmn
z5?6UQ3YQ8uV@{1;kpN!h8q2`JGiUEe8XN=P2}9+fI*_hbtF6Il4x@4m?&XZv9FW(m
zvDH@SrWRyp^DLs2<}X91(1h9DW%FhCEi<~qa1v1b@$1QQ3Af6kY*B<<REIhA$0xC;
z9w|$_>>Bc-X$MD{Rar*MQYQnt<S6xnmIt9L;K{0b<-!AM8P8I5-682P{}dwsl$CSJ
z6y^TM_xU!ispy0tVsRQxmdRP)usNa<t3<*TQNooUynrL;1oPc?Jw!(=k@?dT2kmp4
z#FLqrY11T6T%~LOQ&i(J$~hb@jsY=Jn=l*@H%$%~_q0ofgsL7rz!X^lt2L*UFD>Qo
zO;+R;V=M01kxJz+G|)KB9cJYkk{YZ*)jH`fT5*)akLm=75{?K1a~O4@cYWbq(1l2*
z@S<~2-h?<$#v>g)(pSQ^jK%}Sd0zrglY(>_fs!1?Jy6w5)l;qGE^EYg^^J8tjN*(b
z^wn+*TDEis%9xBu8XmpUyzFIrXVnH8ZZoCY$_q0XdI+MvA}9C6)tQq3D0ED8jDSWz
zerHE^gP+HQg3qR+lR|2In~_Ury+T{qn-D1e!lQQC`88m$&d=k2<j48n@~izTf9-$E
ze}VEJ`QHqnpx$$~tR3^K6l=W|KSdV+Wt-NL5nV$c{kB()CukI!U%b@hM1G<{`MGl%
z{5{MlHY~<i$yE-vW~Kx}?O?hfh`ye(<J0~*|Kmv<muf@8rFY_c*$<fa13rf@%Wk#)
zzFOszxx(3V-#qm_ieiZ1pg8OM?f9Nl)%37P{kZtO%4MAys~r^Zo;c#q!KQZPrLdO_
zvia1x<kdm1lrfLR%LokciXvLCV!CzsB@i)a$#rVIXE5S94xI6#$R=Uaq3iax78=LJ
zALsV4I0{a`aWB0po1hbk^5yId%T`XaoHoV6CG`P|KZTf=ELFW8&p5_B-X`6D)?fk_
znm14LjfR8vtC&oCz-==faej@_n#V*q)s|4#>#1>Q0cuE3w!LJ_VL2bJmyMooN8cud
z1(y7t4AacJ8W3ntJbXE#zNP0ITCdkGsFN4o8|MoRiv#0BZpow6D(J}fUSR$7O70Uw
zZVBbTL`bE4`fXI=hZz@Tr&k`fO|qr7BJ(@BxgUJj-~HM-3$EI_ECM(Eo_*CSwKa4-
z_Nu4zubW&m)2X^%76<+axywW6p}i!q!l*q_$!*g^Jt7}Ou)#UMg1T%zH=Jhiu_<rU
z11NTpdi)vwqn)0JNsY5bx%8{d-X&RJgFq<r#L_(lX2RaHL!dZaNVS4muLduE%voXF
z$U@D*>`-HypyJT3v4Zhaj*i!vSLaODH}?dhQO`G{ssVvUk)^`-n5@O0V7ZrUMR%^u
z>v3Aa%<<2|0~T7pFS*FrJW5)00FKD3k%f~*N226qNuCjYH*tM0CQe4^IB|UdrMdpQ
zp<fpBp8!UMv6hjXMnf%Dc6IY*ZfZCx+)(d%V7JhD6Si;dl^DrL2f6e8uJvz94voux
zz*o0!Kc;iJv6_>kx^X1e>Gh_eH)i`=!RHZ|-nCRyorNmFB<&geDpq=T`<9<eYVA48
z*S~KEwIZ1`XV1%bOf?IGB>n4t(R1`>{8}h>JAv{-?a8R1l7Zf$I0kD}Jv8~m`}WEK
zv)z<}-c$vT0sZUc^)h<$NDk)b5wMpfV(D~bb+gLhC9T#Zb45q|v$vX`|LSOAY2wT+
zVMUb_BYqF9bD-v?e<Fu<{^0_1tR$X@9aq5;nGG?t68gd~XQj1&OtV?;qEv0DzBjy7
zQQtJZX51m&T)GoL^0r;GC=Cp-uZEcm^9{9IPAMO2i*Zp|rthDyBOC!hJ}+_30&&zy
z6O*+a3Q4A<AM#^NF?LOPNBZoNv=-@eYh_2Cm)dPe3NM#oj(C181jo2g67P!gE>YVx
zG@XQ*^6kU&j)d4Hp)59*+}MmYs0x3xRllywU9gI^OM+dvrCYFhCc#`U{L)DJb!kC2
z`Sa^MK_5Cg@QVD6X#4z7FFoxO+17fAjb4Zma&O-EUTtw+%CLC(A?0Q~Oa+ht$P0um
z&d{THfkOo<0_}n{K(n9*(7U4`dl39bK_o>GUawfMs<_}L%_ehxqLZqx<z2CU6=r4W
z#w{NlrL6i<B0SEI*-p1IEh34pjK;W>5~b&D7TC1(zKR(>wqvqhphJ*&kknKnx0aXD
zv`?>i(9by_612F&RAzm2^$(TzT$*xfI~qGmJ38*)^9D%so=-xcmm{~R$CX#mQy5|e
z$P}aoas^#ARRTn04L~_vn?$)$Wg~#sif$qrlUSI!xSJ#OW%rvtw_Sfh@~(m0xZ@76
zD8cVazS(uY=ee6sEYMUh+qjfPX3Ii*w;i7#bgqDzp-CmTR=Vw&+uqHd;$Fp`_Z9k;
zgKOPGz(aM*xKGdsp=;Pf(8G_1+Ln2rzJdlCo#+%?d7^j+!l>N3(j9FVq=yuksA0}Q
zPO!e^dp$=zITnW~@^I}G-4s1d9ZkJCU0!Woy+$1(X2HXKTKTBmyxo$bRhMa(xoPVb
ztHVb98vVMJ`pCI|YjxuPZ~4{#mA~e{<-h6rkNjVOP*8Jbw!htyc=|G|v%h8Ajn^qP
z;pwvY<R0zo?(5;}ekz+MsvamGEoTa}v8`}h4Op;RHCc7I)ghj(jT#Y!kTE`0gq2s&
zkgJU{91Cm!l35vr=E~-dd3!9NLYG4S=CHeTcQsR#_&ZY~`8yl4zi#!aJom#<zix?h
zzArmH_lMxVPwMXz!bKCFG|}G}Wkd`jIzklCrF7U7ivrhUwAdzt>7V=dZ@ijBMwmIg
znuJEUoeuh@J_eox&ERGuZ3lpjkCApnS7-Ih+jfpMcOMV*GceiWwQJaNrzCIaM?zJB
zXb6LtMf|+kn3}nRR>4RS;|e4Fk%h|4cwR}Sm@1!X@{)VQQqJ)l?Q^?Whl6Gf%Vsv(
z5m+$9`Ijc+phB_2zQTU#_dsx_cZoia0UwG*uvf`fg^In+J*>T{Jr4Cushh%aoN=}H
zXa%)#t|7Y3<X>ewsl0XBb4OhF^29K&1EF~SrV^H89D9fbmkg%)d3+O`x*=lsKw^oQ
zsOX}4bTZTQi+Bz*RFuPkq5($~!hz(0b41e^mH|A<zxSb+Xqz0SO*MK$kN)Kbu2=6l
zbK&^$ZdMNHfdB#sPJC_vK$e**r#vpN6Zb|Ws6B&U=8b7cDn8lreG39uSP1}qlPD!}
zeNiVcX+))DGUp%scADtNFwC%pYT=vYiNDm|d;UTI8GM=yOD<sx1|UIbh7yz4ez)V2
zND@y!T)trsVtM?gCJJj?7p-FddMO({8l2OnGnXBh1!{xIc@(f2xhyB-$qfXcfmuTv
z!FhClyS?kvgLsv;BI4=9C$O$m&O-ojL@F3Lpf-W#r%#uoV~?EIG#D&8IX~Nict-%`
zp^bP}+YO%j<uV<;EgLOX)MA!6->2=Ya`*Ub29HnwupJGzHE<05?Y6w8+>&!BoC-1$
z2VSc&u^(qyJ^WY`YbX7DzE3o6ox(%Dbw*V0k9_J6B>=Z1{K2E(#qDyv#E_{|7N7+f
zb~M(xg0{)pvfe6Pkv=e=OY8QBJ~y2^oOHpv2K1fsoQq2c?PxiB&@TB0-Ri`%1z`jk
zNj%;4BimR{y)g~XFE}*7zYx=`?|3Vgb|&Aqe@V$x+~)0ldi?n3EmOx;wSsbPS5%qE
z6E`Qh$F>_IJa^;FmF6u+2Z-*1a!+vosRlGZbRpb~v;tKLf5(nNBzB%rUQVIgX|>Un
z{}tJb$TMvOZNr9L<OxcbtamlLL?AdrZpKb^F57&I)(N(mXa#ofwr<jeFb5lV?k%kX
z1|om(;660IacZOZ?^f2l8j?w^zQ~m^&nN4PFi-cG5ycI7C!RE(@*cbAfaL?;0RI4C
zf5bCTj?!7(p06+QrN+h6V`>ld1r<B9*t+8TlhNJ=5~E5NpOUq@;n8dD^Y&=DS3see
zlTJ9A&SW0o!o7CgzY67j+GKO&LF4s-up3ev+hf%rrTzhJT6t6ZLCP*=0inA<n|d$C
zzuNUO3vvyGDqP4sg&V7d+FX~J8y4CY)G^MbCb^UP2!@5iqkdSS<09Q}bPnG0qZ?43
zSoexfd}(eueRccn#DjUK1Usn|T?L$AL#D@vYl=Bu1>^o{3P&yNx6hiq0d6~O<l=to
z7awzsLt3<8Yz`DgvqB$DwHHlG7U9SVQIuqGy<sj-r6g!CQA+$VY7Q888rp-cUST=x
z)37mGiY%(vq@Hyo>liO!(_%=i648u2Q6PUeym{cKUkd{LPAM$<oDF^ZM6T=(u;ir#
z!4bw7qoH;wZU)t--V3tm<xObHr&H%!mi?p$AJ=afFITz~TuHbd_GIs8Wbd(ngVgc!
z8)yC{rl^G?N`NPn`Zu^eLM-X^{;NKPnhYJCs!RAK@&=B2a`^X$4YYnw6+%1bWq2Um
z=i%J21)d{_1T|&B`*W6rYq_dWuZ?=-ZfVeh%>|_X>GKo+Z}~O;mB0GG<$rShkNmNx
zP*CP`4^lj|j<jAM>>&I$(><1G7?4M*wN4nIAD%OiPe%0xX<>)Mp%e@{{p5^RLAvaO
zJm{*Jxz+z&^A{=fu}hF;+LkDnT{)p)=|$#6s>Ma-f*8MM@ns!%uH#1O$BVp=)e?U4
zNx-7aeh;_0q!OyHl?7gi!osl1ryM?@`|eZMmL{`deb)q`Z02W{HJ!;T5}wy`QF*^n
z-V34&vA#lP;!X^3_IMjA;Ev?1v83FSezZT-xp_Gz!{IvD(lc_CfAI75t@#=n&l?WV
zgvk4e<H$cmz#q}&^MFeZ*QZmGgqx-)=`Gd?vIgpO>kdtd-xt5_{}Axiy;rvF7QQE_
zV>S3mbb6lmKxg$p$^9m{;~xgVd0h6~i_ob<^1bCk5u`MN5h){Qb~5aF?21kv2?}*L
zf7=B_LO}bNFAKf4@g4fu9RzU8%lJ+n)ZTt1=Sv9o)_|{<7yx4Lv50%DIlh6XHrC{Z
z!!;9~XU-k*=q7~1d&HV8YEKiQ#|Wz``%SVVTGNxe(vIC6Gtmh=29H^io)UlRue>Gc
zv7My-b=B_nIR~cXgKGU*u(nZd{<Ma4!crMmHL-0{5${F4aegR^F9R9t8nyEFqbAd-
zBmbOpCe8}cIB80A<q?Ct?g?{{1CPJK8c>1P(5;3(ydiqq#TODhji&7r5)|SqcOVEO
z++IYhrt}wT59=@u-_>Y*!(a?+{CZtS;EnotLjtXCyED}h`>M|uZ9M0X=!epdaYOhG
zXYj+P{hgGhhz-Dt^$9gIKBEr(H3<TFU=H=9>j&@G@LQ#N50@C;fQ-_T8U`JvQE|3A
z&^^nA@QkJC-fdsf7@p%|F*~G0XOb%_cUBnofl$gq=+Bc%F0>yaPvJL_A-=pT1FJUV
zN`x+C2V5_NETn9%d{^4<6QGIoNdcTX?nIvB+U6ow6fP%BB6M*-G>9z#Ib(MGK;)|G
zJ;qAGcNtYE^KvF^vYV&nU|)u@skg2f!}a}SM9<4jGd#<lOhp;tIfbuZ?LsFDy}2mQ
z41yoO9QTJI5Aj*hiWupoV?%928X!onA8vV<_bTL+`9;%aXv3M1C{2p332XTVIQ;jL
zRpJZyNgZjAF@W$MWr^5J6AkU+m~L`;yE@UM$L&a9ms@k6-44R7dCF}8e>-d_&BdOg
zCHDq(Nt+c>ZzVv)5+_mFyIjn88`^L$Fn{n}n}PJmGXJG*Bd+^qqi<;E7!Cgtukryj
zA2OG^8^vf^L3ysq9A-O&t)MN2qnR}^C7yhS@x8MCFpQn}VCC`hd=W?FwIfGU=MKkA
zt^z=}mDqkB&N<p@6zCuR=shv`M+@`gRE~@3M3iux<@iw4`_23&pEcY#r=+>f=MrEj
zc+`aR?3GCQCCO_txI{T5lz2nBzNt@%(TnAK)#b|3XA1BKWfQ!=UNL`A7o>TXx}c-H
zGj+Pq>}h)#r<;q;fZB^961Q7trp<ydb6=s*Msymm^g$kq5}Fst?%m=!9II^$V!yG7
zF^uQ=#~vaaP&lV`PsH>R$XO-EqlRp}^DIT~Y2J^K<w;lQ6?DVsjzjyCI$+vOSBO5+
zTGYW(l+Zz2R#(J!e1Av9|F>w(Vds!xd4HrU5fqlNpj_@}oEjIZJ|xv9t=)gyyJuvU
z)Q!^l=Fl|TJ*OBy%JPB_EoUaxge0OC1mdqc;am)y+Rn@;`)=(hEN-(T@=`OHSM;rU
z4_L{W-TySf)_+9?EWh><SEo}ys(afY*4sl1cJt>(G7vmn#b>HJ!0-i>Ij0WZ0Km!3
zal2v|gnp<w;K$3P5>7D21Y)an4#Fz8neV8&A0Y`88%$pczbhB&K&w9v3yJ{m5&0B3
z<pb=CV}yV7qZ%VZcT~4y5V<9=Z?&&PAUfmRxw7o(6R>1&d8kMxxC_QGdWDm8KaVb<
z?H~Ec|F`^_|H@zWU-BnH)BQ(&wH7ES3u>my5Gj_>{y7)25*E;&k%S*v@%-w+vS5jS
z*iE>_byu+M9|Vp6-}5?up^*-35wN9p9~d{&GH%i^ppkNeWe78+FYar+$Oq%MOs6~h
zWFz>0e?<Y>c=0`Zm(-iyYvq?Q``fM3j(9b8*p9TKx<~l?UaQVBcBOLshd+$&&M|)E
zcanBN&(LOA?o<UYoG(w>a3K%Zk3iv$X}fBT`l!(<zD8|mh~c#l+Zm%OH#tBuSDg96
z`%s1`ht`W}{+K-UQx~kCVN4N;moBFKe4ZlO(i;ico#p)$rsRyi<VH-q(LSPryOi=F
z#y10W2|A^!)`m%abo*@zzRQPHrDh+#fE1Q7*{6lx#1C1Gejmo~EjYhK+`fhWRpbF&
zV*?I&JO}Z6_(_iqLqc=KGATO0C^v|L9h)7gI@KchvHt2_kTGsElUSs4Uk51nRsp-|
zHY<cS5)V$RWM75Xni1;02fIS8Dr08H21s3>x(QQ9y}`t?A7AWB&f94BKasY3qV3F2
zzJ3He`FeWu%oD7TprM+Vys<2K1m!|Ia$Iv_=ynT|E<Go)SWX7VtMw%2ox(3wN#r72
zol&6gpQ~?eKXNZ%jOw0cc4lfBk)W^Z{L11p#)x?=w4>8!>nzJDeTXuLo#21pH%kZ^
zM+u_s9iHaVC^IqqaoE(V?LyrxBqFUm)l?jMom3r^ZH@xO=`VY4#>3^uzpY6q-p6vI
z-;kD^i@qR~bOk&%sT#r9pKq{?4BHaA4<v4MJRADb#SI0V*R&eEU#sjVYYJSpeM<(<
z<L=@ahl+^j3a|<dTiW-rd-`Iu14X#T&4{<gwhxe81<%mM47ovE<dI?IefWmbe>U2Z
zH*9#kFVu>$_|`UD`5G3(A7c(gwvspDeq>JW7ym(sctfa5i+xy+NO;96!;#3eoK4Z^
zBHGVeza;2?dWbIX(=yL?u@MYbTUPzE<7iAKZM-_Tt$%B(J&GvQPbGo<9y&wV%k}`M
zyo>x^i)o8x`r<hkXQ?Gox$j}!1>#FFF)-{YHR=uTjKVpS^#p}yoL`mdlZ5&C!Je{h
z#~dVgB11TZGmjZ5nCwULjgjv&v)EMEh74P@d;;#^t}lcZT3j+-8JUe~2VR>iLk1cG
zZV0G0ipI9^E;S^TZo{i;%8d$)f($Qx@CsufPqDt?7T%p@C|9h%=0%k`_x#zs@707o
zjwi%l1C)<j=_tTEe_PM+2}UiO>AXGT@5}jr*zgv<jk=LzcI8paW3pX3dZE4rWnBme
zSNuI_7Quj|8)(618z+0AhXv;Dy0-eU-RItu<Uff3+$9(-x<Op`UI6ob*VZ%F_`B^h
zjq82ogH6_%H#)!6gb6Owp+C!4JyGn2<erfkdXUP`*vbu;!v;?X!Y#+0Q4fR>=V93g
zo37t*H1~npGF(+eI&3w!8Z*)2B79r8b?^Yi1ZQy_SR=jQ#0er{jVXiA5eMW_(!NkE
z@BdB3H>xelQR!+OV=H!vU_v5`0&|QB@9k!3lCX@wC5!aak+v7*?x>z0Cq|71y&jJF
zLxdu(R^uMZB~wIC8yxC=h#eKAUIoaO2CnK%pm#nZ7h1sCQm=(QqFzWWELvM!4|062
z`cf>uN_*gg{g^zp8{E}zseB|N4V}H6=Sm{I6r6B-p&tRRwU7vW{cta6CpB5EW;~|M
zutPQ0#~lpk+7BS!zpL}{D^}IMUrzNTIdA9=enmth7tajwU^@FKMYfk49*4<>tM&B-
zTT(qM^}VFLM;8KFNQO^M<W9hlFL4~vAH7S;^8WWquEXWF=5tM4QQJLC_c|{h+IL+i
z1yHgO*5K`DNA$(|5H=LXF0M9QVm*UnFHmU~*>mTe&Y1eN9$iup2&<2U20d=#OhWah
zYN2Y!AbHf~EW-oo5wElp!OAB3k@h?P$WQ&h<=6UG{>uNBAAb2i@~3jYS8qs0sb<Zj
zC>HHguYZ8^C!bvOdhO>f?^RkD=xdKUWQ81juM$@Z)sNsM-MI8*gv|<?RoJz>(evuR
zSymB2V(|~vcqJQM5-Hr1?ZdtJ+{jl?GF&F>4xuukxZ*gl13e=?W(5g6<ISs$+8&(p
zc+&f+y$yrmV)CALJmQUZ*Uf`ng&zoa2D@jU^;~Ywz&(0Xehg+IG6C~>hF<OnJEW6y
zh<*q>=c2;Fyy{iHk2tSXpWmxw@x$l93&U2L%~_>~l$8uaql|r~+ez(S?zt=De4E?g
z&UwM)vF%pgEF~9J>RDB~aGTj+S!yYHfT}I<XIxuD@gw$lgBYD;dwu`d-}vS+f9A?4
zOO6Z*AV?s_N|!_}3=a<)$_vL7!-6))Wv38F3`Yzf!c34AHN(cjO2?IyqQ#=5;EYg!
zq2dIaibf9)m%W^JcF}oNuHSS5-+&(G70Typ4Ypddl?Jo>*N3h!l_0)QMTu&G>o8cI
zM|Ok^xXGEYtSH@G3Ub)_fZV`h<3&UW&yewuYBjwly{?iWVSz|>F;juD2xouyhbex7
zhAW!pkB=|$S^>-7wq>fU>l<%W`g2hdW?weGJB5m%#4`ncP=d0Q*_}PK5qT|e7KUdl
z{LTeXhR7g1NQ*$KBYO8V{h238B&%Y@UWEzd?W36n=1#*}U!)|$<G3(Wk_%!uB8Lwi
z%&y%zA8AQY#?3FdxtoxOQ=<ZrHn8fokrh5L1r1K6<OXh2ki+2=xG`snv4YY`xAuP?
z%!&`~7DCQ|bUQ?o)J#cup$XQT!s2)Go<j+UptcB-rSO)VQyE&1NS`IdC%)&EfF|dI
zzN+d6v>F@6vgyjwf+7D+0{;|O*5Sy$FMnYe*{2}V7k*AqatPhaP*V$@k)34M$)d<<
z^z(2-I53gsrjkGp%m>M_-tQ_qVUplN)r<&TjVTF{J}wTbKkJLfU_|N1%3N@~V7CQQ
zLH+8w5RK*;y5yKq*JXSZC8zDTF51U{mE@o-c##fDWgJdT4n9eELy47v0^GX86_^+6
zi2TGD;V`U@57G4Ss*%X{h7YyTST!zdP%i*GVs<RI;=Z^A#}M!-{R^Tb;1EXI7dZ>w
zVS>dhJ(y!atPT;v5|6`St4QG}23F3yrcF4F<ruUf6SZb@;*=|<h8c3NL|imFM8f9K
z!1MN(@<CAw+>gDO#LDr2Q^j6fU*t75sOq;7iq+|^+-eSg?zq@K2kCVuwj_W05zqGs
zq+tGQ?3LMtP>_6{KX~MdV0>C0_H66myR7{7nG>gNTqz<M$hPA>nH!vIL}^N=Ub8{^
z4atAJ*FxxCs#;K^;ZJh!B2?z5*GTvp*pkceuPh5EP%pl)US&=O)v68W3<S38511!N
zk3cEH3;Sxm>(cn+0E2`;HnBHVCzg00GLj)|=(nXQ<l6-ab-}lcphZ;bSE-(w4NWJw
z@Rt=G(8EYbJIR>%s{N~vm^4lHRlHze3|3KD{8j$<PdlOCt`0N~DX+seT~V8%vdGJg
zx>$yvZ-$=Bw6Vr}9w(~;^+|85dWkCqCqCDcNjYqc9DJkO&-~Vcy$G||61nP$zw<EJ
z6mW80miBU?Z>A1?!E^H7o4{s8cYKYVA?bKw_W12H@ByP`ijUn;o(^`bS2!y=+YEXE
zK1F9CjG7?IKRXiRc2;ty@dTA8zck`t_D`kD$48&=zL9|1JI?oh5H5zRN-M=Ts!BnI
zaAT@RhNrJoa(scg`3^WMrelAEo=uwnYBN8VHbj3=o*(+lFng(>gnq`7np{khT_Mhc
zpZiwX2UK3kcZqF<m`&KUQ}-3K{B~GKOpaA{Y78&$4D}ga4Ziz*KPGROt0u1@w<mS>
z#Yvzks{X8#t%^fZbAKi3M~ryq&ID~sml=z7*W_WeE*dDmrMVajo~il8+`hMuWWMts
z`RV?*{M!G@U-94aqsIM5e)0E;ZD+fh7x64bn-(R>sG2=jNb}tUd}0<^Mk(Q!x;0oj
zXg?gAOK>UgHefF-SgeC588+vGEZQc8sOt+cCwBPEaWB-g&KOHj*D>Vu5G8^)H;Fu<
z6cF(1R=^B&>P*^et8^nz-fn0aLHQ{M#Q-ThEHr!k^jnmQjv?Yd!s<AF*s4qsyAK^-
z0kRgkmIaPiyE(izEbz9XYSJeXWh%#CCUF?-p~t_U(Y2vnH^7XzN;+)V|B^)VebP7E
zr+Dle!3yQv)pDd@Dw5nT7cT__>Msg_=qz?i8)+F=AxbUB1)3#Owa34Wr(JIX%WV^8
zRd{Ax0)8krB`*k?_LxzMU}Pd8gFpY~Nb$Ht9F>Y6y$ZW9HQ(oCR@D*$wH8w12Q`iU
zD4GCU3CVx_(NIpqq+3#OU<p0!AENxAv0!6U_FS8yVXZT2a?TB(iF_CtPe?}8t>@~N
zc#>|z<P+(mL7Gwqzw=OS_W?t7=7o62bYnhN(i7>?X{2RbSJP<+y?7PBf_6DUIo&l&
zp#`smW>IUF!pDZKiy62iK>vdExj_SKs-(ze*Clp@2cH>U6I0hQ<vRg{pgPYLDh0u;
zNMh~$I<XAN$HC1)C)VS3_~whZ_~7Pd<h7(Z&am3S8Jsac8H6qVYV+_r24r>8A2sG?
zyA!`rcs1pl!9{euasUb_AMtuod^gBZTn(PLB4l&5ni+vt+!|@<l%gqMm%}R0<8MeS
z|IRf13-TBUzT(0oUQnFu18<-O`-0X%Uej+pxvmf&%on6S3ub=&qGJlSARjy*R3BvT
z=x|q+`MbvV2P98m&OqiLhY0ZBV)2YX?RYPXa5+JHzMjVcy0gYDSdV&?Y#;y{hYoTJ
z#yzVxUc=ho+asLL#az;aRjzN9A~IBARFh^Be%-m$Rs#=QpE#S~mji`1Dq=*8N{U`|
zf}_(w;HNtHC%6rcq!i4ftx2Dd&Q-Y4gl}3R!d5S0*G>)OI8zI@1w(#+FfBc3wQ*Re
zmL{Z<sD9YM0Vs~ew|h_*z)(%WaX|zP$CgXn*RD_}j$sIY0A`a2J8_I5D^VdYSPNsp
zJ|fI7BxSHf#$$j|Vl{#nvxS+kFt%>b1IK}qQ3_6CV-e^gZR#`h8ODf4Og*ymD#1Ta
zd`DD`4xhD&{Deakv7f1Pe)Ar&29lLA@9f)H*6&vR+44K<0b2}Jt5d5SbK9-Kyr7C*
zHy7s)Tit2?vB{roK^(`e-`zLXxG=0{IC2QqCnRGG9PC-oBaduclJFz(W3R;2#n1@e
zrN2-AK$xJlK)#~$jc9>{*Dp#Wz%P_p=J1MQFT_ziiY*|#J#?TW8t+N${M=eQxU#FY
z#zo>Gp8?Ut@|zi4UnazZ@r3aR=0tT~5l#eVU-bMuCf<vQ`<Rkk^mvGAU`aJq1w{uR
zqLnC8kX#)R{Gx94>}3S!%b5mM0FD;o0+0y57*aB=_)^RzMXfkZUR{XJcoV+gD5=3-
zecd2C;3$s157QNk6B_BS+@&JNb$4sRX-2(GA4(S+BKPmgKrvxMHYUBaoxB&^7nr%(
z$Gw_JD`j_y$c3+&^F$3lnbiYv3`JsA8c~`738v-<fCNRXCxk%Uby#8A3Y=je=3PgL
zkM0b1IZ6%|1j#9o9XC)|uSEYs(Q2goR|9)HamsGDG(8J+3+WDCH2@y%+M!hiKTMyf
z$S5#<GVkLnx{J(Ea5wEFD*O{N>9yvp_+e8#MuCX&LNwfd!FSRfsd#WuT%fX89F{Zs
z(c>C#U{#<&cXo9-4B__Hd(D!l`1t~nwr;h_b__>Sm9o#weB%C0J0bDKl(h1cchKu_
zqXlQ<C7CFh2o!M=))+(fdGizl*uofVA=B?i>4n&gZj5_WewZJa!|<Qu(~ZMspGuB{
zssYB0<0=308~ll7z;cg_SXbC<^wTyG)Iaib{crho{*}M{zvai4_>cT_Cs0sp=okdR
zp>Dc8)nsw>KfSMrc6(x-<SDQE^Y3*l;EOmyrj$b!eLe4CqGb+03=JuGAlS+Ea#8gi
zi1<fN)7*=hsoNi<ipHIwJqSz^u05mPxw>&(SF2Lz3B*h{iH^mJlQh%u!>v7gl_RgA
z@Jb!>4kfFWVSAE1qdn$dERsRCFM@NzCgn<qm}PpvG(+LZy(2D`f!5z#7w%bJp&ngZ
zNs7S1;WX<YJR>M9A+#7EA<J#>+B#Z%M`ai5dr#td68A&RFM_L~i(k(?u{R~G-DGa7
z>KD{b=-026FzHR=bz~6e`dEc;X3ec2-J!(z+^g4c&0bpcTebX4OZSi0!{1=Sg}K}_
zFP!eLfgxTVcY)e)tQPBH;67N@WAg<|v4JJ$r(j^-U>4^Vxec6<W>b`c$^z1=(gx=O
zMVWy=odCjOF2fit^{cTNq6iw*z87lv%3r<sx3pu-+bc{Lo@fG_X!_`{__xt7f#+D$
z!Z*~z1_>;U^*{Z|gJpCSVcXBoXgr8LY0qf5B@e$pI55+VTv-E<?!G2j&Bz|eL>Q7)
zQ#>?=Sm`23EQdJ29dM~OA;>8s_6bpXzz}yY3#?<GHX@!`B+<0UP@ba|OI&$74Hm+5
z>d|?qk`25hGOu7n40a?uOoD&3+7NSRt9-_)4GMGpM#PU`8izPbA(@xHLa9pFY^w_A
z^6^#tC=zXV%TFqQ<2B;b3l(p^+(lxvuA6h%&rqu@@iX-@HtZGR^f(~Jm9xkn&d;n`
zXKFmdt5omZOgzY%rajK07ov-N(p*S8HiS(3HjD(e1zxU8tU_%P_qs#Om7ekZdbIBs
zh0UkHQ<c_HIyoE)%lvCnPkN*mgh{Pnee@#ZA+Q+P-kq4)zDySe{V9_Rx4_-+anRRE
z=3kl2cj7s$ocn{o2Yt$U7&fs)I4^8wf4tB}6axfrxCt5S=*eM_54u8-P>%(!Habbr
zH21YJV8=avKd=99^&x^6ten~g9s28hKwVIdymG5}9d5?QZ=b^xTws%ktl*_mx4WvN
z_BB*naMBRLtHHwIeqCc&^VrjVGX{vUfqW~MDl&Q2w7d?bC4e$_5jk5Kk^1Pb)Mac?
znUMvm_|L+9R|<y`_jp#CktflC!UC;dAZjP84fLy@irh~)1+hGpLObbwVx`|4C&p`E
zNTSya#nx}-DpW9{cL}b!;{T7kw+@P{=^A};4GzKGHTd8JcZc8>+}$m~gS)#s1P$))
z?(Xgm!-2ftbLzh5)P3syeRoaQUcGkj)mHQCJw3ZuJAvmVC?Qzg`e}iA$K)(NKoDzg
z!4|-umQrsDn1*!jVeR+|dLy@%_^J<o)%4nIM00nQ$8ttlX7&!;VNWbW!&Q-Iy?W+$
z4(g$CfFDrn64CdO-jU~B5Y93?+$YY_{!}iEoa~FrWI`pnN<wpQtTfTh8MU1wCmA8K
zYi&YY#iTL*m6gDEMV2mIdPdUM6C(lpf)VOU{J@16CpGH}<fu_xM1b*^mhgZ*Z?z1}
zC4A`X-F@Pxbr^$3NH30H=?fOOmawHZc#a=b`fHs6NyX9&Vw>4uOC>+2$acmB4ocxq
zfehDEj8!NE0*IDD`&QmBex~B%$KUCoQA$ZB_Q5qfn8{56xW^>8jV`ds8=8_UA)%HI
z&#27mmP<bjvfNM;U`=U36Ex*%!P#Rw^Qo-x%GM>F>GW^hVEg`HKYia&J&-e5N8LU>
zi`1aA`n*}e#!Q1J>_kzGGZ{6&k-q6ha`#gucr7K1{!$5+MWtuGSpFE#y!@vT`eFve
zF!{iUYjig`6+g2Tr?J)(|E%t0Ck~2DIinbPr^#eDOJ{@&S_RwGP=Vg4Y;}I-gN1s_
z;;KD~y9#XGi<b%yQm6Ko!wjg~tU$$KqfGe=MD-cEWff9YdxU6?wZSbuvk#}SQs1AY
zbzFT;<R|0c7uW37!~}!NDDB?NXimLPl4wjvTv+Fzw&+O+<4#PvNI%Fsg1~VXccCDz
zskoOlt4)?X)goqZh^t9(Ge5`=_;>Pa{3U<sf0G~c{vYzw{s95mF(y^5i5_1}f{(5w
zw)XQaU67d=D55mTV|y*dx=V9NO2-fkr<?jSbOEd83}P3a3m+47$95sN0RBZEDGt8?
z`$-*KJ;fhyEwHRl$B^EnOYww1kPk8efruaMmF~v#<M-Ko=oyHI-mP}b{LYl5qv9Fy
zh-!7&w~@nKELGUIrq8cXne&(lYdQOVObNnj6k?Yt&`zNWcE>ElN$Rxwbjahv59t8=
zT@S9#bW!470YXZ5l1bsrgu=31`dx_!sx~Cla6c^+dy#?oUCvWe47Y@}Bag5Am{%-U
zFG)PfHoHzy;{tr7)t;gKbJ`T`_TXL^Za5Q9$wBMJjlSy*>cny9D9D5NE4i0fRuQHx
zo`hsg9BCx&_PM(8x{WBDCiw%Cotu+aw16ky2P8t2qwA>qUp`)7SLab)sRepQYW0xZ
z1Ltev>-LCGUWn}o&&g4*8if=4(g#w4x?hV3I}T`m>@%$qQ)$1ydT<_SgkS3f^%Q=g
z4x54#99B6fcsN}pCl-o}l22z#q)~}5%q_1<7fVDbP=WqFy}&l$(h*ttB_M+bw2^M7
zaKog5QB<h!%VSSZ){U8|XvcEm6)wkxEr3Va|Gfo_9@|>#-U#ebsu<0A{rOY{Gne%f
z3ib0;<wM#6OoXmK{XrZNJ`7KAIgBLs0n02Uiu4~X+|Zo(^0Nj1%IGlr1up2cd`I8N
zlVO~*F$x9nNXDzdw4ZlF3GG0f*`hg0PCcql9eu+#`BRT1SmQ#T$%LLx0RWvlmJIa>
z<LM3VhPmTFB_g`}0yAp&5KU<typ^`eR2aP6KEo2Qm3h2)>4p<E#a_ovPw_l<e!0W-
z%Wz$NXHQW-L_R5G(n>jsMqZ^Uh#)KIP{Q2Gi#0#-P{mwM`vCGtrW@?pGw<*-jYPl!
zLy2+gOo3PtWZmy_3MC&LOP7d>8NVr04q$(lZohokDvNcYt7J~|p-zc`%YNYjw&D#(
zt6-&qn0tm!9v`c32r|HODi4%5?PVeN*Gz@_73nWlSRLygn?T^`*=T-Qe~5A{LEh61
zRb8IRuVOs5Tu@ejE(N&TytcRquHSLu`4Sb5_X^tP(k>IY6PWp6?1&ADVDZ1bX_cHx
zM35A~-NP~p>g(5ci#ZYU<_|fKL|YHYaj<VTpstD_R;7)~gJ>N2XLAE*{52G~-}h6#
zfk4Q~o=I*}qPdM-XSUKUR`u`(vjlerYxXnS_;F{Yr07P)0hRV?3=Gp(YPsQbHhTUC
zZU_AaqU{&gDz9g2-UqBCYDWw;5IV#JXbVU2!>cq+BufYimjj?6paF6L>IB3Y(&LAj
z-kU7%a=i<*A8F^WjZd}=e;~As@Ee=}KQue=H`e0LTALf8I}J9lFHl_(!r+9ghu}|@
z1nu-dtEkjgKHq(chZz1Tp~qH5p$2Vv;rn3ri5*<icicC<1HEb=o|oGZ=@t_Dhmd<P
zA3h$qEJUF%ODE?>myUCUpj3y^2G09SNsueErBe5@*{>VK7Z9$9BM>$2P8RE=(t3DU
zNS~pHf5f}rN|s<%z|KM9{v7T2rUyMNxrxq*ae{;hD(1UQPa9O|ThsBlfoco+XRcb(
z73~lH3OE5s<c~u4TkCmRPtX=PWB58SgRj%2E|EH11kxaAor-#HRf;9yc@>CrV8^~l
zeli`DU)|U$PS()g<nR_Nu2YK_-X!fWy0hPW0#71Ps+)@nl6;nvLs@j4Pbv}<AAux`
zXAT734v)Igc+DPfobW&+nvvjYo!w6^9y?D&m8fsbHV?xsyFOJNy2d2#LmXT_Sz#NI
zT-Qj0cakdpA;8$F@Tj;}zW9g2hz5m0pCec9_$SJUh}IaO0dPBs;|>lOnf&(UcaB$G
zw0Y&zw%KR;?7CXN2>F6-u1i^o!Vsl-vpq*!#dP8^SCfRA9`)lB+X#;2A(h?_^7H&V
z`8EHNzvREkk6-!^`F|sWfT)np%H@|1npbEPu$QzR#SLw7$Zptc`4R3Vti(Utamnp9
zIwMGGGI@{LZ}aS*UZq8jIPe`I?OSJDRcY^eh;#dJM3&mWx*6`>-j2>5zxFq@09zQf
z&)aQ1Gp-fgPH=ZPZQ}QN#$DmgTY)X&$vpcqS84aHZEwBCTDsoDA;;r3Uo!Vwx(LTk
zpPG58<sS9YXq)-bZ^YD^e)-UCN3PUys`i|z<b$2oZ~Osp5Wq%Y0!Nxwwl@Bda2P}M
zpU&TJAv(NLovS&&K5F|_Hndy3-R@%mw0(3AuX*;RD)}o{=*Az>+{Qe1IM0*!J+}y}
zN8n~Db~$yOTfORdYHs+48g@9>6ZSoyZ);q~KT8>qPOl|@O;0Ocuv%W^ucme4;miih
z#<eY{65kXTibXNgn@gEB4xjZ;uNhOfaOrIP8sRY5C_L1-rA5qMCu3zl>bEE0u^Q(o
z|AGvNx>FW-pB37{6&8K!ezY8gyK4#d0!+mgC_>@q(NV755%=BE@J+=j=LwK4R_pKB
z4F_4B!!Pi1PPS=^SD(9?r=aze{5YMKz+(yXD$IvlzMkeVPSVahStJ<#R5NeyhhJ)F
z3Kq`@ZKbQaJf&+p!WeX77tYHcX3$4S7YUId20m=?bN902>ipFU;?>F@$QJ?xw&pQO
z5(r7e@+TyPA8b<G*uuL%+{ai^Ek?xPQz_)dzt#+oC|&J1gQ|3h)>Vbmh#iR>Ef-a?
zmr`3k*Y=5qlm~d?9O~YlPF3G7e{X|f+2v4|O-QfPqMR3{%{w_JctGg1!Sb$?l!ryn
zl`KL<FC8jkM(;;Bv2@RN&UQwJb%Jrq^30aamNgVi7fPr0DKaUd#DK{UR6Gon*PsfA
zOA(G050Hjc>WV1Nqm~Gep;ihBNn-A6+h^I8=A<znO1*N7E!Lxv_myClc+fr@QXWxe
zQ#t(X(9oC~lIk(SdjoK&Y)nKQ_1fcWnq9FuYp5Z8bjH0Z&nvb$nm#S4Gn2`e_L$C)
zOpPcYjb|E9-Y+VXV4_wYa|EoOicWUlWL;6r=1rwjjOHmoPS4-uH;;g@{D>JLVhN^6
zAvT6lVeTGbEU^?#LQ(DwV<jyv!8Q_AU}KpJ%Wodl+<TwarAUHxjC5OWkzpI*-otO2
zmu6D3^p<6rKH$5qa7#2#z8~>$Y<F94kwZ#C8i7_`_B7?o<Ju#=M&UKxOLkM9r(=Xa
zAin<f=zo;lYs@qYkQzZX*W&|ZDhbuh(B%h>GS`F=Fwu@mn)^R`qhGHs><wwSkL*c8
zu`%IV*0ZwVS~-)a%CI*R05mO~*;tk>zp(+9t-kT<J1>;EPn}d-<OM7m%nv9TS89{e
zkAgb<$mp~A-oU&+>Sk`mkP<r6r^TLli0#m;Mf{k4-s$Z1sXjSweNYZO9b*48j{jR2
zSC83YZO(i;dLb@CzmJfNi;kn>Ap+&9MB(HZ**-qbww5Eq6vuvvL;RY(w~Ke-W%b|$
z1jaZ0lp+!uL7P(C83a}d3<Z$`e5abGWQx+|87o$icoieF5=liF(-cXSR<rn{+@}fi
zXRaJVuW}s)aMN&{oWKbUHfe-hC-W8@IqV~=TlR9*ni=b*j>i*V?5N5gIFUxg`Ft(w
z0R;TsY1fo)>yqb;?ZBm=CGL1Zd?Ebwq3nIZaZVLMZ9(m{l5Cx99oahhb9tNnGx<z;
z!b10hpbOjmj6eO`OI-Wgfo>6K;po9Uc{(9H_{kM~WAntis!p8i9iF5r2?`W}1|#Kr
z-^OgLSsLs>9hw`{Z5Z=q%ot3EQmVBER`ky{TpbD<W8qVqN3^wilvyzzMU{G$H**S7
ziu(Y`M+IDzNjL>i>z3vzDOw{l%ykc+uYb7x2u<ZGKztjWVRPb~WMxEn_%_{FyNP-=
zUi`>DJ?OX<Q&4j_(vWIhfSbttB?<F`{9oV6-}LUW?IZkO9^1;GwEvQS;lIgGs{5Dx
zSRk)MvmhXUYTYJV28^U_rc;Mg_zI8`S-vDEJ|MD8eA>C%Q@N&DH`4)BIzY0leA;i8
zZj#t1yDo5xrA?VMW>sb09^t64>`T4W>Xl|iYb;4Nq_AUSS(M&u9#v+EFHJo(=2|x}
zPQupe9${s9)L|JO*-A04PaeHb<}^l}XLcCXYFi%xTt9-=OwjEt8Aq%4IE@tUDS1zL
z8uM*8?ZIC|@*B3X>e}<xtkCU08ON*lB8<%MSy-F4F|A*88>g%HM<(4G^8%RHQ*0g;
zuG1eQa8pN(S@@0XQ_5F*JZ;+c3-+L|!6{SIjVbx9ol{p=MqW(4clL}k7yIRsGDpW>
z@;EKV?BN|cwKfVz$Q^!Zrbx#Q%B7a>saj*SB*v)nsZ`A;)E(m4YjBsBH|0)8<K4sG
z!z*s4*&^CWmnUgB-@bS_8>BYAEr!2Ep7*__d%+I0*<YCtAEK_^XW~7}MZBikkH9+B
zRqn%ckSk+U?AK>~SN1!a=#G=7KYb3UxV!b>e|9HI@0&DCk#I0$qR(Zkjjo^8;Sw%9
zi19L#lU?}Lb4MO=ijj)*j2h8u@VuGy`I$Mw>$~pneq~yO4kk8dqIWg)hnnU?UDLld
zXAKik{JU~{f!moX!t8gq?Fkxp7r}IyHrKn_X5(E=_O7<sTA*~U<-PmuY+x%Ljvs1p
zzF@~u(AySZkhuWNvpm!rUi;lmKmA=y{q7Nygc+3d9D|!Fcw||?kODH=jWT#-hlp9p
zH&_~hgqc2gpjklJ7y`xZOYp!55y?3;$|F(mzzGovArwk7n($685y`c0@CXt~^}D+3
zT@8(bZPUL_>&!*M43Coh{6*AI0Xe!?K$s7Kq?#;vz(hc}4Thwebs+wW-vAvvNexf%
zNC*)#t=~Wy9Lbdma&)C%a2YJgl?-xpoq+HhB#Jtru%Qrgw2fb|<tLIWZRBV<<mmBe
z>Qa>GFdrt8)OR&3Ni|#WKs^!3`g`Gsg9jprNVxriPvA(Zxq}BH1%&UQP!=(FhJZxO
z{E*R{$ijR3M9k2B123q;JGRKtqyoYbP$-<Ag?C($qh*2zoP`aMn0F`Iv7%!Igk>R7
zIPrydq>-a*1cb++Q5unjcfKP>O9==wyhq**m?KB)`UPvjlU!*cN3Z(@8$zQD!jhmO
z*pttHxQ&ed<?u4lL(R`@hbO!TL1K@HGAJxuO{TQ-#wyuv2PlV(cd9RSX++`gOMl=z
z8ya``ayIJqK<*t7bPXfB4{#-GH(PJU+v@i8kGx{y8>4(6%iNmw3>?4W<QvC)Akp0#
zP8(FcQi*-b-LZ72UxX?cZg6-+@%Bdt?Dh4m{N#=qPH%({Xr#Q)!;;-q4%uaW_wWqy
zWUqVmhyT7125DoSicoHoS~)oJ(l}&Xl}%S=#YjAhqv6jp05I7)OTW3cm*8mQBGs60
zWLPhzYU{F^o#XQdU<Z8$ogW-fuFh3Obq5`K<wI2yy@PHcW8FgA4*9K*UPx!cx<zw=
zerxUEvy+WI+D^lHS+7q+X%X433w%?+N))bh9qx8tlU>EW=!$2B-E}jhR^$5a(r<)X
z?I^CH*70%?l!kiE)G+!|Q4u%x@y*8<rpjHXw9aEUaGzn^NA9(r)Hk{<`-U+74WzPu
zq+O3up2+=0*Dr?6kxK(!2Fu(%g>RYnNM*A;noVJe*Kj(6r4O_^qq^5Pz`gN3tTmHs
z%VRIZ@n}kBx3*g#)AH)#oo&r6!#46c1{F}Q6*$O&Tq7hflDDQi!Y~tSS#>M8I*aNa
z9yoE#8W%Wei=#h(i_41ortQcYp8eZ7zFlP73`{1k!3?$4VEzR?MRMAdt5u5SfVUaE
zMec*-1@9zhe~0)-_>b4k|M2|7_a+DxXw3)7ccI=%{^^6}psgJo9~4iGS>%>Se&2xM
zeNFC%mHU6UQv25m<o{(QmTLRm3ULegf2>Gv|EnKRoxh_>;eU@RRNMdjo^YIauK_5C
zEl^2D@awzyalpPS{y8ZBM|gYR5%NR(F?4~v`wsm-4<-=XchyG<jK7y;{wD$K`}ytt
z_@C(iKGht6r^paa;XMtUL0_Bl(PstRFnI}vo}67!(`Sz#I6V0#OeH#3s>#xtl9%UH
znzDIWxkT8Q(wFCc(vZVF&}@$M6iYQ_vC1y54R32`9zv@1bDm;YlJPhYYwkbEeZ4`$
z&&oU`dj0N_*6rvYF~!6sOL>sD>LWXi%_X&ez@wcN>I`U-PIe5an5uLP_s*qzO0T94
z%89c;TT+lwsdm?5QyQH`JCc|c<b8J&Qm8^Zt5K&gUSy)8IV)SIimxm-E5TdHRmxCO
z>aLStWL?tiE^sUVr3BkN@=4)T<$1>YHkK>P`y2G^m!l}IvWTMGqa>~h*`nB^IIi+B
z+cd7yvEPMbrSL~NO?eEZ(oQ1UD(xi}M}YWzZ`DN_F%gxDRo@*m59353JmXO&ykQy6
zWWs&pl@QJAnw5m+%TOMF-TiEyu=On$R~nzL&<7=*E~!VUwJuFJT%YmfN9eUqZa2*H
zJ>D16^Ifl&OrI_A7Z$=D-4&13lq(<2Rs1tqm&E4f)otLxnbUpa^J?Y__}TcGz&+-D
zl*a<^7J*Y_WB=;=`;zx@9!tF28BXJk`>XJ0BKI*Ki=&Q}e^gg>S1rzLtP`G_Q&0E)
zC;$L)UzFwN=bUc*nku}-=cjL-z*pt@%LpgKZ*rS{drJc*Wt^(LwE)wjw`flitAhOb
znn#6Bw5u8olj8>_PMWK-4Gli{r|S-Pm7!-Pne)_5sb>|s6TCN}O@(LqN=`QE1<wa<
zPvooPz}xxC15o!Yf;`<>zgr9UU~g@t+3p)#Uctg+z>WB80YSdlF_U{4LE-w;_ALaj
zLVG#oq05aSuZZ02^o`?dMMn1eG|TO?dqPIx{xPI`Hc-tc2lKG^NvT!Xr+`24?X{$R
zX86YbeeP+d^hVXa4yaK%xqeXRo<25ld<*qjzE;#eoqA*3Dq=Icd~@&K3=}w@;J#&O
z)jXf%KWcT)T&wh%g1#Al$^wcIP6gefcqtQ3_us;LDP~R;-eP-w%bec7h4fO;otnR~
z;gWi*sBwyjI9kC9vAcnGuLsJHPZAzBK2?v+sNSf&T4=5RN!)tsZN;1CKa2kZY6rdz
z)!T{#;5e)MLu^;sk8rDV_vBIO3f}T_jp$s(rs_Tg(1Uw~a2@DD+TwVQV3T)W02snO
z4Zo!DP--b&W3_3zuK;v=jHe#9o{wJfT^M^1x;wN)wluEs*!*mmcwTt!(cGcG<GW38
z&2-asD{ZZ8Wm^NRY1pJEZd%>6U9)>=wv?~2pL^Ie-}^OmFCU&>-MO~A2DRp{*`4RP
zEODP}-!OP2uVI{*+?TqHK93GxdEZyJ7A4|l2cs#VMEr@CC&S~!<3#1e;rz@=z=^_%
z&3UVP>IJQaF41hQGJeB&;|Sm+jS<cn0YSwO@eP5ap)wwXBOxN8_@ozs#Yjx^T{bB|
z1%=V~`wE+0*B@hLM*SbxPQOB$&sJOCIG@jX?;p$iOODQx3)-Jb*6v?R+?y6DPn7Pk
zHGBC?bgRBBn%4(<^|l$WSJ^DOSkgadymojS^8a?S<PG8&QAi6$b6}<1jN_m#9AQce
zGvJKa=ERVVSK6N8M0nrVe5;ldUp8@i`-T&IEXtw_+fIhlV9cLocZ9>C0^6jMe!sdA
zV@1*$BeA=D&%TjuMZ+4uA!E72imY_pP&8pAOg8JA!jCM&Hix<a!iU$KBKV7EBLzYQ
zU1ee%BAnm~6vS3yNp$j@)DBm(BE{OTwIHh)^ceIa_b@f<lr6Wko8{2{4Fsrb?qo|J
z<A?melVA5Q`3wG={0xczkiYnS6rvmwi-Z;8!D#-q%0zNqfId3$DPg*#mgZYjvI6v=
z)nMgAc8t~_tZKCS6pk@YO<GQplQc?xcO26>6*RLdj;yi7JovIIsgXQ%LB}I#){p8R
zpopMc-I-A`0_eJ;=9&^RYPkv`O9S%GVD(>yC5bDe;sv~Az5#D*60^Vg=4FvPMx#)H
z9FLcZRm17GpWy5i8Ul#;=}Y}z%1)9mWOSrBNGs{nqUTY@#K&%brQHtWgfm;>Z(|S0
zT~wb(6h)Di>;x~lh&c|T@Y)M!;$=rMyUHN8Ipq5{kh{qf1n0a^@ss6nDdI;b!R3LW
zjM5o?CV`C|-ytR6gS-YC6Pv^>zV<=u_a3i$^SM5557LK3d@XHxbg?gJQp{7Vozlzy
z-SHL7;R(#dnZj}oA<2wkb5N%v8jRa}udk?mAf(u*E2!P1+o;2D9jl6|`K7%tP<Ij0
z)sFhY#o*fw*e$VX<oJ-#1irR_+YI|b1X324yWf_Y1ZzKyJl=Ws{GERWm;6DZ?w?qk
zCtjQCk}{mqG4raFvd^WXM^#N_1f}CRRe_dhbHP?aI5iYy)E0dyHKS_q^_&)i8o%fG
z4VS6;_cV2qO<Wgszps|J?`!J>sP4{s_qS0R=2tU!b?)*TZVq>JV^mvI<5mxS@f@+Z
z=JJotd?lv!dE)(Y-PA%*`96zz?XoiB{RF6T04b>Y>|gz~fNHi?!GV<=9j_?G10qI@
z%L9WX7{LM6PejQBfh0n22S(thWk;jq?`iv4=O@%g>jNEJVN8)BYlLKWU-qvV2pR;L
zLJEcH2|9BqHt5k@<|0T_6!mK@QThUqQ;D#4#h#FvNt);aakO$wv(U0hsOa(m0(^98
zVZNdyM&K9!%P%npr!gF=o}YOOW=+}3q}sFB^?0A~UlEU|&kyexzJiSgAds_=IoP5}
z1R4^v$J52o^^TIO$6zdoR!df6FH6-+-svF?@(tRZkW$B|b@P%Xk|kb%NCfQQ5KuJ|
z7x!#tA@FTdN${HbIg*=@BWY#LXcQyxy*r@S*hVcbpCKTOrpbfz6g;AH>dRLI6yq|W
z&5d73m}#16dP*+IE+HmLz2<p8)Yj(KlJb$B(w&BlOZw$^KBTb<<M@tCJ&QkYz)$_0
zf_bT76~*zZq!L<)q)oD=0Mj+fN$PyyLK`OA)|7^e_00qsXXuyvX%c#2v9aj#M^<$3
zNl~&ISk0u2)g00)B(t$+t3DGwe&6twHAU>3*3<SuAn!BIY3BgG1Ws)bq$v(1M;l^H
z)c#KzH8Dy3(klH@<a+C`sAtu`JJ}~JG&Vkeb*Wgu7+WN0fVMyM=O$*-2}z7;wv<%B
zDwo5Z2y{eS3bvNSou;Uzwh~R99yNt;;<S>`oSdsgu##Gyq&M}@cz^hUUP5^b^XbIA
zB=^MD?ZkMXX$!2}#(kiu=xMmH@`PURy}$5!q4oYjxFz<$<n5aoBJ%zBLHI%WL3+`*
z8=V`08-*JQWy+Gb^Aj{b>hB>Vtigko7&8Or2@GT?%>HD72^NS6OC+0ZtRCWurYbHI
zzsiZ22GC+YJre2m<j6+3qJv35-imsCB}Dv@7ePX7mem=>I%yjhRy$$J3U!zT8+D`S
zs3=ZYs;6QIVxUaO)+xFGgB|UGlhWmS8WN`8awkAxs4^cHrp$sDv>nCSIGl}5@KY%Y
zk|3zRGb!Vz2@x$1{J7|xD?vt(r9OlSF*jDHhXTA-m{b%mUxXYHBt!r1K=cTJGdg--
znzfEU*$L;Xak}83R+4vaBO|vxARc-aNuvxlKMOqzFP++C6YxC_3GcG-MS#<}u*uK<
zQ??*7!V@K&#Mj49pt~ID$-nYOER6|bn2wVX#N!uxEJcn+$oH71jA@dN#S@DS&wLAH
z<HN-$I!I!p8#|B(;IO{4Rij+sErMt03c`K8#4RHKAiwgzlV9&I`Sbsq{H#*{kpGAQ
z1cb<q+#ZUqJyZ*1{G3!Z_%{I&pyNht0N?f%_6o$(2deF<oc?_iE&O7&s@?-`%@ryD
z2Z<V4PLrTCDaGf>9unAt7C!M`3*?X(fKSwD%~;<t#ZD9{oz0ltMi8q^F>8>pk#WO+
zg%^x~@1a!dWiXC+GIUOT?oovNJ(H|<1jq9Samyb8*{YWK+cRqEGB|&$K>Ck#J^}wL
zw_BBmcmuNE13Fa-u2Tf|HdT{tn=A>8?)#g)y7vmMENh^eDZ2d7q#Mvy6Cu9Nr1ZoT
zZTS)&;^H1u(RWcXck)oH%Y;mMDuzAFbY{2_hod*5Ji>e1(Qv}L@E!ZfBld<cObdL5
zW9W<`1K1?L_XlF#23v#_vWN?^v$H<$Wiw?V*5^2G09#E_Y`q{g1Uz-VdIHfHAFOIK
zU4bB%F9KVSf?JP5J=Y>V*S#Gl;|j1<&r*(9SU@x`Fi!>nldszcIZ{~`(i1Wh%yS2-
z^5o3QkVk?Dtq>9OK`<au$Rv6CFt8|O=9DAMS=L>v>{R0H3AZ998{9G%)$K2wSGB|K
zhts;x;Bb^W@v(gCbqYRFKF3H@SZ>~{V#NH_&Xte14(O;%iz6BjslC$FH<ud8jP`n8
zeqHhF{(^0Ua_d&{Zv5u*wZ;c@bu(210v@GPP`XN9xJq8SDvCmlide1aU6!npPu3$A
zs*)G2iXvAVK%-NB*S{;%^|GNl1!a5#-fwh*`3%=?#rNrRl`{0C_spH#yf4*=p3@&m
zCChO9DsJnbS38$KO}2QUXm)T1g^oP<<Gsljsty<KEg0urkPpawA#z&|6YTTZ_yk)t
zFL3S9U@`J^`Lc(KqH&x?2v#Ry<(=+QrtsW~cc4(8hky&=ao|<l)X?9N6a%-u<$dZd
zm%xtTmB9YF9L0><KyHM7M`FZ!M{M-zj?@URs!5(=<Ex_aB$pudn%Hp+bLJeHB+yTp
zBCa+t4nuNKgIa7zkXmj?ND)KPJEkP2TDC-V$i28p-q&}E$Osoh8YoLw55}qpS}xF;
zK)>Vl)ehzfk`cDdKLduHh6t$_F)B!3Y@nOT6uYXNd?$JV`-<uW%#GEWa>d8Dm6*`i
zi#QT|RPd(?K9O7xJ~3h7E3sTxI`MdyHqm$=Xw;WNHWbJ^bAb#w_?j<-c^g<&=<aL_
z)PXJXa4FE1aWF2*67fWpvG31Ai8Q2emf(;SR(@rAmbc(zk>C|_BC(T}alfi3HEJ<V
z1)wJtlq0+a<|lb?&@b}!Wl-E>7;c;#4y5c)!ZZbJj(&jKGS-SxsbK^Gge;5%;H`*_
zd|Kk;z%SSp5qsS7KJ_k3U?Uzd#G$xSQg>f4D2i^a=7n{6h-1@Rk;LicM$7xg%SfnG
zu~F<27sFEXOT0%Y*+`9AXSAp~w~X^F{Zvuk%1JVYi8C~1coL;}8Ui0I=`R<#wt8=S
z9B_m8*-^)>P+y2=$>=LYG_+D{{~(&#X-{pr=k?x7gyKeh29VK5M5{qYa}SF^&>~|W
zs);-#2Vbymg4pY}liL$<{TK<<x0;%F6epa-0M^@nF1xQ|S38gZy93LhqwosY>7v2^
z2I()T2ERok9TiOSKyp#Skn+=G19=7azKi!#uK<%#FLT^sdIrXvhb{emGhkFJ)YC2g
ztIP+kHUfEP$eI}S-W|r$WG!Qan$O4${+uIt`Vq|iN!uf^1#v#ZN-e>d*Q{SQ<6Wth
zhFeVd7zvZ*r16!$fG@<3CelaI#~BTM9{fC<Fpw~mFnBk3WdvEBY4~geZ3t}?P%Ttl
zT76udTCG{lUF}h=YlLJJX(VT)QjJ+{{_R(M^$=b6kXpj7T84_gm73;UgjMHKjs3Sy
zuBwPKwB;BlV{J9nxo{^F-i2?L7IU#y-StMT3(jSL<L;*`y75b%$}x+Jlo#%{1fOx-
zi@=sDMDq{wtNuIr_5YGT@4v~<`SuU_p;19V1W4qBb7XLoRVg=W)o2jogqVfn>DUl+
zBqLS;!?9S30m6YLhCo%BTBTaFVySv5XCefNHZnppi8aYJUt@n)*h830RMXPb5idh>
zVVSJF0zYrtL@V&!4FnV)$fHjRZ)`IG2SFe?gkZnC4<v7d06BzBXs^h^H$se)NW8(`
z2NE|zFq25FhE7>{?lmP@pSyl(V2RCi3G2Ymbdgm#@E={P@;p_#UD#YsV<Iu-v7wmB
z7)?bS<>4cUbElvUp9b%a^;}u^T<PV+3i63%vbrr3&Adi4Hmo3Gvz@)QpZ5B!5c1#S
zbNJyLQU~9lqg+<`Kg3c3m5G7M<UnOopfV+Jh6p%A2Am-Q&QJhnh=DWYz!_5D40QV;
zkzZhG;-qJ8>At`<dzhO3NUV2=IDc<mrea=Z2u|DZ6ixX1+Rl<4S~ySaLkP|RDk9!w
z3SRYJH-?A%;yCR+HWxuqY+0gaN>FjwM&w80ViO8CL|lOcvXNP0R}?MS>tQxynwRV?
z_%`FTu9R!ZF1xFb-&!cw6KwjQFYq5gJ;?}1k@kYFU|$%$A^2kmN98uAAE;j(y(##E
z#y2o8l3%{RyZ!7nxu$)@<4e>XuG|M)r9PH>612yzkDl*dKW09FzYw?i^LG($%Uu|~
zPy<<g68Oj8Ms#<+Tw}bjwZ-`KwQrO@s=lPYy-aQM-+KWgU#EmHSbbQ_JAFXLY_1c}
zEP|qg4anzlR|DuU&ZZvSBgfx1`O+(09y&OS=4O6~vfy`R$o}}MyAOXsd-IvqU1|t}
zZxi7etk_yvt^_a}83Iuz2{D69SyuW=1#4jzj+VCjyz}%-R@TBM+r_nt6nk$IlUWsV
zuMPL&h5GFVhq7uH3H74W1=bSCcMDVi13oYa(0XM;Mcr6&UjfXJ^A`BUfALFJH=UzZ
z&D~3!0|sxNXY|(hkI79Q#$N^qM<Vqc(H?3rY`vi67dv;<>2xzXNO;1HC{ltx3*E$q
zvghyw``qPzcf=#ff<J((%}gr;ysht5yeSeqRPOMnK|b<`bqW4f3-*XgM1}{MH;X+G
zP&4UVfZH;KTkuAi!Q3X7*9{2(1XubGgm!scI&4zcK9Kj&&hGHyRlYxwwfENfv+#d?
zC9Uvt=Ou4}49Mx3*f*5~b0U{?wJ#0xeMsFJ;1*G)4*pH;B#CyU5yw8`<nQ7SQi=0*
zHH!IX6E$Qst`S3v7X-%~+|gVd+l&<zZqc%0y|`;>2>y(weAn`i1f}8Z3>hOKFUUHu
zBU+Ku!B|6XlIVfVIpho#F~8PYzEfHr?P%*rVMk~#Y1eNY_~5r{o1;A)v!vO4lCI_$
zya5?tx5bW3sB6_)V7J|hUyZ3D70Afz<OzJM?9-U3cz3f`DEu2o@q}AfK36~-1vMJT
z^CL=PT#IJ02xn0oOZY<<y|2tk@&u-{U49Da!u7^~k@3^Z5n!Ao`ZHOn#xzNkWQr`!
z3PXVd5xbu8p9}w6gNESy3+mA`09}D3i3&wJ4u(P!0*&1F7iy>QFTEUL#{a*lAFsk<
zD&^>yun_Yp7DGP;4oo9JNyL>GIww6PbW1ABHVJ%Lz>wB2iyDk4uSNKhb7Mw^6wAnt
zO4oPDfc|+OVz7D83ip(0ge}EXJRwda`zv}xU@ip6Bvsr8`8EHY{NMkQKli`M&tLNo
z`DfpK|9^T5Ag7RPl*o<!#g<B24(nL{JN2>%e-8i7aBo&@4SH-h&q8x}y7%bH@yIJ8
zxC{M<5Nyh9$*g1Db%qT|#<%)-2i;2a(9IN740e0kUqwM`1^P$nQ5;;<#uFQc2E#D4
z1_7z5p>~N$!Fm3hu#<y*Yp@c(=+Q;(yT=LVo`B+lifZ=Kf-PObYswr9QxmVwEgph`
z)xYP1cRFDum<DrqMY+;aL$$J_hP8JtDkBm1iBvf_XmHrye$q<z7lfyZxGJe|b-<mN
z6gh@XQj}DYU8+VNfq)OINQoju@sF*t7A|(UIE8Xm4pwSLTbv{>(Yv@=ixzc9U7wPO
zsanZU!?$U?l6jQq_mvDzHb)|0qggu_OO&S4xOR5;iiMu!)Ko)h(sA!wYxbO-8Yyhu
z|G0G2wrn1pvf7@Gh+SGuFS942tq@z7yP28Ib|&TK*QlqQA}uY=7BsJDG@tf+WN&J(
z*TKogUJ8xSnC;1bu5G~0Fj4GB@MbvLZ1(8uA-ON?Oa^t!WDmnm!K>14@cdn!4-1!!
ziL-5=72Bj(nsMvJUlwkhcl;&q_LE!NxWNzSCGpEyK+qKhL&>t8dsjZflf<h=I?sb(
zQ=f91CUd@J!=-pQb$lEQ7ciwZ{HoUJs#eQ%ltL{nfm}|L`F#~=W6wU51np>3`25PO
zk@aiwti+r5TmG8_Ato%J){Xo(o<iea*25-{3ok?Bbt&H2h^60#WZkB&3r*r0-^>+X
zNer`3*V69tH^=#P8163)Y6dwu3dTH5Q>(8=0f#fVA)Mu^#T0!6MM_9B;nYCavF8d6
z!tIX!O@juTIodiqGh-Jj^SY-IV;U5TH7MM<lsN6FlEXH(wPk@rrKYjwXTPmK);4gu
z&io1w8$~a<zXjdgV@19_X)~~A&$XtxO4Sygm!<<Gg-UX`G7bn@Y$68~TfNuvF{i>V
zA*CX$?0&Zb_SX8MU6kx68W-5fG1E-et`yf7nCFP@G=`Vku|m$RZZHz>>>R_-zYhfL
zvozNDv|+9Eo!9C|-u{}OSuLc;`)%GGfcG^(-mR(V+C*7T!&0Gnt*&i7M5$MoF@KOB
z5{mIm8-Ih4=m+?ZpIxBrn%<y(lMn)%WT*%wVo`!Z6%>}@Y)Mg7n|=mc(B$2j3h~!n
zvg8Q)XA03mXj`Q1T3FX&n8p-<M^F8y@JKOHZ0O!kAwe}bF1L42O3DL-yl0AUt8Lb}
z>Gd=fbL<w2c7~Th1+;Pxh#uZ+=bK+@B0n9j@V?A4ABiW@;%}df^5%w&CG8G#?Z{!-
zbvM{LK&{`Zv7{cQL8qxtU+e6hcPFOLUTZf@v>#SaH=oKxJ}l=`D4SxtjW{bgH7l6j
z(kyi&a?i}OomY9=;AJGd>c3S4!yeYX+D}o)B{%0b5jl*i&);en9<XM9wiN<G)p<L$
z)H^L@7mshPu-DqU*A(_T8*4qhC`>L&1vw}+s1lYl0jcG^WP7NW;h=R}OTdAlyiHJt
z8Nbfh-LLD-@_Bhx^Ig&j<jyVCnde%nJRFaWKzG@<@wX`(64P|u#(Zcn_%X`qGrnQZ
z{D3>(HM7~p0i$9?tFad)ffUR&Bac4tfmSYpnJ*%4agIp{&58n`IA46X`fcnM%R)`{
z`}{6ZH4@6u>DugfALUkn76slnlu&&v87o#tn7**p7{J<k&eKTekDV2r(b#galZ+=b
zsr?a!qT$?FImgO=yln?13##*N%EI_|cpCnek}8v~P?$^^z9MrwvpJD&utgePhU+Vp
zT&r)}8T^|3o)&#F4UOfAeFTp9?)p#8HFEKh482t2nL27NxcIguZmAljC2PLk-|JlU
zn~4*;ue4dLsqKtjp)(oM4%o=tw|~BXJEY5g3sqL?Z)vkF)!tobT5f2VYb|aWIF)Uw
z-LT%^n_p3G*45B;i1{GD?!S}Y;4k@e{+s+FCjXHC_5GjQfM)s9sqdr4Er*!VzjMby
z8-}xMJf!DbJWqeKQl^jMb67N30gs#t>$TX{RLSO3zn2ZF6P^Hvj^{ugS0NLarX^9&
zXDk=&jlVbNp%XAtd}b{00PpiJ4m%P=k14w3$N@D0b}GC=+T!inf5j66!D~!i5m<0U
zXWt$48O~?J!+h<$<nK*cu^36K36kPs;BQ@AHA_`LC!XIzOitP}N#Gl!<?^1~s`6VZ
z^HY6Z_O?AU%QK2i>|CADLbF+P^L56pEO%HsyGb2W$uqLnB;mx|ik&*Y9FBZRhaI%Q
zlOtdE@djAlx+=8Uyo$)(hH}dyZj6POkIirJ1@>vkVl#33EO$~PIo*wL-)MN~y1tp1
z$DgTCc$rvba=ZkeuZpmU1~T|mSsDHs#uJnA2)EcYa(hYzOGI3{3;mtyxlqpO_i}~@
z@a%PxxvTaOPwh|nboj@hb5h%ya;Y45Np9Xps&BV3mPd@~w6biKZSiCv{pj~3_iHRX
zeG8XSkXazqfYh|b*dVG>sk<Y#o4^t&c{!-X+TgTKY`skmNthazf6SIBczs{q>B@}t
zxi2?;Yo!CHa}3&Q*VblawnWD-3ghqEjdwkSNDhRX;4;1Cy9D+Pc!_BVO8C%}l$1@&
z%VK1`by!cmLG&c3flHK#zfkU$C@IK=BZ9>Vtk3Zw@XH}jVq6}sC<TIQW15Gx+bxHS
zi|Y|6@i^^wB4x4SXAYzX+p)hwSS<yTK_F<D@eIOVw;ws0*PRZ=*TSl-9PC8@lv+BT
zBPvh2obTG-^~R~?dd|q7eI`guoOPnd$!d8nyd9siNWdY#@qT;SwYu9^SCq5D-@fkk
z@LHCl7Zi%)HfoDXI6p^y+meNL8cwK@j-i1*TPDc0&QQM{ka%2rc<_gmzK@+t=eBmP
zN`JC-a`OrGgVtO<YPN{6^pWcB7;HN|Ml!58E3Y-X3|9ysMw_#Op{iU<NZ)nZSLSyZ
zKSoPif^Ol|<Z|wf^)gySNfB6XFyd|3a%4BTO%S2%Uy!b$=To?3l69;ba9SR|e!X#2
z4q4Ag`=g^$;$x7p`2K1xw+G)^wlP!4m*1~ur%`Cw<seqyK$fH*ecADqGEr)?-#BYw
zBd~GUcsMOhzZ=xrB{Wl~?S>@K;|I4WM9DxmR#D4ozBOoRI=I!03!9;z<Hx=~!3-`?
z4$LnAs5-QX@9pX=4v%)e@2`%H-ws2I;E4L@3Ck-hN=ggQWP;6Xzd8z=^&Yeg@?{)5
z6MD_L<-6r;hD2YHL%-?dGAt;UDW%-M2pl5?d@i=&TOkCjZCZ*Pt6MY7o>#bXn7vgK
zz4}d0cPho)uvlX_wy7}Y_eEz*+A9S%oUFVV0j=KbWZ;;^v`YagIkRIn3(2sfLNnuX
za5o&!z`a!U@ujS0Oq;;jqmjc}_VU@|r20skaVkZ)l}w&H6p!}TZF;*eUl1i@+ot(A
zWw$#nxQEi$gM3^Qwi9-B?uE-)N2prnF(_Q8L?UI=&u*w{k!CZSf84b#y-9Ex)C+S4
zeG?wlz|z|>ifPtcqtqo__fO#V(ys5d3@LHCS}S%~=svAKIx&AWbMb3tzg5d#n8V6y
z1D$%v!=zujsco7)Io$wz`8|DlX>#uF9mETZ1inP~IA|tSSd0x_Luhk*amD9-)*iq+
z*o{Wo1r)2=A5M<(@z0uC&%Qtcp)r<jVlMRp?y0w9(}#?4hfAbRtV|6z?U}?vzQkC8
z`$4JA^3lTHt#h1}_i-j0TO}S9Yfu5t@+cD8a4lEytjP=;Z;F|ZGf?PKrj3Q1^Nw-%
z6=lx7&N8Hi|B!Z1(OKjGsLpPVGZmIwpHIEzK96al<gU2&Jzi6%r~g@4F6P6ve3FIB
z*s!RWKRJ+YHyAxTk_r1g<(cd75>RZFvJR4}T6Y{7dBZAIq)o_aWNrOHeuIA}zu{l<
zXa6_(rEvctfAPBqXpV-#G1Ki=w+yr+myy>$JBPz^Tc?HG8Hcegw_f3*O5hDF7I#`)
z59V?zhxJDpqJ$c)bghP`4pmgmqkl|Sr<=n_lVYtj#W)Z0&uC1wzfTf(DBGyNSh@`k
zKdytvnU`6r>oJ+vi=3v|OzRjx?E*g+0FyULLDP3+Wf{P@8awy+kv(4#Io>|mR5bVa
zEa)ta`6O8%CL?AD^qx1Eo;5geWDzX1I!>|3^@l`+KqfrziLIG0Ib8v})5qkp)_Do-
zOy_=uV_ttp%@t#d^#1eZ?J+J>R@Dla*Y<60d1eS`xg3)5-7l_Hh&1R4TDSS~%6PIw
zf|BB!?16NnVH<-E^{E-_pVz~XtvK(y?K?KK^TS2J9Al36ck|Mc&@E%_6;TS>TmF^v
zA!W>E6r&ddQo!y^ToZ=frGYi??TA{nJr@52mpp)HMt?Uz0+hYr73z7c$&6pU?zm#9
z^~qtYB!zz7)kX653LU88K4iPU9on~(5G0u~#a+O)*FJp0y=Y-yNu7MjowDRiB{y)_
zhVg9c+q*)Xc}an<DHxjc=IRfuglShMA3{LO(ohR7mM6V=A?7&pdiA9sHx9=__ZQ8w
z-3f1LLmKtQoPPz$Vs0*?Ml5vZ&0=?PN<!T;p?n&1<Ky{L70zs>syjh%8nVgK@c3xq
zK4d+%wy$ps?4Cm~dgN|S#v&6p=tDx;O?l!CU1njOt?fA9A7pb-Mx-8fWN>2!Dtz}@
zSAl1U%WPz7cyNxsJ)9{tazn%{e08MRD!O*lj?IZnB~Wih2&`mH_BI+PxZPN+tVR-h
zG*Q<u3>s6u<j6*0E9w4OvrN$leFk&xqy#*O){JdtDXDDApEXY!iAcjDM)^`PmeX?D
z|0J`nE2knn`?TIdBdPNzHNs?ARjc8X)aivHrRHc)JabyTioNA;q0ZO(em@ON>lC|d
z{o3I))q>EPVVAH^XM67su1yjbaYdS3xqr-jhBI(ms`X){d1m<b!rq@A>#S1oIJ=&p
zmQ9v3xccs))YP`1TD+4z<6BVaV?DXj#Z{kJ-H!2k8`Zb3gdVAzm2q=s!1tY6$||^x
z(Y>larM0UPEFRF7<rMO8^t<PfANhWlhmaJ6H8keKAtyCJ4-?H5UciBP?#^Pz3fHk>
zntVYzWOH-;-j$VC)zg_9?gMVK<ro$g>P>%89<;(%b5rQTsZ?VscGp$k80prJY!`oQ
z+a5{ivPbXXE#>X<GBPix^Q*6|ZK3kc=_=$`^~0*_^@+&kR!@J9l#QeD0*0K<PW4&Y
z{tl4%<)E6@T{VP{b4<g{tHI8?Z9O)#uhPA~b>aG9n<R7SS_gWacWNee@o-o0#KSp@
zl-ojZ?SyU3L6RS8M$A&vcBeMSEppRC@OnRVJ;9FJ4PSIuK^;wQZ`8%Uo&#t>mdcVy
zgS+IYwf2xf9|<grZYoVb%rP?Qhaf8`8?50pe$pGc7=CqN{>G04t1Qo6Ld|#1^7^Tp
zg{{vxZ!Oi**<$nx1oQH8Y%-OwqPeLeaq$oK)wK+pYN3+M?qOUffKUSc5FNfb@9mD^
zNmKNRp+nyMAcymHw<+8s=VX}%Ik5fl7N%Stw8Tke0RM+6{tBMv-J`Zx-qGmeke9y0
zQv()N=2_{R`*V5WxwoIXAZD?aeUGlWs=B;!Ra=)oUngI9hPlpq1lRFvPL*Sw-Ov^{
zw9S{a(zUyY0H?F3$C@tV<GBRQ^OF+()76E?NWX|WFV~I=pFZqN$mmO6q13wA^dw1{
zn-XSi_PeC+qzV<g>GM{XIX5rQIo}J4PWAScd3jwgGm*9BCuA3eXEDrD_gP^NcZ4HW
zqBnW{Ui4-UV#xgK27jbbs~Q0z_lGi>$Kcdq;|PLy4zpC<xy{vBV~ARphGcZZt*YN=
zm%rEtsg>>4_VTiTkbZJuJ~^hmALKXrck&zkC4bg`lV5)PAM%T;zmvc8u_uK$1|P|r
zLB2+&9a*)u)qbHOD7Fi5)=hm?>baby?RA*a;E_gpNQ73d?)S2#Vi0sUcR<h{B=iQU
zxgV8?0B2-v=-_B?q;K_CwE1q10LRS4O2kO?SJWh8(IjGKX4fVnVrJDOVrOFekT^7n
zSUEV}B^J(i9ShUD#L1{h#Ky|<E-^8_i>w@g50QyolZb<p@m*wQ`?v|f`5^+B-qSL(
z5wS9Vq-W+}{u})(zNcs9{IJZ-`7W|Beq_hO@}UKM<if)GF23LTSA5T#ndQSa3;Vl4
zW|j}zEbQ;4WM%uCfF1C^69C?80pR5P=T?rt1^6f-3+MZl|1tPCN7fH3tRGci;rz&v
zmFYud`7p@J@^0`yX<1o6YQx4%1o+z^tZW~-var0XK5E3l`d%ZJzm3Mh#`azac8>S@
zGk;uR`zSQqN1-{`-xIMiaeRc2DCfHg7Dkr;34r(W-xg$K{K%9M@Da3$w2A(oy~OrU
zFY)kv5jC@PG_wC9YN_vNBy410V`%h6+Q{0((e$Gw`S=jv{^?}bG_UAU^8iNVfP1$P
zIvY&PHxEtZ&Lud8Cm}1sud$O*=AW1tJfA7he(y5i1aCTwVF$7Z%<`}+V&SwLCfDg5
z5RuJSjg%UH^}q@sQxI&_Gp2m0E><F|+H=<YBpr@t9J9~r+R)p35S}5)cW*1?t2!zG
z&p9=1GOJ;&n%|}mW@aiL;%kp(nY%CB>WDT0VznQ*+{C!N=<ba{m<onND&~#F?x3dJ
z|JB7F;(a+gI&0-AHH^5o%DVPzM;ll8QBO%XBcej<8^5yHG?kz_`gUwz^V0m6d70dy
z;p#30MR%I$DQG!1MQ4E_K{=h|Uh#(FLi9uX^TV@sf!LG5!I-joxf7^I?xNxD@>7`9
za*gFQy9TVP&~M@#bCt%sT4z8Iey{xa|CetD`~Rml2XHd6vHVX5FcC2U7+Ki<k4`vA
zgY{INo$VO+u(=~=iRDeEvteFLOtyr85f8K^^H1_OWCacICySyYW`a*8Q8=E0F%_}v
z_oAhV1!aO!QJ$#}(a1MfL62{W3DL9?Fm7{LPlnb1U3WC@-F}|x;js3$<}kiGro9%{
z0|E`A{}3f$W#+XT7Wkrre^H7EmQ+ba%U}gl;yMjy8;<xDXsdo%7K6F3O$M&kfcZ6v
zHMh3xCAYBs3Go4AT_0$}Vs3GS#A=5NQn3!ZB6B`c<no!n<_!ee^Nb#ZWp8$7*`XcY
zn-=<q2e^lo^{M$Gb(;|vQq)%0laglQUFh8qY&=N3X{9{<iTaFFe_<~YSl+hl3~{K&
zlRFWrEzhyDf!B6UFYRZbnd~4r2%8Id5+433y%ix1&+Y<HT}@}=C)}$>FT;p#=wnYr
z1#oxw83PUUK>|cVYTW8vTTyS2`%@Jcnw2D`OGEvqwI*|X#8Z&3T5hVtR|MD57g%(-
zoljda2^Dvx&XtYWdR5RwRPBY$mFt@Dk(;h(#=E?&r@Z6%M-8AmEQM=eBMn#Kr04B!
zu6Lf@Gd4t$kaQ;xC%%|inG%1p?*~%F=1Y)hG6gi*F1~^uQ+I%`SdX5Ht?_s!KV{8K
z{UKTzU=4&Q0&UFO=!9`Lg_@}Q-X8PIlA;|=O63Z7*KNTN?}Pjn|4x46zvR#SZ}NZh
z`-l8-5+EQ7uGj?I0+1~NgYeAB9m8wjYsWvJTh+uyX}-;ek_2<4tKs<BlV;L^xunh<
zFt{P7Qr8nWTC%Q4UF7<nfT_`@hB!Qc3OvBf0srWDYiyiDZU!w-^Q`mpxlzslDZPe5
zBJ0ST4}wNDAGi;Iv3%YW99$h&4h`5aKQA&N)G?G_8~Tx9_<1jEIs)EKnIHs-{_}ZJ
z{MnAp_rkf1HWtK=em%ap_f}7&^@$d^Yyji`_1`}a0e%~?SnD<cR^50758MJ!0MO@C
zIus?k17c9gtWU;*Y%^V!raweY{dE3lhuyk+eI`MFrZbPI2^N4Kdq((iPkw&9CbVWV
zsR1ck)xplNwEQISyYfEix1C4^kD`8oEw6HCa@Gc-WXc!W7a8`E>$Y`|?M+>1Ypqm%
z`XnN(|Hax_2i38Cd!B?~!QCM^1b2tv?(Q1g-AUl!?(P!Y-8s0s>w)0z4#U0g-QWA&
zH&b`2-b~f1Rjbz@-TU<3=hM5pcdu`MRGYj<Vs2IS$58?Es|4?fPGP&LH^Xd8pRIeJ
z13RE?6U-Ihfj_7It-f_qfzNk+$#g7ZW_I7IC`(68%hBVetRy7?oq2dfQY!QpcW7Y-
zo3kY7w*)FI`J%N(O7W0H$UNYFP(E%dd%<G%Yk?pgsv82+NZHO<E_L$~nN)+SvT=1=
zJp?-KHrf~+vdYfDN>i`NkTlQw^v^_CxhkjV0;ADb=1?UA3)Mn(6LcL<$?`2|_Fomq
zGnP{2GP#z@l4?@s8a44#M*W7}IEEU=V#WJgseMdp57Uu3HM@#dw(6x+)robMHB1KT
zd42g9N)^hM6AVdQ5pgJ978)Q1#IL+Z^JJt6^>xh_M>r#rV;E9#`Ti)yv`M+W1@X%$
z+)K$INqY{*g~?Q85*oAd$$E_y&2bAS7+Q66aY|gAmeudWb_E(zI_A`f!dvkxIw|wh
zOlpDXxTUGQ^B?wNDX`18CfR@ZH%1ch=+11-P{xLDfJxO*MK;5XyqI@YgP`qwFko><
z5=ao#e_$`@>yYe-sO!7<_he4}-b&LLqVttVj!S@hl<F^G*P^v59!~Y<m*OVY@rUg#
zlfLe_jsx(k)3pG8??RO0htr-2%}*;{Y6<0yD1^d@h1pho?^$xGvo-IRaAIPgWo<d0
zCr~S@Pll5xs$tzPvyCsgFKHH((w<yBEZwO|N~p09`7Sh8!18TAvA)8d`?vcY;$GM;
zt$Q@0j1^wRIf{1t@0y(chJcED6Gz<Bi2%dAr7Z`RoTt>Xh!YvBgfdaJWuN15;v332
zU~`843A+ii8hLTA=sFEc^_*aUdL*Ldg)$ApmV<;wLvEi^pXfN85A$)KX}97)y+1Zl
zalRiqOqqp5z|ypF&N+Rc@oj`e=5NIa%aP#FYDNYA4Q`ei6L3k?k!7g?`12;wosJKW
zn%p-W?z^yh1L{J3iM2pIQc}>62!7O<_}7Nem|R$kK2gio`k_$IL4}pU-F`3Ha$A-5
z`Vt%2yt?HMooPGm$YBbFaR>~WThn`#RsS7qleZel2W&+j8ZCQ4`+`n&JVlMt!yxr-
zRXzVNTQEQg>R4*6igdK}D6v{RTXswLFcp^29U)qh^==5E9)tmTISofKBFi4lB{t)7
z+jNV>ey&#g1b4EduUI8bC4pOI(ruohLFKFH&OHdHp^uyqD-rjG&AB;KV~$=Dj`lNl
z#EGmnm>=+B6HPS>jj?0Ct4q}~=EWY5t>A<CD;7&Dia*RFBamhcS8iuJ11K`4Dz_CV
zNHT<`tAB){E&ZhHKWdP+G8%CdP#TbTMCH~-ij)fBPY<h=1;@0_U>m*oobj%8L+@f<
z-Y2csdo7Z$#?X$!4v9IQ<G7f?GHcc6`I%jrB$;zL^rNLB-h~G)4z1^Co(#sSg=x;H
zxl=Lo`Dqfxm~bn$bgBYx59{JGu>ZrjsH$3u^3pP3Wq#vJs&dQhqTlkuN6mOC=S7!Z
z$?`wQZ~M>WH~o|RnSUq0Hv3=XPauB(KA5fPhvJLCXcJ_bwhVUJO#e8!IXAA3ya8?R
z_h0W1<I6}qXXL9`)wt5!&{!mrn2YSK<Tu1|m`$o{$sJ-9gGg-a4HYbFgVz%UEO~95
zTclV`rt7v7D5Y$YgpF>|Kc*!{=g(PcTi~(<^V5{qSCdf5DYCInZ5FKV@PQw%>`!k6
z#||`4t9@wq7fG<9xp(A5NJ!xuN-f6yxir7yR$C<?MN3t^SRhwo)jg7RXsKY7@w>9j
z&=oMh&~G#Sb!pW3y<AnXL9b_)bHI1)!Qr}^B=D7F{q;y(+|)o><)&Q|<L@Q1vxj6i
zlhKmCho67bC-{UH0SxLHfNwMSn7I7Fw;ueYpZD|lNg?;#AY9;r@-6yK2dS3;hwy#+
zIeQHr86N45DL@V;3yF{1OZYzeTn+faH67>T!_GQI+g>ER=&|d7DABs}z%ud~(k=2j
zd7B8it>P&?fE~ILRhQ&Br7G$CD+nE!1x=5tOWY>zzbNGP^PC41HG4uhczFldgPuUi
zBswPNk#P$>CpEwX!B||`1JA^p<Es46u?)Bk0OynjxFBSpDiFgjjo~<QNTdlmZH>`A
zI0yz2nSj)a_<0^b&fo2a9sgWwlpQ_jT__6B3hk<R!wubtYV$6Lw<_5bklK-AhpN&U
zV+RiM073$tmCrPR9za&W22usNwurizOl85LCA1n!Aap0Wwg5UEg|=u@{5ds{3=p=q
z>(wg)5CB>L1Ku_LV4?R=RZ&!t5>XS86Hy?cUjTf9^dKHV#GDm;-VfD)NfC8vjwCyT
zoVZB=bzyaJGm1K7O&C~cT7U`A3&;ap0@Ok~!Z<?9oEC)yivm*s%+Rue;5nHLY4T!4
zWV1-J6w0V3$R*IsFbROqKsZ6poN#$bN+LAWLR35eF^~ml4k!jt0R(}@uD^|YNrA$G
z9}GScWkrh(lKn=iA%jlmo(|;Xrm_am2$B=|N6U(n<fAA;4*^JBd(ni6yALDvak;wj
z6@sgx6-j&Fl~St#Sbix;GQq^cD8$ep0K*|syazPVcZP0Z1{65J7r)GG5;GVaztm-A
z<oJALq~D*g1-_hriUdR9pzjvqki3ty1K1^>%K`bJHzd~_e3MLiy@iG=Vf2vyYYYJ?
zL0>@3z+V74XhKxJ+*dxQAT4BHGCaGWZOCoDFKuTCSpc`FsttTyKeq*Z-B7ons;Kh@
z?l!oKMD8}c3v$r=SSmVrS4LJa@-6JYMbRZ|6O4EXIc%493ppn?Km<VmuawWCX0HjM
zJAZZai@7B}diLY%hA+yXXBI|g<|^<@M4S-w2)L!6a|3082tcFRYZnU-K&nrC>bj^K
zpeliDS<ntOuviPzfEi?9@kj*p2gm?6PzdaTK<y)IX9#JLO;L80++{fSQQXH)y=$jc
zIK4WjRZGF#YX%6t_{I+0Den(Oafg1Zer*k)u`OJcF?J^bL6+F@8u)XUVc6rVbS741
z+QGvgup7IxYUqln?;(^5m646G0;pkxPA5fsE7x*lf~i+?Oo`}RgEAwUM)A2&?Tfjc
z=(g09U0^hHrO7cl*+>wvhqw3<OM*8lxp`ly;wcnda(HrhN!BBn!nXvM!Y>(yg(wko
ztpp!vhrucD@>YW!=!bbJUGr8094LnIDI4=v18Wp!kbO~yBPiLkwWDf2>~O_fD$M6;
z`(NV5m(Jl|sO6LiX@u24es4*Ai{yth{l??_Y3akos)Z{wcO+(u|I+*+#dWicmE{e}
zILS3q3yc)B4xkU<2(yP&h*H=T0T%!m0!RQt03U&$1o?=fqL0|Byi<h+$v>e=e<JDr
z22H%b)<j8?9+^#M25sRNn(cJ7q)3hD7~?C1Ey5Xmi9P&_GHcVJBkU4km@mFjVO`K2
zb%(x*#x}bx@{(itOx`8;_z&_s{xkW_{v?0K-^p)q^cVRBpuxbtxx?+KYKLmci#7>d
zUQ0HHSU;fuPTv81e;4okAPAF_{LGNC`2`KR5Lq^lDhOE+h6rv2LSS<(^1hW2(`_-d
z23G{>N52DKPNu3iTSQr;yi^fUx@-~oD6ulK3CdR(bO1KMK@dA9KKfhL<fe!q4^bqN
zR4`F8%oKo9kW_}*59zcC+Z}C(JD!9xNZ~aE_8BqWR^c`B5`K7rQV&$(6LJYLEJjI~
z`;5K=HVj31me&?k+6uJ;5x=MK8hi;AzmdlibV)PJOxdcCDT*!Nj;7{?J4`~UrO=SQ
zI;xt*FUhAX()45UfDI%@RN-G0yjl}IDQiYjhk}8m2|WgQc-Jefg)v3mMcGA4g^mC)
z!<Zta10ek}^hwlAk(pqy0ZxKAL<!M?;^d@L%cLk}pEw0Xk)U~g=Aptwa>wYRAr24h
zFD}TxhSy;3sKl$uzXC3qhNUR!bMqSWw7-(}y-8N}=>eCv=qs?CbnDC~n_CRumwCvP
zrZ1}~sj8Ht)Rm3~U#VGZ-pqgPgFvUw*t69<h%blJ8M0JWrg5a(s2eTT=|4zRh2y}5
zM1b?+{Q^K>fvbbRM%3o6!bBf#g=#=JCO{HxYsKpZk1LEvM9}8#3NqwG1W*52Obfo8
zefb)yYr0XW`>Tw-Gb!uRnZB_zX}i|5d3k+Tm!Q1in!GTP`3R;RG_}*eeyl52X{RgF
zSZk`(SX<cI>gjxEy(Z^0qUNeMH)h+9cDAp2G?Jw3#JO>@rB87NK{8CYeuTlY#_fh^
zcg}fc@7C-%^<giYgv&ZC9X}0&6LWbv{UmKUy}SWp97C(tvE#&QuT933d!lB{{(aTe
zz>=}0Q)bAm=^{@0xD5QbhgOE;Z6TLw#EH}1K~ZIc3a6=ciNkoE3I{d23Wp_i6Ly1x
zX^K2jlr2(lPgZ7AcaxAkleMFj9L)x5EB~#0*(9nXWuTt*F5FaUUS%i--2LVOGCHBN
z%B;0QTHbF+Dx!T4KPdkPf|=})2{uk?`n20LWBr!3Ufc?%Rg*<4Bn!AJ_$=Hu$R!i-
zM$Y|^>?A)xYW9P`nt&fs@D4;C$zY<A&E&ulKJ&4ML5YrDe&rOb+5u<KdZO0pBt>C7
z=7ELNl{3(qYdl9vmikS5d+r<o9>c5Rw#2<M75pbECjtkFpnNs!7I16Cp5F#$?>C-L
z9hObe#9$GQf`_SEvvR$o&MJCEzQ?W8?3g`Oh22lb@zs8VNUa5y(F-#83i(^Y$b#nr
z%LPGus|4zXjwxqPE2RWWBvgdNbHk5@K|MK5R7ScR-}Ll+MfD*0<acj!3Vp$RN$u{1
z5w2@vU-`bpg`dHU=0+KOV>-l5=Ko=>|DoiGlyzh*PP(HqLXXAkOxh=;>xG^B?G2xJ
zZvtH2=F@o@;hpUgra>D7TQ|u$77vUsKn+AK3qEE?#q)u%>(@CMUbj)nZ(tJ^-3i4r
z?kh~UV@Mn9HIPpJ+ovCQRd=Wp;OlZ=zXi5gju<hCr1%OiAU(z8{*aCr<)QytryqZa
z^RTDj8H{^Fup6enuGMw<yhB4f$C1CfzjWMu(geExMi1BJp#Fgx<fRUQ3AAYXMCU&O
z`h3s&XvkVv31F?lnD17xV||9K_<3VTs||&_>CyDT2JkK^dA(g;g=}+`Q2i_#j+?Kj
z>Oipyi`eBq*t%)c1a<2F#Q3Il{px?ta40VH5G3!&z4~+6Q(>em*@jsZ6V4yEp-WYp
zdHBhZqzbm7J8$r$DV1BF;u(Qpz<D)*`YAr&2*>yJiT2=u<v7rEQ^O6x2hq1H<ASFR
z%yU!3?LaJnhq=(8ISC|p{`s`N{oK?IUN@+-OY0n=4fYA-z3L1l_th7ic3n8lo3He4
z^04w8Ml&*(Y$;}JMe$%j5!SQ%)Q6+1coR1=h-9-5O{*P#`turPIf)i;!yn{#`DgN*
z|4IJzzmwlI>o4*nY=VJtxk~w%993gqSp}TpYNZ8D4j_U&YVf2serrVpO}Sw4?%!<`
zx8LU4IuCAePX#{sB^+NoY;kT#R=E%mmOiy9?<OAdvd$keMoq)L@r-lZMqPpQKte;z
zzj?p%?(&-0gIOmhY2Xe#-FlZvt(!Wh_;}%~-jeU~cdvlHc%)u1o0IYRNA*t=J`9V2
zY|lBpNO%#uG2ODfAoPr0&x$w!&2jY<79D-}i1!qD{pimKk&z?#yg9!q-RvTMZgXU!
zb~(~GOH+ry@f%W}%PQGh$o3p?@M892pXUW%0#HuWLk{v$)~JSOW66_YL4p?@;hV(G
zX5-;^CN!7>eU2D(2HG04>LI~os&p|@mk9w<ta<&1{dpq294jnzX<C63aO3?;j2S&U
zj;Ku`tH!g&27H)T0qTjg)mRn=A7}!5E~6eWt6t>WR05Ya+^()+Y(WuJKTybpSkn>U
zxdkTHLKiHE?w;Qt7^oy(+K*m-ahUM`yyjX;BHVv8wo82UsShV-Tv;PuyNCVT)RgNj
zZ&(y>cif35$5Y4Df@p+T7OPA{)G7Yh(5^H_9BGa~n_{uNI;zz(ApW;sTidGnGvL|S
zQV@y$;1ZTx7WL9$+l^?pGNr$k=lzRsod|gsmKZ&Q6vZr(J*HUVEg|KvM0~PY@f0{E
zCFKysQw}MTM1v~B@qUJ-j!UBeOx74G#%ih<9AhiE%YCKG>>j;g|HyPIYTlZ-H#djv
zI^n+0?TJaHDvgEx0c5+q>8b_n`#S==!TVSR!)W;um1dkCMox+VQPdbT{J7p_NiHr3
z-Uf_ssy{ly{Na*6HC7{LkN2M-O;q}lYT{xPLflr$rVP0sZy3}~QQgm3O36kt+4nwO
zsFwdsO9<9mz_T#Y@gW`Asik*8_zo_NA)*##f)-(tO(I6&csr&2MA^dV#?&&!^GuR9
zG-M;VFjAHX_zhF|?8gJ^!4h6BlHRqm;#NA>i$VNbT~Re!+reexaEA9ztEPrVd#T2A
zJPpU3dMMe=MWbY|d+>O8hE9jSnT5KIw8Bodk2XrKEEQ|wrKD^x+`O2GDy1fJG=8=P
z7U%e;;6YTzW{h*Sm1<@h$V*q-zQ503Yho<sSrIw-)u7W|WBWzAFiy+<Oh@9?ao}73
z_Om0>rx<Nm^)E~8W5%~9-1)kJdgX)}(X?Z%Y2Li9MHA7x9xO&@X2|b##&1tW)lQzP
z;j=4a1^vy!cA+rQHcyoR4=yAtzYKEhc^r{f5|}cwCjppa_>}F}_3-r(xOY05le;vm
zmS}#`sQGM*Uspy-)i{_>Of&U#I;y5C7WS2E))eN8HiLzw?vGnLI<5#12r^Oe(yS07
zB_czlqUJT2%S6EMT&~v}-TcT@ltoM!=s~im^P93GpD^7+PQYJrf&}o11B0^z_r-a~
zDIOW0tpcys3inFl;?NadX;D~#OL!LEI-x8_Xt#RUc%j>k;{9fjrUNo;OE&D0ySYyd
zFL*Ms)DLkD8FPkQL?JUXShHeDHEaEPg$UDwJNw_{=v<qZyQU%QO(E_+OVI<j%L;f4
zLnK3bgvxJ@=S4Re<sv8D<}FE-k_SGW39Qo~1}K|dW=U;UuHoPsXOt6wF!*p#sNi{G
zUrY&uyjBsu(O3EJzPh?N<t`S=-&ax|&@n$S8MG}aGIP+|NXq8Q7HmQk=;lR+OR=WS
zj0!w1KL7r`>c+b;)zrYMhi^O!B|<7pu{fsb9lajSLMx`8lcQmoKX*r<njTcj|6V8E
z(cbK4X$je-wI2f;n-|z<Ei*cGz>@5ShVovL#c6pEUmJs?YnQif&TPkYC)^E@Q#dh{
zq2^a+Ci3kuUK%l9J>5F?aXh!Z4VE7Xd95u>Q+RW8^L|8oUUMN2iDxo-mdV5j^G=Q{
z!GpW!g)OSfmb5CJxPCF(xCM^VZtWlB_xNY>Tl`7>w7-+zTInzH>#l==v5VjlcJJ8V
zdqh8%a>(JPWyB}r=WX+LCPECDQji)CK*46hx3P^!KB`*_%=<TNSt$&N3^#r9_FB%*
zH*l1U=Tk76r9``r?jzvLW;g%TJYSU1hxec_?W>^svzv?ar8Vzkl5VmYG*I)nanQ0o
zYcTJ(1ky(;JA(3FRHR}406n~|^WvXHMnT&&LCf;C3Ad36FBF1r>oEvWV)P<cw}jf;
zi#E8PM8j86osqv4>T&s-FCOpMl!<IL-_~#DGW`v2^c_d~>M`u+^<hamK?oD)ORTO0
z>rO|=3vDxJ&n_##r$m`bZTE#$M*?+SW&3Vk4yjdZrVp-KaQWTYXAKg{$D0fOFoq8l
z_!bOg5_!@%Af^UNG_KM&*)9W9D`&vmLB5CyiRoD;TtkqT>#(ot6#v2Y-G_AyriUiX
z1bL5(Gf2#%Z3m^;t1TzaV(rNC4qpwSLQ|I3Hm-70^O)K%qD^&2uN}pi^VR6OMvc@Y
zg=2c{*>#LMN5#?{V+U#OtmAE9k|5R82i3f>_`;=b{xD0Pn9ijPRpVG6%wCi0sI}nA
z4O#@TUUQ#5^Lxnk-KtrUd-kVAul%G3U2PB4_1fd_uiKi~u9}LU((GbAfh1d>Hd=X!
ziFwjT<YXmeZ#_#j(bbaEGI2}eZh{JSIi^jY@Pp_dQrir#4ob)CH1Mtp`**(=1Ug}}
zWCnc>6S}HN)MYC+P?YwY&yE?YBgZ!#N=d*xfx*7oyGfy9640{StvNi{W0Qu3k<8FG
zzarNPU=uT{(gr<5aQ=#4Gv+!o04ZJDedO@whD9TJuGb=#3Dtia^%rYu*21seW)q?_
z-SBoobX@GLyR^j|Vf0mh-V^cY^ZME@>T<Y!8EfC~F(C`zZo&ebJMJTHWoDz5bTxLe
zQY30As#|QjrYvXsnh~+?_mqdWLFJ+@leYl_^IVSv6XI1aWE57lLd@tFxi%PSS02oM
z=^UvKWhPRplE$`D!rC{^_OO83_zfBJ`$Vmn7|tE&KJS9_YrF4-K`*%fm2-LxhSuA;
z-6LEEG4yeRv@Binp#42fw9Qa7(k(WQ^?91KWEESDS#0|kKJnMNq|og95RHd8A!j1(
zpQgT5e1^-$Pr?e7_xf3aQPi1QSQV`9w~d-JJ?KpJ3IpwjL(|xEOd@VA30Yl1q$Yr&
zl=Yb|-ofk3^XuNcp!46#?)=EQ(XIkaK9Q~Ccbu}8nQi`AL3{n<cU&w)i4G^f(Q0WZ
z*E;<UNVE%t@Hrii9W8fM#pLU~5`B4>f`Xy1kz1)9m+b9}e64V|H|SBl^!W0%Sa=MN
zooPuaqB><LKGT~K&usP1Qd%$Fn9^#m#HTiHraq`p|EfunMd@%tz^udgJvs;tD@#2V
zH9ka*bYN!&w>+OxYe}~<-Ew>}@>Mns2+|TMl{bq>&3h<7=d4|!kmmZuw-C+1m~c`A
z+aC0Q4?K#7;_bMKw!#9X;d2GEnQgJUL}X*Ka4gYkR%kK<=eSuS!&8O=8LFA2Q%P13
ztTM0mG9pX?-lGGqp}QL^QJxu964V20U-(=B5*t9YXM_~VN`(N?K8T<K)1BV^{H1|I
zmMQZKLk~bdm-Tc$mUlW<al(jO&eti7a)pxk!rtN(vAaipAT;K^(pvLO9K4@m`BXr`
zcE!Ww69nQV0(1|%%(E=?p4c}4gU=dUInR)`HBC@%t~dSTdcrFrgrDyZA_^aVuc#T}
z@0;1VEZTK+K7tk&K5e=cjcEA=AcTc5)S2neG#;luZw}Cw*Et>miiElRig9dI-TLCm
z@ris(7G0S9o(qjI0fMz&oXG~nq;P3JUkFlNh<*0?o?@^>1l>;ID2G@4F=zHO7b5w>
zdSG$c(?dEctA>@#dU}Kso`VAK@um#JW~d`}qvs@r09e?xI2_GE?7gO1G!2ViR2lvt
zzwbYj-||oLr~aM%j!=J*zuE>2Z16L2u1KD=%kmhEIY{!mo2Fn*Ue%Xfm}j%_yDEjF
zhiA{vc916N0svdcke(DaHh(OVw84f=ENe;OOyAFy5qy^MyI;K7Dfs2!u%D9cCCia=
zSVV&!#mqL1rQq#3rw4gQmKNz1u}HQ^a%nk=3j{8diP;I*Me$8}ZZ-$ds}j_S>Mm@D
zlO9|puqwf5)!q6USeiNA1CdP?NNIa5^H?B;HjGvPxSmSnQc!&1zMA-nNY)L3B_z(f
z(h8$2mONo|IrC<Yg2|y_o5>CykyYbw7@L`0_#^{S!8jAw+s+0CZq3%ut}%{wm6>=C
zef&fn4i0E+;ZaOCcfBL(@p3#OtLH*_K%8KHM!pMQ{;$6v48K5b`I1#U{IpkAxq}^8
z0cS+|XM5`uK6vBVIuCkrZ{k^maM*`Ht#jAw+xvVLrjN4g&hMvB`3an_v`ufb7M=x(
zX4DABfKS>V3;MPrYU1k|Uoa?_Q770LQ4k$XQf^)o-GadXtJMjt*Z4q-so_Dvz10;#
z|K8_1PShixPo{<=Irr&^8VpccuOG8i7RT}Gc!Is5^1kEFd!uEktn<GgA~zfUh^~JR
z=j>)OkTx4qOWY6L><x>rbP?5B_a{2g>rB7~{wPeVhvtGaD*|rinfASDgrM38^U3~z
z@7?PZ=NkJu1IKMqAXHDZT_dW70Nzs}LX!)a&9}7LYc&^$p;`gO$O3nHn1jtXseu5$
z(WFFye54bp5k}szBvt)KI6Y06pa8Oty3f-A;2m{1!Wu#J<se(aBPm$Z!HV+&=V&_5
zfu#8>_Cb{nCnOrxb-vrAFh><Gy;Sf5i&XkCe`)WaH(NBJGLH;;TJVfVQ9aGb1DTGx
zk26t^(~{~1KFdj}0?EtUQl;HR_V?2`6)t7;w8mx@-sboK^YOcan^l^zx%WMznQfT(
zVrv%OKBP?lHkFLaqLT3`Wcj~u5P~5)5aDi<N~;J_)NM%|1@grQOh&b!NZ$xXU0Vsr
zP!uNqfR`%lF$^ajeOFM~@2cUWT8Oj~J9_Ubp%Ij_Ml5TL><Uy`F0xjPcsi?6nHn9x
zX1-b4nBgKHipX!m<^rv<Rt6Bei3TNvPljyZi-!D%D~tpEJU{AJs=Qz#1M8<xEb9qr
zTfDsA>!j{2(%uYt9K`J^QjIwiSuEl~$#2lj?I*B=6)4<2?M{V~r6`W*#F|vk8p1vX
zU%%?MRAuzV4tRLwY5S$p6{}gqjn(?DLaRsdPHPWt_}I=YYRIkae?Z=oBQVW76kNeL
z?$jHu#=eUxhk6M2KrX1JzZfgkx;*(fbh#KjFcIu--K-pC;!U?}J?(?lnM$Q-siO!>
zP09~<uj<p*xfD9}yi#yc`!LgTE!p}r#>3c>))1H1s5Xa@?sDncz^0(`#wQ)3d~&*4
z#Ukcb9M+;WGA+rMy>UxiGyhe~`(;J8`UqAomEtLFX)W0{Zg{^}`UkTYchOAa0=d2=
zgt~{<T3L0=FFu%)4qh2%tBW!77-dN#t2_6Yh*p{9F)M^U$)o*B$HVD>x2a;j27j~m
z^yH)X{;tQ$B-w9o_Li1+5!s%raGKtx)q1JlTkASaa|+QF3!LSI(%6b$u&0ZPZ20>L
zt}F1jnW&cY9etk%trd@S%x0pVA|iZaSo{gzd&**|gf4y;C_8ge{&;gNnuE^aTGmc(
zK3W&2CeB?Yhhxy`H2;|2`qLt88gG%)I>|-j*DRE~*-zz#vv#KI4VpHxVw<xj6s~RS
zSh>iImG6pr<<rf4DxLAB4dqQ?kfekS5gGn$#p!D-EZ}eJXE7!%y^T-B<t_(9vR5Hj
zCOb}+`G(~z=B_TFw&j8Gi=jWr@AuE-xB8R(DSs!wTkBusm%|4G%hPmF9N}LT8_>Ml
zSj{~<Em)iJSjBg{T#Y(e*dAd0o({DrZAN!Zet!12Ufn2}=2S@+bGndtmO=H<yu*>z
z@Z|CqV*0~9;iT<Du}PYfSoKm}RDBN(rqtbPr)Eypkv1MTs*5?xG2G<J5P7)@B8~62
z(XsJNQdQT6TbDa$`eRI~7EjL>PpwDp)}+PWgD}jnT5e3|>${NJm8WITq=v>NNlgq_
zy8RP0?x$Xi>eANocGr-_g_?Z1-plcTEns5Bc;B1QYV&}I%AWVLt4UxpxMAMM6dBFH
zLNk-0uPGWD?jlNR)@o26AVj`liS{d3t=d?cR9Lz&Tbh=Rd5<o;+!fz`ET-HFP)W&_
z!K_AFiTM_pmxH+Hp2ZBF+g$0K<xAkxK9N3hcE`JMc6ZeZ->zKgsFBD$qan|+k&yu!
zop_gppBUCq-yAI{;WmPyb)3#HZ+_s!et-xW7h4;Lz%D)oK8Jra^%1pbU>+Icp8gEU
z37eR|C7@|RuxAlR7O-?$#v{FpMmIG0%S0ehi&=hibY!B>cFwxY)O3%|(PXQM*-}E+
zB6TGtVcV(HeiK_JeMy6}joS66qtCqHnBBg}X*e-^L@kCXDOZody6&cSZ0fdiAv%iJ
zpsg$U*@XJ;s2o}1GY#<l^J)}RgUm-98oJ-I0`m?ft&T8*d4chV+KH*1q}Oz;W9BKv
z4;+axS&J!;G5BXrkz-@BgvFm7@1#+L#m8Gw&#*CkxYWIuMF4P2W3Wo@GeDZTJUH!9
zIhhId*woI&lv2I}hvv;?MN1gs3T#ddn`Qo8S?8c!e7~RCClKaE`{NVCl;Y{?$%)aL
z3|%RiATJL7q+d3!>w`o>iL_dYP5C`;hMK3bL^ig%?<Z}xP5LaF<<4&v&sCtQ#G~U&
z0vJZ=jmaKHtZ`*+)faFIXbJCQX_1-mXEF_&xts^xvGyPn>9(w256cjtzc2&qbP`h%
z5|;{Svotu(mjVtf=o~T*G$7oU+P;nX==xxwPZuS`Y|A>iv~jZsRm4QIcBNDscP#JM
z6sJcHFI<b4R=C(q>wWW>7UZqEI?>eaX%IC>AT_?gfc%;I=;d6LzehJRG%j=UsOTjN
z?=HE;jXp^0w1?gz(Mmy0D^wnr5|iPo@@*k6ps+XkIvk=H?pN=uUt4aZZ<cThDPQ}p
zo*c1)zb&qp5*yWLF`awd#AuZJbTZ*R*G9{?-hI7>mG_DtWD8pSOp2v?j_o&jd2^2~
zISX2yTI}VoweNXy(NaCv_8Z%#pO1{oo%u$)Pnnu}FNte1y>`cR#3HuH6L7w*Zt`%L
zsQ2XOMlOkt$x|~aN$rLOX!My$^Px#M+kGpK&0F9d2XDxhz6Cd#rN^qTgvU1hr<GMt
zL@xY&%d%tR=q?2^I>#lx2sP|3P=@R<tx8o-O2>5l6-k$HF1{f;gf6c7YA>{Xx@9jB
z^Lo1GYDo)yHY}=7`mPKvan;=5t(=QGA#3%E-tetwMt4fbiAD=iYrgvB3Po@8Q|K-?
z#X83>Jr$^}Le<=mtx-k`{%gOgTVYzy^c&$?gQ}kpkJ*gwJYPmoc(rPD%on29`c7pu
zF+>e71TIi-*d-R%0Bf$*tzo4W$C(N9l8`TM#jQRSPNhDX@xg1P$B`-n5lfV#g|JU|
zR~xUeyU-O^w~3dv>~gJ5@|wfG1(>5A25e35)niS<7_>$tWfjMhl#}qNi?fqufL6K+
z6)$Cz%WMm?vn(@BSLm#5LhTH?I5>|}na3M?EKX*~a<gpJ)gpBzR7{5fQ}VyK6fNc@
zO#EHQC8cge`|x6Plu#c>E2fUf9DC=>wZ=q?rLYb~rs(R2Du^8cvt)4K1^_)>(*|*q
z6~vzC(Zq2Epz598Bry6_1q)#Fbz)pra(JAs5i6k2xN${I-tz5po&Xj}D(fHQ5Bz8H
zTmMP^<iC^O$M!GsBjtgCozZd)p@a&-_kLp~`8f-aos}o%00s6@YK$&RsnC#D#O_&+
z?NXFZNGC}OO=;I)0mux^#5ge0j6=${e-)hCR&*-eHX|s~m<$=p=vFDcXhg4?Yr`H~
zmd+-#OmG|GSTMqdx$pTw3{?-oVjS1ukd-!*l)O+&Lk^)Kl+KpKl_3}Ce2gnAw9`*V
zN+$B-E-6usGp^URpr=<e@66XtjZ>Q|g+Edwv#e|qw!^eLnI<b0Q0Mlytf*ZkvsBj6
zW#+Hvo^>$W&&k<AD;23(77a7BugRy;mQ6$po65biZj*Gbz1sPtt!u*yTdJX8*u%d(
zbBO>yVog3|!g#qowd^U496O}$C=fPP7-xll5eVMk{K@JFda)3~idl-yl2X5B!$+dM
zA)Jmchm}`>N7Fl^xm^c73HRh(U(tZsrK#>gFq2lXMr46(j*JzP)pC2QYZp8X(Rv-V
zm15o`!Rq!&*nTKvdW4@sGEC|eHT5b9oc`oG_j$VD@-l<l+Qi@p#iMMD*ebCmmW6!B
zld`=&&qGDkkX_<-#Qh8MvRO$p5>ARs#<&elI}`eCr1B!SqQQcqL8GKg8gYD;u+BI~
zqZVoFjftOqf_`CblVqrr4Mr-WMJ!j1aTL<+I8Cv6jhMu3a?84Nds<vtoaKAj&N;po
z)0514?i214mo($3UYFw1_&2Vw(z+(J6%$>rV(*FZ3{SykMc(Rq*Z>G|+LNtV%7t-d
zwG$Jblh`KpR*}VW9p(jA*BBG3>5@HD<qN7=eifc!l<xf#ab5F#Sxk3MPm4$5aK(I1
ztuej(@R?xf@!3!F05$hgH!XIl{h79hC15oJzfm<-O2*+hNUK9dJW2-lNcl~K#YN=s
z(8l=18Bj@TU^sV-{K&ps$IYc0Z#ET|>&rs6gKU3PM-`WDxPNVqnhuvGkMEo{C-c<0
ziZ)(e#)Ur*5A1(L#q1D7u?MGqi7<DEa0mXv-&ly`uG=Q8+s>-n-V1w(CBL;8@L#?t
za(Pzdo;M$WJi(IhBnz%RRA90ga63sZ!XL00NLjX@itUrakSeX)o>{ifa9PdAZ!{Zl
zt=qmGUz_gamRxXWiId>vWQa8&m$|%rbCnB1h<UsC_2^1Q7HYn1o1ck>+q<$wa?#8|
zbGXF44-g5P#fxP7GQ071WWG1~DkA9|#Kd&{a6C1+hg<1lF67IN?%P+72I{z6ZrT~P
z9Jx}{U1`;GUmI}TxuI3#J!=IG9|@engjI~(Y#!51L<qK=ZBthgPG6W8$Wa8NZH45H
z#U1MECJ~1^^Q~bTmcGKj;BFOlTf0dqi{UZyQ6H2?X($!Ql}#*?npd``y%4Q|-wvE;
zIjs*~4~n$#i(!aW%$<Zzi=;RQ<&BGFEX;j2cMeU(-HsW=U!ZxS6eEdprP2!;>9CA1
zELzVfp#RSCorO$?8n=Qj<|$V<YI)t-yQyut;J$9!r5wd57<)rwzPId%W-MpAeUDZ0
zBiU4SwbT;I*X6j<_tyZC6Wk-~1bT{xb<;lO)4Vyq+D$ifErB}^bl>w-`8rLC59j6;
z4DqWkGIqM{uzkm3a}!cP6Vy@?_eJy63&T_6C>Gv44V*Um+8(QkO?R^n^*2o?3tx$j
z?BDR!2<a|&ay!T>WIWYEhGkHn$XpT`U;3RBH9$;BTc_-I^RMxs#+!E9;tlOcZ`&uK
zH~zH_IqC?QII08iEvoSkuOB{~BXV$`%eh*~kAS`5bDwg^HZzE`5Av9Cf4ALY81@f|
z3o1iQiaK@LK=)lx>&fb%_{n4i@b3MMyd-f37>Uf6i@S|H7Q$wkX14Hkkf*(?XmV{;
z#Sy#1ZfDePSX~*s>7Qa<RvFv3rNTXP48I7!SlhVDVT`{FQaaT^E*UeGDVooFne&K3
zAhabbei^9DLMlkehncA(mYbCc&-jD<q5n*Nn?K2)^mp<DNd6-KkM~;pi>`j78lS&+
zlQIr*P<bobDcU)l4Z+V!r80RBUx!fP?UkCwk5WA-Nh*eGV#hOSP*=p`*%hD_@T4gA
zUOmUB7CRQU6lP|4xM((-YZb8vn=Z$hV=9Icq`j%%hWqpT*d@OGI`Vxyl=Fto(pHb-
zWUejRX1;nEy{iq}EgM-%#nk?q7^!=x*<x1gc@QV%O7r4%uppI|s5{8M%Y6y8i#S1;
zmKD39JXxOYE1=t5;&%hF1L1rcb9!(Zwdx#j5g-P;!Xv~B%OjGh#!E;arpM;JBqov~
zGJ)x>?Nn7XZh3Qi8+lc6cdF%cbZI}roJ6nJVe-H|;!4B+4A>5_m$UNO%A>gNs3CUg
zyGK8uZm2ZV=CmvD+__C~E`2P+>9Ck8F;#mA!|!tp-JrIiJkYsJ@@2F<Y4R{>aagB%
zcyv%Ojh|CUk}{)vz|6CKo-;ZfjzKv*T1fZh+Rdih8P+hqIUf<pAXJTN*A`^<=Sp+A
z>Px&^9t`(#a)Q75#fEE{HQL6wonp=|-2VRW`P~t@#B8GTdn$R?r*^g>hC7!{J5xkR
z!!VPee5^M|vprAuY%tS9EiGZLMQm<Q^TiIbx|QUT!}0N`j-y0lCCK&Yfu|&4<fwN+
ztsF70wG29G0kELb>05<xU!e<?`~(kj_mvq4uUyJ;o;4e1cNz`YztB~uH~BRQhn5Ng
zaxqaeL6ww@9i|g<qkT^d!>^q0EVJvhUsT8%S(OVZ-Ft*;|H*l7mb7$@<7l<Oc@uPH
z?lw=i@Tg!0i9f^WTH?s%+F$I_On{l@AP0;;;9VA?PPrW_nJbN`FKPdk;Y`_f=~PC!
z=6P$@+4cx{%xmc=zVWOpWi@+omur0#ZqF<KzN(Pre1_dznU~eyf7KSruAjGnb0XR5
z>n?KAQdq)geq=iEdAT{T#$>s&+QjC$J5>W+lS+dGAHVv%jrMoY?ocX>1aC*UH_}Fh
zywKRz97!X|b`Em!F59fp;~4SNwu<#!TW=u;o5gVFudj38ohbUP&(>=l%Xx7cG*J!_
zOXzZ5(HmbHIvQ^gku~RRPAbcVbwXQ80#sS7WuEyltnp72ebj}tbXw!jzpiNbEDCDr
zyyfMVcP{8~sU7$#RE)=KaxI+tD%8zAw}dtHG>tnryVQA0BwhAAn?EJciJTk|6};76
z3XQz2w;oaF@RU9!6fMO0Z<pV(i4v%|a%pPhtV<x2wBp_zuA^_4A9he&OVb{wLKbru
zOzK$EKC&s-;ZI>%vlpDES%@x}c@jHsC<}$5FZ=W^HrpzUWTS1zKTwG}Pvq*re?GGk
z-1A?&GcIwhTZ2EDm8&nhF*lekYp(m{KWnt=Vu7f5C&zn&np-%kcBgsBCq*r>oI&ZF
zRiHyAlTtY@3^GM?PL+2xUPh4lbuvb2;jLN3&0$f}T0Qbq3nP)&Id?f#WMX)@Bu^0Q
zugP+cd+BHxYN4@mcA%_9)T$QQLwLAUkGa}G??e`^SnMFrFY!?B6Bs-*fim^zwG;nJ
zZ}?;KB0shi=Y%FZD<>TVW#B9zavS-DW(Rs>tdUBfS_(#zZc0uPojL!(t1#pfmCkhx
zMi}30y5yMqqg8>R_~L^oRuQhu8sBV0VTDR9X0~crmAIn_&ji$!7r{i(xfer2paJ#I
z`7?{xMUE$E-=}>w%I}W}!)f=PNw4{riLaK7>TeNPh5UWBGm;UnS{)}YZd&wk>1(4J
zgl$WK1thuR!eOl<>{wJb$a!DzpRlXIKF1pYBh&&me}0$$q}u_aQ*#NU(1$1ksGP?K
zqgrm7p0n_PPXHayd7km+ffQcgZ)kLO>j<I2ai7GaiDUDN8Q=;052DEm#dmTsktb#*
z(1sod0(AHhYeXVDlEu}+d>(%Z6ZWJH+w`cq!6Jll^dNJ5p4$wf&xW)BN!@dMK@9vs
z{>XnOzwMvoPy9RiLl*ube}Nzvn6S1mdjWZ_>=OQkoIx<OoeyMc!dgGHeWN{CmTQPs
z_}zI*`7Bn_H-z7UIS!-y9~_KG*+m_Uv=M&y-~SY6I{m>9bdNE{q4Y>O{ozhL{@d@N
z3hlBRmaGbAFvgs>?UOA~i@3WkVuE?{)7a!kQxH$IkRwjM5F}ctE(TF74Z@VvQLD_g
zWvPn`&K!L(!S%BDAJ*V=-2ijlKyhI0xNm*6Z%uXGAXcO!>5E;OC876FeaZJ?0{OD5
zLDO{e{w8@YD?iJdr0fxLr}A;e&~JW1R-sg&*C{fznYcOZ#eI>!>lN;JL+<3kV5QZ}
znZBXX&{JzsH#GRrurD+LS$(Kml1VkT$H?%LZYFTrNZkX5no9k?6yt!fzE<7p85`HP
zU(}C9?g5Q^XmJQQ{^@wMdz^zxiZi_2*u3`AQ`0A~{dDnaOXCCE_QhyeJ^Z6b0mPZh
z0WP-2uLH-8Krt)hBxG)^(jH)*9)9&)9Z&yYT7H|rTYZ2D){Se+Y9)GQ@UQqE>frqT
zzd+b-7@7WipuH-LTPjQuvg06dJ0t`F^k;a4Kl@)Ed?4P%9`E&ov)#u-P`)BrN1*Ly
z*=2y4iYzqtxB$|44@7~c*F>_7f0!N2E7bCZh{DHMFo`sD+-t{plNY)8Y#+KTIx;hk
zvQKbgo0Q7_gdIO{iUR0CXXog6{-Qg%AQms!Hvm}rPx5<&)EtO$LF&OD^not&ShZ^j
zUuUp(au0~G5K;AO9Dpnt6W9zvdr>{w-y6*{Q5c%_`Dk{R6#1^Y#~zp{KhiHy-_w8`
zS$W1Dn13J?Vm@e3>`9%&j<W;l4N%*{U)Y=9*!K9w8|_~|>}7qxNtql3h?27~z37;;
zdqbER3zDGXq#T}Ke3}KvNs*=2OYR8pMUes<r<^N%Z`sP&qRr3RFG`pv(gLShdpHrJ
z=Fte)`vs^+0PuokfNq(R1-DuybOj&Cf>w?CV2AZlD7P}Y2^S4<n)&5gnxA(@ZsL08
zzlZfvGc$D4|INZaUMGLyB^Qr^nKtrkI|Dl_oq3CoiT-?*V0&#o%zll--`+1*c`;-8
z{C^H9v4w}eNJ1)1MTPpr!{(+E&OH~Q3m1Qpd{F3%!ttr`i7C?~J;EG%6!{~B9JKfm
z4mo5N{qAzJX#RAML%Djm)lh&CZF0ugh_ZIus#}|RwGgdqU(~gmGB!;gxqvHA!I3jZ
z?U&$Es6pG9mPVvnbqf5lID~l#sH1#;=jm>)1N{uADp{`oNUyUb*E40l8>46XUlz{j
z8Ts#a!;;FVHIiKZeRQ75#1gx9f6R(oiIhQhf<YEMe1<uE=7&!QR=%9SRSbcyn5_xE
zbCnC1IyZh<2Ex27l;tn~`kC(K1N{@He@`1#CswPEsF!`GAuv78FdD@-{ln&J`Z?9N
z@ycuw=Gmc+QvItHN0xW>t;0;qW@|b)_umE%{>|Pu_uuy3P5mub<1P2#t^WF9`})E0
z`ayI48`M#j|II}A<KDMojbZHi1ymBFG@WHGlQZlx9p;4X(ZkA%XN~K7Ub&5&3B(z~
z-E@WGN)vn~)@Q%vfg+V2>2_I-zJ#QP`Z|@f!k~q2@H%|y75_S1itt&lpj7H&4Y@I2
zdB>QB5k=4Or__Q0cfOE4DEErnm}+&+k(tJ-_#Xv2>Nxpxh-R&Qam$Q@kC<b+b_m8j
zD1!k!>YpDr1NZunkVz6Oj9#3}Y~?p9s9MqaP<w8^%TMsVYpo6FGN#_Fbn7z8ZVc|3
zyQpqBoMj!4Uf1!6hh-kqY|kcS+%6HPI9nk+Rs2c**ncL!-Jj%7_&fQd!u}%v<-2&6
zNT^Rm1C&uhf9)q8sjmOs<=tIG4lGrV?Kox*PHA$P9b^~yCnEek*kRCImm4vtYtysD
zmKibA6rEv8O`NI=FZ|9zn`i!>+P52l0VN(1?AW6zy`?9lZp+nY2;wf4sJ&?;SUxBx
zLq>Hw85lsB{>!S1d=m%01-8zZAY*41oeZc%bYO@TeA>xp0fPkMGeAQM5ySn=v7><V
zZ`J2mg}>{97WX6U7RQ1ZvZD_VeA0(oMKl6^a6=;Svp;9x`4|OsO9n$VK#>llIxkVA
zZ-=bx!Ei%u0BW7HJ%9E(w{(MA54hW8Kj*XZ-vIh{yWE4hbOoIwKO^u3ZcvvS=j(n|
zij>IekzIsn%}IaqMC+`>{Hjl=4D`80h1&drXSh0^vp231iRD6F9_X+L?wRxPR^Sh8
zmq9{-qPL=g6%I-8hKGU)CQ&^EXnLtABItqClI<~gSdEk)wz(xsFLc}xeZbFp239wQ
z_UIPJ+!MCg33B+JFpT6m&08dj*>8TPb;C4LmKSzRBH9G3Wb;!GoJ4oEv4TM=o*^`$
z2HJaLPKZ`7lU{Mkn6n<m$C>bAefb!!|B+d}>oZ%G5UH>Li<3XrJ_7p>p<?#CADNS|
zhC~QkAklsJd)t0r=GU}~4KLX103SQ*RmhhMbF8Pp)=jZ8FA@W^yZ$Z?H>}-@jt4Kg
z%_YIZ?}8XKeu7r-Qyh6XvRUt#r_S8h)>&UUPLo&og|i-w(+nk9P11sO!LmeLw9Wty
z8s7LHeG-IUW1X%s{=HGb0GnYdD#(@|_{|^xd0qr~c*~+3L|d@a?f%skkc+r}1vVHs
z2m$MpKM`_Zm;C#$?bczyI}P;I|3umyrB52}XWWD-+T+atIs0Hm!vls06k<Ri2o&2?
z_~Rl)EbTYM0HGK^GyNaKELp&d88pBEYtkcWr~%O@|FIM#;r4mHYhu&f4Kfp=!&&?&
zf$e~75v=n^#JSYsC;Fb!(Ui*Wqbi7XK>0aF8+_+S!e^ZIpROR@d-y6G$(7B<bG<5j
zz90DKL|&gd{iAZ?o7>>{f-<ULU3v%>VbQA)-&cB0_tN~!Uf^n-=#IYOG5gj$n(C#z
z#HG}CGB9joCttvgx<Q)ofHP<Q#GdF1H`VWF{<n0G%T725eDMPzQ0$!h9?J*u4L<9A
zH9ht-%qyJl&rU(A`0l+bRG01#$krUtLBdYL;Z>p>!pg#k`!MZaFt&u_?aLkd??2W~
zhNatXdDS`$--lM=O#N6Y8)`~0?KOO6eP0w8JR$1E#w3NyFE5Mh3igU~k)%;EbPsj-
z7UP+9{;brcNAjMV3C<ezk?H51T^gvBthnp>@P4>#NnzZmbDItj_CuiQwc{CVK}1T;
z&^=klMftc}Xv5oYo-R&LD-utuZPzY#Oe5HviT62$9fDu4i!P^isN#5XZVqnmx3X!I
zP=B{3WRD&hpv56LyFcn<Ep;0{iayxtP`iQGIz&&3yI2=x!B9L+?id&H_j&&h#9h$j
z4E_*h`rzEcf@s1*?7=@z?Z7zzbF1JUg7m=w9Kk`jIqaLiu=&UC&HLr9XeTiryUXox
z877j?eh7>P`xC`n<&37gI`B!G8<N{FA?`gBV11A{9F@i+F(BTHd!OVC^8~omCa_)c
zcxiRj2GorJXw*M>&9K&1ve5e{w7H_A3BlZCZF`5in;eo~k@K+|9ih9S>-xJ^-w`|q
z?w$3poes@%i>-u7rioDgqK&Q6935T#J!!bZ9Qec@Y-Vyr4qF;qfO%&~B+F?O610A3
zOFB1&zb?f)P*k>X``!1XtuydR&b(7V;ZB{FSnw{GN$HO{f5JbL-~LbX$N!!D3H*PN
ze>58mj9=nqEWWCwb8b2lei~i{$En8v;2`Nrm=#4S<{b64)frVkRxzLe#{~`km=dR~
zHhyiM^BivPU$--`RS3F(n{yPaA9`J)_heRnNe0YqA1i^D=Ui<cv^HfHKihV%oKv4u
z!QXPnL*@+3WZPhD1ggA=fjYzAYHacq{oiU%Kk#KK$?j*W$uih-rqrg-u3CFb7gx&$
zrJSRRE6J*33b6hDM$iPp79nR#Su{3`3z7Ms21{(ZoCazCc@>EMsFZ-(OP2?N-ho9c
znKI}4nq}S@)|9f?h<wMkwmodx;-vm@f(re2w%`k!;PFbZH*U2p$*py-uD~(+f4O<$
z9p+NZ%pY^-%sb4_C0&)D|C_Vt|Li8;<!=j5x!K*x<{=NuTLi)1*&FA<Q@k)?#vj!=
z1+r!K@7XYc4DuCI7do@ZajoCf;a#8G{+G)Ohx*P#xh;T=IP50h@6SXKf06w^NC`n6
z4t?XrE}{UxG0x6}n~nSF!6YBWL~sG7VHX2|sfkAnOLxtY?<w4i`eK!v6`>j8<>^iR
zjQ?11-oi!NR)GNHOYf31M^wiJPz{<qL|RIgVKa$~STZ(Z`;QPFbIC5||Bw5(z5ZJW
zpTsbQsTu4BhFnR!l_0$85A7IoZjUS$$w$gh7@PLhK}m!lcdm0s=%qsLnGoeIsP~QN
z!dLuRrB_enUoL=9<zC^xxjywF;u*DZSJOWIHD!+jn%x$f-DZ(d`!FJ0hj@z<c1(Q7
zHObv@!|#nJFa_NWA60>0DFac|;pKozRggZAa^Q}65zSNmt7b+vb&TxG$+*^|5p27n
zxc`xEGc(eyW29eB#<U&{W7`$My~>SnXB_^hTE)00v25F^yz#x?jn=3wkx^G_-Rk#P
zVMHczL1MMm$YS~T<9Q|*%L|=;SL}`NUP=GYK}M|!m0rvV4%4&7UV4G(bpn>CFkhx`
z&lTG&bgn28tKaNPY>QBF+NgLniup&9KFK<m>paZaX2JkJN;FbQLWRfRX|Z^|+-u~5
zC`xbP1CsxFDyu0?yv@uJ%o<_8Mp*8e^V=uv@E>3#o1`&q-$>g-jK9QOlgIuPu89<P
z$zJ<V$Nj?vYVs6p8UM>ydIk58VJT(Z+)I>%q@p(A9kTz2)V5n9TV!1D7K4Hp-s@ZS
zVaFD}0m=I3t@1DPpSKPLq<P&gKU^py$wB<5gU+i!ir~H8{61{HhNIcp^>{9I<9fXM
z^1pa{3!u2VH{F*AAwh#R4grE&aECy!;O-Kf;O-XO8VT<1?he7-X}oc5+_mA7%zSs|
zn{&=r|CxL0R=xY->8EyeRa3ivz1G@muccit@(w<D!-dfscgI0^>D=@hWiJf?05jJZ
zF_bTUY}#Y9d&1muTLg~dS^Dr<Gjpr~b`ka>Um$!VHu&A3>WM^>_yA{1j1nivhvAI}
z|KiDf2qxY9#z3RYy}aj~H;rvqnR*3v=r{Qj|C#)@f5;#Gck(Bl|3!X42n-ArSS0uB
zHPhqR#1?Zo=4WE3(4a|#o<Uu$cO?N7y1<67*EMHY;LvG}a{Q^**LbT~6>9Sm?rs)b
z+f4tt3HP^l<tx|EGP|&q@8M3ZvnK_SHTrcCIL(Oz={76;@#`YH0E=Q<6&4sDyIMct
z9{Dm_^N0DvtqM55?d|9~dCLR8*B$kL{9kmu8p?RvQlU9dgLsjGZcrIcn>J%1Pd^zy
zL%A|3Ga8Da7%3-kG#Oo_W|O39lT<Jv6la*)Bq5=Yq^kS3>Ti?0GOS{V_DDP!GSDHv
ze_rZp;9ra$tlUnVAO7k?JpXzS6W~1${{aNa4LV3v5$7vj+kU`0`$iRsS49)8m3S~{
zphDivG#@)qCh2IXOWypH5eT=p_5w_OcY?e2Ve!(SInBI2h{sk_Bz$Oh4{4f5tPHQ;
z!Pk<L^m#Lnk}Si@Ny#y*ydCzb^W;iBp+Ir_0-?ZT`~3vQSsDtQ7k`z6Xd)i<cmXc3
zXrcfONd2D$5jZ$r@IMyZ@q!n?zsV2O$>F!(jr>@c1(R@yN5UeFM8ud$a}xjeF%FPs
zq5<u{O7TPkF7SUK!T|U;vY)(tm|VRALYM|U{B2h<H4z4DGoGdJ?pp9kMwY?b^#ypW
z@%p8Bdx5!V2Q#Jf8`!aoRU8a+kq+g%0aQhEp&k)M#0)(c%vS~2pL<}a-^en0hrIY7
zM&fh@(?0)-yikPCkcWwVS%C357ls;EmdaZkSTG&*KM_4jYFIg{0$?vI2`;9(Y$hhA
zy4;7Lmyqi`<*G$-M~wkXnt2Pd=28Q8F-PD3528LGO*8+UjJwnzKlY&JXR3156!jY>
z<{HN5Lhu@KwFE&^C}&KeaL1f0uajLKLneEJ%=Ei!8P^xEZ7jkX*hDn(NXvkzvm#}S
z{SJ7ImZY;5n@vE?`lx+2TkwAkp$s<HgcJ@QD{c?<+|^hCYUI?o1H$@@+Gb%UKgr3Z
zEMz1U^s~N76@HhT{DvDgg4wb`_6>vK19e6Rf{>7Ip*m^afyjFSq2R8;b*7Jq&6+9m
zHi4-Rj*V}rSI$#xHYzy}H&XZrcP7sJ_D_><N31-b=juVBnt`c5X5dUby#E);Iv#Hd
zoZ&UnWZN)(pg!{<VW2$o(UW>war=d+?AdI>f$p>_U9h@eoNoTGGqbGE?|L8_0o|=6
z;=Ri5^SqdgAiSUW*TXLzOt3>3v<elHe;Ejp@UraY|0=)9pZd?_xBEl>pMNKRM*d&q
zhZ%)|`LFN%(0&r&LqI*3`QH~ox;_=f+{LVjcJ$UGG@I$4H4Iaa?G#yIeZn_vkMCAG
zUeDQ?(Q4?=;||TJ*7a7g#+6o@0}ah+QOXxOKWc^y{aP;h9k3qdDqpm_=M8T-h1M&{
ztkC2gLHTck7NGL1SBj1g3RkY7ef34LM!RjsqJbhh8JhfCcV<er2AUg1h2c}((B#bH
zjbzXPzT0eYEyOXd&nfT)JW9n8{C?Sgh-_Q>88qfN-<^N!o@zzr)^qS$;a`m|l~i^7
z|1LeFh;xZAxS78hzd0E8PQ|HUe&uNN>t76OEe(lsXIiJ~yXCTGW_NQAC-Ek3YYww4
z;-STJ?ID^?eZ?9F-PU(kllAq0C!@LCW}z50>fC0fifcbKEw{Y|iCOKYtI1k+r4gjd
z%+N9|`@<|VEUo6<1>srxCdY}|e=(9$np5=uFLKmsf1K;a0CwA3mblh#x}I!}KO$?2
z-__1?3;x$l(RWQyYea9kXy6Qk;Q&pS-Q`%-kdm$*^n9)3uHz*6j(2VQ4!X7_Br%u9
zL3TkVjTG^5^eyl4L+Y7I)-~B9{U9Q=^~|xk_Ln8kU{{(Uw0OFr_^{i~IW51mmU*9N
zv`CnJVL%1Hc^r>GTjyubmGg@B@k-z;kx)UWtal@kctCB*l<f!Xl<)}u6|zx8?#Y$6
zTNlD>{ufTfd^zpMVn7zw$#sD{>b`+Yb`PYo9*iAJha)!0Ku-#fd^;!I@V*iXk8(HK
zw{BCROHYhEgm;rqArvY1{yRhXrBvXxrJ*@*skEIFjfnb;K8I#OC)fA)f=)yI<BPT&
z;lCzs-iJFpuAc}FT@og%3;{EzZ8dhy68+syGD5bj0u;eU5z846@}lj+q<n~mB3KYa
zqQoxe;9Znl&=i~mou*Z&mK<Or8;YS-upz?Kr|wk@qf*UWWrMfOS|x|K%zhRCm1@p&
z0C@V`VSzEM@JXhF2R0OAN#w6rQq#q<<$|pVu8dpM7@<@E1=>7C$-)GAOz~JMr98z%
zdBgu~YQKvWTEq-0Q2*OWTe}H&J-UL>$qGMtv$@q|4A&Uy)=Q19h`D)(%iM}cLz#jV
zf(6wp*aO;hF+T`O+pttlmlUf65stJJK7m%sjdep5=*eZBbWKCiEpE#zZKRgsk%cFL
zgC>mVPKcWSLS+Dpg4_?YC4*NSuXTve0S7uOviO~$N@Vfq$j}MjzMkGG^maVaeYeEK
z&*k{C3~9M`rMc*_a@M`i*~zm1mD`9}yo<*#f~KX+RpfFZy4u(>c}`v;!t3y<R{iAD
zI%k!9%+|Hk#g_fuOsB1uV(z;Sp+(Lr{1UhZUwumoA}|k)gvs=eb%n{474<O5l;!kL
z$pDqf!Usl3&1zr#Srt{k_>&=4`3b~*>PK^|_7(tq>VGNjSYpse?Pw+&b_@(>jR)*&
zWt3@{FL^Ns8mi)HmqU?`IRMr!yG~C&_gG8qk!^kF_g~uYF|u-;4%yGG-1=xhshI45
zK&(TT`s#9y<WgfTR%l%a7U_2<Pv;&Fo#0*^ho<844GGv|=cV0fAm2RqwVWOb*;PYV
z-f!|}{xkXQ|ByfG@8r+Z_>26ou`n=q4zA}VHf-{nn0@q{g2mkQh5~qyp%P;MsI@b{
zl%z-nbX!wB`-Gny0HV4+3TICeX*r!#-4*`*Q#IZCdG}FszP=s!X|N0!>R$GF4Z24p
zL^{RqCk}*<o>Fn);grnpwilP&ae_5H&b%TtJ^ng&a+f*^_UBAn0lKvuYhO35oa#_s
zQ!aGHT$uLhY>*jL;<O7an}Nd@D|jWp2X|J}A!XL)qDpb}o^M#&%vr(Zowxdcm!_B&
z!-qS-H#kQKrA%joNo1DwQ(j~cd<+NV5H7gGJDrmgU!I2#DE$4&C?Z4^M2v?+H4Niz
zt6Fr&;Zie%8gAx?l@3@X&ELSFT0lwdiL~Y|ie5-#@3xw=Q&@onjtv?@L&s75Je11O
zOB_1oXwRv9HUpYKy&PL}VKgA%2CuradTtu@j5Hmutk%!@@YDt1?KczD>%-kI?%hy_
z>;lV->13wcw{3_9k1B^Mi7+=Fkt_RNVI#(eeoZBDl<THHTYd+cQ+x`rvsy2$sC>-O
zUj;c7h_YIescHE30oND-oQ#Yu+n2LvcWFZ8OR>%<$Q_y3IHP){SQRq}s{63Eke}W6
zoh{w>tyeGb2|Va*!ZwI>?KuL;(z||^f5qRqJ>?({)1TNtqi}iX;~;bYYMw$_)M79T
zSgh@Fv|u#jS4lCKa9?6g|CR2i^O0}whAIUI@R9HE2It{>!YB>B*h6BUvH!kvZ+*{{
z#rpS4hU#)j&G!Vc4e!xA?;ysTd+&6=-03}h!0nI_If<m=F?dar*ey<8`Sa`Ee(NLp
zlHd0RoO%(_9IGz-VQVPuj*))&j?)I=b>jXlG#tgRdGh@91Hg}LFR+tG&0N5>a;H?)
z$LrmOGl(P6;st`{@Jp;>gt&f7gh`nIot*e}s#!X_GTxNv$Jjm@{l@d+)(DH-*{0*r
z(bBH+RJV6(_6@Vo{FR=yvb8`?ZoR^Ln7O6vZ$6$GAF%5iNJDTwhHbe{xj^2T`<8^1
zhwv?MPdlcQ=DTBpQQ#ia+_xs572>+17YCO&mlceyL~uNw2<G%7+d}@qbO&Yr;M$L!
zy>U7EzIH$p!RnnZp$Lq*ZxUQBlaoHEgvKX?J18BQ9K*L!nUq~vhBtacZs23F*|5(0
z6Hj*-BKyM$?WgzQjJ-sh6rCX==o)26c+NLDad_FJ>IV*?t(KLuboHysO8`Lq63+JN
zLk|gvBg!;Ij8z&#l~x^SmblM%-8lB@=r-e?;pBmsw!2GLy!7WyIOQpV+!}1GP<_xz
zjo66>AwSUgDZ#k@Y=NxBG1t90x$p63-_d4lvh#+i_6-Na(yx8KzH0jQuPA2;8qUKE
z&ckflwg?PreF$;YkBwheY+OSw`IYY34~hIQC-_5D5Jn6#!)ogu8980Qt5R6<Qd;tw
zD1&xyt+IBgC+uQ}YfUHv%VVCY>zIE~D}SX<<w?hMzSCXklW1IwGh7n7J|cZ;l%HsY
zS$=NRrZPMlI)9sqcwM1dAx5ie5a%|0b`P@p-mh&owW7G8jiEgFjmEH|mT7L#$<$AR
zx1EQFLy?AdGacb}M-a!{LVYEw?M40SOoh0j4p~uo5eV7I6-qyR`e3>Ad_^@KL&Fbs
zQJZzTN3kmReB6J=%bXq5eaPROH`S$dqtlBIo!cU*Q~hSfJ-;AbR~K!8Ij8(X>(D@j
z+id<&HFk3m$C4~rowBPmmQ%ShLiiy27oVd@v_UXyRX6Tcg%2H%&|b(vMF5?<9Lq7r
zNU_`l=ku?0(~ly&xo&h4Cw4<_A&B&#qimh8MR)C651~0qTq_J9dsP&pxj{Q+vsw(8
zN3q-?sN|5uths+-)MzF&k0CV6On4MXvW|;tg9M^cESGI2d0B?~Vm8RzOz0OY$tv!k
zvQR5))-rCCB`~N?8Do()!~)PW6QXyRrP}<P{JH;3euqEgkNi9NOHlqIzwRd(n74Jx
zuiez1tHxEWW`UN=0+7lUDxEBx?>JGYWp9d=stt%``+avJ*HNxei)Dcpw-gh|wvdV(
zm8)Q|S0h2-Sn$Pu51`c~9BDa`rBG8K5+EIwsbH{MqkwlX{f4_%KyerFg6r_N{juY;
zP>7t?9?)05c53GQfJ^vq_OPWjwccv`FxlnaXnA>bk^TItDBfyyE48I1I^OB*OxnY`
ze6T_NdFLZ!A)*b#W|wJp=V@9()=*Jit8}cBB#$eHOb;y+9jvpsERVzb^3tmsP+Hwt
z5V+-AeXHs>2Ed88X>N;m&#}=~wdyUcGT)Fk?YFIFHJ4iXw4OoZ%59Ge(_94_vt`j@
zW%bLcqI9L>?B^E2vS_;hg__v2>=}>TtDf`W(&bDD-qlnsgG-zMLtx_(gi;%&8>&#S
zK5T>wo5_(|C)Au7t95LUI?bZ4%93WkuF6NLl@b}F^gx)#ZQ`H^JRfRwoi(pCd?Z|5
zlpxm=)-+PE_$+yPY?#%1Y{{0@E)%rWMiT@C7C9a2I#shK_tu|dZ{oN(i<B5DC%Ayh
zBg(!a#S4=86K|fqxNi+M3*-ac8z7I#=7`Ae@!{v-E@J`?*fzhL3|#(xA&_k~Lu!t6
zt$yoTtZlV97X({*utRc0j_MSh;FuoNOmAurTF!i=BE0LJqzbl~*xh}tt-ZM=tYY7+
zw{zTVrt&;=piMJyc2;DmMl+x;90!Nt@_E9vO8IB)&sOECS?a4ZZxR&Bf0y<4efO39
zBowaedt~RDzP<ojGkWD_tr<;&5#is`v#|U)Gpt>HXyI%8s&-8AYQtM>QWeVfvk0<L
zR1{GRvYU}bZf;Qq>^lXgHg}Jv>g`BZR^#G11&20wccdQG)f%zmnK_A1V}xaIEa?}j
z#La{Gu1)QFj+ZBdkp!aoTrVcF$FMEFc<H<NYaM0F5NX{V*b-UX9ayGw)+Bbx+o_r&
zOB~v-v`=k9)4X8XXE(8DiS}=8!mk@2e=Hc2ZxxI}Hg;RLXW3(R>Jp~niguEw9IL%R
zEp^GWj^}fhgo`7(&6W3IVB-TwgGN|$&$HC`IBSH}f;m8pbwYhj_g%^>Mq7u+gD*hZ
z?IU8)+Jy8XXzpn0m$<rI<@rZ3cl;2b@{;9rAn>k2j_46(Lyr}iaHGi-k!Q3LckIaS
zkf^s>*XUe=c~1SlCbROYbuJXxvfRHP*hW!9j;p`SsZv&Drluv)@h~g@9X58MKr!{c
zy=u2eUS?t6RB2qMl%nu5=d#3M_V#GT2&<ZU$dugkr;p6SKv69Jz+h-ei-~CUOnqD}
zRw<(~kkf2<9#jHfnITA9@TM522{>sHW2t{B+?-N7q*hcf*E+H=EC2Y_Oven&`JBD7
zn7A)o7Pv$<^X!19o`Hs`sl*<C+VEsPVsG{|b&_rFqP-ufNFO9nJj$?zi{&m@64*k9
zcfu}A?<AN$%&>%W;4WC~XutB~HmUwWNCqG$J;_(tI*9O}&Gu8@%U#GfBSO%~*5_GN
zxSzJI!FHmRMtF60<ITgj8q#X(oE}odbU~$`&a*^;g3{mh>PtG)6^PH!9P4`dF~{cf
z5kaII-16nu4eu823~JmMr+Y;a-?LS39*z&!NJ3qTxc9@G+Ofi#_ph(R#?7W7>}Z6Q
zz7f-WwHC^u-N8}Y?&62%9R#&wG<@6O9Z@f;M*>VTu)gRaVSWI6QF^m_Dbx<?IBS{R
zDMoXrI;S$F-zW;5SR?H5I{B*awf-{p*k3mp^IF5^shJPw;7R6Lyqw^OJo?2zGQLg|
z4is8Wj~x`9ts?WnQ(7W(hJISdcbks!a*h-BSW-@t_OnFpuFau&&C9nJY{yB2WA&ka
z$9F<(Mb!}SL}hT?LO6d;0G?tOQqkI*k>BJm{Acnz{vm(F-^pLu^%wc;$Y5ahsO(%r
z<nO0#FdZ~|K+j*tJHGwPYSWc74e{ID=LHG6*B~njSRg&jTGgJGG<iFvX-!O472y#j
zIen#RRm^i2aStUq4Wy(g1xQK=SAN!LVSx>`T=YDT?k2ca2D_NsIWB4pg$7v1gnJ0G
zuwOI{*Lc2bMpK+#&@R%B1{J@cnJ5qRye~>un6Rcnx}LBmLXu#i{dZs7XqmaDj2ma7
znxz{Ypz*ySHh>H_ZrB9@={oTk@NYR4myan}aX(L;J@+hTF!>sAJ}Os~OyUx<Ss0Zs
zl7{PI`fmo!MciJ2SjL|R^GvZ{^tgId+w7pWcR2|+zv=ut)7kS#0RI|8M5w}ZH=b8J
z<Z8TlnV=%Bq}HI6thkM!BD}=Gp!9iKxoau08Iqb=|4dt#8q{n<ZUQ{v9JNZ~j>nH2
zA*2$pm|bkmO1^=6@D@dw`;_{PW;OqC5b`QgOK^Q>SQEOSF*umx9mPh34LqNZ!l_(J
z03!#1@v8m}2j36=4vJH%lwg?+<{JfffLB2E$<EF5!le&nkMR1Zvp4vUZ;Ut2IpB1D
zVKEYO6&)p>2!aPInvT>;I!$>3cPar4tHLD+#nC8!i_zzwh!|YbdR$e_&OQhxOq`@u
zRIH7k$aeLQ&s#r_KDgO@6v?DmT9$Pjp?{!XT6QMk3zz8Z?DgusKJk!*k6_V;Z(<*P
zn+hb*b=X)QpSRak1>5sT{|d(TojU!l`JT}9j+!2kIcfXb3s;_%fWr!7soWE>DYF7+
zi~1e6uCVR9@%a?*hvg-2kpi7$Q2EH2Q}qLw2mgD`x7SROQ^{KwMx3p;pWK;BEFUr2
zj!x?d%I)0ePEilurFJcu&FShoT-5H$0-Uf#)~)e>T(3K)c%$2(N%zj*@Qij~od~Cd
zo}ZAp<LGp(=)0?S+QwHbk<ngnn`9B{qS5ylHsGrSh^n1um)y$DJW!f>vbfmwlUsF^
zu3`@CCHz=q{5>|i1WOp50)%U^BHRuXJ-quFAVs|Rs~PufS0v&bwvS{`d&Pf+^IEx|
zjZIJs%z;RSA1rtCDf|@y?%pphLJOX*(~WRruJE2&YvQ(WtJR+sep|G<oD!;|XmNJT
zLye6Su6U*Ku)GTo&?2@8NmdX+1G<wg!01aWrqX_?XvN#mQ<9mrS?70ZC8BWJy>IOG
zNVNr!xjW?<bqf<J6eV}VE_fy^=k9|JMO=w&^!zz01yfXsrAyvZD1UVOVqE1nJ08e%
zAvxe#@Ff~Do^!{vm-h8qvdOsWuFdzYF07Zv!bbqhDU`fzxqCMG#s!_<>P{mi0zva!
zNfTR{#bfq7IKgkonzO7|#)kAp109%TGA)!%j(eJqDaG%kxq6eJ&%HY?6iCj+GV!CF
zZp%#Kc0s<aE~eb!tag;#%(RM}uij^j&LRu0T|@3Vin0**`)AUm@i1L6U5-hUj-bpZ
z;|<9$6ubEwO*X!G;F#gY`P>Z;8(#!)On>9N=t+Z$JAH68zv{g3z@3^q{Z8kGu8>g<
z&(Uw*(Y}r#)k0L`aMzZ*X(^n(K6~hJ_iXoa_kA-LxJ<gfc<K;h-^>MV-*-E`Bm#<n
z(gCURUI81%r?a}2(4EeMyJ{P4djqInMZ@#pTJ+uV`p*+|*2QZy9VGU`#kTmHrVXLg
z;g2p&q=O%|!$rusPD5xHF$rSlP?bMAx;~oP3uejQD+Nvj&*I-_N!se!E87116}2j^
z>0iu<GrPL5aBL!l$&eR<rSMeTp53#MUwyS#;?bnaTz{4N@TJR~(a7|Rj(x!mlZtyH
zO`D{JGbvXQ<BK|wGbM7DNeXrzTiT{Gu5^SnszM%{XXl1Qr{<}C*$t!0LjsNGFed+Y
z2+?_WgbUET@Kn4a*QsrP1*h)GYGtw96YB{<ms2KrWXkCLH~CBdnfy+F$RGZ9^4B~4
zMSgMs3{1`5@dNVgv6pZ0-J*tFir4*heeX%$UhT>%#0JV{4wt;aS;~_iyF<IfIh5=u
z9LRE+y?zJQHumB%aebbS{+R9|`UGyjyevCjP-z!U$Hg+rFQH-OeE8@<cOw<DlJg&8
z`P}ROby%@H{qJ7{edMEF-W#0lb?v3Vdx7+6p5eZ+=l;J?c7P5h0q29MWG`z2V0O**
z;kCji%;$+&4XEt8xR$+i4Vd-1Tt=&oOFy`6u#9xswpT5e&<PUxIB{9^RP8r|FaktH
zivY9dJ_NNojA}afThZAN2J{i8EHx39p&+Bgg{Op1h@dAo(?8cK<mslQi5HR7<_{8i
z6vwH(Ti`#Gzw8fn&lYZ*06od6k;y8)!%%uD9Q#@Bzgppe;H*s{Ia|F8g4CJUnqkN5
zXb;S7fyXLO$^`t~5hokgJzm&y<%s&iQ<YhJsuT7lCS1xaQo(st6D(v&c|ub$CP`>g
z3R&O9|Aa2}AC3W=V4oI^NGF6dOM&I*@e0_#!hUY`O#-^7-ZLxOe~_$8$qCmy6JBQO
z0Nd$MH0>`$gLD3#iYMIN*l%Tm4u*uT3`y>pqC66x?{O=plN8CIg7SkP3PP7urgtex
zeEE4}g?o1YKUjwyk!;9lSNw_L1Dz+Jib+nHd~i@mEs>H2-Ow<rL^38e_`er2OytF@
zX8x^ArX*_i$QCZpEL?-@nsh`9o8lvT?kLGZ4Gk($t5ox}+exDhA(t#w^Gx&RE#_=(
zaU*TGgO?kO#KSI5%EeDR3+2sWvGeqC^Sy)SAf2zSw5J;<)>&Er4Z_-w$^m%j`&}DV
znj&!$1Gd6y^s#dobwl>0U)r_o6%U>0b?n+0Oe43LexESZZ;PWwPda31&=^J=AN3z$
zti2qWmf}||rAguclV#+j=pJacLGcV|Y{0r+^W=HoJD8$xI9hpE#^#}t+*T|FkQ&IM
zQez<t%`=#Yp-uWJtWael{vY9VVkH-|vT-kDSTz-=m|5S!sAMz@^q)hDYd>3ChO0G)
zgT5CnKiE4c47RD5&M^{QvW8P)6OAEHws-9*j|}-wLwkQLJ#o22|2|qsli&0F)jD0{
zAP0DtR6%X>bjoNM^H2G2?0!!44esJ-eQ8_E*dgu)qC#XNgkqxhn7Kk)!b!@r`}Zl&
zn7l-`$98GYxI*1G;56?A!W@sf(um+HmE)sSaKe;u3~>1&ms9vM5hD9sXViX`)P7;3
zq~+)R`#fh{5iNggF+O?GU&R)Z4O}<L=2*DVm+a25_BUM*aVmPpsK}qJ@YO&GZNB$D
zTX92wqM*0$G^elK-hH%^w5E`$3V0>Il5AG;NU{U>MY$(R$;LnlU#-<TS-U}sp+)ey
zV1I&8%EwXaSyORxFS;%6d{lMb?<44W2$V2T7Rbl#{jutah3bj(7buxa7p$7tdAlg<
zc@jL^3Q{Xw*Qc)@#(BM7?@w}LTp(926VGsWQ>VnhQ{)B)UB0)O8Yyefy&4LrETYIw
z54uFJ^dy;)=`PBkD$0nVHmPYNQGO>S_b&GWP`OMpqtWdes%nM0Pp9{r{FVPqe&;{r
z2mYP>tu%j;pBM@QgE=YrR}JT-9zm($-|r`PyDCkg7v)hXN)7!k2?a$7W+jP#GgPgf
z(&gz>`#TqRod23ta4=NTQd3e<2E{7<OLl&naoe7Y4`(5X-@m;1x}Jw9BJ{*!=W*ba
zJHb2j6e_EjX{coK{NQHYE!T14+Cx{F$Hx*A?afoYgLjR(axCJo@dQQ|UC0Q}M}&MK
zL*Qsk+owy+FoX>y#|?$2)zhual%|&|YuB;MmxL?cc-dhg4B6{L&p*`EZU0y7`BUZk
z&_i>`@rjA+O>q-KHUgyWhm}bDEL8tuq{&KnX9gJ2JNx8tv2%%@B||ZaqVqKjVTWu%
zP(#lJJAICj3lu<#&TZCy%Edo{R~7tI8^Q`z)|ta2Adupp!>bKQoq$wKf%%y)LTh%K
z?$wSwXT})@j!GYuYve?5$P8n~unkM(EM*?3TN0dchrUpshHVU1ke-$_m&2oAd$dKZ
zh_$HWK|@8_XLqTx8CYG7r&Icyvbs|2&w`P*mvOYk%<ao0M3y!~Y8p$K>mAA-0+tdT
zF5OjDHX&VFU<jnVKbxjy1NS%qjX(kF@wGaYBKfKEfH(6IKha&Vq4v=Y)P5KiUZ{gf
z4&o=;p0xswmaJqG5fpmzvGT;;#2z&B+!bJ!u*xTUvc%5G?h98}+4q81DzXR@@A5Jw
zQ*j|*6_f!K;>t?*xgD~F_sx_z01+e;A@n3h#6n1Yb(9E#$cOA|FBCq^s)@t|v^-%2
zn^&G8csA&HYeq{x8jQR==yV7&A{J`{O|F+RFTb*6ph}tae#-fTPv?xXIneaQ2D|$w
zS7nYgZ6Ue@<lpQ;0XjFNJDjUBTlzoj5eI&R-4|o9%MIF%Bf&~pa+sMlU0K)V&AYsB
z)Rw=V8_kxThim>#i4Cuu*6D{k&4=GHOnb3N7W2PK?{RUoQtzKxF*lA2WSEa-;$9r;
zC9Fr^s`omdIB$hZmpVWoMK32Brnn+Hki_R`;5hB=&|Dw!9YVA6Ukmmf4fNeI=;|<z
z2I?AA?S12$cduaPJXl>ffPACpd|0hA;6jwC<KXXfK=10@{5?P7xfTB_wgFy6pQ)^)
zR(6pbRQI*kLf#@-@n5yJRF8D_<nftEhc}pMy|yL4m{o&~E8&YPi6tc*fA>qU*oXs1
zZjd}f>G}h|BU$<R1K(Aw^ahMCI2UZ_VgsYCaivwT+&fQa#^*WkoZKu^fhaEKyug_$
zlizZaU>C9R?%`#7H`C7Ic(_i-65dGbsc^*X+ALwaAMH#wLUJbpu>DjW)gy?}Ti~FV
z@BkrIiZrsr&H8OPA_EKX-|m|j7bx)kAPV>{_59Hr2$@e|wgV}W)d{ZszmN0<j&4V9
zHAHZDPM;#&Wc7IwX`4L8&Gv1ORP=2(r?$iKcWKtF15Y|DDD9ECyQ932HdMMccXiL~
zAQ}zW@vCk(FUWn`^KaZj{$GKxN%kQwA)iZu|5H2DH(i(hsK=v$XeJ>k@b-q2u-oU8
z#m$P}!AbS0OUf%Vg2&(eQfs9I{{LqCbvs`Mc}fHk;aoK56VGtO&#b2n5--Nn5Y4);
zgvpp%RG!*@dLF;YU;EGGclks9u)mYPbLB7c-vq<Jd}~*Ag|S+dY9UijeXj?#EAa}y
z9IJffoZ;`gdwx<5e?MLS|9Yt6g;HWE)xWPc<T_K8R$F3B_iXRR11~aB_PEdQMqApL
zb=p6e$4>wT4O%bVy2|c6bX5+MrD!fw_YJedBjY;&kTvy7>r&SSWnN7+6qT7SrThGn
zN2+44K}ez=uR@7&$faau8r2MQk86&yhioxlu9D1TQJ@LvOSh{ZgdwQ+&bx{)W655=
zpFLIco^>3;@I%?`wuFnjxNfw_zuI)Q<c?kWsTZ=M3dJk-(!aDSc?5#mEB_$`Rk_xd
zXahk7Af4Ue;xGEFCTd`uVs`yYBbT}UNELm)oL+Y^sYDfp?WyRls|(f!HghW+9LHMx
za8hd)KEM4`uZpW#Def*o7cF3-NvO0;jp&MaNl>^H4|;1vTe~z59zmKaCP8|?i1F0j
zfx1pRF_(l@`d9O?-tksVD27IAHF%z2f(qhaZI-U9(mp0DU)uszyTT?dMI6#>FJar>
z&~7Fd$3A|&!&R&z(zQPdly}&9ej1$V5rCe>*i;{LRJzcZYyZ7a7xd)7`khboG+buZ
z6J3puC9r-BpG*Ug$}3Q39!tk<c9~(h)X%Lbn7doDU>pK6>r41@`SgV{;dHS*UGrXP
z&s0hg>J+_jJO)Hypdg<#BE!3ry!5JfGV(Rn(1g~gpCnfFRUf8lt$U35LDMXP!Xthj
zEqjZwWa4y1c3S65_@IjL@N<2%5pd?SA*RpNbKA9jUegUCCLPxMkz!3=GhoODwyayJ
z0XNzPsSMb=yVbWl|EDJUcAsmYZ@0Z~x3zD#ek7M|mW@@5yEF}X5sk)qf?2m3by2Av
zI>X1vl_-V34r(w(nBimMswpGA`vxAG2n>9rKg{ZeEpxq(Pm(Enl($>|x!}|^Lq@N(
zG8!%|IV_+-Ilsp*Kfn|9U|=tQrZ5p$cnLD`a|-)3TIgt(Mc~YJf%jd@A_qWvfkT{p
z1GnKN1$&3oXT>GWA}%_YB|={uu~ITGqcXj!Raj7Y*IwD+8bc%6Xd6SLuW}F^9^@F5
zWm>Qcs`qLwXIsw=U-#3pdT(QQRIf1&-XM62ZesWmk=6g`r3BIfCGMs9MMnC*Kazlb
zttN+THLn%n@LU3@m_4ts;w6ONI|zT4L&lVq6_E9U&nhMf!Ed7Ufy>9wdLilk{;eoS
zC#o2<O^Mmh`nA~S$9Au=d{fgRomN+^ONhp0QS%B0cAAm!0Xal)?!>=h4MCR_t5byD
z52*PTukn4I6)~jc-K;A@!^P*Z5mBnHk%NRheC3_e)fLn=0lm5-Sd&}-ejUF%Kz3^U
zXS+B(!?v(a3MDHJWh=IZo(<}dUyOM8=N*+W_=e`!BemzEucu+x0W_k3&3-hnIniuD
zw>b9Lh@2X{9225ii0pzYCG2#9Z2@eluxemMJY<5;kHio97OsGh!>MLwvJ~66enKjX
zwC(uUwQq$%(+@iaUX2R@nQ-sCi0+`CA~*}hzN-;EXjJJTMJv8O{X6AR&s{O*=YnfV
z)q5><xg=zoxj<Yay8HQZTFmd=TeFjUc0cpi{e^WTRupXr#2WY?Y5atMAEZb%&E!j*
zJ~ivTPT<o<PGwADLpU1~9NP5ZdRH19iuRRq0&&_V(vDf(2+n}cyTnbhc|rcX)H5q0
zW2lzV5g~J|R#@hPE?ch9?Ed(y=0&)R42{g#^Fwa>ceDtK#G3~`_;9@4J!#>n;7n2!
z{Rb;=zRgUi;c&hO{UFSuHS9j>nLQv^jzY|q{Wtj=|C#)*f5;#Dck=f~|3&`LBp8@Z
z-nZaGerycEwA)BSzJh342V~P4W&F{t7pRAAG}}FFF?-~@n(Rcn)uXXm?+Jx&C<Imf
z(%!cIVn@5zdA$+LjF3_-<fJJlqxqffj!x97JN5{uUAT-?7%Dr&W9F9sx$R}Y3d}9M
zxX4#-Yl!zaLDi*DyFs=AvH`oJ{qzEhN`3DG9NH$0w>xZPIm{X6pYuPA@WzU~9!fnD
zX@JXQ_v8;4hs%84u3;4)I-3*lt3YfRrBxtB;)fjR#Gu0Xpw1VDd;tcHFAR$z*BRyW
zk+g8LM!6k4v7vm68PyrlbkCK-=IVd`hSj#0BrIFR@@1{V>?$|WN-}Dl9O?Y{(!J2G
zpv9K&+b5yjkZ+skdL9P$y}-RNvwPE4P|(Zf`%kF0?F8B4p>nwbM=xdBs;d$o<Fh1A
zx%DEJ;WZeB<XmaY8)@?ePBr_Na-ETE5uy}!S;lv~&EnU$vflG5`Ayz;?0JtmYPQb4
z+arP7N0l}5ttzDB#xYj;U<})ESY@~q>hbHH!WB%7K(-`4mBvgU5}?EBRqEH^jFeFI
zkZ-Yo&sFZaY48k!rT3S7F`9lq{R?W}&X~OTIO<eE{W88a@*5Ec-AjsojR!o}B7}oE
z%6P3+`PcM4B1RfcH5c?T^n!bOG;WG-;)^m2u=*qE9J5ERR^1pDP>MI_V$0vdeaZ{H
z<g#8sP^%*N`h7JH$<kjM-{{sPboGvE^xXxQ^)f<Y8hf>o4I4)iTR&z`f?Z7Oqb9}Y
zrXS=Ir#}v(JmRPqXl&vJFNXDMj!>cgmqI1!vUjhc`rj?uy{}$F1>WT^plrt1Lo<8w
z8^M_yhBfuPcEgT&LD52K(THV*7`BtBMOl(>235Y`7Axg*je-Q5kOj3;iUaK~M~Ws3
zUlJ<W)V*ojPhzwFd4j;^8~rlL-mUJ}*`Sc8Lyj4VR-Zf;Hs41&hoVx4_}l_Rvw7j*
z$f2Hj_k4I;`S<cv=x05?Ohi1)#6&kFihakp96IQkfU|w?Jo+;Tu@;eo&@VEqsw5iw
z=Ur3Nq)B>vVn+QRw&At%*+xMfjV9mY(LQ{6o6EjPBL%x+FRLWHZ}@><-Rmtr+ajRA
z|J)%`1#4%Ycx4(`4D)1=QkqrINwuw>X`}q+!tf2GG@wOtTv1dTX?&W+0tS}`!36Rn
zk1ulcLZQWCR#80UQUP^S%m*K}AJuBH4&W(zU-*{kqd-8=9_FH}Wy$ntR}T9u0bOOa
z5acEV@>=9jMvNd63;Pg6MOki{p=c2{$#n6`m{W;Qi|eK3K!0IIT1JgbthAEKuiTKv
ztf_2<-Qah1L^L_fS0O%U5G2TwFUVZ?l;oQ(>4)%Fie}VTm}9StlrZl@jbC}tWAyY0
zf3AJqN2mST-263*t+%OEYQuWs=h`Ca24}X&JwXae`j<tzh=8Xsz*o`G*CtWFzS5<I
z0=_y<hR%K|;xfU6EA32`99M$Vdj7aV1+YyE8O5)fnlg&vn(oGvI8;qfD=HV@&lv=(
z4~zKT6)#DaP$wmNxRqQ@9`NHx=@S%S?u%K>6I|doqpvt+#@w!CCSS6zAFCpPv-;+|
z`plg1i>zot9bTHa3TOLWKXp=IE4=Yg<s_OCMtw#+s8S_VrjVv%Ec4n)uZdLaYxCT`
zf6@|W7<ZeF&6|*XxI;_Vy&#~=UaNV@)`u4}w7%z|9IKRTNE^+XwRM2&NM~EF&n{1B
z)@PYpdf@2DZDH(GAzkC^p!<{qE}_5^zMm_;F{om^Q8X^!Q1ERXTGnTsk2il&JTkU5
zGUw95Y1J{hL+2tf^HZmr!Kn0R>j8cypnl6@zUM*a!PN0xdz{Wt+3M^$-dya1ktf1E
zy4BcXb@A=tgQFwTard#&?Ad4wb94Ag-_yY3VDqW=fzjhzqF)Q=0uL@%FhrfA6@fRD
zkMM4OGOJIzzscY7&*XReL;jGzlYdn7FY-$~uiMjl+xLLS7U?w<Upe6pJEn_%`=%{e
zYD?pm?Fx2f)TtWBoq<8Gx)IR5{g(c9GEL0eIVTeBk5$4XUq4pnW`&3u4+%-hg+fUn
zK~1z0(^yFJrZ(Xw-BrTq6Mm(bQo_u2(kxgz)tVFXHF|i$cs8g*Sn)v;a{!yfhA<0E
zl^~iqHk;ChaLgdQ9y;@U6N)1}H({*P4@F1hgxh7iq<1G3&YC=<9*lxvn?Dk0$<Lin
zgKzvOf(rGh%RlmARl8&*FvOjkl4zK(UkYcAw-j!0p)L=8wZ%Q5NoAA9TOQq8LtH&f
zHBO~!DLzkRj*f8jv<IB9r}m6;J;qgcOgz}JZwB0u%sP3r%}H6K-=aAM-!toMKSIjZ
z)GWi3yQ;yLN3Llbme%Jt>Q2$kz;dVh=0%sb<{|J1d$Sw3)je5b6L9+S+S~rtvCzN|
zYv6U_2S3S}fzGHxCI#oJJRX_uA^v{;AoVK$hwK8n@@V$p?K8I97!$JexUnGa%@4OJ
zyB`DliL<Kl$pb^(wua6OZQAjv`hws#RXLR(B*No2gxPQ7+$HSe(YN}t0v{Bmu{^eD
zZ*@*<Qb>1#e%PjIQob1=vn|9Xj~~KZCu@{1!yw(HZd4D8X|&CD76$Y~*I9)_LY-pe
zS-U?f$*^MCDN2AuXqDm%B)Z2SwwI!n@>;o%B+AA6pi8~dCOI(WOkpx;rN<Q{4W?%+
zXjY`C6b9!Xp)XFqf}qM}xEA;ME6Ws65Qy?-r`hG;W{GgNxhl0n6rcC!!KM&yEnBvh
z2RXBLd{sdQVMzxhm2Ptar%7tT-^(0dZdzVJTrN|%Ti-0JjcRG@mj~NL%r2Q7E$wUV
z*4iJPtGijGz_swZsBogV&N|O>ptyLQmf1aSfmgws_ScVV(5}5L@Roxk;Z>9C^Ki3s
zYwNN!e|h=rtV^d`r`w>*B;G2LZQ51Z`5W$6EyT<3jU(BY@Q!%)fhQu|V=l+ePaBBm
z<gVzcSgixg20LU{&GlU_^NU-Dwj!=>Exe-z9NvlN;wk7m9N8O+DYm`cYu4JKp%D_+
z+7ZS0@dsf*iBJi<-sg2hhOEiE4SNl_tO70H*4iz<b3k;k=X>h_?_kS^2*zs~yOr7f
zG5%__FB9&|lRe)%UJTd%Tb5~>>7hhi2m$2K9RNXx?6?!+zE9d5e(Qmgw7=;W7vSk|
z_N7>GKP5G@b<N(`tHIH^AQ^{{kZ=bX*$X#qFZ><DTPvrPv)FXV==s=HxxLq^)#<SV
z0u=5cFz2lKme*kQ`iv;*ou^fMeaXS~>HW}0uZ$<3;fuh#FNRuP4NpHyb|Oyt1_K_G
zACs#Z`8(1-KCODKdXX@k<=^S_(>&ljBHkK%#qmpMZ+UHv#j4!%--K=<J<2@FRHe2L
z>ku#A(?CI0zE8>RQjTX%H*N+fUg_;RS6890etNtjw7wNueJ#(2(+&H>olER(QNMtI
zX(V;vn>~R5e1O3lhfN8A){HcKf(wMZ0mhDK0k2#2PoJE%+i(yOv}2yoTkyjo(S22X
zR5tHBcE8o6;I{z6qKRH__&RM;pb`f6kC6sPVQ^B&v&u_7zMm(Ur@(q2;ReqP@1IX5
znSZC4Dm|2`vIm-e8;7|k+{dGnqca};ynJlL>g?g2CGS@m0qVuHk(tIIuh0nqq0&Oi
z2nhBDpDW%T1ElPiFGIQa+3zXluJz?ov=ovdA#v-NSiaK-i?k>xDX8nX1PvKaTz<Z<
zz$)rdX=m^FbYNz&LY*H(3d_@{KFZ0ZGsdmjJj!3R?Y?Mw%Y{(t1*aq&%F6PyZxoPP
zK+-B<HL-a4rnT&2F_UfmoLzdx_4;MLSShcOn(W?4L96Ue)c0D+BB^+x+`dFZSDYHd
z+OM&4*ZZzvjpAVRHHJGTXbz$GH00-bvbfF`s$uB(OtI{>%5U=j`e*XH{~>?y-^o99
z{}=f;`Jd<W<7s-la2*7u-rl|)<fJh7O~sgE;hpY<b){+OtEo^N!p~Xp2P~Fd@8)JS
z4{BS`)VNEEx5`-wrC?=)?G*P)O{y<NMD;eZA}0^8e^!;(AvRVc-(P+%yts(o@XkKX
z#GTNW=m$y2$QI-Lz|-d+&D!qE_0VWHz3ASRy+vsq)g-RjpUob9aO|vFeE(>n5FLIX
z;44i*nd<v#gk*B?3+a;qipeEC9s_6Zz)kde1%a-V%RVp`%5=q>`_fRS`V`*|ntyBJ
z(%Hl=bgy&_8)r#HalKJ*ir|-QPS7sAu}k52rCP23#l2`_>g3bAmAX@(-5rkHWWwqT
zS3Ij3?jKs*Lui;gh(#9D?Flv}gF=ivTstog+h$hwtcGZ{OqD^t1?2B<)tiv_oGeDs
zh83nRLzpDulj<+5hhKfSC!>`K`;dH&(Azm1INn&&G=d1v%aohkWeVKdAG=f>t~6Yq
zBrb^{I5lZ^?Dv{ZOU>k;(t#v0E{urA(z8})=dK^}7#PKxnUBsEcqFAM8-Wc=5JE;m
zR^6Z|9<83AS1_`9;Rh~0)a+|Qv$Z|2N39{Bp91`)D`o=|>ZMK4ZdnrZ<X_#rtaD>F
zYfhJ`)@`oONY`!FL83{WperHW7X$0^J^@{^n-g7eLK6wMug~H3<mTFF3K*XJ%d`4i
z*v2yRzrk5$<ll<41>fPBCA>KiY)gJ~N}??^hV%UDInnlJ#m~#^y!q&=wnS~2jhdC+
z;48wJ&Xqn{TtUhTbVLUWB~j$}Q(dH{5F1ZkpJCn7Kq+gdYktki)QmqLiclr3=T&f_
zLhZQs!Bt^Uq2g!1|NOVH*E0+0`4H6Smy4=Q--S8I*Oe^50#T9!F?-zgg)4ul%F*hT
zP{w_GK1@m|l^0dz4rrfqGoH1^1Hjn1U`gwa8|q9)@urfIlk<Q!{QhRH8%{}e{2u7r
zwOeg#(}BP-$+6zmd)oYFHFj08S86h<Vq=woK%{O$#=5s|({m&xPB)b&vR4h2pXMYy
zebNW{&M9uA=Ttny+kw#8lGAy?>R#iaVcc}6`OM9M%JT~~BjDIf0xO?}@yreF%JUgU
z&*9?p8Ha59PIY}HEA!gbp2j^<4PptQVzwXshx*g{`3T`!)l4q~)LPfZlb_cJjL1=`
zY{QX4k30wPg)HY?_h$!>Q-7}&7c9<Gz#s9p^e?gW&(JuJd?J7f=~`=rR1KZH%dlvd
z_p74B)2D??Qt`DdgvmDI=41U1cbKPM1DC!~6OSxQKpmj1T;-amdnvEldQqx<H$Frk
z^NYyO@lKf=Ju_8J(ZAd$Tsa`zNCAHAN1k$RQj#SrYmcdE6=<5JxG=VHJBb>>r;S`d
zhf@zf2C-C0EPIhksawD|y5vp%7hkK~rggSm8{S<T(VSy%w%O{1louAGB-<snGpJ58
z+>IYokwyXV+#0E=iX-z|81gOEi}Nyxqc3(n2#T*+OO}mQTgNI~({(TTUb%X4k`>ZS
zV`3<)6wwUGSumn$hWQmo+SNAUa?Tc*i4~fGYBvkpzxhpfzP+Ux)Q+%0Gw%C}y|HNo
zKfS`JPJ&H$SQyZx1Qt0h@`ZeMm_Eejk3G04H0VR=x^aQYZ7K--e9izu;sh%>trrDC
zg4JCMwO1cL^{Qg)A27y1vhO~$mqQTl`WPWExgpphV3=`4MPJ$DYV04U*gw8RGAkkp
z7wVc~n`kSNMl#C-{XS+-Q*M4UknazZWFkFxh;jYW`s3l$l;=iL7X34)oRrY$M^+p|
zep#Xn0zSp`48y#FG2$H-RwRov|GSs+Bg!kE7dTA`o$2Mrzt$=W;DKyw(Uv^riVK_6
zvu(%8%|LIaWAoYMrE0%!Ws|WN(<y3LC~3%Tu+<VU9V>DRG)f$H&I>99J%CNwKh9@g
z`TQn-_dk>0;}7|R{!ae+^1sMm#sdTM#8-=w5~_&GajbG*SjClroN=Y66jr7F9Uc!q
z6VaD6=*R!Qy1hwXy+^rtgT`(m7%qUW_eQE8F6lyGiG4Z(4KXhgCXbeszlEp8$LC~h
z?J(xsiN9Y5mN;zNrmUe?X?xty2Zu*4_=n3!*P`{EyGD-Yj+M_;o@wc#N>JdVQBM7h
z#^-j>3Vf2qBis1FiPMMHsTJYxo|!stlfaLJ;|J&0Yvxhy>7AaH<y2(9PVxueG`{El
z;X8-)k?du=U<|&W?<bRo4;e+jss{VN!WYRV39uBs6p|3tWbKEMGLlXG>4PhPWL<zW
zE!gBJi+ADR!zK3WI1;7h%cxn${_2y+CqQm5?8Yw__fIc)R^XR24Sc-~P$SV0U&_Cf
zg+Q@iBKL^Kd|0K-5q)*<*TaX^&;D+2-~wlT?0b^%FNUZ`25Xsd_FsH24m99PG)0D@
zw0}fY%~8-^k*OU>)XiZTSC)tLv|)sL6awxiX|Md%ctR=CYxNJ`JL!Jrnu&GzvgCXD
z`GM9AFz3YEp4K2Ng3>?tu2P^kQdne+ME~1F1=HBhwihYlOXaG!3H>N1uP`d-uo&>y
zWXUqp0`0~8C<SWJ4-1M+7#0**LtSwImrTNN6EAM-Ll>j0-hb*M`Igt9uq3=k_BKJ{
z<y?I<hO8BTk6MdFwR60=qc9^MgF<{%MMIvqi3%y3DmiUjBVb5=+5y6~iA{?RdE@YE
z9S<ax!9p2lE=N0>rHU(CLfU(k3X$%1Ds2AjQs0DUV+_Kn6kst#rK1lp;Z;Q0ym+1U
z{2no`ioB+%rR=*%SyUg?`E#;WuVU`lC*MrO2(##-(n%vJ`^r7{30~SFHc^FIu3<MJ
zsdRl+4O0MYOwu;JyTrAA-fqOA1UK}8gEc(IRiX8rxUYRDiIzH54mw~DBhnIg@(nm9
zsjN-VwN5=~E+hG6Q>oCxs`}5KT7ytC8^COls-{F`L!7A%-N?GS>Y*&R>|lmQm2f>q
zsO5J?`$ZHCbU;rh;W>6NC80mzJ6>_^-O6$Op!<M3dCF;&U37R}99J|>=ojcfwODso
zS6BJ_`ULs;6-1WcYXtYzLg7f~P=eSW1kF*)8^^hCWwWtK=QBhEKfDw`UG>lUwJuB+
ziWU0<BUlVCM+{Nk2V)#NtN>pTp@_Jh>k|nowj4S>qKIM@HmVgPNr#>g*|%=9)mxF1
zH{w8)USH3b<C#B&;iOw8=#1E__u6J;x=0!;OB^1aw!T=+&XdpCcdT)<ld<@_f^DuT
zht@3|4OEDStJ{?chM8wV!34BS+y)a+5-~aJ8)T#Tt8WJn>vPw<Tk!|>1Wm1k`t9}U
z7!Gx5Rwb>`U{RWAna8#7)nn>aDs=?PI(4H=rG@eFvILOUxzSn+yA7ld(d$UHBiyFP
z_fEWmj9<lPab>XPTUbS}+LmoEJh5taM0sV7%YrP^ZpIPxS2!7^mX#q(;l7g^RN)ip
zceDBtxl<%+jhy?Ht~pTpX@pE1g!kn8@fYi=?eWjs2m!DJ1Gkk;T6Po)o8M2|ljn{i
z&n$YA-c|y@-#$_)-DI#Ga0R<wjWZrQra*qA@qC0z*MI=8tIcZeKNSH*;~&}`V-8%l
zQd7!Os7VOouPYsshw{?0^LNWH1K;FFh98;J2Or99$I6!S`&n$QLPO`<!*o|f+~5je
z-s&BNNQR&F9nar9&b-b+Ssa^2A6QkW_EmwM)_NJ!lwb<kn&5uHB|28W!hpZD#$B6z
z0WRGIlR`ZQj%P2Ru8~It#>5_GUylr%LLZk#Sww5@DrMnSK1q%FgvU2JsS7mLYvcrf
zwfa~|r|mjJP1(v^ra~CMxHLth<$|0cckq~eWYe8k?(p=}egN?e@RM^TfO+4hyfAD5
zQ7@^j!b1PjPQN7e{eIe?9oR?ynf#uA$RGH3@~`OsMSe6H7#KpsV>lvC1&aCn8u4=`
z8gHe9YQX>nbBhXg$Ffx+3s1BvLcu|Krw(L2eS6-QVPmxp1bHrwEn9@F?K>(LZSukq
zyG1qA$4n~xxyRq)2BGU0g9;(%Qd=MDu3avE&GGgKhV5Q%BWFI!%7iUb@tAuu1bv^+
zzsrX2XC>J8DXhHE{8rPNZq}PW@uGyWO8;6Bp027asFXg75*NS2EUqVw3b11=eEehg
z7&)6m*7Kb{8P@Yvamcu-Y0hX8C-n+}&e9VT<g-gKu)7<S+9<E1>oqcdok4ai>MYJ5
zaU5ZBG#d!IVpMMpeAIy5JSghJKIpxC3Q%;*N%QmnB+?$pX<g8!jlvFiWeXfR`9VlT
zz}!?#mtue7X&N?*7Uo#;Q20Yiw6tUnGPDG$9*e++7W`uVpll|7WG=e1uF4gvS2sq?
z9gh4wah>C=F>vLHvNeF^dh^1Fd7r4h8+HGl*$&@PXKGn(HaVglt-93RsFZ~ooHm}$
z>qt<$e{=Q!@O947ku}{Oj*ZF0p4j%pwryi#8xz~MZFQW?B$?Q@Z5y}ez4yIqegAxG
zowMq9c2(`(-K+cQvrbj*^8b?tH>COSe&~3`S$JNkzbJo->CBKh5yJKY@FjC4*Z(x>
z;Q$ZkAk=D8ElU}_J1wO=WT@*p7<4sSI5B+*Rho=jc44E<f%Fs~z6D3G+=uXDAEe7P
zUf6h|7kdIdy<M_4$mL+1d{{#F)10)<ZUZk{SH#U7D1TV&ds@d&iD=G}g+C(ZRYjhq
zV+tLE4vDSSm^@Z|sC=N3#5rGFuGeRxVQ)tjD6T43<{!D%QP;!+EMu^8W`*9LD0W5N
z(nQa@wc8}$5NK%b3r3Xjwxf8qSI=>Aj|#;4{epSDNc%In1j<E`;_C|8%KG}5%{ut~
zZv90qFm516@D0q@ugtIMIPDKKZ(7A?1$1J4&w`4~;Dj^30QW-<Fw2J<o`_G^@zJ69
z=<j{Eb@0e)%3CIL8{TH0?uZNgv{zIL$!C9`m8YT7{t>S^o<BDfJ_a%T!Cid3XLpiH
zVu(!Mi`sI<hw_JOYG(MFo}1|#jg+7H{Eh5=<pA;bS>mz30Les5`$28rGH^kbdgi-q
z9)uiIt*~4;RugZf%&ml8#?(VxX5;x8*M+eP&(l^q=<^zN^NB33B?_0$`v#Y!rQ>PF
zbm?G_L;dD+A@o52y->?7&trW2j=t4dL@a-_n(Vh>*n<QxU2~AaMwBb8%r7*5VqCD0
z{64t?+JjH%f9Csyz0pENw@-EbOo!3Ub)wR@)Bzz`yunS0d<bdL0ts!!M1_mg4ewCb
ztp+IR+oQU-`bA`0f8~1DF=x2pVPV;Q-*j|~v!8TpljOyn0-)-6<fU^(geJ4_49c=g
z?I}rUu!?yn--VTW*LfL13@yCuPV!K(C<X0m`sh~?PacVkcJrFt+(7>R#3OpdX_uFF
zDp4p+!@P0-f_e@@*f=+$5w<bU*s-cj>FT!2SzORj{3A4$ze~uj&d!Uy2*G>Rt1!*y
ztfJ3ymVbm{)4}v}WPpsl=c1bX#KE(ui`&~`tZC71<+7kKw}W#4HvrP}_Odb4E*B<z
zqf*PCZQ`p&DNS8By$8#{Mm-bvbLvs%`Q@cEhr)X8;Z8)!NvP3lM(Fx%!|l-e3j=yw
z34E&_ru1r(kDYr_PC?Hc!|Ce%q8iD}S@!uKXgccmyy3$3gNwL}nvRuDp{8d`UW`R%
zQNOay==I-R*2tq1h{AV~=y6T~Im!*09OALUZ+h0e35EPK48(TYQLHsd`-GyuzVFvw
z$`G3G#6-<k9Nof+AHQOk@m2~w?%tHmA<4+R%8iwN6(VkKKK`z;xLBff@WRwE#{Z@x
zfcR5<8Kw=(rwxm15rksr-Xn!iM@d_MojoOL!{eiU&qog3=Y>q{Q4_mC9L0|GYGZ=4
zJ-1u$6F#4Rex{mM5@GWkcgg0?w7sz#u^gLRpu7Hsmv@rS3$?l$YQ7Mr`@Ca+>M5MU
z`tLpe^nWM6-#_FJ`A_oiWByD2p`Rcip@pU|j5tO;CEFQN>w{suy0Zv0<0mE`k(XOu
zdo0q^DpVUaK0a-F@H!dA9RY)s?_f1n8NS`ll~cbT+j1jzgt_*;(O$m#h%bp&RCder
z+qqZ-`|PlU8TnF44|RJG_%Lr3ErNzFwq75(;m8-L2wI<M!7pxfEDO%$MDS0%*-8~D
zTHW!N+R1IXmFbRMPAT7+4`?#GH1Guz)bj;HY2^w{Hn^U#<BVJwKTb<8WKNA%QFx_@
z)&I68m1XA(w#c}q64A%X6=Gd~LMy;NqXGOhyLR$W&X~-+z5S67tdxHG^Jeri46H4F
zn|!m>n&`N`XiDJkB`nr|R`?*U-a&nW7&*AS8cyot-&g*D`kCb?m-+0>mk7A3edbX4
zb$IR36!<xGI4jp3$50^D9mJ5&3tUGe<`v8UwnFh$g!r7p*Iz=rN5JGAtgRrXtS{*v
zeos?hz|f(aGZ%6JQ=$I_OscN?=hte?ype)zi^&8LXb0{}qm3?u@&R>ZX^w7B4P)~P
zmc(Y3ZqKFc0e<9;)u%(l$5vQdvV~<?$Jr&H0cqq@%g(zxJ)rO!b3ZopiAp6{SOkjq
zzhZNJAEVwp%ADY#^LngL3~Q3-%w;z{w9Am^w(fd>1=(xT{lJg~SkFES6!1U+7z2ve
zXmf%R;5h+2>4C-zoJk&?k$Oj-$7p$i90Tv0E2#krWO)ug4|mz!#Lz`Hpx|v2so9E-
z<{;QubKl+ei)(X4wKMFzzFHW-MgB~@9_XuO-*A6g2VPwoZVYV2y07iNDaw0BJU;a5
zr9EEnbU|z^O5Y^7^E1p#@5;N+cUrzt)t0D7ey%=EZofx=;(bJ2=k`H+$aa;yaqWtR
zBD3o`Kiv*QA`$NBp6HH*V(WkRZoMw<(`WB?euCMR4vl373X4mES{6cM@8he*E&@Gd
zz6tlaZ9AOU@7|r)WqlOxft`YH_;z(1X`iti{kS8WYy>V(BD;#A^2|UXK2V7C+5a@N
ztsKRG&o>Vgxxg2Ba{~JIGX#1(9!N#X{VURe;**)4jy`bmZ%{43pmMD`kFJ6TXpr<x
zI(M$t2WVox?V^jj14{{*O{{KdRu((Qu+b=WJcs1kH+P4?>rfKg`_<RSh|p+$yy?xS
zK9ospKh7P<U1V_tmJj=Wd!UG70t$DakYNN0?g7G>r=i>}c{D;?U`u$Q-P`nSJB;hE
zeF5me3FxVQ3MfYZie8}TdFpvy-r?9C7u&<KV>hb4HY2%-;=rw+cLz>wiUtanUXq+8
z^lK87dj13~$*(K!bq?+(ZYC|e1Ij#3qz(`0U#P)IBT6BR(zI#ff1PCntf^GM?TzQP
z57mao7Q8sKdpIL~p+h3mGQ6;owP7sPgK)m3Yk$UA2g_R>r@VLb-tl*6@ppr6hbQ~~
z=c)$x<Tyqi_e3yO!PFBim-Iw7R+;%897hcl=Ow8Z3?pCV)l~yW8icO|obZ&S6x2!}
zT0__s<7U##oWuvop5@Puneo<vOV}seU1z_iiL_x0sBoqRf{hUq@TSp%aPQF+yo?HW
z2rA(4Tb?D3f(s0rvGDS!GXXAWkc~A8pk8!o0K*U$)NoVug?G!EWb2H>88Wl)Kmq=N
z?lp(rfFHzzp=oH;zjGYr6ZDCO?n8|B!!fc4C9)?R!;hii$t&j1<^hIZC79o4vCId7
zUo7*J$Oqs2R-*q98y)dtQ<x5Z7!Uq6!j>aj<Y+S;y*Ws#p9l}(kq-V*=NI5$x-(nk
z^gONDBAD2#ia3P8NjpaQsdiBfbdg+f2(fI@v?j4`(d-|n=6EPeW$-*#pMFFU;UqBE
z*=48>#foB!@YZCD;6@t}+<wgPNC9v>aRfZ^n7`zo|L^4g`49Pn|C9VDqyLh>0hqDP
zWAcLeHD`VQVZD9ytivUB_3@Y<vgENaWdd~q#7N*FAC0pw3*`>lyoe=&nyZ$xcJ_G!
zcY;&Ob;Eh16wSPWC0NP-L%BTsdQnVv98Ul<jq9h78InNO7P*2|OM-SdPG<Vg3<L6~
z@Su)4U8(tX(+g&}wfzf6$2Ihe$vvZxCv@O$tr(7KZIu#jmFx3+ZB}b+D$8SdXzVP|
z7VNFKlpEttx0Il_gXBiG-5uC2HV!RHWNw)q(Fx;G0qw4B9c2;PM;J4~7q)I3MJu}(
z{-nTxSBXofM<U%l3`Ob3pI#tYkz}P(N)n-3QtIvfjL1}AQPQ!!%yJ==afaCBL_WvL
z=-5L)>61{fK@ktABL;O;u}u?Am`6%RSf@%yE0Vskn6TMTB&AboD=&!XNH2het~9V8
zoeq7^tEIvH*`04KF?>Vo0sN|_m?x4<#vjHp;0_OLZHll9E<5eFZ7ry<L&~x&BbZJm
z9x4uvMV3_tTl>Gkn@B4F5~_dYH+Kf<c$9a3O|mi7R=SD3iH&>y?!jAgYIj3^1sqKi
zId>c4Rvgv6A-FoGCCpQ6h&+?3-WP6wwmhTqQpA0(gRmVEH?@;Wh#emMW<&VQSyP<r
z4d$JbBp=YHd_!gLuEmG=@owsu<s-%i{*jhRH9j^z2jg_hXh|J9y6s$(o=*kIawn06
zPbRKd;Vo)(HahLds{3tlh{@ux-jR04;YQZdi09OwpplbPCJ7ZqK4D6ROH)p48F??%
zIs7g54VlxAlz(7Ze!rBGTUAc<!`u;vvL|j<kW1P(yitGnQ;CJ;k;E@23wq>o&rQOQ
zp$B>#*%8zNV<b4vBwPoq+&4j*=#aTBYG&WDEo&l?W)Ci@R}1v6a*x_xn@&BDPyHZZ
z5~>a5E_0833Uf#|k18qH!hhY7V{e({Q8_|WeyUAF9zsG~h0L<ztE#D#vLtnIM!8C|
z;9<FC1r*zWWg(w#9!^<^bMSZRY+1TFt`odHRwdaZA(xu(n0Of#C3)5*8U6=6E(8<o
z>f`a7O3fm4)haX!0JZA)O|fP{x&wSAGc~%o{wl36#`6JKl^FdR&EEzpAeq$Y!s;yr
zqg3IGGk|BhD!fsZ7Ug=CR@^{EFg;@>h7?mJ#uTs%s~R0=<Uh4#>6*<`9-q?7&x4{4
z*{`2tXBUiH0x&otq)A_dU=)R5$k3>W>-)b5A=EEu(ZJJ=Hk?h+zebvBx|*lHL*^$b
zNR<^2;7FGfB{`O-Dp*w)he-Qq>i2t=r)r$uTXl86Y1J0%)m|rDI^~E;d40ZouRUxW
zG@r=H&c>hc;O}(h18FYH_v6)<?*=(D`ZnDeZx_HPz<8ze4QmMew}5<jssSGIr9U9`
zQHa0-Dh9#=>cubdliVZca@%W5^A{^AZdwT;^W~Mj3vhXoTmHN7N9dJS-y7qy92GRP
z+Y>iqul`ey0HFbXLwW<!@)t?JYel?a5oQx!GJ+wH>z}>+4cKAO3xh*TLmCO-YmF&;
z;x&;v;teE(k={|>{x7fzha{*ZsFFr|14GeMauG5C4nHG?ZUsc`64J_a6+2)s@Au0X
zguUG6Y%PEpx@e|0P@7Zx70m)<7*Ajf3w^(^f!TbcumI;0B>YBkbh~MV)mvk@NSZ)A
zB2UWUO+mX)(W~SO2I&j-o^i#NKzfGy5I+g4kJ&9pfbszUD%qewrV_6rNJTk}D%7kX
zYa$e_0BzHp7xHm0#CtalgL5=X$tt8xaWtG5Kp8eQ_zf#RR+90zUZVj~EO;WD@CN-7
z5wZ!?30hX3O+chI+FF2!5=87)aL&09_uU;VFbP}S6^2QBkS!MW5u#qP`Vr)N$`rKE
zOR(Ek8gvjS)**K<sD+>U6a5__8dUx}@3t4?f#CMHGaq&L)FSxMAYoGA^fV8gv`d&_
zG~d7EU;gjp_y33dLH|kqE5CoqKTQMz^6l-XHF`)8q2OzoJ=#krLnpGAAMG2Kv&<8$
zhZ+{<fZ-)SENb0jZm{G{)KxwsWO^<ve;`5}F=ZU_5ks&tsq9lSBchKlT^6}KEFmnR
z;3T#ol-_>SmG)2;>VbjGmIT&kfIaA)ez3=plj0M{QpY#iU!1uxsd?|v+sJz!TciBF
z7V1GXq}fX39(a_q((Ga_;;%!f(;pU`(gImTH`dPLtXY*uHAnObc<<3ib^-_IM|ug^
z@6|_k@zqHpMBt=SImM(>JCxyHQxYgC<0u8ck~t)a3_JZ2$&3@x7y4=%FWA?QZ8pwU
zImDddjSjFd8DSt&?(U4B(ibez36*)qVm9SrHtnTe1cz)Vus`z56IcZQ)36Kg!mE&X
z>JO%iTrhPn;9mm`=lqZ1=RfMp|Jqik@AJ@fk&UMB4WQczlJZY~R~~sP#MD5a`a3Lw
zIEb-KOSItrv^6AY8*26V)mjTKs}$jr{mgu;I;0%&4pwM3w|D!iR!sqS_Zwsss>Z|Z
zuLhz9NJ;?siXD@kpx;PCE_8}ds5c6wYaAMAkKE4>;5K{9BY4KXpk7ox-QjOqQE%;t
z&&?1|Y?(vx`uh?!vESN8{B^cb!5n>pt4#GFeRU(d5ex@2u<lI51ocBW{}$~&h{q42
zfWULo;5nDHGm!yVp#q<jccxe48w74xkyp}&Gv%QM`NkeYKkz*%ss~utnC!r}%bz;A
z0=1#hXP3+JKTSV>eSjvt@R=0A%RzZ1zw^gEqrOrooCM!;z6cgIe5Q6m+MK|}4}4H~
zL9fi=5@)|B`GDA*e2E{Uug{GioTeZa9T?KEP;LohO&2Qp$$lRtAvhVPvW&BgGsFY7
z)`=bd>_K{f8J9+5f@>-nSGv}z`9Ny#ltPQ&>cQf8>(n5lN#4XUoR<I=;_JT$BHROW
z?ybqUO!^8IcV|X=Y^_NIESJ@m)v$6C?#xV%IO6hY;`28JLTW@jePLVM2wR`=4fe(3
zlXv5jIlj>x4#$Gh_<?G8WLU?40ykN+7B$)cj0_9;%VB_h*X%Dy6y;*R1E$^-J+f4c
zAkB_l!}IU|dqh{^`B&l9wpO&l;d#qmQw%Ba`64_&?W=m@#d>GuX{gW!D1rIH!g3m+
zgZ2bLj5*?cv4?1|10G<^7t#_fD3z`3pqdY4MN2S6OYTKWsXui%`Zju)PNgL(ty*>H
zF+C3)Jf;$v|6UuiM+*={3qZYpWj-3M#JWQ_nQ|G*izNyiAPFS@W<_qVtAiPL%F${U
z2TYLUy*CP0lY1J<vp*`bH%ff*%`GnJo92OIs6Q=y94*H;P225|)<P4St9?onO6Bet
z*0$ixE%GhRBr2zPDt+jZte`_*7?U>8VP@oENBBn?TO6?`wnwX@Pn1WLyVC!!NZ4lw
z&VUO<q14A9(mx>9w-xMuBfc?(y)h+zgnfiPD>iwKqq1{sArk)Uh?#Ks#>F;Vn;3E^
z33zD#q*@ftoY}*SCyyk~33HFI7A;u|k$EO(Hf8#1g7S4QQzC9P?i+_lC)PDFCE3td
z(jglZZ4y9l+MJ!JKo2_POEt_<3vu3Ngi*4a3ieAi<&>Q$iXyfmY^|KGI@(b?ao(vE
zReMc;!KoBidrg)2V)Fe_dx5|rI%Ind<rHwi!(#H1Y7Grod(G89jYmA4brthYBYxJ<
zL;&q@&blbTR{k|K^+)Xu1pm4mdHMgkV!VHh1seN*-6m81e~0}_o&O6U0!&vO;(y)#
zzZ!9M)}<0%OxAGLT?TqLJ!-$9Zm&ryJpI1_{ss+1iPSUoKcNBxM~9pP5vUh<laD9f
zd#!%^OaAr$PX2&@$RGHh<bPoKm;AV2K|p5TW=-G~e4(hea`$t|Jl@ECS%x8ZCIh_L
zbGydg+q{uJ!KegZCiicjycM*-t#@0lv<<S1y0My){IH#&KdGbCCVHTJsGs1<u=PSc
z4d6e~KWO4g?|)%FQ+LC~6ou6Ke;C?PYY|xo!U@9Hey#bE;f@+*a4>#FOJhg&$D3sn
zA)S2#aZvs=$h!)WJug+2UJVA)n`0AE>NMzU6)N15-7O=(L3UgudN0O@?uYJB=U@+X
ztz2cWjRsxk@Mjo5+++b;AI1mx2l&ygu`fc>0<!kAs4t3G-n}s2C)Fp_Gw}j)t?|1;
z(7muADdBLUP8Hz|Ng;7z9zG(_vR4=%E99poYTZX&fK?fmF!VI!UdFT_PA)Kss35&(
zh+a>`OvW5+9ZYS6=>b6#DxPPyB)lMY9z0@bGuK__6IUKxK^CmILP=LfF9l647M?di
zNm52O0w#s;YBXg?0fq0n11ymK?~3LN*8)~;^>QnDa%XFa^*C;keY9nC;F*pqSfOet
z0(G=`IGz=7;be-tSXrM|f#4L_@yyFMY!zNk@W^ivo5Cpw2s>2kxO}$0M4`$lxODd4
zh^)YmuCz|h9pf~}JWuW@XiQsyjwf)wcea-!*beyCD0pbRwU0u(E(Nl$Sm$6j{iiLm
zuh14?<qd+bNY!96gD>GXp?&1tk(1P57z~0Hh~8kRgRINGh<*F?XOzn6gCoMF3Bs%T
zqW2SSJNFw4(OZ)B*BIEryu;Am(6~|;p%i<(lc4cl*lmcj>=3wZt|~;mUn_Y+Y3RP-
zUXw89MDoDi+s50*N0L^7m_eKHm_(m;3b=a$HdnAwuCUZWgY`o0a;>yFA&bQ>y|)?^
zCa|CMAXfQ@isUb4rZ5~qnQ{3a;#9qK+w4u{@JcxC--`3#mB|0MV16m%rGJaP;?J8y
zp;CU50r@JdU!($J@{P$^TuMy7d2pKKhcPSRxNzoovf_MYCGzi;rXqtP{9qm@8A%vj
z?4EQcWo}B}Jt@e<DMToG^-l7V!jYtY9OWg&AW4-^*ZtNzDNG9ClcG8*Ov0&-UJ!a0
zrYR`RBfg0vEeqT73_}uw9-dV|aS_Z>6XeqPR1tW;wXt{<M~*wJgBuCw`{Dz#G8apQ
z_@2gIK&VXq!c<&HsI0YA9nFY)Nh*0oIrM#)5JvGLSV5?a$oUI7%<BlrEGtB8&3+bg
z0crts0in^C9mamfe#(A`ezbncu-Px>-wwVVz@DNrh24CGI&Bu<%=1Ctf$Fyj>-d5U
zQ*K7&9+q}xrCu8-5hS5`pVocynb~WsdML0bj3#KUf3E>mk81RI<8-vk7ls3a2!W^G
zY`PzRFNGyD3)9cp1Wwat?<{yn--7=IeDpkU)WL)+Mkq=UFOU<-!LscV;elfQF74PD
zqyWAEGnQuUk@kUP9{dY5QH%gyFjgQZ;LY<e-v@684dUDjBjA9Z{<5bPFO^7q7pF5<
zG7OdGGFW9Zs1@7+*(f{?hf4%a#QLdov0s>!j=$vN+@aV{><K3?c8Q<;?KAmZ^Gn+o
z$S;4s6o1+G^D4^KmnG}ZQH^~iQmG_p{xXm(zTia%%rXnO@~U*8kKKL$gzv0T4`sl+
z<NUDg9PtbLBJy}+eB>A1=XqRzFNg=@$Ice|EkunsMj&dGu$uad^g6~qSs!?X7)CO5
zmt_=am!S@{=V}^^=VBVz%dfNxz?8XU<b0JwqH|A$2CW-+h14IZ7L{>aCxu(}6{Z2=
z7Li9!3DvgNLHsg3^R)}4pw&?=stY$aRSKL@1-B1j?mw-#tn01F&WZI<tb=6^Zqw!-
ztrfflBkS7D`g85j6}QpE7V*<y?dwPO$Wxu-WlG^<kH1ft3nAKPv99`6e~4zjO5EET
zV_GttfE@Ad3Qpndq9{aPQ<hoafj49QCI9w+Cx75S<PZ2y^1mMbOa9M!5Rh2^?;@EL
z`C7~bkEH6@qNT4EF2CGIe40kcJ=cxrbqf{~)%MYZFO28A2C%0<cQvO1jfN66eIRb3
z%hf#o*gjrY#4R22srt;h`-%=mVXl{2Y$SG7t?z(7%G@(8N#EZ{y|!NC98vAcPGRrj
zPc;sB(RgmO?hRLVFOfc?sojT%u9;UdaEP`|?pPeAvMgp83EC+YW6Mj<gE|cP)W0BQ
zIaQb<ud-e)E4oPFIq27PFQQ#`%dF-^oD`RkS|Eq-URbf+l&H)_CA+F9V^~-#(_45e
zgIXvlGg(+FQvpT=S^6C&YbsD2W_%hgb$GVBl@sSxj+bBEGFF=g8(S=uvRpSSzY|Tg
zr&_{gJQP-_t^ASIdQ_Tka+gb3Ok&4YZ|WQ-AFed}1Fw|iI_3cHf^yGyRIdi+*_jN^
zJ5T*{qG`ZC$3`};;Hc3XedV@#`1f{&(@p@Iwu@jV@gFM&K#9Me?YKzsxmESD63;p=
zUbWVj+K#~{4(;1D<L!qAJrp}h$rbME;4-q$sqV#gaOd)7At}qGmJ6_G%XJ#EX>&-5
zikiqsCChob>+Ym!tknvLXgk$F^5&BwgbZXkRXUuor1`WJOR#Z^W@ve}bq;$aTVu6K
z`1#Nk*o@T`aIL8oWUaODFj^~~SWTTS8Y9J%a5=VB*7%4zieLAU%JUq6{~aoMdk6t4
zGHmW*R9HJjGXw9{%6SzFiAq%C5Qn|brqL{<68j?%!VN0RWj4HB1p^B#N@U~EhpBAK
zapdPenwlr_Cu*Crt5XHKs?`OBt2qQZwCw^Pnl~VMr(V9fmtV&vBI>D@U^5rLM+?j8
zt;80Vr?8Mrq=ibc{Kg%T5e5|5;Dt^i&9z+^W*!8#Brk{XymV)U+rLdAO|Z#*SI)~e
zr%Z~9rpP)j%T!yLoxq#YH0L|wGDkUrJanCcG{-(dKa?Am$i?lfq-9N#U^fjn4BfNt
zyjbfhXi>n-ekG;IT7~26<3{KpwcGVEN31w7)E3Vw*sE^0U7{&I;Vd;3g)9}8QdPrB
zQYtHH7!E(t{c-sN&i}&h1WJ|d-rq74=_gJmk|fa!ZEVB90_&b4jT`oyQj24)AjSPW
zXQr4yR~gaVMTtXs?8W_2l2oAN_dFGLS*7ChjP4TDnJ^`rx(+WZBv#qNi4Wmdg;}nt
z{1W&)5?T1XU0L<Dt~*VFL?v^3$<QS7KzW>sbnA8`&w^u&Bj;J-BkNh89}+(}oTW(E
z4iy;E!Uk)cu|12fGaykzsq+RTccoIPKv&ddhVvF>f8@2uq_f%`UAJ0d$S%jV*^S&j
zCGiROuxd)n1m|Uyi)5&{;y@LnHU}6^&1&MBuMlM`JYXS7?>57hz)hLV(qln06JT1(
zyVo{sGSbS@KqD5;NZ4fjxQsB%NU}Hkc6nSo&R)(NxDB|eGZf0G9%ngLkfqVGXb4P6
z)5+tO;hTa}rZ}QkMn2M0?m4uto?$)04sj?ca%#4mH9W>^k`F+_mFq(}k?AWdv{#Aq
z-^F9gil?8;kU{mUWxd3%Zq6*>L2ag=m84SVGE7Uvu=FXJodL7)DoH{uVVTNd9^2*4
z5PsL@o^^(8nsr8R8gvG4+H}Tso^r<IE99F6cfY*Saqpo(OkKlFE=5!?rfCixKZ`&r
zjLGmgj<|{14sq7yGH;cw1$9C=X%E%nHk1ppGT5+JZ&&3umD8L~JaC?xJ&?^wY&P##
znmk_NazeU-H4S8GzCG}EQ$HtjLOD{seb`6$j;RUEd0xRiV1AT2x4D&jM5qx-wY<!5
zn^hg|ob;)F@aH^jt1ud8yC6fiTWC$aI@}MT9-!@=MC!7&t6WH@yU<fDSO(27N=d1$
z@3_0Y=TRum1fQw8scVBrn+Qx*wPAjoaWWzR`QuhG!bAu$&OsO-auk8;ofqjORrm61
z>@WHE|2z4E{vp5re~>>3H1l8b_ke+b5E{9_PW((Nl6H0VFX8g)yLAdHZPcL@OFhPm
zdpK&yhA!rH&Vj9--RFv(;u`coLo-WID5#m@f@%~GzfIdKR_`7xre-Eg9#LH#H`dcr
zHRC&oRy=1VbkkQmXU}z%uJAd)b`wxF<~!Ae_L&eSjD9ZQP$bJ>@Y+$qxMeGs-)G#s
zD=8zr#ee)sZP0z#U4FvM;4!P(h0*4gX!+~wK7lfRQ@^K^ia71{hWEUpbb^-{o0;T2
zMtO`TbLXn+Af4t$1EXD;oTg(Jw<=2t*rlx$S`OU2rgXhq?n!5Hk}q6}qn)g~sk&~H
zN`M~V47AH^`EtI@R!c=s(PgmUUQ6YXR;*UI*`(g1_<P$Q;GS5bnw=XpjI(N&fS|2e
zaaTBHDc!2#)sEii6uw6R-OhcGsyTZbcjyXp+R#pL7s(W&%irxPqhXH{x*?`(R^_9;
zIc+JDkLB%Pqp+9L?M9=lP11CYw$i$7`*;?``vD!5wy~z5&OQ4PuM*iKj`%88ZTmUp
zELs?XHYu+cjV^LDp!Zr_oH=o-Am@MqkHL!3D%gua7oP=_%ldZk1y%!OPVkLgm(Z&8
z(M4b?=%Eb6-6)OQHEEaK1)<CGc1f#nw~`A8va$9br%0E}?V47>k38>fS9(?4=IfA2
zNL3eIQJ&Qo0WNlFzq&XSFY`8pbqi`|=#j0~15}SMsymES`@DK==YQ9)e~ms@bcs}(
zb>zli%lYtbrkGzZHBY#)_oB9h+TVDfWvgFVZLG_V)XF=kqJMN~Hn;~x21jqftlX{2
zHiWWe5TygoiRv~xcgR(x(0CP0ELXC$*$iyg&o;wHNVM#b%KpK7)?GFMKnfHhVD?y;
zW^4vnDMpvEzbJ2Bh}?&$>RM#mZ>pq*C7u)ABb_F_#<UCZOm9?gnDQQXmu^_`B33lz
zI53pYFK`)1Kk2NzDj=7+EO^+-RIk7_7Oa?bt@ujVv}{-q1|W<@Sf<|7<F!q`<oSrK
z|1e%1oabfN`<{Q%@~252xWNB(MP7if-bc%4DP@MQk^oTLR~6IP;yDK>f6wylO#yGb
z&Z6si7jh?8kzbBj!JMP8SzWCylV2TKsjZw`as_NEO%j3AF1hw;ebF<u-$1IJKJi%P
z)3`Qlw$WG7FQ}}3si=lh`<~Xka=Ca>_haR<(r!tFP;nEWStNO{n_2iS<*r*J+bDUZ
zN3aBzL}sn4RF>0xKf|`pzI9Q3Xah}H1Gr}bkT}0L;3u1%E-nvzOSIsI$}r;ourDr?
zZ^^!KxX-j^nVP82zK6Yk2HbXYzFc_2-irbvM_H=NeLK#Xqm<1$$Pwo+o7V5h7B2zo
z*Tuin+YU#oHqEtfOcxhfM}0i*GY%;AiFob0zv7vT)BT7^CO`di;I0pu-RIMh@&kIV
z1yl7o&Juw<7YChd&|Ii_*7&MT!RJ2Zfb>|wN7IQKFFbHYqRZsyuHoMQAj*DqF?>aM
z5lo*y+r{VoUe`UupWZvLEHs|*V&Re9{I@5l%_gIz-@AZQ4XdtST^mRkSZgnbmS0gD
zrwoc-N`)O*b18duo62`+uTjBRc6IvNC%5vKl9R!V#~^i&&EXg0@z-Mb`@u}rytvS@
zax)wE<i~6=-oWqTi&UFDmdGc?FX?6^RqJ&DEtMye?5hUFAuelf%^%*4%I$i7^~*H6
zwduA<znhun*XY)JoqWOX*>gg}Uq;7$W`y3G55Q-VUoyu-4P?dPs(WU6NcT@%Ib%bW
zoY5zgyP?~4C(;$#ZEJ6<{KQI~bC7Lj%Cj-ojlXB#GC#CI`N&LU{_1i)%vOk**zd#~
zS$xit&L`G2&*W*+U7W>$B)Mz(6Efl)Xmg#P-QH&-sZ?*<O2^iu&9Rb#vQnC9F&g0F
zR6)m~Qpmlmw$)wEy{?8g6I2Plo(@ndSK(MxBl!B4{73(t{K5Z_|L1>_A6ouj^5@Wl
zfVh}vQT^sx_trKYD(IL4gw|Bpyb8ydBK5442+ap<Sg?eUuAj4OQ|5K79w4|J6Et}U
zcX<Nn&~T=1ZPxPxU(x{GQ}OnYD{1qtAeJ@u#er<WzPhXVQ`7dzrSjIeV6s1O{ee%;
z?v11K0oPM$F;<xf__L)g*)WiInJXp2y3zGZETuN=j5U*X+?d}9Y8so2Z4_=#B3Cf-
za=K<+MWtr!>^hKKOx0HDsMPfr08dx*_uQ)&eM|<)MVsfu3QWPV=DCsJ)ef-v%F*RD
zoK(`a4rD=QcLg-d>(Y|~M^zg;Qt*vZ_ClBTro9#kG}<>O;5D679zLm+jLu9t$R}R9
zWci~npo=k6Y$IIxnJ<Aga2ktw4M^*PU8VdxE9f<;!qO_MEM=ZEWv)ZVmCjpMF8wDE
zm|1@BikNe~FHEUgBL(+%;+-F9(k*LpLbAo3bJtfgLia22!5PxA6@>zRYo;fZzg(Ft
z%RiDv>61^*b?D3V@<Yxk7js>nd(o}LH6HVXbdOJhSX?*eZxwz-AA1Ni3m5ksoggnJ
z<7>T}F6I@@>pS5?1@oBLwukhwk#~NdH&Ur$<*qY3tIPj>@1|3zz$Ns)v^~G+BrA{&
zqiP~9(X*G45Fy%jN@|gG%F0M^_?@J9X0o^tx4G7Gnr+cRAj)N2y4a}mG+_@dQAeGu
zHtnRHNOXSFiXdL-Wa7XftvMxw!e8;6ktPP1`JZA1lT~qiw!0%^=|EGyhrIhaYp_Pr
zGGxU@6w@1-wR~LtjrPc8PCE~KJknP$ao&5AuyELh54t~wExUbI&R`FW`%u4>3IP8h
zB3sToky}7ea!aA=p6uuqz^|+PW8}eZ<_vVaT(e0SvUJ%_{`SyH<w3?TUd(Fp!EO=j
z+~b2edR&iER{8$2=(fo3(a|Qj!eK>v?U7ZlFUT*K++=gRcG`KB<_$+S*C$nf4zKR=
zUYj-aOlk_;wRtliyW#ZhtEB*o5yx|fz<J)TYpNT<+#!CUQ+ba%%a6-DWDB_^uQzD6
z*$3ZGl<_K`DL)mb3Ew4tF>}RFrg6yEy3ba#-+a{AZ0cvIAIcf04^)q$<8-f*Y2c%0
zrSB{mqOaJW%U5us^L~0<cHH|tWmzqg&kUi%)wT<KmpvtIc0GGN%K~TW?`{?C=NxM+
zh*|G|PrX2cp3_6zoipS&X+&7MDmOP_M|i?Gj-uv%hyomD?FC39+y?Eh;MbMnRzp^j
zu%!Ma&`P*)+U$_bI8s`UV48^BS~uWri0E{p{sAGnbgSTh5WTcVz={z^QnLMTpj<{T
z1WW^KO!W=q1Ivra>j+g)71)-v`+ov{&l|yF;d;{{#kS`+ioz}7cxr)xnhX0$tN-e#
z3Z(1uS9r24*R;llapu6Y<-$6$!m{Q1$~ncj;>c=WW>{cK%Q(k4??}ryW8bjvZh$wy
z1-YALn+_|(p7nzZmvfqN(UFgFopIA~nq|$teBaRk;9I_*!MbYSyia}<ox<(!gxI2e
z(Z&!+@4w+P1dfSAz*ztWueE@J+gh-Xf9-#|f+eoBmExLB!d6!%>udsXVWo_xnV^<=
zF@*T_oLt=BSuk^#@?mrKfLkgs3oxX3fj?{OrqWx#U1>3j=M@m(T59aaDAzWc4@XX!
zj8yF`(6MTWKu+_D4=~7ZoZ3b(3-By<TJecdV8m_WPOHXqxr4lIVv7M+s&L$JpwuXv
z=L`uT)0$@bx|ZL}IS`1h6>7}fTDe`f3z0=OwY6bCUz?0KD_G3Fm4>);X%jF+Etm)x
z-GW=`<9A46;z=LvDSvv+jVZsngzN3WzIwFu!aoe4Z|{coX@Wv_rPoh<S|xhvfRyiX
z{pCQkgi6kIE;tBwgffU8`{TKV<H-v>dMywBVKz5r%b@jSk-$X<nP8yemfmpK^ML&}
zH;B>Cbj$BA`Op44`9uC8zu$k79})at@;~r`fQ<PZC=;9W8Dsa>!=;eKpW&!|vs%)4
zQ2aX1H!zSWz9iyG;*lh4noDZ6jPQVcgZ0Y$;APTf9eReIkVmQ7Df1PbJUE?{%D4Q9
zOftql+MAx7?0_xdYa@#pVR=}2#C2lrpHBQ+_?_tV@HR=`uTC@v^lc#Gw@~rB@0Cn@
zC|@NB$U25_8ZzhN7Q-VtMIYkr;%s+Fc=wFIe(NFeBW>K<OsBl5jrt{$IGHA%Hi#7>
zX~K+^<Lei%IeBJ!l1^IU56hS?6LxIu$_PI8n8v`uZ|XbhE&Jeq20lREGE^<osFUE8
zj^QEkfw7y^L+6(nzjry*)91c-IRZ@Yexvw|HA}=#{uy_i@G0~GUn2ft^(;QN>i(#o
z>n-=ebQ|-Q@Wy<L|IGI6#~66SKl(X_m+-0jp+EL`+_IcT644ydJcf);NRyIgDEGUV
z>9DP|tu$Tq0-HYandXsL{g=1YrHTRHuHFuy(Xl4UD|)|mvCYRCL4CY@iBxVpeF<%1
zq-|+j2YPY5d+6Ri@C>uft&Io}wE_K0&9QLJZi%C<aZM8t&OJEZNN($|ZJ^yYx@NjC
z{2t!%8!&w-T~Bbqutto#b>S#&O&K5}(r72%FUm8}ja$#RBl*x3b{96;XpFK-?0hy1
z<0Qi1#j>-CvY9e{`GPP~K(Y~wm0Vryhb#x++sP#%H<d(DM(If+o4q_8nj!JUWMUYN
zZpCttO(DD{MEN9p{hB)wJL-Dv7w#?eFqkH9%$GdN-R(>YK^<q}DSic51wLt}8upi<
zINsS-Z`!Hjq?YSsCYB4Q_%pkM?I4%Mab>50z!c&V($5itt%PtKA{&Ay+?`+c_F*;5
zKv=^`ujd&Zrv3+a$L6}`>DRCBls8LE9aYEH0lQtc5A|NgT&7$UjG7}2;y|C+T@E4G
zSH4$1!zJV;WP?qtS5#tSzlo15$}8M_yjSgqmY_kebmHaM<y%s?9(d}l7J<TL{suo%
zrl<Ew@g@F7Ki{Xt9+Rjj&1b7nIBfBq>y1(f%}&}J>p0**q6D$8u~Q+faEc(o;A=*L
zX>fy3LVz0+FA+_O4N19stT>LZ`7RZwuYY(Si+FOFB*c@T3_43cEt5L!m&iX#^*U8(
zk3TOkRSVQug_cB0kI;qdYPHW$k;6j!i5x`mFe(0^?lf`I<e)Ny!SA3?o$k;%pghn;
zJR<gksF;ClFoT@q{LJ{U<^BPJ!3^?P1)P7O8`1@}Um<HVg)IZs@f*_T6OhfG1$vMD
z9g#Q0w{L62b&1g$i%n*W9ddVEkbaU8xmr4;a;n|1718(r`vQjmOH-Jl(~n%Kg~w{@
zb%gMbQvyh46zOkrisQW>1>Z6aBEL=k9!LaRB9<hwRxE-6u$gc_f8F4Jq8|Ic%?;fn
z^{|s2_-e?5Zfz9~1#sz?q1|Je5yCU!b?5{5H}$2!+)l5Wka$1?28Z1YrOElf3GX@W
z`7GspE37L{KsNMBctZfN-Z(Ag5cd$z+Iu(FnQm=fdWVc9ZYIjyz*=Vle~y6kH&_6z
zW9S=X%saue-3^asz&T`yDX|1SDx{M>sBf$n{FqOD(U+b<-F{LQ`MBz_#IeLZvQA?M
z?y(T=;nb_kwPa>}^Q1k~l8|zu+8wv{(d&=?MJ)V667(p4rnp6H8e<afboK#hYQqbJ
zI9^6C*SK0{J0{&dD;eZj;qI76ii^;6=L8id<uSB!Q#s}yQtAWNTNFi>&)zrqX~rJI
zi8!cEUtB|sp>N;$5+_Na-X5~z{c<LWWS^qBSb&>me1X^R$3&soU@-2x9Avwd>dt7o
zYWAl45j^>T(-yhtOK{&YJt#;jKq_1$XhJXk;J7D<mQZ_ydN=&S>Qlm}om<K<mwM!O
zM03}1=XEdDrBxd^4q>?1amVLV+AY3WOE^ckfP5-`kNWaC_?P@w|DF7y|B&DJKgs{K
z<zMp4l!Ab4JPL@bX20g7bD4jg<s865VI($^`O*J#J2p+J2#d-nZA`{U1cwqTi_6LE
zU~JgrBa~S7$H@MTy98B9QfMdb-i<q2{7hI_k|T=pNFkcCR2!PI?H-X*QPK>Wv1iYv
z+XSg_SaOZmrj}i`>-qg_w%x<>EBEW<qmS2RqTv$$5+)}WCmtsTCkiM25keNS4xA36
zbETP7dWGz`a%e^0ypT(hR)L%f1vFBH=?TJozFH-|Wwci1NJT}+d{MiGjZ$i5<(!$+
z>3sAFh6{JGnoDfEzKwEh+4+g2l=(dTiRp*mbdlDubmSJ^s!oFj%krULvd?6ZGj0_R
zw3;t>)f<wA2SL@FoW}Dvjb{UmX9bPt^|~8xjb}!U=dQY&?YbM3x|>(SeaN~SXoLOW
zx|_+qk)CgOB`OfweqR85Z~#37Z9+tCLU3(AEC3${fG@{-omS?j4?oze@0@e&53FTg
z?FUkghg5^*#Oq5mf<QKTe>Okt1s?Q;H%`sl#bIbY#x4QAU!PjrG<65ZbqClbmucO?
zAHUdjWBf`PQ5UR3*|=pwhhub0NJ>bAOb=$$<>6J+8(GZZ<;^`=y51OKoG=b)3q3|k
z>OZp#;4Z&Fd@}b+_2Tq?A6XS$#OO8aW$%?6S*6*y&?nF<#CUVblTmD1>Y?tO*u=9{
z9MnOcxUEIDQ=|AoE;`8chTFF~SMG<eGtfiUIoreAshzz6{c&c8c&U6IRAEu>C;yc9
z{k0a{^gy)q=`j?!^5V+SPx}eWp440D9#v@iN8IkTql@C)z8!MzLoR|_h4jnM$<czw
zH~j6}laa|^8Am!toVeW(Ixzb8`bch-r_Oa}ml0|6DSTJve)6Qs>v+R^G$h}|tWN-w
zP^s`HqBme%@%bkcrzlux*aSndXcZl`;szonN$s`B{_*h%nS$>pd)opICPoH2CO1DR
zqm!6U7Rh6oz?6wuY~f~!V+1^kUS<_~h&+h5BIec*gm6(y!5WF1f31Zf(1w*oy~qyF
zdLuSdG@iDQbAwBf;!P0`f56ztXTgh*MDoMmb0-|0x{)zJVu)q@92mO!H8WIkT1PzN
z4X!4>pdZ>CAI%Ys7*FRf8-LDWU{%CcN78Tzbw_xr8~@G$esAC`Xkb@FXaCL7L|}^d
z-d;s9R+KG?8|_CA6<%}}-ju7xCT#Dq1*<*Jj01}TcOg7@DY3bi1G!^9ruQe$wo((y
z&HRy4Gj}_&J-s9L`FUs_S3AzlABjbCqBLw>+$K>Dozh*YqQmbxkrD4GW0AISNYS>c
z!4_)v?#|FP!PC0n&4;sjT7_JeuFg}4L(vD7frTWtzv_;LoFT+TA4`m0UFw&@lFP9$
zX~PL5{^V`-ALZY1&R9_#-)3Z_&SA;M5S-($HXL2wu@j}76{iV3X!r@VjJ^nmAUEpc
zli|thnR?aoi*hEO$t^p*bG6Sn1+Wy92E-ht8@Sx*)RB8KY2bGCo=Pjk=<RynMK6Tq
z;h?(H!G;(w7%->c>)?$dvj2gCP8|$^RR06V32@2{9Ir3fdRfAXnfx7H5Br<0Uh?;O
zeR<d@+N=j{Kz02w9(SOZk?R8P8et_I;Ex$}Z2tk|s`16va2o#-3OwZGz>Wrq2jUK!
z|KOES6Q?^DAZ)ST0JECE+~Fd8nT-h$<Z{JJM+1-<4X^HBNz}5MJt$MB=+jVEvI1?1
zTokiWu#Qe4)Gmz<YrdOcNiA*LZCex@V7K~HZ?n?6Bv;J}!1YkJK-4b|T(r__sqGW<
z(OoDBb~EBFIV@T*>IO66Kho}DOQ}Vu=JC$>eQIo}D=X*}%)sQiD51v^-OS`uEu&AO
zd};!>LaPP+gRXx?{4}4PgE<SdW8cL#2+2m!nsBwaq#wyr>x^;F;w%lo=nBRzeJyMi
zmA#NM@ZG^q^o*yb(m3@m`S1Qa`NRGpzt4Y?AIs`r@?%8-cV=m>uRLp63DMwqMSW?e
zvRwcSur%X4;Jy*>LyPI`X;hp?96DspJ}6l;dy8;?AslgtJS{caLhPQOto7WD+}5rN
z+%0jX^c3aBA)K%|tCrti-fY^v7CKk)PI4vJE69$NpQ9h3aO&V9cOYz{xn@4s($UA|
zqk+OcuRx9B%!!bum>I#c5z~MDv%B$Ok0-Z1n{!Wf-85mT(^#m<gGsgag<{s2Y;aH|
zN+vQ?2g9=!VUQdruzl@l;UyB$ENAzH1~GkY^2G`fP&XBa31COq_wJ{qYvamVXT*EO
zY~ZHHov@+o_YHi&-~NqQSXY{thC#5P5a5$hPXU9;DuaN@CUbDl&r^~gWvuHi1a4&L
zt`r#fn-3>vMFBr&Lje`QG3SVfq|P?9y^KixV1mZbcZ<_oc4{l}aFOmlX?&)bHws+T
z*836i=e}l-xrwH^Mfx03$A<|^;@mK*3;Hx5MnPEF!lF0$d-;n_jxnpBS;rRBR`(y=
z6q4A-XezAN{!@DvFF{*vOZikl?J4Btq0&)Lt@Qac)KX?J=JC^57xrb>%%gtiq11WD
z%%jGdTFt1blCjZ~+WJ;2_@d$UNqc}hqIL2k4^<C!#NtA9_~@^oRxJ)Hf|^Vm`32cn
zhMLB~%%2rcH|@*Us>cs{91I%>t-GhoJtuG1(JuK<DedmwUh4(!r$0Z$4g=fCu6bQX
zcV17`23AiN`eTdUs%>>UyVPyNb0OFVxv{RgY_1z!xOXw_*YSI@Zhp7>T-US*Ugxy;
z!PYN+4%ME-kTp!@poZhcXu6c52D+b1`adSQWQV`C--e?c-4^!`wO584#pvSkpR}Xy
zy30x?Bd4Pl=a2O##nCa*C8biDdm$jokHMjnAB2dJVFXEig}a0oLPf<n-M)sGl@k#*
z4G&&gop}p2BgGMp=~v48ULP=+HAt_LsDWQ0TZK3rj!48-A8zbMnY9#gGu$6DwbNgt
zplrl&2`W5_3awPn)kN(;*-RgtfhsP1iaPkr^K~VGv(G$2!D`3ILVice!f!{bjE?Gx
zGbDzz+M8gzncJB;ee}B!{_t;}$^6D)!!z}K_~C%5eG|np8ZPp=#4H5{a*BC#veKKE
ziN_PCgxTdog_spxe##%Ulk#fwu@VypfW=suiAn~!c8`hEL9+Mz;^8lkmA+EUdi->4
zW!*e&5KO<r+VCh&&B@env^4oS+Dd!{9d)}Bthe3O31w|7_0!gd0i(Nr9DR%(InL6p
z^L>9f>c2<q2@;6^rcJY!1tbSt#rEXA;lD%f2iUh=UV>~m{=S^=RJ;_jD|9P&3wCRE
zt9A=?OLU{TM!KZ8Yl|=VrFRKhJ1P;{Dc&{MRoZFZd06r2&fr<=UP~2VRLxguLen;h
zpaiAvM%mX1e<wl)BjvBOr+TNd{vZ>>ES9dYULm7YLOqM#p;SDkc0gtOr#2|5wLwC2
zCp%e6#VEZ&Nwcu(c49tprodVapxBmeLD&)|eZ%WZ%<I2-yV)LW{W|=a@R-Lk%t1}L
z9`l&j=8o(My%D$({+JgCp{Wqm0l{CK?~d!qu@SNn*pmOaV{>HRiP(i~Cww`$ItA8=
z=mTOW%pcp5PjbzE2k(xn71WZC3~WSs)7B?cZyz+%2ebvW<QreJJM(OW$bI>!z4E^b
zyCN!9>O_4f-U#=Fy%Ztr<DRB+r+6{#MD<x?9b=WD1R5x=<eYJU^^lh$rMuZjiS88N
z!7oK}d%33_XBTA|U|eT8WH!HKxl^0~O;W&~ICjF7!?XIBIZR!Kp2BI-ZUy>(xTm>*
ze%Tz-pC)^G-qiG}Tcy2)H3WQp6zn4p`;j5i-ySP|-C|;5+%H#TQ6vp{+$eao>QKfO
zs1VC1QH+}2AS@H9kFrTr?wNUXbt-NM{peVuzKnkywYfoQ`%C_(|4#n!f5`9spX4VX
z{FnT^z~}tBeBmlIqYc!dihfC15DY1qVOCUhhyAX`zHw&<M18i7*WLgumhtJsVb3Ks
z5u8t8HU|JYjWt;y?LKS+k*~Qgyyl>F0}&v0@;6_@b<UgGNop)@cr{U|^|ojO1t3tT
zAwbqd-Wt@S*DC2E2ofOxa!vHs@8?;{W+-w#*C(4M*5u22+P!xtcu%O=M<*kK6VF<b
zu#-2TnH$8xz3-TX|FKnxM=yBV^yF-mWv_&Cl35dsT^k`QU8yEsu%`FW6TYNxDeuZ%
z`;SycF-B9lp{zL$!W_$MS9zCDQjQU6UbY;qNk`sc8XmSAOF4ozzl23k6?qN$8z}ji
z#3T+yxgJux`>IFUk~tB{#WwIo)tm#B1UJQW+=R}>#&}liYikar%A7s$E#ZDITbUch
zNnd$wJ4;7GnPR<h*>`38T)W`Iuu|US0BBx{=(%ZrNMz;8i4!XKF{j^7f)fQ<zEtkS
z?ki4QOUK6rbA43qdb}sc@uFNb$pNW*Ss&qI=H=#vZV9Ej1Vt2&OuUe_BhQY$SDjg#
zixW*4ZXN0)Buc}xWU(@2Gi9grDY1{zrF$%QSq@#tSvn)bT{i=IqnNzH`&3=wqlgKm
z_tNSxi+hfwsb@EEp52Ql<0YrGy4)0YHEwl0j{|%7<P29BLvUxN^(|puW5e77+`qYp
z*Uz(0vM-t+k0oa{_W4rG<TLQ@Cl(Sr734QOtT**Itkv&dx`+Ufc3Cz99bxBv9U^=e
zx*;2Kw>5V)f{_aXuiv?-#g~;>Sq6*?Q_7d!RhoGSd~7IVn_B*KEO(4|%yz7HOe*j4
zO57tQUKnqn=F~klwaj{L%<grGoNHfpot&$UNtGBW-z4Ra*cU5c?`vLelqON4CJ#%c
zGYdOV&PyRSYZR+pC|Yit%0^U`Nohz@o95ItX#617J!?Kfk*W#JRftX6&naq<`k}Vq
zRgoNB^!hEil1$%H6%eOVXsxal{z&<n%)TEsQ<D|MKyhE>OljWMG6K2ZFjIW@ByyuB
zH{MOFA7l5$IxA;y^s(thtd8SF>}!P2u6J=aRril>$4TGZ(b<E{KUzz--cCO7&eF+)
z&uF;^kuMk{^!kMqXWA#)L=17aK9xRJKawzC*q_*+0WYp`U2=ukl=tU1=lA&E{)e!)
zfQqBp0zV<Rhu|LE-932l5Q1Cq;O-WJI|K;?hY;M|gAeWu?#^I?4ukCEd++_vzTG`<
zYr3jy`c&P%-Cgsm?w(t>GTk898X_z|pz(dLV)o1esy;Y!7+_AOp5t%Do@bpG7=qfR
zy$ZVQ8cGbFmYxlLvVv;r)+NVGHaWo!(4l)qXRH^xmrpP5N}h|}rCubi<&X7GR~A1u
zPVb;HDcjF-7JXStPs)#@kF2Hh7-BI`c8@2!{y`Wkr9t&UnL))t%|W>@c`r4&9ScFd
zvmi;;+Y*<J$L!~;XXW)$i+qjN#i052gu&nQqN!qMzXY<(fQC0E+9h$|ta&9sj-Qy(
zvTQWI@Un$dv9^5I>X}5z_=kitg{5k7%bzlorCN6U`jtF=qHO7^g`G*2-wQ~Fia7$=
zQVZT(m#S(qe{|^xK{}xq?)_{$B1Y6u<5!eMM`oe|p)EBO9VqvYvm>8Qvnwx&8(;Qy
zC~T5jscNJ_H=eq6Mx48~bGUAxU1q7IIHDU6)=2PBDi1HNMY0<|Ghfz=w_4Vl8KdX?
z@}rTXa;V<Kph|(GzlwZZr8HyE9kIFJYhr_9GuL|*bMciAe!c)oIC6NKU~;8BDkcuT
zs|t7yS)O_8U6dhdI&nJ44l`wV_7(4|_;((8@;L-0SO9kgtk8giSHpj{-{JY$fA;yT
zmA6#C*ep;ZQNvwBUn4$6`UM+=2Eu7Tibq^VVC<C63vm{3rgj#dA~@8LvrPF}wC~-7
zsP-`7b6XNp;vQGr*NpFVkxj0i-krL$vb8q0F?LyT{^U4e=n-5jqjhmgzSAz8L;38e
zmbbQI<1c9)X8rPYV_LY_7_*^V2LNpASbAiqaPpi|^88EwM;Q6rkl_A_aG1<$HB+$E
zE&~S@P7V&K0y*X%@|XQL`DthWAwMzPQ;``Q+%b(`<LsEzkHQ|q=s4On6lhoLPSHG#
zkkkYk_U#_=#xi$TB`qhacIm*Nphx&tyGX#sm|_5}b+csX+MLXbkm)l;HkYMTUo$B(
zF2<Q!&n`1Ac$Fe$qHS`bG(&Tz>s{&68YZL;3eJibra0qJ5<jDyxQa}v6VuDmsV}ig
zVvLx1JDJzIvmbx8t4X>=A~ngq0%}6{mB&`&d!@!_m1W7ccoi))`d(;2xAtKC4>JQ^
zak_!CD}-E)V`=efx#pk~%Ws`LOV4r0W)Hh3rT(pgT<%4u%-yS=U1KF3k-`?8$mYpI
z7r}MR5nwA>?i)0{+;8L*dn@i@{D%xl>cre|^2bb)?}6KyG7#>zc-{}TpQEww44?D^
zbDX1gZ9>6h8tbY$Kx=cW-}&Zg@C)5}R4MSV!2;J#f25^%;B=LAx#6_$`j#_8MwNhA
zp{lvxDn$&JL~@p0k{9I`p-0YpGdF+6dxo3b0Dm+PhCEu3Pjnc^6YPkGi&3o|Lz7QI
ztJZy5@0e&H1;MPLcECbIVz`Asz%$u9a}5b^xDP=i7>=?pwH%yn!ed$Qf!v{Jxv$y;
z-FWiHm;{d)xII3v1Y<88<(*t-_Kn%LEe991Xctjy{a$DpK}_9U3Yb(H8mpn6gxZg(
zydk`s-8w^giA!IS)m3wi+@5&#BvS9QdF#)z9V&<L8O?MFPS;1=s_Hyu4LGp!sY7L;
zHZI`OazE{4N1;0V*QA}T@kjFpaR+;YY9~!66~*T96r5uJ7!MMG^Ri=WpjfUSDiqBj
zl=f^8-4UUZlUMy1vdU;oYvtKeo7TcSIMMO0Mdgs@!^>%hW9rFM<E*~rL1Xm(fSSkY
zr=bZK*nhAhaUlV}C^=6D+Kfdj86Df4if{VVxChkQKoxdr++C%YzuG#~mW6NYCuX`_
ztc-3;szT0}nA29sZamkx)SvcCyu`WpqdYE`zZADP75mh|#(kX69K=hm*nm#)hfa6B
zZY$+UxUqy0@?P4+T;cHBp$otU{wAW?nW>;S)yf|)86K|r(1%9n(sm~-6@zookVkui
z=3{d%w?&;WRIblzcpZd4dJ4RrB>3i1q-&H^33ZUGI#XY*Mvv|$zz<?Y$LxL&3C1N7
zPSeIGaj7bsRA6B^yo@=y8~pS9f1Z*F<k_sC)#+u;waw3BYa1*jfk=`OIYv^K)n+;C
zj{Wq<GDt_|7i2dQtk2gmI|yltjXqz!S7VlJ?i;KF<i+-UTCksXEPN{rzZ25Vnr{;q
zp3&?WCs7s}U0n-%w%!D`9r|#v97LZ$$m_E#L^;YLo<^lRD`IkjpO8;Q4arX?h%fDn
zOfv^_{xpWa;|>M}>BQh32%PvDt+>}Dw0XYq#JfFmS(M`*_gIX~#pg5{ifv<D4e<M2
zXyf8;kc$l}Qqye5AwE5(ihvGmu8XU%U_0@;ySI^1jK;y9YY(m$V<$7Ox!-L}kol0!
z)Of(Hju~HkZFf@lnp<nHJ{c(GyWRj6-F|t==+vu%K0E=ryw1B$+8XVvHN2cR(tr7v
zn`O9Ib{p)Rty~cYYDo!bOq+cL<$oLO__kjSTg-Cd>w=^EfGd6j+z5>BFJ*Z?Re3&T
zd6(5Kd^O!J_7yEkdG&F9Dge-xU<AAB1TWVo6ljjQQ2ta){PC5P0$T8Pwz=!i7mZvB
zOJ6^7-s|)|=R-Sn^p0ZpslW-1!n-9Ys6a%;5Jx-}ww8(J$32P$6SpaeF)1jQLb78*
zycXiJy6~5ToyC%K3~~cZalSz8<zylK8}G5J^E~lT^X_1QfH5BsxnXtoJ3lmq2+DQ}
z>o{;jg!2?-?{v{QJcan#`XUG)x<Jo(%9thm;M4z?<bu1XZ~|~}|HOYW{9io(OL90S
z_{P5^-$R6v9P=;D;XD5b{iS$j@`m|`*T}KR#4tZRFewiITT0VEQV{-MQc{?8{z~bf
z{g;%6OH{aMm@a?g|4SEt_~yS-cB}qBr4S>>o~`|@2KV7vQ&sxi-yAHU!NJ2m{|c1<
zUcWrU{j&|$eZj#Y{(Iy9ZH4<!{y(+;r5WG~748^T;cxuc`T3WA|MYjO$gzJlTlRrz
zhVfUsKSJ=GnXqGnovE}Bui+k-V79EVT{{0iHT%y_nf{&m|I>^c&iNlfaB#5cjA23b
zpY-oh!aShD!oR=%pH)V6E^}6cyogPl`%G7lURgq+TXZ1oZNiFP)roW4wU6h-%+rXX
z^?Sz32sQnetcuJ9kpt;~fT2$LwFBLKPf;7=?1p_|of8MI?@z*lhi+%Pt_C-O!ouN6
z-NJXr-1&n0A2Ho1XMjqKkc{L>mEvpfgWX%hIfoxZF_s4eYdK4VS$tI-QdA1h0)v%M
zrvNC`#^Al5uMPuY6v{nk*}hC~`L{&wtPk&r<(Q~d=v36&(@20Mh$#6#Kgg8O0}xYR
zGti;Mps9xLg=&Rb_4@Y8BN(8rpjC#7hdzZ0^x{glUsfcCV)rgJoP;$@{y;MdrIZ5T
zqv_cI$$Q^QcNynYXV9Y3q78()gw8aa;P>)L3-`#STc+eH>%RMdN=mJy`~C|Z8-2yw
z3Wf@L`?vNq_Vl2)AQ})o`CD=ta(Z$gG}R~Cd9Wo%x&8Nu$=nb=Fj-z)`1F~em;aGy
zqnBO#7374yH9&_l*8mwWyvPUxRnF#bM;V~wc*UNKsu}k%`y%jpVuo7=Me;=?AOzZ@
zR>D(tOLnu$lgXt{b#AbV7_`hU8;MaZ@<Uih1SkX)Hpt2(S!i*~bSrjicFVoWyQ;ZL
zzY4u-m_G-(=Xe>r8hd!Qk5#EC3Fze5mDshE!_339wtpV}1hKe{I}3lc)xnYgwpsi*
zMn_Ntn&~9lwO-ZOrOuz*dRBTlAU3r$wd))C8A6R5s%Wb`fr@3oEs>M9%{CBh-h@xl
zsd}lxsUa*^tO}pv-NRU8SckOIwAD(pwDpXS%CfYCn_Z=fK9=GZ7#6#lTAJ_8j1Z)j
zvjVjpOIAO%HoBtJl)F0Z!Eb)p)7bRhW8PHRYaNMM@ZKY!H9ASv?b4<v9#&#rnb%5H
zh7@0a;%~7fHg(p5FQQR0FJt(mTGsKAKUIUjb41OqHxWL_MT#rXg&MEBB{9sz5HQHe
zv3L=KA#C+L5N7zeElnBdV){DJWsBo+q4)KQ^GaXuT2pNk&ldHHe<qul)z!*zD5Jfp
zfwcEX6X5pSW&?X|fO1Jg=NCUs@8#Pxhw7Te1uN)>Fa6b=_75*DmJFIzihXxlo)|dj
zy-!0}iNza1gMWk(h-NL2eeRxsm=MgDq0=_Q&-{rFU&T7Vij{orX#a{%fPZ9(F-W{8
z>?FN>pg8DJ7JL*i$yRfci%}MelC7<@G+}t~`G89aX@ce#_XOI6;za4hky?8_x=oW?
z&g|*6sLX`W9)~LjwGGKU6HkZ6ox*KD;eq4N@|6o^vR8rTeX$#hHH%92^xwYt^$Msa
z+N&>Hp_ANq#@Vj`?Hl=Uj5F0+h6wBCF<@qzE5I<^CixY?FzFS_6-v`zr$bFt7$!AF
zHAb(apQ-EwZ~V0$X)f&*sh`Pr*#J9l6GFrY!F>hUdit2cDuy(jh>(~>0sxM5AbO)b
zE)m%>OTGi{h8%>{1!nKE?If<K`2DK?l@+se2ZE*Xep~Ll=Uw(g8`&;(r_|}D;VDBL
z9}zIM@+7x`iS+Z2MBd!%$25a`#Rxu(%IsLmBM&OsjOv2MoqRWmT?J~tY4FgrD2az&
z;3Al4R}2x-Jar+wnjQZL$0r&8C<17f3dFRGzPu(C+Y=Dm;|3(iER3qZ^AWrx2AIG7
z5m~f}HuaVKLU&j4n})9}c#FA+sSm8H%xg;_JIuw`{B9i%g1Wnxc;`&!`#bN^VmASW
zlbRBXG6q7*Dghse-$=OGYJ5TVZ5Z@J`?Y#n+M6Kdg5u1=#Pe4Me;8p_ZmNbe?xNo8
zwy9r{tVS{Z_H5(-oBVPAkl*{i$<K-LAM)n{V4dg^%@gmX+7Yz>&LzGy*>ZNMr5$_k
zAny?w0CUbf1%V$~<$R76GV#w`q;I;?)D?Jo^@t5#+pdm0HJnL7%Zbsq0yuFSpnq_c
z03#T#&mmw{%LHP0mAiN`jYtN!S@#4HhNPHqxD0b>&@Zucju!Sne(N8-zJ$`~#Y5mZ
zX#Lqb<%9(;BIL1a_eQ6#;96dLJZ)NC1k4<`+zC_CTU`w$CWLIDbki+dkXx=I2=E%T
z_nZQJ;KU+w8sFzir97tH;N>U)ypCe^z48}~N<4^0?1$D)0m8vq47-o&O^CCnY<QU&
zdI&C}u9RON(LlkV*$%ipq5?-WS46-!cjPf)+8%a*laz_4^m^&&mo2phXU66FS*7Vd
zu-o;CgzjbllO$#3F=9|feM595h8Iw3MdXVC%<?_Yfg<6J-rL5WZwLC<jQjc8l)iWH
z4FO*RpEA-!%}ViBkpl@<<Jx!a(x}siI8wyWx=_!)$M*<S)r~u2Lo~?lwVVa-i6?nR
zx^c44PlOFe-C6bd!!5VWIb;au|JEI6`^d+Y>AqsVWD(MYQxs&mPrkJiyTtTj;E1CS
zhPwl-#tGol6u%Y@`(jG1uUoPq2gMkOnVYRXN@FuJB^%WIso_PVU-k98US8uj)+0*`
z*(Ake)A%0y_X*<3yB<!d6=mXD8IT@+lK$s;KhtuNzE{-eb0j~3QWG)|u`xf&gDDUq
z7x?oTMVu+zQ`jWW?5rsFb5=dU?G@9#V*elNneNv?pV=9WgC8ZiGXLySynNGpHUU+_
z&i!|{O(dU9mnqF&dp-D8IsK3{P4-dm!<X|CQKY>fj8@{uaL38WtZLfmE)-6{rvC|l
z6V{0prQi`|73+idb;WtDePg}-64GccvfnekTR7mUv5HW%rLm@pp19f95eHI8VJ<-`
zhWJlHD+$Z({7s&PV2K+y>Db;&<ZU<VIOMRMs@9TGNIk)50R^{o5Eo}BEnUKD=^Aeg
zv>VImj40!Sv5QwS|7(b;p#$yNpkRok%gzTr@afe^!`E{JN#umHIpH0JF?a0)M(~<&
zO_p#ZCYeyg0>gqNh1bxL#w!m=fHyLswDD(3EDnO8xWj(SuFx!${=3bPAex+4L9O;h
zsldnTEOp9DM%h3x>a0JY+9mYIL@y^I2d5S_wtr|Ab)@k5AE4uKp7)mr?nk+Pkjc){
zugGg$&?Bw)gTlpX!lF7>IF7U<(N<=~5P4#tx<47OjZnD0@8cG#8*YGJzeCev5fz@!
zVJ-HFIowm(cpgOx1gR59?)LsFdDUw{J?Q}67=Aj2lkD<>c)4%2qW(s7lQoi(tj1td
z_nP~RQZT(xw&*4^l6q&Wek{Q{_K(sNrP-Vxv7&ydDoX#X_rf`@<V!zoNV}x;a62^-
zwQGD@mnzuD1^JSGI-+%lNrZBe0!J9(k>dIeb&>5U$v1`BMt4JRQV8@BolD!&d!&7{
zkLiW?%Y6o=@TEJ-eS#R#@1)2qx7U*!;T`B=CIv8$$As59<_qC6>Wr?hA*zf$SWMli
zehzI63xx?-{c_tb@r+DY=)Tv~&9e=Zqyo+xMVDeqAF1p2=$jOym4A(caYxNCU1JR#
zUCh!V-hO-<j{Ib=<5eRt+PNyNkJSonJp?-SYtl)wJ*VuR0y4g)JyJe;G;Gm5XrZ^F
zd*r_Mdi^7+<72f|#sURpxh9j|m)7Ln4XKr(O?E&KIVmM>W@Hdfpb`z0V9b{laqsOD
zrfyaLh*K<)>fp@87lkiOVNK?VxiZgEM|{g;X)o;SmD5#h@*Ux{!h1iGo~<j)OZ~F}
z5=C6I&xv;8!Iw*PPxygAI1G!xOt15OXyxSBZd8s}*1@?*-R~>TJ&c%yu|ak5+mS<c
zM?}a(!S#P8zqQ7a?diN*LEl|W;#J=!&iqUM>Hkgs_<zXn_21;@>;4b<$;RN|qS`VZ
z-M49+3Gel|egq-X9~A5wh?sK<Qu*!|?!g1#W&Wj=4(-HPk%lj(-#O(WD7Xpek-bgW
z<a}5fo@4v(Wbn(UdVx_q!<mopfrRXm7~<B{-3SnhhL^yTc4DmTo1Cr~?cgH&Lw_QV
zZq)rp<R~?NE3$hvky$q}e{zlZg3#7ikPUNzPJ|`a)SmW?W|{*brS+(s{g{;~qFQ?x
z@qf$Y;9xtmkDiV-JUFiz&iP_IaK2SASLf4F#xv~`3upD|uh48MUO*Vze%aLD&h?I9
z3jox4pm|axe8x;BHsBpmms-QS*gzA43f+q-oAXl@^8I_^h2{IfD_<tvn4E(BB?pE7
zs1%}{q_Qk3L3Y(THybzowk1Y}1wq=)V{E#Gj>&R0RcsQ~rfL|8l2jsof2zsGSl3QS
zG*S+DWPBC?l=AsrA}6<8=$6sWcXGQOkqh!ngB-PqlDCWOL7&sk@Kkaivo`$v!EQ%n
zpPr%q(#_=G_ouxjMsSV&b1X;gHqYM%)#K9yW+?yskfR-Bc4<5p5WRFPGn{*|f_6y}
z=w*8JHM|%S5Sb49Im%Y*r1PH1KfnEQi0mW>@e#`4*!F3Dj4W*4<J+zNI>Zyx2N7e9
z|I^lizZVpn@x))>fNMEe$A-Q4JuOK36NJJ7$*cQodq_s5<y2m7Uh}u&9lZn>%!ZCJ
zCo#5J@9f4$QBNdg7Y?C6P|r~*3EbKBsF8H-3-6!$TxA$ZSM2N5?}_rQIa??ml`pFE
zi}Cys$?;ykJsx-qj<P)=f@v<ugg8wGj_xBmPVlJu*3VUC1bD9|;#w$#aW*+B*%lPI
zU~Z4bkR@$ZU!RAB?`>`zjgdyKB=wOR%M70vY6~7jt^s-`G#@w?hR)3teBoB%B%&zx
zIct)|z6O9sg{1B-s=nJtc>%01`&lj$gl3dv^4w5?soxWm+s1rhf@FMuIe`_0`(gw2
zeo6K7<{yYHL-3*P_XuBVNXC5ar_B5AAK?NZ@CgamOrs>YCwG5bny?NP4`Vetksg{|
zH`p~mmw`pR=NpkLf2zN=YlLs7-?)r<&?>1VANEssT6F$s2#8YunWjBKbUu^8|GFFf
z40)y1t0e}nVejpMuKtHRa=)S@{M%s@lxq0%p+HyeiC-Io8P{ZsoRxpp;SStq<<{YU
z3ckDg3{Zf~*=Mlb)W9x3+X?QZGgJ=LIdI@1|9ti3^j{0QW2)|?we`u16g#}=p#L?+
zful0LH_<Jcq-?^%CgKx~r&&b)3w8EoO2oxK%ZF#KgtB{wz%-AnhS#g%f@Fp#YS~Ge
z!P70#xF_G&LpW1<%RH>0Z2R@ROJsYx{Af+^OEHx6o0@1TFR9n?R<hQVTc-Z;gmM!}
zwgci{s7GU{H==GgqOuHi&3V1kQWTa&AZ%;_OKsm=*Z2HwD9$8$?0xXSR4uXIq7xG+
zAAV<#D(hWj`}It2vpphYedFX-mhsMIpl?m{;K|`Z5($dFxfGmwByHgT=HS0gXy9^3
z;H^n{kKN^mv5s#!F*tm}NnTV0A>ZH${6;JhXL;4VW&e!oUq<!}t~(n5)JpdaRq(ns
zwdB~Y#cOR&u1b^o<YcSgldE3ZqV8MrrB4D+T)Lh&*ffWyH>oeKVM%)R^yeyQbn4DK
zl;y921ZJuHxj>=*a<4yV{fVz6qGG!DW}90=G8Uwos$>>)J|BQ~P~LhK5^)wfqL}R@
z2o3qhnupCtJm!8SdMn|ccQ(7ZVJU{`xD9i6{R^|HB(_~6@bx{xp{#79{eFGZJ%NN*
z<Ye$w4UHsiC+11ptBer?Yw8!_tnT&xC?^U3(~U}*np=&o&}25q+uVfp!JK1S4(31v
zm(OVDx4a9zRPElBm3!&q=dSTLE>S~_x$2D;TjaBU$v^+U$)E5K`91%e{334uA%7n1
zMbkyq<Rg#UpuTYk+t4DEO+&&G&y7=`y1BRgN1cj?$9_A`)>-ETn~|C`S%2*#zP`bc
zEQ4BaD@eyXcXmRB@|s0^hE-Pv(vQE>^<Kd{tWle~?U_<Em@v!CB5V11?7$uOoRXdF
zKGgA9K*77b*CCCAh5;n!9)L}Ip`13Jy-C|*VAF|Jaf!DS{e?rsM{aOUZZjs5*C~&1
z{hR*THm|7MFW?jyC^Vusygy*TO@tF{$8Cop7vJm@^75^#J7I|=oJVNQz!>obZ!zl8
zHfwXawRk%j&`JgNzC4(kJdlXZJlfzQT_TS2bADseTkKsc)$xwqpRzG$`zh5Od%^YH
zBa0dC-JR-O0G>zgx5i!bT}ebvIX_SHv$H|SWw+_z#vhh?5;t)Y;cBq3bid7~)fn(>
z-f6_xOnagiO%v=7&E5=s;0JWaUEZ#HvU@N^haCaMs+!{W1(*JJqQG8#PxI>g-k=(<
zGZzW1lN}Sk>drgE*u9xVy4F}U#aI{B?}-LqX2{V7xbj`7c)x!b5^qgOT>Va?%A)XH
zS%KwOCZ8fpDjjaB!AFTJgGs;hE9l_SjcE1;<k`pAxcV+oV$ye^e&KI?06js*BGzqh
zQ0Tt*D10xvrF)}>?`z`6!>L|7xxrfZlFe!Tq@1N~@_9BP`+^N>;iRODabxbP^q^T3
z(W5H6>E_$6aQ4t?<_fHia6<`5G4`;S`@vfUyTUIHG#5nI<(BxqG1lj#9bw?8%;tAN
z(o_}X{;@A>i+7f3&=EJd%!8S2l*4iwNy??jNgFWv+Yi!CQDRsZJhD`~vk`iWI*G;b
zX9@S`XuMNFVG$EF(1f=-7zSHMt6CLG6GNMtW{s3!HQnmaLemz?(F+Mryvw=uV(lvC
z;_rbWhvRz?Ya9I|xJ<lS3J~VO;`qetT;>aT*9w6<r4!ST_g%;fp-~qCN~fI(FR#zH
zx`)70_uspFADq7V6J$}=GN^=ZZ^^T<x)uv-^R4UhSx%GhV0*FLr7LebI5XaXuZN5#
zC^q`U41}1ytUW82^v`B>bAGKscPXly@pF}nss!O7uvub0tEQtCF-i{e!uuVp%*umV
z2Jh?q3o5$@tW~`k{Z-HWJCD6H-&~UF;xT;mC2PRFS|^(9v4YG^f^AN=JZy_(Q<y3T
z-N>TC<J=f&7_xd6Sx2rAMbXPIC4UrSH4!99%Bbbv;7@y(9~x-pOKdGc?ZoGx?G+e7
zq@tNAIr-Q4<X`tCTI(0eH`fX-4a_9JFB)U3qn}P(e9M{uC~rxX?&ae7wqIt@`--DY
zrf%MWa5Ovk)7F?O)kA;$(KEx#Wx<VP#D2y+6I6HhJtGu$<gz|wQKF*hHIG_vbbci)
zfPz!H%^TR*L5ohg@8}-V+>;g`>$<Y8aB@)iIJQlx#AE#(u%J%Jn<E!0SH-E$*x|3Q
zM;8c!4laL3+ja0smkuJF)u!rBvHbbLi!R4JeKz325j13Gf+U=~)UCxQ6>SmOjTs=W
z8y~2KyCfbRff90d(K1FMa5oG>VP{?o{mm?aF}12Pc@+h*E5H#z88~utDWKlyD$%h}
zhcAj*mkw0xl7yR$PNM~WP2O8U)i~l!Jb!~9CylL#Jt0lCU=-GY?u2yV#+OTb-ZOZ-
zmPO;Uzl5pw)#t*jWQ$Tr<1pn-8SziPl2BhZ@W&QpZS1{tv1*BTYbMidU&Tur5rruj
z%&#b1wRGXF@?PK^Ws<Q(3!;i86{cIh2y6)>sS=V$N`S83JzVj)GO#5Cu-aqynoN1U
zlL#Sy3;edxZy{MB-yRF#E^vw8Jn#i+n(|*?)u8#kSw0VUo8IjwRjLZVBwFeuJ_}Y4
z<yJVu8zk53DRNd-S%8_#kIC(fg?E2!gL|>-b)h!-*75Tr)=8+jlxJ`4X1**R`g9OM
zJnL=Mjq_jfFa2-wC;mfzkN+nBJI4Qzp9SWp4u!IAS`b|!B0#_5`}}phB~P@9Z;m1k
z?@<&N$rC3aHLPh(Ma+68t%lp7kv`|g_6s7LI;&|;BCoGVMNiAIrX8|9W&OE&R?TE1
z%nF|_7H=>W54k>Uy}hP3R^0ndKnK9rD5Vc;c&rOHR3$xw8?t(g53bOSPE{Ww<;q0K
z7z*h(@pcj#J-8iVF?Sy~ld(*tJ_rN1QUC@bGo5LQ@XVY4n8|*;&YmvTP^K<_&%t2#
zdVD5QCV#FCX`H>l1^e}j2`zTmKzjDVhh55#Wj{V&8OdIH@+V0SM^<40)l_o6@+$<1
zjS!NN+}&`oPCVJ}`STphP2XGB>T!~Glb@8F3U@WX3q2TA8fkyhrPV7w*zFV{Ib=&&
z6tSC*#f4cz-SuPViEh1MPUl4I8S>P#NCXKp=AzEU59`eaYaq(fqFU0J<Y*8@kZQ*?
zh7ADJr|Dit(0)|L6$}VSseRKYx+!LV7NPeAOzZS!MLDStFd4@r;M5Pw*d~>Kcyo#7
z*2VB7siG1XYqqjDvfElDCdZhZt+44gWeGB%3vY^u%m1>7<DvZMkGj!A2JOCzS}ZZQ
zaGlrH8l5;i$Pd!wJAVD}hAT?Xn@=CgV`6lv$Gl3tW$Z0<OGfK}xOYXW_WFQd_p8KM
zv~%v*pDSG7I@AD)VeW*-OYF$bTzw1kg1)CKgrkIKDYL^p+5_I1OlGXRw%opecY}7!
zot>zeqtibI_uY2e0GzVW{L{)=xN&u^RT<(RD~O)KSrm@M2Df+zynxc(3fUk8d(_MQ
zri3LgB@Sp*7v`u|qT9k6l3&m8p|u&wttrA!y$iv6ZFhlT&=?w&t?rH-{KXb4454>6
zt^yTMtIw5p2EV(OvY-&iJp!MUPnOf0I_3ZMH%Uiw)AsavSmu<Q$YQcr@u_5c8(!hH
z@pZ<u?RdWd10~OrAP+OaxYX{&90x+*9of_6tpMg^zbT-@&3OT@RzNp!f<%KQ%SD)C
zH5wpO1DghCcwz$woHNu;=GyciE3ujV9s9uLZQ-JJ%J{J({Uw?;`<%kgcRcElH5<GR
z?98$QY?pY8-h9w8O|w<=3v%F}_-WjLp+%1x;!9@vM>&&ZaSJ?+W&B}RLPJ#>?f(4h
zCgO5Md*gVs71HQuHQk)-ZoKs-xs*1+Kjac5!aa;{6RsL=FNK6JPu>F2;uqUIlBzew
zFI>As=YrK)GVkShIC2jBY3rb9;Eh&mobEN;9Z_N}$fG-%SGEx(w$aYH9E5h55D5wg
zqjjf(Z2WJ1qgE+O_?n|qiyy$dENds6clYbbX`-^8UcTUf@AJ|DtI5zF>Do^yVQP}L
zjkpih=$&v2x4WgE$vP}It&t|>e{LNJ)}pn25Tv!&IXnwv?*yk=Uw2M*oh&Q?d=A^u
zZ(et*U(=KuNf#3q`Gp1Y2<(^!2LfgWWRxdO*$SwTF83$V3__usLM{5EvvWVCy#!q8
zyE9X9B0*UxPWUU7%c8Hc=|~%mRzwwUGN#s;d>f5GPYZMGWWKLE$*KhbKWFSLn}N#H
z%9Z9Hj~UJCUs1~BvNZT!CURW=m@4P3K_h1jT&>c`t?b-E>lByHhQ~O}_oT=do7do|
zJ83I$F)m7hvRO-R{CqZcUCd^Iriv;K?u}TF#K?N8wSdJt*Q&$}a`xkEvksS^mYC^p
zC&-1UZ1X8&B8txNNBOHPye-)`By6jS0URu(2RinIQ)W1}>{4nG!;T$|5LgSSvhYK?
zqsh?Ik#Ml5t*gf(1iWk=db;D8>Mg-<atYy)=BxF{qyf&}H5XJc1NX~BbuF43psf`F
z*O@hA{dHm<2Et&qv4It-13jPf-Cz2u{0B9u7!>VoYaiqNuRg?p=3GyvWJC!)7L?QQ
zG?gf*)I7){2aT-7n~NR!(@BT@*mpvY@z?izMDDBi|B`?0f0IAyAM(5ZH~HmO{zLxv
zt8j4ss+bP`t0vjgJe*&;daexZw?mK9=RQg*tFNl3Y&(%3qlZvRL!LY4JH9>=f|+-p
z0SU{o4|KX#!lVKO4+EhO2D)GO-=x#Im;WiQ?Z(So?|mDt%DR|4LkPH|-bmQ<^d=23
zza|TH8Bc=t954Du`qSEn?mO)20eC;_@L?RPD-t)I(7wo5FXt^G-+eqG2TSN;jeqv$
zBpp1NFFyNZkuc-6g~oT9<RlYcSUD_xV7<%bOSQ8FZ|^AGjS^tATM2N&MJdS74H5n9
zU>oq}2W_rs=oL+!38pdO1U8tS3vK=NL_A>KV2eDe!mlr%3&+X4H={s%&$%lxB8)fe
zUkaKUx{2v1yif;}M~ItWQlis_sB&6R49fDIIX`Fy=R_1)n+g_Ovw&aQEA`0CEyo22
zB@k>4T&K0(Mt!H+f46w0@OiOZ{m3W1PtsI4tE+M-NC5My5{Kmd#y5D~nY2JE$DZG!
zpqPEsI^4l?yxdC**AF3W2$$iihSt|d*T3Xjj3d`^Z9Ah>c^*RMDx+fspTu45cF_P)
z08{z6L3Q~0*XD-oo5+he60v&}bNVqV;fNu`el3(ZQ)hI$42KD3ihSE=Ql6!$QCVdB
z0+o_@gCxdkYnFhqAIjI?!koE(I#;I?R1t~IS*A7je!Ol)5YS8H-z$F0%W2HG_!_5~
z<}UQKhB?&aqpu+5jn2E<*FPFT;utI2FZ?a!6Mf-NQ%2I2eY+Rjd}Cpwx*bH+b_?y4
zqx=`NE$B`<)VaOCF+joL;sSppK66I5Q~2F#alZSV`ZZu)6ituz0mVXo_n^@9<+^50
zc99<8CeT7V<K>M2>*tnYRVk{ohU$0w8W9@Vs7nM-)kz1vh`t_JX%<OVMqhkOgef|3
z=g@h#Fs}Ql<0<}3zU#&nxBFm%p$F}OS?{2H7p5${NY_g!Y1?Azh3vVbF4}ZDca@yf
z@*dVydN>nd)-$b|_GWX5B~boy%3?P5u1X?k6LKX1D53RcL*(nckbMlkcdU()4kZkg
zT}Rai{`lzWeXc}&hA>vGE^#7!ZB6%VEzKj9@NMhpkpRs3dh!xfb$Pw?Le{A3;<A;~
z^hUfM@56DYn$fMixUO%}Ck;GZYzan2H5G|9GOSGWCo}0McD8qJXew{ov^HlKH=<OX
zOkel?CIG41VC+H@&xc$^#p1fSAFz5`_5n|yJ?tf9yKn`huLQtsyCgNNKasAB=`dGr
zl7b3#9H#6;{7OBreW)tJt++afuy$^aHN9Bs6pq?25P#kRnyH7T7cBCxcwLD*6D}{{
z1O)RpLb^D>+Plq>2-8!OJrp$p9<$7ynCoAuKsO)KBdjosQn$El=VcOt&Z!qMY?mpp
zSvRTYa>Le2p#N^@&Vsk5VywL}Hc9Ew>jj*HZxY@Ke`*+WKa%dxr~|Hh3=$6Pi6{K1
zc!Il-5Ndw0KS`{9Q}tRT8ppMujkOlo87|2~_CVRj%50hVGBwm4#gNg4GOZ)`yXu*;
zl^=|_E4%AVNfqvurx!EU0c+24>02ll!f35%4~4osRV{vrMz)qT2WAjV@ZKV)48t;q
zISyg(z?WWvA(jh~x7JcTQ|eL-zOV+IsQ>?Lz}i{L`+k$XP4_`q91&MFrgzRiKAhA{
z35SOhw_Pv!;eOv*ztOD<rs~o1ZbygU3mARI;RC&gzlCQNJo5xCg>}GXXutBLKBuEg
zzQF;+0wxvu9Cu7hqkbvp96kXmkY4ERwf{Jyq<@oG{b3wz(TH6rf?F4HZ$dj6hIV~S
z$~OF3_14z6WJ$Rb)_$!Y|7pMc+tzs-kvXXa)nOG=n?4U&2*a-vG`z<u6h5sv<8M9I
z{XhmO8w;7t-RO3U*xOO8BK5JM-vv82qj{a99Fd9E5aqnG2;+!1ME*<ut^ZB_@BfhB
z?Z3&dobVs=%VfgA)uDfLwnjbedtV3i(UD##99o6!mgUG8(3Xng@r?T7V@{S<Ck6%I
z$68y*6iYsDlnj(bVR)sc9!B}UE4>r(SjwJ*>a+SVFl-npUgG(X(gtm;g)>So=}X)g
zkGTD6O5p$p(5okYXFs^48z+c^Qal_L+`X!8h)CpASDW%8dT0+dcDQD|<O-dU>HSRX
zDqtTnX`WACsh-*$22=$1j~RtpNndv;=R9X`AL)ta{L044P0!b3Xk5+yVhBp;A&BKx
zJd8L0W#rA!lv=EH1UP!IETtDHdw)G4H?7H|d_yqVKXZ{RRhcH%YD+_UK;snr-P#hV
z&X&mtu^ru9CVH3CO_XR@Fie1OIC;1VjM%rvT&IcAN>;?4BnWds=h^^J!^9~~=~Am)
z0~E<PeYqV<D@bbd`0RAeUF$wk;DZUpKbDZQLD>D7f(-DYR`0Dts|@<KXR4$SO+K3V
z>`l?D!360#AxZK;TQ2)1CVOc?5Eo&Ea_bisTudi;7*!ReDr`Y?*2hB$YxIRv`-uS7
zFE0FG`&|Ovv@m5K5%<@^WSL^ep2>ta%O#T^MWQ`7@^k$X)#cfh1Qw*u;seeXk$u1n
zzKyI5>MkprZrDXTC7Ew8n?)%n<)+6h<XtZ|sGG7RA_F*+)+%S*jFc@hXR-G9erdB#
zFScPg9Q7{hld<yj>k%av7nc8;J2M(3sg5mSpu8=Y&DpB9#7XI%t$5Q!v+=E_Gc~7L
z)+8SA!!%ZOpjh(F3&U+mqh84PSh~e?(LG;^W3We&&cq{^FOP^djS8NhAb(SarxySe
z338NG3%jg|pK5Bv_2G43PZRq!aLJ;#5Z`d(_=$dZm=0G|K8EBF=TGGr_>C>WR5Pck
zTV0GH7@8Lq)w!-im&@>p>0up=DB;$t-3u`b$d1y^khNlQ&H4}s9X+eEND?GzN+d@m
zeP8-gd);$x=$_W<jZ0Ybrs%B5R9&_yDM>e*<ssfnp<XY)LAinjuqupqWT4FF!{c@K
zX}jrFt71h)KVw>)szA{W$$<A|&>0F}#QmzO7+p_Vfr}l0QPh~0#vgNhVUcOrm?Xw6
zz4iVL)LWOGp<8<M$_M5?JX0-RT+u*A7dH${0^g~1eNmV0&yr$9w}BXG9m~mej5y3%
zOwsz29rwZ*^*~wQYawijJ`G;jN})L;*~l!tSE62WRnP)!d0G)uUCE|KN#6ziaw*u@
zgFdII)F7hqgZ}kxRh&9`Xkfwh2QM=R&s4}qYx-9L3`k?Ws=6bQB7+j)CevoBJbI6-
zWSLS%Q4p@Es6Ds2HH9@9i<Vs<pQtEJj==+=lyyqcFt*$Q?|y#_f$|y?!td#02T)}<
z<^X)0IFf1nWn1!qA#>jIivG#t3#i)tWWnTR|0CxZ06m{K`M#r&$6iILPI69)SFNN;
zna{recYT65i(Q;}aqE4p+cj&zm2g1l`R5=Nnj_9&n=vCF&tlPmb$J6G>b%s>et!XI
zCL_e@j?a^KznQgtTy~nNOZm4%h+X77i?$_;j}Qek&XisMNG1rIcin0ldo^WIi8T|D
zk+H>efye3VCk^q}l+$*xvk~;x4eS}VYI)3F%Ph-SMVJ|Z*S>qr!;bWVG*dNxVKO}V
z2Bbfn#Xp>-l*P8&O|35GnV++mYbBVerhZ$-ciU-mt+(rQD_iHI#y65wUUd&#i+X8u
z_KNl#Sjg(dTIwNnF^+jb(#@eG_1ZD@=R;>j*$R~4HME;PVhA!9ng}4%Qwu%qFN3FL
zkL{e~=nR=}4i*BKG<o7aNP@E)8okq1!w>Ro<S`jz1l!Y0=p1=~5u5H{TfT?y740q-
z158QtlUZNR^GV_YOdAR?gz9_6B~?8Mz|@LnRTAcg;(bd89ma%db=7B99x3KT6ew;}
z{X$fuV2%Pb>yh#=i&synf62f1zsaBc5BXjHoBSFw{~`YeAvidT_oPYW1H}-ZU1uaU
z#P!O7%fP{$&5r84O4m26M#PqW)a^t1x9<j+db2wc1Kus-WscWElq3qNq^m7*Taj=m
zYW1YB?_`prpG0vZxHx41x6<+=q0^On_{K`Pl?=Da(}6tHA(z;7X_KLh42|J(=Oevd
zj^87kK6+)9ec2n2brFAhktQx@U5{29bu!hvZ4!|2>GFzXbQMF2JE&(&WfDm1gfyt}
zq2n||!E1AlJ<O17KG^L-8^9xJHl*`QS{}1(4&8<w7J4E^(xisI;cm+V7{lhv%qb`;
zBBAE;-k~8OtcT=CChJ}iTOVy_AHex**yL(}aHulT<UJl_l_AL-2k~l;Xl6SwQ9W&k
zBi#C)zQL(Kh-tLiKo>%E{rI4_$_rpmgbttof~@R%&Gd33qx4I3H2_?qbf4v&PPU4P
z1ooI6`dUbPOo(sXl>}*WrE;V9#hHRwvk6T|a#d{t;BupgXxbMa2_`w;6iMs5+XSG4
zN9P=9HsrCHpPIQJKVDxVx1v!>2apD|;I(ptjlA#Cp>M8HW^x;9Bzx>1>g58LVl@O~
z<&AJAJ8N1gpv-`{&*Y6&GW&vu+h_7t9WL3#VGZA_4$->Xv^g)BPoqK8BN}ErXsY5$
zr=b3-@SAPEtnhKc3mLYUDPYm$$q}#HP&3L+t2qG6^ml`+WBK*gDimOXYTjuo$QRKM
zUL}ok{zU~J)5CMm9OBPu|Gx5O?t#>Y%y-+(k=vp3+p|NGIR|C>WeLtu?UF*}$X4+o
z%X9{LknT~1U-(|hZhQDmr$OBCQL5<s$~3&gv{=H_lr^H5=uaf6zg}rcX=xQ{IcRMR
zHn-XqKNtAwQVEv(%|Edy-{^$Qqw+J?aaL{5S+d9({i@Q&s`zoD<u|W&(@<$uGJOm`
zuYmPI=2Onku@@7v1#Xu0Gog7<yzx+u9k7J3ETm0!E#J^1rcM1x>qg6~JfFoxRl_pX
zai!IbY@VZVRyFn0IS0upYpIWSYx+hZY$VoE>4LctRBaR4qp(fU19lhfpnlI`8%tVU
zrxj27TfVGxPVqzP9KnM1&o=GGPZaa1$5PjOpA^X=M#?(M9G@06<3R1-w9Dd-e>v)O
z+IQQP8qDkRORW_lmu($W`o%|xGZjUbvK)WZ>hpcC16)dOt30k~D~I`aZB?=?bFnQr
zw)WaG<W~x06lHbrPMZi7Hx(d9yxL5!Fcxn0rO84&=(BVtF#IuZ=WWu7<QQ?@Bi%w2
zn32lw94UdSjxJ7=7D`~szW7UB?WMhAp$1{>koU{QyJ}Vt8uSmmGwN7KVSU8S2$=Hg
z>?U~&VpXW!X8D2(r<15Z?Dn}+I7A-vx+@fA>+V8G48dG_W0WK-b%(L{dkuNT7mNr9
za}7fU0@<J6HAwcnx{vOmMxO<}8OOqfofkJv1CSxKTf{<vk%z^-8P3>-a6ftpoadcI
z6`o03C>?`Ww)~v$E}lc`o+dW~y-_Jc7`K+T5bDDb(HVLzbaAyKZ2BUArDS|z?4~G-
zNS+Y^Y_s3U(=inKE}coU9P~JK;ePbIYC(1kb<+Kfa{kB28D|v*=TBds!Zju3BdU7e
zMyLx%Y=qT)Bz51;cT*o-wBNn@T<k!3o+?~>WP@JM8s4!`@a|xvpE|hPW!^K}q>SY;
zND*7I?&;-s^=_-q=evRXmqs1RYUw47A1`<@FN(J9lLR|=k1u$`we5FQ_1C$-M`K$S
z$~#;O+?3Mqi}jAxuj+!#h9$?9u0OeX1S*j9oO|q>d|XK`t6;fvQX-;lz4b2xI~kRO
zuO@?@^;L_W$#jNte!cvB5n+fI?|I=@eq>%~JQr|1EtNE2*R-1>EBiq4fstZT(eq=L
zdvVe1z|qdG$WHds1dnyxRk-FMxwBeZj=}WlX1r^0+tpg?nXgwwJ5U^yGyj+TNB^7r
zDgTh)<-f_VefJ;olSlux?dhm0%{=sM%cRUxI4bq+GPVKcH4sqkSDbnGoU9Xd<aqX+
z9CiDh8hxN#wCqwC5bpNNP7i!O`BiiP6fB;+%UwNv1X|8Po=53SE<|o#K?R69&H{T*
zFa|ZP&LP#K+TEKT2N=c)V%;wUX;~(LOM_P?I^`ZcC(GS_4nUJe5uy~yKX$+~oT5Hl
z<7wdzZ5)NOr7TvvyRy0W?YwPgaaAY<Cka6oMs6PNYs5y)@<5}5yKN=6XQpbypy!iv
zDxr<%<H?C2qr2=Ylj6$G&6~C>6X1z!&&e2uF;45|O$~<eB*Z99FTbY)!?;><qpJt0
z{#t$S+~~sh0IAw5TQVkYqn=NIM{lB#Wkv6g<I2jjrf1Panv=zSkr1m=`P<UUrJr+y
z9i{@A?Amxj3fYAVX9@=jdqP9mJ0l)y!o?{9z|50WYez1@MK?`w&wQmjnaw2oX<9Am
zN|V40mC@=#g@ehDMlagFxmS%^0i_cn!%aAsO*+Ghf~<n2svpBGSAH3=tt_qoXz+8T
z_iO$zw0_0MACcmzyettg<WXMhrSC`reLw|PS~a_#mW!tuj2n-hj?l`Cmb2_DuK>rJ
zu34)L#smG<%uIsDJx<QqaAeaqWYbV+N1bR#gRYy!pHANeITdujFde;DWK<G)>FNjN
zMVwFd-5qX8DtUgai}^0CWJqwZ9ORin;I>z-qSQw3@M(0h<oMTuqTq6glR&1{XK2HK
z{K&dxJ2=DL`*@|u^5o8}3!isS$U3{;b0Ip5hKzlq@!ap?WJmCiQ<lLxd-e7jiz7km
zrnXmkx$K&Dv(~`ldZ1J4?%gG{WIM1aw=#BP^1N8-zVFer>{sr|LD|Q^oZMoiOr_u7
z+W?=qwLs|~RiatUKdP3o*p-p_O<LRj{8^S&YH3@ltm2?)kSge*Lh(Eq;am2t)akf<
zR7Ga?gBD+$s<}sN>!4vFONQNeV_9A6grT*y0=SX|l4j<}Cs=0tJK`w+qiWjlN1gPp
z-_>P~XFOh|qzps5B|ohaNh}1TsjVW*EL~Nr+D3LW#I#mo`Do|otzt<EkJDYOvdZiR
zGcQ@jRd|v=iSrJqXdGGn%=mqrd1TdQ``Ic(uPooEU#x&MLt(tItTw}Lzl>p@`zpO{
zP|T6C8PYn%_6hiNz^c~PDu+wG<YX*)UvYj_%rfUAFmunU)z&nJd$NRVtbSi_en!kX
zN3(JaV;^aLxk8|PKF%smuW&iN(W=tcZXv^?EL+cMq5Re=dFhu3*M=bX28BaaN506C
z;Zm7MCd`?zqkyQrr)9dAz2}<Qdi~P;0H{IFqkPG-o@Ew)x#A&a$pQFYr+%m^X=Ti~
zUA`?Nz$&*b`^7209n$ld=bN58re0PoY^qiwI>ziavVPEh4Bsw6S(EXpmpOk>WG{Pk
zPUsnUdZ{K@-2QWOR|sL=;<@;=bm9Y}j`*R9$L}(d39$oi{#nQ{L{S`+<*8P#kY$o>
zGH<_RF<0ogiEJAWn@zN|)seY5<>x_~$7tEms`8rhynl0<ftL8$g0o!-k|RZPz5d~T
z8|_@VV^?Oiz{(wN;hf!Bz!`Dl0L6K{j#EqWs^YP#SCgoLgU3Oe+q{5R2DEm$DrV*B
zKrp*%R!gOMid`#dw_)cv%s0QV)9@T^=&JsajdA?^<j&(5;sx;%J_-!#?$+F(I>YfI
zy{CP|Rg;n2nDiorP$4I04@Nc9-MR+8&-ygxVx~x+tlxS^x0cfY2<Y<8-9}i&8yF(Y
z-Ou5#iUMB#t}CrjPA~gi#$i*IVcV9{+H07voJsmSybEAxQ#Cid&*GNKVO}Mmb5i%a
zs<fO_;E2KK2QQWiLO_&_1?ds^ca%*5C%>wyrcn<c@A$Rl?^c^C)}MsG!@5=*_}D$@
zX9pXmQ&rVxHFdZHRH%&REi&!1%^v=e|MY*8KlLB-JO4NN4a@&Ser4DItc<|6pCn(9
zk3aD)VlL>U=UbIjIm)NwwuKK1LfU?}4y_he^O=w98jY?xodI<+(5${yIWS}nKiKll
ztIT_h$?Q`b0mry_-GBNlidCFsELk<F3A&Au8*Pm7Ub!RiZj1r3#$VOH6Xb~*qgh*I
z<5qUZtDj?=2c}zEWjNaA2&kXfjic8~3-Yp#D+OdTb0M|0>RD<Zos7rq%dPc3jz6ky
zd^YCcJWAWQysC4wH0G{8T(AmR%5&nY{;A_ZcJ<RowVA&<6X+p&_1j0YS#V`cV6CUa
za(zZHqj`L#t<VS9Q7)QsHx6y9hy3x+a}uEXiQ^Ft0r>xN;-<<>@F0R25y)=XO7Q0%
zt6YUaq+bTe`4v2Lt_mR<8&>g|J8hZ5HfqN!<2G0IXOwHo!=kzFx67mg*#X57vwdYy
zk$}{lPEcpX>ZYNy+R?q$<v8dVa_;!Jv34J1E%=-ZVpYGLPw_HPd)b_Q*<TED0|hY;
zkq5!t*qO|fZvQ@6FxJtM;@4pRB$}Gvwge4>zkPx-K?6UR`Rb1AD9<Z3>R0L*%wabw
zpK3wpO+8k->UGpM>F8rWiI{pzJNAkjD$vDl|NP<1349ENg7|?-<}LdSv3nvkrsTkm
zP-yEu<Kw)sf^Pezp&K59Ger_tlAUocT@?gP6U0Bcth)Cz^WrTK7j3p>pI)q=U(z(Z
zbKjsn16J6|g(B&K3noLMWuGxtyNW&FkE?92#b`(9Q5xh$N|w@cw-0Y$HYtNl&dL}+
zW2gWymOyg_^I3?bAxkKat4A(pp@^TvSP;n;M+3INPbw~eP0uZ7;e($<pdp(RMFY0S
zPx{70Gbx9wM<BNgVWO!&y^mmIqoEm%1dP0J(Qv|KP{{2%X~-_f;`%U014dyvxmK_e
ze#VW4g@A0*60w|>CVqxaVdSHDG{8<nwh2}amLt=UU5}-yV~+;hGSR>$C0xRl+dXBX
z;e4IcXfa|%Q+Fd73uuRxiJ<`p;wNQm$Vx=gfKBm}dYNdbV5MRE++m{0mBn2mliQtT
z(vgUvx$?o!2+*+Tiln)+#D@+3iS&mRdWWCnR1irXO9OVmPx6WcaM096s4Tru$?vu^
z(L@wRlEV%$06(cvLpBg5-yA<F7gjof#+4=-P|8G84AYuiZdV0A$)q6ikyLKCnTh70
zAhN%}kQtpexuh3BCt_;xW{ry{N+f!Wn#MIYGK-GJnqG7F1uiY{im$S~YzyQ{bb{TM
zJh9+)1pnYDZkR9yd7uo)&8a9pEPap?SCzClH@ZEkzJY&=lPKw)kGS@FsF5h>1}fZe
zKZQJNy!=Wy!F%{6q16%mNEI-lW?k&?IqA`%%dvWeRmW?NB6T6a-DK}5u&o>YnoC?|
z;KVSy{Ed6gMEyCU{BcrQI%TCoIi0xtixvSe;bdrD&bKpAhn}d~q(efTWTafSy1=Vd
zXSf`sby?=iY|PI&-!3h0<>ww<d=k%c*KUoc0~TXaV6z`*rHMiBt}nT1=OI(fHm^+m
z0UG9f(7r1xH`8c`y;`fT@T%3BXzyn|H#*j;A$*ywD*yNit-8T0>A)|T=wQGP&A32k
zOc@;QH^{n`dcEuO!+J<y!BgtEWxdguH+9$O+^9O1-7atBsQ3omC@&Z2bSU_Lad(fw
zk+g68=wsWqZQHhOV`C>9+qP}n$;P&`NjA2flYRc@sXEV#^Q-gvRLxXf-P4%9r|UD*
z-P7OuL9JWXe#QO-_to|z#`h_fh)#auUip>s%%MHyN}IPbxA{h|_=3-h_^HFzzL)RT
zubbbrI;Xk#>;bG>(SE-6wD)Z4m9<;6_fy;{>Z$Z$VfhV;wiit)54!5<sCg^f7JjFB
z+Z1Q7yG80#xYmyW&ZvbyB7N~KaZQwW3`~0l|DZ<EPj!C@gjG>iDRBv<vj$&f;W@X`
zye!=+MfXo^+1jZhtN4`a-J-GU6n_m`S+G^SR#i$F`8nKmkyc5LlKfx!Z~nLZDgVfC
z|6loy^#7Hg1sDLJ@{d)p=dVlfnF^qXEUgE>)i=1hiujg`bV<j<xPu@n0)l{ofIJ)o
zM3H)<D<gY|f&fsJsz^|j39S`6G!(BZBjLV?Zgi31ZR|V<qHA8viM^V)tIw;ai_Whn
z{aPnZW=S|skHhr#tGDkZ&Z;%R+JZZ;hP&o(S-?vPc+K(kMF1ZYNQs0hAW4Z){=^ZV
zRdj~I6(?7q;)3LG#L5;lpW}4K(-lAmRHZAVKBnpjsVT&!fMp=V-4be@!%gzPEb#it
z0Y58z55X%YKdXEXbA1Hr8LpSVat!Mk$pjePFvoq5_a_gY0{u^ZECs%g5NH_!s$l4^
zB34V`btJ#}m?m;u3Gw-GXEI$0_4#OLa$X656G<RRgcH#KN&ETGds0G@q<i9zF#x8x
zp!gq5VKn6I5?Jk$^JBD*nVW=|2XyV?mx<s9gdQSziR1^A9%4C(=m(_a3F-%|<ninW
zv|}WiB$-{rSCViq0*;b+FA}$7<Vpfil86FvuQXsIH(7m_9OIUpz%{HZA=VQwPP*-O
zIshw)*nO~jWIq@;MeLB+L$!x!f44Ynv}bS9+0nPga*t#m(fvSgm)<nJgmO#n{H1$j
z_rr2imM*(<c<b=;2j-^kCEnHGih>_<R_}oRpW2(17i@1VzeM>X`<vDmZf`KZ)ZUSu
zBm8Ul7x8!FPspz%zhC@E`q%U?>hIQ{uwN-N2aV4*pSWK+Gr#$-+r9C=;%AQdZ$P~X
z^+}FFkhMaWiytg}PQ|fjLz)n6Win?=nlNqUv}aSAP;F&5W?L3>TM92M!Pnzm3$iWI
z*OOffw=ChY1ia=2us|p=l<*}8S&|+LKTZI+;zH(raD~B@2wQ;QN`=n-b_T(f6c>yr
zDm=m9N{J~{WXXsrMYe#+mLQ)SbB6jzmn&X4cIFD4E^0iccV^2LKAQJ%=KJ0~=0#aj
z=t`uIl{%t+&HZr(jV`4=q3VdYE66-S>qxdM+&KAG^0J`w1n<FZ_=K+`7cURol89F%
z(Sk`fKlB9AGYPM7<ODK9N`7AXo`qL<X5Q(Zr(1x2UizM?Tc~#4`kt#>aN$@sL(YC~
z;~s7*&+UZQGnX$9{)G57jW1vRg!whACy)Mw`Zc2`-`<jJs-T@E*0<>89+@^TxJe?i
zDXpf&`dF(Yrlu6zg3U*KX94F`5Qi`ZMLe88Jbur@A&Nr{hg>XtZqMBz0E1XA$v1(h
zcy1oUvWi76BB7x8W*)?{fJHKcMmF9zr9^6>=wu$ovV=uCA{k9ux~O=biBe9Bt~ze7
zIC-ARvbjl2i@G{-SsJ@2dfv=3vPpHF%r@0kg1cCE-i}gIDn+Sia31lb%vpwuE;~U^
z+Pv6l-s2>|S+RpeH>E~Gz1Vsl_9W+Cz>|bGK1Y(ih+U~9iMBg&TbgqooKk%}kx%Mn
zp1fRvDj`0~l*oyR9=buymw-PBe=PP7`K|Ix`n!%VVQ-TDSnVJ7TWwC|>4e5VZns{X
z;-3UZ;~ux-ocf<6=%c}o@o*<~F~=OZwaCs`xJ#BUU|fpiCnni)rN=NXVqC`A;nOPS
zCDi%ME1JhNE~GAMT-MpqHA&NI>RRTdjVsA>$xEEa<0s>1XlE(MDW@qXd(IOs)Xp~@
z$sMX4OC78o%^fZ_59w2*4e4|BBryO14KLHEI>@_El{!wlPiH#jHPBM~9ZtLoT>G;d
zIvnURmjL^s`7m~D?AW}!XpYcx!oSXAG3<HGx*mdVmX&{L&$RLC0C`Sh?2%qgsgHzB
zWg-cph*Y6Rfe@enG85ZkePW5dQLZS(`|b*ybPA0;JQ5O7JyLQ=h==kJ$&F1NYt&3~
z1z^LR5Lf}+^yi)SPoM};Fb<Go7=6NFf`TlQX4$HenmG(YClliApBHCJR0o#xlA{a7
z%sYHuxK@-B&{_jXYXLxI&mMo}fBN6@r~V_q-GAk`K>k;L-dF&D2MH<VC+U;8+!Q-u
zU$ya{?_Kxbc~`|jo?^o~yoE;jIq}(*KeHdsu%ZENaFs<y<tgUf#9`JDiCu@DJBd@y
zB_v&kB5(;u0lG@ScRarPXLQ2f3xu!~z#@oYA&W+o*Gfo{KsX9>iW8GTKt@2_iLn3e
zEutY#_bH3>#yj}=HC6kC7oy5}UweDFGnP))gnl9WHlO>`U*+%~c-rRIY85NP0?e;O
zTz_I!*Z0Zje!qBB;;$fhznPH8pWuF`eS7D(Us%|_#@xHZ!F@Z!n)PsH@Ty+kYIqfw
z7NFzASCN;a;7fCmC?iZIoO=Qe-a&dBc%D}9&HBE7<d}B7wv(bwjMqfilBW)k8rp3L
zwZ}<Ksn@hx;-$x094*)6T2d!QO-;euvvl-o2)M`P9Eb56Y$s!1)EE^+L|>(=I!~Uu
zDlw?UB5tl$pMsL8vQ2Qj4?}6Zaoss&rBdyrG4)?GzT@gK$a`Of)##pi>8VqsB!^G+
zjgGF`H0hq%>ztrven3K)R@V_T4OZ9jQ%$Hz;X1hCL}fYPZ-T4#6LNrfe4i)<sE8Q6
zrZ@;DzTr{9AK5D|<KB**DHLEz6Um!1!N83E6<<#RB}=wHM#7RTL%1+U!<0BFcDI^w
zM8uQ}u-=H_he_^4MiIljKRJsvomCmO>`0eI%{AKY@Sw<K{7xNpQ`>NSfrUSlD?S5i
z+>fCR#VG_wM|l9%zAE)h;XSmBWkF|Cm|l<`BW-DBb-2rv;gJ#C7C@%fh{A2X$AVo~
zX_jb){y29&hcoiPTAl&jmVKCUh;>;bxlpu^m$8ung9EXi2LNszA%HESEPopKG@sFg
z##iJruQo)fg<eg~SKzYH@f%r7zM5Qa$<w;~M$+X2CU<^$dHGjqvrDtf4W=!yEwH!R
zhQ<a)?gHBa+u%|2r<R|$;D+D^p#Gxkvg@zZCf+8&=LR+r>;QWVfz{ZBApu5+9hAV~
zp68VB4`{b@kHG=M7m%kDqZcGccHqk2+{qzdq=+s^YO6@Gs1%2Mhuqj@!KMCS^yp2S
z0BdVNO{e4cw*KQeWea%Wsl=VAR}#4FKH!MDu+klE9+X<6(w5YFLo$SRD`C0Y8i%p@
zF>7-DD|MLOD)jUk0y~JKWke<s9{mvXnl4*;S*Zc31~i)xWxpB)?JDG>5N3YWE<qCV
zI5aAVc)w&B1qU>p5NUqHF4Zw8d%td30R2AoGgVJW?LIaK?9R~1Gg?pd)h>)T`p)3f
z4e&bx|3K^w@;eIu;LHv5d%}@>&ctuNAMHALPw^8+d=8*GgzEP@Ya@Y_Jci7$JYHJ;
zY1L+$LVIzrBzRgiKpLk3i*NHfgqHcLm4R|qfRZ9TaU?4EFNBz^!9{s+aWIPHi<tL@
zZW3f==p@RE=n0ru0YnOrEJ)EpXcja@2@G724Fe&o5SoJ+%|gX>v@N17=Q$zs40_sx
z+!(dl@x0ngw1Z++nw$7f;&A75p^okpcp>BabM7orCzS3`jswa!EGmdI1C4ReQM(!{
zkYd+%DwyQ^C<hU-`^clPx&7t}sBAk2{bD)f3yZR=RmyH`XDEG#162`I!Ky}X$}e#>
zvqr^X*bcydj>~(<6BfxIeoG+FgCrSa&x0iygU<s(=J^H0gC)uHE5sxY=f<mLkxdIF
zw2A3NMh!jek(m(bA=eT+G0JuY(+tDh09u?%Si&@bqox1EQ3(-{>qDT9Ym7J=MZJE<
zas)={jjjMnFei}jy9F=9+I=BD0A*Z8K7dX8gi!_8@$>fv*wFW{^|h8ZHIp_*f@)dy
zHIHP!2_dc!#jylsgq@*5N)yGJ^~gpvb+r^6h7|&vq>EoGHg-*C=$ss)-D9h>2yFw`
zWX8Toi#8o1-(yzM^Cs*8>{OAaW|rPcE6$lzqTlUbLLjdSwkSkvT#wb<LU{fw|J(nT
zKkXm+ZT~C3?a06KFS-H%P=d39x>Egw_;Yt^&5V)TohDjS5&d)Pv`u{Hv5Zw5qr36?
z-Tn<?`{(yP9c!&K{SeQB*oy?Sc2%VAhuZ$lp&`xSrWg697lr^Gt=LGKl@gO1OxD=h
ztCHtIC}EQ$1j1oGW`Q$D5s~q*Lk3=Pfo<wCLOBTG-GV(vC25fXg2FOFzyh?BLWKgj
zHbQfKADweNyRR%wNiW{?cQ1Sf*IpL<ckh6QFM*SH;gffvX-A3Q5C65DJQRZ`8D|WP
z9spcGzLh+uJO`RN)>+oaV>pZSh-1bwB*<<s7sDtf|NUwLAOMme2ulPZE0FNhibj~S
zX3thwE9wuDw|u8-_TuY;-gnN&nvLF*g`HPmqZt#Ss`AGdwc*#m&y~-g?@LE{z30Sb
zfZCnxZ;zY-91h`aP(93=GQoT~<mJTRj|~)Gcgd@b*0X-?<FzYVxU=W_0&dR}NHEZd
zgF=&aamE^>%rqz%XjT|#N+H2oA;DlU(4ry1NP|M@hWP{EdD@2g-xDH-1ed@-Php^?
z7-(4Z*D3f|j~LbokVUtBls)FwfFjZuA-9b)wGp|FEIH_Ig0%WqLJ#G0;J^caphT1J
zW4hCMpE-7c*$;4E>v==q50_qpT4ZX^!pYxQzr*=~0L>$$ry)oiN#jU}S{TdgAXd2r
zwUiBwPxtj%t-*RVHgMNWkK?U|CIhyCQG4xWRKX1ORKW~1Ypg-9n3*!v432NN@lgx^
z09JbhS5u#0*i1;S4+z$}^#YMrBZDAaQW{&4vZ740GHqV0nm^S@FH_a<kgy&d2dYM-
zhHm~<MKhmKMoK}UthUTFbnYcokDM1zXaNhPO&8||Hk^No-bYf0<Vm!84CVpg8rnr(
z1LQ#fMho1c8r+5c7{r629@xcRQ@QOIa3;77|0cMN&jJlti6w{^gDuPl!S3(PU<c+w
zV+Z$wv<Y-O9Dqq=U=KNp4C3-gst+9lD4nk!n9Xw#t~JYJP$<@2C?!ouzi35BKaWKK
z)Z!1cuq-6U(9!{P^aNfLD{{&Wa9BWUfw~^#njd&f!4+7Or+rN53Hf|$DvRiuKzi>2
zek|>I9&RmQZxy6%;AasHP*=gf4N#2=P1_Woymd{c<~ow8xdv=+XbP}BJ}w~O)(kVS
zp}B^9WnfC*m6+V`j!x}mEnQB!YEhYDU}~vGW_9tmt!Bo7Y%$f)tR@;7B+l|u3>-Ms
zmIo%%zV_0NQkZ9|4RRvQbF|02TOwX;Snu|*4%?e2ozBvZmMcGJGwRXk`?WT+n%h9F
z9i*4{NHrt1>(N@xXzd2IaEP}N>bWO4Lr}w_oo&ka$O?L-yFfc@cM#i|ar?{$>p0J>
z(W+uKDt4-KKvUn<&MF^CP`v=<4;y<199@#(umOb#b%6G$CgZ{wycIo`kYxKWet>U6
zx(!`8=+_f77#z(wEtpVX3X>&z=+Lz0Y~*_@K_v+lLnyeGx5-2yr$$l_xjPiMK_Re<
z^3dQR#zu?`?e9S{s=nkQ1S`9XDzHGQHW}qSD^8;Ghl3jBYmfk*OZG}M7IV()Smv<k
zYZ1^Up-Flbfmqfy$*<Gn#=%L2&l8@MI7@dBe_!*IhA$qOS3YUKSMsFoPHr%vvNi?Q
zOd{1xacLmJ9-sdHf0$$qP3O4hnyhPT<tUz`>Y8#5nb+91qsy9j4dF_X&mS#E+x8e8
z^&0Y()DINRIm!s5f;1{KshWgRZ<Q)kY*Afs+8HAGp#oVz6?Ns^CWU$YBw-MdWF|~l
z#p0MP_R2bp`8d%KF`Lhow2f(7ak7l+4BJta#5_p>QWks`d;w;mt{|F4cgUtC+#5tk
zr9v_Vr9?q~l~lGs$1-q4KP)RSML#a9>3d=55_~PDkJ*Tm&}A9^Cd1c!+6DN}@5=Z!
zpLYQsH_i8$0yV(#m;~Ej3*xW*U;kVF^nc{H`LFy=UjNFU@bUfM9xFo@W$67Rq&&1=
zf!S}0N4<M<ep7*dk-0sd5+>E*8rE2Kt}KQZ7E|kU{+fE>nwMiV_ER)Z=3M22N5{$t
zpt#t<vT<CkI_PU?S6{ss!+x9i{7<+XfsALAVGk%V9vXx1<qUpUOnz95ept+Y84P|I
zOnw=Reklf@Easn02A@qPpEP6dmY}|k0?Ya}dPqq|>a{-)KbVY`7-wE7jXqEseWf(`
z|Ma|9(_o;zX-g}R?kMb@NtloJivgaE0iBH{J(ye^Nnn}p;beV@!eSsh8Oe?#k=N8C
zkbpq@1R)rPF{ohFtWujMJ4%5LOFF1gQPxCc?&Z5v=}Ea1hwN1@s-03jB#TM86{pT?
zpH#vq3?vDTE10%1DPdNMP%@62{4qD}U{X%6o>V=ghECQn4R4UqtQn%NOky49G7W5y
zTr03qcctn~1~JWb6yPi>q7Y9q9*6u><fz42nWaugm6}{R?m{Xnsm_$7KCVqF?NNI0
ze$+GbwfXeI|5y}?Xz{rnP@VvvrGG}hwE{<s7;0sQ+6k>$xm|pBftUL==)<*hdF}5M
zmr>+ZpAP3DuPl&fe+T-U{Thi{M0FD&zZmF4D``ES<4mM0N#9rTL!f)^v|~Lsp(90&
zr(d&2UawdFbX@zUsAl1VVd+iQDz9eGCspf{ubkR*7<u&;9P)X$6NJq#m+ON9(9b(H
zFS$p4OY_yGbH)Dq#7w?l+<;$F(ZCgQ-SSiUfxS}t)dKn(pFTbJpx>eRr-3g>A$MOc
z>(4W6|M5rjE2EcJFti6-8va5}3qBG48w=cZpqm-rq^KBS5NF7(pN|WT4~JhHn`ipt
z+Mm=f@aBSiGx4Jelj{3;D&o<gKhGvL@AGOJ4bDLvSO8npcj7tl>3_ZoRrMG<VT$O1
zT>Y}o`$RJr>Pi5$2=J$M%KHR7Vw|1~eI?g{cpxhH1VbY1dYu+4@aHn^B_cr#>kW^=
zXeebQ{6$74;v=jJX$0p2UC{G18KEJ(6|ySa4dXu=%@GIneZQ%kLhYz;{b)Le@K$h}
zKsQo3$iujZkN%ob1IDTJC{h_csdRo%l=bK~`6h;g4sySWk98%$Bb3^yy*ngqP)Hau
z79?*z9z~D<uL?#{&x9@p+ymkONZAMkqe3nPN#)hf_nBZ{4d~G-QUp;XTaQ3r2<&@y
zfMRn7fmS@jEihb>?vCgVlrsEf+`v}{g$j*&(CmKy3>qUuyu1cN#-^|LEY>?1L4W-m
zxKGtUgAzf81%kF!<*GDGgh>_%Gb|8h*no7fewqLKrT@q1+ZQNEWui1n#K|NGGbs>e
z(tvcNewlEC5)p>~zl?r)jY+V#r>VySD#qN1ta>{stbVhAp^~#<xe0_*Zs1w(AU?k(
z$LN&w1diUV`Y|LW@S1})ry1yhqZ@7D>!Iyq-7Q_u%XZVUZ?l@91iOd?T0lqvBfx?o
z+UMsIKBjK3e{RyH*$1+NOKUAVUCUKx=q7s^^=oTCfr~Ddt+p)oQ1*WAVBayu0BAQZ
zpk%p>aqYRlUT$_GYTa|Im3o**N4YJtaa(e*d7pHF>0w|%91iYefqh__add2YYNInl
z_bx84-%xnKQ+#y^8XHG%ZA#7l?q!g)haZWp&0IucRe;^g$MS*0-0J1*hV8HX!1w<%
zt25&t`K|vezX$!l^7DPie;OJhy1Imj-NRzzATcW0Tj$@^l(;!9oK>Fu);EXF?%ba0
zj@U?@^4pCla7f>q3IH7v1+MDzjTbSFT235Fx*p-vq^-i;M~gbH@x$x&^=!v$55CK&
zmZ8wWvOmIJ<MMTQp9FaFML&DQdhuMSOZ;SS)T2qaU}m-xy2>7TjfSG}s#b~S4sm~6
zco9#edWea>(Dt1RKBbeqy^Q&zjKzcK(|y=k<#w<4)Nu3M0Z)d37k05zb5wFXiVBz<
z!tT{#p-!K>s>Wug1>V^9An)tY;;rLk7^f*9PRLQC(#)2~SLMT;iqqPYwK#2ml;j|}
zr2jf&TVHH&Q3i-e+oF||Zog|0%QXoFQSO>o4p}|dQzrdcv0dOgRb2LnyM2ChVu#0?
z)tl~QG12A`yfGcq-Lh=;V+E@eu4k!+rf{b`oU?twuFX;g?04RNZIo7NtX6ewMCdY2
z@JpG7&tiasm@ZvVFC=DHmCYHW8F$7E1y{Gxb?=VfoZtKi=Thihj?~yfBf5r~Pcu6A
zCWc+s7Hc1`UAptS`m^cnWa1M3hI#h|!-(nAZAiJlJ)bWB{{DhTcd4I5{@_n7@)?^p
zVv%jvOg-jl3Z8p`d`anvxC43gQ(lHko0VISU3qQxBpH_)wVL_-T~spuRAv~hm;N2H
zna_h}q%~VM*s3Er=mJ_t{D+fT>+Hm|wL_7;#KKp3S39so=_#iME8k`m&1}v~y4K2x
z&Wl!M?k+ex?}F&B9Nnx!$+;?P`)1~mbKM^{#;mEKg?KgCp9ZUr&V)^B<D@gWSIdl=
z>a2@gEZwKw)NJpAF23GYM^t*inH$GI$V1PTskN^wRzH?Ywlc1r6HgNlVWPFYEIIRp
ze)45lKVqT|jblgKH&dN<+&kZ@%TPYZ`vXRK(Yrl^L+rvC>>k2ps`du-ON8Y8K#Hcc
zTv?t{v9GeTkR68O4ZVlOTqOtU`6W?X#$8Tni@a$qu-d1mPcQRc2u)qt`sHn?HXQo|
z)nbi3Z%&Z4RHNGcogV`QNi42^*0M0;l|4e%n(6VUf(<VxOW$)1vRBZaj?LZEbUog8
zY8|9UTO@|1cdo6sGSL3Ve0u|=QejZNu>BjUU0Qh)m)bO^^$W7@+C2Ihhc}Flb5GIE
zDW|LyJy+*K^JF|(GST3?)at9u_pMqz*~j-at@5PjdMX<Ea~WG7H$|i`Z*Cyb(bH!g
zJXS)JQMQ_1M>RZG%_XW)qQR21c4tlsQ*I-7R${mr&lSB->*IKwomBRy;^3c51y2dV
z!p_L8X1G%=8!PiBp0k#zEN;CCweT$8-_sS<f7-XJ#qCykD4V<Ob(|~5fP*hom3<v0
zY!*5X3((B7MpQ64^79Y(8lYv#68w?pDh?zuZF}<u#C;aQyUU@V{<v$>TQvz-1PE|m
z`hlxpRIFG)&BvkN<Dk4Mox%mPA5Bdsak0Y$yRBt-+*w4fE<aG$R^i{P(U*t9df<i3
z4H*fC8cxb%w?<hi@ttk<qaohlQj4hIbT}FH|1xtD&pVuv>#plUb(9H@og{mR$<1&k
zYrRMxbO^r~+y-0H*T?V9$;I+oGOI;VS7Lv9mED+<E8OYQVm4Wr<lbhsqJ!Z*X5F1X
zs5XUW%F%^pd^UA7`pxUyNBkyik`pg!`a5{xozvxw6He+n!z1-n&h^ZT%|R#Iw|fOw
zf`egjUj@w^h4b{IxYLE%m#WLnUfEFYm+IE^wRIzY)8;-ZzUGP4lrubK9aeZG6fHMt
zsrBrnZ8p5SK787;U4Uxx6CZS{_{0rw$)&TTM*ZvkuS{33gnLrs^GRn^_!bZKBRjW`
zz_l2{M5Tc%^V%(UJDsimL6p8Ug}yX4eTI_K-(iO`gbu?a@c<lm@G+;gKb1vm!H3F$
zeilA0cUESqF3S20?KoQM$2j@@c$cpy`zt@#|CT@VANj5RE5Gmlzw&2%r!@2FX8C^p
zklG(MXIFVz)oD@gz5fh7pCFl(_30r!d0x5=-HI;7>sp&4-D&K$g*>8Vc4?hbgLAfF
zTkcZJmR+#6w`b5yMPqfl1DXnkdkA&$$$61%=VvoAO<q8Z-R3!NH-bssRd-%mIXG=m
z-f}_r9hYKQ@_~YIiNfTfHN5LjD@E%x!}YZ9A+Ot@-j6!1z37zL;<6h>>;=Cofq~a}
zH@Uk`vRbH2YtJYF&)GC;?)fvomsz{&aR$DXy<OV>vCnqpTupS^#)pa{bn(Wz&GvQ-
zcZKYt4u5R5X0ktd#{BCo1_66pquE$!jrgh2_q4lPQpD(mOE&eM1==ECK6<)`AXvP|
zZpHhV)V9-5QNNB%9sePx*@sftWoUq4kpvyPZtbzzT%=|C!M@`<e)wVb22beEt-K$M
zER|dm)r9ux)X0Z>+KM{ALPl-*)0`K5ZA;hb5S0%x(LiNq2N>+7zDJ)rz8V}9_Ab^o
zy~x%X79U5|%4}X3Va>z3ka#6b=Y4dKFX?d{*6XQfZS969)7+m4$WVCv&q8D{cskdT
zupJnJ5VmISpyrFlNxLp^H9T#W>iU=A=(74+7h>X&R-M^dChTMg%tSm6>Ylur2vT_5
zY`&Jxp0YYsCAaTGx#g~iX*~<<<&*ulNw3>K<y!hq(4CQEogY|M6X4Da7F<u&kCUH=
zz&qRaCVLt#6(74%cwQ|bX&jS2ACrRwK9hZQYet#MsF|$WyO&HiClSnB<M=!p`*x|g
z`^6uswpw!6)*8+Rml1N#AMYE)NZe7n-7UlERa4SNXPf+6OZ`vF8nGd?j?<-|P4~k&
ziP8a+>vmf>Z-<`qFMp`nrny<iJrbmE!<*zk+A}5fGMVXJX)O)Y-hVH)v5IL`ZZwYb
zt+f=SU)|aM`Xf$3N%yAqz|GhQmN%s&keOC%vA}VQDvbR*R~Y*%4zORC$P*5NK87vF
z)1F<vTYIVEQf9lYUe>L<qdZpYu2n}H)Tez$#FD#CPr`j?x8L<)<8|$&*;a8&R)42b
zNtHg<D*1HDcK6{SFsu9mA7hTq{kkqLZ<imm?C32xZ?P#}n{4q(xBKq6(rf~UsVj61
zOUKE6-eHLJsA<W0Ig_0A4tYYnX3~$vGwSW7DMPut()7>v^$kNW6F1k+zUfX{zZ&z^
zrLC)*y^Jere9;g*wo<cZ>tv9ZtXS$gx0{G(ysb=l2P{}NwswBt*zgUl&$M4xBJ+bP
z?fvd)c8&+yLS{`w#SLH4<DHjsg2luKB0p~;KC5?6z2D&ypW?dCopPZpJWRX&?76YQ
zXXT&m`Xy+6jMB#@*mHN`dwjp8Qp<(63nX3ODzizn)2;JIA}yNEK7;mMG#(c@=nbyN
zn?`fg=cOm;%8sqt^~1P_eh<8d7Hyozn;vr(+6k+9;4igepOg+;Iyi-1p!u|Zd+HUd
zE9chD&>pXw(vqiNS$?~3xQ{`+wu;vMe6i88<kLKD2QOr~Tn{n&&-RA$Lvh!6IbX!9
zcMmd%{6Y#BR|?PI0H{n<>jG@O?nmB%l*x&7o>384+Wqx%!{-x^jme;yUQHL5Nl#S6
zy<;77_%ieoW**=Dai<6X<44i|Ic{AZ-uQ6UuxXyIooGovnUSq+c9o>B#hFoQ^z^ED
zqvI*(W}+Bp?0nK{ebeonn*8p3Qf~#_$&413(Sq&I-mu{mk8}PL(OIp_CDXQFRj%-u
zqqv{lkE+eUgngl`Nk^KPUfO-6rM%9&&MwxG(6<!W3GD@HGcoTxJ0H>wmsqox7}|BV
z{e^(kbkO(Z#^@QBnALm6ji#pNr}pH|8eH$zGndoDs>hZWRwm_I)ha&*OUdfFZrYj4
zI%p*Mr5en0JtoJI?F`C4*v%Bmj&psMuSt{oJ>V3D3YLl!CMtG?4juX@F@>)~UuY$t
z>3`*i`rq<r{Ug8Sf8`HK{a1bi0sw&BGia_8UY?5b;{({tFM;dt4A*z&u69*hgU{u~
z4p}hGk{s)U4YrqkvBnR&OK=&j7D?Q%@m47<<JPqpFW(cFR_98{H+c4L4z*Dq=KI-2
z<g*$(NXRSR0->u?FQo0EbM7}!VgE6za%D{NmAmGJ^}FRkSNLPryl}tQi%D)thkf~|
z35<;>mCQFjkMx#q+no^eg@jNS7u@broZd>GRE5mE0*823J^eoutWS7&f}OaRp2kM3
zsrlr|M=jf6@q<vQkN6y?m(n}w&?&G=o+>t$m>9b~=kw2K)21Dd51F1LE&+;_xE`I=
zB~O03cJ-E*mW5}G<DJKb!aT7v*r<MF0(VNQZ1qw?mz#9Rr!vPF%x=3a^K{YELA2#=
z?Dr?Dx6H3TzcMY(A!zrm_Yq%viQbv!F}%|OX#JPcpiqTp@B@s;?EMVH+}G4ZZ08hE
z!cOzKc0$d1BhP#R6r3`#J8@%dT>9L9MdYARFARK?^kVMiYD@@}sWi2^Y+z)nZ}*Z^
z+0bvLw~UOu8hw^DlOwmZwzR@6ghZW;45wONSA5j~#+yE}web*ob^IoLZTt=-VVoK0
zd>NkVaX#F<z#Mx@pvsB%_Hc}RTatW}1IK;nvarl$IggP)mpdbzI49p(ZJrqNTkj+d
z4a^+kO3_EUZp@#7T-Zg7hI?O`uC;Bs-HAhSnA!a!Exk69oolDb_KBi)E@>%YW}N<L
ziI&*t+pIlO^CiQs?B}`FIjqCv!EB8;liu#ef@ICZ7cqmV(qxcesXyrIoG}+u3O5p9
z`&4t@^+Yt)^%ObZ#A(i!6bhoHOYOK;^gdM=ZpvF1r!_S+YB9UY_p_TRsfWlY%1dyc
z78udp+nNEZfw?h2ojy<rkcEje9o8c*bjiO)@VX851t!i^6gCMFOB2T5^4wM~-p|C%
zQ?Dfr7JFsqg^02=Lk+8l!16aE3^Rmg-cnxw?nK;J+@!)#96VmSyfKBLf&qkKnF$5J
z?Y#e9xPTg%@E@UOFx0FiYe`c<Ur$9NL9t>Wt(#x-L!*7!_XYI@Pq$fo<@S1dPI|hz
zUJsKzPb9LX#H~1bjX~ab+?)@)sr+Aw=smuD3LY9B-#_)5h;?JC9T}PR)pwLkeSLa%
zU$%u6^}siY@JPLxviBa(RI|(1Zk5ZwFO^7&;*K_CjIb(`C=xxMq}IZXOjBmL{^+^B
zN}TM8YU2{`QN8?(8k3(|%+;H*zuVcdV$UvLp6|S>5!=+e>E7l`l&2V-`M7ugN>Mf6
z4w2F1`W@!(^QL_gGH`|d3}@ryZTS1^c`~MG?I~;A%51C=U$5O~gz7`575iz`!>dJ=
zFD7D|_v3Yc!pW@G&7-Khmg8o`?6bvqfXf<$7SHuVi!lCI&U0O7FeBf*Q|rzE8JR~Q
z8JVRBPCX_Y;|)MC$8nCxoHa=j92hrCI9(WPoPb>TW|$^{SYGxIOf_L&166B73j>fU
zi)fnYsR9P1J+n&9g%2%#FeoQyFCR^lrP36V>{vB3|Aer@1=Ai&aVz^XI$4vZ_ycOL
zT6ILE?Ap!4yA*4qxEhsi>C>5Zc=X&%x{H=K;k59E`(Nv@n#dYtV6DDSV_Zhg<Efo(
zN7XL4(i<UAlI7+$k8*cc>{qt!gq<ppszf@pM{(b=1YTaQ)d`+DO;?MHY+nVMv1s1N
zi|>w8*9KenCo=R$$tm(it9p%VQ=f}Z#hG?><sP}5Sr^C*9y3qD71Fhb9%ya%HC4Tz
zr{#T^oZ+I1>Qc(?5fhQws;q8On|`x5PMsC0ghyY{QWN&}$(gOcQ)7nl?8cT+@7Qd^
z@8NH(vu|IfPeS!+KDCCjw)dTmU2Tl4f1S4Q(l4Of>ub7%xfB;4&s=n{O2PmPIyp$e
zLYdl`I5|6-8ruF-+8bHHLNPJ26EF~bmw)Al``_|s|0BP}f8~#m{#X7=bN~QYC~X2}
zZ2~4HHeCV&Ms{riRyIZgRwmBxAtnxO0u~OA?~3)iVrFLiuGm?%3E0^GPRsFkT4tv2
zij(2*T+H7UBg1#e!pZu#WMcdt%lda74i={G+5cGq2itea!p!>jsY{?s@c-N_j{mb+
zuuwca^kSAa&Zds^Vm5}(rXr@s_9mwEGNyLs&KBQql$DPU_Iv;NKds`Pr5o38HOK%H
za^(w!+bQhOA?*d>Uu_&G+}U6Qzq=}BreRXZ5!&@(LhsDr4}1INx7T{#?qfMdKFbc*
zG6)h#KEe?iOe+*yNbXYB=aJb`v+2sDXzAbSBFE9p0;0N-w<DT`TwCYmm_Gtuyt7K^
zg=P5UaanYgg3;?BB&ASZ0vH+y(~;)RiX1?<+T&92)^r*C;^bY0_`Ci-bccbBBdf4}
zG(=3rg>*^agKCL_<Vk*~%(qTIr18yt{POfgV{^mn@b>94|9pVPV;oK@4yPY^dj&;!
zQiYEnh0tE%|79QG{QuNgj0~LYtp9h*F%mE_GqP~}xAD%sAazhi?(C-~={j{9aEMA_
z=<+r@!yLz>(IX(r^29V#K-K)W>Y&500!j4T<AtLS<J^a+=Z2AuRb*re#E_9;dxth8
z7BOluVljeWR_^J-$X<eHt_Hn4dY|-S@3K!%FDq(JPjfC^0H6TQ5kUILOkptZeFT0|
z3seFBv|g^8jOrIqjMgX{(E=AY0SPtf^^=AXs2+Jgo|7DGq;k}^07D4b_tDj?n%(}~
z-NpvEgszhdXwaE?#r0-^&STdXkE^An@TI$@0-n9&I8;ZYaMt<(=CnvI;E@neF#gW$
zQwa|QqBHy$AM7!#3<j5&3s`qQAcuxlf#N~V{%dNm0ibFp*L-!65tt!2)T4Ib`?3->
zycIY=w5FDRks{SW{;k4K0vmZ%bm|fdOYz_G5;Mb4HsJ*tE{X|km;@LX_2J7_&YsiI
z3TiUU`Zctwmg4pr*pUUz08w!6`jCM4YkI_F>mobIorTm4)p+lUC|^7b6hfm8)r@=8
zM$(g739sG*rK=6BU=Ge_B_o1+)EA_-mQ=r43fL_YN(F)X8KBBD2a?4w1B_K@t<a&>
zA>NFZH=a#S336K+je>+CN<_?>6z-!;MsadRg*I&;AL)JvEc>hI*ONXtsCt#}VxS=G
zxf$ndLrl#`J%63_vNL8H&hu}D@=Hb&MFfz3{oL!SK^6rRhQtIr!WAuPL~i#*b|L^{
zT!}c#;4A>uAkYdREkM<9pf!M94%^DZE`VMA5$jMRjbPi4HV1c(aM6!92Z)2v8A$vD
zfdl#Y6ECbR^bL0f%3K8fhoCd4`XynTKXw84y@;IrQ0OioUKmYXSk7+vDzqn|l;HRW
znBH#iF)UvgABdN*{UzYNKVMkSZsakzZ`kMV%vLA>gaAws!4Lt27z`N&Fs2*)0f9J-
zKf+MYY-%TTK0<^u|8cCdAA~RrF$Uc4Fhqp@52$#Aa12nzusMXOEq_3SKn&peuzG}%
z4<LsyHv+spL}UU$Mnt6eToB2yF$M$&0+>C!K>~~@j<j6_i~tUl5TX(Rs67UZ5Dpxr
zcI`MQVgzvkEF-L_1G@o<fRnhGG(gO-^tf;iC^08?1C}U39AM2b&A8|^*&j4fe`*Ff
zFhV)-ei8G5BO{RaiCmheL2!m~<_V|}=mqMGifTbh4e^W$$3Wd8-sJ<-13<Os<{>PG
zS)~PWK;BTvgp7rWDg<f3kZz(<0K(2=%@SGt_Bh~yFAggPamf>248*I48E>CZfJ6N&
zKhpn}Kj$C$&HpQZ?AO2Y-^l?0grPEkIzXuqsST(Ml`}-YA(kL!!7U)_|HKSq-W44}
z&yTPUp-KzqK(0Wn{7rg^)FpCl>W=AvHYt_`>x6LBr!&;f5c>vrC<to=J1L$O`yH6l
z2Q(C1hv0xnb4b@`R3=&#tR8m<)fI7Hd5yJaea*FZ7Ix&2t`X3Nl0rxq$lm634Mrob
z14oUZ-j^9>KcKy-=?;B^(*<i!`~g=b;z_zls0)5Y)B|0Kpx$qF2~!oq8fI-kyQdX!
z)z3BLQitcjYa_4;fZe`OhsZ`~7x2`se9h<m^Bz2`)PUJWa1#hj1bESDN0`?}bQ5X=
zp|#(2=%Oz04bHVsZYaAB+5w$~fUVDNXzQBriT)Ykk>Jul7J)yYTL<|(*eC4GfZy>^
zn0P+=2fz)0chobZ_ka&{ZlB;#;5Fr5={2Ss5?|m9B7dmxC?`m0JRgiWLTn#;n0}w)
zP~i`l8w~I8XHuLaxjuD}*uj-B{XzCk_G{QI0UkhdMEQZ%&6R6f7Q!u%9l}rO8|&{-
za`AUOIl`QPg-r(zSaXD#KFy)VA2DxG)BT`BcRvtsfc8><Ao>ctg0}^^LuSM;!0;1&
zLZl+n52{{b==kR%)FQn@);Ng&#(Ix>X4Vn!f@4Rp?~@(M{DFOg_CDYP*!mmpyDydR
zZk~yb)Y~H6(JvjuckwpGU-{lc?t$IIp0VF!o)K;sF1_#wKOpdk`9jbRngpobAhak2
z4k)1F^*0>8tSOOhB7Il71-Y_=bjij}zksl-hK)7}zL43{T+&Ifot&BkXH9RpayzEM
z!h?tTO#<5{NY;?BJLuTB|BmyLmTt;F`_+6m)-^%m(%SM1^Fw~sV9qoltHVVYyTeY0
zJC~+YCZSR!fX#WU&6Q8nEuF+oTU#gjv(wh#;$kkOCUR=J)b4xL3;lq$#~rKZ-VG;A
zlG`yc&#uqpHgy+FlD^Z^7Q!ph)<=mxsgh8RPJ^xADSCmz-}T8FvTdAmde?L*o-SEA
z|3p9;v~lCzSos8rs8q2<pl<5enYZKj62g66cjXGb{tn(AGf7hV`#+~#b~s#kpDvju
zFbN4=(_YN~-A3;Ynfd2B2JgXkx9^3L_tGUMq2t1;>0)GN%M0pKMzMX&<OSXw!9oE?
zG6lwb#Y6Z#_X_iU$>R)s@yUL_YoKG`cX@Q6rj(uw4=?l)K#W|rR2w*+8%Z4<Gn>hu
z$7Q2o*LA-6KEekLyLo*8e*8Op-9BC2Mcq7_u{oD^HFVQ*yf~fQs~c-lHXWMUnp$a*
zqGm#X!paD7G`MMlSl*5>K=>!S{r=v16#^jzz{DecMAo|tE-*H5<-hoJnc=Jt`IVWc
zHJEF<$w&<g3Aq@4%BD1g7)vU(_+xQ1L7xOm&f6^i2%H^+q`fA@w4QYLG=gSZD`yC2
zRp7K~Ff{Nmly#It8n0|^l1L(}paBBT+a5rYlrDndEn4@i5Qh<k=n!`_;e|D_K2Po!
z%}BEOkwSK(%fPTb7QrLDK3a7^qAovk-Uk4jT$Xf*C6HlIcSEj95MRcaMv5gO0$X`F
z<^N*iBVarg00wz*_^ka$@(yLc5hjW#bH(s1)-w@?w}g$GcdXz?=TH?VuC#7?h6y?A
zgt@iVVO>Z^ye6(RugB!H80KoqBVL*^Gs1U{Abp8RU0HNaa<*xnS-w<CYf$UBMXprF
zq?03AJ(!baKvSKW5?oBQbTr^RHE(N2+t9@!-A`#I?ZkA_2bQ4@sYX;uy9YRhM7{PY
z&KMWp4ibhuJtJ#p8y|LTWJA-fc!lOv#0Zt6@}zs$871%7B4Gw1n5u-~923d8k{@^~
zzZD8$My%2rC~Ztf2N4yqCy|}3NaA^N?d=gfrHgE)c>5sYw%a~g#0~e-JftrH<!>G4
z@vJqr#jxK$V10eP!@`gpWa?x8%8&NH<<I>`ezX6|pWOJb{3+Z30E{F%^bC1j{xPXm
zq%?f9K5-#EswU!Kg>SsPFMv5a2;l8$j4IKSOoy7IE?ZCz{hw=KT%q)qHq<A45%lF&
z)Ry)+#KRKXawQIKfvcq-xzR&&eC-VL0-T?jM#=R&q{10Yjy7nSI*G=&wo-@6oW>sR
zUg_aXtK?>kHBI3Kx|m84f}B0wOu1tXOb}f+xtNfrU10GTg$X|>T=N7Im{-Hr&~kFJ
zZ5I2s4z=S)63t5Nu!uf#r^R`b{VKfFSYcc>c7;n#VyesQ-78?o-G#c7GPoP~Vlpxr
z*{oYZer9K;Hz$`I4`l_Nd(zWPtWWLDOSU<4r_R)S!zod~tX4Orp|oGd0GAOJ0}T*(
zm;!?ak=yMn=Go*$^FaPKgbI3<>2wG0VAtbog14X$uVRnig$Sqz3G^rmYz6ajXPFh$
zK6@7LQ*+bzb|2Q%bH0gtYPk!$oI3Iv5=DLS)LA_~cR;+7?H1-a6bp6l3UXuE{*!ie
z_ON|?mVZ)BxjeZ%i5LWkcM5oJGwcAnSe#vmGl@GnXoX$&;ec4M-d(V6Td)qKXq!{!
z8dc_+SJu*7#wMY1MqlxOw&WR(GvsO%-j?~@IUXTe<kS!lBQ03HFt8ipbgmydcbepL
zX!=iaz<g4c*!NIgj6N395<?1%^K=w0QeuB8MiweU(p1*XnK(8DG>!%#OCZxaY5$~2
z5OU!*KdHblY4)I(QVbEx{f1LYD@8U(*n6FOcQZBM;hQSWns=fOY>J4?=GmqD$!V~W
zTa8kUPK=E(e@Q<ePO^KygsgY&lBA~b*uFrj?_ibhqb0IiciAB)<~VKXwq~Bzlpoof
zu+qv*4KUbSjj)6~{q5$;8+&d;vimDrIF=1iS2%<3w?gE?s&o^}BNq&`qkNq0<3gY1
z3Ye}Es*)ibmPp$8{1@^Or8mPj^F^L%DOu^N{Iqh(O{{!$e3}&!<J++1Dt6sF1*MBq
z*2=Be?`50(QZ{*x9`U|izZOOP3LFsiv&OA;hW<WeqNPc(5|`cqN=%m`2??>uxjpO(
zX=#7ZIO=?7apI7!V=yr&=EyPY@S|MgPiyY2n+IPhT6et^^gZ{v_do!L(4YS5HIfyT
zV=my)<u6*!j360pNhbU0m;S{pIYRzJN{#%6{n3Q|J2b(z`3~Y{<`Mk269GCLFnrfm
z+RBSCh1;And#jlfdr+d_I#)RNLgv?+P3OsXBAfdl$o25g4-C6OzH#{Zym)RnsnG&z
z0)&@HLv)q_PKf{>7zcDKuDVU_I)GSmdO=(f2%R=u2AG-%+djlDf`s{9x*BejKJG<K
z3?NDhVkoeF9tu&M@ON+(juZv=GEcbXUO4*!zGtNAKxQeJ05T~N-rYw5A`=7rl72f5
zav6kaa4&bz<$f>@0DdLGMXXaSr^JnZ+&{j*)OrX)KN(`aZh`cI-Rifwo&!>tDml^Z
zuv&AtLF`uFWGx;5pHW=4N;Rxlii>uPskHr$q}pVU!Ku$1(Z8yph6-8B^Fo_78X@r%
z58YMwxiF=vwQbw+-emyM-s}Ae^DxZ%bTq=$s(vQdfz~M1s}Q<Gbx3M2sNVY;W>Bam
zS@rb((Y8Zy%l+bl;HhslHekBUGQZXr>Ql0Lp*!UYTd}pse^pjgfng1jDn(OnEN@=4
zZ{qjK@EvkCwn+o{P9ZQXVdiImA09|Ste(({b+X(<xhJI)KbE(@*FrKGaGwo;qcY%9
zF}y<its1$#5tIt}(T-m$ze}StaK@w)e1;+mIVT1^4o{D%r>KI%nuH}PTLeXc+Z?qn
z$*S;HCSPv7sLPdfDK9=teC*uub9vsgBZY1D;oi3+{S(y-bBu(U>rm7T`Hs;k>?MRV
zSdm{P51|ayG++f3tiLs2Bj7s>iV&jM9TXCEpd&@KnzDMI1D`Hp;t!f*v-@B9vHrLG
zdH=|7`d|4o&Ht4@Y5)L0R}}y0pjRtk+d>{IrXu0X6RdiE;LcsO;L0ptRQfmWJ?>R^
z_ACItVUq8pA2r~}Z<KX6G~eA`FoC1%N0(BbasjEBPh0`m0c)BVWlq-YiUKr6>e-ox
zMYt}ka%KxtYAue8=@RnUKljd_gxyiTiQBU5^RgUBIL0BwzlUIql+qX{In00x%~P1{
z879)*(voF>7e>9w@<8JQSOm*=Nd>D7k_{qvo%$jBG4o|GNUQoM2sQ~fsk>~<%nz;5
ztWpe@37C-8BWlC64Y9r99_sej3K3aT6BHh<0bPO-8C35TxguMNGRv&`)m7|q{4Jn@
zBJ)5l4dA!R?T;C(U<!+V6?|2cdt2djO|>yrrse-o(GW6auvEb_fk^2${!N~Tuso}c
zsiiU4qyT>+s{j#sJVuM%W>bM}qF{ae#9*ZN)8ZPnO#m5}a8=f0q37Or&a48^NW@GA
z1evm>e-rBv$(32yMpzdZ^bUABH<F`u{^aS0Y@19rVszhjGlO>BG&F*6wPkZK?0^kd
zsAJ)Z!l0I()k};=qP8UG0zW|0YRk|<IEF)ETl76&8|Z`<J``Oa-z!VhfU2;h*)(pJ
z7i!ylRLDpZ>vSoMj(AfW8|p4&g8+nk1Dc?Ujy!WblDwCYe*z#hbAE!M1-etbfTVxp
zD*NUbzp5j<r@ORs#ewhr4@qg3A+c7G?+c*IE6WSZ8w<;g0syg^B{vRP2zY?h79_d2
zPE*&wHKl61Acmbk8(PqRL$E3^w{VY>rqIDAd1WPwmNn}jSn<zkHusI`JNC90w__S<
zUy6??ea9FgI;M9g-JGDW_u50?DTqG8na%5!oKNs+nnCtAxD(>yqhR3UW1z^RGJJk?
zki%iKO|D(dkqh432nsql{L%-Jn=MVBGJwqK^v`b@abZUHk8DnFOn#u1-{$#RG#fJw
z!}S%WE95H6lV_*(Dl9*VHkEbmx>*wmpc!&b{^ED+{_tBJE>-C0`f!W6nSJC&=xwQ#
zVTq3Coe*Khc-fb2$`i&V{B;O~Yzt=OJ}44-gR5m;Fm=P*G$o>~K$FEXmx3U)#X6@p
zi_U&6ww|FSW}bO$hcL8x=+}+Ju!>JDC@%#4Lcb0w7{o^Wjv*8Y;YX1_9E2xr@yTzG
z4U#Cs0;)EkfGjJ_p1&=^97lI<S^$cB3ehjAVOuaIK%`?>FuY5=X;CmmDCoW^qCM+i
z=1R7XbUSoHwhnbW%q`o*x@B`|R?yk+PEF7x3Xc5}%Rr*G4{5vPzY|?r9RWf6`^}y;
zd-hRcLvsmXJzx0aatK~*y&iZcy~!tXwnijXvBWEs3lG<VUTMd|o**CFU28LcW)JSR
zn(Mk+=3}O6vEmk03boUJibkb=kd+jRw_#O8wp>lQVz!c%w5mk{bBK)cKEh9(vZpLe
zRvjJX)WxPls+5XW{ZI2!<YXDm^b$&a{GSRXTzz#s6f)yC7<FoCRxa6|ZFXH%1+^jy
zTwAJ3bdp5OOqdy)m0;W@lq9OA;AC7)Dz<VJ#e6zS1M!2S$~hPh5qA-@e65i~YpMGx
zB*A>Tx%%`|qvRM_Rn@wa3?orU?lP6)j7cg~t!6#NB4boi51aTBA=L_%V--M~o{qdK
z6;qQVDrYOwN?K~g(}}2*Q&vzapZtoXYK1dsO;9RIDkVzEc(PntH3Q55t#S$@m(u{G
z!ZaY&@Cp>pbtdO@x#5y>P1F1WmHfrRIYAn3D36y6CAHG|GY_X6q(SIe%B2dVZmeh%
zYL?<eNcnu?)5vB~3%rcVmAci4CB&T@I*LK5QzW(0k@bjqo;?&@g?zo*Xc)MfvN8xN
zwihOdVi5Gx$jE@mhj;ub5cD%LtYMIwO}Umb1yn+H(Tt*)Q5>cp5=P#Kafs#TVgBcJ
zgyCc5m}55YdG`kgzsJhcm(iBdvMc_|kN3aj&;Lh$lmE(}kNvOw3K;+ZN!66XZYm9?
z$3#AFvjrDgs+RRywd%hKRFMV~#bG1K^$wWVm1OnOm1Z{d70Z4tY$vuntE5syj^EZ%
zzS787FQDZEZ5OXAHB;Kn=5x^5j<b@ACfndQ(^pbW|Iy}+SDjaTlkXI%IJzN@04%0g
zP2@Pq!^>=)h#=xUE)=8nRAuCElv*ldl~-0&DpGV-iO5#N=!`H7d$f|^u^PW$XX4E)
zr8+VPTBcM%wal$Q-iaZ}g{B+$Mas2Lu*WG8c+_IFsgL>_uLjAfT|rWFztarq&~L9-
z(Vl*$k2w*D(<7`nZlucKG`)M$x66$gpXqA9y$H$8l4^5|`UigL0P`YP7qi34*utP9
z61}W_#qgeHNNP1{nLtm*qCvcJ&_!UJ6p{C^9}Q*B*EU}6$tY#tvL_Gg4JRs}szxgg
z;}!fZ(cHXL6DPWd_nCxJEy_mIShDfefIx@}zD@P7?G&SMxGV3ZJ!uvc0nC;|Ue?$2
z<&U~%nA#YvkU|%~rio)k*l{XS?p>kDFI8I98+83zAl769Y&0<gzgx*Km7*0ygc$ZK
zan>6VzW8EsDa!(sqUsn4RpTp_Ah}_4(3`CPi?MqQu569M1RS$F>DabAwr$(CZ6_Vu
z>Daby+qP|<Oy4_oXXZ{#-I}UX`(W?=_o?sf?_Fz!41m}U;x82TSu&VUKFdh2p~ayN
zvFXzn_a=9Idf{xH0}EBBzZ5SJcUQX5mi9lV!~`%LP|BOEDjJrN0pxb;V@Hg`I=!Mv
z;_`?A)O`%bp(-CEH3ip0E`y|L5_5*hW;8$5x0bMUB%x>ZEAmOWm*V4&KGQ<1-MoX1
z5>bS*?F(L4jP(;sb$G%glMfz*%I%#1ZLHSZGX$d29=$0?8C;6|2hvw^vifJuvu_3r
zfsy&9*xFmB72;@gkK!AR!u)CC@#$`o&ks`9KPWn^g9l(}rXut@C`V9&5VNDl@fCFg
z#6JxdP$El)Ibh}(d5QzWWFJXOI&GHEc8F?5lvEe_B`K$3rO-h@Z)FA+1BylQQ?l7X
z5ke7s7#tXWygnNJnDRI32tl$TRSN`ftq+5bGSmqBGgo-!{L82cLsU}IpfGiyDyu@!
z>qFHAz1S!+N5AA=9IP?PY}6wmR3lL+&whdO7cEH|v~SUJs%nC|a**}Clt$ESoak7i
z(PY`h56uqRN5=9X`l?8IK*ga~6rsRluS?g9QrxZe{G;h7<!j)@l;>&KL&sB^v6kvX
z!Lh80KX0>+wT5!mrK%Dn-c2&P^(>ONwJoMj*X$Bk-BeQSqs(neGA4JW+gSM!vy@>U
zSvlslGPk<pgHRXDwtzKNtGo<Bn8oFG<g71G!rEBCs6`$zqVx1bcGISRz=HX>E^#~b
zqGCJjqT)MbT@{oE%s~KhFMco308~XKAC~*|EqBE67hH6Oq!-nEcDP-Z@9S~)hv~W-
zCTRG+n02_;LF8pR*d-oto5*;XcK_tWrwM%4XHPoftn*@3*T`KFg@g?SBP-IItDzYh
z!3eSmD!?SsuM94qf?qqts(?BNbl6&XnvxYTjdP3X4_rb7n;Oo>6Vh#zg%bpg4F@j)
zHG;F$eai7{t!TE`S$X~NYM`L){Cr<$afH9+@BB@Aw!vt|=a}Retq5Mq%dX9>rqL^E
zqOG$$@dqcfBhM)@qlBJ`Y)n*&Ys%_9Ms4RJ`i4)Lgyf1)unLK5?CPymT&J;ux_MPz
zfmW0#dh2%y!K&a+b(7pYf$I47aV__d!p^|BUeYp&QG_7upaWb6*RIrBS0<DM#bh1%
zio@sju-m#U?h0e?LxMUv3~@tGweeT0?bxnQ!Z+c_Bx9$Oi;{2d@anGl02?<%CDWZ%
z3O^i$yl?UE<6cqW9*rnJl&wTEs=jgA?lmb7Q&kpuI6uIUfEA_J0Uv12EFyzrMO$e*
zKA^V`?ghJFPgAsaazCcrLs~tdkv~;UIdV20@5Xgy=p;{$r`PU09Mpeq*RFm&K2o?+
zZv8!nm*BtU&-+_`!+*<PH2shK0^fjua>KU1)=<ykVXsj;eT-~9c8YpIuP#5HTEnUy
z#<l~=p0)1v9>brt;AYWuv6FpDHK!ignlaidrw4tyK0h)$k&0#FA?e3W*Q)Ubd?=RH
zW1zWMNE)sY+Yep-v^|Be?eIF?PY3tOo_Nko=zcD&pii&+oW=4!;&K(5<MuclUuJ+;
zOT@PNbUInxBwRP{EXs~P{dAtDSXLc_|8i(exjzkDhajo4OH*5}Z*uSJ%$WCe*H@%%
zeA%)acO3SN(&;`}Ich!3u=O$fw7kE$KF38_vUd5k#&X<)o8H@_%YENqb>vzn$4D<y
zAxEA^&X1QCGf_@Mmv6$E77c@0D1#M5=F04wdN>V3?6Pr55sviB*yJULB6jee3!cA#
zT5GABwt?2DX<|W3UE@LNT+gt=>08pk3x0(#;o_#I9!b5~IXF?W^L`pj2Q6S8hw*~o
z$Qm3y%`(%Ndu=bHws~yg*DxO}d?Mu2`TInLp2<{DZUUap_#4}(G*7id>(|`p;<ci*
zO@B0oMV-V{gtw|Jo6`aFJ5_+wxn`gTq+m<#>y2e8mCV!FB><mg!ZAoi=W+bwhJC$C
zM;oG2H%cS@>~S(=t5lKoT4CVp?D;UMe_NKVeb`rJBD&et%h&!}v+a8^<CVAZ<J6^b
zC4ek%PFuU*llK=+xMOO9^1Q0l{mL8J*E(7E{qJ*RLZ<ARJg=+z`xoEQiI;t+#9-IV
zXhV)tCN)$urL%iiiB|^Y(`}j2N^@_BY;JkBN8{pxkGf+MY%8_Whg}HbF6K=Ztvzmu
zXK!^|XUQ`gmk;QOQ0FQiR*|SDC9masr+ZOvGGCwbi?g4Lgv-knE+!AyyxiT}LVq3^
zTe_dUMwTfvt~Rqy<8(`W?1--RXLR<3kf?dN0~lihrSpB#G1`f|oqI$q&VDOnp*>k@
zyT7)I_a%Xn>aKM+)IOR`^|w&vwH0KWMpLVwyPBFt6--ABnogXV6j!FQC|S`s@)Ek6
z-UVjYvB0tn&}^?ApBW54=hGRRDabr{dWMotd#}&=af4PV0kpUtbN7w2;hQ!zvTCVl
z^~41ahn5mfGrS%d5vxQWw3tV49iDKj`>t~+<r#`C>dYl@<0d~ocr)WwE*0a4@(p$O
zjlRXcj=n9tF1Sx#J*p<iSI>h}q8Pog$Da;Iys$FPRMaXm{(M-)7>T*dq*zldJw@ic
z5;)woSnW;ToRWO*0?EGMcDbl;-|X7Qg|ofLpsN3T$l7{5C_g6c8eChJmEB5lxhSMk
z=GM_zes2VM_m7EY>Oh#r_I5mA+x<XWw)An9c6@|s%hyp`IPc9Oik7rdJH>*f>iTkb
zzsdw{TiZT5EtX)d^f6qkdxMPd&c?%4I^tjhEL`F&S(zvbZ`N59whexir>`4(PHcYw
zaxclVQNm-r70vq_R^L^;8M;+_606^nd>_heKKeIPLY<pqajgMIMrJdyEmyNF?24T{
zni;;9r>bk&hE*GlS@uWgr{&|>s(5ae1NiE^({IX}S`PW2-MS64vP_qp#n$`9pEpk$
z(v}Y$@J5RuoLV40thB%^c0fm>qSK9^97kPuZ?7%UxJWxNIo28L$xoe#%xhx`fM(^U
zn7NcBQK6vPOWv$_JpI4}ZeyFFvCV8+`cE#Z=R|k((9u(I_coDy)BW*>;B<w?u6SKs
z!agI1Rw+~y4O{`EyVx!V#V5Rz+3l{e(@w~Sl>DoLwkP#gt1+<EMrABi5801O=h2$Q
zc8zVF!67NU*0V|F2uA@@-`}yS?)RT}{b|KlA0JCr&4X0BQ`=9c2c@lZq|YagEDPnT
zDYzSWsoe&`xzl(1alr4DE=I4|=x&3Aq+aGdAv_4@)$r~VyL00#o+`*u3LU!KpPQLI
z;rhHZ+gWIhgp<;=PY!CWyJJ)UnH0#5T&Iyy#J|@3B>ydc{@?N&{9FEtz<=a_{Q?3i
zQ)vq=oOZ9dS~`C)ts;Ahk=SCXw(vc8oLE+5ZLY}BsF2;<b8;$m$CE`@%*cmZPcR@0
z$DNGwY#`kh_}F4)6pd+ZWV8s_pMdEteSc?Br7>s5_N+DkEqVHKLWH-8T75;bZo+bY
z!_w5}v*bSCR;$C}SZQ@c>7%0%kVa+1n4&B`gtNS*kkUnj!``odej~hrcAX5k#_K-o
z4zsVLq;9oXZMj)Cmie?{lGE8%UIB3MkQp6vChHDB>87>6*c}*8b2blmpw{I7`PZ?b
z8S~}LL}_sm0!TYksoq=Z7iG;tlHsM&Wz#DZ;xv~n--IG_-rwI3OR*ZRBdR)-S+ARY
zjrC1+-QihmcllEdFt!NKu!-w|YjXy$e0wJeBgjiW!|nc5lQZJJ18nKe@osw_=3LNI
zv1Xrl4J;eKG+#Ze>6X#{Tp!-7<n=V0kY0?Po@aEmF@0OHZ<KBxj4)-Qes@w-<GWut
zdPGSXJKuRJSOMLBsBZmX+uXHHyewY)uFZ8yYNnG-&BoMZ>o#h~dcL8JT8^6e!oujX
zL*FcaZ7#bmJmp?#b=YQmW~clD#tNw^g%v2CJTA%<@J_m}2zlyy@9DeZB4+nhoD8P!
zyFnK;)-ND<nEL^NoAMG1u$Jtbc+T2lSQ)p98vY(Z52H<B1O8AVDxgE)w(_H}{4SiC
z#NC>^{-r$YGbxRr<N@A9!Z=HWQHvw_pmgLYa676XP7wHgIB6hVSA4*T<n@5O{U-lj
zOKNSh6fgVXu1gnCNai|W>vR^^?4oRYsfqywxg620jJwtN1dxS<V_KwBYm<0rpPV{-
zK;c#OZBo5EeH+S1(A7!YZ6mvU=CarV9!^*c{=rIenx*Y_Mszp=+YP_+X{h$;UMPn7
z=%sa%)1JTz-?6N@T)&J4J;g10C8cX`@M!-&ooSfOO4U_Az-VsJ7d6yBe!mg|nj51^
zqMg;W$lbEr>FB!6{Z&*fZJEsFqx2F<qpq4>ZK~?=XN`kqg@wgKLb^NX96ZVBf%4SC
z^{^PI7(WNu$+>svUfsE>_VY6RHGg#i_Bn+Y@3NcrD=PmO)c2-X+e!ek{7QJ;`qel(
zqg}S`h<pgQzAgPu(D&tIl_&G{T21F-VnQ17=BlM@<{K!8gOKwzsU0$#+t*R{-A3-*
z1iVj&?(uT}?W}(&2BY!Rr8Ksgzp^ash#v!26`4TCM7)*PNULGaM3HwONh1Br$xpgb
zhN2FqT~+<S-Sk4^ljX&`RQJ}=?eJx8r4l%B`tDHp=&v*1rpE-2`@><;{s2|0BreyZ
z)nRbn{w8-RdsX)~1%S+AlC6QVKr^pwtWQ5ed#iKbRMxLe2Gb&)ERMmK@d3{-PLpAG
zPYAU#bqcZ2)UVPggx_8-(Nf!?1Na%m7q;_Ts$HkNXjz#Y%6*Rfi=PXZ&x=c+oCFP*
zD|w8=d+o41*=?O|6fvJNWd~Cz+iP(49Fs34O{Db}`}~)OSaSy{Rkp_?S+pI7fvZyN
zOM`u=5%3lCHS2|Ln|iCI!~|)NyPdMUD$rNq^}F<6Y_B^7aJ<RnOR4+E)s-EuH7*9h
zZ`U;LlJBdLL@Yz*(05o&wU~eQ&dtT>hmuZMu9@7%B`AlW2IVLiei&yLhSi2)lr$T`
zSz!UU7U5U%LrZ@ECz%cr$kvEEHQA>RwxtSZ!)<lD>OU@QS+Y1Dw!;rMoeuh}s69A8
zrbky)HnUJFJ7%-hE_fPb#@~!*>n0uBe8#IbU46Ebunfmw|B9^D?QC69vsPCyG&t-l
zpmWDjq&wK;=J}e7=j*K-&<58og)I(qrj4=g*ol97a9QCBRrI||EInyO|H;*<qRFj%
zV-a+*hX&Xn<GiA7L*-&TR=O)qQ?Dl-e0_oGn(4;I!9l}oXi;-Ly+T#p!WEybo5%js
zlY{Dq_h0f;{I~oCf6K4`Z~5z3|B*kh9SCUmo%G)JqUZw9obG>wx;ebTC0q<Pv2sIV
zIQr<B8GK4|KjvwqSzp}kfqU(7)LSpG6*2lPq5Qk)gS{=nR{LvTd(1P+cBPb<m+6(2
zC;A+*g+V6Rw>X~2F4(-EZmx`;#^yKbU#@dL@m3BI#}z!hhjf1`tx3d`(hBW!`S&{@
zDhfyX;z>Z|0s1Vc9RxVMXrN@Eq2MmCR%;cp96qf-9ecRD11_XuOL&~pJJj$Jf%#7H
zQlFxFa0Gk{vP$ax^ZmIy$i@~-BDrEB&220Yiu_4d-hxnBw`ChsaTo=OS%~TGdFI28
zGkkS<4%$_GoxP#1Y4WXk>#}YEDv6ZMn(6Y5#unPD6J*Ckll6+0oFE{U=|WvBXu7%$
zbVtaFz3h$Hx7_@MlAQ2XzI8VfeRHiyu-1j}LG(e^pR;)`R8ud{%!_3$>dncYfV)w7
z3+a+|jTlZOnjj)JZeAZ2tCa2jIW(HYv5$Dpn?8Z8sx(hqTrGQlK_zAT^QIe_w1`>j
zB1zd#?L~k|Ve6;M@x?F<p7!%XrROWX)4V_ocj<e8v`v;*Z}LQ+N*vnFw&C-I>XiIt
z^Rff8R}@#-{eii6!?I%jn5#r(f}0a7q!1qG!4HJmx4G5fH^}L((ciW@<|_jZm}*wI
zrUph#W*ZzvFrtYdxb%^oIk&<7P#pq`dQ3*9CgAW*fo1Au3yus}cla@xpueMc?6K}J
z@W;b3$%&Zi&_V7i*SK4E>bnWiJ(;TAPBPkwv){VshjXCBVPo{e`R70)AQ-6`uVKE~
z+_a)%*I&UdVk+4cT_V0<5<e^vOCk~VQ}|B{@14thm2Pl22F5o(ZD5#km{c2oC}a~f
zhHtx-?=4b40tBCY=Cdmi%DF7-8dKhZ>JN)cDYH`_iLf*oNWmI44<UK7YA<eR6U^2R
z47(o#XehC*mR>(Sdb-XY&I8ZUet(_e{;U=pF#$LYCd1YTZVRcgjWEb4H=!Z}o`)Q1
zr<1tfb*H#UHakAGT=_qW(`^A-8}EY-HdK^_T8k|3PMY^apHsvUpdeVPXqms+${pK3
zNUGri71w#LV|*q@llE38Zlcdm^-uFV@2*W&mNhN2=byZ_F+I*RSCM4YgI`^;4Ghva
z*@??x8DzoNs;oND-1P)g4x*{QkO+O-O{LbeJd>PbpvU`2_3BH)ZdnP3R=#DRZvzGE
z_{F<&NJB8!ek;7IvFF3?0i!lX6~Yw5FXpxxSb!t?dD?5N_WhOrk-H{<l>y|Ef;kK%
zxm!$J_Lp#vZPDCQ<#R)u5#qP3j}O*M%w*zNoQu8Noq(+S)9zaLE>+V`XAXv856@JM
zU|E4NO54Y!%3K~*;oq7^07|<G2Up&^miN0^?XPXzHm46?Hbck3p_FEnb4F<w_A|QX
z@-+jF6z8cp93R4?Z<lnH?<z?}=CDcN!7P(Ayjc^q=Dstzp6@(%G#{S7PVdo@G_igo
z+1An@f8A%%UmM=PaUW$MXCB*nKDm9x9Uno6a(ykC`6y6!+5YscT)Ho}Mhsa;iFUz-
zv1{^9vam`*>C-#zDwDJ{scGn)Q>6%d9T#Y(n^!r|-S@tJ`!Z=NygP*TI`(=@S{tMG
zxixKl34;cye8QTacBX}wPysxzGg#PI1@^xFSa-#0^0n#mHU$9!p;}h@e}|+Qe*P1Z
z{*yWXE5QDDM4jQUh&s#9|0{jYK>xq5Wnlf2dH+9>=?o12`y9*9KX?A0=NSJv_ur{?
zW(G#q{}se$W?}ou^nV4hy*&StpXR^iFZ^46y?@K!eEyI8V}yU^@J22_J!`zXlVY@v
z2>%EZH;L3r71|K~mL|5BObCUzC?W8xOb|<{k=Qy$M<7C{5&NMi1vz0xLT+!yQ<;vo
zlMRw)QBk>bClfdR`16XJ5n(Os>GQ+KH*@;^NnL%rGuwOHvbytW%@Befp%LU{f!T6m
zrk7v2(=rTjMi}m6VyE(y^UH6iR>;^EG0YO;I2s%2@nk7N=$`PGf+##Lqf1V<`7(Q6
zRH50y%m_WjreJ*4Bbh-1fAD@?$gyiRMwVX_<*z>6EUtR9r-DPG;U6UVJiN^ATiE9j
zG?G7LrwQ+LIh>yw(iV3++mW34z2}GL!^cb#0yT1cS9MMruxx*~0qz~ag#x$8ED)46
z6qpY4={{}vG-VE+X@v!PMEu#Ndp(Ee(j1RmIp)tOBDv#BHW#o=rD-Xz6xdSD4p`mj
zvecP;T~1{EXUV$}4=a5s)72fehnK;Sq^C(>MzXletz-<jMqkT6R#{UfwrXwEspY2+
zN2*CFI2GSz1f!d&ek1R3+1lunzH;HPmWhQ_S7IdTy?lAL`pjPRSi&mn@IZa)n7LsK
zY@5Dd;hmvnIC#a7Dh6yUqy%}OAxls=5U<%klq)=VcVtQ#v2g33`IFLQ$x-E%5^fkF
z0yJO=qy&~@<W2Llj!erCc1E$X%t_EzPfR|Q_6gY$=_iG)&><|)&f&+>;;XLn&Fh#1
z*mvf!`PNUtTH<0N&e_s<iVrVxtUF@53KB+2^SGUUJvp#>3l+DZT<<GU79o11YR>Az
z<lidESdwQiDS%J%MNv}nQOCE*QCLG9E8@`P)2EtZAI=$ZkiX5NsVyU&ctg?@8!e~>
zVTPI$9NbV^=W3%%Teiii;8%mRzMt~9CBMm2dUyv--4OMS!skn&mtbFxXAR{Pjw=Ow
z;I18!tft3QJ<gHf2Fq{AjJqXcHX_2>9y>iCMb}OVNe({zbOUM4t?oQ!=a>q^mi?s9
zSbZSL9^$&rw}>?UW}*`9;UHDGW2d3-74zyl^c_3YMMeK0fxz82o#3v7q%kidwjeM%
zxANx%zXMOfajt@}A+oh0*_)F?I)2rW^+pUlpU3`;DGsq?>=ab-ET3!6qv(t-gGx2Y
z^nNYZYPr3GHfo-<dK>nAV#f#@#Z%t&VfgY+Cvc}Kc@^I{&()vVkF>!Hck;4zR;Cy#
zLU-t5@(d!mE!d2iK<=FrvkmcE#p{s?*wJp1h#fP-h^OEqXZ9Mj)DD4A5jA2DHP^er
zBT0qa>wBtu-GE=_T~Oo$<5;y@w=2PzBJuo<sf9fsOAb&&n;_)@Mit902hdql^X5cO
zf@33O?AeK2@fs@wj5+O$W<UoWofzGJ%4BoY+wrNgxu`ns9!3|4ropA_9_+Cnw5v|_
z7k$~7Xj4oKRmYt0i16MH3q0xH@DpJR%=ANitV|hOBPCO1L+pV~_JBTfTr8kHxJq2i
zfeQ$pPXy72kxwRdBJ~+OYGRRE6H3v`n}V9>-ImOM#N?ASs0Z;WGLXlF*s}})ScbT9
zEmNf(*%4|{c3LG8#`&EkV#-J0UPEVT5`%OOpb8q%MP7%5+tLvEn{$MSMGi28*+t?C
zhUEEv+c}(CTn-7guj_S;6SS}As3QFk*`fK)l<gr$eO3)5DOrcR-wl3`Efc5*ZJijn
zv^@WNA?`|`5>ifcEkRWup-B#YU$bJxYa!J?OVuFMHD3W?xZjN&9tFpp%8aC1h+5PM
zxifc>Dp*ld!1;sL$@6=2QL#DBcAsEvTcK7+<C?%@4Q52`*V??;fNzfP{Prn@N0d&U
zt2vH}JH3PJEN^X>Zte$>1n+sAYVnJ=a96UVo;h7}yILcKrj<pEZEv_0|Cl6ULW%={
z>jCS__crpH(ibRR2%bLK!0n^y7o;qZahK?E_L%pYv`=<_T;Wr?!Jhy>-vhnB<fs2{
z`HTLRU-#egcV_=1zrrLCkj&1{ii^X~=cXAj*r@D1)0S}4JF|kyBLmu?tHDx2|AS(Q
z5CiNxb-2;-PLgb(STCKR!jEWNP~T7m%NjI3^st8ctcT$jTAp8VywkS%9pL9XW-#8j
zU%`-ux|K3)c~BR3Kpv2Y9^cY+r#WAAEi%W{@UMR3b&vYmq?gl8axP~FTe>A0k${f+
z;I1+StMc;eyt)ZS_r0;ede;R%;VSH+Ubv>&7G)@@^)pj;B52TT`wplb2ELZGc8J|C
zyfa<Qa-NE7e3t}4y{uWAfu+o|#E+ZK!RnpyD<%j#-@!|*fwK*SGhn_FsJbv_t~{!K
z<;orgWcAYBvjYP52aUugqr4ONZ@s=z=-xDUV9|5|Q&jNlhVHU<h`zr-yja1{@T}!_
zw2GeanCYQ=!&+|xdjw|reYRv&gI<DN?vTBl7@M<-^IL=`)(fA4-s;Kme2Qh?b=T-z
z6Ns-Vu1H7j+Fz`7e!wmF!*xMSRvJROh!E>etFH-oC@$)bSKrllh+f)<<_QUlAYBH7
zrFZKV`ICRQ;o$Y9W98-a36t%k9A)fx<@nI)dOI+iN=Vw?)n|uT9j;#3MUKw7*IN--
zIfh!9eGNDD3zye*pk-=DvMT4ghA@~ggMF(>tUe^@fMpVz{Zj@cF8yG>uiSp}9Mavk
z?qi4sAmoM6S+oiTVCr@{`WixhSq%eJ$Xy#^r14*0DvDfFzNjD6=eMCUD*CH~cr0%<
z^%J=Cm3N#0C3{f4wk(zB)%H*>rOW9a%iD%wMr^%;cLTlFgm}dg+|@|HY=?y8d_oaV
zT%Z)jAGFiJ);TtFl)ucXx;;?56hcX=<>%(@=BkS-c{rCdXLT^WS_cWWgbcsI&&Xm|
zc*PATR?lJj$gw?GBX_{#P<NiNj7Y0cODgs9CR3n1Fu0seo-~0x$1SZ$>ylsFa8~G9
z7D!A_g>5cEJhD(t+t7IxL+Yy+c3%w8p2sN6Df%ePn%;;!2^`}V7;Tu#$V1y8o5%qT
z84me8LW1YeU1-Ue-+_Ab6kn{Gf@T#I&Y;L@r=j^Fh}qs-tnb&-uUFmhk-T5{O}AHr
zxO=U&pC)3~R-?4;|0(d}ooh<mgIiX2*JH&ey>=v8fYz0G_CpOQJHbfAiMThz?1cF<
z)qZ5%zWiI@fre*cN(ds6-B?8qgRpY!48jg*&S#6M_#04u!gH@iMQ8_-$<F0B8xu)$
zP$nzb7MRYh5S_zsXD6~Z7nDjeektJ@26Q_t7;x#MqZ=5BQo6fLMlT{QjrM_N6dHS7
zhYHO-;0=5aLt%BGCj;z_f?42Y0}{eAI-wb=@VHap8xh)Wu6s|A12|$^n{&0UZ?#B`
z@PtyJqda>JE@d>bu*I~^q{o!!J=xnskV@GstLbHF<h*FN8?Xe;$2<Lv1M3mk{hnaC
z-8kr`gc_{l9y4WuX0wi6n?0JHSmeOA+UzO&tu)WZ->Gha3ufTS_~@pob9)1KClTGi
zorl$FmOUtz^l3(dv3eCU#~cp1+8EI4s`{mkV%qArfh$*Y4K(Gd!+ip-i1)a^zkkTT
z9C{~xeoJ7bRqK&qQ#Ep<aw!03g;`ZZR#A2M_Th;pEzk)yp|nIRnxTnrTnvTUJCGyP
zz?oH4_8Uu-yH+rzJfWQC!^fQnzJ~`h=99+OZd}hbknaweu~$W$XVqzI)jm6QmqeW~
z-hjQ*9Bp)y>={UgM_KTx9?~K9Q}XHZ7w3*WiN5NKS`+ci681%;+=STGnS4zkutm2B
zIlI2rjk3cFlns94jWo{@pa*Hkv@!RAUHFDgC&*a{1}C)nk$S8ArU~(SV0$+?9wgrK
zgSBhYlE#Z=!f?3kK>Ew{Lo#bbV`Xx@d5uclgM2PP?0kR!C>uj8I!NVZ<rzcZei||T
z-o%(HA%j}}ej207WcwIS)fX_6DVY10{7nBXfAQb)>-<~(e#L*}UyK3*VvP58H9D;o
zOI8_sW)D87Ey)gVI83#?RbIHD&x<m%5t+QNfvhShKMT|2fiAx(+4C#sfl2ge&%+qy
zDChT#>O8ZukTIG77B-C07B})Tj0B|t5yk>ITv$Y+!>ZaPS-5tzrA&WTvICa1d}OyL
z#jZHqUE%w2FTb<%(PcE!bTA3NeuUNZAV{>`^~=Au0^f15OC!2r5%-Vct0Uoluh2B8
zzkOMA3Kvof9?mWA67?xUhks8N(H)xxv&;5|c|QWXxP?>O^EvUw`|6jR>w`N)swp;a
zAsA7J%PVZgDJ}f8`}!3~Iwp%iOjBGru_F4eUwClpOx6OkW^x=Y@pgVnJL7>FiXgm)
z98b1{vEV>tOR{BxKMj)Mm<hN0gfnEV7qwot{;K4*ht^7ilXJaG5!}z9)!(@~<^RCi
zIL`bQi>cq--lyXVYF={~R<rx5H~V|X?chmJbD6JuI^P7CxrecNFL6Bhw`~Md+MINe
zmX7%(O!t|MPpqx*=D8i+21VY^`ukO57g<z*ezSqyp61T^0RA=kqMi`k2zlq9vJkQH
zLh#^YPITlVD>-nNE1wa)t|qYaACu>DV^tm0;#9ef&Nar(Hxe8H?K{V3Dz)%!Hxxs!
z-OdqaKB~`eNvhl3zKiA0?q{mOUGIMyvfO36FY(BJoUKFbZmdHmlD$!8x`NL<F){_L
z_Z}0!q><%#@0YOJA*e7FoGRWK6-F%16e1>O`!TBrF^dVW1J3S6U#npxb8)=c!J2n$
zxWEf~6-Q9C-DykEw`!5jo6)is`3pq(TnX7?M9D8P`YP=-d8b(^&PLM|>R+(TR(KA1
z2L#_e^ra75)uI)5DX9XJxsVTX%W1GO_$KEIhXIr>qNXc%Kb%p;;R)gOp$z6iR4LY~
zcxvxgUEJaJ4~}ke^EMl>&LcV_TE{y%AP-IZSw~g7nz#lJN=amar!Svae16C59_=dW
zXo63b!q7f@g-_kLA~!kllmzVC87P-18q>-gD2!|f$;S#Y;6c)W{Z=`6Fozf)E-?RA
z98V~{4YoAjJpm!(&6^*mAqTrb1%eErfd9h>`X{<un1;g7pF;ZNjbI`2P#w{B!Ik7n
z?)dsWOFh1Zcp;$c3RHT;!sxv6oED&w3h2_-{+Iq=eOXapLvoyY6#`VkSYJWbi7WnV
zpqEDUv^}2j=*2&?4E&&xEi*%_iE5En{eJr&*W7agC5*sHsjLKZVDc)!3<9@PUWnZG
zTqWv#07WcgtR!If==5CYu8Q~YBz}`pUP);~-|k%!yAY+|BXb6Qg3KxeUcgC};r63_
zRJVb61cNKk>5&RnUsz`g^j?Hy`=#I?SW0IHb%TW|Vcw&^0G|rVCA}Pr#HO_ig$aZ$
zemb-~Lm!qu0*)<>(L>+k%SQ(ZGE9jrx;msfv(ww-6%5V<#^xV_S-g`XmMPZnw@lHI
z<q%0%J6#QoI%lVc5cN~WU^$ZMfb0gbSdO+PNCbmyXHz0mB;UUfrdToS7W_)n(4P@`
zOKd-Kdbc_T5+J@yJq9@ifg8F>0kkEx3^MLFTti0+ay;kU;|^n+dmfd)f)d=LSqjzS
z7w+FYYqWpu#3>C-TY$JjxU*dYTMR;FhIs=Q?5a>|4`!M*z&roFXOIchjrE3cW6TC@
zOOnz58JM?F;tk0ztgny>){S?Pg~z|K1G**B27<Pj0pBKgXn3XD(GQ-&EA<F7R3GUG
z7*F{Heew@|no)vm_9Q&~&7i6jTGFslfe&aJU|RWhG)Y*HW;mO`UJAR4PGmRcZR0Oc
ztSVvCbJ_mqC_JJOQShhkZCEcLo1k8CSIj(qQLXSV@qOQwpf{krvRP&kb25@a%2AeP
zK!<!X6UO~Ck-MbEqn=Mtf;G*-Ym#xnmVlpoi+I2`WMa_o7#D^kUG?!)L0sqdd$j+O
zpY6ZpFZo-3?SIQZ3i*%xE4DyDFz2Vx`#5UcVZMdRJ=_hLEhzwl4(aMy%$@TF)E9^w
z8jpk};BAE$7H(*-&@6_n0#}r)d{e*c+4`Q(9@Z0Y4fqef-Oz{3TMlobX;64_E-^YF
zc=@DT%!=lLm{XD+G8o>%?>A<=`B6PYFkd1Wk=zfiWx%+FlRbtF;BJ{ZEC85x%3D|u
za5sTn@wGoYv)3xHT!lAOWsGO1cnvr&jeYYCpfBI;&??@_du+|gZYuh&%~EQSe3ZCv
zAlJTs!~rZiB#x1@in)7W8_-^4ci`U8Iw3y7w!i?IyTTshD>5m_EHmppA|AslA|ZW8
zEZlsn4}M>C)*gF!ET8ZhfKcf#yp@L}-<1bmt2f^y=`Y_=+3C0LhEw)GKYf|a+rIS|
zeeD*1iDq<Nc8?V$yj93JcwVzQl6iE+jSm*|bBy{XFeLDGfL4qnUyNlOHk<0(XKY2%
zc{x40dalOM`XZ=7-TCx4s{_~A<ZXXCeI6e4rsU^~`#8UJpT6Qr&L+hjOW@6HuhLc8
zT4d{Rdpcb&F&9cY#OFH}4+OomL_fi?SXxCEdOIn#k2G0ph&I5$!+tl%z(z)&>ASc#
zon!7zOti*RGIJhAYkPEik0ltr+tdjP$}@ouwxNoL&{iL^rcoNKP)&BqJy<B0XyYQ$
zmL_3eI3qT7h-Y56alRg})3kK&EAbk*o~}bv+cZ`3Y6+)Pz117AW>Km!5luEx-_$aj
zbb(J-)kxD$4L&LZ1!cHQBLN;2SHk)6%M9P(s_AKUal-|u{FhnAZxxym>`4CB{0sHf
zE0-r~c93S&6m6!#-<*`ZoK$NjRAMp?jz>nGwHX(nn*?ymK@7^QHr-Oq-Dg7_+EXFP
zYUK%MR4Gd#3ii1~X5rovvjbkuDoXh8P>wm<)UNB`WQ26xdABzcAD-#QB9=+3ar2dT
zjdgdp<(``*A4jb$Vc_6qpw7Y@IelaNCms|*sf<J6TLXImUaWK?DJtwp>{Qbq5*Mos
zg*Oo8?ZMtToeg&(0@Tt<g&88-7Uf~#4vV{Hkz-9NM~CayR}W^M{PHUAXHaF>-seXy
zw3h8uj`0a)g8f_pl{OfAQDES#F^NovrKyy(hV1zn#N!S^Pq}hX&CYcwM5E1yGNp(T
z3Z)JXl;OJ+dJ7J+z2Q=>%_Gzm-=q^x>$=vF(JY!(vdGN*J||dJi;&$FKlTKs6Cx$J
z%@vpr-uG-m`!`$bl@Pw9Dkz57_&T2@WYSfsiq=g-H4yl`5@A<SQ3?wAK3Foec1Rj&
zDTgB34V1c$HzfvVnGYoFkz0gwCrY0W8*r%{DZSXG7hx}F4rnYGn_V*YGXMet>kVVH
z(vFT9U$NSIqth6M(-_PI+v(csCrQ>aTPU_!9}7iXwiBC_jJgr1TdBX6lxPzj3>5WW
z<M9rb_HT}h6Fnp<yD>CM6;?P#a5UHk0>Ob<)~_p+EWOAqOLrWYuYYcuM^kOTYv1||
z-ULuGe^ZM=V|PcQqynuP!2*L-QfD8r!BJ9IQ&+N7LSC=TeH!DS(TS+e{H=YWIjdo~
z9&h%XQwW|aL{ZGI3I4sJ>Ao|+Oxx=^75ddVS7^!e{>~CCVxrF<d=V!uMb|WVQn@sb
zLb*%*5bN+KQ>RF(vWgRqm1pqSqH=&ow$^yT+(Z{s(P(2|0&3aZ4Y6$?l2-NNa^&T1
znQ&}Tz$6W)OLeTiUJZ<;#)H_j*zB1(iyM*~uUfHqkArQvNNtZ(jg)rL-Lm=m==Unf
zZun%1_1L=a|MPIFK~vkL>{(c3NZqzo*Qz~yWy+Y>Flpo$+$5kG07|LSzJ(=o7c&0C
zMWkf|Ypa^3^b`#%eir0f%G4i1P0yy>5+de8r<l+?ld^6srOtv;!GLkiyqvyl5q;4j
z(t=sU8Fj?W8D&nD!28dk^g(&x?>s-(f6HI`xBOcFmVc`KANe<X{!C`kB(qiA8aYdk
zW!XX&VgP9XvBti#sMY9V#jcJjKgDgQ%9q26C}O41Dn0~Gp~x(-E9i4b(yZF6SMo{@
zFD`d$W2L1p#2BLd7FQCrG_>P`Q64oHQu<SMe2AM#1uM)IBYGyJ%&vt+EqEE98&Mx_
zESLzpsPuZpOz<`<*bZvTm`x2!DFJ1j*^p(6j6gPrH!Ule-bi0c{YSi%I)n}+PniNK
z@ObZgZ#w0u1}ZsHVy<yc2&{EW>^`BiqyHQ~Xan%bX-wUxKka1c(TNZRnTLabicG`B
zz#UsHm(1OACSUndL|cINpFz0<D?u*ta&*x95(4nz8VpxQwdvB-g-}5%w&+yJBiGF4
z^akS6QWaGB!7Bo-I|4UWcEKwOhA{A>zxdeIS-`mvxuCV+bYQo@SQOjHhEd4pgxgpY
zA{U&@T#F}VOkGi)PA;L>HM#WVl%8WFGa6-nD3WQwF8w@^L3bdNT6{)@MV0#vwg$ch
z&jXVTBJ1}P5kC@4>L>6ck`e{4@)h+8kfmH6Sc9)IMnV}5tc>|mxRkVz1mPB<JQ;#9
zQk)0!NLk3lG&mjT_1%%P+}H*`g(+miB5=Mma8bD$)K8UjIU<dq1%a+i)c9FQ2Rvwz
zq87Zl4m^i;U5j6_8EoL}r(1~QJsCZum2eBti9ixy&OobtDnC@@B6`ngAZb9kf!gpI
zkQ>0t5o$+k#|cOu(-+G-mg{sZJ+03g%TvBw<iRMBgR6in<{`-R-BQ^piIh%Sg23*(
zQEcSg>IG8znyN~|ddWy3y4mSpZo_(Gq`pmMqjMP;+~kDyQXmCdwyrELA$+6}xwR6x
zWfHYC6SbrewS*G2BoMI?MZ&sqfzQhXgQB>ouJGpu|Jf)}jKJ}tS)G`1lUXrnCweNV
zR5?yxX}4-L0dw`(s(J+bG}@!8)wZ5DNZ_Kl&C1EYRK}s1QS%A=SlyMl^Bwn%?;h{2
z_C@<L`V#sA^KJL7@C{<$z_ze4hhu<DoiyRCw?Q>w5M96=)`D~A48MU*^3SG~SG|>c
zmBw?9Gk8_jt<TXvuqizJl}QiEKCI1~<`7<a1#5WGi0#L?XoNR%b%Q-NiiLi9wLen&
z$STsVh{Jw`+PZwC%E&9{$J*S2CaR+2LxaU&Zr|Xfd;W{v{PuHpt0sqUX|#Ij74QyQ
zGTHGk@^AyJ?+t1E34-h~YyTSN#N^v6MtvpfICRji+ko8CKK@IeV#NQTpjnelLHPQj
zf@4+`0{qn(7=@78vq1{JWQ4LsE4o5#x{N5}n-Y87n1fMgnO5Wp(fHtKk0Px|QbcQ>
zmb0&>i%R3<5!JkI(y6a;nz?FnTG5!)eex`qvDM_*3m#DhrQtpAQ#}KHcfQmHUGkr4
zlJWl0UpIC*-}eO<(_jyjb7!)&L1>-m(o``|tH_%)&dC$t-E9$Wg9j5Njn$MC#zQYi
z)UTvGlN&u&0<w?W(MB%xpDHXgVt=RTcJ?U8D>F_oQ?KhJD%ZH%$sd1Lb#l$FZa<q6
z?w(PLv#O}Su)GP;9ofRKhaB%>8Tso4(GF4GmAE8GGs#o~)Kv<@8qotpZl~W+si&7Q
zvkIEX@?0-W8@^S9#4GD>w-{)52@5e^aS(a%EiG7^v|eKjE0>kZL7rFhfyHMl110?6
z=R05cL{?UCcO8T6fh!;>DQU8`>*9?8qpZ7*-Lcmp?I5N7_=ia>LcvtCnwp_`Mv7kw
zC01op63PTYW0A3=coU0g-{DY(f#WPg3bQH*W&2xP`Yt|versK8q(a?}R`puqXf{wT
zMttBylR!Z>2(Q>IlwpHG=86&a<K6Kc+7d%|ZST(kedMY8y5mt$?!2Edp`HTi0+0)?
zrFeoG@IEm*_-MiSpFrkPnX)n-zie^?nU-E~OIbY9rxXw$3l;L^y<Mx~(B|eZ{#x_%
z{kQyOf6K4=Z}}H&|B>J50SM@o*^<(mxSN+WGhLAP`~FH=yM?kB8A*N;mq+5-oKM5b
zDpb$Ai9UkN!dSj*gZL3~e)%ov^0_U>-~%$}Ab~egr=)31piGo2hGeAjkcEZ#F_UCJ
zZhi(mQsa;U!DQh&eE^Jx;Cl<-16q6J`+{w<WNcf~mOdnM*$>=JvqS)6WdX;U`1`3L
z$LIt><_O9M0^U#g{;i?TA-VjORN+;o0EbeLR@CVIZ}j{bIo309tX{Kj6TkS^-I-#J
z=B*o~KC|9`dJAONl7a|jp_g0dn4MMon0J6MXo8A&35%{yaI;5gd$D#CADwFS>tx<=
zG=_kMlAl)RD94`GH-tUSy*~i2edu@x*5RP~Qp+9$cckL&gubf#gt6Y4>m%Y>rn`g!
z+I-q>V-fVY^gH}~@=LkZch5=nzgP8oT;*5OcTZ&woPOlm{UVNf%n2D9!X47f-*B5`
zlX8*ZTLt`S@oml)HC$p_*lxzz8Qu1N!u=KxfTl3V?%9nEPP*huAHLCwGyu&$gqVdm
zPocCyX5RBVnt3|ie~kLBiK)rD#FS;t6iL}{eL=sae7=tLX=DIimA|@T;4r8o!dpEH
z{Ra746we1cq84r!d%~4ujdv_1N5-U9tb_QQTlaWl^MlLV*bqV#BbF+Q4T}e6f37BG
zW|hkVQX+(P{Pu4u#cfA#jn5?m#)jh`-s5rD{o3y2G5cP$2MSq(^{=E|QMRE<x;r!-
zzu|99KWM6=ee#$O4t^vI{@x>~6}~_T9e|E%pl|8lDA+9GF0h{6TJD+?d?fBH=h32D
zuw6t;-HCr~r0@1Dy(~=oKKNah>B9VCE_IPD-(GzGYDh3D8_R!)cAr>lwhG-4Sh^n_
z%>dv!588nGc1t+qmMJr9UhxVa8$3kA2169Be4ZR;4?jFI+;5x?LwSgW{{>UEhq=}J
z*pacl=lUYZ(`Rb$ZbQ@N_oj~)iK0j!N+y(K7a_}cJSf|eOlH2>h})u!Y{2qt_H4it
zV=mf|&^DuazWG4!(FzC=XOyPrw$LzMv-FsMXw)s)Zq&iDUk%uq-9l-91YV13fNKVo
ze%J6K&+L%XIyeprcFkvnz0zzYRD1}uZNSmsNg(`CeO>*qA`B4tgf+(6vyZEYTHbHO
zPbcy<CLsOQE=*8)jN>H#&A(`J{wd7aAihb$R}QZy)V_PAG6CucHjy8L3&`>rVKWFt
zVu|JS&NbPH!7@dPQMkrF#%GMU0bU>Sy?$ov2-+*eQ5Z|CJloCh!VUhA5h~OG(g$R+
zI&eL$3~xR;Tz`+TU{ehK)@H(<bCbO3UQsPY>0&s8Jw?@W(+pu7%>1DcYoLFDe*zUJ
zXWH;ov@1c=@K|SH%?Vjid^upyhyx#{=Iq+B<)kknr<l<kT2%p&)sDN9N=43=cGgA5
zVmX%lWe%fiDMXH0cVT;OJK)|MA-;jnani0OMzB~lH)VOWXi(5nVU*Y|rr(EhKnEV_
z_|?UpNcuQwjrT=8j-RMhhzcq2Wp?P^BV-8_aUH@k{&aa+inMq%?|C3RI}iAbRrWx&
z43Bw}Vt-9^jXl4ohFON8(TYm|7XLRvjg4eYO2|y{Mo9Isd>es-Q$M<>vO$8+fY~^|
zRX+T;i<+U7)lr=9RNF>icjRU-k9S|#vneMLkF9T)Y#FqD7F*Krb4U-WnWWP@8xnrl
z)&5LmeNR%u7_&)jigXh;K;MIuF~d8wFd;oPps3iB079(2cYt7>Jc~>@_SoUa64oRe
zJ`W6;l65nLr!VdXWR@Ly4OzTjXoDIX_SY!YVeSST-V)gswq~@rqL2^o4-S}toHyh)
z!CCKmNe1$^rMCzk=R&hJ0Pb4J+~*<l{n%TtexHVB9YEi>E&lJP@d6>tQM3ngmfkM@
zkT<4;k7q1jOr^_X-En?RumtfGgeZ^?slVhG`fvHm|CV3l-}0{!{Ug8Q`=5?&9eL)2
zWx?H2p24NR-4Cqeq7ibBGyAbJi3I4_LPJ@06t1o8B(9bkMN?_0r%+8YisnhmReVQ{
z^CFBE&ug<~u(BhjrAae|YMJIx9LR5sa(=!;%8@sxBLyEdw`qVYD(PiJ<$|*5`56;c
z$pbFB1-}iR&WsR|&mnm1wlR{)1ZA=DpPrfuOxvls>3%q$!_=3&zOHf(keS_fdOTgt
zc1oW^N#|zcl!_s0?hCKi+%yr&6s%loOCVx@LOLbq@UHyq#Y8biIVS?;bUHPFZ!x;M
z7IS#I&b&x`&Ih{9Y|{La`*f+PX)7#M*|>z+@k71yErDj+FvxHV0U4B0jb*k{T>;eO
z>znpV>94nZhpu(3$MEb{;ktKFy{Fz7clkAJpYA)|n&qC!iL~aon#l>e$}adjmaIts
zernGF%=`OYeUqi><Gwj1CWbNdDISZ+;PBAUeM;63!>|E~rT%&e6zHmkX&T+3U;Iqe
zjkv{kq969}@YHB0Ai6bR1M&eR1f)F9cJH^B*)gRN?0k?feutKTF~m%~e*Rtbs`ACP
zA8^oN-w_CYYXk=cHP?X+4vjv@oyD&6JDnhJ=L%|dkgyb{NPWB5%6EOf>h#c50Fgf1
z+z@2VkZvRS+16NGD+U)98HF78n~;!5Q&cUlop|ga`Cw!)Y>}dOS4^tLsgyanWlb}+
z;*usA9TkC^o-~Pk2ocGjcw}}DCNiww%Ftj<b5Fes-g29VqcLViV^}nTmIAtSUr_-B
zH1I*?mjCD_XhBI*DzZ@aIu#5JyLlx@9J(Hnh2%owCrJw;$D@>8@H33KTJnugUv1EJ
ztO`|hyN0HLJ7R=!hptbvmhH9<nn3eHxTdzXhC1`-SB>i@u)Ol>SBL8{4+JjZH>h7Q
z)4&i4sr>wk^#u&|$jppr($Zka$iN7`RhA|yN6V2?+Ki5q6U@sK6<W*8RLfdTT8zto
zJ~1vkPd3&iYb;myJv&Zg>D`EKTdY^|K6p%VKW{ire>zWn-lno59sat;dzCqWjLR0`
zAk=i(lpoUh$#rZvp`$f^6Jto!_IB~rPlnIl;r$L>yGypWgTum#t>eHy>GW)e;(s-T
z<hyHl)SHPHzx4$FX>=?oV{7I4nsD>`(vae#@3E??OO56uVwaf{R1qnixH_|?0ezyv
zpwBMdPf*?<Xj^oxF2=}2g!m0wy8JmyQuqOd$Wr&aF9Q!PZPyb`u<d2R4eo`N_A~Lo
zAc@hVLd(<Ti;6w8Y+Hlp1N@Zeuuz+Up>`boo|2T2(L^wlcXv4G>sfU><2jGrhrs6d
z5*+WA*CrR?OS{CiJX^n3G3hrZ3g^ko$Qb2{8<nn9l}ZD{ja!1*tA(9i0?mex6ovH=
z5u&N44eR_piiJoR1$Yhv#DGfmvxN$Cd-G9i(_qV8&4yRHMq5@Ymx$yipbh)JVYRUk
z*`D|%?McNLTnmxtec$g(DOIYt>u?y}EF#;hriODkf{wZ{j%}IRZQpWvumnFVba%V#
zJQ7fn>Kd=8-Om6|3VDpB#%KW6pb*PP!;BSi_I6BNYHj+*gdb^#;!apJd3lVSE-ojB
z7E;?<FZzS+^F^JUw>O9~DR^2P2Rpqa5%3&<r|$hlIY5WU+AM`4Z>mluPPp)$*W*}!
zs4C#%^O?RWM&GJELfuFqa*4A&f@%!`2L*}7r}%TqOZKbYi}!?k9vw{yI~VONINHF}
zeq_aj1R*#s-!PMAE&RwjF!;~o)wSfNg-(FNeKI#2T*NM0yLyBS)?zsy#>y3#)?@C4
znyMxdmVpS1(OBeiq-$jU5QZS8W`iN!V3TK;&qnC}+RJV5F49^#`hL|$jv$1{%tOph
zHAP!hNZy%+4qOaOMEI(PYb4=$bmsy!4`G*N%21pVMAW!#69x{-R+(s`0D|UO*F>}x
z?qBjt|F`@Vf6K4_Z~3>E|B=7{&vX9m{zwpq5Fl_0Fu>^r3vIoqT;iz!shpFN(8PCn
z7-13S7zISmdTo3G0f9gL4aCqUk=n|~ZRULi8^|S`6pN|HF2wl#?-x6t_Hj5Zd1tja
zUCrWLy;~d(Ltz@wbgH@Yg*%?wP~|<3qEJM6+$>&a;cGm;K+2!x=)ql2QCH;|`x+W{
z00f5G^IGuj$>_4e5REQWfviYnNJxkqVOL9)8di&}auvzHaV8?l+LhmpNM?B(brmcu
z9OBzMF;EA6ds6r(?WBIez`~15bVaXW5pegda|CE;EsuHQpiajg@tX!b<g_@2*Ttuk
z!HH!isU@{A+)CxetuS2nfq44YKffaN*UBE2oSxp^4qFsAH|y|8snX<GE>}0AFJ5@f
z&e-A>;C}D(&>%53*F1~13I8?T*8;a|9&;o6P8BDwKU=lL)qciYiu#-L-5We3Pc+I=
zPH26+TDz_5Elu-nW0`@0n3{pU{IF5Bt4NtrxAi9vPnB`sx-2EN$fd56s=k)dc+SW`
z%ZBcP3B`7pz3{-vdgA(x@~(!jTg5KtK-YZEGeBf_d>p)15qy|PwSUo$S?l}%#~W|Z
zpDoAJqVntG`tC>Diceq~fSw0aF><A1YBK+$Ee8Ce&CPr?5Qcc|N4ZcqOG#tXtSsbg
z6$A#E@eC#}&bPG9Ki#Feq&Qb^hOEejt#~WrPG1VMmng)BUd{PW>ngKdz(&Mil0H8g
z`1Ku1vf=VR{@gmqv2{P+8%uFFKiPoIuHMOf`J;qt;pO}M***L25MC-v>K9s3VCome
zyiCz~D%?{{uJpR0+58jwS_5|o%OzB7?eI*|C4Gar=Qry$T)~W{zrQLuiSfNlFE-^I
zNrgh(^dsXW_BgdzXvW5zip^Bzoc}4tj<xOeZa6&w@{y!n&puVrN~x@u_LC9-`aSTc
zywYa)fvsphEvv}Pl<)obpKeYNH-hKyci8F+2t@Jx+I-*h2q}d!1&x(pN(#)CrZO`Y
z-&b=`ra-$>NjgSa<0O7iV?u4ACsr4PWl{=Nbotve*Z~tKg@}uxF)ru%{3^z$HF@RY
zBRQu9^5xot!GzSohytKqDriWm=WAcl7KFzs(A1vD$hl|MS<-?p4`Wg<X&>0?^E9_4
zt}Fi!_TB=ls%QHjK7e$Il1fQ;cS(aF-60{;9nvXCcb6ayB7$^xcXvs5cmB^oz4t5L
z>-WCD-}8T;_kEtbb@raK_MX{meb$=K?3r`e(><uMGlpp)Uj81VENcqQaUw`01^mgz
z)EI0f2flJ79Cb@}E;#$+in=HpM8w*6&T`kKCtzz~7gP@BOA_B~b2Lu)G>G|O#gV>Q
zp@(cSHAmRnZlM(FYcY+<cMzryE~}eyg{WP(2Q3sHr#Zs6me8)u(Ws$>%JtTe^HQIG
z9!LrzS6AZMTiz@g5@W&3OKOgmt}oQBhfLJ$C48QzJ-b!ufBod(x)KhHa<iCby&{}U
zn*we53*YB0Q+a_`F~&;k#Fce7WXwjiS`s?-xmw1B+Z1&TMznL6!s2F=UpB#8d5@cS
z#EHk0c9F&EX2!rv5l0RgPQG@X4&$y@lccGxodyKd2m~1sFOdM(%bV<&PH2SU7At)4
zNRwTpPX&jOp;Fn?A1*JkaImn`aQXdck1pD>E}BDBi*AO-W^4E(W3Bzz)K0(A`bNL^
zXc6%6)vPfRpU7xF7hIr8e)T6+bx_n5(%}1cR_$-8II%{#QRpw8C$==BpsKE-tTm$&
zr=;TBm;qT^2$ze%j;823kv=GvowSCd%%&&%LPMw~$qY=vHbGsPUS@rBX}iBctcSce
zpDaO{rSc%Y0nE9Ms~LJajxpPABC^^aJXcCvSNDZ>OK9PX(X(p9(R9D}1`j#tDnAzw
zb|x4^VJHUDevuD)${dv7*!9ZAT+j@Xw3D(Ej$~Qsli5phie6ecvVih(rn)z>VE&5H
zDv&LYyTqlzF1%%19=7|)Ya3>a6>d<{Qi7OY=FiNZcgOt7zcT-Fz)$9<z5xKJ<McAn
zHFeN}@iN4iHz@LAYE2@PtASJ*s360Jq7#+x&GOL^_f6fG&2q?`mh6l|i|TkE|JTE+
z(kvOp=~T1@vP>L(W)!XE+8muE3ei%Zis9f$F;+1s;!+#K4+0#$gbD&*(IK}g!s*b;
zA!RdrdISkw5NdqfJlxLEWJjcpcpYaiQw?0C?@G)BZ4<(Ve0{<D$mera!HZY#C5pfD
zh*YO}riCmjwjI~MdiDW2OL|Ao{E^V4@U~&%*f4<w;S%N5l(@!q9LlZH<MW~$43|s4
z+u=+}u@@UzPq)ppQlzmr9S<hV9_)eb4ewIIa%A_BO1KHSz4NMlsR?!Q;`&8@*YWbl
z<Uu9(n>bgfBmE1N{@X|4OxnKqj~dAnKYBt+st^czy)z>r5XGQDL6i*i1tV2#_Anz>
z^)RDW^)w^o@T^rldbgC9ip=KH62jN_@Hv=UW;w<Yl?=oMyd~}tB=p5%KXxSt?We~d
z2n9dnWA|9dJ_<GvL0D6UHnJ?XDu$YA4TIt6_y+c2p<bmc?AsckGK~=4hEznqe~iOo
z$7*`M9m*wbk)^+k^TK^+a}Bz(F75dmSTJ5nt9qM3zYaF>$2Lyaz-g>tC%!%_E=0$u
zm(L_JJ5Pw-#9I;?wn_+_KWa5?-TruqY4;BI4Fb4JOc=bQuLom+j7cEz45t1(mtG_$
zu#TsTd@)ZV_@wAFdG$Wgqa_-)QuUu=6*bh&*`wM-?aS@OaLhIOZJVx&5G7`H>!rtO
zleA6;(huM=j+j7K)=Yreh%iRjFm_d=*_b~zWi)5JeAi2F8O{V93&A_5Jqzae(SdZ0
zZ{=aXfWYPa(ikg~&r!c?3T<|b;dOK-{)3&uWI+v~Su%eL3Ty>F9PtAR@pY&r13Sbm
zLm5;QDycHlDDoh;fDpEfee>uI7wF?sGDodj>;P59<an(dbi+c-GMz+b*Xc7$rpWzl
z@2ZGdFaP?E*?RKXoLcLUm*XysaA_;qQrD?^M5?3jYIrS-x7cv0cOfyb5$2?KX<lZ=
zU5)lVQsvt;<lN3Aw0XyqLR%tDEzvbtY0O<xJBe=^tN1Z$JT3LDH!kA7%5VtVFhAu(
z;0p^DEiQR7-shJr6BG{cH-8~Z_k5^7<vb?pR^1nzR$7=ym`S9k*qs_%lF0Bnq}g?L
z&;V;}aO!}B^SPPGv`4v|Wr?k8Zcv_WDaZJRjj<7q?xtZ;d+?(Egk__2w2i8YqPek`
zf?-dQqH03kOt)!tF}0!j;C^~hM@omHm7>+|l6J>(hjn-iNq(8yHu?NqQa{(BiD}Y%
z+eF#dZDTLX7HyxJRupgF*kh=@i&pHai(CH~e4B8djC`e$ty<$dMopTp{7gB6pkoOw
zJFcldXbAGTWQOR;JlUC<n~^Sp7qr^mOv4h3)whNhdqwDx2((x)*Y#+ei9L(wlNxe|
zabR<eL{f`20QRwV$O|6s>iw4}Ix`ZKfR|9+kS3&^^<rz>4=SgV=MY1;p{Idi!OsOz
z04RW=ds=`{@Ti~_FCW?j+{EKcny(#r0f)U5{%pV*)6r+hBd8+?t-khVQ*LXbg#q_R
z^-%R)?s@KGU{yzohAFedM`*PJhA%W|1vt%ZRXH_<CM9OU=j7+QZL&_)CsB4Qj@Wi#
zAPtFUCkzR(&@+OLdR{n9RK4PJ6xk(3(4Ix9btpBdgtlmOqH?L*%`CQGQ+&ATgGiQD
zzq}3AF7_O*LLl_1|A9hw8zh#Ji&M4BKoUxA&g{FRxBV4}=UB5E2sI6w?`-t@;Vz!l
zRKMU{P5qDyJ_wIV!5gBd99oJ@H&m6R9c<@vq1S9YP+D@sQj0XcJhSdohH2}mSb%)Q
zvx1|?27V#Rd%<P^segmVw!jTMDZQ&^D91<1hU^HjS+EMWn1K8K21g_zSZn(FFg(e2
z;0*bsV$cVS0>u0Ze`fwKcg(N!EAwwY|H=Fz`~ZN<{`ydu#<wml<!zTP=<D@O=MO_H
zXDsQ6g>AGhI{0V&o0rM1jbmy(cnhvvA*HXX1KHPGESl$N;Fkf2hsJ%zW!?@5*nNmW
zjzg7BPUodi-BT@x*(<Y2w_meQ-*%t#dh^X%&C#UOM%NWP(`-4gc1j7KyI>AYxGK;4
zWUdQys<eI_L`&3wRenr{oPZdq*>rHI#R>PRI^n9|y>=2_G`>0P>eSWp>~XE9Xg+`S
zG#(ybHQHkFh`Ce#W!p~fM~&Xy5X2LQ{wfR${CZbpI;P28Fz;8hItU{8`5$Lpr5a8o
zA;;HaOd?2!-uACfm?iYyT9*20m_!t`h#yFKw8l3Yd-@zs1V7!HFdQmaec~N37UjrU
z2e!T_>Ur{kzmjxNU%obEkn^JUCGz3>i<R@<A`=YWYsUv10wNc-yS@lnVwZskGy3Um
z=lny!U(xY&_A@q`I7FRvA-i*3(YQqRMWH~~#Y5Jq`r4ojq7Nby)S#}*rgMw-own%P
zXg?2pkJs9W95I-6IXU4P69#qp;oDTy07~sByJ?=ez=fXX>Jhi^*m))Eiq5qz&tTBz
z2*dacLkSea7VoPd*G*XqKU0%(u5=~M2ToVgyN6jQZoS4<9{F&lIWe5ydW3KA+YyDh
z7_O;WrTFp?!AeWY{7i8~RQaway&XJzM)xX*TavPZp*d+}Zt8ht>dLnG=2&!St}Ion
zULrS1)W+2kD^GFixJdWYG9vQGYvp6b;W*@}E+qIJr<$um4SI&Q#_HMbpY&`EhPs|V
zaws8DXb9dsO&z%TTDSGYgWE!51<^ezu1p_^m#bWRns%13cdAxyS1vBCniR|119vob
zH;eW-FJLg{5YpRGQ`)t@HdJLPAx0&hy(^|c+V3J$2ic&KG*Nsm@m%X7sT+E;jo7+2
z-+HAHfjN_qK?x$7peB{xWgmB_;6%L|>iqH+k0)gvHO<YRlj_@!Uu1hTB9rR052qfs
znS)(FcpLuo@uxTO&fe%9%m?h$@@Ao&B^DLpJA<-sN>U7S4BUr>u_V*t6t%pb4ooT&
zj`|LfVCDsls%D^=tLI8ERAO-#i&%D1_M<;d3nJKF4~2d9xOk*Irp34~-Y#Ke^01uH
zWVq=`U%-w5ukm2GBEBtzEMLCx7UUZ+izJ&>a0{rTd77|dB%9Lb&mTP8flkE9w|uq(
zU#~J4RFwI2Rf@GY%q)?1CgPgDH^MBDaK<{tnDBKX<xKf0si|=FqkWdOI5=O(W{7aW
zwnb(i?=)6F4&7rqXgXwRNac4`QP6}lL5>T!Q2|pbux2tv2DsFXI7ZZ_siwsNC*eEn
z$qO$B<oa(TA4-{u+51DtXJ?VLEVDz4ohFLG9wvHBPeeXk685}kw#ILXdIY~wu3xrV
zt&f*2kc2~q^X`$ie!yzFK4;9#Jp1zbql%KGk)-RSw;y{Qq8*UzgFP+=<(3_0iXIHF
zCPB+MB4-Qr*UWlWmFVM&neCZCGIz->sceu#GEXpqXN+C7nab^1BQbPZT-qIc;KXKG
z7}T53L={sT$yXqCM&gBkWaLLRtw!Bl^`5;<ix%Caxe=QbS73UwSG<1W`L|+3^sTN#
z*adljN%OmH<pLadTipi5&mK3JEP4%QRO3OAoL@nuh#^lQr4Z+_4b-*e5CB^UjQr#R
zVC5p|^SB;Wcp382mrElZo8hb^=906~)r1us4pIj<O9CAt5mH3SP_v0w75WTBy(D8K
z`6q0sP{SnVM_%@g+ym}qT#Q^r+}7OibevsWPV`Pb+-+Q>=XQYSL-a_FK{t@=7tiSl
zk&;k6^_%^$EM@5WL}B_wt&_qmlEPrRMW6dGV;Pzvv<5co(5Odh32O_7+Y57X5sqD9
z7!RJE@{CZGrQrv%a1AtW_crGBg7!VY|1=W<d@riPZArJqIbuP~ul#4`&%a}S#b23!
z@9-z{SMvb?Hbm?8R*4tzc{j+{cm|6x7cuF6qRMGzM?NF4<5RDew45UJ(y?B&vPSO&
zB~%>aOjkA?i5#_LA7@=WM(yrH6F9F>WLz~{<wRX^9;*mZ?}g}vKwaiqyLwz=aWiqQ
z?{De4b`|>iL)!<pjOgBo-iTrUWP_5GRe4y<e8eM$ka%%!xrX?-McXR584bJWssyJn
z&Z(KM84UZ6oMqcar!aONPM@o$xhJ^Owv$Sori-S`Z2C;AP*O%~x<71c%xl1Qc$g{?
zniMyf-og)$XXo>-%f^ErQSrOdWWS%MGI=sQgoKlegmocytq|Dq^dbQ@|5ouipI@tu
z4#&)ATbK<)l33iz_sJuz;OaM|rUQt}IAkHO_%zeZiF3?7zp&Ay)xPHnp60^cpe>I?
zg~ODHXO`neStKp*_uz;u(Pa%zU=An9OM$uk?CDNOLDa)v&TYs$IG?WlA}!oMTr7ej
zBGdY5G{0TJjrH}aLDM0JE&Vm*HRRe{x;a5gU25Gs^qVJn;cIHl>=jDSruiS|PN?U_
z+f{p@e$)I=%WdFiE+g3}=EdxO{Bq)1Xsx>HdkKtv)>p#9@2QpM-G=rQOsmUXl#IHT
zCyQ1R${-mZHfo4&y?^4A0$g^t0E1%!-g5$8;-pdfq)~6LF(mtZtn{_SZU(Ivwa)^=
zLy=)9V@W{2?!4F)We3#8;1upMTUO7Ncq50Gqa$Hs#-qb2D#6$}J?n(Dn4XfRQWjG8
z7y_o{U4x=5k1uA{9Qdo&D~Z=|A3X9VhceOapD(&ScYd3{eKX07Ycv>sj&V$1U^iE+
zd21`ZDb#ecFZY>SN(%$lvUc0~X=%k+1xD$4(joWwiuS6^7O|V<&3gieWM2mBZft-0
z%Y<w4=+nUHIfLsSNCZIS0UWl#2BTQ6A(-sUb*>dc*EZ2{?zbm6Mv+5}>)5g~h*n0B
zu8(TH<&s`KA4Bge$?4l*n}GIn>2KgMC_sk#iVRhR>|KByU;UWnGMG7M03R2zBQ5NT
z+gNt-(~YA0h~LQ}W-Eh~%WH}2o|MwCEUXhQ!#oK4eJ=6%XterGlfH;iR(Dok{TD;6
z7Y-b8x6ygzlmRsh)0m(Alp|W>ZAOWdBO=~D(EM5~;6h8M3Y@&kvg|_mLc8Wq>{ZK~
ze{d>f!HJ`km}X9JIYM2b?w3Diy{z43fYg_@%}(twYMMMW?{dtAqhFW7mF!`ayETzc
z?K*3>s-(GH=TQ-Ja<jSoiD&zCs(L1iZN){>XJQ4yUKM8KL10)<*TIxCet!Pk3WS5s
zHH&87WuNMmoqo}6((`L+YK^p>;)K2hBU>_byKUv^5;c>o#Oznkhd*9yU3nfNug%b}
z(jV=Z_tu5o980|~_A6zXl_Rh;3W(!l4}*S)M2XGlyY4-nY|V!MR>mMQu(HG3-3sv>
z?1E+lt=?~Pl8FrO?ahG0+SEzELRaWx?#J3ljoqS3>Eam#$PBn0Y)!$}O#DaH7sV9X
z;w+s^UhH92o6Ia5xiLE2U{6x@D~;5d!x$5wcD}i;`k7ns43-epy5yhc6Xl(;b}AWm
zl`y5pKv})b`eM8R#Z?7cCQm!qOYmyYt4eb&Eri$60$<7Iu}UR}zAo#xFQ{FDoas}L
z7H^^bKDncPQQ)0Zzo59rI@(roK~$VsJzAX~+dMul&ovunO<h$xqDJ*fs^gP%A-%x+
zT$i@na#1dI3&A`zH#C>Fa=~|v|9;cwNB}hjZzP0&Rnw+~L^bn0GyTBJbacJKxNgQ<
zh1^!RGU|<$8<@qm+P2E%GmQ<`EvL^;-%gcJQ+L1aw9M(uNbPM5%j5~DUT2M{GUnrq
zQU&!geXBU1wJ3+Bm6XeB-yq?NLH8f-lCXake_=D!Ny7D^myr2+s85xaM194Vl3R5<
zj(K(cL&<@Cck2&5oUN;MI}-LjXOfYVAm)GdXXY=sV}6BSng0ZMSHEcKhk&a|SpdMR
zETj)b29c{IJQvO93_Eq7U2xUfx1N0oMzTr7@(HZb!ZSqlO|I!?M>JP1ck`jkr+F_w
zSU%Ca4g*|#73Pp`)wH#AmrQW2^E=LV%?Q7E7Hx3c!Mmf9Ak2Qm-(gB{Igu^=>}nfW
z%Q{Jw#kgha$}6%qs_PVQ_k_kVE`0;z5~(u>Bgl)OMRr4NZN!g*7@j?25L)9x>oSPN
z=!y@>md97v$w`S8oe)H7$0qCEp7ri1Yn~oCybRE*+7*i3mZrrIAS=H*c=%)?%lhdv
zrg*Ewnpzi_47aSKTa4P}nj5uq`F^OucX}-DVwwmN=Y+ITmaWX4@4omrY6M%JL1PD>
ze}hK9+2qOK*>$Fwr%ActSp7_0XTe41?D<OR10B<eY)Od1*xQ`Bu_LaDca~fhV2geX
zo`yl^IrTbm$+@%bBQwF+D_H=HF6Vg@5!^jJ5zQ4=C0!gl0J1g0k~%SClJ%}F)q=W^
z=4N@q`l7$yHH6B6SzUGK%(GE2{p>R5V+0-OA^lj~l!Ed6f;9NW4~YSz{?aWNDZ$Hd
zUFU&*UmbC)1gI3o>BHBlT36%Jm`rp`D?UXk66T_9ufBvlAwxRzLF*}TDvuOFr%UQn
zcA;_e>KqZyW&!NJF&QgQ-rPu~6W_6L?l_Wfo#y}I;zN;p`sSKjL8XSYPe_W!DUvuh
zR`PIhxm$@NSGmck;*q^~;{|rxbv^px`T^#i$~nTGumc#O9E~>K1s8Mg>$<Saf+za@
z3jX<Q?FxjuOB&`nTp?2|eVG-ehxQLv){PzB2p<?&aH5IiK3bk$`S5aA-;r=A<<m7)
zMC;^E&St&xgtE{prTLDxcHkHzz;^*EpJMNkzLolfr4;>{w$eg$0B)#4^;rD`Tg{$%
zXryH0s!ULOCgW@ps%7j|Ndi`~y!FOvwxWW%dz6tjg;K88dBLPrD=Qh&;ZV5=%~(>G
zuC>DUB$C@xDk19$6!lB?FD_3v^IvmwmPa#1=M)lG^sE|<QSzL&>*^3AtDg5h`!dkN
z@D*+oca$+Tx=mV}qb-qQgd$IDpdS{|=ADQRj<I!N68J>8i13Tiy};=mJo=HwG%h)2
zE>C8YSHRx~XxqA(!mny%ef6H9a^MV+3Mv$c@4F5vIWB@;rkERe&0eNDL5-uxA+zXc
zw*72{R{uuq7(rxzUAJ_J`=G4fqRtue?1^sK+WNB{a<z|z3bMDwmCJ#w2UxX)L!5D?
zyUNZHIZty11YWTXL8G-IN)A|KDNSZ<+`yWUb*Q=?r03}&o^WqqcO5BUQh&T~dfY0R
z2UXF1{%+q`z4YDsD%PzZJ7a9Ax#vmE&T1ely{peYPxR;4&XMfmn1?m80lF8ci!rF9
z+pB8%7lzZ4&D30tRpV7f8&GM(=<gfw>aWOzI6tA8md6#n%7Yd2wq>`V98%L9Z?Vx-
zP#oxYugbeg3F~50(`GIrP|XW%l-*4LTczL@)1XpNrlq@JboDdMk6#}#`fUGxUB6p8
z@gt_jw~@}FAsD#|zKZU-u2@4I)_fnixG%3wO<sLY$x614wN_b$Ea^fW4u;UM<;%;B
zpuLjaX25W5tMISwu_WE)E2)O&?sJMb*l!~`k-DC(%yO>@rd2)!MvUd?bJgW1eH4h^
zgDi3Tl&vmCyE?95Ll7e{n-CcZc4c-dx6fKf)E6-VHRUQc<Q`qT$x(GJ8}Qkes1IvR
zj)F>qyrjy9-O8h!z+)U2*v$<B^y*b7*yW0r*bd-1Ku)EckZZj?<!mx;bRI2|$ZHy3
zN42GRIkKff7%4KuezJ*T<i(fkLLsYyYNT*tUeI$|>eA_EEU9$Ud&2&1A1V6lI0<*4
z6GL)x{-l&d0WNtQWMCF$AUc_I;y%mhw3;Ewr+^jJQpQ%p6f?nX5xAnHGR(S$v&W6>
z4|Gwl!Hw4%>_5~<hJu)1`_Ih(^^W=Fe`WqFwV%vSI0yhZX6^CiMS{<fZ}se=BAM9(
z|DbRVUcSy;dtQDtksx$YD~TfwQiiTq{@W5k#G9rBZ;t2U1{Ytno$J-SpP0eeVhe|z
zpD%Xhgzww57Qu=6xAjjCv}8CGyYHti3@(VNw%Y6NHy1uqZL;TnaA@#&k(yZdoVfVI
zzGSO;5G@s1W=$ZnJlO{yEWE|qO+@8YJ9IxOAGj_6HmW-g*f>Ic<MZfd(wFap09!|k
zbb;<Z)x+n7=G>FZo!9$sF1dN)&68D2wCfvuNiP>EI9X06EJdFzp|DQr#=vuKyIop(
z_Jr)!1z~=3lcIa=T{#qnJ{fYX^r;UaoREwuTSZz~+WKZ{ux@zc3$X!u9eX*1>gx^(
zLjxC<8A;Fn*UQ96-(-`A-)xLReX@gis|NAb31Y;D9D-R`23rL)f@$;s%lIr&{MJ)^
z)FOwryg6ng!CXuCD`pFkM}n8DVzWgK8x2~|0d-V$C7N`$L4#vzIq=WXzUgO235LR?
z;@=QuMwowSjMbgaEoy<g>~iB5gh@^jaKOfY#>0@>yeQV_%aZyH$`Z;fa^rASjQ{CN
zW1;E-!EjMD!$wLD|K8W7v4ps&)-7CLdFB0tUi&GNDEcbA4pJr^4M2RIHcrG6koUT3
z{F$v^Su^feDeQ+n%_x>H6CY+Z8}9qD5%Snge=8Ty6i?p5XVfKi$lIdGk74apTQWUB
ziX+?&7g(~0BZb%ficQ<K^nhJPGF)zn>0Iahu|s~f)GRGtC~}9-@@>1wQrdy#x!igB
zRh+Z%je0G<W_Vp>U37j2>yr6WLZRx7MlI!Bgj@J-7xJ>^vdDqXdE6EMjkpFKlfaV(
zVMfA618pKq(;z{@2~qkl^pj85z5CX*Y#6>Ue_{N>>WC>2gwjfu)*i^b*gd*JXPvI1
zg&s$&SD|7k$*dn+)Xl!)xx!`bQPHpdnubv+Hn*F31^6PkijHX$Gv=}c&h8JH7XhoP
z1H#1(CPcmux`k6kiC$eNG3uq&7$8%MVXPAgK@WH!47{*uOq?a%A<Qb*oR(@>00XWs
z?(5Sm@W$V#rK!MMq?vH|B^L#52HifJUQvZI6}nuxJwF#8$^!X5YDM$Vf}uZZpT9o2
z7#C?$8u|jp0tPB|5=Ng~pgmtT@7D#PeS#9yd|xFp$?IOGl1KUeN;xI=0@Zw`%?aRT
zs{5S#oMI2_FzQIft0`wQN*B2IaVuJqo0G|8s%d9^Al=A#(%<YW?JFJlhBS*r65P<-
zNaif)?9;y@<Uvc8<=l@u3!LPHVuO;7*9p~mn9;=)C#>Pe%M<6JX5_s^#wiOOM_iPh
zwnfD$m$^kyB^|v*Qzb_lM_rUtv_<YTSW;NFCGqNw=0r?oCm7qgO@!wXex>9}r}_qs
zPlvWm4K}&RAYvh)>J73AQ2?1*bo--9ndsMT)xej;T2-njw!>|ZQ|c1W5Ri6t42w&)
zB-!UC(qze*vqMy!m|A5fz9{Qbu|hu%D_S<$pj>Tdk0iv4M3#NduGE`xW0jOB0<q-0
zm2TG#X$6KD3BSx=DMu3~ZV;+Y5;O41>b*Lj=Q2fwzbnyLJ98u@Yda#7pjmi=LH0Bi
z>(Go<?zC9bl5OIIch}hRCKLZoDCZh(h1^bhSiz=IXGGPq*%RW^&YDQt)2?fIeB@3~
zc{1e1Kqgh(C=tUzE}9UzFfMW_*{@vGQbWoPP^`6<g~FrKeq5A&gZ2&@Nm;T2)LXjV
zO%~D>-<T4a8eo|Da~fe-8x2!YbOpm4X^E3au%fjG-ZTZtEu#{4h^FRvx9#;a5srvv
z0B5h$aIVKin<mV?zcE)I0pC*C{xMECI!x&F$p_#=f7hCxP1<GPj<8+4>9p1~@99&4
zz-LTtm}UrB(1BcpA-GJfm^y3E7+V8VD)hvQh`CKl>8F5S+?XAjUEm$!9^%HEuOys<
zm|yqL%wKrN{BplAe-t?KPv#G;0RWDC*;}y%;JYnX*c^wc7`w7N6AdKO+q%hDP*n|X
z#;@qP&1Q{f#RIx8doB&Xp1Yp|sOj-o@G_I*Lt;bvWe@2O=^Y!@O=vQ8S01lCK1x52
zJV&KwO=d~X%<9(f(Kmd5o_LOZ-R(T<oTL~}8&5kpv_iQ;S=@OQbx!Hn>OA5crI=tI
zYu;b9V%|O1|Kw2OP$Kd2?KDIyY}uZ#ErGxrzbEvXRH))DR$pa5qZ_w$y$%>B(ZJvo
zDjBCf@xNa9$VL_Hzqmj&+BKBgYMHeta=<YmFiT|~<+Ajlu<k0XT5Xo_a2b<bl7|GN
zi*!lu!0<fLS*Di2jac(NQpi=Fvsx|TE&eUpE!Fc-w=lN|x0vKkw|2MA+o-n->Dq8*
zD2ByM98a18!)}#k;_BtT-XJ>ncE{;p5fK%dvzK<W7Y00hVJoW?$$eQX_^7Z%6rNf(
zT@8o;|BGUZ^tH?p*-6${6ff349Og>Cy`4F&P42s_y}dj?q<8J3>g#4dbgt_=>`rt*
zYDx|zMn|a?#7E&5d`K?{9`-W*QAM-rYi=1{6Jmcq*#)K4ci99;kC_FzE#DcCuq8Jj
zK}I~&Vt5jZ0O_MWPshQA0Ift{FUvJgs<HPN@5~SHO3*#|LA}7c`Df4e`XB6t(%Bmj
z*o!{kB7(zx1c598j_l{@L*nT}R4))dpF%$WjC?PYsaynVnh<^`3?jeXQwg=6(tjR}
zc+a1~UI?<90j)X}PDA^h(r`WH#ylG0o<GUMe8^@gh=mdl`$xX|V4Egdub`Eakv?yN
zZ#wc;@JO2hBA<dU3-eacOPhg5_5nI2JggW$I+IA7Aw{YImZN#ksXk7_k(EJp>O(BE
z)SqI{PobYB!J7g&@kel#Z2;&v9zvw}eOT?*U<c|RT&(!!xS^{^OFhsB=m3X0fCDb?
z6#vJb#|DSsljvZk0Uj*oAA6t;4k0J6+*#Z{QUeU&A52CAO!;`#=pLf;M>VdBQf0d5
zXc@(_WO^d%7#ARpqnmIlzT0l?{A%<W$+$kgfKeHK)caNIm)B!or<Czn+_@Jb;VR)-
zUfQKp=@?rOPNSC9=UJ*vL)z8PSRy;4>;ynBJUer&2F&?mEM`QOQ0_I^BWi>se=M!=
z&zWD{SFDEEZLHc?v!``McJqDSqPZY&rgp{66U^Nhgn1PUF5va7L2D6RzBu%2>^C1f
z6j?8fZvqb<HVCqzNHjlw(QHNFqb#uWIKh{?**4W{Tq5#uRP(dc_-w)_z9gyd9rM24
zYByVMIAhIAqL)WN>@1}yDgiD~J$Q&eN@1<Zfn8*RyL{rsd%PwGaWU+{gZNSE@!Amh
zMJAZbBrhK9(N}jKmi{b=<82!)X$;I^2&iKZJ_xP;hZ|~y_yd@tOkj`n0e+dhsaT<G
zk42fFA5pstisM_NhZ;Z<sY3V_c?dqmw?qmxfG6sOe6;<swgeg%$6Z8ZegM|q1`7Ap
z$6lNF97BlXiO?pM5DAAVN$LQv8*nd2KnlEvv=sg@Jj|;HUNlhrH6GG<_`?`5#}NG2
z9{m7(riU=Ez`dZrQW|&-U>-h!^YR8u`NnJT;NcTkFJZ8h0bT<H=So%gjc@jZx}s>Z
z0ZfE>?YpA12bfs=Jks3JwAXloIL~sDVqt}k-)7gg!Z7zV3+EWpun0?x(GTY2P!VGC
zSyBs=F^}kZ$;pjMS=qz0S9@a53LxR(`yjMGdte3QiA{hH{Rz6wcj+^j3@WStiZJ~&
zS@hEu%QSnl$UWvq1&hKb4`r@dJ2|dl_$RbOCpRDR1oo4QOV<c@qUylV3fVKRUOdRd
z3=>3n2;UsMA>kzF9guc0STTLNgKm|42!k#WNFuH?IL`Dqp1B8>2TO!BR=&>Ssi4uc
z=(VwzMrvx_!?zY`UDIoDtQ%f1p0hQWlPxb&vK~fS@Iq(XGk&%PF~7l|nIE{Io;%c}
z?61rZ-Sm_BiGc6ziK;r;onD(no_gD4o0VgT>*yVi-pDalrzV2U-PM82Epn_=CVOjc
zVO`k~WM-K*HNA$!y75i8W;#3M>9IhwCyZQ%z)hC|+~XsHk}{m(8yesXY(7%&sjE>&
zO}@xb)83JcG@6kfs+z9e;cIp{**{!$5g(`-jz=><YYf2^L?(FL-?V1#OQ#w%icerb
z?TC$X$pD^@sV|RbuZZNq*`BDsYbyg!F(5|K_r%Br!Bp_+H|r)cRe&8Kd!K^k#X1)Z
zl#<CAN(L?Ar;d7Mqe6LH3195#S4^H&0f|?p-^g=v+HJ}e@n06?T)0zMjt}Ld2w;nO
zAw@mOyx8L|NP1ZM?h|*mZt|^;)VEJyS^9pwcwxe(6VPMgf}wqObn9z`8=~w=dxi$&
zTNqihi}_<R^Bj<qQ27}joMv~ed7{7vAk2>TjGIMQK3~t(vTEiFxL`5A^tTq0L0BP>
zop|Fd59KMvJw@Uq7~1L?ttZ+dTSOr9BuFUK89`kDMj&e*X1!^COsjvb7{Mh{nD#C4
zhZjA&E21$SnJ)-Q_BMUb8b4-h)5RJBUU!}oqt$i=(&)vge&s)yc+|3%cDfREx@B%U
zmi$yU{uxg~_s4)xthGy7gp8E62TQ1ht<6Msud~+G>Q-GCU-0dOSqYPqq$xj1e*%#p
zLMn(xO_&z`noU5mlks|ZNyXdy;$WH&SDUxPkV-}N;;=KqRsBFW`$aT3d7DbGpO~}S
z&Lb==Qgd893{<Sg*fD~glITpsq$*V5!=yQQAsz2b!dphQU0&Qkh(z+qUEP?be1nPR
zOK_JyJRd-Kf;i#BlH~7bz_o<mLN!rngK}PMqM6jWV7K_*wraE0F0vyblP$)Sw(C^S
z$5!=>wC1x|`I@cqnu=wqjq3|Nt>cRRH<}q{SP`?Z#X%vg$)<yFR1|RWmD~PddJ**l
zkaAKg&lgyk$3Itu7%J~O_lgC0bi*PFX&*X&Vvx0UFeaYlo={vgS6?FPSx`WyoH#Y`
z^lom#QoC-h#+U~qX1JhXCtUV~Tyx0Dl{ozTNhyOFi`$OUg6-@p7duz)w@|@LJ)TT(
z2Dci!0@o&W6x_$BQt)lAh)b(8Q&BrSZUv+EVfKy$*P~Mr&_i%-$eOAHuXu=ChtiLm
zDQ9Q=-!KzyzAkZ2HBiL!mw|M%bA*hm^?6B~HY<VkguBM~<y<&P^`6+UmPNND@v8h+
z!jny&l5PL<)8x9qI`T!#Rcv$~lK4aKGSRi#>@4y*(L}bbb>Me?FN)(9o?0E!KH-+f
zbYymmSQ!|cz;K3su5QlCax$K^iq7=~+syW>iyLjyU{hy;3;{OUARWyD8Orq4H~-~&
zL1c%vtlBQ5?U?G1Dfy{y8MI>BjiO*(t3;;LMbKz$rJmU4_!qo6bncG5+Gz-<<6A8Y
zaw{)p;^7c?4b|UY?nM10@wJY`bLX5e4=-2c?4m3Q{!kOD+tAW7H?JX<AbHfTZlOmi
zZ_etAtmdKX!L@(0hnMV<nD0amP0h&l3IST>GudZlZ+CBKB<eJ^h3e*0bRKHcQm?7C
zX_lUBFtajliVq&12+yF?cTS*c%FZf?sWc>X*KhHtdAO-AH*-oRbJ-O$yS?@AeohSG
z?*zeeEP&-M(c#{b8D6QW8~Ok$gF)Lj^-x_UbxBb2ol>M*t(1whMRPct5o=@mLw%AE
zvJi21H~TkUw_^~Cx495<1ZX^X<B_{Dm(cB1P_%yY2>Tmv3~$O5v&B_sw-rovmFa8z
z-x|vc*-5@WjGgX9&s}Sf+-$4M=YDLox^U_E)UoxZHIdF#cgQ^xDTAXi(@e-YL}Bs9
z`B|1V#S?*ykOxsq96eEUmu6K|h9&wDdDErhBa{C6CMB{2=91ye8pdQM<3rge9R11x
ztv5_xjEYVTFsZZbx6V-N(6G{yGS=f%Hj$7=FhI<2@@M8RzGHrwUzs1#?kDqO!vX+X
zwI&5)<i>?Y!2-zV=yCfOS8IVs5fikH2whncZfcC%4{xpJ5XB(^%39&{@SbpRQn_`@
z5cTCt9Fk0l9q4*)>*<gx`33W?re8x_(Ud1dzhPSzp08U^Qq7!Rd&H)bAW$XzNm6jd
zM0mBAvUI{gkmbPGS~7VPgR+`*NJLa77*&1^oanh{%%^^fMChg)MtOP<>%df|Nm35U
z*Tc_cy%`03X(Ta>W7b7^Q_*oR7DrWl2v${wZ2JzJgdQcfJYKVbOWWG*2Wz9s<%%`p
ze4D-KC7?b5KEif<wy_lwWeX{ea!H!kN3`=G`7wn!mN0c+*-CMpwdwO$gKN0wo#vyp
zD(zi882(>gj6Eg}e+M~c-hnHv#&h=C+(f}O|63)Nnt&vxm)$b1?8W$LI%ll8fZ5{N
zt90#)J<-nWf_A2>xXBd>^px&34$muB+=c)R;BO;`x&<I8f$LR|N|@s`ddY>)*&GAE
zReD<IRAzK#I>+3wk-ZZH5nKYLORieiSI+%mZ$w0VP#{vV=J=@V`PP7z{fyIgbvHSO
zd0<(z9!w;)hFqRXnX#1GGWGc+i7bP-#!KmIuP)=m8=<9oVLgl9oNTA2<tQ9Obb46+
zNS$!<wli1DKx6@C997ZkIcqPuq;u$;6__@62E>G(*HU96%P>Ca@p$sGJ`qGiN;h@b
z3HYekpVkJqaXzTmehI#A*>KxTYK@Io2uT+&R9)Dp;ij*_YQZZb#>i2j#HH!8blD%A
z%+`G-*`1$l+%lCvN!%OU`N_3^v}|c$C&cnoLUg3MW>617Ux+%F>wu{Dm`n8H8;yp6
zCmkQJI|p^nu0E5lV%wu0btS(wFd9=;m#y!r!qd?0H4hWpkseyCD7MycYQppHqlk1x
zljr2NT@LignF~bkVQ(%>|EyHuIS>?$3sIE|>9ZP?b2JxGcad!%(}0UZz2bi^d&vJ_
zya)=Si9izz6*(2!-}cyK83mmo45l__NsD^a&15_3Y;S=gUAb!^$hxL&GeeOw`K9=P
z!CocNdJ~tlR)-r+^TLqKNrUDHs#6P|=Ji67-J6Sq<f_%DEn*+OZrBFtAfwKTbeSa#
zvpXDZ&5l@Hydkm3&f;Bp0b$-wHb5-8U!1J-JfP?uwhNTu%O}wrF&lcD4_aD;undha
zTf8LTZyk}c&V{^<MczYMuNb*um2xRg4MtJe4`r*Q_lyyyPZE=)qZsZnOQcT3Ycjli
z`SMD|8;pK#8TFL(V?9r_QOxy|CaBj<eI`}7G@-`Mvm`7k83Kn%H-$Ju;!mPDBu{4c
zUdCfmY*0xZa-uUfa$2}n6jibvp7x4NjnIn2*!l^ZOFQk%vQ4^3N?%I5E0)(p#XG&s
zOjA+v4XoI$CF*;dulh)-ET!9!Q`Mgt7h7(1)1h{G)^n*^sIlTpm18x|<1%3<B`T(A
zixOEuBsZ&8qq&ix-ZrF>x%2vVL5;TU+UuNGnewo!75Sf>9J?GluCZo6g|sm+zu{ar
z-K5cn(a0|-OT?NRnTlX5pJcS*4|a3y*{@uT5}!u>d@=>aZKYN$+-==4xVp(r{|&L4
zGjh3%Ye#@Yc>5{$qsIz%d$a40EF%m1kUDu(lD7%5`Aw`%gyktnXG_D?LaWoa`j9U4
zCpjF`pNWUO2^-4Vv>w(GCBF424OX+T=QT-`vLC)J&a)PI{(7q)5`N0S4<3gl^GnYz
zWlOMe;Zs5ES2UlUwLe)~BN-DG*?PLwCCaVr4_R|6&F?}jN_{cRDYvC#qp-*^nqQo(
zZ1}7bqp@>Kc0jowkQ#ro9LGAdE(<Htblqe+V|IEqFeP7DNStT>9_N$hUZw+Sew9i8
zmN;v|W3G~zu}}TR(-_{Omo8%B^bQU|UtXKXVzw>5ojepSt<}2{O35npb|!~i<ZL7e
zzf4Y8F`vMqE>@nAX&k#-jnU%I%wKZH{L;TN|6|IZ%>PLM0H`T4&hYe3)ejws*Vulk
zokf@?lC|`{Mt*|k;)}$YV|4#!pqFyZ;rkBV?b*Q9vu`FJD(xWQ8G9Hp-k=F$M-LSn
zhESDmAv;vR-l*&ct^@LsKF3b*T)*|(b)UgD4C7g?x_PYNB9nILt{~R=c!NpT*Yzmt
zqC+Xv=Xne)Wn6CWBbUtZy$2!RoTDfa;qD7jp&a6=@!t*xUif{4+afKL%wl7Hsb1FQ
z<3m!+0$fjmZZvNo5P9rEes?RL_`1<TV8+ZY)y_2UtNg06!g)*OTq0UJfrF=<z*h#L
zO$=@3Z{+^Rqe_fEha`zhDtUGrDjN}Gw7KCyueNcxH{*9%ax}#pT=(%WReQg()D<~?
zcmyW_Thl5uBKwsS&B}au*ta~-<&`r>eW@>d$+*+;gGKZK_Y4-q8061PR$N<EA7h*k
znx*x$M*69nj$~xsm)sb-B3!Jb5Dd#Y#l79xms;y_mzkPXQ=ZN=;^P14(uR{M<==xB
z5kN|T`Eih4A<#Nu;uu*k$?n5Ixw*pbBJXwen14dR6f$Wg`_s2=-5jY$(T|2*#iXBB
z^rV4P8{qC=Tlb{7p@1=kh`N;0WRS4HV`m()cPtQf9BsIX9EwKCpC?8J6(9sJI1{!~
zDN#C5DnS#vSVNRXCwX{OM5mNIOUU4-aB-Cwd|pdJt<)P3Zindm&DpbcZX=KGgXS!M
zBm24Dw}5TD-6fk~*yRA8nfyM~7no&spI(lq)*9O0@|<cN@$r3f8Qn%3@Z4|ThUzN#
z+Wu)x>B$H3r<`ykyW?+n&elYYLi%1&%a+=IQhYZdu-UVTG^?E9mgZt{cF@R(_wK^y
z>agrN4<SS4<(n0s9cG-fKw;H)5fmphMUq^ceV6Gm@tGaV+<0Y<Yn^QVtWT#ykLeRq
zl(uPD$iMb0pK)8+4{_68i;X}%mw5X1$N@rI>eLW*Wf?AGNBD$@;?P7Pq;X>;Y7FBz
ziBc|c>dh%U;Q)2(K|zjNU*^kM$dW}VtChWV1*N*7i5MfL=;C+R0rCC4Y33Iaw(;C$
zEH}06#}Y8zjngE<XA^nv7Q6CDtIeH0R4&S`B2#B1KUs7elJyS=IygLkZb<IZL%y?G
zc$0G7W^fai7aF60xAS%xs`L}0J$9AXn{>$&uB@v7QGpiGwd2J7>e4h=D_MVYk)6^}
zY{o2!f#+Ijb?h51Rg&!1rra`5NjpF12G`~G+L;IG%qbR8za0`9OolscpJv~2n`r15
zH#-*Tz>V@8V_D_;;B?ZED|6VPQLKMx9Yad=+!wnqEPqnIx-{ExKXULzx|N&Cr#>hw
z<`PEh(Wfe3)Q<~KCp&RPBwj6wtgIAY`vT~PxkWxT5tvVW)6V0fEvX_sR5Xc=lwRZ}
z$*g=X+uZlAqTZlnKR)hsv$w=Nk=Aq@H-4^kU>5k3;JGlyJnRc1>!))tbsKSmZIOAF
zxMEw$9R2k%G*%*`YyN1Ip04f;qdbwqghSRh4K!28I34B~_2NV3p|7VW{a)zoYq3oq
z%nz$*N|NBUK03RJ=X}dFC;LF$_sVshsFQdaah(dz{i8wIvo?)<0`KD3oMuP89i%V_
z$n;&i1ek(p(HL31$>F-I=rX)oR@1RzrsX=SD$5r#VdAfyQ{ROz-7Zl$LLt)QEL0RU
zBIw{@Stw$$9}aK3Y?6!}o27Xla~fRjCLp+yhsmpju~qMT8~T|R_J8#;T1{qa%hjtZ
zko8yl(43VXI~p}$@r9SDZq4gp>!T-i<8E~IjE&%~jf;`$m8U@O)xwdFQr@PWt5~T9
z>!zhp(UjBv`TG<^3fRpp_$)O17CDT!x!!#PaWz@^(Q_xQX?ctL!QiqTgxv`$U^CI?
zDqY;%Uuv;ZC@Bs@`T{4NqOXgiv?Jv9)r$v-Hf9cH#+qu<mRse!C4FKz1M*;5In!%R
zj7)<-&-^xjX8zJU=9l`F`7!5yGJnGy0AQUGHu5pPr+vjK>qA%oo;U+T8g}lXw*p4D
znTFHLg_4Rmhlw^br+xgXsv;g(8ZNqON{A>zM(G@Lecy&oUdU{f>f00Wi&e2hpHGRa
z;$YOr1jMzpKFwuM1(}SJr-|8&!4;ODSnaq=yEzWM<-W<lq#0kSOy_YFpRMN9{&ehj
zv21IdlzbiWl}(7q0z*pi;3RrZW3{Mwdr@)Qd1crBs@*m&GzgDCjq@ER$EDeM;8eFJ
zL+1R{bQYVCSM9h%kZEGdnZt#Ooh}4)5wE}i_+eVlt9bT=-E35i5<fBute|P@v+5qB
zpx4VXkuJg(f`gNbaWe_WU_PHP{LNlNEg@35_3Bu1iO}wJZ>zrPw@}#Hb6IZws;c*H
z#FOi2g%YPB{UkeMA*Rh(T?1jyLE?opdoAq?*|ka+95sfVhsTAxmuuxz1cX-9b4a*Y
z6_H@y<XD9s5ezMJwR7qF6q#0ZkubY(@J?AAK-@M$zgUR|k9{kmwl&|x4zC)0iT>%q
z3yKeLNi_uR7ZMisM|e^Crv&Y8V1D!y)&FJzA*R19?j!GDp-ZbQtE)#VXXvPl&%nS$
ztE7fckI#h9@Cu(+*4*3%_<;^zmiC32o;f}P9rO1Of@)m!!mRAV%uGxyd~8De^h~Vm
ztW2ze{Pgs~^i1@uj6y;@e}4t=4#I{eHo8`{!Y0}_x`Mho=5KU=tS5xe%);>NVnWQr
z#xHv;vD@}<a}qhS4(ue~w&#TtEz5S~s9WU_#rRGyqY72X!@QsX{&@XsD<jL(uE(b)
zRxWxb@zC+mj^iX9-I&PZRyWD4b<lNVwU;-gb9QyRwa=UO^1o>(xY=QO3q=$_`nyYO
zmo=H9I4gLe!ispTWuxt?3hkl|Xwu%WQJVx~G^!BtQ))?jy|0%zqiMW+pF?0m|8`HU
zS-8m>Wz}69Wfwh1aDBgViiY7(NHM3~!3bq<Bi??7+L3|k9mQ-wXMXC1$NL&eS+18T
zGw;!ZlQtIwqSiK1@ihHC)XAXHcF!V7q2%U+&YZ;&&YNQ%!5@b2Fw$=3^*ntpq+eQo
zC_b$)vck<=U%h*5*E81&o`w?KM1K}zTqucj6=L!b;PLPQ;rxT~6s&j89$@!_OB%eF
zW`os!h?J#86iWxEKJN|V>qW+fnAQNHga4$pkqs01u@*t12d3|Pw%7;zbXbq(sfe0T
zMc)a=!VTd=W;P+j!WQA94dUbI2|#s&(Z1nFf77HM3w@{!wp1^x`~Y4Xmde|?-BW!W
z;e7!D+&uPY_vHdG#Rf5DL?LMeV=bJ|?~kRy6SN3TJn{+<#lCTw_`vNoAdz`mjl(*9
zeDp~RW6Rqp+p|U*;!^ARa3cyE;Mn3JQiC=d9O4a%%XC(p>mYFwvvN6uD~x&k`>I#T
zK9~GOLV{9h_EXv@QEWuvH2!Z~7I2fTk_sQlXi!Z~&Z8VPvNoN;lklh2|C{IsMX>p6
zBRDQDxSyd$2h0iJ)5^&3NyG8*z**Z^>1vz8!Rea4`H=<YKt=4WboJoqfQ^I&j_w~D
zJ_|E5BQw4p{y${&z*~See6xSZ=ox{lcHNUPu(16mV`gQ)FQaE>XZcOW%JSPi80bKa
z^VfSY(6a$s?>!k4BZ&F!|IGYlcg!#OEA!(<{A7Nj69C}8MT~58%s^`S<!(TJV7{*v
zGZQP*{j$t#%#8OfXJKMyy>B^ii7~d{WehC$tz=<irenRQ3kw^|Z}$btSnun?!p6q<
zdwuM`q07Qf&-9xv>`YAe%d#@E{AL>~BP;8D{aAqj{w`x@1+K;R3#LHyn0~vCiGlt1
z>wqh=-7m|=$aWuRRyLO3qJ)*5jsCtbS=rfti$pd$hTnX|M$dlV4th2QR;GLP(X%nq
zG5juLzu$To*w`3Y?&%DaF*E%pV`sjvGZP~_3&TAh0cGrT_hn3U>@4@<fQ5;H^?qw)
z0WPt3AA6vTk>y@}EKKYS^!NM$lrb{i^9M+F-$y_hGicquzxo^`W53sqfHEL3zg@@9
zb}u$qnCTekfouK!QXexNBl~@Ondw-7JoeY?=z%5gV+xY7G5m@>P{z#0_^U2J84LYA
zOo1{sM)qIz1Id`#f7K5pV`cp{HbAo9+roEk|Elv{9>~4_mHjIWK+N9-WPTO^;4T3W
z$c^KWfqTh<ei(od06+#-4r2agFd*|IfY=|brk)MN`U#P9W6}?y;T{YC0H9jXkN;Rp
z#a%6c-)e~>5&_jxul2na2VgCgkbt}NU5oD;fpmfV40Tt_r1P)65Ru4TFN6uW;uHD3
z7y55R{I>=CK;XYD00QE_O!!|6{x8P?s6T+bg#q{jdlgXntyggds|582OS!-I2jpGS
zn9vrRbf97Y=^Hr-eqK-xxWNLzfd9U4_&<)fz;_3MWWX*10C@02_?H99UH)gO?|lp&
zu%-=Q0Z{s_kC}$L(`-`w*FJ{43)shOfc}2%v=3AzRMmaW?rsF!k^jj2oo4g^3xGHj
z=wgh!5)wbk0lzi}+yb{BAOCUqFNghOJpJGH`+vFp{x{bC{}5~Rbd2=$_hvspGDgsf
z@OKgNeZC1KV`aTJqM`>b|9)=-Nl(wfc7K#g&p^)tod5W>KA?>4-UyeTft`)+-e?;n
zV`lz!<Vw#7oOHQ2Vg||B?v3byGFFCrGbg~=6&9v@qgjxQh4G$kKpAjo{j1JQpgxHR
z$ozc3&H$9|Gd~z3R28UCnmzoL`Dxwmm>)R0zytOdtZYDF@6`;H-J8n*&VB=@ZtiQv
z%0_>`EO6KjoT&M=K4v;5`oDU{#!B1JMAzzWe)7khJPX`kX5!&~nTiK~62w=-|NFW2
z|KyTa-)BFyt!(aQI_ZI`F)*{h5fckZ3B!Q^l?4L&hoR#gpi4LRI{A%+C^~=OpwFnt
z@Oy_04+;CHM}_LUM}?e!Sqmn#(E{OJANg+|6$pNGp?}vQ|EouZXxKk$R&%FW_OF`x
z^W517)NKClQQ_Y|#C%sA*xmmR9%8l;{-{~)on~40Gz<T!*__j#F(dk4V1|td3*Z8l
z2c`Rs3_u2T=gqlmpl0wO?dsXUYCu}GZ}^7;AFnPezCZW@i-O{768Vo-*4<f|dC$s~
zpH|M0f>ikT_><h7{-5Fh{LvpZtH0AM<5$fBIR2s8(4RFU{$FTj1k~&g_}|6s+|}>+
z2XKJ!FZca%>pT3*QU7RV!=07s_pA*5Y2}pLpRN4vp8pyCcxZprtnp5>w0oK@{M2lc
z^3R%){Q%*A(lTHES+k})%~F5WERf}=X2HPeG~o7c+3Y_ZUVzx_`|#qfzB_MP05$tV
zWYmH*o4foMk+C5C5DZW@^}VL=EpzzKb=|ehxr^WH3IsAg;I@qEuXO>Q!U7tB0#N#m
zF^Zw?+R~iqzpM)ra4YzotbG4EAVUGz|GWW!;z#c9eEAFj_5kE}tsmF_-GB_nyjQ_L
zxci@D%OB-Hyj2JM^|LeZGbjNq`gKax46OMs2J(Rx{bfou&_5xH9vwLNH5@~|tBU_u
zi$KHQ@7sTB5%`_gGjL!5;lP5R^c%WfP<L&3F7a1%>CxLa0{f+b=%OOr-BbCmx<CPk
zu0OZ$4e9UOFy;^K@1qJriwhSPPztONlzu}i8?5CHEt`92^#jqe0-=={ai@#(uNwXn
zt^ZU*t{)mkKzY*27k7jGJpS}EI^TyoIpE><0lPTV_ai>=_8=>aNMQkwfGz^1`#6I=
zfNH#JT~F`fY}LLIBn`sZ8Uk1f02u$P6_5afJ0WOC^&|IpQOpjUCjtLQsefiX01xjz
zKm+$61@VCi)JEKaNg0@clmpNN$N@kt;2{7slY)6yLQvF926XoRh6xn>ybg3u!k$m(
z=QV$o%Lp630m(rKJt2byPylZZO85N?h7HyVLTK^!S3d_yCqyww0{v_-_r3nTUlIDJ
zpZ`;YRDcM96rlN#)8+N~pML)7@1Mszh(N02gLWWmzi&U`Km>jSP1M8!k01o`f$68^
zFu?p@5xE7!14{mR9v_(hiHyYEDIvf-1mOL@n)m@B_nI6QPzfvpO7~+6@ENM<F1D<G
zjV%Vr_KjdcU~Jt`f}9R?^<R-g0%+X{K|AUnxxb68X8>X_(53eg&;r_S4-7h`A2B2W
z;0NYR0B-^M07HNofCk7HZvc9CG0+0E1P)jWDBX_%z!g{<$dV=8Ut=Ix5Eui4z!=b9
z{oWw@f3@VFG4P*S0t*lY`2MgObolA>pU3-c{%2eN+4k{)Wk3nEVg6#bD}WwouQWgq
zAPhWboe8=E{Ff{K9Wvq6f8^=AK4UKKo{tCHH$pIhKE4J)2HfuP^!JtxIza>40k^;N
zF{oXGw);K?MPWJ3A9=d{&Uco-`Yr@BA&QX(<h!J+yNdrUPyeSHa@|$)Kih$<&}020
zPv7-6bC|#4%t!;oITncXmDhK2y~oqi|4@haNAB-%{{J#hPXZD815bB={JaPnLHy<E
zB_uW>iU|(rXT5&yI|%+QPyeR~{cm|%;fE(sfXDy0c>0>{k34<X!_Arh8e2?o?Hi$i
zz}UKEg1S@r9#4z@umkwj_K)1(#nw-rzK_8F6P^}g|07R#-nDhm)68FD0Jy4f6jLxL
z2Ih6|RQ<O+{hwO$e>ND)=_gir%V}^8c7GaL9QU1gH8BAc$Lbv5kU=Y_9iTDG0IWSA
zfKVL6%4zgC29<DH)_BY5)8M$vLyfzM3Bb5}1&q7Y`M<y}Kr5#aQ*Xq&kkWFx$%O}B
aZ}kMo7xzD+h4U+5I6naOR@c_Tf)oI=2G{)n

literal 0
HcmV?d00001

diff --git a/testing/btest/scripts/base/protocols/smb/smb2.test b/testing/btest/scripts/base/protocols/smb/smb2.test
new file mode 100644
index 0000000000..b935175204
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/smb/smb2.test
@@ -0,0 +1,8 @@
+# @TEST-EXEC: bro -r $TRACES/smb/smb2.pcap %INPUT
+# @TEST-EXEC: btest-diff smb_files.log
+# @TEST-EXEC: btest-diff smb_mapping.log
+# @TEST-EXEC: btest-diff files.log
+# @TEST-EXEC: test ! -f dpd.log
+# @TEST-EXEC: test ! -f weird.log
+
+@load base/protocols/smb

From c63ad1cdcf98080fd3ce4bfa352b267f621caa4c Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 7 Mar 2016 16:03:31 -0500
Subject: [PATCH 31/84] Add a signature for SMB

---
 scripts/base/protocols/smb/__load__.bro | 4 +++-
 scripts/base/protocols/smb/dpd.sig      | 5 +++++
 2 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 scripts/base/protocols/smb/dpd.sig

diff --git a/scripts/base/protocols/smb/__load__.bro b/scripts/base/protocols/smb/__load__.bro
index bfaf121fe1..0d9de8c984 100644
--- a/scripts/base/protocols/smb/__load__.bro
+++ b/scripts/base/protocols/smb/__load__.bro
@@ -5,4 +5,6 @@
 @load ./pipe
 @load ./smb1-main
 @load ./smb2-main
-@load ./files
\ No newline at end of file
+@load ./files
+
+@load-sigs ./dpd.sig
diff --git a/scripts/base/protocols/smb/dpd.sig b/scripts/base/protocols/smb/dpd.sig
new file mode 100644
index 0000000000..c7bd691cb5
--- /dev/null
+++ b/scripts/base/protocols/smb/dpd.sig
@@ -0,0 +1,5 @@
+signature dpd_smb {
+	ip-proto == tcp
+	payload /^....[\xfe\xff]SMB/
+	enable "smb"
+}
\ No newline at end of file

From 90559a3372475df869339db71a02cecd50ebf0de Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 8 Mar 2016 11:28:32 -0500
Subject: [PATCH 32/84] Disabled the attempt at support for the SMB2 SetInfo
 message.

It was causing reporter warnings and was so wildly incomplete
that it provided no benefit.
---
 scripts/base/protocols/smb/smb2-main.bro      | 10 ++++---
 .../protocol/smb/smb2-com-set-info.pac        | 28 +++++++++----------
 2 files changed, 20 insertions(+), 18 deletions(-)

diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index 615c7c44b0..bb55eda34e 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -154,10 +154,12 @@ event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID
 	SMB::write_file_log(c$smb_state);
 	}
 
-event smb2_set_info_request(c: connection, hdr: SMB2::Header, request: SMB2::SetInfoRequest) &priority=5
-	{
-	c$smb_state$current_file$size = request$eof;
-	}
+# This is commented out for now because the message type in the SMB analyzer
+# is no where near complete.
+#event smb2_set_info_request(c: connection, hdr: SMB2::Header, request: SMB2::SetInfoRequest) &priority=5
+#	{
+#	c$smb_state$current_file$size = request$eof;
+#	}
 
 event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
 	{
diff --git a/src/analyzer/protocol/smb/smb2-com-set-info.pac b/src/analyzer/protocol/smb/smb2-com-set-info.pac
index 95d5adcbbf..5a5570f86f 100644
--- a/src/analyzer/protocol/smb/smb2-com-set-info.pac
+++ b/src/analyzer/protocol/smb/smb2-com-set-info.pac
@@ -9,19 +9,19 @@ refine connection SMB_Conn += {
 
 	function proc_smb2_set_info_request(h: SMB2_Header, val: SMB2_set_info_request): bool
 		%{
-		if ( smb2_set_info_request && 
-		     ${val.info_type} == SMB2_0_INFO_FILE &&
-		     ${val.file_info_class} == 0x14 )
-			{
-			RecordVal* req = new RecordVal(BifType::Record::SMB2::SetInfoRequest);
-			//req->Assign(0, new Val(${val.eof}, TYPE_COUNT));
-			req->Assign(0, new Val(0, TYPE_COUNT));
-
-			BifEvent::generate_smb2_set_info_request(bro_analyzer(),
-			                                         bro_analyzer()->Conn(),
-			                                         BuildSMB2HeaderVal(h),
-			                                         req);
-			}
+		//if ( smb2_set_info_request && 
+		//     ${val.info_type} == SMB2_0_INFO_FILE &&
+		//     ${val.file_info_class} == 0x14 )
+		//	{
+		//	RecordVal* req = new RecordVal(BifType::Record::SMB2::SetInfoRequest);
+		//	//req->Assign(0, new Val(${val.eof}, TYPE_COUNT));
+		//	req->Assign(0, new Val(0, TYPE_COUNT));
+		//	
+		//	BifEvent::generate_smb2_set_info_request(bro_analyzer(),
+		//	                                         bro_analyzer()->Conn(),
+		//	                                         BuildSMB2HeaderVal(h),
+		//	                                         req);
+		//	}
 
 		return true;
 		%}
@@ -43,7 +43,7 @@ type SMB2_set_info_request(header: SMB2_Header) = record {
 	# TODO: a new structure needs to be created for this.
 	#eof                 : uint64;
 } &let {
-	proc: bool = $context.connection.proc_smb2_set_info_request(header, this);
+	#proc: bool = $context.connection.proc_smb2_set_info_request(header, this);
 };
 
 type SMB2_set_info_response(header: SMB2_Header) = record {

From e8064ff189eaca2ba5d1f81753a38b3854ddf757 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 8 Mar 2016 11:30:58 -0500
Subject: [PATCH 33/84] Whitespace cleanup to the NTLM SSP file.

---
 src/analyzer/protocol/smb/smb-ntlmssp.pac | 307 +++++++++++-----------
 1 file changed, 156 insertions(+), 151 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
index bcb27b9b9b..d7cb8511ff 100644
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -2,32 +2,32 @@ refine connection SMB_Conn += {
 	function build_negotiate_flag_record(val: SMB_NTLM_Negotiate_Flags): BroVal
 		%{
 		RecordVal* flags = new RecordVal(BifType::Record::SMB::NTLMNegotiateFlags);
-		flags->Assign(0, new Val(${val.negotiate_56}, 							TYPE_BOOL));
-		flags->Assign(1, new Val(${val.negotiate_key_exch}, 					TYPE_BOOL));
-		flags->Assign(2, new Val(${val.negotiate_128}, 							TYPE_BOOL));
-		flags->Assign(3, new Val(${val.negotiate_version}, 						TYPE_BOOL));
-		flags->Assign(4, new Val(${val.negotiate_target_info}, 					TYPE_BOOL));
+		flags->Assign(0, new Val(${val.negotiate_56}, TYPE_BOOL));
+		flags->Assign(1, new Val(${val.negotiate_key_exch}, TYPE_BOOL));
+		flags->Assign(2, new Val(${val.negotiate_128}, TYPE_BOOL));
+		flags->Assign(3, new Val(${val.negotiate_version}, TYPE_BOOL));
+		flags->Assign(4, new Val(${val.negotiate_target_info}, TYPE_BOOL));
 
-		flags->Assign(5, new Val(${val.request_non_nt_session_key}, 			TYPE_BOOL));
-		flags->Assign(6, new Val(${val.negotiate_identify}, 					TYPE_BOOL));
-		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity}, 	TYPE_BOOL));
-		flags->Assign(8, new Val(${val.target_type_server}, 					TYPE_BOOL));
-		flags->Assign(9, new Val(${val.target_type_domain}, 					TYPE_BOOL));
+		flags->Assign(5, new Val(${val.request_non_nt_session_key}, TYPE_BOOL));
+		flags->Assign(6, new Val(${val.negotiate_identify}, TYPE_BOOL));
+		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity}, TYPE_BOOL));
+		flags->Assign(8, new Val(${val.target_type_server}, TYPE_BOOL));
+		flags->Assign(9, new Val(${val.target_type_domain}, TYPE_BOOL));
 
-		flags->Assign(10, new Val(${val.negotiate_always_sign}, 				TYPE_BOOL));
-		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, 	TYPE_BOOL));
-		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied}, 		TYPE_BOOL));
-		flags->Assign(13, new Val(${val.negotiate_anonymous_connection}, 		TYPE_BOOL));
-		flags->Assign(14, new Val(${val.negotiate_ntlm}, 						TYPE_BOOL));
+		flags->Assign(10, new Val(${val.negotiate_always_sign}, TYPE_BOOL));
+		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, TYPE_BOOL));
+		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied}, TYPE_BOOL));
+		flags->Assign(13, new Val(${val.negotiate_anonymous_connection}, TYPE_BOOL));
+		flags->Assign(14, new Val(${val.negotiate_ntlm}, TYPE_BOOL));
 
-		flags->Assign(15, new Val(${val.negotiate_lm_key}, 						TYPE_BOOL));
-		flags->Assign(16, new Val(${val.negotiate_datagram}, 					TYPE_BOOL));
-		flags->Assign(17, new Val(${val.negotiate_seal}, 						TYPE_BOOL));
-		flags->Assign(18, new Val(${val.negotiate_sign}, 						TYPE_BOOL));
-		flags->Assign(19, new Val(${val.request_target}, 						TYPE_BOOL));
+		flags->Assign(15, new Val(${val.negotiate_lm_key}, TYPE_BOOL));
+		flags->Assign(16, new Val(${val.negotiate_datagram}, TYPE_BOOL));
+		flags->Assign(17, new Val(${val.negotiate_seal}, TYPE_BOOL));
+		flags->Assign(18, new Val(${val.negotiate_sign}, TYPE_BOOL));
+		flags->Assign(19, new Val(${val.request_target}, TYPE_BOOL));
 
-		flags->Assign(20, new Val(${val.negotiate_oem}, 						TYPE_BOOL));
-		flags->Assign(21, new Val(${val.negotiate_unicode}, 					TYPE_BOOL));
+		flags->Assign(20, new Val(${val.negotiate_oem}, TYPE_BOOL));
+		flags->Assign(21, new Val(${val.negotiate_unicode}, TYPE_BOOL));
 
 		return flags;
 		%}
@@ -37,7 +37,7 @@ refine connection SMB_Conn += {
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMVersion);
 		result->Assign(0, new Val(${val.major_version}, TYPE_COUNT));
 		result->Assign(1, new Val(${val.minor_version}, TYPE_COUNT));
-		result->Assign(2, new Val(${val.build_number}, 	TYPE_COUNT));
+		result->Assign(2, new Val(${val.build_number},  TYPE_COUNT));
 		result->Assign(3, new Val(${val.ntlm_revision}, TYPE_COUNT));
 
 		return result;
@@ -46,8 +46,10 @@ refine connection SMB_Conn += {
 	function build_av_record(val: SMB_NTLM_AV_Pair_Sequence): BroVal
 		%{
 		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAVs);
-		for ( uint i = 0; ${val.pairs[i].id} != 0; i++ ) {
-			switch ( ${val.pairs[i].id} ) {
+		for ( uint i = 0; ${val.pairs[i].id} != 0; i++ )
+			{
+			switch ( ${val.pairs[i].id} ) 
+				{
 				case 1:
 					result->Assign(0, uint8s_to_stringval(${val.pairs[i].nb_computer_name.data}));
 					break;
@@ -75,8 +77,8 @@ refine connection SMB_Conn += {
 				case 9:
 					result->Assign(8, uint8s_to_stringval(${val.pairs[i].target_name.data}));
 					break;
+				}
 			}
-		}
 		return result;
 		%}
 
@@ -84,13 +86,14 @@ refine connection SMB_Conn += {
 		%{
 		if ( ${val.gssapi.is_init} )
 			return true;
+
 		for ( uint i = 0; i < ${val.gssapi.resp.args}->size(); ++i )
 			{
 			switch ( ${val.gssapi.resp.args[i].seq_meta.index} )
 				{
 				case 0:
 					if ( ${val.gssapi.resp.args[i].args.neg_state} == 0 )
-					 	BifEvent::generate_smb_ntlm_accepted(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
+						BifEvent::generate_smb_ntlm_accepted(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
 					break;
 				default:
 					break;
@@ -158,137 +161,139 @@ refine connection SMB_Conn += {
 
 		return true;
 		%}
-
 };
 
 type GSSAPI_NEG_TOKEN(header: SMB_Header) = record {
-	wrapper 		 : ASN1EncodingMeta;
-	have_oid	     : case is_init of {
-		true  -> oid: ASN1Encoding;
-		false -> no_oid: empty;
+	wrapper  : ASN1EncodingMeta;
+	have_oid : case is_init of {
+		true  -> oid    : ASN1Encoding;
+		false -> no_oid : empty;
 	};
-	have_init_wrapper: case is_init of {
-		true  -> init_wrapper: ASN1EncodingMeta;
-		false -> no_init_wrapper: empty;
+	have_init_wrapper : case is_init of {
+		true  -> init_wrapper    : ASN1EncodingMeta;
+		false -> no_init_wrapper : empty;
 	};
-	msg_type         : case is_init of {
+	msg_type : case is_init of {
 		true  -> init: GSSAPI_NEG_TOKEN_INIT(header);
 		false -> resp: GSSAPI_NEG_TOKEN_RESP(header);
 	};
 } &let {
-	is_init: bool = wrapper.tag == 0x60;
+	is_init: bool = (wrapper.tag == 0x60);
 };
 
 type GSSAPI_NEG_TOKEN_INIT(header: SMB_Header) = record {
-	seq_meta: ASN1EncodingMeta;
-	args	: GSSAPI_NEG_TOKEN_INIT_Arg(header)[];
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_INIT_Arg(header)[];
 };
 
 type GSSAPI_NEG_TOKEN_INIT_Arg(header: SMB_Header) = record {
-	seq_meta: ASN1EncodingMeta;
-	args	: GSSAPI_NEG_TOKEN_INIT_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_INIT_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
 };
 
 type GSSAPI_NEG_TOKEN_INIT_Arg_Data(header: SMB_Header, index: uint8) = case index of {
 	0 -> mech_type_list : ASN1Encoding;
-	1 -> req_flags		: ASN1Encoding;
-	2 -> mech_token		: SMB_NTLM_SSP_Token(header);
-	3 -> mech_list_mic	: ASN1OctetString;
+	1 -> req_flags      : ASN1Encoding;
+	2 -> mech_token     : SMB_NTLM_SSP_Token(header);
+	3 -> mech_list_mic  : ASN1OctetString;
 };
 
 type GSSAPI_NEG_TOKEN_RESP(header: SMB_Header) = record {
-	seq_meta: ASN1EncodingMeta;
-	args	: GSSAPI_NEG_TOKEN_RESP_Arg(header)[];
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_RESP_Arg(header)[];
 };
 
 type GSSAPI_NEG_TOKEN_RESP_Arg(header: SMB_Header) = record {
-	seq_meta: ASN1EncodingMeta;
-	args	: GSSAPI_NEG_TOKEN_RESP_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_RESP_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
 };
 
 type GSSAPI_NEG_TOKEN_RESP_Arg_Data(header: SMB_Header, index: uint8) = case index of {
-	0 -> neg_state		: ASN1Integer;
-	1 -> supported_mech	: ASN1Encoding;
-	2 -> response_token	: SMB_NTLM_SSP_Token(header);
-	3 -> mech_list_mic	: ASN1OctetString;
+	0        -> neg_state      : ASN1Integer;
+	1        -> supported_mech : ASN1Encoding;
+	2        -> response_token : SMB_NTLM_SSP_Token(header);
+	3        -> mech_list_mic  : ASN1OctetString;
 };
 
 type SMB_NTLM_SSP(header: SMB_Header) = record {
 	gssapi: GSSAPI_NEG_TOKEN(header);
 } &let {
-	proc:        bool = $context.connection.proc_smb_ntlm_ssp(header, this);
+	proc: bool = $context.connection.proc_smb_ntlm_ssp(header, this);
 };
 
 type SMB_NTLM_SSP_Token(header: SMB_Header) = record {
-	meta		: ASN1EncodingMeta;
-	signature	: bytestring &length=8;
-	msg_type 	: uint32;
-	msg      	: case msg_type of {
-	 	1 -> negotiate   	: SMB_NTLM_Negotiate(header, offsetof(msg) - offsetof(signature));
-		2 -> challenge		: SMB_NTLM_Challenge(header, offsetof(msg) - offsetof(signature));
-		3 -> authenticate	: SMB_NTLM_Authenticate(header, offsetof(msg) - offsetof(signature));
-	};	 
+	meta        : ASN1EncodingMeta;
+	signature   : bytestring &length=8;
+	msg_type    : uint32;
+	msg         : case msg_type of {
+		1       -> negotiate    : SMB_NTLM_Negotiate(header, offsetof(msg) - offsetof(signature));
+		2       -> challenge    : SMB_NTLM_Challenge(header, offsetof(msg) - offsetof(signature));
+		3       -> authenticate : SMB_NTLM_Authenticate(header, offsetof(msg) - offsetof(signature));
+	};
 };
 
 type SMB_NTLM_Negotiate(header: SMB_Header, offset: uint16) = record {
-	flags		   		: SMB_NTLM_Negotiate_Flags;
-	domain_name_fields 	: SMB_NTLM_StringData;
-	workstation_fields	: SMB_NTLM_StringData;
-	version_present	  	: case flags.negotiate_version of {
-		true  -> version	: SMB_NTLM_Version;
-		false -> no_version	: empty;
+	flags               : SMB_NTLM_Negotiate_Flags;
+	domain_name_fields  : SMB_NTLM_StringData;
+	workstation_fields  : SMB_NTLM_StringData;
+	version_present     : case flags.negotiate_version of {
+		true  -> version    : SMB_NTLM_Version;
+		false -> no_version : empty;
 	};
-	payload		   		: bytestring &restofdata;
+	payload             : bytestring &restofdata;
 } &let {
-	absolute_offset	: uint16 = offsetof(payload) + offset;
-	domain_name	   	: SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
-	workstation	   	: SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
-	proc		   	: bool = $context.connection.proc_smb_ntlm_negotiate(header, this);
+	absolute_offset : uint16 = offsetof(payload) + offset;
+	domain_name     : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
+	workstation     : SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
+	
+	proc            : bool = $context.connection.proc_smb_ntlm_negotiate(header, this);
 };
 
 type SMB_NTLM_Challenge(header: SMB_Header, offset: uint16) = record {
-	target_name_fields	: SMB_NTLM_StringData;
-	flags		   		: SMB_NTLM_Negotiate_Flags;
-	challenge	   		: uint64;
-	reserved	   		: padding[8];
-	target_info_fields 	: SMB_NTLM_StringData;
-	version_present	   	: case flags.negotiate_version of {
-		true  -> version	: SMB_NTLM_Version;
-		false -> no_version	: empty;
+	target_name_fields  : SMB_NTLM_StringData;
+	flags               : SMB_NTLM_Negotiate_Flags;
+	challenge           : uint64;
+	reserved            : padding[8];
+	target_info_fields  : SMB_NTLM_StringData;
+	version_present     : case flags.negotiate_version of {
+		true  -> version    : SMB_NTLM_Version;
+		false -> no_version : empty;
 	};
-	payload            	: bytestring &restofdata;
+	payload             : bytestring &restofdata;
 } &let {
-	absolute_offset	: uint16 = offsetof(payload) + offset;
-	target_name	   	: SMB_NTLM_String(target_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.request_target);
-	target_info	   	: SMB_NTLM_AV_Pair_Sequence(target_info_fields.offset - absolute_offset) withinput payload &if(flags.negotiate_target_info);
-	proc		   	: bool = $context.connection.proc_smb_ntlm_challenge(header, this);
+	absolute_offset : uint16 = offsetof(payload) + offset;
+	target_name     : SMB_NTLM_String(target_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.request_target);
+	target_info     : SMB_NTLM_AV_Pair_Sequence(target_info_fields.offset - absolute_offset) withinput payload &if(flags.negotiate_target_info);
+	
+	proc            : bool = $context.connection.proc_smb_ntlm_challenge(header, this);
 };
 
 type SMB_NTLM_Authenticate(header: SMB_Header, offset: uint16) = record {
-	lm_challenge_response_fields: SMB_NTLM_StringData;
-	nt_challenge_response_fields: SMB_NTLM_StringData;
-	domain_name_fields	     	: SMB_NTLM_StringData;
-	user_name_fields	     	: SMB_NTLM_StringData;
-	workstation_fields	     	: SMB_NTLM_StringData;
-	encrypted_session_key_fields: SMB_NTLM_StringData;
-	flags		             	: SMB_NTLM_Negotiate_Flags;
-	version_present	   			: case flags.negotiate_version of {
-		true  -> version	: SMB_NTLM_Version;
-		false -> no_version	: empty;
+	lm_challenge_response_fields : SMB_NTLM_StringData;
+	nt_challenge_response_fields : SMB_NTLM_StringData;
+	domain_name_fields           : SMB_NTLM_StringData;
+	user_name_fields             : SMB_NTLM_StringData;
+	workstation_fields           : SMB_NTLM_StringData;
+	encrypted_session_key_fields : SMB_NTLM_StringData;
+	flags                        : SMB_NTLM_Negotiate_Flags;
+	version_present              : case flags.negotiate_version of {
+		true  -> version    : SMB_NTLM_Version;
+		false -> no_version : empty;
 	};
 
 #   Windows NT, 2000, XP, and 2003 don't have the MIC field
 #	TODO - figure out how to parse this for those that do have it
-#	mic		             		: bytestring &length=16;
+#	mic                         : bytestring &length=16;
 
-	payload			     		: bytestring &restofdata;
+	payload                     : bytestring &restofdata;
 } &let {
-	absolute_offset			: uint16 = offsetof(payload) + offset;
-	domain_name				: SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(domain_name_fields.length > 0);
-	user_name				: SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
-	workstation				: SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(workstation_fields.length > 0);
-	encrypted_session_key	: SMB_NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
-	proc					: bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
+	absolute_offset       : uint16 = offsetof(payload) + offset;
+	domain_name           : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(domain_name_fields.length > 0);
+	user_name             : SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
+	workstation           : SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(workstation_fields.length > 0);
+	encrypted_session_key : SMB_NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
+
+	proc                  : bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
 };
 
 type SMB_NTLM_Version = record {
@@ -302,7 +307,7 @@ type SMB_NTLM_Version = record {
 type SMB_NTLM_StringData = record {
 	length     : uint16;
 	max_length : uint16;
-	offset	   : uint32;
+	offset     : uint32;
 };
 
 type SMB_Fixed_Length_String(unicode: bool) = record {
@@ -310,13 +315,13 @@ type SMB_Fixed_Length_String(unicode: bool) = record {
 };
 
 type SMB_NTLM_String(fields: SMB_NTLM_StringData, offset: uint16, unicode: bool) = record {
-	      : padding to fields.offset - offset;
-	string: SMB_Fixed_Length_String(unicode) &length=fields.length;
+	pad1   : padding to fields.offset - offset;
+	string : SMB_Fixed_Length_String(unicode) &length=fields.length;
 };
 
 type SMB_NTLM_AV_Pair_Sequence(offset: uint16) = record {
-	     : padding to offset;
-	pairs: SMB_NTLM_AV_Pair[] &until ($element.last);
+	pad1  : padding to offset;
+	pairs : SMB_NTLM_AV_Pair[] &until($element.last);
 };
 
 type SMB_NTLM_AV_Pair = record {
@@ -344,14 +349,14 @@ type SMB_NTLM_AV_Pair = record {
 };
 
 type SMB_NTLM_Single_Host = record {
-	size	    : uint32;
-	padpad	    : padding[4];
-	data_present: uint32;
-	optional    : case custom_data_present of {
+	size         : uint32;
+	padpad       : padding[4];
+	data_present : uint32;
+	optional     : case custom_data_present of {
 		true  -> custom_data : bytestring &length=4;
 		false -> nothing     : empty;
 	};
-	machine_id	: uint32;
+	machine_id   : uint32;
 } &let {
 	custom_data_present: bool = (data_present & 0x00000001) > 0;
 };
@@ -360,64 +365,64 @@ type SMB_LM_Response(offset: uint16) = record {
 	# This can be either LM (24 byte response) or
 	# LMv2 (16 byte response + 8 byte client challenge. No way to
 	# know for sure.
-	padpad  : padding to offset;
-	response: bytestring &length=24;
+	padpad   : padding to offset;
+	response : bytestring &length=24;
 };
 
 type SMB_NTLM_Response(offset: uint16) = record {
-	padpad  : padding to offset;
-	response: bytestring &length=24;
+	padpad   : padding to offset;
+	response : bytestring &length=24;
 };
 
 type SMB_NTLMv2_Response(flags: SMB_NTLM_Negotiate_Flags, offset: uint16) = record {
-	padpad          : padding to offset;
-	response        : bytestring &length=16;
-	client_challenge: SMB_NTLMv2_Client_Challenge(flags);
+	padpad           : padding to offset;
+	response         : bytestring &length=16;
+	client_challenge : SMB_NTLMv2_Client_Challenge(flags);
 };
 
 type SMB_NTLMv2_Client_Challenge(flags: SMB_NTLM_Negotiate_Flags) = record {
-	resp_type	 	: uint8;
-	max_resp_type	: uint8;
-	reserved	 	: padding[6];
-	timestamp	 	: uint64;
-	client_challenge: bytestring &length=8;
-	reserved2	 	: padding[4];
-	av_pairs	 	: SMB_NTLM_AV_Pair_Sequence(0);
+	resp_type        : uint8;
+	max_resp_type    : uint8;
+	reserved         : padding[6];
+	timestamp        : uint64;
+	client_challenge : bytestring &length=8;
+	reserved2        : padding[4];
+	av_pairs         : SMB_NTLM_AV_Pair_Sequence(0);
 };
 
 type SMB_NTLM_Negotiate_Flags = record {
 	flags: uint32;
 } &let {
-	negotiate_56						: bool = (flags & 0x80000000) > 0;
-	negotiate_key_exch					: bool = (flags & 0x40000000) > 0;
-	negotiate_128						: bool = (flags & 0x20000000) > 0;
+	negotiate_56                        : bool = (flags & 0x80000000) > 0;
+	negotiate_key_exch                  : bool = (flags & 0x40000000) > 0;
+	negotiate_128                       : bool = (flags & 0x20000000) > 0;
 	
-	negotiate_version					: bool = (flags & 0x02000000) > 0;
+	negotiate_version                   : bool = (flags & 0x02000000) > 0;
 	
-	negotiate_target_info				: bool = (flags & 0x00800000) > 0;
-	request_non_nt_session_key			: bool = (flags & 0x00400000) > 0;
-	negotiate_identify					: bool = (flags & 0x00100000) > 0;
+	negotiate_target_info               : bool = (flags & 0x00800000) > 0;
+	request_non_nt_session_key          : bool = (flags & 0x00400000) > 0;
+	negotiate_identify                  : bool = (flags & 0x00100000) > 0;
 	
-	negotiate_extended_sessionsecurity	: bool = (flags & 0x00040000) > 0;
-	target_type_server					: bool = (flags & 0x00020000) > 0;
-	target_type_domain					: bool = (flags & 0x00010000) > 0;
+	negotiate_extended_sessionsecurity  : bool = (flags & 0x00040000) > 0;
+	target_type_server                  : bool = (flags & 0x00020000) > 0;
+	target_type_domain                  : bool = (flags & 0x00010000) > 0;
 
-	negotiate_always_sign				: bool = (flags & 0x00008000) > 0;
-	negotiate_oem_workstation_supplied	: bool = (flags & 0x00002000) > 0;
-	negotiate_oem_domain_supplied		: bool = (flags & 0x00001000) > 0;
+	negotiate_always_sign               : bool = (flags & 0x00008000) > 0;
+	negotiate_oem_workstation_supplied  : bool = (flags & 0x00002000) > 0;
+	negotiate_oem_domain_supplied       : bool = (flags & 0x00001000) > 0;
 
-	negotiate_anonymous_connection		: bool = (flags & 0x00000400) > 0;
-	negotiate_ntlm						: bool = (flags & 0x00000100) > 0;
+	negotiate_anonymous_connection      : bool = (flags & 0x00000400) > 0;
+	negotiate_ntlm                      : bool = (flags & 0x00000100) > 0;
 
-	negotiate_lm_key					: bool = (flags & 0x00000080) > 0;
-	negotiate_datagram					: bool = (flags & 0x00000040) > 0;
-	negotiate_seal						: bool = (flags & 0x00000020) > 0;
+	negotiate_lm_key                    : bool = (flags & 0x00000080) > 0;
+	negotiate_datagram                  : bool = (flags & 0x00000040) > 0;
+	negotiate_seal                      : bool = (flags & 0x00000020) > 0;
 
-	negotiate_sign						: bool = (flags & 0x00000008) > 0;
-	request_target						: bool = (flags & 0x00000004) > 0;
-	negotiate_oem						: bool = (flags & 0x00000002) > 0;
-	negotiate_unicode					: bool = (flags & 0x00000001) > 0;
+	negotiate_sign                      : bool = (flags & 0x00000008) > 0;
+	request_target                      : bool = (flags & 0x00000004) > 0;
+	negotiate_oem                       : bool = (flags & 0x00000002) > 0;
+	negotiate_unicode                   : bool = (flags & 0x00000001) > 0;
 
-	is_oem								: bool = !negotiate_unicode && negotiate_oem;
-	is_invalid							: bool = !negotiate_unicode && !negotiate_oem;
+	is_oem                              : bool = !negotiate_unicode && negotiate_oem;
+	is_invalid                          : bool = !negotiate_unicode && !negotiate_oem;
 };

From ad5f74b163e170e542e709dcac15af120fddd0f8 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 8 Mar 2016 11:31:53 -0500
Subject: [PATCH 34/84] Fix a with missing default cases in NTLM case switches.

This prevents some reporter messages since there are
clearly things being seen on the wire that don't fit
into the message types being handled.
---
 src/analyzer/protocol/smb/smb-ntlmssp.pac | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
index d7cb8511ff..0aef66d353 100644
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ b/src/analyzer/protocol/smb/smb-ntlmssp.pac
@@ -213,6 +213,7 @@ type GSSAPI_NEG_TOKEN_RESP_Arg_Data(header: SMB_Header, index: uint8) = case ind
 	1        -> supported_mech : ASN1Encoding;
 	2        -> response_token : SMB_NTLM_SSP_Token(header);
 	3        -> mech_list_mic  : ASN1OctetString;
+	default  -> def            : bytestring &restofdata &transient;
 };
 
 type SMB_NTLM_SSP(header: SMB_Header) = record {
@@ -229,6 +230,7 @@ type SMB_NTLM_SSP_Token(header: SMB_Header) = record {
 		1       -> negotiate    : SMB_NTLM_Negotiate(header, offsetof(msg) - offsetof(signature));
 		2       -> challenge    : SMB_NTLM_Challenge(header, offsetof(msg) - offsetof(signature));
 		3       -> authenticate : SMB_NTLM_Authenticate(header, offsetof(msg) - offsetof(signature));
+		default -> def          : bytestring &restofdata &transient;
 	};
 };
 

From ba144252cbc1216577649f4451a11cca225f2d61 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 9 Mar 2016 04:20:24 -0500
Subject: [PATCH 35/84] Cut out some problematic SMB2 create parsing.

I still haven't figured out exactly how to parse create contexts
and create reqeusts are an important message type.  Right
now the create context sections are just not parsed or used.
---
 src/analyzer/protocol/smb/smb2-com-create.pac   | 17 +++++++++++------
 .../smb_files.log                               |  8 +++++---
 2 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb2-com-create.pac b/src/analyzer/protocol/smb/smb2-com-create.pac
index 870298aef9..4cd7abdf25 100644
--- a/src/analyzer/protocol/smb/smb2-com-create.pac
+++ b/src/analyzer/protocol/smb/smb2-com-create.pac
@@ -49,9 +49,12 @@ type SMB2_create_context = record {
 	data_offset       : uint16;
 	data_len          : uint32;
 	name_pad          : padding to name_offset;
-	name              : SMB2_string(name_len);
+	# The strings with +2 are to account for terminating null bytes (UTF-16 NULLS)
+	# TODO-I'm not sure if what I'm doing here is correct.  This may need to be
+	# evaluated still.
+	name              : SMB2_string(name_len==0 ? 2 : name_len);
 	data_pad          : padding to data_offset;
-	data              : SMB2_string(data_len);
+	data              : SMB2_string(data_len==0 ? 2 : data_len);
 	next_context_pad  : padding to next_offset;
 };
 
@@ -77,10 +80,12 @@ type SMB2_create_request(header: SMB2_Header) = record {
 	# be set to zero so we need to deal with that to avoid
 	# negative wrap around in the padding.
 	context_pad         : padding to (context_offset==0 ? 0 : context_offset - header.head_length);
-	create : case context_len of {
-		0       -> blank    : empty;
-		default -> contexts : SMB2_create_context[] &length=context_len;
-	};
+	# TODO: skip this data for now.  It's shown to be a bit difficult.
+	#create : case context_len of {
+	#	0       -> blank    : empty;
+	#	default -> contexts : SMB2_create_context[] &length=context_len;
+	#};
+	contexts : bytestring &length=context_len &transient;
 } &let {
 	proc : bool = $context.connection.proc_smb2_create_request(header, this);
 };
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
index 7892e90f09..a8baf77cac 100644
--- a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
@@ -3,9 +3,11 @@
 #empty_field	(empty)
 #unset_field	-
 #path	smb_files
-#open	2016-03-07-17-23-56
+#open	2016-03-09-08-45-09
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
 #types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
-1403194573.484358	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	(empty)	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
+1403194573.483536	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	(empty)	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
 1403194573.484701	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	Test	0	1403193632.973276	1403193632.973276	1403193604.628965	1403193632.973276
-#close	2016-03-07-17-23-56
+1403194574.150293	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
+1403194574.232191	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	FyxE5A19VJyangfN54	SMB::UNKNOWN_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
+#close	2016-03-09-08-45-09

From 9c6402bd91ef40192fa1ee5fe60e35bacea36422 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 9 Mar 2016 04:49:48 -0500
Subject: [PATCH 36/84] More smb_files.log improvements.

 - Actually get the path into the smb_files.log now.
 - When a share root is having the "create" message used on it,
   instead of giving a null file name, now give a special
   indicator of "<share_root>".
 - Update test baselines.
---
 scripts/base/protocols/smb/smb2-main.bro       | 18 ++++++++++++------
 .../smb_files.log                              |  6 +++---
 .../smb_files.log                              | 10 +++++-----
 3 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index bb55eda34e..acc654ae58 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -31,15 +31,18 @@ event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=5
 
 	if ( mid !in smb_state$pending_cmds )
 		{
-		local tmp_cmd: SMB::CmdInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2", $command = SMB2::commands[hdr$command]];
+		local tmp_cmd = SMB::CmdInfo($ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2", $command = SMB2::commands[hdr$command]);
+
+		local tmp_file = SMB::FileInfo($ts=network_time(), $uid=c$uid, $id=c$id);
+		if ( smb_state$current_tree?$path )
+			tmp_file$path = smb_state$current_tree$path;
 
-		local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
 		tmp_cmd$referenced_file = tmp_file;
 		tmp_cmd$referenced_tree = smb_state$current_tree;
 		
 		smb_state$pending_cmds[mid] = tmp_cmd;
 		}
-	
+
 	smb_state$current_cmd = smb_state$pending_cmds[mid];
 
 	if ( !is_orig )
@@ -91,12 +94,12 @@ event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::
 	     c$smb_state$current_cmd$status !in SMB::ignored_command_statuses )
 		{
 		Log::write(SMB::CMD_LOG, c$smb_state$current_cmd);
-		}	
+		}
 	}
 	
 event smb2_tree_connect_request(c: connection, hdr: SMB2::Header, path: string) &priority=5
 	{
-	local tmp_tree: SMB::TreeInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $path=path];
+	local tmp_tree = SMB::TreeInfo($ts=network_time(), $uid=c$uid, $id=c$id, $path=path);
 
 	c$smb_state$current_cmd$referenced_tree = tmp_tree;
 	}
@@ -115,7 +118,10 @@ event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB
 
 event smb2_create_request(c: connection, hdr: SMB2::Header, name: string) &priority=5
 	{
-	local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $name=name];
+	if ( name == "")
+		name = "<share_root>";
+
+	local tmp_file = SMB::FileInfo($ts=network_time(), $uid=c$uid, $id=c$id, $name=name);
 
 	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
 		{
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
index a8baf77cac..ca5e9e9cc8 100644
--- a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
@@ -3,11 +3,11 @@
 #empty_field	(empty)
 #unset_field	-
 #path	smb_files
-#open	2016-03-09-08-45-09
+#open	2016-03-09-09-45-49
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
 #types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
-1403194573.483536	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	(empty)	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
+1403194573.483536	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	<share_root>	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
 1403194573.484701	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	Test	0	1403193632.973276	1403193632.973276	1403193604.628965	1403193632.973276
 1403194574.150293	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
 1403194574.232191	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	FyxE5A19VJyangfN54	SMB::UNKNOWN_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
-#close	2016-03-09-08-45-09
+#close	2016-03-09-09-45-49
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
index 023d23cfe8..2898285056 100644
--- a/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
@@ -3,12 +3,12 @@
 #empty_field	(empty)
 #unset_field	-
 #path	smb_files
-#open	2016-03-07-20-31-34
+#open	2016-03-09-09-45-59
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
 #types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
-1323202695.377459	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	(empty)	8192	1323202604.512058	1323202604.512058	1322343963.945297	1323202604.512058
+1323202695.377459	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	<share_root>	8192	1323202604.512058	1323202604.512058	1322343963.945297	1323202604.512058
 1323202695.432192	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	WP_SMBPlugin.pdf	0	1323202695.427034	1323202695.427034	1323202695.427034	1323202695.427034
 1323202695.432192	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	FUU9mc3Ub5uZdcqg1d	SMB::FILE_CLOSE	\\\\10.0.0.12\\smb2	WP_SMBPlugin.pdf	0	1323202695.427034	1323202695.427034	1323202695.427034	1323202695.427034
-1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	(empty)	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
-1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_CLOSE	\\\\10.0.0.12\\smb2	(empty)	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
-#close	2016-03-07-20-31-34
+1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	<share_root>	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
+1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_CLOSE	\\\\10.0.0.12\\smb2	<share_root>	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
+#close	2016-03-09-09-45-59

From d249b763907613fbbe3961dca4ba91667e1bae3b Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sat, 26 Mar 2016 22:15:23 -0400
Subject: [PATCH 37/84] Added uid and conn_id to smb_auth log.

Thanks for Mike Reeves and Aaron Eppert for noticing.
---
 scripts/base/protocols/smb/main.bro      | 10 ++++++----
 scripts/base/protocols/smb/smb1-main.bro |  2 +-
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index c0ac9d31ed..8d52a2347a 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -96,10 +96,12 @@ export {
 	};
 
 	type AuthInfo: record {
-		ts         : time   &log &optional;
-		username   : string &log &optional;
-		hostname   : string &log &optional;
-		domainname : string &log &optional;
+		ts         : time    &log;
+		uid        : string  &log;
+		id         : conn_id &log;
+		username   : string  &log &optional;
+		hostname   : string  &log &optional;
+		domainname : string  &log &optional;
 	};
 
 	## This record is for the smb_cmd.log
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index fc45d02e5a..6c9fcf5b34 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -287,7 +287,7 @@ event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLM
 	{
 	c$smb_state$current_cmd$sub_command = "NTLMSSP_AUTHENTICATE";
 
-	c$smb_state$current_auth = SMB::AuthInfo($ts=network_time());
+	c$smb_state$current_auth = SMB::AuthInfo($ts=network_time(), $uid=c$uid, $id=c$id);
 	if ( request?$domain_name )
 		c$smb_state$current_auth$domainname = request$domain_name;
 	if ( request?$workstation )

From 5721db4be727d074a248186b60af2986564f0c6f Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 09:38:52 -0400
Subject: [PATCH 38/84] Lots of cleanup and improvement to DCE/RPC analyzer.

 - It works with DCE/RPC over SMB1+2 now.
   - Using named pipes in 1+2 and the transaction cmd in SMB1.
 - Base scripts based on work by Josh Liburdi.
 - New dce_rpc.log.  Feedback on how to make this log more compact
   and useful would be appreciated.
---
 scripts/base/init-default.bro                 |    1 +
 scripts/base/protocols/dce-rpc/__load__.bro   |    2 +
 scripts/base/protocols/dce-rpc/consts.bro     | 1374 +++++++++++++++++
 scripts/base/protocols/dce-rpc/dpd.sig        |    6 +
 scripts/base/protocols/dce-rpc/main.bro       |  109 ++
 src/analyzer/protocol/dce-rpc/CMakeLists.txt  |    3 +-
 src/analyzer/protocol/dce-rpc/DCE_RPC.cc      |  604 +-------
 src/analyzer/protocol/dce-rpc/DCE_RPC.h       |   14 +-
 src/analyzer/protocol/dce-rpc/Plugin.cc       |    2 +-
 .../protocol/dce-rpc/dce_rpc-analyzer.pac     |  292 ++--
 .../protocol/dce-rpc/dce_rpc-protocol.pac     |   19 +-
 src/analyzer/protocol/dce-rpc/dce_rpc.pac     |   22 +-
 .../protocol/dce-rpc/dce_rpc_simple.pac       |   20 -
 src/analyzer/protocol/dce-rpc/events.bif      |   31 +-
 src/analyzer/protocol/dce-rpc/types.bif       |   41 +
 src/analyzer/protocol/smb/CMakeLists.txt      |    1 -
 src/analyzer/protocol/smb/DCE_RPC.cc          |  588 -------
 src/analyzer/protocol/smb/DCE_RPC.h           |  191 ---
 .../protocol/smb/dce_rpc-protocol.pac         |  141 --
 src/analyzer/protocol/smb/smb-pipe.pac        |   89 +-
 src/analyzer/protocol/smb/smb.pac             |   19 +
 .../protocol/smb/smb1-com-read-andx.pac       |    6 +-
 .../smb/smb1-com-transaction-secondary.pac    |    2 +-
 .../protocol/smb/smb1-com-transaction.pac     |   53 +-
 .../protocol/smb/smb1-com-write-andx.pac      |    7 +-
 src/analyzer/protocol/smb/smb2-com-read.pac   |   10 +-
 src/analyzer/protocol/smb/smb2-com-write.pac  |    8 +-
 src/types.bif                                 |   39 -
 .../dce_rpc.log                               |   10 +
 ...mainInformation_standalone_workstation.cap |  Bin 0 -> 1619 bytes
 .../smb/smb1-transaction-dcerpc.test          |    5 +
 31 files changed, 1890 insertions(+), 1819 deletions(-)
 create mode 100644 scripts/base/protocols/dce-rpc/__load__.bro
 create mode 100644 scripts/base/protocols/dce-rpc/consts.bro
 create mode 100644 scripts/base/protocols/dce-rpc/dpd.sig
 create mode 100644 scripts/base/protocols/dce-rpc/main.bro
 delete mode 100644 src/analyzer/protocol/dce-rpc/dce_rpc_simple.pac
 create mode 100644 src/analyzer/protocol/dce-rpc/types.bif
 delete mode 100644 src/analyzer/protocol/smb/DCE_RPC.cc
 delete mode 100644 src/analyzer/protocol/smb/DCE_RPC.h
 delete mode 100644 src/analyzer/protocol/smb/dce_rpc-protocol.pac
 create mode 100644 testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log
 create mode 100644 testing/btest/Traces/smb/dssetup_DsRoleGetPrimaryDomainInformation_standalone_workstation.cap
 create mode 100644 testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test

diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.bro
index 70feb4049e..7df08dd7ef 100644
--- a/scripts/base/init-default.bro
+++ b/scripts/base/init-default.bro
@@ -43,6 +43,7 @@
 @endif
 
 @load base/protocols/conn
+@load base/protocols/dce-rpc
 @load base/protocols/dhcp
 @load base/protocols/dnp3
 @load base/protocols/dns
diff --git a/scripts/base/protocols/dce-rpc/__load__.bro b/scripts/base/protocols/dce-rpc/__load__.bro
new file mode 100644
index 0000000000..1d47f6e0cd
--- /dev/null
+++ b/scripts/base/protocols/dce-rpc/__load__.bro
@@ -0,0 +1,2 @@
+@load ./consts
+@load ./main
diff --git a/scripts/base/protocols/dce-rpc/consts.bro b/scripts/base/protocols/dce-rpc/consts.bro
new file mode 100644
index 0000000000..bdef75b619
--- /dev/null
+++ b/scripts/base/protocols/dce-rpc/consts.bro
@@ -0,0 +1,1374 @@
+
+module DCE_RPC;
+
+export {
+	const uuid_endpoint_map: table[string] of string = {
+		["367abb81-9844-35f1-ad32-98f038001003"] = "svcctl",
+		["86d35949-83c9-4044-b424-db363231fd0c"] = "ITaskSchedulerService",
+		["378e52b0-c0a9-11cf-822d-00aa0051e40f"] = "sasec",
+		["1ff70682-0a51-30e8-076d-740be8cee98b"] = "atsvc",
+		["0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53"] = "idletask",
+		["906b0ce0-c70b-1067-b317-00dd010662da"] = "IXnRemote",
+		["ae33069b-a2a8-46ee-a235-ddfd339be281"] = "IRPCRemoteObject",
+		["0b6edbfa-4a24-4fc6-8a23-942b1eca65d1"] = "IRPCAsyncNotify",
+		["afa8bd80-7d8a-11c9-bef4-08002b102989"] = "mgmt",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426"] = "FrsRpc",
+		["000001a0-0000-0000-c000-000000000046"] = "IRemoteSCMActivator",
+		["00000143-0000-0000-c000-000000000046"] = "IRemUnknown2",
+		["12345778-1234-abcd-ef00-0123456789ab"] = "lsarpc",
+		["76f03f96-cdfd-44fc-a22c-64950a001209"] = "IRemoteWinspool",
+		["12345678-1234-abcd-ef00-01234567cffb"] = "netlogon",
+		["e3514235-4b06-11d1-ab04-00c04fc2dcd2"] = "drsuapi",
+		["5261574a-4572-206e-b268-6b199213b4e4"] = "AsyncEMSMDB",
+		["4d9f4ab8-7d1c-11cf-861e-0020af6e7c57"] = "IActivation",
+		["99fcfec4-5260-101b-bbcb-00aa0021347a"] = "IObjectExporter",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa"] = "epmapper",
+		["12345778-1234-abcd-ef00-0123456789ac"] = "samr",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188"] = "srvsvc",
+		["45f52c28-7f9f-101a-b52b-08002b2efabe"] = "winspipe",
+		["6bffd098-a112-3610-9833-46c3f87e345a"] = "wkssvc",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5"] = "dssetup",
+		["12345678-1234-abcd-ef00-0123456789ab"] = "spoolss",
+
+		# Exchange
+		["1544f5e0-613c-11d1-93df-00c04fd7bd09"] = "exchange_rfr",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426"] = "nspi",
+		["a4f1db00-ca47-1067-b31f-00dd010662da"] = "exchange_mapi",
+
+		# IWbem
+		["9556dc99-828c-11cf-a37e-00aa003240c7"] = "IWbemServices",
+		["f309ad18-d86a-11d0-a075-00c04fb68820"] = "IWbemLevel1Login",
+		["d4781cd6-e5d3-44df-ad94-930efe48a887"] = "IWbemLoginClientID",
+		["44aca674-e8fc-11d0-a07c-00c04fb68820"] = "IWbemContext interface",
+		["674b6698-ee92-11d0-ad71-00c04fd8fdff"] = "IWbemContext unmarshaler",
+		["dc12a681-737f-11cf-884d-00aa004b2e24"] = "IWbemClassObject interface",
+		["4590f812-1d3a-11d0-891f-00aa004b2e24"] = "IWbemClassObject unmarshaler",
+		["9a653086-174f-11d2-b5f9-00104b703efd"] = "IWbemClassObject interface",
+		["c49e32c6-bc8b-11d2-85d4-00105a1f8304"] = "IWbemBackupRestoreEx interface",
+		["7c857801-7381-11cf-884d-00aa004b2e24"] = "IWbemObjectSink interface",
+		["027947e1-d731-11ce-a357-000000000001"] = "IEnumWbemClassObject interface",
+		["44aca675-e8fc-11d0-a07c-00c04fb68820"] = "IWbemCallResult interface",
+		["c49e32c7-bc8b-11d2-85d4-00105a1f8304"] = "IWbemBackupRestore interface",
+		["a359dec5-e813-4834-8a2a-ba7f1d777d76"] = "IWbemBackupRestoreEx interface",
+		["f1e9c5b2-f59b-11d2-b362-00105a1f8177"] = "IWbemRemoteRefresher interface",
+		["2c9273e0-1dc3-11d3-b364-00105a1f8177"] = "IWbemRefreshingServices interface",
+		["423ec01e-2e35-11d2-b604-00104b703efd"] = "IWbemWCOSmartEnum interface",
+		["1c1c45ee-4395-11d2-b60b-00104b703efd"] = "IWbemFetchSmartEnum interface",
+		["541679AB-2E5F-11d3-B34E-00104BCC4B4A"] = "IWbemLoginHelper interface",
+		# KMS?
+		["51c82175-844e-4750-b0d8-ec255555bc06"] = "KMS",
+
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076"] = "dnsserver",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5"] = "AudioSrv",
+		["c386ca3e-9061-4a72-821e-498d83be188f"] = "AudioRpc",
+		["6bffd098-a112-3610-9833-012892020162"] = "browser",
+		["91ae6020-9e3c-11cf-8d7c-00aa00c091be"] = "ICertPassage",
+		["c8cb7687-e6d3-11d2-a958-00c04f682e16"] = "DAV RPC SERVICE",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea"] = "eventlog",
+		["3d267954-eeb7-11d1-b94e-00c04fa3080d"] = "HydraLsPipe",
+		["894de0c0-0d55-11d3-a322-00c04fa321a1"] = "InitShutdown",
+		["d95afe70-a6d5-4259-822e-2c84da1ddb0d"] = "WindowsShutdown",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b"] = "IKeySvc",
+		["68b58241-c259-4f03-a2e5-a2651dcbc930"] = "IKeySvc2",
+		["0d72a7d4-6148-11d1-b4aa-00c04fb66ea0"] = "ICertProtect",
+		["f50aac00-c7f3-428e-a022-a6b71bfb9d43"] = "ICatDBSvc",
+		["338cd001-2244-31f1-aaaa-900038001003"] = "winreg",
+		["3dde7c30-165d-11d1-ab8f-00805f14db40"] = "BackupKey", # https://msdn.microsoft.com/en-us/library/cc224123.aspx
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5"] = "RpcSrvDHCPC",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6"] = "dhcpcsvc6",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8"] = "lcrpc",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed"] = "winstation_rpc",
+		["12b81e99-f207-4a4c-85d3-77b42f76fd14"] = "ISeclogon",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c3"] = "NsiS",
+		["d3fbb514-0e3b-11cb-8fad-08002b1d29c3"] = "NsiC",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4"] = "NsiM",
+		["17fdd703-1827-4e34-79d4-24a55c53bb37"] = "msgsvc",
+		["5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc"] = "msgsvcsend",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b"] = "pnp",
+		["57674cd0-5200-11ce-a897-08002b2e9c6d"] = "lls_license",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d"] = "llsrpc",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673"] = "netdfs",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850"] = "sfcapi",
+		["2f5f3220-c126-1076-b549-074d078619da"] = "nddeapi",
+	} &redef &default=function(uuid: string): string { return fmt("unknown-%s", uuid); };
+
+	const operations: table[string,count] of string = {
+		# atsvc
+		["1ff70682-0a51-30e8-076d-740be8cee98b",0] = "NetrJobAdd",
+		["1ff70682-0a51-30e8-076d-740be8cee98b",1] = "NetrJobDel",
+		["1ff70682-0a51-30e8-076d-740be8cee98b",2] = "NetrJobEnum",
+		["1ff70682-0a51-30e8-076d-740be8cee98b",3] = "NetrJobGetInfo",
+
+		# sasec
+		["378e52b0-c0a9-11cf-822d-00aa0051e40f",0] = "SASetAccountInformation",
+		["378e52b0-c0a9-11cf-822d-00aa0051e40f",1] = "SASetNSAccountInformation",
+		["378e52b0-c0a9-11cf-822d-00aa0051e40f",2] = "SAGetNSAccountInformation",
+		["378e52b0-c0a9-11cf-822d-00aa0051e40f",3] = "SAGetAccountInformation",
+
+		# idletask
+		["0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53",0] = "ItSrvRegisterIdleTask",
+		["0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53",1] = "ItSrvUnregisterIdleTask",
+		["0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53",2] = "ItSrvProcessIdleTasks",
+		["0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53",3] = "ItSrvSetDetectionParameters",
+
+		# ITaskSchedulerService
+		["86d35949-83c9-4044-b424-db363231fd0c",0] = "SchRpcHighestVersion",
+		["86d35949-83c9-4044-b424-db363231fd0c",1] = "SchRpcRegisterTask",
+		["86d35949-83c9-4044-b424-db363231fd0c",2] = "SchRpcRetrieveTask",
+		["86d35949-83c9-4044-b424-db363231fd0c",3] = "SchRpcCreateFolder",
+		["86d35949-83c9-4044-b424-db363231fd0c",4] = "SchRpcSetSecurity",
+		["86d35949-83c9-4044-b424-db363231fd0c",5] = "SchRpcGetSecurity",
+		["86d35949-83c9-4044-b424-db363231fd0c",6] = "SchRpcEnumFolder",
+		["86d35949-83c9-4044-b424-db363231fd0c",7] = "SchRpcEnumTasks",
+		["86d35949-83c9-4044-b424-db363231fd0c",8] = "SchRpcEnumInstances",
+		["86d35949-83c9-4044-b424-db363231fd0c",9] = "SchRpcGetInstanceInfo",
+		["86d35949-83c9-4044-b424-db363231fd0c",10] = "SchRpcStopInstance",
+		["86d35949-83c9-4044-b424-db363231fd0c",11] = "SchRpcStop",
+		["86d35949-83c9-4044-b424-db363231fd0c",12] = "SchRpcRun",
+		["86d35949-83c9-4044-b424-db363231fd0c",13] = "SchRpcDelete",
+		["86d35949-83c9-4044-b424-db363231fd0c",14] = "SchRpcRename",
+		["86d35949-83c9-4044-b424-db363231fd0c",15] = "SchRpcScheduledRuntimes",
+		["86d35949-83c9-4044-b424-db363231fd0c",16] = "SchRpcGetLastRunInfo",
+		["86d35949-83c9-4044-b424-db363231fd0c",17] = "SchRpcGetTaskInfo",
+
+		# IObjectExporter
+		["99fcfec4-5260-101b-bbcb-00aa0021347a",0] = "ResolveOxid",
+		["99fcfec4-5260-101b-bbcb-00aa0021347a",1] = "SimplePing",
+		["99fcfec4-5260-101b-bbcb-00aa0021347a",2] = "ComplexPing",
+		["99fcfec4-5260-101b-bbcb-00aa0021347a",3] = "ServerAlive",
+		["99fcfec4-5260-101b-bbcb-00aa0021347a",4] = "ResolveOxid2",
+		["99fcfec4-5260-101b-bbcb-00aa0021347a",5] = "ServerAlive2",
+
+		# IActivation
+		["4d9f4ab8-7d1c-11cf-861e-0020af6e7c57",0] = "RemoteActivation",
+
+		# IRemoteSCMActivator
+		["000001a0-0000-0000-c000-000000000046",3] = "RemoteGetClassObject",
+		["000001a0-0000-0000-c000-000000000046",4] = "RemoteCreateInstance",
+
+		# nspi
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",0] = "NspiBind",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",1] = "NspiUnbind",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",2] = "NspiUpdateStat",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",3] = "NspiQueryRows",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",4] = "NspiSeekEntries",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",5] = "NspiGetMatches",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",6] = "NspiResortRestriction",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",7] = "NspiDNToEph",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",8] = "NspiGetPropList",
+		["f5cc5a18-4264-101a-8c59-08002b2f8426",9] = "NspiGetProps",
+
+		# IWbemServices
+		["9556dc99-828c-11cf-a37e-00aa003240c7",3] = "OpenNamespace",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",4] = "CancelAsyncCall",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",5] = "QueryObjectSink",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",6] = "GetObject",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",7] = "GetObjectAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",8] = "PutClass",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",9] = "PutClassAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",10] = "DeleteClass",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",11] = "DeleteClassAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",12] = "CreateClassEnum",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",13] = "CreateClassEnumAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",14] = "PutInstance",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",15] = "PutInstanceAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",16] = "DeleteClass",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",17] = "DeleteClassAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",18] = "CreateInstanceEnum",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",19] = "CreateInstanceEnumAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",20] = "ExecQuery",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",21] = "ExecQueryAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",22] = "ExecNotificationQuery",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",23] = "ExecNotificationQueryAsync",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",24] = "ExecMethod",
+		["9556dc99-828c-11cf-a37e-00aa003240c7",25] = "ExecMethodAsync",
+
+		# IWbemLevel1Login
+		["f309ad18-d86a-11d0-a075-00c04fb68820",3] = "EstablishPosition",
+		["f309ad18-d86a-11d0-a075-00c04fb68820",4] = "RequestChallenge",
+		["f309ad18-d86a-11d0-a075-00c04fb68820",5] = "WBEMLogin",
+		["f309ad18-d86a-11d0-a075-00c04fb68820",6] = "NTLMLogin",
+
+		# FrsRpc
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",0] = "FrsRpcSendCommPkt",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",1] = "FrsRpcVerifyPromotionParent",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",2] = "FrsRpcStartPromotionParent",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",3] = "FrsNOP",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",4] = "FrsBackupComplete",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",5] = "FrsBackupComplete",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",6] = "FrsBackupComplete",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",7] = "FrsBackupComplete",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",8] = "FrsBackupComplete",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",9] = "FrsBackupComplete",
+		["f5cc59b4-4264-101a-8c59-08002b2f8426",10] = "FrsRpcVerifyPromotionParentEx",
+
+		# IRemUnknown2
+		["00000143-0000-0000-c000-000000000046",0] = "QueryInterface",
+		["00000143-0000-0000-c000-000000000046",1] = "AddRef",
+		["00000143-0000-0000-c000-000000000046",2] = "Release",
+		["00000143-0000-0000-c000-000000000046",3] = "RemQueryInterface",
+		["00000143-0000-0000-c000-000000000046",4] = "RemAddRef",
+		["00000143-0000-0000-c000-000000000046",5] = "RemRelease",
+		["00000143-0000-0000-c000-000000000046",6] = "RemQueryInterface2",
+
+		# IRemoteSCMActivator
+		["000001a0-0000-0000-c000-000000000046",0] = "QueryInterfaceIRemoteSCMActivator",
+		["000001a0-0000-0000-c000-000000000046",1] = "AddRefIRemoteISCMActivator",
+		["000001a0-0000-0000-c000-000000000046",2] = "ReleaseIRemoteISCMActivator",
+		#["000001a0-0000-0000-c000-000000000046",3] = "RemoteGetClassObject",
+		#["000001a0-0000-0000-c000-000000000046",4] = "RemoteCreateInstance",
+
+		# netlogon
+		["12345678-1234-abcd-ef00-01234567cffb",0] = "NetrLogonUasLogon",
+		["12345678-1234-abcd-ef00-01234567cffb",1] = "NetrLogonUasLogoff",
+		["12345678-1234-abcd-ef00-01234567cffb",2] = "NetrLogonSamLogon",
+		["12345678-1234-abcd-ef00-01234567cffb",3] = "NetrLogonSamLogoff",
+		["12345678-1234-abcd-ef00-01234567cffb",4] = "NetrServerReqChallenge",
+		["12345678-1234-abcd-ef00-01234567cffb",5] = "NetrServerAuthenticate",
+		["12345678-1234-abcd-ef00-01234567cffb",6] = "NetrServerPasswordSet",
+		["12345678-1234-abcd-ef00-01234567cffb",7] = "NetrDatabaseDeltas",
+		["12345678-1234-abcd-ef00-01234567cffb",8] = "NetrDatabaseSync",
+		["12345678-1234-abcd-ef00-01234567cffb",9] = "NetrAccountDeltas",
+		["12345678-1234-abcd-ef00-01234567cffb",10] = "NetrAccountSync",
+		["12345678-1234-abcd-ef00-01234567cffb",11] = "NetrGetDCName",
+		["12345678-1234-abcd-ef00-01234567cffb",12] = "NetrLogonControl",
+		["12345678-1234-abcd-ef00-01234567cffb",13] = "NetrGetAnyDCName",
+		["12345678-1234-abcd-ef00-01234567cffb",14] = "NetrLogonControl2",
+		["12345678-1234-abcd-ef00-01234567cffb",15] = "NetrServerAuthenticate2",
+		["12345678-1234-abcd-ef00-01234567cffb",16] = "NetrDatabaseSync2",
+		["12345678-1234-abcd-ef00-01234567cffb",17] = "NetrDatabaseRedo",
+		["12345678-1234-abcd-ef00-01234567cffb",18] = "NetrLogonControl2Ex",
+		["12345678-1234-abcd-ef00-01234567cffb",19] = "NetrEnumerateTrustedDomains",
+		["12345678-1234-abcd-ef00-01234567cffb",20] = "DsrGetDcName",
+		["12345678-1234-abcd-ef00-01234567cffb",21] = "NetrLogonGetCapabilities",
+		["12345678-1234-abcd-ef00-01234567cffb",22] = "NetrLogonSetServiceBits",
+		["12345678-1234-abcd-ef00-01234567cffb",23] = "NetrLogonGetTrustRid",
+		["12345678-1234-abcd-ef00-01234567cffb",24] = "NetrLogonComputeServerDigest",
+		["12345678-1234-abcd-ef00-01234567cffb",25] = "NetrLogonComputeClientDigest",
+		["12345678-1234-abcd-ef00-01234567cffb",26] = "NetrServerAuthenticate3",
+		["12345678-1234-abcd-ef00-01234567cffb",27] = "DsrGetDcNameEx",
+		["12345678-1234-abcd-ef00-01234567cffb",28] = "DsrGetSiteName",
+		["12345678-1234-abcd-ef00-01234567cffb",29] = "NetrLogonGetDomainInfo",
+		["12345678-1234-abcd-ef00-01234567cffb",30] = "NetrServerPasswordSet2",
+		["12345678-1234-abcd-ef00-01234567cffb",31] = "NetrServerPasswordGet",
+		["12345678-1234-abcd-ef00-01234567cffb",32] = "NetrLogonSendToSam",
+		["12345678-1234-abcd-ef00-01234567cffb",33] = "DsrAddressToSiteNamesW",
+		["12345678-1234-abcd-ef00-01234567cffb",34] = "DsrGetDcNameEx2",
+		["12345678-1234-abcd-ef00-01234567cffb",35] = "NetrLogonGetTimeServiceParentDomain",
+		["12345678-1234-abcd-ef00-01234567cffb",36] = "NetrEnumerateTrustedDomainsEx",
+		["12345678-1234-abcd-ef00-01234567cffb",37] = "DsrAddressToSiteNamesExW",
+		["12345678-1234-abcd-ef00-01234567cffb",38] = "DsrGetDcSiteCoverageW",
+		["12345678-1234-abcd-ef00-01234567cffb",39] = "NetrLogonSamLogonEx",
+		["12345678-1234-abcd-ef00-01234567cffb",40] = "DsrEnumerateDomainTrusts",
+		["12345678-1234-abcd-ef00-01234567cffb",41] = "DsrDeregisterDnsHostRecords",
+		["12345678-1234-abcd-ef00-01234567cffb",42] = "NetrServerTrustPasswordsGet",
+		["12345678-1234-abcd-ef00-01234567cffb",43] = "DsrGetForestTrustInformation",
+		["12345678-1234-abcd-ef00-01234567cffb",44] = "NetrGetForestTrustInformation",
+		["12345678-1234-abcd-ef00-01234567cffb",45] = "NetrLogonSameLogonWithFlags",
+		["12345678-1234-abcd-ef00-01234567cffb",46] = "NetrServerGetTrustInfo",
+		["12345678-1234-abcd-ef00-01234567cffb",47] = "unused",
+		["12345678-1234-abcd-ef00-01234567cffb",48] = "DsrUpdateReadOnlyServerDnsRecords",
+		["12345678-1234-abcd-ef00-01234567cffb",49] = "NetrChainSetClientAttributes",
+
+		# IRemoteWinspool
+		["76f03f96-cdfd-44fc-a22c-64950a001209",0] = "RpcAsyncOpenPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",1] = "RpcAsyncAddPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",2] = "RpcAsyncSetJob",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",3] = "RpcAsyncGetJob",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",4] = "RpcAsyncEnumJobs",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",5] = "RpcAsyncAddJob",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",6] = "RpcAsyncScheduleJob",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",7] = "RpcAsyncDeletePrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",8] = "RpcAsyncSetPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",9] = "RpcAsyncGetPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",10] = "RpcAsyncStartDocPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",11] = "RpcAsyncStartPagePrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",12] = "RpcAsyncWritePrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",13] = "RpcAsyncEndPagePrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",14] = "RpcAsyncEndDocPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",15] = "RpcAsyncAbortPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",16] = "RpcAsyncGetPrinterData",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",17] = "RpcAsyncGetPrinterDataEx",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",18] = "RpcAsyncSetPrinterData",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",19] = "RpcAsyncSetPrinterDataEx",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",20] = "RpcAsyncClosePrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",21] = "RpcAsyncAddForm",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",22] = "RpcAsyncDeleteForm",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",23] = "RpcAsyncGetForm",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",24] = "RpcAsyncSetForm",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",25] = "RpcAsyncEnumForms",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",26] = "RpcAsyncGetPrinterDriver",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",27] = "RpcAsyncEnumPrinterData",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",28] = "RpcAsyncEnumPrinterDataEx",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",29] = "RpcAsyncEnumPrinterKey",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",30] = "RpcAsyncDeletePrinterData",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",31] = "RpcAsyncDeletePrinterDataEx",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",32] = "RpcAsyncDeletePrinterKey",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",33] = "RpcAsyncXcvData",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",34] = "RpcAsyncSendRecvBidiData",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",35] = "RpcAsyncCreatePrinterIC",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",36] = "RpcAsyncPlayGdiScriptOnPrinterIC",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",37] = "RpcAsyncDeletePrinterIC",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",38] = "RpcAsyncEnumPrinters",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",39] = "RpcAsyncAddPrinterDriver",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",40] = "RpcAsyncEnumPrinterDrivers",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",41] = "RpcAsyncGetPrinterDriverDirectory",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",42] = "RpcAsyncDeletePrinterDriver",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",43] = "RpcAsyncDeletePrinterDriverEx",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",44] = "RpcAsyncAddPrintProcessor",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",45] = "RpcAsyncEnumPrintProcessors",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",46] = "RpcAsyncGetPrintProcessorDirectory",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",47] = "RpcAsyncEnumPorts",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",48] = "RpcAsyncEnumMonitors",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",49] = "RpcAsyncAddPort",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",50] = "RpcAsyncSetPort",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",51] = "RpcAsyncAddMonitor",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",52] = "RpcAsyncDeleteMonitor",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",53] = "RpcAsyncDeletePrintProcessor",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",54] = "RpcAsyncEnumPrintProcessorDatatypes",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",55] = "RpcAsyncAddPerMachineConnection",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",56] = "RpcAsyncDeletePerMachineConnection",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",57] = "RpcAsyncEnumPerMachineConnections",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",58] = "RpcSyncRegisterForRemoteNotifications",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",59] = "RpcSyncUnRegisterForRemoteNotifications",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",60] = "RpcSyncRefreshRemoteNotifications",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",61] = "RpcAsyncGetRemoteNotifications",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",62] = "RpcAsyncInstallPrinterDriverFromPackage",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",63] = "RpcAsyncUploadPrinterDriverPackage",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",64] = "RpcAsyncGetCorePrinterDrivers",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",65] = "RpcAsyncCorePrinterDriverInstalled",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",66] = "RpcAsyncGetPrinterDriverPackagePath",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",67] = "RpcAsyncDeletePrinterDriverPackage",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",68] = "RpcAsyncReadPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",69] = "RpcAsyncResetPrinter",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",70] = "RpcAsyncGetJobNamedPropertyValue",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",71] = "RpcAsyncSetJobNamedProperty",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",72] = "RpcAsyncDeleteJobNamedProperty",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",73] = "RpcAsyncEnumJobNamedProperties",
+		["76f03f96-cdfd-44fc-a22c-64950a001209",74] = "RpcAsyncLogJobInfoForBranchOffice",
+
+		# InitShutdown
+		["894de0c0-0d55-11d3-a322-00c04fa321a1",0]  = "BaseInitiateShutdown",
+		["894de0c0-0d55-11d3-a322-00c04fa321a1",1]  = "BaseAbortShutdown",
+		["894de0c0-0d55-11d3-a322-00c04fa321a1",2]  = "BaseInitiateShutdownEx",
+
+		# WindowsShutdown
+		["d95afe70-a6d5-4259-822e-2c84da1ddb0d",0x00] = "WsdrInitiateShutdown",
+		["d95afe70-a6d5-4259-822e-2c84da1ddb0d",0x01] = "WsdrAbortShutdown",
+
+		# spoolss
+		["12345678-1234-abcd-ef00-0123456789ab",0x00] = "RpcEnumPrinters",
+		["12345678-1234-abcd-ef00-0123456789ab",0x01] = "RpcOpenPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x02] = "RpcSetJob",
+		["12345678-1234-abcd-ef00-0123456789ab",0x03] = "RpcGetJob",
+		["12345678-1234-abcd-ef00-0123456789ab",0x04] = "RpcEnumJobs",
+		["12345678-1234-abcd-ef00-0123456789ab",0x05] = "RpcAddPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x06] = "RpcDeletePrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x07] = "RpcSetPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x08] = "RpcGetPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x09] = "RpcAddPrinterDriver",
+		["12345678-1234-abcd-ef00-0123456789ab",0x0a] = "RpcEnumPrinterDrivers",
+		["12345678-1234-abcd-ef00-0123456789ab",0x0b] = "RpcGetPrinterDriver",
+		["12345678-1234-abcd-ef00-0123456789ab",0x0c] = "RpcGetPrinterDriverDirectory",
+		["12345678-1234-abcd-ef00-0123456789ab",0x0d] = "RpcDeletePrinterDriver",
+		["12345678-1234-abcd-ef00-0123456789ab",0x0e] = "RpcAddPrintProcessor",
+		["12345678-1234-abcd-ef00-0123456789ab",0x0f] = "RpcEnumPrintProcessors",
+		["12345678-1234-abcd-ef00-0123456789ab",0x10] = "RpcGetPrintProcessorDirectory",
+		["12345678-1234-abcd-ef00-0123456789ab",0x11] = "RpcStartDocPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x12] = "RpcStartPagePrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x13] = "RpcWritePrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x14] = "RpcEndPagePrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x15] = "RpcAbortPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x16] = "RpcReadPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x17] = "RpcEndDocPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x18] = "RpcAddJob",
+		["12345678-1234-abcd-ef00-0123456789ab",0x19] = "RpcScheduleJob",
+		["12345678-1234-abcd-ef00-0123456789ab",0x1a] = "RpcGetPrinterData",
+		["12345678-1234-abcd-ef00-0123456789ab",0x1b] = "RpcSetPrinterData",
+		["12345678-1234-abcd-ef00-0123456789ab",0x1c] = "RpcWaitForPrinterChange",
+		["12345678-1234-abcd-ef00-0123456789ab",0x1d] = "RpcClosePrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x1e] = "RpcAddForm",
+		["12345678-1234-abcd-ef00-0123456789ab",0x1f] = "RpcDeleteForm",
+		["12345678-1234-abcd-ef00-0123456789ab",0x20] = "RpcGetForm",
+		["12345678-1234-abcd-ef00-0123456789ab",0x21] = "RpcSetForm",
+		["12345678-1234-abcd-ef00-0123456789ab",0x22] = "RpcEnumForms",
+		["12345678-1234-abcd-ef00-0123456789ab",0x23] = "RpcEnumPorts",
+		["12345678-1234-abcd-ef00-0123456789ab",0x24] = "RpcEnumMonitors",
+		["12345678-1234-abcd-ef00-0123456789ab",0x25] = "RpcAddPort",
+		["12345678-1234-abcd-ef00-0123456789ab",0x26] = "RpcConfigurePort",
+		["12345678-1234-abcd-ef00-0123456789ab",0x27] = "RpcDeletePort",
+		["12345678-1234-abcd-ef00-0123456789ab",0x28] = "RpcCreatePrinterIC",
+		["12345678-1234-abcd-ef00-0123456789ab",0x29] = "RpcPlayGdiScriptOnPrinterIC",
+		["12345678-1234-abcd-ef00-0123456789ab",0x2a] = "RpcDeletePrinterIC",
+		["12345678-1234-abcd-ef00-0123456789ab",0x2b] = "RpcAddPrinterConnection",
+		["12345678-1234-abcd-ef00-0123456789ab",0x2c] = "RpcDeletePrinterConnection",
+		["12345678-1234-abcd-ef00-0123456789ab",0x2d] = "RpcPrinterMessageBox",
+		["12345678-1234-abcd-ef00-0123456789ab",0x2e] = "RpcAddMonitor",
+		["12345678-1234-abcd-ef00-0123456789ab",0x2f] = "RpcDeleteMonitor",
+		["12345678-1234-abcd-ef00-0123456789ab",0x30] = "RpcDeletePrintProcessor",
+		["12345678-1234-abcd-ef00-0123456789ab",0x31] = "RpcAddPrintProvidor",
+		["12345678-1234-abcd-ef00-0123456789ab",0x32] = "RpcDeletePrintProvidor",
+		["12345678-1234-abcd-ef00-0123456789ab",0x33] = "RpcEnumPrintProcessorDatatypes",
+		["12345678-1234-abcd-ef00-0123456789ab",0x34] = "RpcResetPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x35] = "RpcGetPrinterDriver2",
+		["12345678-1234-abcd-ef00-0123456789ab",0x36] = "RpcClientFindFirstPrinterChangeNotification",
+		["12345678-1234-abcd-ef00-0123456789ab",0x37] = "RpcFindNextPrinterChangeNotification",
+		["12345678-1234-abcd-ef00-0123456789ab",0x38] = "RpcFindClosePrinterChangeNotification",
+		["12345678-1234-abcd-ef00-0123456789ab",0x39] = "RpcRouterFindFirstPrinterChangeNotificationOld",
+		["12345678-1234-abcd-ef00-0123456789ab",0x3a] = "RpcReplyOpenPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x3b] = "RpcRouterReplyPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x3c] = "RpcReplyClosePrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x3d] = "RpcAddPortEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x3e] = "RpcRemoteFindFirstPrinterChangeNotification",
+		["12345678-1234-abcd-ef00-0123456789ab",0x3f] = "RpcSpoolerInit",
+		["12345678-1234-abcd-ef00-0123456789ab",0x40] = "RpcResetPrinterEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x41] = "RpcRemoteFindFirstPrinterChangeNotificationEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x42] = "RpcRouterReplyPrinterEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x43] = "RpcRouterRefreshPrinterChangeNotification",
+		["12345678-1234-abcd-ef00-0123456789ab",0x44] = "RpcSetAllocFailCount",
+		["12345678-1234-abcd-ef00-0123456789ab",0x45] = "RpcSplOpenPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x46] = "RpcAddPrinterEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x47] = "RpcSetPort",
+		["12345678-1234-abcd-ef00-0123456789ab",0x48] = "RpcEnumPrinterData",
+		["12345678-1234-abcd-ef00-0123456789ab",0x49] = "RpcDeletePrinterData",
+		["12345678-1234-abcd-ef00-0123456789ab",0x4a] = "RpcClusterSplOpen",
+		["12345678-1234-abcd-ef00-0123456789ab",0x4b] = "RpcClusterSplClose",
+		["12345678-1234-abcd-ef00-0123456789ab",0x4c] = "RpcClusterSplIsAlive",
+		["12345678-1234-abcd-ef00-0123456789ab",0x4d] = "RpcSetPrinterDataEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x4e] = "RpcGetPrinterDataEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x4f] = "RpcEnumPrinterDataEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x50] = "RpcEnumPrinterKey",
+		["12345678-1234-abcd-ef00-0123456789ab",0x51] = "RpcDeletePrinterDataEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x52] = "RpcDeletePrinterKey",
+		["12345678-1234-abcd-ef00-0123456789ab",0x53] = "RpcSeekPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x54] = "RpcDeletePrinterDriverEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x55] = "RpcAddPerMachineConnection",
+		["12345678-1234-abcd-ef00-0123456789ab",0x56] = "RpcDeletePerMachineConnection",
+		["12345678-1234-abcd-ef00-0123456789ab",0x57] = "RpcEnumPerMachineConnections",
+		["12345678-1234-abcd-ef00-0123456789ab",0x58] = "RpcXcvData",
+		["12345678-1234-abcd-ef00-0123456789ab",0x59] = "RpcAddPrinterDriverEx",
+		["12345678-1234-abcd-ef00-0123456789ab",0x5a] = "RpcSplOpenPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x5b] = "RpcGetSpoolFileInfo",
+		["12345678-1234-abcd-ef00-0123456789ab",0x5c] = "RpcCommitSpoolData",
+		["12345678-1234-abcd-ef00-0123456789ab",0x5d] = "RpcCloseSpoolFileHandle",
+		["12345678-1234-abcd-ef00-0123456789ab",0x5e] = "RpcFlushPrinter",
+		["12345678-1234-abcd-ef00-0123456789ab",0x5f] = "RpcSendRecvBidiData",
+		["12345678-1234-abcd-ef00-0123456789ab",0x60] = "RpcAddDriverCatalog",
+		["12345678-1234-abcd-ef00-0123456789ab",0x61] = "RpcAddPrinterConnection2",
+		["12345678-1234-abcd-ef00-0123456789ab",0x62] = "RpcDeletePrinterConnection2",
+		["12345678-1234-abcd-ef00-0123456789ab",0x63] = "RpcInstallPrinterDriverFromPackage",
+		["12345678-1234-abcd-ef00-0123456789ab",0x64] = "RpcUploadPrinterDriverPackage",
+		["12345678-1234-abcd-ef00-0123456789ab",0x65] = "RpcGetCorePrinterDrivers",
+		["12345678-1234-abcd-ef00-0123456789ab",0x66] = "RpcCorePrinterDriverInstalled",
+		["12345678-1234-abcd-ef00-0123456789ab",0x67] = "RpcGetPrinterDriverPackagePath",
+		["12345678-1234-abcd-ef00-0123456789ab",0x68] = "RpcReportJobProcessingProgress",
+
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x00] = "NetrCharDevEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x01] = "NetrCharDevGetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x02] = "NetrCharDevControl",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x03] = "NetrCharDevQEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x04] = "NetrCharDevQGetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x05] = "NetrCharDevQSetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x06] = "NetrCharDevQPurge",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x07] = "NetrCharDevQPurgeSelf",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x08] = "NetrConnectionEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x09] = "NetrFileEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x0a] = "NetrFileGetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x0b] = "NetrFileClose",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x0c] = "NetrSessionEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x0d] = "NetrSessionDel",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x0e] = "NetrShareAdd",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x0f] = "NetrShareEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x10] = "NetrShareGetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x11] = "NetrShareSetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x12] = "NetrShareDel",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x13] = "NetrShareDelSticky",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x14] = "NetrShareCheck",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x15] = "NetrServerGetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x16] = "NetrServerSetInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x17] = "NetrServerDiskEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x18] = "NetrServerStatisticsGet",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x19] = "NetrServerTransportAdd",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x1a] = "NetrServerTransportEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x1b] = "NetrServerTransportDel",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x1c] = "NetrRemoteTOD",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x1d] = "NetrServerSetServiceBits",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x1e] = "NetprPathType",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x1f] = "NetprPathCanonicalize",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x20] = "NetprPathCompare",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x21] = "NetprNameValidate",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x22] = "NetprNameCanonicalize",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x23] = "NetprNameCompare",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x24] = "NetrShareEnumSticky",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x25] = "NetrShareDelStart",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x26] = "NetrShareDelCommit",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x27] = "NetrpGetFileSecurity",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x28] = "NetrpSetFileSecurity",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x29] = "NetrServerTransportAddEx",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x2a] = "NetrServerSetServiceBitsEx",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x2b] = "NetrDfsGetVersion",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x2c] = "NetrDfsCreateLocalPartition",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x2d] = "NetrDfsDeleteLocalPartition",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x2e] = "NetrDfsSetLocalVolumeState",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x2f] = "NetrDfsSetServerInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x30] = "NetrDfsCreateExitPoint",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x31] = "NetrDfsDeleteExitPoint",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x32] = "NetrDfsModifyPrefix",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x33] = "NetrDfsFixLocalVolume",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x34] = "NetrDfsManagerReportSiteInfo",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x35] = "NetrServerTransportDelEx",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x37] = "NetrServerAliasEnum",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x38] = "NetrServerAliasDel",
+		["4b324fc8-1670-01d3-1278-5a47bf6ee188",0x39] = "NetrShareDelEx",
+
+		["12345778-1234-abcd-ef00-0123456789ac",0x00] = "SamrConnect",
+		["12345778-1234-abcd-ef00-0123456789ac",0x01] = "SamrCloseHandle",
+		["12345778-1234-abcd-ef00-0123456789ac",0x02] = "SamrSetSecurityObject",
+		["12345778-1234-abcd-ef00-0123456789ac",0x03] = "SamrQuerySecurityObject",
+		["12345778-1234-abcd-ef00-0123456789ac",0x04] = "SamrShutdownSamServer",
+		["12345778-1234-abcd-ef00-0123456789ac",0x05] = "SamrLookupDomainInSamServer",
+		["12345778-1234-abcd-ef00-0123456789ac",0x06] = "SamrEnumerateDomainsInSamServer",
+		["12345778-1234-abcd-ef00-0123456789ac",0x07] = "SamrOpenDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x08] = "SamrQueryInformationDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x09] = "SamrSetInformationDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x0a] = "SamrCreateGroupInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x0b] = "SamrEnumerateGroupsInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x0c] = "SamrCreateUserInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x0d] = "SamrEnumerateUsersInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x0e] = "SamrCreateAliasInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x0f] = "SamrEnumerateAliasesInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x10] = "SamrGetAliasMembership",
+		["12345778-1234-abcd-ef00-0123456789ac",0x11] = "SamrLookupNamesInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x12] = "SamrLookupIdsInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x13] = "SamrOpenGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x14] = "SamrQueryInformationGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x15] = "SamrSetInformationGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x16] = "SamrAddMemberToGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x17] = "SamrDeleteGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x18] = "SamrRemoveMemberFromGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x19] = "SamrGetMembersInGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x1a] = "SamrSetMemberAttributesOfGroup",
+		["12345778-1234-abcd-ef00-0123456789ac",0x1b] = "SamrOpenAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x1c] = "SamrQueryInformationAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x1d] = "SamrSetInformationAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x1e] = "SamrDeleteAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x1f] = "SamrAddMemberToAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x20] = "SamrRemoveMemberFromAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x21] = "SamrGetMembersInAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x22] = "SamrOpenUser",
+		["12345778-1234-abcd-ef00-0123456789ac",0x23] = "SamrDeleteUser",
+		["12345778-1234-abcd-ef00-0123456789ac",0x24] = "SamrQueryInformationUser",
+		["12345778-1234-abcd-ef00-0123456789ac",0x25] = "SamrSetInformationUser",
+		["12345778-1234-abcd-ef00-0123456789ac",0x26] = "SamrChangePasswordUser",
+		["12345778-1234-abcd-ef00-0123456789ac",0x27] = "SamrGetGroupsForUser",
+		["12345778-1234-abcd-ef00-0123456789ac",0x28] = "SamrQueryDisplayInformation",
+		["12345778-1234-abcd-ef00-0123456789ac",0x29] = "SamrGetDisplayEnumerationIndex",
+		["12345778-1234-abcd-ef00-0123456789ac",0x2a] = "SamrTestPrivateFunctionsDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x2b] = "SamrTestPrivateFunctionsUser",
+		["12345778-1234-abcd-ef00-0123456789ac",0x2c] = "SamrGetUserDomainPasswordInformation",
+		["12345778-1234-abcd-ef00-0123456789ac",0x2d] = "SamrRemoveMemberFromForeignDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x2e] = "SamrQueryInformationDomain2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x2f] = "SamrQueryInformationUser2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x30] = "SamrQueryDisplayInformation2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x31] = "SamrGetDisplayEnumerationIndex2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x32] = "SamrCreateUser2InDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x33] = "SamrQueryDisplayInformation3",
+		["12345778-1234-abcd-ef00-0123456789ac",0x34] = "SamrAddMultipleMembersToAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x35] = "SamrRemoveMultipleMembersFromAlias",
+		["12345778-1234-abcd-ef00-0123456789ac",0x36] = "SamrOemChangePasswordUser2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x37] = "SamrUnicodeChangePasswordUser2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x38] = "SamrGetDomainPasswordInformation",
+		["12345778-1234-abcd-ef00-0123456789ac",0x39] = "SamrConnect2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x3a] = "SamrSetInformationUser2",
+		["12345778-1234-abcd-ef00-0123456789ac",0x3b] = "SamrSetBootKeyInformation",
+		["12345778-1234-abcd-ef00-0123456789ac",0x3c] = "SamrGetBootKeyInformation",
+		["12345778-1234-abcd-ef00-0123456789ac",0x3d] = "SamrConnect3",
+		["12345778-1234-abcd-ef00-0123456789ac",0x3e] = "SamrConnect4",
+		["12345778-1234-abcd-ef00-0123456789ac",0x3f] = "SamrUnicodeChangePasswordUser3",
+		["12345778-1234-abcd-ef00-0123456789ac",0x40] = "SamrConnect5",
+		["12345778-1234-abcd-ef00-0123456789ac",0x41] = "SamrRidToSid",
+		["12345778-1234-abcd-ef00-0123456789ac",0x42] = "SamrSetDSRMPassword",
+		["12345778-1234-abcd-ef00-0123456789ac",0x43] = "SamrValidatePassword",
+		["12345778-1234-abcd-ef00-0123456789ac",0x44] = "SamrQueryLocalizableAccountsInDomain",
+		["12345778-1234-abcd-ef00-0123456789ac",0x45] = "SamrPerformGenericOperation",
+
+		["338cd001-2244-31f1-aaaa-900038001003",0x00] = "OpenClassesRoot",
+		["338cd001-2244-31f1-aaaa-900038001003",0x01] = "OpenCurrentUser",
+		["338cd001-2244-31f1-aaaa-900038001003",0x02] = "OpenLocalMachine",
+		["338cd001-2244-31f1-aaaa-900038001003",0x03] = "OpenPerformanceData",
+		["338cd001-2244-31f1-aaaa-900038001003",0x04] = "OpenUsers",
+		["338cd001-2244-31f1-aaaa-900038001003",0x05] = "BaseRegCloseKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x06] = "BaseRegCreateKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x07] = "BaseRegDeleteKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x08] = "BaseRegDeleteValue",
+		["338cd001-2244-31f1-aaaa-900038001003",0x09] = "BaseRegEnumKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x0a] = "BaseRegEnumValue",
+		["338cd001-2244-31f1-aaaa-900038001003",0x0b] = "BaseRegFlushKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x0c] = "BaseRegGetKeySecurity",
+		["338cd001-2244-31f1-aaaa-900038001003",0x0d] = "BaseRegLoadKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x0e] = "BaseRegNotifyChangeKeyValue",
+		["338cd001-2244-31f1-aaaa-900038001003",0x0f] = "BaseRegOpenKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x10] = "BaseRegQueryInfoKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x11] = "BaseRegQueryValue",
+		["338cd001-2244-31f1-aaaa-900038001003",0x12] = "BaseRegReplaceKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x13] = "BaseRegRestoreKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x14] = "BaseRegSaveKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x15] = "BaseRegSetKeySecurity",
+		["338cd001-2244-31f1-aaaa-900038001003",0x16] = "BaseRegSetValue",
+		["338cd001-2244-31f1-aaaa-900038001003",0x17] = "BaseRegUnLoadKey",
+		["338cd001-2244-31f1-aaaa-900038001003",0x18] = "BaseInitiateSystemShutdown",
+		["338cd001-2244-31f1-aaaa-900038001003",0x19] = "BaseAbortSystemShutdown",
+		["338cd001-2244-31f1-aaaa-900038001003",0x1a] = "BaseRegGetVersion",
+		["338cd001-2244-31f1-aaaa-900038001003",0x1b] = "OpenCurrentConfig",
+		["338cd001-2244-31f1-aaaa-900038001003",0x1c] = "OpenDynData",
+		["338cd001-2244-31f1-aaaa-900038001003",0x1d] = "BaseRegQueryMultipleValues",
+		["338cd001-2244-31f1-aaaa-900038001003",0x1e] = "BaseInitiateSystemShutdownEx",
+		["338cd001-2244-31f1-aaaa-900038001003",0x1f] = "BaseRegSaveKeyEx",
+		["338cd001-2244-31f1-aaaa-900038001003",0x20] = "OpenPerformanceText",
+		["338cd001-2244-31f1-aaaa-900038001003",0x21] = "OpenPerformanceNlsText",
+		["338cd001-2244-31f1-aaaa-900038001003",0x22] = "BaseRegQueryMultipleValues2",
+		["338cd001-2244-31f1-aaaa-900038001003",0x23] = "BaseRegDeleteKeyEx",
+
+		# dssetup
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x00] = "DsRolerGetPrimaryDomainInformation",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x01] = "DsRolerDnsNameToFlatName",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x02] = "DsRolerDcAsDc",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x03] = "DsRolerDcAsReplica",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x04] = "DsRolerDemoteDc",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x05] = "DsRolerGetDcOperationProgress",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x06] = "DsRolerGetDcOperationResults",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x07] = "DsRolerCancel",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x08] = "DsRolerServerSaveStateForUpgrade",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x09] = "DsRolerUpgradeDownlevelServer",
+		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x0a] = "DsRolerAbortDownlevelServerUpgrade",
+
+		# svcctl
+		["367aeb81-9844-35f1-ad32-98f038001003",0x00] = "CloseServiceHandle",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x01] = "ControlService",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x02] = "DeleteService",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x03] = "LockServiceDatabase",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x04] = "QueryServiceObjectSecurity",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x05] = "SetServiceObjectSecurity",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x06] = "QueryServiceStatus",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x07] = "SetServiceStatus",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x08] = "UnlockServiceDatabase",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x09] = "NotifyBootConfigStatus",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x0a] = "ScSetServiceBitsW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x0b] = "ChangeServiceConfigW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x0c] = "CreateServiceW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x0d] = "EnumDependentServicesW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x0e] = "EnumServicesStatusW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x0f] = "OpenSCManagerW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x10] = "OpenServiceW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x11] = "QueryServiceConfigW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x12] = "QueryServiceLockStatusW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x13] = "StartServiceW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x14] = "GetServiceDisplayNameW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x15] = "GetServiceKeyNameW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x16] = "ScSetServiceBitsA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x17] = "ChangeServiceConfigA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x18] = "CreateServiceA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x19] = "EnumDependentServicesA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x1a] = "EnumServicesStatusA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x1b] = "OpenSCManagerA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x1c] = "OpenServiceA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x1d] = "QueryServiceConfigA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x1e] = "QueryServiceLockStatusA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x1f] = "StartServiceA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x20] = "GetServiceDisplayNameA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x21] = "GetServiceKeyNameA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x22] = "ScGetCurrentGroupStateW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x23] = "EnumServiceGroupW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x24] = "ChangeServiceConfig2A",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x25] = "ChangeServiceConfig2W",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x26] = "QueryServiceConfig2A",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x27] = "QueryServiceConfig2W",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x28] = "QueryServiceStatusEx",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x29] = "EnumServicesStatusExA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x2a] = "EnumServicesStatusExW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x2b] = "ScSendTSMessage",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x2c] = "CreateServiceWOW64A",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x2d] = "CreateServiceWOW64W",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x2e] = "ScQueryServiceTagInfo",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x2f] = "NotifyServiceStatusChange",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x30] = "GetNotifyResult",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x31] = "CloseNotifyHandle",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x32] = "ControlServiceExA",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x33] = "ControlServiceExW",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x34] = "ScSendPnPMessage",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x35] = "ScValidatePnPService",
+		["367aeb81-9844-35f1-ad32-98f038001003",0x36] = "ScOpenServiceStatusHandle",
+
+		# browser
+		["6bffd098-a112-3610-9833-012892020162",0x00] = "BrowserrServerEnum",
+		["6bffd098-a112-3610-9833-012892020162",0x01] = "BrowserrDebugCall",
+		["6bffd098-a112-3610-9833-012892020162",0x02] = "BrowserrQueryOtherDomains",
+		["6bffd098-a112-3610-9833-012892020162",0x03] = "BrowserrResetNetlogonState",
+		["6bffd098-a112-3610-9833-012892020162",0x04] = "BrowserrDebugTrace",
+		["6bffd098-a112-3610-9833-012892020162",0x05] = "BrowserrQueryStatistics",
+		["6bffd098-a112-3610-9833-012892020162",0x06] = "BrowserrResetStatistics",
+		["6bffd098-a112-3610-9833-012892020162",0x07] = "NetrBrowserStatisticsClear",
+		["6bffd098-a112-3610-9833-012892020162",0x08] = "NetrBrowserStatisticsGet",
+		["6bffd098-a112-3610-9833-012892020162",0x09] = "BrowserrSetNetlogonState",
+		["6bffd098-a112-3610-9833-012892020162",0x0a] = "BrowserrQueryEmulatedDomains",
+		["6bffd098-a112-3610-9833-012892020162",0x0b] = "BrowserrServerEnumEx",
+
+		# AudioSrv
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x00] = "gfxCreateZoneFactoriesList",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x01] = "gfxCreateGfxFactoriesList",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x02] = "gfxCreateGfxList",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x03] = "gfxRemoveGfx",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x04] = "gfxAddGfx",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x05] = "gfxModifyGx",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x06] = "gfxOpenGfx",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x07] = "gfxLogon",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x08] = "gfxLogoff",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x09] = "winmmRegisterSessionNotificationEvent",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x0a] = "winmmUnregisterSessionNotification",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x0b] = "winmmSessionConnectState",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x0c] = "wdmDriverOpenDrvRegKey",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x0d] = "winmmAdvisePreferredDeviceChange",
+		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5",0x0e] = "winmmGetPnpInfo",
+
+		# AudioRpc
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x00] = "AudioServerConnect",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x01] = "AudioServerDisconnect",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x02] = "AudioServerInitialize",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x03] = "AudioServerGetAudioSession",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x04] = "AudioServerCreateStream",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x05] = "AudioServerDestroyStream",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x06] = "AudioServerGetStreamLatency",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x07] = "AudioServerGetMixFormat",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x08] = "AudioServerIsFormatSupported",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x09] = "AudioServerGetDevicePeriod",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x0a] = "AudioVolumeGetMasterVolumeLevelScalar",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x0b] = "AudioSessionGetProcessId",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x0c] = "AudioSessionGetState",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x0d] = "AudioSessionGetLastActivation",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x0e] = "AudioSessionGetLastInactivation",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x0f] = "AudioSessionIsSystemSoundsSession",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x10] = "AudioSessionGetDisplayName",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x11] = "AudioSessionSetDisplayName",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x12] = "AudioSessionGetSessionClass",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x13] = "AudioSessionSetSessionClass",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x14] = "AudioSessionGetVolume",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x15] = "AudioSessionSetVolume",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x16] = "AudioSessionGetMute",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x17] = "AudioSessionSetMute",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x18] = "AudioSessionGetChannelCount",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x19] = "AudioSessionSetChannelVolume",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x1a] = "AudioSessionGetChannelVolume",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x1b] = "AudioSessionSetAllVolumes",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x1c] = "AudioSessionGetAllVolumes",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x1d] = "AudioServerDisconnect",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x1e] = "AudioServerGetMixFormat",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x1f] = "PolicyConfigGetDeviceFormat",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x20] = "PolicyConfigSetDeviceFormat",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x21] = "AudioServerGetDevicePeriod",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x22] = "PolicyConfigSetProcessingPeriod",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x23] = "PolicyConfigGetShareMode",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x24] = "PolicyConfigSetShareMode",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x25] = "GetAudioSessionManager",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x26] = "AudioSessionManagerDestroy",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x27] = "AudioSessionManagerGetAudioSession",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x28] = "AudioSessionManagerGetCurrentSession",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x29] = "AudioSessionManagerGetExistingSession",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x2a] = "AudioSessionManagerAddAudioSessionClientNotification",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x2b] = "AudioSessionManagerDeleteAudioSessionClientNotification",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x2c] = "AudioSessionManagerAddAudioSessionClientNotification",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x2d] = "AudioVolumeConnect",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x2e] = "AudioVolumeDisconnect",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x2f] = "AudioVolumeGetChannelCount",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x30] = "AudioVolumeSetMasterVolumeLevel",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x31] = "AudioVolumeSetMasterVolumeLevelScalar",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x32] = "AudioVolumeGetMasterVolumeLevel",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x33] = "AudioVolumeGetMasterVolumeLevelScalar",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x34] = "AudioVolumeSetChannelVolumeLevel",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x35] = "AudioVolumeSetChannelVolumeLevelScalar",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x36] = "AudioVolumeGetChannelVolumeLevel",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x37] = "AudioVolumeGetChannelVolumeLevelScalar",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x38] = "AudioVolumeSetMute",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x39] = "AudioSessionGetDisplayName",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x3a] = "AudioVolumeAddMasterVolumeNotification",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x3b] = "AudioVolumeDeleteMasterVolumeNotification",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x3c] = "AudioMeterGetAverageRMS",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x3d] = "AudioMeterGetChannelsRMS",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x3e] = "AudioMeterGetPeakValue",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x3f] = "AudioMeterGetChannelsPeakValues",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x40] = "AudioVolumeGetStepInfo",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x41] = "AudioVolumeStepUp",
+		["c386ca3e-9061-4a72-821e-498d83be188f",0x42] = "AudioVolumeStepDown",
+
+		# dhcpcsvc6
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6",0x00] = "RpcSrvRequestPrefix",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6",0x01] = "RpcSrvRenewPrefix",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6",0x02] = "RpcSrvReleasePrefix",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6",0x03] = "RpcSrvRequestParams",
+
+		# RpcSrvDHCPC
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x00] = "RpcSrvEnableDhcp",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x01] = "RpcSrvRenewLease",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x02] = "RpcSrvRenewLeaseByBroadcast",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x03] = "RpcSrvReleaseLease",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x04] = "RpcSrvSetFallbackParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x05] = "RpcSrvGetFallbackParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x06] = "RpcSrvFallbackRefreshParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x07] = "RpcSrvStaticRefreshParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x08] = "RpcSrvRemoveDnsRegistrations",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x09] = "RpcSrvRequestParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x0a] = "RpcSrvPersistentRequestParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x0b] = "RpcSrvRegisterParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x0c] = "RpcSrvDeRegisterParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x0d] = "RpcSrvEnumInterfaces",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x0e] = "RpcSrvQueryLeaseInfo",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x0f] = "RpcSrvSetClassId",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x10] = "RpcSrvGetClassId",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x11] = "RpcSrvSetClientId",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x12] = "RpcSrvGetClientId",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x13] = "RpcSrvNotifyMediaReconnected",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x14] = "RpcSrvGetOriginalSubnetMask",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x15] = "RpcSrvSetMSFTVendorSpecificOptions",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x16] = "RpcSrvRequestCachedParams",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x17] = "RpcSrvRegisterConnectionStateNotification",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x18] = "RpcSrvDeRegisterConnectionStateNotification",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x19] = "RpcSrvGetNotificationStatus",
+		["3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5",0x1a] = "RpcSrvGetDhcpServicedConnections",
+
+		# lcrpc
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x00] = "RpcLicensingOpenServer",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x01] = "RpcLicensingCloseServer",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x02] = "RpcLicensingLoadPolicy",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x03] = "RpcLicensingUnloadPolicy",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x04] = "RpcLicensingSetPolicy",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x05] = "RpcLicensingGetAvailablePolicyIds",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x06] = "RpcLicensingGetPolicy",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x07] = "RpcLicensingGetPolicyInformation",
+		["2f59a331-bf7d-48cb-9ec5-7c090d76e8b8",0x08] = "RpcLicensingDeactivateCurrentPolicy",
+
+		# winstation_rpc
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x00] = "RpcWinStationOpenServer",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x01] = "RpcWinStationCloseServer",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x02] = "RpcIcaServerPing",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x03] = "RpcWinStationEnumerate",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x04] = "RpcWinStationRename",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x05] = "RpcWinStationQueryInformation",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x06] = "RpcWinStationSetInformation",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x07] = "RpcWinStationSendMessage",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x08] = "RpcLogonIdFromWinStationName",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x09] = "RpcWinStationNameFromLogonId",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x0a] = "RpcWinStationConnect",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x0b] = "RpcWinStationVirtualOpen",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x0c] = "RpcWinStationBeepOpen",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x0d] = "RpcWinStationDisconnect",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x0e] = "RpcWinStationReset",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x0f] = "RpcWinStationShutdownSystem",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x10] = "RpcWinStationWaitSystemEvent",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x11] = "RpcWinStationShadow",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x12] = "RpcWinStationShadowTargetSetup",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x13] = "RpcWinStationShadowTarget",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x14] = "RpcWinStationGenerateLicense",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x15] = "RpcWinStationInstallLicense",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x16] = "RpcWinStationEnumerateLicenses",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x17] = "RpcWinStationActivateLicense",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x18] = "RpcWinStationRemoveLicense",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x19] = "RpcWinStationQueryLicense",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x1a] = "RpcWinStationSetPoolCount",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x1b] = "RpcWinStationQueryUpdateRequired",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x1c] = "RpcWinStationCallback",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x1d] = "RpcWinStationGetApplicationInfo",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x1e] = "RpcWinStationReadRegistry",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x1f] = "RpcWinStationWaitForConnect",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x20] = "RpcWinStationNotifyLogon",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x21] = "RpcWinStationNotifyLogoff",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x22] = "RpcWinStationEnumerateProcesses",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x23] = "RpcWinStationAnnoyancePopup",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x24] = "RpcWinStationEnumerateProcesses",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x25] = "RpcWinStationTerminateProcess",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x26] = "RpcServerNWLogonSetAdmin",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x27] = "RpcServerNWLogonQueryAdmin",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x28] = "RpcWinStationNtsdDebug",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x29] = "RpcWinStationBreakPoint",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x2a] = "RpcWinStationCheckForApplicationName",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x2b] = "RpcWinStationGetAllProcesses",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x2c] = "RpcWinStationGetProcessSid",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x2d] = "RpcWinStationGetTermSrvCountersValue",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x2e] = "RpcWinStationReInitializeSecurity",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x2f] = "RpcWinStationBroadcastSystemMessage",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x30] = "RpcWinStationSendWindowMessage",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x31] = "RpcWinStationNotifyNewSession",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x32] = "RpcServerGetInternetConnectorStatus",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x33] = "RpcServerSetInternetConnectorStatus",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x34] = "RpcServerQueryInetConnectorInformation",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x35] = "RpcWinStationGetLanAdapterName",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x36] = "RpcWinStationUpdateUserConfig",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x37] = "RpcWinStationQueryLogonCredentials",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x38] = "RpcWinStationRegisterConsoleNotification",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x39] = "RpcWinStationUnRegisterConsoleNotification",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x3a] = "RpcWinStationUpdateSettings",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x3b] = "RpcWinStationShadowStop",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x3c] = "RpcWinStationCloseServerEx",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x3d] = "RpcWinStationIsHelpAssistantSession",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x3e] = "RpcWinStationGetMachinePolicy",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x3f] = "RpcWinStationUpdateClientCachedCredentials",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x40] = "RpcWinStationFUSCanRemoteUserDisconnect",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x41] = "RpcWinStationCheckLoopBack",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x42] = "RpcConnectCallback",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x43] = "RpcWinStationNotifyDisconnectPipe",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x44] = "RpcWinStationSessionInitialized",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x45] = "RpcRemoteAssistancePrepareSystemRestore",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x46] = "RpcWinStationGetAllProcesses_NT6",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x47] = "RpcWinStationRegisterNotificationEvent",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x48] = "RpcWinStationUnRegisterNotificationEvent",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x49] = "RpcWinStationAutoReconnect",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x4a] = "RpcWinStationCheckAccess",
+		["5ca4a760-ebb1-11cf-8611-00a0245420ed",0x4b] = "RpcWinStationOpenSessionDirectory",
+
+		# NsiS
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c3",0x00] = "nsi_binding_export",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c3",0x01] = "nsi_binding_unexport",
+
+		# NsiC
+		["d3fbb514-0e3b-11cb-8fad-08002b1d29c3",0x00] = "nsi_binding_lookup_begin",
+		["d3fbb514-0e3b-11cb-8fad-08002b1d29c3",0x01] = "nsi_binding_lookup_done",
+		["d3fbb514-0e3b-11cb-8fad-08002b1d29c3",0x02] = "nsi_binding_lookup_next",
+		["d3fbb514-0e3b-11cb-8fad-08002b1d29c3",0x03] = "nsi_mgmt_handle_set_exp_age",
+
+		# NsiM
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x00] = "nsi_group_delete",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x01] = "nsi_group_mbr_add",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x02] = "nsi_group_mbr_remove",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x03] = "nsi_group_mbr_inq_begin",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x04] = "nsi_group_mbr_inq_next",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x05] = "nsi_group_mbr_inq_done",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x06] = "nsi_profile_delete",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x07] = "nsi_profile_elt_add",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x08] = "nsi_profile_elt_remove",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x09] = "nsi_profile_elt_inq_begin",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x0a] = "nsi_profile_elt_inq_next",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x0b] = "nsi_profile_elt_inq_done",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x0c] = "nsi_entry_object_inq_begin",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x0d] = "nsi_entry_object_inq_next",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x0e] = "nsi_entry_object_inq_done",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x0f] = "nsi_entry_expand_name",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x10] = "nsi_mgmt_binding_unexport",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x11] = "nsi_mgmt_entry_delete",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x12] = "nsi_mgmt_entry_create",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x13] = "nsi_mgmt_entry_inq_if_ids",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x14] = "nsi_mgmt_inq_exp_age",
+		["d6d70ef0-0e3b-11cb-acc3-08002b1d29c4",0x15] = "nsi_mgmt_inq_set_age",
+
+		# eventlog
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x00] = "ElfrClearELFW",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x01] = "ElfrBackupELFW",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x02] = "ElfrCloseEL",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x03] = "ElfrDeregisterEventSource",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x04] = "ElfrNumberOfRecords",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x05] = "ElfrOldestRecord",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x06] = "ElfrChangeNotify",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x07] = "ElfrOpenELW",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x08] = "ElfrRegisterEventSourceW",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x09] = "ElfrOpenBELW",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x0a] = "ElfrReadELW",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x0b] = "ElfrReportEventW",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x0c] = "ElfrClearELFA",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x0d] = "ElfrBackupELFA",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x0e] = "ElfrOpenELA",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x0f] = "ElfrRegisterEventSourceA",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x10] = "ElfrOpenBELA",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x11] = "ElfrReadELA",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x12] = "ElfrReportEventA",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x13] = "ElfrRegisterClusterSvc",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x14] = "ElfrDeregisterClusterSvc",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x15] = "ElfrWriteClusterEvents",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x16] = "ElfrGetLogInformation",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x17] = "ElfrFlushEL",
+		["82273fdc-e32a-18c3-3f78-827929dc23ea",0x18] = "ElfrReportEventAndSourceW",
+
+		# ISeclogon
+		["12b81e99-f207-4a4c-85d3-77b42f76fd14",0x00] = "SeclCreateProcessWithLogonW",
+		["12b81e99-f207-4a4c-85d3-77b42f76fd14",0x01] = "SeclCreateProcessWithLogonExW",
+
+		# IKeySvc
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x00] = "KeyrOpenKeyService",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x01] = "KeyrEnumerateProviders",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x02] = "KeyrEnumerateProviderTypes",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x03] = "KeyrEnumerateProvContainers",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x04] = "KeyrCloseKeyService",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x05] = "KeyrGetDefaultProvider",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x06] = "KeyrSetDefaultProvider",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x07] = "KeyrEnroll",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x08] = "KeyrExportCert",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x09] = "KeyrImportCert",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x0a] = "KeyrEnumerateAvailableCertTypes",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x0b] = "KeyrEnumerateCAs",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x0c] = "KeyrEnroll_V2",
+		["8d0ffe72-d252-11d0-bf8f-00c04fd9126b",0x0d] = "KeyrQueryRequestStatus",
+
+		# IKeySvc2
+		["68b58241-c259-4f03-a2e5-a2651dcbc930",0x00] = "KSrSubmitRequest",
+		["68b58241-c259-4f03-a2e5-a2651dcbc930",0x01] = "KSrGetTemplates",
+		["68b58241-c259-4f03-a2e5-a2651dcbc930",0x02] = "KSrGetCAs",
+
+		# ICertProtect
+		["0d72a7d4-6148-11d1-b4aa-00c04fb66ea0",0x00] = "SSCertProtectFunction",
+
+		# ICatDBSvc
+		["f50aac00-c7f3-428e-a022-a6b71bfb9d43",0x00] = "SSCatDBAddCatalog",
+		["f50aac00-c7f3-428e-a022-a6b71bfb9d43",0x01] = "SSCatDBDeleteCatalog",
+		["f50aac00-c7f3-428e-a022-a6b71bfb9d43",0x02] = "SSCatDBEnumCatalogs",
+		["f50aac00-c7f3-428e-a022-a6b71bfb9d43",0x03] = "SSCatDBRegisterForChangeNotification",
+		["f50aac00-c7f3-428e-a022-a6b71bfb9d43",0x04] = "KeyrCloseKeyService",
+		["f50aac00-c7f3-428e-a022-a6b71bfb9d43",0x05] = "SSCatDBRebuildDatabase",
+
+		# lsarpc
+		["12345778-1234-abcd-ef00-0123456789ab",0x00] = "LsarClose",
+		["12345778-1234-abcd-ef00-0123456789ab",0x01] = "LsarDelete",
+		["12345778-1234-abcd-ef00-0123456789ab",0x02] = "LsarEnumeratePrivileges",
+		["12345778-1234-abcd-ef00-0123456789ab",0x03] = "LsarQuerySecurityObject",
+		["12345778-1234-abcd-ef00-0123456789ab",0x04] = "LsarSetSecurityObject",
+		["12345778-1234-abcd-ef00-0123456789ab",0x05] = "LsarChangePassword",
+		["12345778-1234-abcd-ef00-0123456789ab",0x06] = "LsarOpenPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x07] = "LsarQueryInformationPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x08] = "LsarSetInformationPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x09] = "LsarClearAuditLog",
+		["12345778-1234-abcd-ef00-0123456789ab",0x0a] = "LsarCreateAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x0b] = "LsarEnumerateAccounts",
+		["12345778-1234-abcd-ef00-0123456789ab",0x0c] = "LsarCreateTrustedDomain",
+		["12345778-1234-abcd-ef00-0123456789ab",0x0d] = "LsarEnumerateTrustedDomains",
+		["12345778-1234-abcd-ef00-0123456789ab",0x0e] = "LsarLookupNames",
+		["12345778-1234-abcd-ef00-0123456789ab",0x0f] = "LsarLookupSids",
+		["12345778-1234-abcd-ef00-0123456789ab",0x10] = "LsarCreateSecret",
+		["12345778-1234-abcd-ef00-0123456789ab",0x11] = "LsarOpenAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x12] = "LsarEnumeratePrivilegesAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x13] = "LsarAddPrivilegesToAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x14] = "LsarRemovePrivilegesFromAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x15] = "LsarGetQuotasForAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x16] = "LsarSetQuotasForAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x17] = "LsarGetSystemAccessAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x18] = "LsarSetSystemAccessAccount",
+		["12345778-1234-abcd-ef00-0123456789ab",0x19] = "LsarOpenTrustedDomain",
+		["12345778-1234-abcd-ef00-0123456789ab",0x1a] = "LsarQueryInfoTrustedDomain",
+		["12345778-1234-abcd-ef00-0123456789ab",0x1b] = "LsarSetInformationTrustedDomain",
+		["12345778-1234-abcd-ef00-0123456789ab",0x1c] = "LsarOpenSecret",
+		["12345778-1234-abcd-ef00-0123456789ab",0x1d] = "LsarSetSecret",
+		["12345778-1234-abcd-ef00-0123456789ab",0x1e] = "LsarQuerySecret",
+		["12345778-1234-abcd-ef00-0123456789ab",0x1f] = "LsarLookupPrivilegeValue",
+		["12345778-1234-abcd-ef00-0123456789ab",0x20] = "LsarLookupPrivilegeName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x21] = "LsarLookupPrivilegeDisplayName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x22] = "LsarDeleteObject",
+		["12345778-1234-abcd-ef00-0123456789ab",0x23] = "LsarEnumerateAccountsWithUserRight",
+		["12345778-1234-abcd-ef00-0123456789ab",0x24] = "LsarEnumerateAccountRights",
+		["12345778-1234-abcd-ef00-0123456789ab",0x25] = "LsarAddAccountRights",
+		["12345778-1234-abcd-ef00-0123456789ab",0x26] = "LsarRemoveAccountRights",
+		["12345778-1234-abcd-ef00-0123456789ab",0x27] = "LsarQueryTrustedDomainInfo",
+		["12345778-1234-abcd-ef00-0123456789ab",0x28] = "LsarSetTrustedDomainInfo",
+		["12345778-1234-abcd-ef00-0123456789ab",0x29] = "LsarDeleteTrustedDomain",
+		["12345778-1234-abcd-ef00-0123456789ab",0x2a] = "LsarStorePrivateData",
+		["12345778-1234-abcd-ef00-0123456789ab",0x2b] = "LsarRetrievePrivateData",
+		["12345778-1234-abcd-ef00-0123456789ab",0x2c] = "LsarOpenPolicy2",
+		["12345778-1234-abcd-ef00-0123456789ab",0x2d] = "LsarGetUserName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x2e] = "LsarQueryInformationPolicy2",
+		["12345778-1234-abcd-ef00-0123456789ab",0x2f] = "LsarSetInformationPolicy2",
+		["12345778-1234-abcd-ef00-0123456789ab",0x30] = "LsarQueryTrustedDomainInfoByName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x31] = "LsarSetTrustedDomainInfoByName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x32] = "LsarEnumerateTrustedDomainsEx",
+		["12345778-1234-abcd-ef00-0123456789ab",0x33] = "LsarCreateTrustedDomainEx",
+		["12345778-1234-abcd-ef00-0123456789ab",0x34] = "LsarCloseTrustedDomainEx",
+		["12345778-1234-abcd-ef00-0123456789ab",0x35] = "LsarQueryDomainInformationPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x36] = "LsarSetDomainInformationPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x37] = "LsarOpenTrustedDomainByName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x38] = "LsarTestCall",
+		["12345778-1234-abcd-ef00-0123456789ab",0x39] = "LsarLookupSids2",
+		["12345778-1234-abcd-ef00-0123456789ab",0x3a] = "LsarLookupNames2",
+		["12345778-1234-abcd-ef00-0123456789ab",0x3b] = "LsarCreateTrustedDomainEx2",
+		["12345778-1234-abcd-ef00-0123456789ab",0x3c] = "CredrWrite",
+		["12345778-1234-abcd-ef00-0123456789ab",0x3d] = "CredrRead",
+		["12345778-1234-abcd-ef00-0123456789ab",0x3e] = "CredrEnumerate",
+		["12345778-1234-abcd-ef00-0123456789ab",0x3f] = "CredrWriteDomainCredentials",
+		["12345778-1234-abcd-ef00-0123456789ab",0x40] = "CredrReadDomainCredentials",
+		["12345778-1234-abcd-ef00-0123456789ab",0x41] = "CredrDelete",
+		["12345778-1234-abcd-ef00-0123456789ab",0x42] = "CredrGetTargetInfo",
+		["12345778-1234-abcd-ef00-0123456789ab",0x43] = "CredrProfileLoaded",
+		["12345778-1234-abcd-ef00-0123456789ab",0x44] = "LsarLookupNames3",
+		["12345778-1234-abcd-ef00-0123456789ab",0x45] = "CredrGetSessionTypes",
+		["12345778-1234-abcd-ef00-0123456789ab",0x46] = "LsarRegisterAuditEvent",
+		["12345778-1234-abcd-ef00-0123456789ab",0x47] = "LsarGenAuditEvent",
+		["12345778-1234-abcd-ef00-0123456789ab",0x48] = "LsarUnregisterAuditEvent",
+		["12345778-1234-abcd-ef00-0123456789ab",0x49] = "LsarQueryForestTrustInformation",
+		["12345778-1234-abcd-ef00-0123456789ab",0x4a] = "LsarSetForestTrustInformation",
+		["12345778-1234-abcd-ef00-0123456789ab",0x4b] = "CredrRename",
+		["12345778-1234-abcd-ef00-0123456789ab",0x4c] = "LsarLookupSids3",
+		["12345778-1234-abcd-ef00-0123456789ab",0x4d] = "LsarLookupNames4",
+		["12345778-1234-abcd-ef00-0123456789ab",0x4e] = "LsarOpenPolicySce",
+		["12345778-1234-abcd-ef00-0123456789ab",0x4f] = "LsarAdtRegisterSecurityEventSource",
+		["12345778-1234-abcd-ef00-0123456789ab",0x50] = "LsarAdtUnregisterSecurityEventSource",
+		["12345778-1234-abcd-ef00-0123456789ab",0x51] = "LsarAdtReportSecurityEvent",
+		["12345778-1234-abcd-ef00-0123456789ab",0x52] = "CredrFindBestCredential",
+		["12345778-1234-abcd-ef00-0123456789ab",0x53] = "LsarSetAuditPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x54] = "LsarQueryAuditPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x55] = "LsarEnumerateAuditPolicy",
+		["12345778-1234-abcd-ef00-0123456789ab",0x56] = "LsarEnumerateAuditCategories",
+		["12345778-1234-abcd-ef00-0123456789ab",0x57] = "LsarEnumerateAuditSubCategories",
+		["12345778-1234-abcd-ef00-0123456789ab",0x58] = "LsarLookupAuditCategoryName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x59] = "LsarLookupAuditSubCategoryName",
+		["12345778-1234-abcd-ef00-0123456789ab",0x5a] = "LsarSetAuditSecurity",
+		["12345778-1234-abcd-ef00-0123456789ab",0x5b] = "LsarQueryAuditSecurity",
+		["12345778-1234-abcd-ef00-0123456789ab",0x5c] = "CredReadByTokenHandle",
+		["12345778-1234-abcd-ef00-0123456789ab",0x5d] = "CredrRestoreCredentials",
+		["12345778-1234-abcd-ef00-0123456789ab",0x5e] = "CredrBackupCredentials",
+
+		# msgsvc
+		["17fdd703-1827-4e34-79d4-24a55c53bb37",0x00] = "NetrMessageNameAdd",
+		["17fdd703-1827-4e34-79d4-24a55c53bb37",0x01] = "NetrMessageNameEnum",
+		["17fdd703-1827-4e34-79d4-24a55c53bb37",0x02] = "NetrMessageNameGetInfo",
+		["17fdd703-1827-4e34-79d4-24a55c53bb37",0x03] = "NetrMessageNameDel",
+
+		# msgsvcsend
+		["5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc",0x00] = "NetrSendMessage",
+
+		# pnp
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x00] = "PNP_Disconnect",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x01] = "PNP_Connect",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x02] = "PNP_GetVersion",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x03] = "PNP_GetGlobalState",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x04] = "PNP_InitDetection",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x05] = "PNP_ReportLogOn",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x06] = "PNP_ValidateDeviceInstance",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x07] = "PNP_GetRootDeviceInstance",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x08] = "PNP_GetRelatedDeviceInstance",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x09] = "PNP_EnumerateSubKeys",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x0a] = "PNP_GetDeviceList",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x0b] = "PNP_GetDeviceListSize",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x0c] = "PNP_GetDepth",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x0d] = "PNP_GetDeviceRegProp",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x0e] = "PNP_SetDeviceRegProp",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x0f] = "PNP_GetClassInstance",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x10] = "PNP_CreateKey",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x11] = "PNP_DeleteRegistryKey",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x12] = "PNP_GetClassCount",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x13] = "PNP_GetClassName",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x14] = "PNP_DeleteClassKey",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x15] = "PNP_GetInterfaceDeviceAlias",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x16] = "PNP_GetInterfaceDeviceList",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x17] = "PNP_GetInterfaceDeviceListSize",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x18] = "PNP_RegisterDeviceClassAssociation",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x19] = "PNP_UnregisterDeviceClassAssociation",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x1a] = "PNP_GetClassRegProp",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x1b] = "PNP_SetClassRegProp",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x1c] = "PNP_CreateDevInst",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x1d] = "PNP_DeviceInstanceAction",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x1e] = "PNP_GetDeviceStatus",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x1f] = "PNP_SetDeviceProblem",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x20] = "PNP_DisableDevInst",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x21] = "PNP_UninstallDevInst",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x22] = "PNP_AddID",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x23] = "PNP_RegisterDriver",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x24] = "PNP_QueryRemove",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x25] = "PNP_RequestDeviceEject",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x26] = "PNP_IsDockStationPresent",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x27] = "PNP_RequestEjectPC",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x28] = "PNP_HwProfFlags",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x29] = "PNP_GetHwProfInfo",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x2a] = "PNP_AddEmptyLogConf",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x2b] = "PNP_FreeLogConf",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x2c] = "PNP_GetFirstLogConf",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x2d] = "PNP_GetNextLogConf",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x2e] = "PNP_GetLogConfPriority",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x2f] = "PNP_AddResDes",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x30] = "PNP_FreeResDes",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x31] = "PNP_GetNextResDes",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x32] = "PNP_GetResDesData",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x33] = "PNP_GetResDesDataSize",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x34] = "PNP_ModifyResDes",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x35] = "PNP_DetectResourceConflict",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x36] = "PNP_QueryResConfList",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x37] = "PNP_SetHwProf",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x38] = "PNP_QueryArbitratorFreeData",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x39] = "PNP_QueryArbitratorFreeSize",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x3a] = "PNP_RunDetection",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x3b] = "PNP_RegisterNotification",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x3c] = "PNP_UnregisterNotification",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x3d] = "PNP_GetCustomDevProp",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x3e] = "PNP_GetVersionInternal",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x3f] = "PNP_GetBlockedDriverInfo",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x40] = "PNP_GetServerSideDeviceInstallFlags",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x41] = "PNP_GetObjectPropKeys",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x42] = "PNP_GetObjectProp",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x43] = "PNP_SetObjectProp",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x44] = "PNP_InstallDevInst",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x45] = "PNP_ApplyPowerSettings",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x46] = "PNP_DriverStoreAddDriverPackage",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x47] = "PNP_DriverStoreDeleteDriverPackage",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x48] = "PNP_RegisterServiceNotification",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x49] = "PNP_SetActiveService",
+		["8d9f4e40-a03d-11ce-8f69-08003e30051b",0x4a] = "PNP_DeleteServiceDevices",
+
+		# DnsServer
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x00] = "DnssrvOperation",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x01] = "DnssrvQuery",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x02] = "DnssrvComplexOperation",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x03] = "DnssrvEnumRecords",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x04] = "DnssrvUpdateRecord",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x05] = "DnssrvOperation2",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x06] = "DnssrvQuery2",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x07] = "DnssrvComplexOperation2",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x08] = "DnssrvEnumRecords2",
+		["50abc2a4-574d-40b3-9d66-ee4fd5fba076",0x09] = "DnssrvUpdateRecord2",
+
+		# lls_license
+		["57674cd0-5200-11ce-a897-08002b2e9c6d",0x00] = "LlsrLicenseRequestW",
+		["57674cd0-5200-11ce-a897-08002b2e9c6d",0x01] = "LlsrLicenseFree",
+
+		# llsrpc
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x00] = "LlsrConnect",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x01] = "LlsrClose",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x02] = "LlsrLicenseEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x03] = "LlsrLicenseEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x04] = "LlsrLicenseAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x05] = "LlsrLicenseAddA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x06] = "LlsrProductEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x07] = "LlsrProductEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x08] = "LlsrProductAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x09] = "LlsrProductAddA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x0a] = "LlsrProductUserEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x0b] = "LlsrProductUserEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x0c] = "LlsrProductServerEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x0d] = "LlsrProductServerEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x0e] = "LlsrProductLicenseEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x0f] = "LlsrProductLicenseEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x10] = "LlsrUserEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x11] = "LlsrUserEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x12] = "LlsrUserInfoGetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x13] = "LlsrUserInfoGetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x14] = "LlsrUserInfoSetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x15] = "LlsrUserInfoSetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x16] = "LlsrUserDeleteW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x17] = "LlsrUserDeleteA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x18] = "LlsrUserProductEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x19] = "LlsrUserProductEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x1a] = "LlsrUserProductDeleteW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x1b] = "LlsrUserProductDeleteA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x1c] = "LlsrMappingEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x1d] = "LlsrMappingEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x1e] = "LlsrMappingInfoGetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x1f] = "LlsrMappingInfoGetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x20] = "LlsrMappingInfoSetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x21] = "LlsrMappingInfoSetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x22] = "LlsrMappingUserEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x23] = "LlsrMappingUserEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x24] = "LlsrMappingUserAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x25] = "LlsrMappingUserAddA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x26] = "LlsrMappingUserDeleteW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x27] = "LlsrMappingUserDeleteA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x28] = "LlsrMappingAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x29] = "LlsrMappingAddA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x2a] = "LlsrMappingDeleteW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x2b] = "LlsrMappingDeleteA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x2c] = "LlsrServerEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x2d] = "LlsrServerEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x2e] = "LlsrServerProductEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x2f] = "LlsrServerProductEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x30] = "LlsrLocalProductEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x31] = "LlsrLocalProductEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x32] = "LlsrLocalProductInfoGetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x33] = "LlsrLocalProductInfoGetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x34] = "LlsrLocalProductInfoSetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x35] = "LlsrLocalProductInfoSetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x36] = "LlsrServiceInfoGetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x37] = "LlsrServiceInfoGetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x38] = "LlsrServiceInfoSetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x39] = "LlsrServiceInfoSetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x3a] = "LlsrReplConnect",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x3b] = "LlsrReplClose",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x3c] = "LlsrReplicationRequestW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x3d] = "LlsrReplicationServerAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x3e] = "LlsrReplicationServerServiceAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x3f] = "LlsrReplicationServiceAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x40] = "LlsrReplicationUserAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x41] = "LlsrProductSecurityGetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x42] = "LlsrProductSecurityGetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x43] = "LlsrProductSecuritySetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x44] = "LlsrProductSecuritySetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x45] = "LlsrProductLicensesGetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x46] = "LlsrProductLicensesGetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x47] = "LlsrCertificateClaimEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x48] = "LlsrCertificateClaimEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x49] = "LlsrCertificateClaimAddCheckA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x4a] = "LlsrCertificateClaimAddCheckW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x4b] = "LlsrCertificateClaimAddA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x4c] = "LlsrCertificateClaimAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x4d] = "LlsrReplicationCertDbAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x4e] = "LlsrReplicationProductSecurityAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x4f] = "LlsrReplicationUserAddExW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x50] = "LlsrCapabilityGet",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x51] = "LlsrLocalServiceEnumW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x52] = "LlsrLocalServiceEnumA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x53] = "LlsrLocalServiceAddA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x54] = "LlsrLocalServiceAddW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x55] = "LlsrLocalServiceInfoSetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x56] = "LlsrLocalServiceInfoSetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x57] = "LlsrLocalServiceInfoGetW",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x58] = "LlsrLocalServiceInfoGetA",
+		["342cfd40-3c6c-11ce-a893-08002b2e9c6d",0x59] = "LlsrCloseEx",
+
+		# ICertPassage
+		["91ae6020-9e3c-11cf-8d7c-00aa00c091be",0x00] = "CertServerRequest",
+
+		# netdfs
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x00] = "NetrDfsManagerGetVersion",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x01] = "NetrDfsAdd",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x02] = "NetrDfsRemove",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x03] = "NetrDfsSetInfo",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x04] = "NetrDfsGetInfo",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x05] = "NetrDfsEnum",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x06] = "NetrDfsRename",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x07] = "NetrDfsMove",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x08] = "NetrDfsManagerGetConfigInfo",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x09] = "NetrDfsManagerSendSiteInfo",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x0a] = "NetrDfsAddFtRoot",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x0b] = "NetrDfsRemoveFtRoot",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x0c] = "NetrDfsAddStdRoot",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x0d] = "NetrDfsRemoveStdRoot",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x0e] = "NetrDfsManagerInitialize",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x0f] = "NetrDfsAddStdRootForced",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x10] = "NetrDfsGetDcAddress",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x11] = "NetrDfsSetDcAddress",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x12] = "NetrDfsFlushFtTable",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x13] = "NetrDfsAdd2",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x14] = "NetrDfsRemove2",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x15] = "NetrDfsEnumEx",
+		["4fc742e0-4a10-11cf-8273-00aa004ae673",0x16] = "NetrDfsSetInfo2",
+
+		# sfcapi
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x00] = "SfcSrv_GetNextProtectedFile",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x01] = "SfcSrv_IsFileProtected",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x02] = "SfcSrv_FileException",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x03] = "SfcSrv_InitiateScan",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x04] = "SfcSrv_PurgeCache",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x05] = "SfcSrv_SetCacheSize",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x06] = "SfcSrv_SetDisable",
+		["83da7c00-e84f-11d2-9807-00c04f8ec850",0x07] = "SfcSrv_InstallProtectedFiles",
+
+		# nddeapi
+		["2f5f3220-c126-1076-b549-074d078619da",0x00] = "NDdeShareAddW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x01] = "NDdeShareDelA",
+		["2f5f3220-c126-1076-b549-074d078619da",0x02] = "NDdeShareDelW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x03] = "NDdeGetShareSecurityA",
+		["2f5f3220-c126-1076-b549-074d078619da",0x04] = "NDdeGetShareSecurityW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x05] = "NDdeSetShareSecurityA",
+		["2f5f3220-c126-1076-b549-074d078619da",0x06] = "NDdeSetShareSecurityW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x07] = "NDdeShareEnumA",
+		["2f5f3220-c126-1076-b549-074d078619da",0x08] = "NDdeShareEnumW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x09] = "NDdeShareGetInfoW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x0a] = "NDdeShareSetInfoW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x0b] = "NDdeSetTrustedShareA",
+		["2f5f3220-c126-1076-b549-074d078619da",0x0c] = "NDdeSetTrustedShareW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x0d] = "NDdeGetTrustedShareA",
+		["2f5f3220-c126-1076-b549-074d078619da",0x0e] = "NDdeGetTrustedShareW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x0f] = "NDdeTrustedShareEnumA",
+		["2f5f3220-c126-1076-b549-074d078619da",0x10] = "NDdeTrustedShareEnumW",
+		["2f5f3220-c126-1076-b549-074d078619da",0x12] = "NDdeSpecialCommand",
+
+		["3dde7c30-165d-11d1-ab8f-00805f14db40",0x00] = "bkrp_BackupKey",
+	} &redef &default=function(uuid: string, i: count): string { return fmt("unknown-%d", i); };
+}
diff --git a/scripts/base/protocols/dce-rpc/dpd.sig b/scripts/base/protocols/dce-rpc/dpd.sig
new file mode 100644
index 0000000000..2894af805b
--- /dev/null
+++ b/scripts/base/protocols/dce-rpc/dpd.sig
@@ -0,0 +1,6 @@
+
+signature dpd_dce_rpc {
+	ip-proto == tcp
+	payload /^\x05[\x00\x01][\x00-\x13]\x03/
+	enable "DCE_RPC"
+}
\ No newline at end of file
diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
new file mode 100644
index 0000000000..565b208db0
--- /dev/null
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -0,0 +1,109 @@
+@load ./consts
+
+module DCE_RPC;
+
+export {
+	redef enum Log::ID += { LOG };
+
+	type Info: record {
+		## Timestamp for when the event happened.
+		ts         : time     &log;
+		## Unique ID for the connection.
+		uid        : string   &log;
+		## The connection's 4-tuple of endpoint addresses/ports.
+		id         : conn_id  &log;
+		## Round trip time from the request to the response.
+		## If either the request or response wasn't seen, 
+		## this will be null.
+		rtt        : interval &log &optional;
+
+		## Remote pipe name.
+		named_pipe : string   &log &optional;
+		## Endpoint name looked up from the uuid.
+		endpoint   : string   &log &optional;
+		## Operation seen in the call.
+		operation  : string   &log &optional;
+	};
+
+	## Set of interface UUID values to ignore.
+	const ignored_uuids = set("e1af8308-5d1f-11c9-91a4-08002b14a0fa") &redef;
+}
+
+redef record Info += {
+	uuid: string &optional;
+};
+
+redef record connection += {
+	dce_rpc: Info &optional;
+};
+
+const ports = { 135/tcp };
+redef likely_server_ports += { ports };
+
+event bro_init() &priority=5
+	{
+	Log::create_stream(DCE_RPC::LOG, [$columns=Info, $path="dce_rpc"]);
+	Analyzer::register_for_ports(Analyzer::ANALYZER_DCE_RPC, ports);
+	}
+
+function set_session(c: connection)
+	{
+	if ( ! c?$dce_rpc )
+		{
+		c$dce_rpc = [$ts=network_time(),
+		             $id=c$id,
+		             $uid=c$uid];
+		}
+	}
+
+event dce_rpc_bind(c: connection, uuid: string, version: string) &priority=5
+	{
+	set_session(c);
+
+	local uuid_str = uuid_to_string(uuid);
+	if ( uuid_str in ignored_uuids )
+		return;
+
+	c$dce_rpc$uuid = uuid_str;
+	c$dce_rpc$endpoint = uuid_endpoint_map[uuid_str];
+	}
+
+event dce_rpc_bind_ack(c: connection, sec_addr: string) &priority=5
+	{
+	set_session(c);
+
+	if ( sec_addr != "" )
+		c$dce_rpc$named_pipe = sec_addr;
+	}
+
+event dce_rpc_request(c: connection, opnum: count, stub: string) &priority=5
+	{
+	set_session(c);
+
+	if ( c?$dce_rpc && c$dce_rpc?$endpoint )
+		{
+
+		}
+	}
+
+event dce_rpc_response(c: connection, opnum: count, stub: string) &priority=5
+	{
+	set_session(c);
+
+	if ( c?$dce_rpc && c$dce_rpc?$endpoint )
+		{
+		c$dce_rpc$operation = operations[c$dce_rpc$uuid, opnum];
+		if ( c$dce_rpc$ts != network_time() )
+			c$dce_rpc$rtt = network_time() - c$dce_rpc$ts;
+
+		Log::write(LOG, c$dce_rpc);
+		}
+	}
+
+event connection_state_remove(c: connection)
+	{
+	if ( ! c?$dce_rpc )
+		return;
+
+	# TODO: Go through any remaining dce_rpc requests that haven't been processed with replies.
+	}
\ No newline at end of file
diff --git a/src/analyzer/protocol/dce-rpc/CMakeLists.txt b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
index 8ccbf094d4..bfe2b8d11c 100644
--- a/src/analyzer/protocol/dce-rpc/CMakeLists.txt
+++ b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
@@ -5,8 +5,7 @@ include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DI
 
 bro_plugin_begin(Bro DCE_RPC)
 bro_plugin_cc(DCE_RPC.cc Plugin.cc)
-bro_plugin_bif(events.bif)
+bro_plugin_bif(types.bif events.bif)
 bro_plugin_pac(dce_rpc.pac dce_rpc-protocol.pac dce_rpc-analyzer.pac epmapper.pac)
-bro_plugin_pac(dce_rpc_simple.pac dce_rpc-protocol.pac epmapper.pac)
 bro_plugin_end()
 
diff --git a/src/analyzer/protocol/dce-rpc/DCE_RPC.cc b/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
index 49a9647c0f..0099160d9e 100644
--- a/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
+++ b/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
@@ -9,580 +9,52 @@
 using namespace std;
 
 #include "DCE_RPC.h"
-#include "Sessions.h"
-
-#include "analyzer/Manager.h"
-
-#include "events.bif.h"
 
 using namespace analyzer::dce_rpc;
 
-#define xbyte(b, n) (((const u_char*) (b))[n])
 
-#define extract_uint16(little_endian, bytes) \
-	((little_endian) ? \
-	 uint16(xbyte(bytes, 0)) | ((uint16(xbyte(bytes, 1))) << 8) : \
-	 uint16(xbyte(bytes, 1)) | ((uint16(xbyte(bytes, 0))) << 8))
-
-static int uuid_index[] = {
-	3, 2, 1, 0,
-	5, 4, 7, 6,
-	8, 9, 10, 11,
-	12, 13, 14, 15
-};
-
-const char* analyzer::dce_rpc::uuid_to_string(const u_char* uuid_data)
-	{
-	static char s[1024];
-	char* sp = s;
-
-	for ( int i = 0; i < 16; ++i )
-		{
-		if ( i == 4 || i == 6 || i == 8 || i == 10 )
-			sp += snprintf(sp, s + sizeof(s) - sp, "-");
-
-		int j = uuid_index[i];
-		sp += snprintf(sp, s + sizeof(s) - sp, "%02x", uuid_data[j]);
-		}
-
-	return s;
-	}
-
-UUID::UUID()
-	{
-	memset(data, 0, 16);
-	s = uuid_to_string(data);
-	}
-
-UUID::UUID(const u_char d[16])
-	{
-	memcpy(data, d, 16);
-	s = uuid_to_string(data);
-	}
-
-UUID::UUID(const binpac::bytestring& uuid)
-	{
-	if ( uuid.length() != 16 )
-		reporter->InternalError("UUID length error");
-	memcpy(data, uuid.begin(), 16);
-	s = uuid_to_string(data);
-	}
-
-UUID::UUID(const char* str)
-	{
-	s = string(str);
-	const char* sp = str;
-	int i;
-	for ( i = 0; i < 16; ++i )
-		{
-		if ( *sp == '-' )
-			++sp;
-		if ( ! *sp || ! *(sp+1) )
-			break;
-
-		data[uuid_index[i]] =
-			(u_char) (decode_hex(*sp) * 16 + decode_hex(*(sp+1)));
-		}
-
-	if ( i != 16 )
-		reporter->InternalError("invalid UUID string: %s", str);
-	}
-
-typedef map<UUID, BifEnum::dce_rpc_if_id> uuid_map_t;
-
-static uuid_map_t& well_known_uuid_map()
-	{
-	static uuid_map_t the_map;
-	static bool initialized = false;
-
-	if ( initialized )
-		return the_map;
-
-	using namespace BifEnum;
-
-	the_map[UUID("e1af8308-5d1f-11c9-91a4-08002b14a0fa")] = DCE_RPC_epmapper;
-
-	the_map[UUID("afa8bd80-7d8a-11c9-bef4-08002b102989")] = DCE_RPC_mgmt;
-
-	// It's said that the following interfaces are merely aliases.
-	the_map[UUID("12345778-1234-abcd-ef00-0123456789ab")] = DCE_RPC_lsarpc;
-	the_map[UUID("12345678-1234-abcd-ef00-01234567cffb")] = DCE_RPC_netlogon;
-	the_map[UUID("12345778-1234-abcd-ef00-0123456789ac")] = DCE_RPC_samr;
-
-	// The next group of aliases.
-	the_map[UUID("4b324fc8-1670-01d3-1278-5a47bf6ee188")] = DCE_RPC_srvsvc;
-	the_map[UUID("12345678-1234-abcd-ef00-0123456789ab")] = DCE_RPC_spoolss;
-	the_map[UUID("45f52c28-7f9f-101a-b52b-08002b2efabe")] = DCE_RPC_winspipe;
-	the_map[UUID("6bffd098-a112-3610-9833-46c3f87e345a")] = DCE_RPC_wkssvc;
-
-	// DRS - NT directory replication service.
-	the_map[UUID("e3514235-4b06-11d1-ab04-00c04fc2dcd2")] = DCE_RPC_drs;
-
-	// "The IOXIDResolver RPC interface (formerly known as
-	// IObjectExporter) is remotely used to reach the local object
-	// resolver (OR)."
-	the_map[UUID("99fcfec4-5260-101b-bbcb-00aa0021347a")] = DCE_RPC_oxid;
-
-	the_map[UUID("3919286a-b10c-11d0-9ba8-00c04fd92ef5")] = DCE_RPC_lsa_ds;
-
-	the_map[UUID("000001a0-0000-0000-c000-000000000046")] = DCE_RPC_ISCMActivator;
-
-	initialized = true;
-	return the_map;
-	}
-
-// Used to remember mapped DCE/RPC endpoints and parse the follow-up
-// connections as DCE/RPC sessions.
-map<dce_rpc_endpoint_addr, UUID> dce_rpc_endpoints;
-
-static bool is_mapped_dce_rpc_endpoint(const dce_rpc_endpoint_addr& addr)
-	{
-	return dce_rpc_endpoints.find(addr) != dce_rpc_endpoints.end();
-	}
-
-bool is_mapped_dce_rpc_endpoint(const ConnID* id, TransportProto proto)
-	{
-	if ( id->dst_addr.GetFamily() == IPv6 )
-		// TODO: Does the protocol support v6 addresses? #773
-		return false;
-
-	dce_rpc_endpoint_addr addr;
-	addr.addr = id->dst_addr;
-	addr.port = ntohs(id->dst_port);
-	addr.proto = proto;
-
-	return is_mapped_dce_rpc_endpoint(addr);
-	}
-
-static void add_dce_rpc_endpoint(const dce_rpc_endpoint_addr& addr,
-					const UUID& uuid)
-	{
-	DEBUG_MSG("Adding endpoint %s @ %s\n",
-		uuid.to_string(), addr.to_string().c_str());
-	dce_rpc_endpoints[addr] = uuid;
-
-	// FIXME: Once we can pass the cookie to the analyzer, we can get rid
-	// of the dce_rpc_endpoints table.
-	// FIXME: Don't hard-code the timeout.
-
-	analyzer_mgr->ScheduleAnalyzer(IPAddr(), addr.addr, addr.port, addr.proto,
-				       "DCE_RPC", 5 * 60);
-	}
-
-DCE_RPC_Header::DCE_RPC_Header(analyzer::Analyzer* a, const u_char* b)
-	{
-	analyzer = a;
-	bytes = b;
-
-	// This checks whether it's both the first fragment *and*
-	// the last fragment.
-	if ( (bytes[3] & 0x3) != 0x3 )
-		{
-		fragmented = 1;
-		Weird("Fragmented DCE/RPC message");
-		}
-	else
-		fragmented = 0;
-
-	ptype = (BifEnum::dce_rpc_ptype) bytes[2];
-	frag_len = extract_uint16(LittleEndian(), bytes + 8);
-	}
-
-DCE_RPC_Session::DCE_RPC_Session(analyzer::Analyzer* a)
-: analyzer(a),
-  uuid("00000000-0000-0000-0000-000000000000"),
-  if_id(BifEnum::DCE_RPC_unknown_if)
-	{
-	opnum = -1;
-	}
-
-bool DCE_RPC_Session::LooksLikeRPC(int len, const u_char* msg)
-	{
-	// if ( ! is_IPC )
-	//	return false;
-
-	try
-		{
-		binpac::DCE_RPC::DCE_RPC_Header h;
-		h.Parse(msg, msg + len);
-		if ( h.rpc_vers() == 5 && h.rpc_vers_minor() == 0 )
-			{
-			if ( h.frag_length() == len )
-				return true;
-			else
-				{
-				DEBUG_MSG("length mismatch: %d != %d\n",
-					h.frag_length(), len);
-				return false;
-				}
-			}
-		}
-	catch ( const binpac::Exception& )
-		{
-		// do nothing
-		}
-
-	return false;
-	}
-
-void DCE_RPC_Session::DeliverPDU(int is_orig, int len, const u_char* data)
-	{
-	if ( dce_rpc_message )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
-		vl->append(new EnumVal(data[2], BifType::Enum::dce_rpc_ptype));
-		vl->append(new StringVal(len, (const char*) data));
-
-		analyzer->ConnectionEvent(dce_rpc_message, vl);
-		}
-
-	try
-		{
-		// TODO: handle incremental input
-		binpac::DCE_RPC::DCE_RPC_PDU pdu;
-		pdu.Parse(data, data + len);
-
-		switch ( pdu.header()->PTYPE() ) {
-		case binpac::DCE_RPC::DCE_RPC_BIND:
-		case binpac::DCE_RPC::DCE_RPC_ALTER_CONTEXT:
-			DeliverBind(&pdu);
-			break;
-
-		case binpac::DCE_RPC::DCE_RPC_REQUEST:
-			DeliverRequest(&pdu);
-			break;
-
-		case binpac::DCE_RPC::DCE_RPC_RESPONSE:
-			DeliverResponse(&pdu);
-			break;
-		}
-		}
-	catch ( const binpac::Exception& e )
-		{
-		analyzer->Weird(e.msg().c_str());
-		}
-	}
-
-void DCE_RPC_Session::DeliverBind(const binpac::DCE_RPC::DCE_RPC_PDU* pdu)
-	{
-	binpac::DCE_RPC::DCE_RPC_Bind* bind = pdu->body()->bind();
-
-	for ( int i = 0; i < bind->context_list()->num_contexts(); ++i )
-		{
-		binpac::DCE_RPC::ContextRequest* elem =
-			(*bind->context_list()->request_contexts())[i];
-
-		uuid = UUID(elem->abstract_syntax()->uuid().begin());
-		uuid_map_t::const_iterator uuid_it =
-			well_known_uuid_map().find(uuid);
-
-		if ( uuid_it == well_known_uuid_map().end() )
-			{
-#ifdef DEBUG
-			// conn->Weird(fmt("Unknown DCE_RPC interface %s",
-			// 		uuid.to_string()));
-#endif
-			if_id = BifEnum::DCE_RPC_unknown_if;
-			}
-		else
-			if_id = uuid_it->second;
-
-		if ( dce_rpc_bind )
-			{
-			val_list* vl = new val_list;
-			vl->append(analyzer->BuildConnVal());
-			vl->append(new StringVal(uuid.to_string()));
-			// vl->append(new EnumVal(if_id, BifType::Enum::dce_rpc_if_id));
-
-			analyzer->ConnectionEvent(dce_rpc_bind, vl);
-			}
-		}
-	}
-
-void DCE_RPC_Session::DeliverRequest(const binpac::DCE_RPC::DCE_RPC_PDU* pdu)
-	{
-	binpac::DCE_RPC::DCE_RPC_Request* req = pdu->body()->request();
-
-	opnum = req->opnum();
-
-	if ( dce_rpc_request )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(opnum, TYPE_COUNT));
-		vl->append(new StringVal(req->stub().length(),
-			(const char*) req->stub().begin()));
-
-		analyzer->ConnectionEvent(dce_rpc_request, vl);
-		}
-
-	switch ( if_id ) {
-	case BifEnum::DCE_RPC_epmapper:
-		DeliverEpmapperRequest(pdu, req);
-		break;
-
-	default:
-		break;
-	}
-	}
-
-void DCE_RPC_Session::DeliverResponse(const binpac::DCE_RPC::DCE_RPC_PDU* pdu)
-	{
-	binpac::DCE_RPC::DCE_RPC_Response* resp = pdu->body()->response();
-
-	if ( dce_rpc_response )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(opnum, TYPE_COUNT));
-		vl->append(new StringVal(resp->stub().length(),
-			(const char*) resp->stub().begin()));
-		analyzer->ConnectionEvent(dce_rpc_response, vl);
-		}
-
-	switch ( if_id ) {
-	case BifEnum::DCE_RPC_epmapper:
-		DeliverEpmapperResponse(pdu, resp);
-		break;
-
-	default:
-		break;
-	}
-	}
-
-void DCE_RPC_Session::DeliverEpmapperRequest(
-	const binpac::DCE_RPC::DCE_RPC_PDU* /* pdu */,
-	const binpac::DCE_RPC::DCE_RPC_Request* /* req */)
-	{
-	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
-	// ### TODO(rpang): generate an event on epmapper request
-	}
-
-void DCE_RPC_Session::DeliverEpmapperResponse(
-	const binpac::DCE_RPC::DCE_RPC_PDU* pdu,
-	const binpac::DCE_RPC::DCE_RPC_Response* resp)
-	{
-	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
-	switch ( opnum ) {
-	case 3:	// Map
-		DeliverEpmapperMapResponse(pdu, resp);
-		break;
-	}
-	}
-
-
-void DCE_RPC_Session::DeliverEpmapperMapResponse(
-	const binpac::DCE_RPC::DCE_RPC_PDU* pdu,
-	const binpac::DCE_RPC::DCE_RPC_Response* resp)
-	{
-	try
-		{
-		binpac::DCE_RPC::epmapper_map_resp epm_resp;
-
-		epm_resp.Parse(resp->stub().begin(), resp->stub().end(),
-				pdu->byteorder());
-
-		for ( unsigned int twr_i = 0;
-		      twr_i < epm_resp.towers()->actual_count(); ++twr_i )
-			{
-			binpac::DCE_RPC::epm_tower* twr =
-				(*epm_resp.towers()->towers())[twr_i]->tower();
-
-			mapped.addr = dce_rpc_endpoint_addr();
-			mapped.uuid = UUID();
-
-			for ( int floor_i = 0; floor_i < twr->num_floors();
-			      ++floor_i )
-				{
-				binpac::DCE_RPC::epm_floor* floor =
-						(*twr->floors())[floor_i];
-
-				switch ( floor->protocol() ) {
-				case binpac::DCE_RPC::EPM_PROTOCOL_UUID:
-					if ( floor_i == 0 )
-						mapped.uuid = UUID(floor->lhs()->data()->uuid()->if_uuid());
-					break;
-
-				case binpac::DCE_RPC::EPM_PROTOCOL_TCP:
-					mapped.addr.port =
-						floor->rhs()->data()->tcp();
-					mapped.addr.proto = TRANSPORT_TCP;
-					break;
-
-				case binpac::DCE_RPC::EPM_PROTOCOL_UDP:
-					mapped.addr.port =
-						floor->rhs()->data()->udp();
-					mapped.addr.proto = TRANSPORT_UDP;
-					break;
-
-				case binpac::DCE_RPC::EPM_PROTOCOL_IP:
-					uint32 hostip = floor->rhs()->data()->ip();
-					mapped.addr.addr = IPAddr(IPv4, &hostip, IPAddr::Host);
-					break;
-				}
-				}
-
-			if ( mapped.addr.is_valid_addr() )
-				add_dce_rpc_endpoint(mapped.addr, mapped.uuid);
-
-			if ( epm_map_response )
-				{
-				val_list* vl = new val_list;
-				vl->append(analyzer->BuildConnVal());
-				vl->append(new StringVal(mapped.uuid.to_string()));
-				vl->append(new PortVal(mapped.addr.port, mapped.addr.proto));
-				vl->append(new AddrVal(mapped.addr.addr));
-
-				analyzer->ConnectionEvent(epm_map_response, vl);
-				}
-			}
-		}
-	catch ( const binpac::Exception& e )
-		{
-		analyzer->Weird(e.msg().c_str());
-		}
-	}
-
-Contents_DCE_RPC_Analyzer::Contents_DCE_RPC_Analyzer(Connection* conn,
-		bool orig, DCE_RPC_Session* arg_session, bool speculative)
-: tcp::TCP_SupportAnalyzer("CONTENTS_DCE_RPC", conn, orig)
-	{
-	session = arg_session;
-	msg_buf = 0;
-	buf_len = 0;
-	speculation = speculative ? 0 : 1;
-
-	InitState();
-	}
-
-void Contents_DCE_RPC_Analyzer::InitState()
-	{
-	// Allocate space for header.
-	if ( ! msg_buf )
-		{
-		buf_len = DCE_RPC_HEADER_LENGTH;
-		msg_buf = new u_char[buf_len];
-		}
-
-	buf_n = 0;
-	msg_len = 0;
-	hdr = 0;
-	}
-
-Contents_DCE_RPC_Analyzer::~Contents_DCE_RPC_Analyzer()
-	{
-	delete [] msg_buf;
-	delete hdr;
-	}
-
-void Contents_DCE_RPC_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
-	{
-	tcp::TCP_SupportAnalyzer::DeliverStream(len, data, orig);
-
-	tcp::TCP_Analyzer* tcp =
-		static_cast<tcp::TCP_ApplicationAnalyzer*>(Parent())->TCP();
-
-	if ( tcp->HadGap(orig) || tcp->IsPartial() )
-		return;
-
-	if ( speculation == 0 ) // undecided
-		{
-		if ( ! DCE_RPC_Session::LooksLikeRPC(len, data) )
-			speculation = -1;
-		else
-			speculation = 1;
-		}
-
-	if ( speculation < 0 )
-		return;
-
-	ASSERT(buf_len >= DCE_RPC_HEADER_LENGTH);
-	while ( len > 0 )
-		{
-		if ( buf_n < DCE_RPC_HEADER_LENGTH )
-			{
-			while ( buf_n < DCE_RPC_HEADER_LENGTH && len > 0 )
-				{
-				msg_buf[buf_n] = *data;
-				++buf_n; ++data; --len;
-				}
-
-			if ( buf_n < DCE_RPC_HEADER_LENGTH )
-				break;
-			else
-				{
-				if ( ! ParseHeader() )
-					return;
-				}
-			}
-
-		while ( buf_n < msg_len && len > 0 )
-			{
-			msg_buf[buf_n] = *data;
-			++buf_n; ++data; --len;
-			}
-
-		if ( buf_n < msg_len )
-			break;
-		else
-			{
-			if ( msg_len > 0 )
-				DeliverPDU(msg_len, msg_buf);
-			// Reset for next message
-			InitState();
-			}
-		}
-	}
-
-void Contents_DCE_RPC_Analyzer::DeliverPDU(int len, const u_char* data)
-	{
-	session->DeliverPDU(IsOrig(), len, data);
-	}
-
-bool Contents_DCE_RPC_Analyzer::ParseHeader()
-	{
-	delete hdr;
-	hdr = 0;
-
-	if ( msg_buf[0] != 5 )	// DCE/RPC version
-		{
-		Conn()->Weird("DCE/RPC_version_error (non-DCE/RPC?)");
-		Conn()->SetSkip(1);
-		msg_len = 0;
-		return false;
-		}
-
-	hdr = new DCE_RPC_Header(this, msg_buf);
-
-	msg_len = hdr->FragLen();
-	if ( msg_len > buf_len )
-		{
-		u_char* new_msg_buf = new u_char[msg_len];
-		memcpy(new_msg_buf, msg_buf, buf_n);
-		delete [] msg_buf;
-		buf_len = msg_len;
-		msg_buf = new_msg_buf;
-		hdr->SetBytes(new_msg_buf);
-		}
-
-	return true;
-	}
-
-DCE_RPC_Analyzer::DCE_RPC_Analyzer(Connection* conn, bool arg_speculative)
+DCE_RPC_Analyzer::DCE_RPC_Analyzer(Connection *conn)
 : tcp::TCP_ApplicationAnalyzer("DCE_RPC", conn)
 	{
-	session = new DCE_RPC_Session(this);
-	speculative = arg_speculative;
-
-	AddSupportAnalyzer(new Contents_DCE_RPC_Analyzer(conn, true, session,
-								speculative));
-	AddSupportAnalyzer(new Contents_DCE_RPC_Analyzer(conn, false, session,
-								speculative));
+	interp = new binpac::DCE_RPC::DCE_RPC_Conn(this);
 	}
 
 DCE_RPC_Analyzer::~DCE_RPC_Analyzer()
 	{
-	delete session;
+	delete interp;
+	}
+
+void DCE_RPC_Analyzer::Done()
+	{
+	TCP_ApplicationAnalyzer::Done();
+
+	interp->FlowEOF(true);
+	interp->FlowEOF(false);
+	}
+
+void DCE_RPC_Analyzer::EndpointEOF(bool is_orig)
+	{
+	TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
+	interp->FlowEOF(is_orig);
+	}
+	
+void DCE_RPC_Analyzer::Undelivered(uint64 seq, int len, bool orig)
+	{
+	TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
+	interp->NewGap(orig, len);
+	}
+
+void DCE_RPC_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
+	{
+	TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
+
+	assert(TCP());
+	try 
+		{
+		interp->NewData(orig, data, data + len);
+		}
+	catch ( const binpac::Exception& e )
+		{
+		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+		}
 	}
diff --git a/src/analyzer/protocol/dce-rpc/DCE_RPC.h b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
index c54638d03f..984ede8a3c 100644
--- a/src/analyzer/protocol/dce-rpc/DCE_RPC.h
+++ b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
@@ -35,7 +35,7 @@ protected:
 	string s;
 };
 
-const char* uuid_to_string(const u_char* uuid_data);
+//const char* uuid_to_string(const u_char* uuid_data);
 
 struct dce_rpc_endpoint_addr {
 	// All fields are in host byteorder.
@@ -88,6 +88,7 @@ enum DCE_RPC_PTYPE {
 };
 */
 
+/*
 #define DCE_RPC_HEADER_LENGTH 16
 
 class DCE_RPC_Header {
@@ -172,18 +173,23 @@ protected:
 
 	DCE_RPC_Session* session;
 };
+*/
 
 class DCE_RPC_Analyzer : public tcp::TCP_ApplicationAnalyzer {
 public:
-	DCE_RPC_Analyzer(Connection* conn, bool speculative = false);
+	DCE_RPC_Analyzer(Connection* conn);
 	~DCE_RPC_Analyzer();
 
+	virtual void Done();
+	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	virtual void Undelivered(uint64 seq, int len, bool orig);
+	virtual void EndpointEOF(bool is_orig);
+
 	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new DCE_RPC_Analyzer(conn); }
 
 protected:
-	DCE_RPC_Session* session;
-	bool speculative;
+	binpac::DCE_RPC::DCE_RPC_Conn* interp;
 };
 
 } } // namespace analyzer::* 
diff --git a/src/analyzer/protocol/dce-rpc/Plugin.cc b/src/analyzer/protocol/dce-rpc/Plugin.cc
index d855d20cc0..f4335bb045 100644
--- a/src/analyzer/protocol/dce-rpc/Plugin.cc
+++ b/src/analyzer/protocol/dce-rpc/Plugin.cc
@@ -13,7 +13,7 @@ public:
 	plugin::Configuration Configure()
 		{
 		AddComponent(new ::analyzer::Component("DCE_RPC", ::analyzer::dce_rpc::DCE_RPC_Analyzer::Instantiate));
-		AddComponent(new ::analyzer::Component("Contents_DCE_RPC", 0));
+		//AddComponent(new ::analyzer::Component("Contents_DCE_RPC", 0));
 
 		plugin::Configuration config;
 		config.name = "Bro::DCE_RPC";
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
index a25b4b783a..9482fa8cee 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
@@ -1,135 +1,163 @@
 # DCE/RPC protocol data unit.
 
-type DCE_RPC_PDU = record {
-	# Set header's byteorder to little-endian (or big-endian) to
-	# avoid cyclic dependency.
-	header	: DCE_RPC_Header;
-	# TODO: bring back reassembly.  It was having trouble.
-	#frag	: bytestring &length = body_length;
-	body    : DCE_RPC_Body(header);
-	auth	: DCE_RPC_Auth(header);
-} &let {
-	#body_length      : int  = header.frag_length - sizeof(header) - header.auth_length;
-	#frag_reassembled : bool = $context.flow.reassemble_fragment(frag, header.lastfrag);
-	#body             : DCE_RPC_Body(header)
-	#	withinput $context.flow.reassembled_body()
-	#	&if frag_reassembled;
-} &byteorder = header.byteorder,
-  &length = header.frag_length;
+refine connection DCE_RPC_Conn += {
+	%member{
+		map<uint16, uint16> cont_id_opnum_map;
+	%}
+
+	function get_cont_id_opnum_map(cont_id: uint16): uint16
+		%{
+		return cont_id_opnum_map[cont_id];
+		%}
+
+	function set_cont_id_opnum_map(cont_id: uint16, opnum: uint16): bool
+		%{
+		cont_id_opnum_map[cont_id] = opnum;
+		return true;
+		%}
+
+	function proc_dce_rpc_pdu(pdu: DCE_RPC_PDU): bool
+		%{
+		// If a whole pdu message parsed ok, let's confirm the protocol
+		bro_analyzer()->ProtocolConfirmation();
+		return true;
+		%}
+
+	function proc_dce_rpc_message(header: DCE_RPC_Header): bool
+		%{
+		if ( dce_rpc_message )
+			{
+			BifEvent::generate_dce_rpc_message(bro_analyzer(),
+			                                   bro_analyzer()->Conn(),
+			                                   ${header.is_orig},
+			                                   ${header.PTYPE},
+			                                   new EnumVal(${header.PTYPE}, BifType::Enum::DCE_RPC::PType));
+			}
+		return true;
+		%}
+
+	function process_dce_rpc_bind(bind: DCE_RPC_Bind): bool
+		%{
+
+		if ( dce_rpc_bind )
+			{
+			// Go over the elements, each having a UUID
+			$const_def{bind_elems = bind.context_list};
+			for ( int i = 0; i < ${bind_elems.num_contexts}; ++i )
+				{
+				$const_def{uuid = bind_elems.request_contexts[i].abstract_syntax.uuid};
+				$const_def{version = bind_elems.request_contexts[i].abstract_syntax.version};
+
+				// Queue the event
+				BifEvent::generate_dce_rpc_bind(bro_analyzer(),
+				                                bro_analyzer()->Conn(),
+				                                bytestring_to_val(${uuid}),
+				                                new StringVal(fmt("%d.0", ${version})));
+				}
+			}
+
+		return true;
+		%}
+
+	function process_dce_rpc_bind_ack(bind: DCE_RPC_Bind_Ack): bool
+		%{
+		if ( dce_rpc_bind_ack )
+			{
+			StringVal *sec_addr;
+			// Remove the null from the end of the string if it's there.
+			if ( *(${bind.sec_addr}.begin() + ${bind.sec_addr}.length()) == 0 )
+				sec_addr = new StringVal(${bind.sec_addr}.length()-1, (const char*) ${bind.sec_addr}.begin());
+			else
+				sec_addr = new StringVal(${bind.sec_addr}.length(), (const char*) ${bind.sec_addr}.begin());
+
+			BifEvent::generate_dce_rpc_bind_ack(bro_analyzer(),
+			                                    bro_analyzer()->Conn(),
+			                                    sec_addr);
+			}
+		return true;
+		%}
+
+	function process_dce_rpc_request(req: DCE_RPC_Request): bool
+		%{
+		if ( dce_rpc_request )
+			{
+			BifEvent::generate_dce_rpc_request(bro_analyzer(),
+			                                   bro_analyzer()->Conn(),
+			                                   ${req.opnum},
+			                                   bytestring_to_val(${req.stub}));
+			}
+
+		set_cont_id_opnum_map(${req.context_id},
+		                      ${req.opnum});
+		return true;
+		%}
+
+	function process_dce_rpc_response(resp: DCE_RPC_Response): bool
+		%{
+		if ( dce_rpc_response )
+			{
+			BifEvent::generate_dce_rpc_response(bro_analyzer(),
+			                                    bro_analyzer()->Conn(),
+			                                    get_cont_id_opnum_map(${resp.context_id}),
+			                                    bytestring_to_val(${resp.stub}));
+			}
+
+		return true;
+		%}
+
+};
+
+
+refine flow DCE_RPC_Flow += {
+	#%member{
+	#FlowBuffer frag_reassembler_;
+	#%}
+
+	# Fragment reassembly.
+	#function reassemble_fragment(frag: bytestring, lastfrag: bool): bool
+	#	%{
+	#	int orig_data_length = frag_reassembler_.data_length();
+	#
+	#	frag_reassembler_.NewData(frag.begin(), frag.end());
+	#
+	#	int new_frame_length = orig_data_length + frag.length();
+	#	if ( orig_data_length == 0 )
+	#		frag_reassembler_.NewFrame(new_frame_length, false);
+	#	else
+	#		frag_reassembler_.GrowFrame(new_frame_length);
+	#
+	#	return lastfrag;
+	#	%}
+
+	#function reassembled_body(): const_bytestring
+	#	%{
+	#	return const_bytestring(
+	#		frag_reassembler_.begin(),
+	#		frag_reassembler_.end());
+	#	%}
+};
+
+refine typeattr DCE_RPC_PDU += &let {
+	proc = $context.connection.proc_dce_rpc_pdu(this);
+}
+
+refine typeattr DCE_RPC_Header += &let {
+	proc = $context.connection.proc_dce_rpc_message(this);
+};
+
+refine typeattr DCE_RPC_Bind += &let {
+	proc = $context.connection.process_dce_rpc_bind(this);
+};
+
+refine typeattr DCE_RPC_Bind_Ack += &let {
+	proc = $context.connection.process_dce_rpc_bind_ack(this);
+};
+
+refine typeattr DCE_RPC_Request += &let {
+	proc = $context.connection.process_dce_rpc_request(this);
+};
+
+refine typeattr DCE_RPC_Response += &let {
+	proc = $context.connection.process_dce_rpc_response(this);
+};
 
-#connection DCE_RPC_Conn(bro_analyzer: BroAnalyzer) {
-#	upflow = DCE_RPC_Flow(true);
-#	downflow = DCE_RPC_Flow(false);
-#
-#	%member{
-#		map<uint16, uint16> cont_id_opnum_map;
-#	%}
-#
-#	function get_cont_id_opnum_map(cont_id: uint16): uint16
-#		%{
-#		return cont_id_opnum_map[cont_id];
-#		%}
-#
-#	function set_cont_id_opnum_map(cont_id: uint16, opnum: uint16): bool
-#		%{
-#		cont_id_opnum_map[cont_id] = opnum;
-#		return true;
-#		%}
-#};
-#
-#
-#flow DCE_RPC_Flow(is_orig: bool) {
-#	flowunit = DCE_RPC_PDU withcontext (connection, this);
-#
-#	#%member{
-#	#FlowBuffer frag_reassembler_;
-#	#%}
-#
-#	# Fragment reassembly.
-#	#function reassemble_fragment(frag: bytestring, lastfrag: bool): bool
-#	#	%{
-#	#	int orig_data_length = frag_reassembler_.data_length();
-#	#
-#	#	frag_reassembler_.NewData(frag.begin(), frag.end());
-#	#
-#	#	int new_frame_length = orig_data_length + frag.length();
-#	#	if ( orig_data_length == 0 )
-#	#		frag_reassembler_.NewFrame(new_frame_length, false);
-#	#	else
-#	#		frag_reassembler_.GrowFrame(new_frame_length);
-#	#
-#	#	return lastfrag;
-#	#	%}
-#
-#	#function reassembled_body(): const_bytestring
-#	#	%{
-#	#	return const_bytestring(
-#	#		frag_reassembler_.begin(),
-#	#		frag_reassembler_.end());
-#	#	%}
-#
-#	# Bind.
-#	function process_dce_rpc_bind(bind: DCE_RPC_Bind): bool
-#		%{
-#		$const_def{bind_elems = bind.context_list};
-#
-#		if ( ${bind_elems.num_contexts} > 1 )
-#			{
-#			${connection.bro_analyzer}->Weird("DCE_RPC_bind_to_multiple_interfaces");
-#			}
-#
-#		if ( dce_rpc_bind )
-#			{
-#			// Go over the elements, each having a UUID
-#			for ( int i = 0; i < ${bind_elems.num_contexts}; ++i )
-#				{
-#				$const_def{uuid =
-#					bind_elems.request_contexts[i].abstract_syntax.uuid};
-#
-#				// Queue the event
-#				BifEvent::generate_dce_rpc_bind(
-#					${connection.bro_analyzer},
-#					${connection.bro_analyzer}->Conn(),
-#					bytestring_to_val(${uuid}));
-#
-#				// Set the connection's UUID
-#				// ${connection}->set_uuid(${uuid});
-#				}
-#			}
-#
-#		return ${bind_elems.num_contexts} > 0;
-#		%}
-#
-#	# Request.
-#	function process_dce_rpc_request(req: DCE_RPC_Request): bool
-#		%{
-#		if ( dce_rpc_request )
-#			{
-#			BifEvent::generate_dce_rpc_request(
-#				${connection.bro_analyzer},
-#				${connection.bro_analyzer}->Conn(),
-#				${req.opnum},
-#				bytestring_to_val(${req.stub}));
-#			}
-#
-#		${connection}->set_cont_id_opnum_map(${req.context_id},
-#		                                     ${req.opnum});
-#
-#		return true;
-#		%}
-#
-#	# Response.
-#	function process_dce_rpc_response(resp: DCE_RPC_Response): bool
-#		%{
-#		if ( dce_rpc_response )
-#			{
-#			BifEvent::generate_dce_rpc_response(
-#				${connection.bro_analyzer},
-#				${connection.bro_analyzer}->Conn(),
-#				${connection}->get_cont_id_opnum_map(${resp.context_id}),
-#				bytestring_to_val(${resp.stub}));
-#			}
-#
-#		return true;
-#		%}
-#};
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
index f13311a0fa..847ca182e2 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
@@ -29,6 +29,23 @@ type context_handle = record {
 	uuid  : bytestring &length = 16;
 };
 
+type DCE_RPC_PDU(is_orig: bool) = record {
+	# Set header's byteorder to little-endian (or big-endian) to
+	# avoid cyclic dependency.
+	header	: DCE_RPC_Header(is_orig);
+	# TODO: bring back reassembly.  It was having trouble.
+	#frag	: bytestring &length = body_length;
+	body    : DCE_RPC_Body(header);
+	auth	: DCE_RPC_Auth(header);
+} &let {
+	#body_length      : int  = header.frag_length - sizeof(header) - header.auth_length;
+	#frag_reassembled : bool = $context.flow.reassemble_fragment(frag, header.lastfrag);
+	#body             : DCE_RPC_Body(header)
+	#	withinput $context.flow.reassembled_body()
+	#	&if frag_reassembled;
+} &byteorder = header.byteorder, &length = header.frag_length;
+
+
 #type rpc_if_id_t = record {
 #	if_uuid    : bytestring &length = 16;
 #	vers_major : uint16;
@@ -46,7 +63,7 @@ type NDR_Format = record {
 #### There might be a endianness problem here: the frag_length
 # causes problems despite the NDR_Format having a byteorder set.
 
-type DCE_RPC_Header = record {
+type DCE_RPC_Header(is_orig: bool) = record {
 	rpc_vers       : uint8 &check(rpc_vers == 5);
 	rpc_vers_minor : uint8;
 	PTYPE          : uint8;
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc.pac b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
index 737d4d7a64..616b4e7770 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
@@ -2,16 +2,26 @@
 %include bro.pac
 
 %extern{
-#include "events.bif.h"
+	#include "types.bif.h"
+	#include "events.bif.h"
 %}
 
-analyzer DCE_RPC withcontext {};
+analyzer DCE_RPC withcontext {
+	connection : DCE_RPC_Conn;
+	flow       : DCE_RPC_Flow;
+};
 
-#analyzer DCE_RPC withcontext {
-#	connection : DCE_RPC_Conn;
-#	flow       : DCE_RPC_Flow;
-#};
+connection DCE_RPC_Conn(bro_analyzer: BroAnalyzer) {
+	upflow   = DCE_RPC_Flow(true);
+	downflow = DCE_RPC_Flow(false);
+};
 
 %include dce_rpc-protocol.pac
+
+# Now we define the flow:
+flow DCE_RPC_Flow(is_orig: bool) {
+	flowunit = DCE_RPC_PDU(is_orig) withcontext(connection, this);
+};
+
 %include epmapper.pac
 %include dce_rpc-analyzer.pac
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc_simple.pac b/src/analyzer/protocol/dce-rpc/dce_rpc_simple.pac
deleted file mode 100644
index 1bf0387b1d..0000000000
--- a/src/analyzer/protocol/dce-rpc/dce_rpc_simple.pac
+++ /dev/null
@@ -1,20 +0,0 @@
-%include bro.pac
-
-%extern{
-#include "events.bif.h"
-%}
-
-analyzer DCE_RPC_Simple withcontext {};
-
-%include dce_rpc-protocol.pac
-
-type DCE_RPC_PDU = record {
-	# Set header's byteorder to little-endian (or big-endian) to
-	# avoid cyclic dependency.
-	header	: DCE_RPC_Header;
-	body	: DCE_RPC_Body(header)
-		 &length = header.frag_length - sizeof(header) -
-				header.auth_length;
-	auth	: DCE_RPC_Auth(header);
-} &byteorder = header.byteorder,
-  &length = header.frag_length;
diff --git a/src/analyzer/protocol/dce-rpc/events.bif b/src/analyzer/protocol/dce-rpc/events.bif
index bdabb674fa..94fd402dba 100644
--- a/src/analyzer/protocol/dce-rpc/events.bif
+++ b/src/analyzer/protocol/dce-rpc/events.bif
@@ -2,54 +2,31 @@
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_request
 ##    dce_rpc_response rpc_timeout
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event dce_rpc_message%(c: connection, is_orig: bool, ptype: dce_rpc_ptype, msg: string%);
+event dce_rpc_message%(c: connection, is_orig: bool, ptype_id: count, ptype: DCE_RPC::PType%);
 
 ## TODO.
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply  dce_rpc_message dce_rpc_request
 ##    dce_rpc_response rpc_timeout
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
-event dce_rpc_bind%(c: connection, uuid: string%);
+event dce_rpc_bind%(c: connection, uuid: string, version: string%);
+
+event dce_rpc_bind_ack%(c: connection, sec_addr: string%);
 
 ## TODO.
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
 ##    dce_rpc_response rpc_timeout
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
 event dce_rpc_request%(c: connection, opnum: count, stub: string%);
 
 ## TODO.
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
 ##    dce_rpc_request  rpc_timeout
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
 event dce_rpc_response%(c: connection, opnum: count, stub: string%);
 
 ## TODO.
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
 ##    dce_rpc_request dce_rpc_response rpc_timeout
-##
-## .. todo:: Bro's current default configuration does not activate the protocol
-##    analyzer that generates this event; the corresponding script has not yet
-##    been ported to Bro 2.x. To still enable this event, one needs to
-##    register a port for it or add a DPD payload signature.
 event epm_map_response%(c: connection, uuid: string, p: port, h: addr%);
 
diff --git a/src/analyzer/protocol/dce-rpc/types.bif b/src/analyzer/protocol/dce-rpc/types.bif
new file mode 100644
index 0000000000..251b53f952
--- /dev/null
+++ b/src/analyzer/protocol/dce-rpc/types.bif
@@ -0,0 +1,41 @@
+
+module DCE_RPC;
+
+enum PType %{
+	REQUEST,
+	PING,
+	RESPONSE,
+	FAULT,
+	WORKING,
+	NOCALL,
+	REJECT,
+	ACK,
+	CL_CANCEL,
+	FACK,
+	CANCEL_ACK,
+	BIND,
+	BIND_ACK,
+	BIND_NAK,
+	ALTER_CONTEXT,
+	ALTER_CONTEXT_RESP,
+	SHUTDOWN,
+	CO_CANCEL,
+	ORPHANED,
+%}
+
+enum IfID %{
+	unknown_if,
+	epmapper,
+	lsarpc,
+	lsa_ds,
+	mgmt,
+	netlogon,
+	samr,
+	srvsvc,
+	spoolss,
+	drs,
+	winspipe,
+	wkssvc,
+	oxid,
+	ISCMActivator,
+%}
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index 3a0b0e75f0..305e1191f6 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -47,7 +47,6 @@ bro_plugin_pac(
 	smb-pipe.pac
 	smb-mailslot.pac
 	smb-ntlmssp.pac
-	dce_rpc-protocol.pac
 
 	smb1-protocol.pac
 	smb1-com-check-directory.pac
diff --git a/src/analyzer/protocol/smb/DCE_RPC.cc b/src/analyzer/protocol/smb/DCE_RPC.cc
deleted file mode 100644
index dd31cfa8a7..0000000000
--- a/src/analyzer/protocol/smb/DCE_RPC.cc
+++ /dev/null
@@ -1,588 +0,0 @@
-// See the file "COPYING" in the main distribution directory for copyright.
-
-#include "config.h"
-
-#include <stdlib.h>
-#include <string>
-#include <map>
-
-using namespace std;
-
-#include "DCE_RPC.h"
-#include "Sessions.h"
-
-#include "analyzer/Manager.h"
-
-#include "events.bif.h"
-
-using namespace analyzer::dce_rpc;
-
-#define xbyte(b, n) (((const u_char*) (b))[n])
-
-#define extract_uint16(little_endian, bytes) \
-	((little_endian) ? \
-	 uint16(xbyte(bytes, 0)) | ((uint16(xbyte(bytes, 1))) << 8) : \
-	 uint16(xbyte(bytes, 1)) | ((uint16(xbyte(bytes, 0))) << 8))
-
-static int uuid_index[] = {
-	3, 2, 1, 0,
-	5, 4, 7, 6,
-	8, 9, 10, 11,
-	12, 13, 14, 15
-};
-
-const char* analyzer::dce_rpc::uuid_to_string(const u_char* uuid_data)
-	{
-	static char s[1024];
-	char* sp = s;
-
-	for ( int i = 0; i < 16; ++i )
-		{
-		if ( i == 4 || i == 6 || i == 8 || i == 10 )
-			sp += snprintf(sp, s + sizeof(s) - sp, "-");
-
-		int j = uuid_index[i];
-		sp += snprintf(sp, s + sizeof(s) - sp, "%02x", uuid_data[j]);
-		}
-
-	return s;
-	}
-
-UUID::UUID()
-	{
-	memset(data, 0, 16);
-	s = uuid_to_string(data);
-	}
-
-UUID::UUID(const u_char d[16])
-	{
-	memcpy(data, d, 16);
-	s = uuid_to_string(data);
-	}
-
-UUID::UUID(const binpac::bytestring& uuid)
-	{
-	if ( uuid.length() != 16 )
-		reporter->InternalError("UUID length error");
-	memcpy(data, uuid.begin(), 16);
-	s = uuid_to_string(data);
-	}
-
-UUID::UUID(const char* str)
-	{
-	s = string(str);
-	const char* sp = str;
-	int i;
-	for ( i = 0; i < 16; ++i )
-		{
-		if ( *sp == '-' )
-			++sp;
-		if ( ! *sp || ! *(sp+1) )
-			break;
-
-		data[uuid_index[i]] =
-			(u_char) (decode_hex(*sp) * 16 + decode_hex(*(sp+1)));
-		}
-
-	if ( i != 16 )
-		reporter->InternalError("invalid UUID string: %s", str);
-	}
-
-typedef map<UUID, BifEnum::dce_rpc_if_id> uuid_map_t;
-
-static uuid_map_t& well_known_uuid_map()
-	{
-	static uuid_map_t the_map;
-	static bool initialized = false;
-
-	if ( initialized )
-		return the_map;
-
-	using namespace BifEnum;
-
-	the_map[UUID("e1af8308-5d1f-11c9-91a4-08002b14a0fa")] = DCE_RPC_epmapper;
-
-	the_map[UUID("afa8bd80-7d8a-11c9-bef4-08002b102989")] = DCE_RPC_mgmt;
-
-	// It's said that the following interfaces are merely aliases.
-	the_map[UUID("12345778-1234-abcd-ef00-0123456789ab")] = DCE_RPC_lsarpc;
-	the_map[UUID("12345678-1234-abcd-ef00-01234567cffb")] = DCE_RPC_netlogon;
-	the_map[UUID("12345778-1234-abcd-ef00-0123456789ac")] = DCE_RPC_samr;
-
-	// The next group of aliases.
-	the_map[UUID("4b324fc8-1670-01d3-1278-5a47bf6ee188")] = DCE_RPC_srvsvc;
-	the_map[UUID("12345678-1234-abcd-ef00-0123456789ab")] = DCE_RPC_spoolss;
-	the_map[UUID("45f52c28-7f9f-101a-b52b-08002b2efabe")] = DCE_RPC_winspipe;
-	the_map[UUID("6bffd098-a112-3610-9833-46c3f87e345a")] = DCE_RPC_wkssvc;
-
-	// DRS - NT directory replication service.
-	the_map[UUID("e3514235-4b06-11d1-ab04-00c04fc2dcd2")] = DCE_RPC_drs;
-
-	// "The IOXIDResolver RPC interface (formerly known as
-	// IObjectExporter) is remotely used to reach the local object
-	// resolver (OR)."
-	the_map[UUID("99fcfec4-5260-101b-bbcb-00aa0021347a")] = DCE_RPC_oxid;
-
-	the_map[UUID("3919286a-b10c-11d0-9ba8-00c04fd92ef5")] = DCE_RPC_lsa_ds;
-
-	the_map[UUID("000001a0-0000-0000-c000-000000000046")] = DCE_RPC_ISCMActivator;
-
-	initialized = true;
-	return the_map;
-	}
-
-// Used to remember mapped DCE/RPC endpoints and parse the follow-up
-// connections as DCE/RPC sessions.
-map<dce_rpc_endpoint_addr, UUID> dce_rpc_endpoints;
-
-static bool is_mapped_dce_rpc_endpoint(const dce_rpc_endpoint_addr& addr)
-	{
-	return dce_rpc_endpoints.find(addr) != dce_rpc_endpoints.end();
-	}
-
-bool is_mapped_dce_rpc_endpoint(const ConnID* id, TransportProto proto)
-	{
-	if ( id->dst_addr.GetFamily() == IPv6 )
-		// TODO: Does the protocol support v6 addresses? #773
-		return false;
-
-	dce_rpc_endpoint_addr addr;
-	addr.addr = id->dst_addr;
-	addr.port = ntohs(id->dst_port);
-	addr.proto = proto;
-
-	return is_mapped_dce_rpc_endpoint(addr);
-	}
-
-static void add_dce_rpc_endpoint(const dce_rpc_endpoint_addr& addr,
-					const UUID& uuid)
-	{
-	DEBUG_MSG("Adding endpoint %s @ %s\n",
-		uuid.to_string(), addr.to_string().c_str());
-	dce_rpc_endpoints[addr] = uuid;
-
-	// FIXME: Once we can pass the cookie to the analyzer, we can get rid
-	// of the dce_rpc_endpoints table.
-	// FIXME: Don't hard-code the timeout.
-
-	analyzer_mgr->ScheduleAnalyzer(IPAddr(), addr.addr, addr.port, addr.proto,
-				       "DCE_RPC", 5 * 60);
-	}
-
-DCE_RPC_Header::DCE_RPC_Header(analyzer::Analyzer* a, const u_char* b)
-	{
-	analyzer = a;
-	bytes = b;
-
-	// This checks whether it's both the first fragment *and*
-	// the last fragment.
-	if ( (bytes[3] & 0x3) != 0x3 )
-		{
-		fragmented = 1;
-		Weird("Fragmented DCE/RPC message");
-		}
-	else
-		fragmented = 0;
-
-	ptype = (BifEnum::dce_rpc_ptype) bytes[2];
-	frag_len = extract_uint16(LittleEndian(), bytes + 8);
-	}
-
-DCE_RPC_Session::DCE_RPC_Session(analyzer::Analyzer* a)
-: analyzer(a),
-  if_uuid("00000000-0000-0000-0000-000000000000"),
-  if_id(BifEnum::DCE_RPC_unknown_if)
-	{
-	opnum = -1;
-	}
-
-bool DCE_RPC_Session::LooksLikeRPC(int len, const u_char* msg)
-	{
-	// if ( ! is_IPC )
-	//	return false;
-
-	try
-		{
-		binpac::DCE_RPC_Simple::DCE_RPC_Header h;
-		h.Parse(msg, msg + len);
-		if ( h.rpc_vers() == 5 && h.rpc_vers_minor() == 0 )
-			{
-			if ( h.frag_length() == len )
-				return true;
-			else
-				{
-				DEBUG_MSG("length mismatch: %d != %d\n",
-					h.frag_length(), len);
-				return false;
-				}
-			}
-		}
-	catch ( const binpac::Exception& )
-		{
-		// do nothing
-		}
-
-	return false;
-	}
-
-void DCE_RPC_Session::DeliverPDU(int is_orig, int len, const u_char* data)
-	{
-	if ( dce_rpc_message )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
-		vl->append(new EnumVal(data[2], BifType::Enum::dce_rpc_ptype));
-		vl->append(new StringVal(len, (const char*) data));
-
-		analyzer->ConnectionEvent(dce_rpc_message, vl);
-		}
-
-	try
-		{
-		// TODO: handle incremental input
-		binpac::DCE_RPC_Simple::DCE_RPC_PDU pdu;
-		pdu.Parse(data, data + len);
-
-		switch ( pdu.header()->PTYPE() ) {
-		case binpac::DCE_RPC_Simple::DCE_RPC_BIND:
-		case binpac::DCE_RPC_Simple::DCE_RPC_ALTER_CONTEXT:
-			DeliverBind(&pdu);
-			break;
-
-		case binpac::DCE_RPC_Simple::DCE_RPC_REQUEST:
-			DeliverRequest(&pdu);
-			break;
-
-		case binpac::DCE_RPC_Simple::DCE_RPC_RESPONSE:
-			DeliverResponse(&pdu);
-			break;
-		}
-		}
-	catch ( const binpac::Exception& e )
-		{
-		analyzer->Weird(e.msg().c_str());
-		}
-	}
-
-void DCE_RPC_Session::DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
-	{
-	binpac::DCE_RPC_Simple::DCE_RPC_Bind* bind = pdu->body()->bind();
-
-	for ( int i = 0; i < bind->p_context_elem()->n_context_elem(); ++i )
-		{
-		binpac::DCE_RPC_Simple::p_cont_elem_t* elem =
-			(*bind->p_context_elem()->p_cont_elem())[i];
-
-		if_uuid = UUID(elem->abstract_syntax()->if_uuid().begin());
-		uuid_map_t::const_iterator uuid_it =
-			well_known_uuid_map().find(if_uuid);
-
-		if ( uuid_it == well_known_uuid_map().end() )
-			{
-#ifdef DEBUG
-			// conn->Weird(fmt("Unknown DCE_RPC interface %s",
-			// 		if_uuid.to_string()));
-#endif
-			if_id = BifEnum::DCE_RPC_unknown_if;
-			}
-		else
-			if_id = uuid_it->second;
-
-		if ( dce_rpc_bind )
-			{
-			val_list* vl = new val_list;
-			vl->append(analyzer->BuildConnVal());
-			vl->append(new StringVal(if_uuid.to_string()));
-			// vl->append(new EnumVal(if_id, BifType::Enum::dce_rpc_if_id));
-
-			analyzer->ConnectionEvent(dce_rpc_bind, vl);
-			}
-		}
-	}
-
-void DCE_RPC_Session::DeliverRequest(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
-	{
-	binpac::DCE_RPC_Simple::DCE_RPC_Request* req = pdu->body()->request();
-
-	opnum = req->opnum();
-
-	if ( dce_rpc_request )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(opnum, TYPE_COUNT));
-		vl->append(new StringVal(req->stub().length(),
-			(const char*) req->stub().begin()));
-
-		analyzer->ConnectionEvent(dce_rpc_request, vl);
-		}
-
-	switch ( if_id ) {
-	case BifEnum::DCE_RPC_epmapper:
-		DeliverEpmapperRequest(pdu, req);
-		break;
-
-	default:
-		break;
-	}
-	}
-
-void DCE_RPC_Session::DeliverResponse(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu)
-	{
-	binpac::DCE_RPC_Simple::DCE_RPC_Response* resp = pdu->body()->response();
-
-	if ( dce_rpc_response )
-		{
-		val_list* vl = new val_list;
-		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(opnum, TYPE_COUNT));
-		vl->append(new StringVal(resp->stub().length(),
-			(const char*) resp->stub().begin()));
-		analyzer->ConnectionEvent(dce_rpc_response, vl);
-		}
-
-	switch ( if_id ) {
-	case BifEnum::DCE_RPC_epmapper:
-		DeliverEpmapperResponse(pdu, resp);
-		break;
-
-	default:
-		break;
-	}
-	}
-
-void DCE_RPC_Session::DeliverEpmapperRequest(
-	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* /* pdu */,
-	const binpac::DCE_RPC_Simple::DCE_RPC_Request* /* req */)
-	{
-	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
-	// ### TODO(rpang): generate an event on epmapper request
-	}
-
-void DCE_RPC_Session::DeliverEpmapperResponse(
-	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-	const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp)
-	{
-	// DEBUG_MSG("Epmapper request opnum = %d\n", req->opnum());
-	switch ( opnum ) {
-	case 3:	// Map
-		DeliverEpmapperMapResponse(pdu, resp);
-		break;
-	}
-	}
-
-
-void DCE_RPC_Session::DeliverEpmapperMapResponse(
-	const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-	const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp)
-	{
-	try
-		{
-		binpac::DCE_RPC_Simple::epmapper_map_resp epm_resp;
-
-		epm_resp.Parse(resp->stub().begin(), resp->stub().end(),
-				pdu->byteorder());
-
-		for ( unsigned int twr_i = 0;
-		      twr_i < epm_resp.towers()->actual_count(); ++twr_i )
-			{
-			binpac::DCE_RPC_Simple::epm_tower* twr =
-				(*epm_resp.towers()->towers())[twr_i]->tower();
-
-			mapped.addr = dce_rpc_endpoint_addr();
-			mapped.uuid = UUID();
-
-			for ( int floor_i = 0; floor_i < twr->num_floors();
-			      ++floor_i )
-				{
-				binpac::DCE_RPC_Simple::epm_floor* floor =
-						(*twr->floors())[floor_i];
-
-				switch ( floor->protocol() ) {
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_UUID:
-					if ( floor_i == 0 )
-						mapped.uuid = UUID(floor->lhs()->data()->uuid()->if_uuid());
-					break;
-
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_TCP:
-					mapped.addr.port =
-						floor->rhs()->data()->tcp();
-					mapped.addr.proto = TRANSPORT_TCP;
-					break;
-
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_UDP:
-					mapped.addr.port =
-						floor->rhs()->data()->udp();
-					mapped.addr.proto = TRANSPORT_UDP;
-					break;
-
-				case binpac::DCE_RPC_Simple::EPM_PROTOCOL_IP:
-					uint32 hostip = floor->rhs()->data()->ip();
-					mapped.addr.addr = IPAddr(IPv4, &hostip, IPAddr::Host);
-					break;
-				}
-				}
-
-			if ( mapped.addr.is_valid_addr() )
-				add_dce_rpc_endpoint(mapped.addr, mapped.uuid);
-
-			if ( epm_map_response )
-				{
-				val_list* vl = new val_list;
-				vl->append(analyzer->BuildConnVal());
-				vl->append(new StringVal(mapped.uuid.to_string()));
-				vl->append(new PortVal(mapped.addr.port, mapped.addr.proto));
-				vl->append(new AddrVal(mapped.addr.addr));
-
-				analyzer->ConnectionEvent(epm_map_response, vl);
-				}
-			}
-		}
-	catch ( const binpac::Exception& e )
-		{
-		analyzer->Weird(e.msg().c_str());
-		}
-	}
-
-Contents_DCE_RPC_Analyzer::Contents_DCE_RPC_Analyzer(Connection* conn,
-		bool orig, DCE_RPC_Session* arg_session, bool speculative)
-: tcp::TCP_SupportAnalyzer("CONTENTS_DCE_RPC", conn, orig)
-	{
-	session = arg_session;
-	msg_buf = 0;
-	buf_len = 0;
-	speculation = speculative ? 0 : 1;
-
-	InitState();
-	}
-
-void Contents_DCE_RPC_Analyzer::InitState()
-	{
-	// Allocate space for header.
-	if ( ! msg_buf )
-		{
-		buf_len = DCE_RPC_HEADER_LENGTH;
-		msg_buf = new u_char[buf_len];
-		}
-
-	buf_n = 0;
-	msg_len = 0;
-	hdr = 0;
-	}
-
-Contents_DCE_RPC_Analyzer::~Contents_DCE_RPC_Analyzer()
-	{
-	delete [] msg_buf;
-	delete hdr;
-	}
-
-void Contents_DCE_RPC_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
-	{
-	tcp::TCP_SupportAnalyzer::DeliverStream(len, data, orig);
-
-	tcp::TCP_Analyzer* tcp =
-		static_cast<tcp::TCP_ApplicationAnalyzer*>(Parent())->TCP();
-
-	if ( tcp->HadGap(orig) || tcp->IsPartial() )
-		return;
-
-	if ( speculation == 0 ) // undecided
-		{
-		if ( ! DCE_RPC_Session::LooksLikeRPC(len, data) )
-			speculation = -1;
-		else
-			speculation = 1;
-		}
-
-	if ( speculation < 0 )
-		return;
-
-	ASSERT(buf_len >= DCE_RPC_HEADER_LENGTH);
-	while ( len > 0 )
-		{
-		if ( buf_n < DCE_RPC_HEADER_LENGTH )
-			{
-			while ( buf_n < DCE_RPC_HEADER_LENGTH && len > 0 )
-				{
-				msg_buf[buf_n] = *data;
-				++buf_n; ++data; --len;
-				}
-
-			if ( buf_n < DCE_RPC_HEADER_LENGTH )
-				break;
-			else
-				{
-				if ( ! ParseHeader() )
-					return;
-				}
-			}
-
-		while ( buf_n < msg_len && len > 0 )
-			{
-			msg_buf[buf_n] = *data;
-			++buf_n; ++data; --len;
-			}
-
-		if ( buf_n < msg_len )
-			break;
-		else
-			{
-			if ( msg_len > 0 )
-				DeliverPDU(msg_len, msg_buf);
-			// Reset for next message
-			InitState();
-			}
-		}
-	}
-
-void Contents_DCE_RPC_Analyzer::DeliverPDU(int len, const u_char* data)
-	{
-	session->DeliverPDU(IsOrig(), len, data);
-	}
-
-bool Contents_DCE_RPC_Analyzer::ParseHeader()
-	{
-	delete hdr;
-	hdr = 0;
-
-	if ( msg_buf[0] != 5 )	// DCE/RPC version
-		{
-		Conn()->Weird("DCE/RPC_version_error (non-DCE/RPC?)");
-		Conn()->SetSkip(1);
-		msg_len = 0;
-		return false;
-		}
-
-	hdr = new DCE_RPC_Header(this, msg_buf);
-
-	msg_len = hdr->FragLen();
-	if ( msg_len > buf_len )
-		{
-		u_char* new_msg_buf = new u_char[msg_len];
-		memcpy(new_msg_buf, msg_buf, buf_n);
-		delete [] msg_buf;
-		buf_len = msg_len;
-		msg_buf = new_msg_buf;
-		hdr->SetBytes(new_msg_buf);
-		}
-
-	return true;
-	}
-
-DCE_RPC_Analyzer::DCE_RPC_Analyzer(Connection* conn, bool arg_speculative)
-: tcp::TCP_ApplicationAnalyzer("DCE_RPC", conn)
-	{
-	session = new DCE_RPC_Session(this);
-	speculative = arg_speculative;
-
-	AddSupportAnalyzer(new Contents_DCE_RPC_Analyzer(conn, true, session,
-								speculative));
-	AddSupportAnalyzer(new Contents_DCE_RPC_Analyzer(conn, false, session,
-								speculative));
-	}
-
-DCE_RPC_Analyzer::~DCE_RPC_Analyzer()
-	{
-	delete session;
-	}
diff --git a/src/analyzer/protocol/smb/DCE_RPC.h b/src/analyzer/protocol/smb/DCE_RPC.h
deleted file mode 100644
index cd3910bf42..0000000000
--- a/src/analyzer/protocol/smb/DCE_RPC.h
+++ /dev/null
@@ -1,191 +0,0 @@
-// See the file "COPYING" in the main distribution directory for copyright.
-
-#ifndef ANALYZER_PROTOCOL_DCE_RPC_DCE_RPC_H
-#define ANALYZER_PROTOCOL_DCE_RPC_DCE_RPC_H
-
-// NOTE: This is a somewhat crude analyzer for DCE/RPC (used on Microsoft
-// Windows systems) and shouldn't be considered as stable.
-
-#include "NetVar.h"
-#include "analyzer/protocol/tcp/TCP.h"
-#include "analyzer/protocol/dce-rpc/events.bif.h"
-#include "IPAddr.h"
-
-#include "dce_rpc_simple_pac.h"
-
-
-namespace analyzer { namespace dce_rpc {
-
-class UUID {
-public:
-	UUID();
-	UUID(const u_char data[16]);
-	UUID(const binpac::bytestring &uuid);
-	UUID(const char* s);
-
-	const char* to_string() const	{ return s.c_str(); }
-	const string& str() const	{ return s; }
-	bool operator==(const UUID& u) const
-		{ return s == u.str(); }
-	bool operator<(const UUID& u) const
-		{ return s < u.str(); }
-
-protected:
-	u_char data[16];
-	string s;
-};
-
-const char* uuid_to_string(const u_char* uuid_data);
-
-struct dce_rpc_endpoint_addr {
-	// All fields are in host byteorder.
-	IPAddr addr;
-	u_short port;
-	TransportProto proto;
-
-	dce_rpc_endpoint_addr()
-		{
-		addr = IPAddr();
-		port = 0;
-		proto = TRANSPORT_UNKNOWN;
-		}
-
-	bool is_valid_addr() const
-		{ return addr != IPAddr() && port != 0 && proto != TRANSPORT_UNKNOWN; }
-
-	bool operator<(dce_rpc_endpoint_addr const &e) const
-		{
-		if ( addr != e.addr )
-			return addr < e.addr;
-		if ( proto != e.proto )
-			return proto < e.proto;
-		if ( port != e.port )
-			return port < e.port;
-
-		return false;
-		}
-
-	string to_string() const
-		{
-		static char buf[128];
-		snprintf(buf, sizeof(buf), "%s/%d/%s",
-			addr.AsString().c_str(), port,
-			proto == TRANSPORT_TCP ? "tcp" :
-			(proto == TRANSPORT_UDP ? "udp" : "?"));
-
-		return string(buf);
-		}
-};
-
-/*
-enum DCE_RPC_PTYPE {
-	DCE_RPC_REQUEST, DCE_RPC_PING, DCE_RPC_RESPONSE, DCE_RPC_FAULT,
-	DCE_RPC_WORKING, DCE_RPC_NOCALL, DCE_RPC_REJECT, DCE_RPC_ACK,
-	DCE_RPC_CL_CANCEL, DCE_RPC_FACK, DCE_RPC_CANCEL_ACK, DCE_RPC_BIND,
-	DCE_RPC_BIND_ACK, DCE_RPC_BIND_NAK, DCE_RPC_ALTER_CONTEXT,
-	DCE_RPC_ALTER_CONTEXT_RESP, DCE_RPC_SHUTDOWN, DCE_RPC_CO_CANCEL,
-	DCE_RPC_ORPHANED,
-};
-*/
-
-#define DCE_RPC_HEADER_LENGTH 16
-
-class DCE_RPC_Header {
-public:
-	DCE_RPC_Header(analyzer::Analyzer* a, const u_char* bytes);
-
-	BifEnum::dce_rpc_ptype PTYPE() const	{ return ptype; }
-	int FragLen() const		{ return frag_len; }
-	int LittleEndian() const	{ return bytes[4] >> 4; }
-	bool Fragmented() const		{ return fragmented; }
-
-	void Weird(const char* msg)	{ analyzer->Weird(msg); }
-	void SetBytes(const u_char* b)	{ bytes = b; }
-
-protected:
-	analyzer::Analyzer* analyzer;
-	const u_char* bytes;
-	BifEnum::dce_rpc_ptype ptype;
-	int frag_len;
-	bool fragmented;
-};
-
-// Create a general DCE_RPC_Session class so that it can be used in
-// case the RPC conversation is tunneled through other connections,
-// e.g. through an SMB session.
-
-class DCE_RPC_Session {
-public:
-	DCE_RPC_Session(analyzer::Analyzer* a);
-	virtual ~DCE_RPC_Session() {}
-	virtual void DeliverPDU(int is_orig, int len, const u_char* data);
-
-	static bool LooksLikeRPC(int len, const u_char* msg);
-	static bool any_dce_rpc_event()
-		{ return dce_rpc_message || dce_rpc_bind || dce_rpc_request; }
-
-protected:
-	void DeliverBind(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
-	void DeliverRequest(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
-	void DeliverResponse(const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu);
-
-	void DeliverEpmapperRequest(
-			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-			const binpac::DCE_RPC_Simple::DCE_RPC_Request* req);
-	void DeliverEpmapperResponse(
-			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-			const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp);
-	void DeliverEpmapperMapResponse(
-			const binpac::DCE_RPC_Simple::DCE_RPC_PDU* pdu,
-			const binpac::DCE_RPC_Simple::DCE_RPC_Response* resp);
-
-	analyzer::Analyzer* analyzer;
-	UUID if_uuid;
-	BifEnum::dce_rpc_if_id if_id;
-	int opnum;
-	struct {
-		dce_rpc_endpoint_addr addr;
-		UUID uuid;
-	} mapped;
-};
-
-class Contents_DCE_RPC_Analyzer : public tcp::TCP_SupportAnalyzer {
-public:
-	Contents_DCE_RPC_Analyzer(Connection* conn, bool orig, DCE_RPC_Session* session,
-		bool speculative);
-	~Contents_DCE_RPC_Analyzer();
-
-protected:
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
-	virtual void DeliverPDU(int len, const u_char* data);
-
-	void InitState();
-
-	int speculation;
-	u_char* msg_buf;
-	int msg_len;
-	int buf_n;	// number of bytes in msg_buf
-	int buf_len;	// size off msg_buf
-	DCE_RPC_Header* hdr;
-
-	bool ParseHeader();
-
-	DCE_RPC_Session* session;
-};
-
-class DCE_RPC_Analyzer : public tcp::TCP_ApplicationAnalyzer {
-public:
-	DCE_RPC_Analyzer(Connection* conn, bool speculative = false);
-	~DCE_RPC_Analyzer();
-
-	static analyzer::Analyzer* Instantiate(Connection* conn)
-		{ return new DCE_RPC_Analyzer(conn); }
-
-protected:
-	DCE_RPC_Session* session;
-	bool speculative;
-};
-
-} } // namespace analyzer::* 
-
-#endif /* dce_rpc_h */
diff --git a/src/analyzer/protocol/smb/dce_rpc-protocol.pac b/src/analyzer/protocol/smb/dce_rpc-protocol.pac
deleted file mode 100644
index f13311a0fa..0000000000
--- a/src/analyzer/protocol/smb/dce_rpc-protocol.pac
+++ /dev/null
@@ -1,141 +0,0 @@
-# Definitions for DCE RPC.
-
-enum dce_rpc_ptype {
-	DCE_RPC_REQUEST,
-	DCE_RPC_PING,
-	DCE_RPC_RESPONSE,
-	DCE_RPC_FAULT,
-	DCE_RPC_WORKING,
-	DCE_RPC_NOCALL,
-	DCE_RPC_REJECT,
-	DCE_RPC_ACK,
-	DCE_RPC_CL_CANCEL,
-	DCE_RPC_FACK,
-	DCE_RPC_CANCEL_ACK,
-	DCE_RPC_BIND,
-	DCE_RPC_BIND_ACK,
-	DCE_RPC_BIND_NAK,
-	DCE_RPC_ALTER_CONTEXT,
-	DCE_RPC_ALTER_CONTEXT_RESP,
-	DCE_RPC_SHUTDOWN,
-	DCE_RPC_CO_CANCEL,
-	DCE_RPC_ORPHANED,
-};
-
-type uuid = bytestring &length = 16;
-
-type context_handle = record {
-	attrs : uint32;
-	uuid  : bytestring &length = 16;
-};
-
-#type rpc_if_id_t = record {
-#	if_uuid    : bytestring &length = 16;
-#	vers_major : uint16;
-#	vers_minor : uint16;
-#};
-
-type NDR_Format = record {
-	intchar    : uint8;
-	floatspec  : uint8;
-	reserved   : padding[2];
-} &let {
-	byteorder = (intchar >> 4) ? littleendian : bigendian;
-};
-
-#### There might be a endianness problem here: the frag_length
-# causes problems despite the NDR_Format having a byteorder set.
-
-type DCE_RPC_Header = record {
-	rpc_vers       : uint8 &check(rpc_vers == 5);
-	rpc_vers_minor : uint8;
-	PTYPE          : uint8;
-	pfc_flags      : uint8;
-	packed_drep    : NDR_Format;
-	frag_length    : uint16;
-	auth_length    : uint16;
-	call_id        : uint32;
-} &let {
-	frag = pfc_flags & 4;
-	lastfrag = (! frag) || (pfc_flags & 2);
-} &byteorder = packed_drep.byteorder;
-
-type Syntax = record {
-	uuid    : bytestring &length = 16;
-	version : uint32;
-};
-
-type ContextRequest = record {
-	id                : uint16;
-	num_syntaxes      : uint8;
-	reserved          : padding[1];
-	abstract_syntax   : Syntax;
-	transfer_syntaxes : Syntax[num_syntaxes];
-};
-
-type ContextReply = record {
-	ack_result        : uint16;
-	ack_reason        : uint16;
-	syntax            : Syntax;
-};
-
-type ContextList(is_request: bool) = record {
-	num_contexts   : uint8;
-	reserved       : padding[3];
-	req_reply      : case is_request of {
-		true  -> request_contexts : ContextRequest[num_contexts];
-		false -> reply_contexts   : ContextReply[num_contexts];
-	};
-};
-
-type DCE_RPC_Bind = record {
-	max_xmit_frag  : uint16;
-	max_recv_frag  : uint16;
-	assoc_group_id : uint32;
-	context_list   : ContextList(1);
-};
-
-type DCE_RPC_Bind_Ack = record {
-	max_xmit_frag   : uint16;
-	max_recv_frag   : uint16;
-	assoc_group_id  : uint32;
-	sec_addr_length : uint16;
-	sec_addr        : bytestring &length=sec_addr_length;
-	pad             : padding align 4;
-	contexts        : ContextList(0);
-};
-
-type DCE_RPC_AlterContext = record {
-	max_xmit_frag  : uint16;
-	max_recv_frag  : uint16;
-	assoc_group_id : uint32;
-	contexts       : ContextList(0);
-};
-
-type DCE_RPC_Request = record {
-	alloc_hint   : uint32;
-	context_id   : uint16;
-	opnum        : uint16;
-	# object     : uuid;
-	# stub_pad_0 : padding align 8;
-	stub         : bytestring &restofdata;
-};
-
-type DCE_RPC_Response = record {
-	alloc_hint   : uint32;
-	context_id   : uint16;
-	cancel_count : uint8;
-	reserved     : uint8;
-	# stub_pad_0 : padding align 8;
-	stub         : bytestring &restofdata;
-};
-
-type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
-	DCE_RPC_BIND     -> bind     : DCE_RPC_Bind;
-	DCE_RPC_BIND_ACK -> bind_ack : DCE_RPC_Bind_Ack;
-	DCE_RPC_REQUEST  -> request  : DCE_RPC_Request;
-	DCE_RPC_RESPONSE -> response : DCE_RPC_Response;
-	default          -> other    : bytestring &restofdata;
-};
-
-type DCE_RPC_Auth(header: DCE_RPC_Header) = uint8[header.auth_length];
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index cf6915a2d7..b7a64c1924 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -1,11 +1,3 @@
-# this won't work correctly yet, since sometimes the parameters
-# field in the transaction takes up all of the data field
-
-%include dce_rpc-protocol.pac
-
-%extern{
-	#include "DCE_RPC.h"
-%}
 
 refine connection SMB_Conn += {
 	%member{
@@ -14,9 +6,10 @@ refine connection SMB_Conn += {
 
 	function get_tree_is_pipe(tree_id: uint16): bool
 		%{
-		if ( tree_is_pipe_map.count(tree_id) == 0 )
+		if ( tree_is_pipe_map.count(tree_id) > 0 )
+			return tree_is_pipe_map.at(tree_id);
+		else
 			return false;
-		return tree_is_pipe_map[tree_id];
 		%}
 
 	function set_tree_is_pipe(tree_id: uint16, is_pipe: bool): bool
@@ -25,72 +18,36 @@ refine connection SMB_Conn += {
 		return true;
 		%}
 
-	function proc_smb_pipe_message(val: SMB_Pipe_message, header: SMB_Header): bool
+	function forward_dce_rpc(pipe_data: bytestring, is_orig: bool): bool
 		%{
-		switch ( ${val.rpc_header.PTYPE} ) {
-		case DCE_RPC_REQUEST:
-			if ( smb_pipe_request )
-				BifEvent::generate_smb_pipe_request(bro_analyzer(), 
-				                                    bro_analyzer()->Conn(),
-				                                    BuildHeaderVal(header),
-				                                    ${val.rpc_body.request.opnum});
-			break;
-		case DCE_RPC_RESPONSE:
-			if ( smb_pipe_response )
-				BifEvent::generate_smb_pipe_response(bro_analyzer(), 
-				                                     bro_analyzer()->Conn(), 
-				                                     BuildHeaderVal(header));
-			break;
-		case DCE_RPC_BIND_ACK:
-			if ( smb_pipe_bind_ack_response )
-				BifEvent::generate_smb_pipe_bind_ack_response(bro_analyzer(), 
-				                                              bro_analyzer()->Conn(),
-				                                              BuildHeaderVal(header));
-			break;
-		case DCE_RPC_BIND:
-			if ( smb_pipe_bind_request )
-				{
-				// TODO - the version number needs to be calculated properly
-				if ( ${val.rpc_body.bind.context_list.num_contexts} > 0 )
-					{
-					const char * uuid = analyzer::dce_rpc::uuid_to_string(${val.rpc_body.bind.context_list.request_contexts[0].abstract_syntax.uuid}.begin());
-					uint32_t version = ${val.rpc_body.bind.context_list.request_contexts[0].abstract_syntax.version};
-
-					BifEvent::generate_smb_pipe_bind_request(bro_analyzer(), 
-					                                         bro_analyzer()->Conn(), 
-					                                         BuildHeaderVal(header),
-					                                         new StringVal(uuid), 
-					                                         new StringVal(fmt("%d.0", version)));
-					}
-				}
-			break;
-		}
-		
+		if ( dcerpc )
+			dcerpc->DeliverStream(${pipe_data}.length(), ${pipe_data}.begin(), is_orig);
 		return true;
 		%}
 };
 
-type SMB_Pipe_message(header: SMB_Header, byte_count: uint16) = record { 
-	rpc_header : DCE_RPC_Header;
-	rpc_body   : DCE_RPC_Body(rpc_header);
+
+#type SMB_Pipe_message(header: SMB_Header, byte_count: uint16) = record { 
+#	rpc_header : DCE_RPC_Header;
+#	rpc_body   : DCE_RPC_Body(rpc_header);
 #	pipe_type: case $context.connection.determine_pipe_msg_type(rpc, opnum) of {
 #		1       -> atsvc_request : AT_SVC_Request(unicode, opnum);
 #		2       -> atsvc_reply   : AT_SVC_Reply(unicode, opnum);
 #		default -> unknown       : bytestring &restofdata; 
 #	};
-} &let {
-	proc: bool = $context.connection.proc_smb_pipe_message(this, header);
-} &byteorder = littleendian;
-
-type SMB_RAP_message(unicode: bool, byte_count: uint16) = record { 
-	rap_code   : uint16;
-	param_desc : SMB_string(unicode, offsetof(param_desc));
-	data_desc  : SMB_string(unicode, offsetof(data_desc));
-	data       : bytestring &restofdata; 
-} &byteorder = littleendian;
+#} &let {
+#	proc: bool = $context.connection.proc_smb_pipe_message(this, header);
+#} &byteorder = littleendian;
+#
+#type SMB_RAP_message(unicode: bool, byte_count: uint16) = record { 
+#	rap_code   : uint16;
+#	param_desc : SMB_string(unicode, offsetof(param_desc));
+#	data_desc  : SMB_string(unicode, offsetof(data_desc));
+#	data       : bytestring &restofdata; 
+#} &byteorder = littleendian;
 
 type AT_SVC_Request(unicode: bool, opnum: uint8) = record {
- 	empty: padding[1];
+	empty: padding[1];
 	op: case opnum of {
 		0       -> add     : AT_SVC_NetrJobAdd(unicode);
 		default -> unknown : bytestring &restofdata;
@@ -124,6 +81,6 @@ type AT_SVC_Reply(unicode: bool, opnum: uint16) = record {
 };
 
 type AT_SVC_JobID(unicode: bool) = record {
-	id: uint32;
-	status: uint32;
+	id     : uint32;
+	status : uint32;
 };
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index 918fd98169..5cf79562a1 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -2,6 +2,10 @@
 %include bro.pac
 
 %extern{
+#include "analyzer/Manager.h"
+#include "analyzer/Analyzer.h"
+// #include "analyzer/protocol/dce-rpc/DCE_RPC.h"
+
 #include "smb1_events.bif.h"
 #include "smb2_events.bif.h"
 
@@ -134,3 +138,18 @@ type SMB_Protocol_Identifier(is_orig: bool, msg_len: uint32) = record {
 flow SMB_Flow(is_orig: bool) {
 	flowunit = SMB_TCP(is_orig) withcontext(connection, this);
 };
+
+refine connection SMB_Conn += {
+	%member{
+		analyzer::Analyzer *dcerpc;
+	%}
+
+	%init{
+		dcerpc = analyzer_mgr->InstantiateAnalyzer("DCE_RPC", bro_analyzer->Conn());
+	%}
+
+	%cleanup{
+		if ( dcerpc )
+			delete dcerpc;
+	%}
+};
diff --git a/src/analyzer/protocol/smb/smb1-com-read-andx.pac b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
index 324eb1bb85..2b83fed1dc 100644
--- a/src/analyzer/protocol/smb/smb1-com-read-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
@@ -80,12 +80,10 @@ type SMB1_read_andx_response(header: SMB_Header) = record {
 	
 	byte_count        : uint16;
 	pad               : padding to data_offset - SMB_Header_length;
-	pipe_or_not       : case is_pipe of {
-		true    -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
-		default -> data      : bytestring &length=data_len;
-	} &requires(data_len);
+	data              : bytestring &length=data_len;
 } &let {
 	is_pipe     : bool   = $context.connection.get_tree_is_pipe(header.tid);
+	pipe_proc   : bool   = $context.connection.forward_dce_rpc(data, false) &if(is_pipe);
 
 	padding_len : uint8  = (header.unicode == 1) ? 1 : 0;
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac b/src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac
index 67bc3d4d4b..c2bc9490fa 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac
@@ -13,5 +13,5 @@ type SMB1_transaction_secondary_request(header: SMB_Header) = record {
 	pad1                : padding to param_offset - SMB_Header_length;
 	parameters          : bytestring &length = param_count;
 	pad2                : padding to data_offset - SMB_Header_length;
-	data                : SMB1_transaction_data(header, data_count, 0, SMB_UNKNOWN);
+	data                : SMB1_transaction_data(header, true, data_count, 0, SMB_UNKNOWN);
 };
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index 4db7a4a209..7319cf8954 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -4,9 +4,31 @@ enum Trans_subcommands {
 	NT_TRANSACT_CREATE2 = 0x0009,
 };
 
-
 refine connection SMB_Conn += {
 
+	%member{
+		map<uint16, bool> is_file_a_pipe;
+	%}
+
+	function get_is_file_a_pipe(id: uint16): bool
+		%{
+		if ( is_file_a_pipe.count(id) > 0 )
+			{
+			bool is_pipe = is_file_a_pipe.at(id);
+			is_file_a_pipe.erase(id);
+
+			return is_pipe;
+			}
+		else
+			return false;
+		%}
+
+	function set_is_file_a_pipe(id: uint16, is_it: bool): bool
+		%{
+		is_file_a_pipe[id] = is_it;
+		return true;
+		%}
+
 	function proc_smb1_transaction_request(header: SMB_Header, val: SMB1_transaction_request): bool
 		%{
 		if ( smb1_transaction_request )
@@ -15,6 +37,7 @@ refine connection SMB_Conn += {
 			                                            BuildHeaderVal(header),
 			                                            smb_string2stringval(${val.name}), 
 			                                            ${val.sub_cmd});
+
 		return true;
 		%}
 
@@ -38,14 +61,16 @@ refine connection SMB_Conn += {
 };
 
 
-type SMB1_transaction_data(header: SMB_Header, count: uint16, sub_cmd: uint16,
-                           trans_type: TransactionType) = case trans_type of {
-#	SMB_MAILSLOT_BROWSE -> mailslot : SMB_MailSlot_message(header.unicode, count);
-#	SMB_MAILSLOT_LANMAN -> lanman   : SMB_MailSlot_message(header.unicode, count);
-#	SMB_RAP             -> rap      : SMB_Pipe_message(header.unicode, count);
-	SMB_PIPE            -> pipe     : SMB_Pipe_message(header, count);
-	SMB_UNKNOWN         -> unknown  : bytestring &restofdata &transient;
-	default             -> data     : bytestring &restofdata &transient;
+type SMB1_transaction_data(header: SMB_Header, is_orig: bool, count: uint16, sub_cmd: uint16,
+                           trans_type: int) = case trans_type of {
+#	SMB_MAILSLOT_BROWSE -> mailslot  : SMB_MailSlot_message(header.unicode, count);
+#	SMB_MAILSLOT_LANMAN -> lanman    : SMB_MailSlot_message(header.unicode, count);
+#	SMB_RAP             -> rap       : SMB_Pipe_message(header.unicode, count);
+	SMB_PIPE            -> pipe_data : bytestring &restofdata;
+	SMB_UNKNOWN         -> unknown   : bytestring &restofdata &transient;
+	default             -> data      : bytestring &restofdata &transient;
+} &let {
+	pipe_proc : bool = $context.connection.forward_dce_rpc(pipe_data, is_orig) &if(trans_type == SMB_PIPE);
 };
 
 type SMB1_transaction_setup(header: SMB_Header) = record {
@@ -79,9 +104,13 @@ type SMB1_transaction_request(header: SMB_Header) = record {
 	pad1                : padding to param_offset - SMB_Header_length;
 	parameters          : bytestring &length = param_count;
 	pad2                : padding to data_offset - SMB_Header_length;
-	data                : SMB1_transaction_data(header, data_count, sub_cmd, determine_transaction_type(setup_count, name));
+	data                : SMB1_transaction_data(header, true, data_count, sub_cmd, transtype);
 } &let {
 	sub_cmd : uint16 = setup_count ? setup.op_code : 0;
+	transtype : int = determine_transaction_type(setup_count, name);
+	is_pipe : bool = (transtype == SMB_PIPE);
+
+	proc_set_pipe : bool = $context.connection.set_is_file_a_pipe(header.mid, is_pipe);
 	proc : bool = $context.connection.proc_smb1_transaction_request(header, this);
 };
 
@@ -104,8 +133,8 @@ type SMB1_transaction_response(header: SMB_Header) = record {
 	pad0                : padding to param_offset - SMB_Header_length;
 	parameters          : bytestring &length = param_count;
 	pad1                : padding to data_offset - SMB_Header_length;
-	data                : SMB1_transaction_data(header, data_count, 0, is_tree_a_pipe ? SMB_PIPE : SMB_UNKNOWN)[data_count>0 ? 1 : 0];
+	data                : SMB1_transaction_data(header, false, data_count, 0, is_pipe ? SMB_PIPE : SMB_UNKNOWN)[data_count>0 ? 1 : 0];
 } &let {
 	proc : bool = $context.connection.proc_smb1_transaction_response(header, this);
-	is_tree_a_pipe: bool = $context.connection.get_tree_is_pipe(header.tid);
+	is_pipe: bool = $context.connection.get_is_file_a_pipe(header.mid);
 };
diff --git a/src/analyzer/protocol/smb/smb1-com-write-andx.pac b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
index 29905fa3f7..3d4e160968 100644
--- a/src/analyzer/protocol/smb/smb1-com-write-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
@@ -52,12 +52,11 @@ type SMB1_write_andx_request(header: SMB_Header) = record {
 	
 	byte_count    : uint16;
 	pad           : padding to data_offset - SMB_Header_length;
-	pipe_or_not   : case is_pipe of {
-		true    -> pipe_data : SMB_Pipe_message(header, byte_count) &length=data_len;
-		default -> data      : bytestring &length=data_len;
-	} &requires(data_len);
+	data          : bytestring &length=data_len;
 } &let {
 	is_pipe     : bool   = $context.connection.get_tree_is_pipe(header.tid);
+	pipe_proc   : bool   = $context.connection.forward_dce_rpc(data, true) &if(is_pipe);
+
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
 	offset_high : uint32 = (word_count == 0x0E) ? offset_high_tmp : 0;
 	offset      : uint64 = (offset_high * 0x10000) + offset_low;
diff --git a/src/analyzer/protocol/smb/smb2-com-read.pac b/src/analyzer/protocol/smb/smb2-com-read.pac
index 587fac69cb..10e3a98acf 100644
--- a/src/analyzer/protocol/smb/smb2-com-read.pac
+++ b/src/analyzer/protocol/smb/smb2-com-read.pac
@@ -67,14 +67,10 @@ type SMB2_read_response(header: SMB2_Header) = record {
 	data_remaining    : uint32;
 	reserved          : uint32;
 	pad               : padding to data_offset - header.head_length;
-	pipe_or_not       : case is_pipe of {
-		# The SMB_Pipe_message type doesn't support smb2 pipes yet.
-		#true  -> pipe_data : SMB_Pipe_message(header, data_len) &length=data_len;
-		true  -> pipe_data : bytestring &length=data_len;
-		false -> data      : bytestring &length=data_len;
-	};
+	data              : bytestring &length=data_len;
 } &let {
-	is_pipe: bool = $context.connection.get_tree_is_pipe(header.tree_id);
+	is_pipe   : bool = $context.connection.get_tree_is_pipe(header.tree_id);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(data, false) &if(is_pipe);
 
 	proc: bool = $context.connection.proc_smb2_read_response(header, this);
 };
diff --git a/src/analyzer/protocol/smb/smb2-com-write.pac b/src/analyzer/protocol/smb/smb2-com-write.pac
index 3e09cb0145..06cfd1d1d6 100644
--- a/src/analyzer/protocol/smb/smb2-com-write.pac
+++ b/src/analyzer/protocol/smb/smb2-com-write.pac
@@ -43,14 +43,10 @@ type SMB2_write_request(header: SMB2_Header) = record {
 	channel_info_len    : uint16; # ignore
 	flags               : uint32;
 	pad                 : padding to data_offset - header.head_length;
-	pipe_or_not         : case is_pipe of {
-		# The SMB_Pipe_message type doesn't support smb2 pipes yet.
-		#true  -> pipe_data : SMB_Pipe_message(header, data_len) &length=data_len;
-		true  -> pipe_data : bytestring &length=data_len;
-		false -> data      : bytestring &length=data_len;
-	};
+	data                : bytestring &length=data_len;
 } &let {
 	is_pipe: bool = $context.connection.get_tree_is_pipe(header.tree_id);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(data, true) &if(is_pipe);
 
 	proc : bool = $context.connection.proc_smb2_write_request(header, this);
 };
diff --git a/src/types.bif b/src/types.bif
index f2a895f57f..01ad2a2b24 100644
--- a/src/types.bif
+++ b/src/types.bif
@@ -1,44 +1,5 @@
 ##! Declaration of various types that the Bro core uses internally.
 
-enum dce_rpc_ptype %{
-	DCE_RPC_REQUEST,
-	DCE_RPC_PING,
-	DCE_RPC_RESPONSE,
-	DCE_RPC_FAULT,
-	DCE_RPC_WORKING,
-	DCE_RPC_NOCALL,
-	DCE_RPC_REJECT,
-	DCE_RPC_ACK,
-	DCE_RPC_CL_CANCEL,
-	DCE_RPC_FACK,
-	DCE_RPC_CANCEL_ACK,
-	DCE_RPC_BIND,
-	DCE_RPC_BIND_ACK,
-	DCE_RPC_BIND_NAK,
-	DCE_RPC_ALTER_CONTEXT,
-	DCE_RPC_ALTER_CONTEXT_RESP,
-	DCE_RPC_SHUTDOWN,
-	DCE_RPC_CO_CANCEL,
-	DCE_RPC_ORPHANED,
-%}
-
-enum dce_rpc_if_id %{
-	DCE_RPC_unknown_if,
-	DCE_RPC_epmapper,
-	DCE_RPC_lsarpc,
-	DCE_RPC_lsa_ds,
-	DCE_RPC_mgmt,
-	DCE_RPC_netlogon,
-	DCE_RPC_samr,
-	DCE_RPC_srvsvc,
-	DCE_RPC_spoolss,
-	DCE_RPC_drs,
-	DCE_RPC_winspipe,
-	DCE_RPC_wkssvc,
-	DCE_RPC_oxid,
-	DCE_RPC_ISCMActivator,
-%}
-
 enum rpc_status %{
 	RPC_SUCCESS,
 	RPC_PROG_UNAVAIL,
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log
new file mode 100644
index 0000000000..584de66927
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log
@@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	dce_rpc
+#open	2016-04-01-05-18-25
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	rtt	named_pipe	endpoint	operation
+#types	time	string	addr	port	addr	port	interval	string	string	string
+1073392738.147860	CXWv6p3arKYeMETxOg	205.227.227.226	49467	205.227.227.243	445	0.004077	\\PIPE\\lsass	dssetup	DsRolerGetPrimaryDomainInformation
+#close	2016-04-01-05-18-25
diff --git a/testing/btest/Traces/smb/dssetup_DsRoleGetPrimaryDomainInformation_standalone_workstation.cap b/testing/btest/Traces/smb/dssetup_DsRoleGetPrimaryDomainInformation_standalone_workstation.cap
new file mode 100644
index 0000000000000000000000000000000000000000..0bbe41a67df9e82eed9a84179f300ba69a2131b7
GIT binary patch
literal 1619
zcmZ{kUr1AN6vw}Jf9#?|+(WP=wPt@DmMqFS@u6jolnR$pwo+&sZPP*F9_pcoWkS|t
z1Yv*BqClbq#V80Ni$S4+wH^|BsDu!rr|6}J);Yi5-Ob(IesJ#Z+<Siach2{G?(g24
ze*FO!*r1PfOXMnhe?RVprT!}UXQeg%QJa9qcT06Df<VL_4Iof7bA54T<ty3Gxh7@S
z6YlV3(#Ho=t|8Zyhqh7FVwC>a3}u0L@nky>H;YuN@`mpJ4K?e8S`TY+AWH*~>HS-1
zMO+#uru0;VNPp5>5kRWwj7ZHTD6?}-oSI7LOS$%Ec8zN3m4!)B0#L1|A2Cl)nY6^8
z$bBTup!<$HCUhS&=<cKBqpbVk`aIo}w99Eue4iYc>h{4!l7Ujbh%u&Ea;})IbXBw`
zBH{$Pkw6j=4B{O6C?+cp{37>>G(*eAyp^J5cbV3jmW@)&=BZ@^Uv?C<EUH&-+A<&9
zSww-7K(0EiNYg3BPs{Q{7G&-8L>9mA2DzW58QT8d9T#n{GPHd@lMdUs?N2WkwEY$r
zzm>K#Z+ipR(n`_ic{O#=vkp2E+elRxw>gA1vLJbY9VJ#?&97C6SLMr6zJmUm4ULYe
zCFku4ylh{tV;HdYj9mM^@vU=gRYh%C>nR2(^|t!ReI?BRYsOn8U|q?F6}EZ8o$-{b
zdC|VR0M<oauPLks6ay`k4e*n-h%5Lk+u;zZIG9tFOaKmahuT8H?nE+@Oj0Zd`TvUA
zw$rj{X$FE1-2H;!p?rd!aUwX(1b0$ZYknAfa1y#A(}Uw@g5|W%NU&TdNIxMXK?tq<
zS|u6vL<~h^a^w=-ev@Wk^3l6VFzGcg873yn#H8nDbpexcU4bbRKj)8$0+>lmV?zHt
zJ1nA34sx9#u?U!0Eg=p;`WPdO1YX6VMGB{!HlDlCPE9$819WZ2QGGx0C0d`2(~@Rs
g25x)Y1A^NN1GnW&`b15tY{+%~g3hg$e)N-n0T>-(p#T5?

literal 0
HcmV?d00001

diff --git a/testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test b/testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test
new file mode 100644
index 0000000000..52f05c57b4
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test
@@ -0,0 +1,5 @@
+# @TEST-EXEC: bro -b -C -r $TRACES/smb/dssetup_DsRoleGetPrimaryDomainInformation_standalone_workstation.cap %INPUT
+# @TEST-EXEC: btest-diff dce_rpc.log
+
+@load base/protocols/dce-rpc
+@load base/protocols/smb

From e2dfaf8a5bafeeb984e873cd036d5cc4df0860e9 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 09:43:13 -0400
Subject: [PATCH 39/84] Fixes to SMB file handling and logging.

There were some cases where the log would be missing a field
or data wouldn't get sent to file analysis.  At least some of
this is fixed now and I get confused a bit less when I look
at the logs now.

Also, I made the default handling "FILE" so that things like
FILE_UNKNOWN wouldn't show up in the logs so regularly.  It's
technically correct that way, but it doesn't look good and it's
correct as FILE often enough that it make sense to make it the
default I think.
---
 scripts/base/protocols/smb/files.bro          |  5 +-
 scripts/base/protocols/smb/main.bro           | 11 ++-
 scripts/base/protocols/smb/smb1-main.bro      | 19 ++--
 scripts/base/protocols/smb/smb2-main.bro      | 97 +++++++++----------
 src/analyzer/protocol/smb/SMB.cc              |  2 +-
 .../smb_files.log                             | 13 +--
 .../smb_files.log                             | 10 +-
 .../scripts/base/protocols/smb/smb2.test      |  1 +
 8 files changed, 82 insertions(+), 76 deletions(-)

diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.bro
index ba11629daa..2e20641547 100644
--- a/scripts/base/protocols/smb/files.bro
+++ b/scripts/base/protocols/smb/files.bro
@@ -12,14 +12,15 @@ export {
 
 function get_file_handle(c: connection, is_orig: bool): string
 	{
+		print "getting a file handle";
+print c$smb_state$current_cmd$referenced_file;
 	if ( ! (c$smb_state?$current_file &&
-	        ((c$smb_state$current_file?$name && c$smb_state$current_file$name !in pipe_names) || 
+	        (c$smb_state$current_file?$name || 
 	         c$smb_state$current_file?$path)) )
 		{
 		# TODO - figure out what are the cases where this happens.
 		return "";
 		}
-
 	local current_file = c$smb_state$current_file;
 	local path_name = current_file?$path ? current_file$path : "";
 	local file_name = current_file?$name ? current_file$name : "";
diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 8d52a2347a..66cca136c1 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -16,7 +16,8 @@ export {
 		FILE_WRITE,
 		FILE_OPEN,
 		FILE_CLOSE,
-		FILE_UNKNOWN,
+		FILE_DELETE,
+		FILE_RENAME,
 
 		PIPE_READ,
 		PIPE_WRITE,
@@ -91,7 +92,8 @@ export {
 		service             : string &log &optional;
 		## File system of the tree.
 		native_file_system  : string &log &optional;
-		## If this is SMB2, a share type will be included.
+		## If this is SMB2, a share type will be included.  For SMB1,
+		## the type of share will be deduced and included as well.
 		share_type          : string &log &default="UNKNOWN";
 	};
 
@@ -137,7 +139,7 @@ export {
 		tree_service	: string &log &optional;
 		
 		## If the command referenced a file, store it here.
-		referenced_file	: FileInfo &optional;
+		referenced_file	: FileInfo &log &optional;
 		## If the command referenced a tree, store it here.
 		referenced_tree	: TreeInfo &optional;
 	};
@@ -226,7 +228,8 @@ function set_current_file(smb_state: State, file_id: count)
 		smb_state$fid_map[file_id]$fid = file_id;
 		}
 	
-	smb_state$current_file = smb_state$fid_map[file_id];
+	smb_state$current_cmd$referenced_file = smb_state$fid_map[file_id];
+	smb_state$current_file = smb_state$current_cmd$referenced_file;
 	}
 
 function write_file_log(state: State)
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 6c9fcf5b34..a6deeee812 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -31,8 +31,7 @@ event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=5
 
 	if ( tid !in smb_state$tid_map )
 		{
-		local tmp_tree: SMB::TreeInfo = [$uid=c$uid, $id=c$id];
-		smb_state$tid_map[tid] = tmp_tree;
+		smb_state$tid_map[tid] = SMB::TreeInfo($uid=c$uid, $id=c$id);
 		}
 	smb_state$current_tree = smb_state$tid_map[tid];
 	if ( smb_state$current_tree?$path )
@@ -47,9 +46,9 @@ event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=5
 	
 	if ( mid !in smb_state$pending_cmds )
 		{
-		local tmp_cmd: SMB::CmdInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB1", $command = SMB1::commands[hdr$command]];
+		local tmp_cmd = SMB::CmdInfo($ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB1", $command = SMB1::commands[hdr$command]);
 
-		local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
+		local tmp_file = SMB::FileInfo($ts=network_time(), $uid=c$uid, $id=c$id);
 		tmp_cmd$referenced_file = tmp_file;
 		tmp_cmd$referenced_tree = smb_state$current_tree;
 		
@@ -63,7 +62,7 @@ event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=5
 		smb_state$current_cmd$rtt = network_time() - smb_state$current_cmd$ts;
 		smb_state$current_cmd$status = SMB::statuses[hdr$status]$id;
 		}
-}
+	}
 
 event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=-5
 	{
@@ -116,7 +115,7 @@ event smb1_negotiate_response(c: connection, hdr: SMB1::Header, response: SMB1::
 	
 event smb1_tree_connect_andx_request(c: connection, hdr: SMB1::Header, path: string, service: string) &priority=5
 	{
-	local tmp_tree: SMB::TreeInfo = [$ts=network_time(), $uid=c$uid, $id=c$id, $path=path, $service=service];
+	local tmp_tree = SMB::TreeInfo($ts=network_time(), $uid=c$uid, $id=c$id, $path=path, $service=service);
 
 	c$smb_state$current_cmd$referenced_tree = tmp_tree;
 	c$smb_state$current_cmd$argument = path;
@@ -125,9 +124,13 @@ event smb1_tree_connect_andx_request(c: connection, hdr: SMB1::Header, path: str
 event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service: string, native_file_system: string) &priority=5
 	{
 	c$smb_state$current_cmd$referenced_tree$service = service;
+	if ( service == "IPC" )
+		c$smb_state$current_cmd$referenced_tree$share_type = "PIPE";
+
 	c$smb_state$current_cmd$tree_service = service;
 	
-	c$smb_state$current_cmd$referenced_tree$native_file_system = native_file_system;
+	if ( native_file_system != "" )
+		c$smb_state$current_cmd$referenced_tree$native_file_system = native_file_system;
 
 	c$smb_state$current_tree = c$smb_state$current_cmd$referenced_tree;
 	c$smb_state$tid_map[hdr$tid] = c$smb_state$current_tree;
@@ -146,7 +149,7 @@ event smb1_tree_connect_andx_response(c: connection, hdr: SMB1::Header, service:
 
 event smb1_nt_create_andx_request(c: connection, hdr: SMB1::Header, name: string) &priority=5
 	{
-	local tmp_file: SMB::FileInfo = [$ts=network_time(), $uid=c$uid, $id=c$id];
+	local tmp_file = SMB::FileInfo($ts=network_time(), $uid=c$uid, $id=c$id);
 	c$smb_state$current_cmd$referenced_file = tmp_file;
 
 	c$smb_state$current_cmd$referenced_file$name = name;
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index acc654ae58..1d0c60e117 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -21,30 +21,37 @@ event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=5
 	local pid = hdr$process_id;
 	local mid = hdr$message_id;
 	local sid = hdr$session_id;
-	
-	if ( tid !in smb_state$tid_map )
-		{
-		local tmp_tree: SMB::TreeInfo = [$uid=c$uid, $id=c$id];
-		smb_state$tid_map[tid] = tmp_tree;
-		}
-	smb_state$current_tree = smb_state$tid_map[tid];
 
 	if ( mid !in smb_state$pending_cmds )
 		{
-		local tmp_cmd = SMB::CmdInfo($ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2", $command = SMB2::commands[hdr$command]);
-
 		local tmp_file = SMB::FileInfo($ts=network_time(), $uid=c$uid, $id=c$id);
-		if ( smb_state$current_tree?$path )
-			tmp_file$path = smb_state$current_tree$path;
-
+		local tmp_cmd = SMB::CmdInfo($ts=network_time(), $uid=c$uid, $id=c$id, $version="SMB2", $command = SMB2::commands[hdr$command]);
 		tmp_cmd$referenced_file = tmp_file;
-		tmp_cmd$referenced_tree = smb_state$current_tree;
-		
 		smb_state$pending_cmds[mid] = tmp_cmd;
 		}
-
 	smb_state$current_cmd = smb_state$pending_cmds[mid];
 
+	if ( tid > 0 )
+		{
+		if ( smb_state$current_cmd?$referenced_tree )
+			{
+			smb_state$tid_map[tid] = smb_state$current_cmd$referenced_tree;
+			}
+		else if ( tid !in smb_state$tid_map )
+			{
+			local tmp_tree = SMB::TreeInfo($ts=network_time(), $uid=c$uid, $id=c$id);
+			smb_state$tid_map[tid] = tmp_tree;
+			}
+		smb_state$current_cmd$referenced_tree = smb_state$tid_map[tid];
+		}
+	else
+		{
+		smb_state$current_cmd$referenced_tree = SMB::TreeInfo($ts=network_time(), $uid=c$uid, $id=c$id);
+		}
+
+	smb_state$current_file = smb_state$current_cmd$referenced_file;
+	smb_state$current_tree = smb_state$current_cmd$referenced_tree;
+
 	if ( !is_orig )
 		{
 		smb_state$current_cmd$rtt = network_time() - smb_state$current_cmd$ts;
@@ -99,16 +106,12 @@ event smb2_negotiate_response(c: connection, hdr: SMB2::Header, response: SMB2::
 	
 event smb2_tree_connect_request(c: connection, hdr: SMB2::Header, path: string) &priority=5
 	{
-	local tmp_tree = SMB::TreeInfo($ts=network_time(), $uid=c$uid, $id=c$id, $path=path);
-
-	c$smb_state$current_cmd$referenced_tree = tmp_tree;
+	c$smb_state$current_tree$path = path;
 	}
 
 event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse) &priority=5
 	{
-	c$smb_state$current_cmd$referenced_tree$share_type = SMB2::share_types[response$share_type];
-	c$smb_state$current_tree = c$smb_state$current_cmd$referenced_tree;
-	c$smb_state$tid_map[hdr$tree_id] = c$smb_state$current_tree;
+	c$smb_state$current_tree$share_type = SMB2::share_types[response$share_type];
 	}
 
 event smb2_tree_connect_response(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse) &priority=-5
@@ -121,42 +124,43 @@ event smb2_create_request(c: connection, hdr: SMB2::Header, name: string) &prior
 	if ( name == "")
 		name = "<share_root>";
 
-	local tmp_file = SMB::FileInfo($ts=network_time(), $uid=c$uid, $id=c$id, $name=name);
+	c$smb_state$current_file$name = name;
 
-	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+	switch ( c$smb_state$current_tree$share_type )
 		{
 		case "DISK":
-			tmp_file$action = SMB::FILE_OPEN;
+			c$smb_state$current_file$action = SMB::FILE_OPEN;
 			break;
 		case "PIPE":
-			tmp_file$action = SMB::PIPE_OPEN;
+			c$smb_state$current_file$action = SMB::PIPE_OPEN;
 			break;
 		case "PRINT":
-			tmp_file$action = SMB::PRINT_OPEN;
+			c$smb_state$current_file$action = SMB::PRINT_OPEN;
 			break;
 		default:
-			tmp_file$action = SMB::UNKNOWN_OPEN;
+			#c$smb_state$current_file$action = SMB::UNKNOWN_OPEN;
+			c$smb_state$current_file$action = SMB::FILE_OPEN;
 			break;
 		}
-	c$smb_state$current_cmd$referenced_file = tmp_file;
-	c$smb_state$current_file = c$smb_state$current_cmd$referenced_file;
 	}
 
 event smb2_create_response(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, file_size: count, times: SMB::MACTimes, attrs: SMB2::FileAttrs) &priority=5
 	{
-	c$smb_state$current_cmd$referenced_file$fid = file_id$persistent+file_id$volatile;
-	c$smb_state$current_cmd$referenced_file$size = file_size;
+	c$smb_state$current_file$fid = file_id$persistent+file_id$volatile;
+	c$smb_state$current_file$size = file_size;
+
+	if ( c$smb_state$current_tree?$path )
+		c$smb_state$current_file$path = c$smb_state$current_tree$path;
 
 	# I'm seeing negative data from IPC tree transfers
 	if ( time_to_double(times$modified) > 0.0 )
-		c$smb_state$current_cmd$referenced_file$times = times;
+		c$smb_state$current_file$times = times;
 
 	# We can identify the file by its file id now so let's stick it 
 	# in the file map.
-	c$smb_state$fid_map[file_id$persistent+file_id$volatile] = c$smb_state$current_cmd$referenced_file;
+	c$smb_state$fid_map[file_id$persistent+file_id$volatile] = c$smb_state$current_file;
 	
 	c$smb_state$current_file = c$smb_state$fid_map[file_id$persistent+file_id$volatile];
-
 	SMB::write_file_log(c$smb_state);
 	}
 
@@ -171,7 +175,7 @@ event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, o
 	{
 	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
 
-	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+	switch ( c$smb_state$current_tree$share_type )
 		{
 		case "DISK":
 			c$smb_state$current_file$action = SMB::FILE_READ;
@@ -183,25 +187,21 @@ event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, o
 			c$smb_state$current_file$action = SMB::PRINT_READ;
 			break;
 		default:
-			c$smb_state$current_file$action = SMB::UNKNOWN_OPEN;
+			#c$smb_state$current_file$action = SMB::UNKNOWN_OPEN;
+			c$smb_state$current_file$action = SMB::FILE_OPEN;
 			break;
 		}
 	}
 
 event smb2_read_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=-5
 	{ 
-	if ( c$smb_state$current_tree?$path && !c$smb_state$current_file?$path )
-		c$smb_state$current_file$path = c$smb_state$current_tree$path;
-
-	# TODO - Why is this commented out?
-	#write_file_log(c$smb_state);
 	}
 
 event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=5
 	{
 	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
 
-	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+	switch ( c$smb_state$current_tree$share_type )
 		{
 		case "DISK":
 			c$smb_state$current_file$action = SMB::FILE_WRITE;
@@ -213,25 +213,21 @@ event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID,
 			c$smb_state$current_file$action = SMB::PRINT_WRITE;
 			break;
 		default:
-			c$smb_state$current_file$action = SMB::UNKNOWN_WRITE;
+			#c$smb_state$current_file$action = SMB::UNKNOWN_WRITE;
+			c$smb_state$current_file$action = SMB::FILE_WRITE;
 			break;
 		}
 	}
 
 event smb2_write_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, offset: count, length: count) &priority=-5
 	{
-	if ( c$smb_state$current_tree?$path && ! c$smb_state$current_file?$path )
-		c$smb_state$current_file$path = c$smb_state$current_tree$path;
-
-	# TODO - Why is this commented out?
-	#write_file_log(c$smb_state);
 	}
 
 event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID) &priority=5
 	{
 	SMB::set_current_file(c$smb_state, file_id$persistent+file_id$volatile);
 
-	switch ( c$smb_state$current_cmd$referenced_tree$share_type )
+	switch ( c$smb_state$current_tree$share_type )
 		{
 		case "DISK":
 			c$smb_state$current_file$action = SMB::FILE_CLOSE;
@@ -243,7 +239,8 @@ event smb2_close_request(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID)
 			c$smb_state$current_file$action = SMB::PRINT_CLOSE;
 			break;
 		default:
-			c$smb_state$current_file$action = SMB::UNKNOWN_CLOSE;
+			#c$smb_state$current_file$action = SMB::UNKNOWN_CLOSE;
+			c$smb_state$current_file$action = SMB::FILE_CLOSE;
 			break;
 		}
 	}
diff --git a/src/analyzer/protocol/smb/SMB.cc b/src/analyzer/protocol/smb/SMB.cc
index 19e7dec13f..cb35afcf07 100644
--- a/src/analyzer/protocol/smb/SMB.cc
+++ b/src/analyzer/protocol/smb/SMB.cc
@@ -13,7 +13,7 @@ SMB_Analyzer::SMB_Analyzer(Connection *conn)
 	interp = new binpac::SMB::SMB_Conn(this);
 	AddSupportAnalyzer(new Contents_SMB(conn, true));
 	AddSupportAnalyzer(new Contents_SMB(conn, false));
-}
+	}
 
 SMB_Analyzer::~SMB_Analyzer()
 	{
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
index ca5e9e9cc8..46781576ac 100644
--- a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
@@ -3,11 +3,12 @@
 #empty_field	(empty)
 #unset_field	-
 #path	smb_files
-#open	2016-03-09-09-45-49
+#open	2016-04-01-13-33-43
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
 #types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
-1403194573.483536	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	<share_root>	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
-1403194573.484701	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	Test	0	1403193632.973276	1403193632.973276	1403193604.628965	1403193632.973276
-1403194574.150293	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::UNKNOWN_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
-1403194574.232191	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	FyxE5A19VJyangfN54	SMB::UNKNOWN_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
-#close	2016-03-09-09-45-49
+1403194573.483536	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::FILE_OPEN	-	<share_root>	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
+1403194573.484701	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::FILE_OPEN	-	Test	0	1403193632.973276	1403193632.973276	1403193604.628965	1403193632.973276
+1403194574.150293	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::FILE_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
+1403194574.232191	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	FyxE5A19VJyangfN54	SMB::FILE_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
+1403194574.232191	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	FyxE5A19VJyangfN54	SMB::FILE_CLOSE	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
+#close	2016-04-01-13-33-43
diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
index 2898285056..8b7349718b 100644
--- a/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb2/smb_files.log
@@ -3,12 +3,12 @@
 #empty_field	(empty)
 #unset_field	-
 #path	smb_files
-#open	2016-03-09-09-45-59
+#open	2016-04-01-08-31-01
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
 #types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
-1323202695.377459	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	<share_root>	8192	1323202604.512058	1323202604.512058	1322343963.945297	1323202604.512058
-1323202695.432192	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	WP_SMBPlugin.pdf	0	1323202695.427034	1323202695.427034	1323202695.427034	1323202695.427034
+1323202695.377459	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	\\\\10.0.0.12\\smb2	<share_root>	8192	1323202604.512058	1323202604.512058	1322343963.945297	1323202604.512058
+1323202695.432192	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	\\\\10.0.0.12\\smb2	WP_SMBPlugin.pdf	0	1323202695.427034	1323202695.427034	1323202695.427034	1323202695.427034
 1323202695.432192	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	FUU9mc3Ub5uZdcqg1d	SMB::FILE_CLOSE	\\\\10.0.0.12\\smb2	WP_SMBPlugin.pdf	0	1323202695.427034	1323202695.427034	1323202695.427034	1323202695.427034
-1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	-	<share_root>	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
+1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_OPEN	\\\\10.0.0.12\\smb2	<share_root>	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
 1323202695.599914	CXWv6p3arKYeMETxOg	10.0.0.11	49208	10.0.0.12	445	-	SMB::FILE_CLOSE	\\\\10.0.0.12\\smb2	<share_root>	8192	1323202695.427034	1323202695.427034	1322343963.945297	1323202695.427034
-#close	2016-03-09-09-45-59
+#close	2016-04-01-08-31-01
diff --git a/testing/btest/scripts/base/protocols/smb/smb2.test b/testing/btest/scripts/base/protocols/smb/smb2.test
index b935175204..5684d7ddf8 100644
--- a/testing/btest/scripts/base/protocols/smb/smb2.test
+++ b/testing/btest/scripts/base/protocols/smb/smb2.test
@@ -6,3 +6,4 @@
 # @TEST-EXEC: test ! -f weird.log
 
 @load base/protocols/smb
+

From e70a528ad62c1ed1e4e442ce9f4c335a056c687d Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 09:48:46 -0400
Subject: [PATCH 40/84] Removing some left over debugging prints.

---
 scripts/base/protocols/smb/files.bro | 2 --
 1 file changed, 2 deletions(-)

diff --git a/scripts/base/protocols/smb/files.bro b/scripts/base/protocols/smb/files.bro
index 2e20641547..82c65686fd 100644
--- a/scripts/base/protocols/smb/files.bro
+++ b/scripts/base/protocols/smb/files.bro
@@ -12,8 +12,6 @@ export {
 
 function get_file_handle(c: connection, is_orig: bool): string
 	{
-		print "getting a file handle";
-print c$smb_state$current_cmd$referenced_file;
 	if ( ! (c$smb_state?$current_file &&
 	        (c$smb_state$current_file?$name || 
 	         c$smb_state$current_file?$path)) )

From 086519e851e534c2190f26e140ff24d09e366a55 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 10:16:02 -0400
Subject: [PATCH 41/84] Adding more dcerpc operations and fixing a bug with how
 log records are handled.

---
 scripts/base/protocols/dce-rpc/consts.bro | 35 +++++++++++++++++++++++
 scripts/base/protocols/dce-rpc/main.bro   | 11 +++++--
 2 files changed, 44 insertions(+), 2 deletions(-)

diff --git a/scripts/base/protocols/dce-rpc/consts.bro b/scripts/base/protocols/dce-rpc/consts.bro
index bdef75b619..a8ce3a617e 100644
--- a/scripts/base/protocols/dce-rpc/consts.bro
+++ b/scripts/base/protocols/dce-rpc/consts.bro
@@ -1369,6 +1369,41 @@ export {
 		["2f5f3220-c126-1076-b549-074d078619da",0x10] = "NDdeTrustedShareEnumW",
 		["2f5f3220-c126-1076-b549-074d078619da",0x12] = "NDdeSpecialCommand",
 
+		# BackupKey
 		["3dde7c30-165d-11d1-ab8f-00805f14db40",0x00] = "bkrp_BackupKey",
+
+		# wkssvc
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x00] = "NetrWkstaGetInfo",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x01] = "NetrWkstaSetInfo",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x02] = "NetrWkstaUserEnum",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x03] = "NetrWkstaUserGetInfo",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x04] = "NetrWkstaUserSetInfo",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x05] = "NetrWkstaTransportEnum",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x06] = "NetrWkstaTransportAdd",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x07] = "NetrWkstaTransportDel",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x08] = "NetrUseAdd",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x09] = "NetrUseGetInfo",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x0a] = "NetrUseDel",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x0b] = "NetrUseEnum",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x0c] = "NetrMessageBufferSend",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x0d] = "NetrWorkstationStatisticsGet",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x0e] = "NetrLogonDomainNameAdd",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x0f] = "NetrLogonDomainNameDel",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x10] = "NetrJoinDomain",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x11] = "NetrUnjoinDomain",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x12] = "NetrValidateName",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x13] = "NetrRenameMachineInDomain",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x14] = "NetrGetJoinInformation",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x15] = "NetrGetJoinableOUs",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x16] = "NetrJoinDomain2",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x17] = "NetrUnjoinDomain2",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x18] = "NetrRenameMachineInDomain2",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x19] = "NetrValidateName2",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x1a] = "NetrGetJoinableOUs2",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x1b] = "NetrAddAlternateComputerName",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x1c] = "NetrRemoveAlternateComputerName",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x1d] = "NetrSetPrimaryComputerName",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x1e] = "NetrEnumerateComputerNames",
+		["6bffd098-a112-3610-9833-46c3f87e345a",0x1f] = "NetrWorkstationResetDfsCache",
 	} &redef &default=function(uuid: string, i: count): string { return fmt("unknown-%d", i); };
 }
diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 565b208db0..2165191cd0 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -80,9 +80,9 @@ event dce_rpc_request(c: connection, opnum: count, stub: string) &priority=5
 	{
 	set_session(c);
 
-	if ( c?$dce_rpc && c$dce_rpc?$endpoint )
+	if ( c?$dce_rpc  )
 		{
-
+		c$dce_rpc$ts = network_time();
 		}
 	}
 
@@ -95,8 +95,15 @@ event dce_rpc_response(c: connection, opnum: count, stub: string) &priority=5
 		c$dce_rpc$operation = operations[c$dce_rpc$uuid, opnum];
 		if ( c$dce_rpc$ts != network_time() )
 			c$dce_rpc$rtt = network_time() - c$dce_rpc$ts;
+		}
+	}
 
+event dce_rpc_response(c: connection, opnum: count, stub: string) &priority=-5
+	{
+	if ( c?$dce_rpc )
+		{
 		Log::write(LOG, c$dce_rpc);
+		delete c$dce_rpc;
 		}
 	}
 

From 03d5b655af7163de49b4e90f014329065c850681 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 13:01:23 -0400
Subject: [PATCH 42/84] Add epmapper operations to dce_rpc scripts.

---
 scripts/base/protocols/dce-rpc/consts.bro | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/scripts/base/protocols/dce-rpc/consts.bro b/scripts/base/protocols/dce-rpc/consts.bro
index a8ce3a617e..c38323a978 100644
--- a/scripts/base/protocols/dce-rpc/consts.bro
+++ b/scripts/base/protocols/dce-rpc/consts.bro
@@ -1405,5 +1405,16 @@ export {
 		["6bffd098-a112-3610-9833-46c3f87e345a",0x1d] = "NetrSetPrimaryComputerName",
 		["6bffd098-a112-3610-9833-46c3f87e345a",0x1e] = "NetrEnumerateComputerNames",
 		["6bffd098-a112-3610-9833-46c3f87e345a",0x1f] = "NetrWorkstationResetDfsCache",
+
+		# epmp
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x00] = "ept_insert",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x01] = "ept_delete",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x02] = "ept_lookup",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x03] = "ept_map",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x04] = "ept_lookup_handle_free",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x05] = "ept_inq_object",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x06] = "ept_mgmt_delete",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x07] = "ept_map_auth",
+		["e1af8308-5d1f-11c9-91a4-08002b14a0fa",0x08] = "ept_map_auth_async",
 	} &redef &default=function(uuid: string, i: count): string { return fmt("unknown-%d", i); };
 }

From b1f8f0c0991a18d679ada540df52d8d55915257f Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 14:48:07 -0400
Subject: [PATCH 43/84] Improvements for DCE_RPC

 - Binding context versions are provided correctly now.
 - RPC stubs are no longer provided and instead only the length is given.
 - Some parsing problems related to handling the optional
   auth fields in RPC messages are fixed.  This removes some
   dpd log messages I was seeing.
---
 scripts/base/protocols/dce-rpc/main.bro       | 17 +++++++-----
 .../protocol/dce-rpc/dce_rpc-analyzer.pac     | 10 ++++---
 .../protocol/dce-rpc/dce_rpc-protocol.pac     | 26 ++++++++++++++-----
 src/analyzer/protocol/dce-rpc/events.bif      |  6 ++---
 4 files changed, 40 insertions(+), 19 deletions(-)

diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 2165191cd0..1b78ed88a9 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -26,7 +26,9 @@ export {
 	};
 
 	## Set of interface UUID values to ignore.
-	const ignored_uuids = set("e1af8308-5d1f-11c9-91a4-08002b14a0fa") &redef;
+	const ignored_uuids: set[string] = set(
+		"e1af8308-5d1f-11c9-91a4-08002b14a0fa" #epmapper
+	) &redef;
 }
 
 redef record Info += {
@@ -56,7 +58,7 @@ function set_session(c: connection)
 		}
 	}
 
-event dce_rpc_bind(c: connection, uuid: string, version: string) &priority=5
+event dce_rpc_bind(c: connection, uuid: string, ver_major: count, ver_minor: count) &priority=5
 	{
 	set_session(c);
 
@@ -76,7 +78,7 @@ event dce_rpc_bind_ack(c: connection, sec_addr: string) &priority=5
 		c$dce_rpc$named_pipe = sec_addr;
 	}
 
-event dce_rpc_request(c: connection, opnum: count, stub: string) &priority=5
+event dce_rpc_request(c: connection, opnum: count, stub_len: count) &priority=5
 	{
 	set_session(c);
 
@@ -86,7 +88,7 @@ event dce_rpc_request(c: connection, opnum: count, stub: string) &priority=5
 		}
 	}
 
-event dce_rpc_response(c: connection, opnum: count, stub: string) &priority=5
+event dce_rpc_response(c: connection, opnum: count, stub_len: count) &priority=5
 	{
 	set_session(c);
 
@@ -98,11 +100,14 @@ event dce_rpc_response(c: connection, opnum: count, stub: string) &priority=5
 		}
 	}
 
-event dce_rpc_response(c: connection, opnum: count, stub: string) &priority=-5
+event dce_rpc_response(c: connection, opnum: count, stub_len: count) &priority=-5
 	{
 	if ( c?$dce_rpc )
 		{
-		Log::write(LOG, c$dce_rpc);
+		# If there is not endpoint, there isn't much reason to log.
+		# This can happen if the request isn't seen.
+		if ( c$dce_rpc?$endpoint )
+			Log::write(LOG, c$dce_rpc);
 		delete c$dce_rpc;
 		}
 	}
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
index 9482fa8cee..dce1340bb5 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
@@ -46,13 +46,15 @@ refine connection DCE_RPC_Conn += {
 			for ( int i = 0; i < ${bind_elems.num_contexts}; ++i )
 				{
 				$const_def{uuid = bind_elems.request_contexts[i].abstract_syntax.uuid};
-				$const_def{version = bind_elems.request_contexts[i].abstract_syntax.version};
+				$const_def{ver_major = bind_elems.request_contexts[i].abstract_syntax.ver_major};
+				$const_def{ver_minor = bind_elems.request_contexts[i].abstract_syntax.ver_minor};
 
 				// Queue the event
 				BifEvent::generate_dce_rpc_bind(bro_analyzer(),
 				                                bro_analyzer()->Conn(),
 				                                bytestring_to_val(${uuid}),
-				                                new StringVal(fmt("%d.0", ${version})));
+				                                ${ver_major},
+				                                ${ver_minor});
 				}
 			}
 
@@ -84,7 +86,7 @@ refine connection DCE_RPC_Conn += {
 			BifEvent::generate_dce_rpc_request(bro_analyzer(),
 			                                   bro_analyzer()->Conn(),
 			                                   ${req.opnum},
-			                                   bytestring_to_val(${req.stub}));
+			                                   ${req.stub}.length());
 			}
 
 		set_cont_id_opnum_map(${req.context_id},
@@ -99,7 +101,7 @@ refine connection DCE_RPC_Conn += {
 			BifEvent::generate_dce_rpc_response(bro_analyzer(),
 			                                    bro_analyzer()->Conn(),
 			                                    get_cont_id_opnum_map(${resp.context_id}),
-			                                    bytestring_to_val(${resp.stub}));
+			                                    ${resp.stub}.length());
 			}
 
 		return true;
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
index 847ca182e2..037adbf42c 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
@@ -32,11 +32,11 @@ type context_handle = record {
 type DCE_RPC_PDU(is_orig: bool) = record {
 	# Set header's byteorder to little-endian (or big-endian) to
 	# avoid cyclic dependency.
-	header	: DCE_RPC_Header(is_orig);
+	header  : DCE_RPC_Header(is_orig);
 	# TODO: bring back reassembly.  It was having trouble.
-	#frag	: bytestring &length = body_length;
+	#frag    : bytestring &length = body_length;
 	body    : DCE_RPC_Body(header);
-	auth	: DCE_RPC_Auth(header);
+	#auth    : DCE_RPC_Auth_wrapper(header);
 } &let {
 	#body_length      : int  = header.frag_length - sizeof(header) - header.auth_length;
 	#frag_reassembled : bool = $context.flow.reassemble_fragment(frag, header.lastfrag);
@@ -78,8 +78,9 @@ type DCE_RPC_Header(is_orig: bool) = record {
 } &byteorder = packed_drep.byteorder;
 
 type Syntax = record {
-	uuid    : bytestring &length = 16;
-	version : uint32;
+	uuid      : bytestring &length = 16;
+	ver_major : uint16;
+	ver_minor : uint16;
 };
 
 type ContextRequest = record {
@@ -153,6 +154,19 @@ type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
 	DCE_RPC_REQUEST  -> request  : DCE_RPC_Request;
 	DCE_RPC_RESPONSE -> response : DCE_RPC_Response;
 	default          -> other    : bytestring &restofdata;
+} &length=header.frag_length-16-header.auth_length;
+# sizeof(DCE_RPC_Header) <- doesn't work, it's the "16" above
+
+type DCE_RPC_Auth_wrapper(header: DCE_RPC_Header) = case header.auth_length of {
+	0       -> none : empty;
+	default -> auth : DCE_RPC_Auth(header);
 };
 
-type DCE_RPC_Auth(header: DCE_RPC_Header) = uint8[header.auth_length];
+type DCE_RPC_Auth(header: DCE_RPC_Header) = record {
+	type       : uint8;
+	level      : uint8;
+	pad_len    : uint8;
+	reserved   : uint8;
+	context_id : uint32;
+	blob       : bytestring &length=header.auth_length;
+};
diff --git a/src/analyzer/protocol/dce-rpc/events.bif b/src/analyzer/protocol/dce-rpc/events.bif
index 94fd402dba..0a8eb7ca4a 100644
--- a/src/analyzer/protocol/dce-rpc/events.bif
+++ b/src/analyzer/protocol/dce-rpc/events.bif
@@ -8,7 +8,7 @@ event dce_rpc_message%(c: connection, is_orig: bool, ptype_id: count, ptype: DCE
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply  dce_rpc_message dce_rpc_request
 ##    dce_rpc_response rpc_timeout
-event dce_rpc_bind%(c: connection, uuid: string, version: string%);
+event dce_rpc_bind%(c: connection, uuid: string, ver_major: count, ver_minor: count%);
 
 event dce_rpc_bind_ack%(c: connection, sec_addr: string%);
 
@@ -16,13 +16,13 @@ event dce_rpc_bind_ack%(c: connection, sec_addr: string%);
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
 ##    dce_rpc_response rpc_timeout
-event dce_rpc_request%(c: connection, opnum: count, stub: string%);
+event dce_rpc_request%(c: connection, opnum: count, stub_len: count%);
 
 ## TODO.
 ##
 ## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
 ##    dce_rpc_request  rpc_timeout
-event dce_rpc_response%(c: connection, opnum: count, stub: string%);
+event dce_rpc_response%(c: connection, opnum: count, stub_len: count%);
 
 ## TODO.
 ##

From 473728e48605407b9a7f930aec80d521065edbcb Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 14:49:08 -0400
Subject: [PATCH 44/84] Update a test baseline for the rtt fix from earlier.

---
 .../dce_rpc.log                                             | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log
index 584de66927..5e0efc2c69 100644
--- a/testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb1-transaction-dcerpc/dce_rpc.log
@@ -3,8 +3,8 @@
 #empty_field	(empty)
 #unset_field	-
 #path	dce_rpc
-#open	2016-04-01-05-18-25
+#open	2016-04-01-18-48-44
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	rtt	named_pipe	endpoint	operation
 #types	time	string	addr	port	addr	port	interval	string	string	string
-1073392738.147860	CXWv6p3arKYeMETxOg	205.227.227.226	49467	205.227.227.243	445	0.004077	\\PIPE\\lsass	dssetup	DsRolerGetPrimaryDomainInformation
-#close	2016-04-01-05-18-25
+1073392738.149799	CXWv6p3arKYeMETxOg	205.227.227.226	49467	205.227.227.243	445	0.002138	\\PIPE\\lsass	dssetup	DsRolerGetPrimaryDomainInformation
+#close	2016-04-01-18-48-44

From 035fedd21dc0ea5c3b8afee457d7487c919b4474 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 16:53:01 -0400
Subject: [PATCH 45/84] Fix a test which was failing now that SMB2 ioctl pipes
 are working.

 - I was handling the parsing of the data for the pipe slightly
   wrong and it was causing a DPD error.
---
 src/analyzer/protocol/smb/smb2-protocol.pac | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac
index 5acdabd8bd..feecb328e5 100644
--- a/src/analyzer/protocol/smb/smb2-protocol.pac
+++ b/src/analyzer/protocol/smb/smb2-protocol.pac
@@ -306,10 +306,13 @@ type SMB2_ioctl_request(header: SMB2_Header) = record {
 	max_output_resp   : uint32;
 	flags             : uint32;
 	reserved2         : uint32;
-	pad               : padding to input_offset - header.head_length;
-	input_buffer      : bytestring &length = input_count;
-	pad2              : padding to output_offset - header.head_length;
+	pad1              : bytestring &transient &length=((input_offset == 0) ? 0 : (offsetof(pad1) + header.head_length - input_offset));
+	input_buffer      : bytestring &length=input_count;
+	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
 	output_buffer     : bytestring &length=output_count;
+} &let {
+	is_pipe: bool = ((ctl_code >> 16) == 0x11);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(input_buffer, true) &if(is_pipe);
 };
 
 type SMB2_ioctl_response(header: SMB2_Header) = record {
@@ -323,10 +326,13 @@ type SMB2_ioctl_response(header: SMB2_Header) = record {
 	output_count      : uint32;
 	flags             : uint32;
 	reserved2         : uint32;
-	pad               : padding to input_offset - header.head_length;
+	pad1              : bytestring &transient &length=((input_offset == 0) ? 0 : (offsetof(pad1) + header.head_length - input_offset));
 	input_buffer      : bytestring &length=input_count;
-	pad2              : padding to output_offset - header.head_length;
+	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
 	output_buffer     : bytestring &length=output_count;
+} &let {
+	is_pipe: bool = ((ctl_code >> 16) == 0x11);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(output_buffer, false) &if(is_pipe);
 };
 
 type SMB2_cancel_request(header: SMB2_Header) = record {

From dbb4404b7dc5247c648563ebf201543bbd2e5176 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 16:53:17 -0400
Subject: [PATCH 46/84] Improve DCE_RPC logging reliability.

---
 scripts/base/protocols/dce-rpc/main.bro | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 1b78ed88a9..bd173a8b7d 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -31,12 +31,14 @@ export {
 	) &redef;
 }
 
-redef record Info += {
-	uuid: string &optional;
+type State: record {
+	uuid       : string &optional;
+	named_pipe : string &optional;
 };
 
 redef record connection += {
 	dce_rpc: Info &optional;
+	dce_rpc_state: State &default=State();
 };
 
 const ports = { 135/tcp };
@@ -56,6 +58,11 @@ function set_session(c: connection)
 		             $id=c$id,
 		             $uid=c$uid];
 		}
+
+	if ( c$dce_rpc_state?$uuid )
+		c$dce_rpc$endpoint = uuid_endpoint_map[c$dce_rpc_state$uuid];
+	if ( c$dce_rpc_state?$named_pipe )
+		c$dce_rpc$named_pipe = c$dce_rpc_state$named_pipe;
 	}
 
 event dce_rpc_bind(c: connection, uuid: string, ver_major: count, ver_minor: count) &priority=5
@@ -66,7 +73,7 @@ event dce_rpc_bind(c: connection, uuid: string, ver_major: count, ver_minor: cou
 	if ( uuid_str in ignored_uuids )
 		return;
 
-	c$dce_rpc$uuid = uuid_str;
+	c$dce_rpc_state$uuid = uuid_str;
 	c$dce_rpc$endpoint = uuid_endpoint_map[uuid_str];
 	}
 
@@ -75,7 +82,10 @@ event dce_rpc_bind_ack(c: connection, sec_addr: string) &priority=5
 	set_session(c);
 
 	if ( sec_addr != "" )
+		{
+		c$dce_rpc_state$named_pipe = sec_addr;
 		c$dce_rpc$named_pipe = sec_addr;
+		}
 	}
 
 event dce_rpc_request(c: connection, opnum: count, stub_len: count) &priority=5
@@ -94,7 +104,7 @@ event dce_rpc_response(c: connection, opnum: count, stub_len: count) &priority=5
 
 	if ( c?$dce_rpc && c$dce_rpc?$endpoint )
 		{
-		c$dce_rpc$operation = operations[c$dce_rpc$uuid, opnum];
+		c$dce_rpc$operation = operations[c$dce_rpc_state$uuid, opnum];
 		if ( c$dce_rpc$ts != network_time() )
 			c$dce_rpc$rtt = network_time() - c$dce_rpc$ts;
 		}

From ff3437d1570e9bc4bab1f532a7c61dcc1a5cbe5b Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 1 Apr 2016 22:45:07 -0400
Subject: [PATCH 47/84] Clean up and moving a few SMB2 commands out into their
 own files.

I assume that the upcoming SMB lock thing might be something
related to the SMB2 LOCK command...
---
 scripts/base/protocols/dce-rpc/consts.bro     |  2 -
 src/analyzer/protocol/dce-rpc/CMakeLists.txt  |  7 ++-
 .../protocol/dce-rpc/endpoint-atsvc.pac       | 38 ++++++++++++
 .../{epmapper.pac => endpoint-epmapper.pac}   |  0
 src/analyzer/protocol/smb/CMakeLists.txt      |  4 ++
 src/analyzer/protocol/smb/smb.pac             |  4 ++
 src/analyzer/protocol/smb/smb2-com-ioctl.pac  | 45 ++++++++++++++
 src/analyzer/protocol/smb/smb2-com-lock.pac   | 23 +++++++
 src/analyzer/protocol/smb/smb2-protocol.pac   | 60 -------------------
 src/analyzer/protocol/smb/smb2_com_ioctl.bif  |  0
 src/analyzer/protocol/smb/smb2_com_lock.bif   |  0
 11 files changed, 120 insertions(+), 63 deletions(-)
 create mode 100644 src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
 rename src/analyzer/protocol/dce-rpc/{epmapper.pac => endpoint-epmapper.pac} (100%)
 create mode 100644 src/analyzer/protocol/smb/smb2-com-ioctl.pac
 create mode 100644 src/analyzer/protocol/smb/smb2-com-lock.pac
 create mode 100644 src/analyzer/protocol/smb/smb2_com_ioctl.bif
 create mode 100644 src/analyzer/protocol/smb/smb2_com_lock.bif

diff --git a/scripts/base/protocols/dce-rpc/consts.bro b/scripts/base/protocols/dce-rpc/consts.bro
index c38323a978..39e126f75b 100644
--- a/scripts/base/protocols/dce-rpc/consts.bro
+++ b/scripts/base/protocols/dce-rpc/consts.bro
@@ -55,9 +55,7 @@ export {
 		["423ec01e-2e35-11d2-b604-00104b703efd"] = "IWbemWCOSmartEnum interface",
 		["1c1c45ee-4395-11d2-b60b-00104b703efd"] = "IWbemFetchSmartEnum interface",
 		["541679AB-2E5F-11d3-B34E-00104BCC4B4A"] = "IWbemLoginHelper interface",
-		# KMS?
 		["51c82175-844e-4750-b0d8-ec255555bc06"] = "KMS",
-
 		["50abc2a4-574d-40b3-9d66-ee4fd5fba076"] = "dnsserver",
 		["3faf4738-3a21-4307-b46c-fdda9bb8c0d5"] = "AudioSrv",
 		["c386ca3e-9061-4a72-821e-498d83be188f"] = "AudioRpc",
diff --git a/src/analyzer/protocol/dce-rpc/CMakeLists.txt b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
index bfe2b8d11c..a206c3db13 100644
--- a/src/analyzer/protocol/dce-rpc/CMakeLists.txt
+++ b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
@@ -6,6 +6,11 @@ include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DI
 bro_plugin_begin(Bro DCE_RPC)
 bro_plugin_cc(DCE_RPC.cc Plugin.cc)
 bro_plugin_bif(types.bif events.bif)
-bro_plugin_pac(dce_rpc.pac dce_rpc-protocol.pac dce_rpc-analyzer.pac epmapper.pac)
+bro_plugin_pac(
+    dce_rpc.pac 
+    dce_rpc-protocol.pac
+    dce_rpc-analyzer.pac
+    endpoint-epmapper.pac
+    endpoint-atsvc.pac)
 bro_plugin_end()
 
diff --git a/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac b/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
new file mode 100644
index 0000000000..aa894ff649
--- /dev/null
+++ b/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
@@ -0,0 +1,38 @@
+type ATSVC_Request(unicode: bool, opnum: uint8) = record {
+	empty: padding[1];
+	op: case opnum of {
+		0       -> add     : ATSVC_NetrJobAdd(unicode);
+		default -> unknown : bytestring &restofdata;
+	};
+};
+
+type ATSVC_String_Pointer(unicode: bool) = record {
+	referent_id  : uint32;
+	max_count    : uint32;
+	offset       : uint32;
+	actual_count : uint32;
+	string       : SMB_string(unicode, offsetof(string));
+};
+
+type ATSVC_NetrJobAdd(unicode: bool) = record {
+	server        : ATSVC_String_Pointer(unicode);
+	unknown       : padding[2];
+	job_time      : uint32;
+	days_of_month : uint32;
+	days_of_week  : uint8;
+	flags         : uint8;
+	unknown2      : padding[2];
+	command       : ATSVC_String_Pointer(unicode);
+};
+
+type ATSVC_Reply(unicode: bool, opnum: uint16) = record {
+	op: case opnum of {
+		0       -> add:     ATSVC_JobID(unicode);
+		default -> unknown: bytestring &restofdata;
+	};
+};
+
+type ATSVC_JobID(unicode: bool) = record {
+	id     : uint32;
+	status : uint32;
+};
diff --git a/src/analyzer/protocol/dce-rpc/epmapper.pac b/src/analyzer/protocol/dce-rpc/endpoint-epmapper.pac
similarity index 100%
rename from src/analyzer/protocol/dce-rpc/epmapper.pac
rename to src/analyzer/protocol/dce-rpc/endpoint-epmapper.pac
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index 305e1191f6..b95a77f924 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -29,6 +29,8 @@ bro_plugin_bif(
 
 	smb2_com_close.bif
 	smb2_com_create.bif
+	smb2_com_ioctl.bif
+	smb2_com_lock.bif
 	smb2_com_negotiate.bif
 	smb2_com_read.bif
 	smb2_com_session_setup.bif
@@ -72,6 +74,8 @@ bro_plugin_pac(
 	smb2-protocol.pac
 	smb2-com-close.pac
 	smb2-com-create.pac
+	smb2-com-ioctl.pac
+	smb2-com-lock.pac
 	smb2-com-negotiate.pac
 	smb2-com-read.pac
 	smb2-com-session-setup.pac
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index 5cf79562a1..76fecc8679 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -33,6 +33,8 @@
 
 #include "smb2_com_close.bif.h"
 #include "smb2_com_create.bif.h"
+#include "smb2_com_ioctl.bif.h"
+#include "smb2_com_lock.bif.h"
 #include "smb2_com_negotiate.bif.h"
 #include "smb2_com_read.bif.h"
 #include "smb2_com_session_setup.bif.h"
@@ -86,6 +88,8 @@ connection SMB_Conn(bro_analyzer: BroAnalyzer) {
 # SMB2 Commands
 %include smb2-com-close.pac
 %include smb2-com-create.pac
+%include smb2-com-ioctl.pac
+%include smb2-com-lock.pac
 %include smb2-com-negotiate.pac
 %include smb2-com-read.pac
 %include smb2-com-session-setup.pac
diff --git a/src/analyzer/protocol/smb/smb2-com-ioctl.pac b/src/analyzer/protocol/smb/smb2-com-ioctl.pac
new file mode 100644
index 0000000000..59caf02ac2
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-ioctl.pac
@@ -0,0 +1,45 @@
+refine connection SMB_Conn += {
+	
+};
+
+type SMB2_ioctl_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+	ctl_code          : uint32;
+	file_id           : SMB2_guid;
+	input_offset      : uint32;
+	input_count       : uint32;
+	max_input_resp    : uint32;
+	output_offset     : uint32;
+	output_count      : uint32;
+	max_output_resp   : uint32;
+	flags             : uint32;
+	reserved2         : uint32;
+	pad1              : bytestring &transient &length=((input_offset == 0) ? 0 : (offsetof(pad1) + header.head_length - input_offset));
+	input_buffer      : bytestring &length=input_count;
+	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
+	output_buffer     : bytestring &length=output_count;
+} &let {
+	is_pipe: bool = ((ctl_code >> 16) == 0x11);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(input_buffer, true) &if(is_pipe);
+};
+
+type SMB2_ioctl_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16;
+	ctl_code          : uint32;
+	file_id           : SMB2_guid;
+	input_offset      : uint32;
+	input_count       : uint32;
+	output_offset     : uint32;
+	output_count      : uint32;
+	flags             : uint32;
+	reserved2         : uint32;
+	pad1              : bytestring &transient &length=((input_offset == 0) ? 0 : (offsetof(pad1) + header.head_length - input_offset));
+	input_buffer      : bytestring &length=input_count;
+	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
+	output_buffer     : bytestring &length=output_count;
+} &let {
+	is_pipe: bool = ((ctl_code >> 16) == 0x11);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(output_buffer, false) &if(is_pipe);
+};
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb2-com-lock.pac b/src/analyzer/protocol/smb/smb2-com-lock.pac
new file mode 100644
index 0000000000..69482e7900
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb2-com-lock.pac
@@ -0,0 +1,23 @@
+refine connection SMB_Conn += {
+	
+};
+
+type SMB2_lock = record {
+	offset            : uint64;
+	len               : uint64;
+	flags             : uint32;
+};
+
+type SMB2_lock_request(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	lock_count        : uint16;
+	lock_seq          : uint32;
+	file_id           : SMB2_guid;
+	locks             : SMB2_lock[lock_count];
+};
+
+type SMB2_lock_response(header: SMB2_Header) = record {
+	structure_size    : uint16;
+	reserved          : uint16; # ignore
+};
+
diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac
index feecb328e5..d9386a8e86 100644
--- a/src/analyzer/protocol/smb/smb2-protocol.pac
+++ b/src/analyzer/protocol/smb/smb2-protocol.pac
@@ -216,11 +216,6 @@ type SMB2_guid = record {
 	_volatile   : uint64;
 };
 
-type SMB2_lock = record {
-	offset            : uint64;
-	len               : uint64;
-	flags             : uint32;
-};
 
 type SMB2_File_Notify_Information = record {
 	next_entry_offset : uint32;
@@ -280,61 +275,6 @@ type SMB2_flush_response(header: SMB2_Header) = record {
 	reserved1         : uint16;
 };
 
-type SMB2_lock_request(header: SMB2_Header) = record {
-	structure_size    : uint16;
-	lock_count        : uint16;
-	lock_seq          : uint32;
-	file_id           : SMB2_guid;
-	locks             : SMB2_lock[lock_count];
-};
-
-type SMB2_lock_response(header: SMB2_Header) = record {
-	structure_size    : uint16;
-	reserved          : uint16; # ignore
-};
-
-type SMB2_ioctl_request(header: SMB2_Header) = record {
-	structure_size    : uint16;
-	reserved          : uint16;
-	ctl_code          : uint32;
-	file_id           : SMB2_guid;
-	input_offset      : uint32;
-	input_count       : uint32;
-	max_input_resp    : uint32;
-	output_offset     : uint32;
-	output_count      : uint32;
-	max_output_resp   : uint32;
-	flags             : uint32;
-	reserved2         : uint32;
-	pad1              : bytestring &transient &length=((input_offset == 0) ? 0 : (offsetof(pad1) + header.head_length - input_offset));
-	input_buffer      : bytestring &length=input_count;
-	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
-	output_buffer     : bytestring &length=output_count;
-} &let {
-	is_pipe: bool = ((ctl_code >> 16) == 0x11);
-	pipe_proc : bool = $context.connection.forward_dce_rpc(input_buffer, true) &if(is_pipe);
-};
-
-type SMB2_ioctl_response(header: SMB2_Header) = record {
-	structure_size    : uint16;
-	reserved          : uint16;
-	ctl_code          : uint32;
-	file_id           : SMB2_guid;
-	input_offset      : uint32;
-	input_count       : uint32;
-	output_offset     : uint32;
-	output_count      : uint32;
-	flags             : uint32;
-	reserved2         : uint32;
-	pad1              : bytestring &transient &length=((input_offset == 0) ? 0 : (offsetof(pad1) + header.head_length - input_offset));
-	input_buffer      : bytestring &length=input_count;
-	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
-	output_buffer     : bytestring &length=output_count;
-} &let {
-	is_pipe: bool = ((ctl_code >> 16) == 0x11);
-	pipe_proc : bool = $context.connection.forward_dce_rpc(output_buffer, false) &if(is_pipe);
-};
-
 type SMB2_cancel_request(header: SMB2_Header) = record {
 	structure_size    : uint16;
 	reserved          : uint16;
diff --git a/src/analyzer/protocol/smb/smb2_com_ioctl.bif b/src/analyzer/protocol/smb/smb2_com_ioctl.bif
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/src/analyzer/protocol/smb/smb2_com_lock.bif b/src/analyzer/protocol/smb/smb2_com_lock.bif
new file mode 100644
index 0000000000..e69de29bb2

From 5b5589e1672d52004108f84f7b80adc047961246 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sun, 3 Apr 2016 04:17:20 -0400
Subject: [PATCH 48/84] Complete breakout of SMB, GSSAPI, and NTLM

 - Looser coupling between these analyzers.
 - New ntlm.log (still pretty early)
 - Improved string handling for NTLM (convert UTF16 to UTF8)
 - SMB2 analyzer now supports GSSAPI.
 - Improved abstraction of DCE_RPC operations (still not finished)
 - Lots of whitespace cleanup.
---
 scripts/base/init-bare.bro                    | 266 +++++------
 scripts/base/init-default.bro                 |   1 +
 scripts/base/protocols/ntlm/__load__.bro      |   1 +
 scripts/base/protocols/ntlm/main.bro          |  54 +++
 scripts/base/protocols/smb/smb1-main.bro      |  45 --
 src/analyzer/protocol/CMakeLists.txt          |   2 +
 src/analyzer/protocol/dce-rpc/CMakeLists.txt  |   4 +-
 .../protocol/dce-rpc/dce_rpc-gssapi.pac       |  42 ++
 src/analyzer/protocol/dce-rpc/dce_rpc.pac     |   3 +-
 .../protocol/dce-rpc/endpoint-atsvc.pac       |  79 ++--
 src/analyzer/protocol/smb/CMakeLists.txt      |   8 +-
 src/analyzer/protocol/smb/SMB.h               |   8 -
 src/analyzer/protocol/smb/smb-gssapi.pac      |  11 +
 .../protocol/smb/smb-ntlmssp-asn1.pac         |  57 ---
 src/analyzer/protocol/smb/smb-ntlmssp.pac     | 430 ------------------
 src/analyzer/protocol/smb/smb.pac             |  17 +-
 .../protocol/smb/smb1-com-negotiate.pac       | 123 ++---
 .../smb/smb1-com-session-setup-andx.pac       | 127 +++---
 .../protocol/smb/smb2-com-negotiate.pac       |   7 +-
 .../protocol/smb/smb2-com-session-setup.pac   |  15 +-
 src/analyzer/protocol/smb/smb2-protocol.pac   |   8 -
 src/analyzer/protocol/smb/smb_ntlmssp.bif     |  64 ---
 22 files changed, 446 insertions(+), 926 deletions(-)
 create mode 100644 scripts/base/protocols/ntlm/__load__.bro
 create mode 100644 scripts/base/protocols/ntlm/main.bro
 create mode 100644 src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
 create mode 100644 src/analyzer/protocol/smb/smb-gssapi.pac
 delete mode 100644 src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac
 delete mode 100644 src/analyzer/protocol/smb/smb-ntlmssp.pac

diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro
index bdc3a92a27..464cee886f 100644
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@@ -2315,6 +2315,140 @@ type ntp_msg: record {
 };
 
 
+module NTLM;
+
+export {
+	type NTLM::Version: record {
+		## The major version of the Windows operating system in use
+		major   : count;
+		## The minor version of the Windows operating system in use
+		minor   : count;
+		## The build number of the Windows operating system in use
+		build   : count;
+		## The current revision of NTLMSSP in use
+		ntlmssp : count;
+	};
+
+	type NTLM::NegotiateFlags: record {
+		## If set, requires 56-bit encryption
+		negotiate_56               : bool;
+		## If set, requests an explicit key exchange
+		negotiate_key_exch         : bool;
+		## If set, requests 128-bit session key negotiation
+		negotiate_128              : bool;
+		## If set, requests the protocol version number
+		negotiate_version          : bool;
+		## If set, indicates that the TargetInfo fields in the
+		## CHALLENGE_MESSAGE are populated
+		negotiate_target_info      : bool;
+		## If set, requests the usage of the LMOWF function
+		request_non_nt_session_key : bool;
+		## If set, requests and identify level token
+		negotiate_identify         : bool;
+		## If set, requests usage of NTLM v2 session security
+		## Note: NTML v2 session security is actually NTLM v1
+		negotiate_extended_sessionsecurity : bool;
+		## If set, TargetName must be a server name
+		target_type_server         : bool;
+		## If set, TargetName must be a domain name
+		target_type_domain         : bool;
+
+		## If set, requests the presence of a signature block
+		## on all messages
+		negotiate_always_sign              : bool;
+		## If set, the workstation name is provided
+		negotiate_oem_workstation_supplied : bool;
+		## If set, the domain name is provided
+		negotiate_oem_domain_supplied      : bool;
+		## If set, the connection should be anonymous
+		negotiate_anonymous_connection     : bool;
+		## If set, requests usage of NTLM v1
+		negotiate_ntlm                     : bool;
+
+		## If set, requests LAN Manager session key computation
+		negotiate_lm_key       : bool;
+		## If set, requests connectionless authentication
+		negotiate_datagram     : bool;
+		## If set, requests session key negotiation for message 
+		## confidentiality
+		negotiate_seal         : bool;
+		## If set, requests session key negotiation for message
+		## signatures
+		negotiate_sign         : bool;
+		## If set, the TargetName field is present
+		request_target         : bool;
+
+		## If set, requests OEM character set encoding
+		negotiate_oem          : bool;
+		## If set, requests Unicode character set encoding
+		negotiate_unicode      : bool;
+	};
+
+	type NTLM::Negotiate: record {
+		## The negotiate flags
+		flags       : NTLM::NegotiateFlags;
+		## The domain name of the client, if known
+		domain_name : string &optional;
+		## The machine name of the client, if known
+		workstation : string &optional;
+		## The Windows version information, if supplied
+		version     : NTLM::Version &optional;
+	};
+
+	type NTLM::AVs: record {
+		## The server's NetBIOS computer name
+		nb_computer_name  : string;
+		## The server's NetBIOS domain name
+		nb_domain_name    : string;
+		## The FQDN of the computer
+		dns_computer_name : string &optional;
+		## The FQDN of the domain
+		dns_domain_name   : string &optional;
+		## The FQDN of the forest
+		dns_tree_name     : string &optional;
+
+		## Indicates to the client that the account
+		## authentication is constrained
+		constrained_auth  : bool &optional;
+		## The associated timestamp, if present
+		timestamp         : time &optional;
+		## Indicates that the client is providing
+		## a machine ID created at computer startup to
+		## identify the calling machine
+		single_host_id    : count &optional;
+
+		## The SPN of the target server
+		target_name       : string &optional;
+	};
+
+	type NTLM::Challenge: record {
+		## The negotiate flags
+		flags       : NTLM::NegotiateFlags;
+		## The server authentication realm. If the server is
+		## domain-joined, the name of the domain. Otherwise
+		## the server name. See flags.target_type_domain
+		## and flags.target_type_server
+		target_name : string &optional;
+		## The Windows version information, if supplied
+		version     : NTLM::Version &optional;
+		## Attribute-value pairs specified by the server
+		target_info : NTLM::AVs &optional;
+	};
+
+	type NTLM::Authenticate: record {
+		## The negotiate flags
+		flags       : NTLM::NegotiateFlags;
+		## The domain or computer name hosting the account
+		domain_name : string;
+		## The name of the user to be authenticated.
+		user_name   : string;
+		## The name of the computer to which the user was logged on.
+		workstation : string;
+		## The Windows version information, if supplied
+		version     : NTLM::Version &optional;
+	};
+}
+
 module SMB;
 
 export {
@@ -2325,138 +2459,6 @@ export {
 		created  : time &log;
 		changed  : time &log;
 	} &log;
-
-	type SMB::NTLMVersion: record {
-		## The major version of the Windows operating system in use
-		major	: count;
-		## The minor version of the Windows operating system in use
-		minor	: count;
-		## The build number of the Windows operating system in use
-		build	: count;
-		## The current revision of NTLMSSP in use
-		ntlmssp : count;
-	};
-
-	type SMB::NTLMNegotiateFlags: record {
-		## If set, requires 56-bit encryption
-		negotiate_56			   : bool;
-		## If set, requests an explicit key exchange
-		negotiate_key_exch         	   : bool;
-		## If set, requests 128-bit session key negotiation
-		negotiate_128	           	   : bool;
-		## If set, requests the protocol version number
-		negotiate_version          	   : bool;
-		## If set, indicates that the TargetInfo fields in the
-		## CHALLENGE_MESSAGE are populated
-		negotiate_target_info              : bool;
-
-		## If set, requests the usage of the LMOWF function
-		request_non_nt_session_key         : bool;
-		## If set, requests and identify level token
-		negotiate_identify	           : bool;
-		## If set, requests usage of NTLM v2 session security
-		## Note: NTML v2 session security is actually NTLM v1
-		negotiate_extended_sessionsecurity : bool;
-		## If set, TargetName must be a server name
-		target_type_server	   	   : bool;
-		## If set, TargetName must be a domain name
-		target_type_domain	   	   : bool;
-
-		## If set, requests the presence of a signature block
-		## on all messages
-		negotiate_always_sign	   	   : bool;
-		## If set, the workstation name is provided
-		negotiate_oem_workstation_supplied : bool;
-		## If set, the domain name is provided
-		negotiate_oem_domain_supplied  	   : bool;
-		## If set, the connection should be anonymous
-		negotiate_anonymous_connection 	   : bool;
-		## If set, requests usage of NTLM v1
-		negotiate_ntlm                     : bool;
-
-		## If set, requests LAN Manager session key computation
-		negotiate_lm_key 	           : bool;
-		## If set, requests connectionless authentication
-		negotiate_datagram                 : bool;
-		## If set, requests session key negotiation for message 
-		## confidentiality
-		negotiate_seal                     : bool;
-		## If set, requests session key negotiation for message
-		## signatures
-		negotiate_sign 	                   : bool;
-		## If set, the TargetName field is present
-		request_target                     : bool;
-
-		## If set, requests OEM character set encoding
-		negotiate_oem   	           : bool;
-		## If set, requests Unicode character set encoding
-		negotiate_unicode                  : bool;
-	};
-
-	type SMB::NTLMNegotiate: record {
-		## The negotiate flags
-		flags		: SMB::NTLMNegotiateFlags;
-		## The domain name of the client, if known
-		domain_name	: string &optional;
-		## The machine name of the client, if known
-		workstation	: string &optional;
-		## The Windows version information, if supplied
-		version		: SMB::NTLMVersion &optional;
-	};
-
-	type SMB::NTLMAVs: record {
-		## The server's NetBIOS computer name
-		nb_computer_name	: string;
-		## The server's NetBIOS domain name
-		nb_domain_name		: string;
-		## The FQDN of the computer
-		dns_computer_name	: string &optional;
-		## The FQDN of the domain
-		dns_domain_name		: string &optional;
-		## The FQDN of the forest
-		dns_tree_name		: string &optional;
-
-		## Indicates to the client that the account
-		## authentication is constrained
-		constrained_auth	: bool &optional;
-		## The associated timestamp, if present
-		timestamp	  	: time &optional;
-		## Indicates that the client is providing
-		## mess achine ID created at computer startup to
-		## identify the calling machine
-		single_host_id		: count &optional;
-
-		## The SPN of the target server
-		target_name		: string &optional;
-	};
-
-	type SMB::NTLMChallenge: record {
-		## The negotiate flags
-		flags		: SMB::NTLMNegotiateFlags;
-		## The server authentication realm. If the server is
-		## domain-joined, the name of the domain. Otherwise
-		## the server name. See flags.target_type_domain
-		## and flags.target_type_server
-		target_name	: string &optional;
-		## The Windows version information, if supplied
-		version		: SMB::NTLMVersion &optional;
-		## Attribute-value pairs specified by the server
-		target_info	: SMB::NTLMAVs &optional;
-	};
-
-	type SMB::NTLMAuthenticate: record {
-		## The negotiate flags
-		flags		: SMB::NTLMNegotiateFlags;
-		## The domain or computer name hosting the account
-		domain_name	: string;
-		## The name of the user to be authenticated.
-		user_name	: string;
-		## The name of the computer to which the user was logged on.
-		workstation	: string;
-		## The Windows version information, if supplied
-		version		: SMB::NTLMVersion &optional;
-	};
-
 }
 
 module SMB1;
diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.bro
index 7df08dd7ef..1b45d81d21 100644
--- a/scripts/base/init-default.bro
+++ b/scripts/base/init-default.bro
@@ -53,6 +53,7 @@
 @load base/protocols/krb
 @load base/protocols/modbus
 @load base/protocols/mysql
+@load base/protocols/ntlm
 @load base/protocols/pop3
 @load base/protocols/radius
 @load base/protocols/rdp
diff --git a/scripts/base/protocols/ntlm/__load__.bro b/scripts/base/protocols/ntlm/__load__.bro
new file mode 100644
index 0000000000..d551be57d3
--- /dev/null
+++ b/scripts/base/protocols/ntlm/__load__.bro
@@ -0,0 +1 @@
+@load ./main
\ No newline at end of file
diff --git a/scripts/base/protocols/ntlm/main.bro b/scripts/base/protocols/ntlm/main.bro
new file mode 100644
index 0000000000..365ebcdd81
--- /dev/null
+++ b/scripts/base/protocols/ntlm/main.bro
@@ -0,0 +1,54 @@
+module NTLM;
+
+export {
+	redef enum Log::ID += { LOG };
+
+	type Info: record {
+		## Timestamp for when the event happened.
+		ts         : time     &log;
+		## Unique ID for the connection.
+		uid        : string   &log;
+		## The connection's 4-tuple of endpoint addresses/ports.
+		id         : conn_id  &log;
+
+		username: string &log &optional;
+		hostname: string &log &optional;
+		domainname: string &log &optional;
+	};
+}
+
+redef record connection += {
+	ntlm: Info &optional;
+};
+
+event bro_init() &priority=5
+	{
+	Log::create_stream(NTLM::LOG, [$columns=Info, $path="ntlm"]);
+	}
+
+event ntlm_negotiate(c: connection, request: NTLM::Negotiate) &priority=5
+	{
+	#print request;
+	}
+
+event ntlm_challenge(c: connection, challenge: NTLM::Challenge) &priority=5
+	{
+	#print "challenge!!!!!";
+	#print challenge;
+	}
+
+event ntlm_authenticate(c: connection, request: NTLM::Authenticate) &priority=5
+	{
+	c$ntlm = NTLM::Info($ts=network_time(), $uid=c$uid, $id=c$id);
+	if ( request?$domain_name )
+		c$ntlm$domainname = request$domain_name;
+	if ( request?$workstation )
+		c$ntlm$hostname = request$workstation;
+	if ( request?$user_name )
+		c$ntlm$username = request$user_name;
+	}
+
+event ntlm_authenticate(c: connection, request: NTLM::Authenticate) &priority=-5
+	{
+	Log::write(NTLM::LOG, c$ntlm);
+	}
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index a6deeee812..236e4d6984 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -281,51 +281,6 @@ event smb1_session_setup_andx_response(c: connection, hdr: SMB1::Header, respons
 		}
 	}
 	
-event smb_ntlm_negotiate(c: connection, hdr: SMB1::Header, request: SMB::NTLMNegotiate)
-	{
-	c$smb_state$current_cmd$sub_command = "NTLMSSP_NEGOTIATE";
-	}
-	
-event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate) &priority=5
-	{
-	c$smb_state$current_cmd$sub_command = "NTLMSSP_AUTHENTICATE";
-
-	c$smb_state$current_auth = SMB::AuthInfo($ts=network_time(), $uid=c$uid, $id=c$id);
-	if ( request?$domain_name )
-		c$smb_state$current_auth$domainname = request$domain_name;
-	if ( request?$workstation )
-		c$smb_state$current_auth$hostname = request$workstation;
-	if ( request?$user_name )
-		c$smb_state$current_auth$username = request$user_name;
-
-	local user: string = "";
-	if ( ( request?$domain_name && request$domain_name != "" ) && ( request?$user_name && request$user_name != "" ) )
-		user = fmt("%s\\%s", request$domain_name, request$user_name);
-	else if ( ( request?$workstation && request$workstation != "" ) && ( request?$user_name && request$user_name != "" ) )
-		user = fmt("%s\\%s", request$workstation, request$user_name);
-	else if ( request?$user_name && request$user_name != "" )
-		user = request$user_name;
-	else if ( request?$domain_name && request$domain_name != "" )
-		user = fmt("%s\\", request$domain_name);
-	else if ( request?$workstation && request$workstation != "" )
-		user = fmt("%s", request$workstation);
-
-	if ( user != "" )
-		{
-		c$smb_state$current_cmd$argument = user;
-		}
-
-	if ( hdr$uid !in c$smb_state$uid_map )
-		{
-		c$smb_state$uid_map[hdr$uid] = user;
-		}
-	}
-
-event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate) &priority=5
-	{
-	Log::write(SMB::AUTH_LOG, c$smb_state$current_auth);
-	}
-
 event smb1_transaction_request(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count)
 	{
 	c$smb_state$current_cmd$sub_command = SMB1::trans_sub_commands[sub_cmd];
diff --git a/src/analyzer/protocol/CMakeLists.txt b/src/analyzer/protocol/CMakeLists.txt
index 467fce83ee..91776e3fe4 100644
--- a/src/analyzer/protocol/CMakeLists.txt
+++ b/src/analyzer/protocol/CMakeLists.txt
@@ -12,6 +12,7 @@ add_subdirectory(file)
 add_subdirectory(finger)
 add_subdirectory(ftp)
 add_subdirectory(gnutella)
+add_subdirectory(gssapi)
 add_subdirectory(gtpv1)
 add_subdirectory(http)
 add_subdirectory(icmp)
@@ -25,6 +26,7 @@ add_subdirectory(modbus)
 add_subdirectory(mysql)
 add_subdirectory(ncp)
 add_subdirectory(netbios)
+add_subdirectory(ntlm)
 add_subdirectory(ntp)
 add_subdirectory(pia)
 add_subdirectory(pop3)
diff --git a/src/analyzer/protocol/dce-rpc/CMakeLists.txt b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
index a206c3db13..e02887fe83 100644
--- a/src/analyzer/protocol/dce-rpc/CMakeLists.txt
+++ b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
@@ -10,7 +10,9 @@ bro_plugin_pac(
     dce_rpc.pac 
     dce_rpc-protocol.pac
     dce_rpc-analyzer.pac
+    dce_rpc-gssapi.pac
+    endpoint-atsvc.pac
     endpoint-epmapper.pac
-    endpoint-atsvc.pac)
+    )
 bro_plugin_end()
 
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
new file mode 100644
index 0000000000..293bb643ad
--- /dev/null
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
@@ -0,0 +1,42 @@
+refine connection DCE_RPC_Conn += {
+	%member{
+		analyzer::Analyzer *gssapi;
+		analyzer::Analyzer *ntlm;
+	%}
+
+	%init{
+		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
+		ntlm = analyzer_mgr->InstantiateAnalyzer("NTLM", bro_analyzer->Conn());
+	%}
+
+	%cleanup{
+		if ( gssapi )
+			delete gssapi;
+		if ( ntlm )
+			delete ntlm;
+	%}
+
+	function forward_auth(auth: DCE_RPC_Auth, is_orig: bool): bool
+		%{
+		switch ( ${auth.type} )
+			{
+			case 0x0a:
+				if ( ntlm )
+					ntlm->DeliverStream(${auth.blob}.length(), ${auth.blob}.begin(), is_orig);
+				break;
+			//case 0xXX:
+			//	if ( gssapi )
+			//		gssapi->DeliverStream(${data}.length(), ${data}.begin(), is_orig);
+			//	break;
+			default:
+				bro_analyzer()->Weird(fmt("unknown_dce_rpc_auth_type_%d",${auth.type}));
+				break;
+			}
+
+		return true;
+		%}
+};
+
+refine typeattr DCE_RPC_Auth += &let {
+	proc = $context.connection.forward_auth(this, true);
+}
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc.pac b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
index 616b4e7770..b36916635d 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
@@ -23,5 +23,6 @@ flow DCE_RPC_Flow(is_orig: bool) {
 	flowunit = DCE_RPC_PDU(is_orig) withcontext(connection, this);
 };
 
-%include epmapper.pac
+%include endpoint-atsvc.pac
+%include endpoint-epmapper.pac
 %include dce_rpc-analyzer.pac
diff --git a/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac b/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
index aa894ff649..2712181d16 100644
--- a/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
+++ b/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
@@ -1,38 +1,41 @@
-type ATSVC_Request(unicode: bool, opnum: uint8) = record {
-	empty: padding[1];
-	op: case opnum of {
-		0       -> add     : ATSVC_NetrJobAdd(unicode);
-		default -> unknown : bytestring &restofdata;
-	};
-};
-
-type ATSVC_String_Pointer(unicode: bool) = record {
-	referent_id  : uint32;
-	max_count    : uint32;
-	offset       : uint32;
-	actual_count : uint32;
-	string       : SMB_string(unicode, offsetof(string));
-};
-
-type ATSVC_NetrJobAdd(unicode: bool) = record {
-	server        : ATSVC_String_Pointer(unicode);
-	unknown       : padding[2];
-	job_time      : uint32;
-	days_of_month : uint32;
-	days_of_week  : uint8;
-	flags         : uint8;
-	unknown2      : padding[2];
-	command       : ATSVC_String_Pointer(unicode);
-};
-
-type ATSVC_Reply(unicode: bool, opnum: uint16) = record {
-	op: case opnum of {
-		0       -> add:     ATSVC_JobID(unicode);
-		default -> unknown: bytestring &restofdata;
-	};
-};
-
-type ATSVC_JobID(unicode: bool) = record {
-	id     : uint32;
-	status : uint32;
-};
+#%include ../smb/smb-strings.pac
+#
+#type ATSVC_Request(unicode: bool, opnum: uint8) = record {
+#	empty: padding[1];
+#	op: case opnum of {
+#		0       -> add     : ATSVC_NetrJobAdd(unicode);
+#		default -> unknown : bytestring &restofdata;
+#	};
+#};
+#
+#type ATSVC_String_Pointer(unicode: bool) = record {
+#	referent_id  : uint32;
+#	max_count    : uint32;
+#	offset       : uint32;
+#	actual_count : uint32;
+#	string       : SMB_string(unicode, offsetof(string));
+#};
+#
+#type ATSVC_NetrJobAdd(unicode: bool) = record {
+#	server        : ATSVC_String_Pointer(unicode);
+#	unknown       : padding[2];
+#	job_time      : uint32;
+#	days_of_month : uint32;
+#	days_of_week  : uint8;
+#	flags         : uint8;
+#	unknown2      : padding[2];
+#	command       : ATSVC_String_Pointer(unicode);
+#};
+#
+#type ATSVC_Reply(unicode: bool, opnum: uint16) = record {
+#	op: case opnum of {
+#		0       -> add:     ATSVC_JobID(unicode);
+#		default -> unknown: bytestring &restofdata;
+#	};
+#};
+#
+#type ATSVC_JobID(unicode: bool) = record {
+#	id     : uint32;
+#	status : uint32;
+#};
+#
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index b95a77f924..9cb9e36113 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -5,10 +5,7 @@ include_directories(AFTER  ${CMAKE_CURRENT_BINARY_DIR}/../dce-rpc)
 
 bro_plugin_begin(Bro SMB)
 bro_plugin_cc(SMB.cc Plugin.cc)
-bro_plugin_bif(
-	smb_ntlmssp.bif
-	smb_pipe.bif
-  
+bro_plugin_bif(  
 	smb1_com_check_directory.bif
 	smb1_com_close.bif
 	smb1_com_create_directory.bif
@@ -40,6 +37,7 @@ bro_plugin_bif(
 	smb2_com_write.bif
 	smb2_events.bif
 
+	smb_pipe.bif
 	types.bif)
 bro_plugin_pac(
 	smb.pac
@@ -47,8 +45,8 @@ bro_plugin_pac(
 	smb-strings.pac
 	smb-time.pac
 	smb-pipe.pac
+	smb-gssapi.pac
 	smb-mailslot.pac
-	smb-ntlmssp.pac
 
 	smb1-protocol.pac
 	smb1-com-check-directory.pac
diff --git a/src/analyzer/protocol/smb/SMB.h b/src/analyzer/protocol/smb/SMB.h
index 0b47c05071..2a91b5dc54 100644
--- a/src/analyzer/protocol/smb/SMB.h
+++ b/src/analyzer/protocol/smb/SMB.h
@@ -10,14 +10,6 @@
 
 namespace analyzer { namespace smb {
 
-enum IPC_named_pipe {
-	IPC_NONE,
-	IPC_LOCATOR,
-	IPC_EPMAPPER,
-	IPC_SAMR,	// Security Account Manager
-};
-
-
 class Contents_SMB : public tcp::TCP_SupportAnalyzer {
 public:
 	Contents_SMB(Connection* conn, bool orig);
diff --git a/src/analyzer/protocol/smb/smb-gssapi.pac b/src/analyzer/protocol/smb/smb-gssapi.pac
new file mode 100644
index 0000000000..9372df7f47
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb-gssapi.pac
@@ -0,0 +1,11 @@
+
+refine connection SMB_Conn += {
+
+	function forward_gssapi(data: bytestring, is_orig: bool): bool
+		%{
+		if ( gssapi )
+			gssapi->DeliverStream(${data}.length(), ${data}.begin(), is_orig);
+
+		return true;
+		%}
+};
diff --git a/src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac b/src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac
deleted file mode 100644
index 0cb459d26c..0000000000
--- a/src/analyzer/protocol/smb/smb-ntlmssp-asn1.pac
+++ /dev/null
@@ -1,57 +0,0 @@
-# Supporting types for ASN.1
-#
-# From the Kerberos analyzer
-#
-# TODO: Figure out a way to include this code only once.
-
-type ASN1Encoding = record {
-     meta:    ASN1EncodingMeta;
-     content: bytestring &length = meta.length;
-};
-
-type ASN1EncodingMeta = record {
-     tag:      uint8;
-     len:      uint8;
-     more_len: bytestring &length = long_len ? len & 0x7f : 0;
-} &let {
-     long_len: bool = len & 0x80;
-     length:   uint64 = long_len ? binary_to_int64(more_len) : len & 0x7f;
-	 index:    uint8 = tag - 160;
-};
-
-type ASN1Integer = record {
-     encoding: ASN1Encoding;
-};
-
-type ASN1OctetString = record {
-     encoding: ASN1Encoding;
-};
-
-type SequenceElement(grab_content: bool) = record {
-     index_meta: ASN1EncodingMeta;
-     have_content: case grab_content of {
-     	true  -> data: ASN1Encoding;
-		false -> meta: ASN1EncodingMeta;
-     };
-} &let {
-     index: uint8 = index_meta.index;
-     length: uint64 = index_meta.length;
-};
-
-type Array = record {
-     array_meta: ASN1EncodingMeta;
-     data: ASN1Encoding[];
-};
-
-function binary_to_int64(bs: bytestring): int64
-	%{
-	int64 rval = 0;
-
-	for ( int i = 0; i < bs.length(); ++i )
-	    {
-	    uint64 byte = bs[i];
-	    rval |= byte << (8 * (bs.length() - (i + 1)));
-	    }
-
-	return rval;
-	%}
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb-ntlmssp.pac b/src/analyzer/protocol/smb/smb-ntlmssp.pac
deleted file mode 100644
index 0aef66d353..0000000000
--- a/src/analyzer/protocol/smb/smb-ntlmssp.pac
+++ /dev/null
@@ -1,430 +0,0 @@
-refine connection SMB_Conn += {
-	function build_negotiate_flag_record(val: SMB_NTLM_Negotiate_Flags): BroVal
-		%{
-		RecordVal* flags = new RecordVal(BifType::Record::SMB::NTLMNegotiateFlags);
-		flags->Assign(0, new Val(${val.negotiate_56}, TYPE_BOOL));
-		flags->Assign(1, new Val(${val.negotiate_key_exch}, TYPE_BOOL));
-		flags->Assign(2, new Val(${val.negotiate_128}, TYPE_BOOL));
-		flags->Assign(3, new Val(${val.negotiate_version}, TYPE_BOOL));
-		flags->Assign(4, new Val(${val.negotiate_target_info}, TYPE_BOOL));
-
-		flags->Assign(5, new Val(${val.request_non_nt_session_key}, TYPE_BOOL));
-		flags->Assign(6, new Val(${val.negotiate_identify}, TYPE_BOOL));
-		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity}, TYPE_BOOL));
-		flags->Assign(8, new Val(${val.target_type_server}, TYPE_BOOL));
-		flags->Assign(9, new Val(${val.target_type_domain}, TYPE_BOOL));
-
-		flags->Assign(10, new Val(${val.negotiate_always_sign}, TYPE_BOOL));
-		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, TYPE_BOOL));
-		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied}, TYPE_BOOL));
-		flags->Assign(13, new Val(${val.negotiate_anonymous_connection}, TYPE_BOOL));
-		flags->Assign(14, new Val(${val.negotiate_ntlm}, TYPE_BOOL));
-
-		flags->Assign(15, new Val(${val.negotiate_lm_key}, TYPE_BOOL));
-		flags->Assign(16, new Val(${val.negotiate_datagram}, TYPE_BOOL));
-		flags->Assign(17, new Val(${val.negotiate_seal}, TYPE_BOOL));
-		flags->Assign(18, new Val(${val.negotiate_sign}, TYPE_BOOL));
-		flags->Assign(19, new Val(${val.request_target}, TYPE_BOOL));
-
-		flags->Assign(20, new Val(${val.negotiate_oem}, TYPE_BOOL));
-		flags->Assign(21, new Val(${val.negotiate_unicode}, TYPE_BOOL));
-
-		return flags;
-		%}
-
-	function build_version_record(val: SMB_NTLM_Version): BroVal
-		%{
-		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMVersion);
-		result->Assign(0, new Val(${val.major_version}, TYPE_COUNT));
-		result->Assign(1, new Val(${val.minor_version}, TYPE_COUNT));
-		result->Assign(2, new Val(${val.build_number},  TYPE_COUNT));
-		result->Assign(3, new Val(${val.ntlm_revision}, TYPE_COUNT));
-
-		return result;
-		%}
-
-	function build_av_record(val: SMB_NTLM_AV_Pair_Sequence): BroVal
-		%{
-		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAVs);
-		for ( uint i = 0; ${val.pairs[i].id} != 0; i++ )
-			{
-			switch ( ${val.pairs[i].id} ) 
-				{
-				case 1:
-					result->Assign(0, uint8s_to_stringval(${val.pairs[i].nb_computer_name.data}));
-					break;
-				case 2:
-					result->Assign(1, uint8s_to_stringval(${val.pairs[i].nb_domain_name.data}));
-					break;
-				case 3:
-					result->Assign(2, uint8s_to_stringval(${val.pairs[i].dns_computer_name.data}));
-					break;
-				case 4:
-					result->Assign(3, uint8s_to_stringval(${val.pairs[i].dns_domain_name.data}));
-					break;
-				case 5:
-					result->Assign(4, uint8s_to_stringval(${val.pairs[i].dns_tree_name.data}));
-					break;
-				case 6:
-					result->Assign(5, new Val(${val.pairs[i].constrained_auth}, TYPE_BOOL));
-					break;
-				case 7:
-					result->Assign(6, filetime2brotime(${val.pairs[i].timestamp}));
-					break;
-				case 8:
-					result->Assign(7, new Val(${val.pairs[i].single_host.machine_id}, TYPE_COUNT));
-					break;
-				case 9:
-					result->Assign(8, uint8s_to_stringval(${val.pairs[i].target_name.data}));
-					break;
-				}
-			}
-		return result;
-		%}
-
-	function proc_smb_ntlm_ssp(header: SMB_Header, val:SMB_NTLM_SSP): bool
-		%{
-		if ( ${val.gssapi.is_init} )
-			return true;
-
-		for ( uint i = 0; i < ${val.gssapi.resp.args}->size(); ++i )
-			{
-			switch ( ${val.gssapi.resp.args[i].seq_meta.index} )
-				{
-				case 0:
-					if ( ${val.gssapi.resp.args[i].args.neg_state} == 0 )
-						BifEvent::generate_smb_ntlm_accepted(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header));
-					break;
-				default:
-					break;
-				}
-			}
-		return true;
-		%}
-
-	function proc_smb_ntlm_negotiate(header: SMB_Header, val: SMB_NTLM_Negotiate): bool
-		%{
-		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMNegotiate);
-		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-
-		if ( ${val.flags.negotiate_oem_domain_supplied} )
-			result->Assign(1, uint8s_to_stringval(${val.domain_name.string.data}));
-
-		if ( ${val.flags.negotiate_oem_workstation_supplied} )
-			result->Assign(2, uint8s_to_stringval(${val.workstation.string.data}));
-
-		if ( ${val.flags.negotiate_version} )
-			result->Assign(3, build_version_record(${val.version}));
-
-		BifEvent::generate_smb_ntlm_negotiate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
-		
-		return true;
-		%}
-		
-	function proc_smb_ntlm_challenge(header: SMB_Header, val: SMB_NTLM_Challenge): bool
-		%{
-		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMChallenge);
-		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-
-		if ( ${val.flags.request_target} )
-			result->Assign(1, uint8s_to_stringval(${val.target_name.string.data}));
-
-		if ( ${val.flags.negotiate_version} )
-			result->Assign(2, build_version_record(${val.version}));
-
-		if ( ${val.flags.negotiate_target_info} )
-			result->Assign(3, build_av_record(${val.target_info}));
-		
-		BifEvent::generate_smb_ntlm_challenge(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
-		
-		return true;
-		%}
-
-	function proc_smb_ntlm_authenticate(header: SMB_Header, val: SMB_NTLM_Authenticate): bool
-		%{
-		RecordVal* result = new RecordVal(BifType::Record::SMB::NTLMAuthenticate);
-		result->Assign(0, build_negotiate_flag_record(${val.flags}));
-
-		if ( ${val.domain_name_fields.length} > 0 )
-			result->Assign(1, uint8s_to_stringval(${val.domain_name.string.data}));
-
-		if ( ${val.user_name_fields.length} > 0 )
-			result->Assign(2, uint8s_to_stringval(${val.user_name.string.data}));
-
-		if ( ${val.workstation_fields.length} > 0 )
-			result->Assign(3, uint8s_to_stringval(${val.workstation.string.data}));
-
-		if ( ${val.flags.negotiate_version} )
-			result->Assign(4, build_version_record(${val.version}));
-
-		BifEvent::generate_smb_ntlm_authenticate(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), result);
-
-		return true;
-		%}
-};
-
-type GSSAPI_NEG_TOKEN(header: SMB_Header) = record {
-	wrapper  : ASN1EncodingMeta;
-	have_oid : case is_init of {
-		true  -> oid    : ASN1Encoding;
-		false -> no_oid : empty;
-	};
-	have_init_wrapper : case is_init of {
-		true  -> init_wrapper    : ASN1EncodingMeta;
-		false -> no_init_wrapper : empty;
-	};
-	msg_type : case is_init of {
-		true  -> init: GSSAPI_NEG_TOKEN_INIT(header);
-		false -> resp: GSSAPI_NEG_TOKEN_RESP(header);
-	};
-} &let {
-	is_init: bool = (wrapper.tag == 0x60);
-};
-
-type GSSAPI_NEG_TOKEN_INIT(header: SMB_Header) = record {
-	seq_meta : ASN1EncodingMeta;
-	args     : GSSAPI_NEG_TOKEN_INIT_Arg(header)[];
-};
-
-type GSSAPI_NEG_TOKEN_INIT_Arg(header: SMB_Header) = record {
-	seq_meta : ASN1EncodingMeta;
-	args     : GSSAPI_NEG_TOKEN_INIT_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
-};
-
-type GSSAPI_NEG_TOKEN_INIT_Arg_Data(header: SMB_Header, index: uint8) = case index of {
-	0 -> mech_type_list : ASN1Encoding;
-	1 -> req_flags      : ASN1Encoding;
-	2 -> mech_token     : SMB_NTLM_SSP_Token(header);
-	3 -> mech_list_mic  : ASN1OctetString;
-};
-
-type GSSAPI_NEG_TOKEN_RESP(header: SMB_Header) = record {
-	seq_meta : ASN1EncodingMeta;
-	args     : GSSAPI_NEG_TOKEN_RESP_Arg(header)[];
-};
-
-type GSSAPI_NEG_TOKEN_RESP_Arg(header: SMB_Header) = record {
-	seq_meta : ASN1EncodingMeta;
-	args     : GSSAPI_NEG_TOKEN_RESP_Arg_Data(header, seq_meta.index) &length=seq_meta.length;
-};
-
-type GSSAPI_NEG_TOKEN_RESP_Arg_Data(header: SMB_Header, index: uint8) = case index of {
-	0        -> neg_state      : ASN1Integer;
-	1        -> supported_mech : ASN1Encoding;
-	2        -> response_token : SMB_NTLM_SSP_Token(header);
-	3        -> mech_list_mic  : ASN1OctetString;
-	default  -> def            : bytestring &restofdata &transient;
-};
-
-type SMB_NTLM_SSP(header: SMB_Header) = record {
-	gssapi: GSSAPI_NEG_TOKEN(header);
-} &let {
-	proc: bool = $context.connection.proc_smb_ntlm_ssp(header, this);
-};
-
-type SMB_NTLM_SSP_Token(header: SMB_Header) = record {
-	meta        : ASN1EncodingMeta;
-	signature   : bytestring &length=8;
-	msg_type    : uint32;
-	msg         : case msg_type of {
-		1       -> negotiate    : SMB_NTLM_Negotiate(header, offsetof(msg) - offsetof(signature));
-		2       -> challenge    : SMB_NTLM_Challenge(header, offsetof(msg) - offsetof(signature));
-		3       -> authenticate : SMB_NTLM_Authenticate(header, offsetof(msg) - offsetof(signature));
-		default -> def          : bytestring &restofdata &transient;
-	};
-};
-
-type SMB_NTLM_Negotiate(header: SMB_Header, offset: uint16) = record {
-	flags               : SMB_NTLM_Negotiate_Flags;
-	domain_name_fields  : SMB_NTLM_StringData;
-	workstation_fields  : SMB_NTLM_StringData;
-	version_present     : case flags.negotiate_version of {
-		true  -> version    : SMB_NTLM_Version;
-		false -> no_version : empty;
-	};
-	payload             : bytestring &restofdata;
-} &let {
-	absolute_offset : uint16 = offsetof(payload) + offset;
-	domain_name     : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
-	workstation     : SMB_NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
-	
-	proc            : bool = $context.connection.proc_smb_ntlm_negotiate(header, this);
-};
-
-type SMB_NTLM_Challenge(header: SMB_Header, offset: uint16) = record {
-	target_name_fields  : SMB_NTLM_StringData;
-	flags               : SMB_NTLM_Negotiate_Flags;
-	challenge           : uint64;
-	reserved            : padding[8];
-	target_info_fields  : SMB_NTLM_StringData;
-	version_present     : case flags.negotiate_version of {
-		true  -> version    : SMB_NTLM_Version;
-		false -> no_version : empty;
-	};
-	payload             : bytestring &restofdata;
-} &let {
-	absolute_offset : uint16 = offsetof(payload) + offset;
-	target_name     : SMB_NTLM_String(target_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.request_target);
-	target_info     : SMB_NTLM_AV_Pair_Sequence(target_info_fields.offset - absolute_offset) withinput payload &if(flags.negotiate_target_info);
-	
-	proc            : bool = $context.connection.proc_smb_ntlm_challenge(header, this);
-};
-
-type SMB_NTLM_Authenticate(header: SMB_Header, offset: uint16) = record {
-	lm_challenge_response_fields : SMB_NTLM_StringData;
-	nt_challenge_response_fields : SMB_NTLM_StringData;
-	domain_name_fields           : SMB_NTLM_StringData;
-	user_name_fields             : SMB_NTLM_StringData;
-	workstation_fields           : SMB_NTLM_StringData;
-	encrypted_session_key_fields : SMB_NTLM_StringData;
-	flags                        : SMB_NTLM_Negotiate_Flags;
-	version_present              : case flags.negotiate_version of {
-		true  -> version    : SMB_NTLM_Version;
-		false -> no_version : empty;
-	};
-
-#   Windows NT, 2000, XP, and 2003 don't have the MIC field
-#	TODO - figure out how to parse this for those that do have it
-#	mic                         : bytestring &length=16;
-
-	payload                     : bytestring &restofdata;
-} &let {
-	absolute_offset       : uint16 = offsetof(payload) + offset;
-	domain_name           : SMB_NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(domain_name_fields.length > 0);
-	user_name             : SMB_NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
-	workstation           : SMB_NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(workstation_fields.length > 0);
-	encrypted_session_key : SMB_NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
-
-	proc                  : bool = $context.connection.proc_smb_ntlm_authenticate(header, this);
-};
-
-type SMB_NTLM_Version = record {
-	major_version	: uint8;
-	minor_version	: uint8;
-	build_number	: uint16;
-	reserved		: padding[3];
-	ntlm_revision	: uint8;
-};
-
-type SMB_NTLM_StringData = record {
-	length     : uint16;
-	max_length : uint16;
-	offset     : uint32;
-};
-
-type SMB_Fixed_Length_String(unicode: bool) = record {
-	data: uint8[] &restofdata;
-};
-
-type SMB_NTLM_String(fields: SMB_NTLM_StringData, offset: uint16, unicode: bool) = record {
-	pad1   : padding to fields.offset - offset;
-	string : SMB_Fixed_Length_String(unicode) &length=fields.length;
-};
-
-type SMB_NTLM_AV_Pair_Sequence(offset: uint16) = record {
-	pad1  : padding to offset;
-	pairs : SMB_NTLM_AV_Pair[] &until($element.last);
-};
-
-type SMB_NTLM_AV_Pair = record {
-	id         : uint16;
-	length     : uint16;
-	value_case : case id of {
-		0x0000 -> av_eol            : empty;
-		0x0001 -> nb_computer_name  : SMB_Fixed_Length_String(true) &length=length;
-		0x0002 -> nb_domain_name    : SMB_Fixed_Length_String(true) &length=length;
-		0x0003 -> dns_computer_name : SMB_Fixed_Length_String(true) &length=length;
-		0x0004 -> dns_domain_name   : SMB_Fixed_Length_String(true) &length=length;
-		0x0005 -> dns_tree_name     : SMB_Fixed_Length_String(true) &length=length;
-		0x0006 -> av_flags          : uint32;
-		0x0007 -> timestamp         : uint64;
-		0x0008 -> single_host       : SMB_NTLM_Single_Host;
-		0x0009 -> target_name       : SMB_Fixed_Length_String(true) &length=length;
-		0x000a -> channel_bindings  : uint16;
-	};
-} &let {
-	last		 	: bool = ( id == 0x0000);
-	# av_flags refinement
-	constrained_auth: bool = (av_flags & 0x00000001) > 0 &if ( id == 0x0006);
-	mic_present     : bool = (av_flags & 0x00000002) > 0 &if ( id == 0x0006);
-	untrusted_source: bool = (av_flags & 0x00000004) > 0 &if ( id == 0x0006);
-};
-
-type SMB_NTLM_Single_Host = record {
-	size         : uint32;
-	padpad       : padding[4];
-	data_present : uint32;
-	optional     : case custom_data_present of {
-		true  -> custom_data : bytestring &length=4;
-		false -> nothing     : empty;
-	};
-	machine_id   : uint32;
-} &let {
-	custom_data_present: bool = (data_present & 0x00000001) > 0;
-};
-
-type SMB_LM_Response(offset: uint16) = record {
-	# This can be either LM (24 byte response) or
-	# LMv2 (16 byte response + 8 byte client challenge. No way to
-	# know for sure.
-	padpad   : padding to offset;
-	response : bytestring &length=24;
-};
-
-type SMB_NTLM_Response(offset: uint16) = record {
-	padpad   : padding to offset;
-	response : bytestring &length=24;
-};
-
-type SMB_NTLMv2_Response(flags: SMB_NTLM_Negotiate_Flags, offset: uint16) = record {
-	padpad           : padding to offset;
-	response         : bytestring &length=16;
-	client_challenge : SMB_NTLMv2_Client_Challenge(flags);
-};
-
-type SMB_NTLMv2_Client_Challenge(flags: SMB_NTLM_Negotiate_Flags) = record {
-	resp_type        : uint8;
-	max_resp_type    : uint8;
-	reserved         : padding[6];
-	timestamp        : uint64;
-	client_challenge : bytestring &length=8;
-	reserved2        : padding[4];
-	av_pairs         : SMB_NTLM_AV_Pair_Sequence(0);
-};
-
-type SMB_NTLM_Negotiate_Flags = record {
-	flags: uint32;
-} &let {
-	negotiate_56                        : bool = (flags & 0x80000000) > 0;
-	negotiate_key_exch                  : bool = (flags & 0x40000000) > 0;
-	negotiate_128                       : bool = (flags & 0x20000000) > 0;
-	
-	negotiate_version                   : bool = (flags & 0x02000000) > 0;
-	
-	negotiate_target_info               : bool = (flags & 0x00800000) > 0;
-	request_non_nt_session_key          : bool = (flags & 0x00400000) > 0;
-	negotiate_identify                  : bool = (flags & 0x00100000) > 0;
-	
-	negotiate_extended_sessionsecurity  : bool = (flags & 0x00040000) > 0;
-	target_type_server                  : bool = (flags & 0x00020000) > 0;
-	target_type_domain                  : bool = (flags & 0x00010000) > 0;
-
-	negotiate_always_sign               : bool = (flags & 0x00008000) > 0;
-	negotiate_oem_workstation_supplied  : bool = (flags & 0x00002000) > 0;
-	negotiate_oem_domain_supplied       : bool = (flags & 0x00001000) > 0;
-
-	negotiate_anonymous_connection      : bool = (flags & 0x00000400) > 0;
-	negotiate_ntlm                      : bool = (flags & 0x00000100) > 0;
-
-	negotiate_lm_key                    : bool = (flags & 0x00000080) > 0;
-	negotiate_datagram                  : bool = (flags & 0x00000040) > 0;
-	negotiate_seal                      : bool = (flags & 0x00000020) > 0;
-
-	negotiate_sign                      : bool = (flags & 0x00000008) > 0;
-	request_target                      : bool = (flags & 0x00000004) > 0;
-	negotiate_oem                       : bool = (flags & 0x00000002) > 0;
-	negotiate_unicode                   : bool = (flags & 0x00000001) > 0;
-
-	is_oem                              : bool = !negotiate_unicode && negotiate_oem;
-	is_invalid                          : bool = !negotiate_unicode && !negotiate_oem;
-};
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index 76fecc8679..e6f63db25c 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -4,16 +4,12 @@
 %extern{
 #include "analyzer/Manager.h"
 #include "analyzer/Analyzer.h"
-// #include "analyzer/protocol/dce-rpc/DCE_RPC.h"
 
 #include "smb1_events.bif.h"
 #include "smb2_events.bif.h"
 
 #include "types.bif.h"
 
-#include "smb_ntlmssp.bif.h"
-#include "smb_pipe.bif.h"
-
 #include "smb1_com_check_directory.bif.h"
 #include "smb1_com_close.bif.h"
 #include "smb1_com_create_directory.bif.h"
@@ -57,9 +53,9 @@ connection SMB_Conn(bro_analyzer: BroAnalyzer) {
 %include smb-strings.pac
 %include smb-common.pac
 %include smb-time.pac
-
-%include smb-ntlmssp-asn1.pac
-%include smb-ntlmssp.pac
+%include smb-mailslot.pac
+%include smb-pipe.pac
+%include smb-gssapi.pac
 
 # SMB1 Commands
 %include smb1-com-check-directory.pac
@@ -82,9 +78,6 @@ connection SMB_Conn(bro_analyzer: BroAnalyzer) {
 %include smb1-com-tree-disconnect.pac
 %include smb1-com-write-andx.pac
 
-%include smb-mailslot.pac
-%include smb-pipe.pac
-
 # SMB2 Commands
 %include smb2-com-close.pac
 %include smb2-com-create.pac
@@ -146,14 +139,18 @@ flow SMB_Flow(is_orig: bool) {
 refine connection SMB_Conn += {
 	%member{
 		analyzer::Analyzer *dcerpc;
+		analyzer::Analyzer *gssapi;
 	%}
 
 	%init{
 		dcerpc = analyzer_mgr->InstantiateAnalyzer("DCE_RPC", bro_analyzer->Conn());
+		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
 	%}
 
 	%cleanup{
 		if ( dcerpc )
 			delete dcerpc;
+		if ( gssapi )
+			delete gssapi;
 	%}
 };
diff --git a/src/analyzer/protocol/smb/smb1-com-negotiate.pac b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
index e16c144a8c..17b6242a01 100644
--- a/src/analyzer/protocol/smb/smb1-com-negotiate.pac
+++ b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
@@ -161,7 +161,6 @@ refine connection SMB_Conn += {
 					else
 						{
 						ntlm->Assign(12, bytestring_to_val(${val.ntlm.server_guid}));
-	//					ntlm->Assign(13, bytestring_to_val(${val.ntlm.security_blob}));
 						}
 					
 					response->Assign(2, ntlm);
@@ -204,78 +203,80 @@ type SMB1_negotiate_core_response = record {
 };
 
 type SMB1_negotiate_lanman_response(header: SMB_Header) = record {
-	security_flags:        uint16; # expanded in &let
-	max_buffer_size:       uint16;
-	max_mpx_count:         uint16;
-	max_number_vcs:        uint16;
-	raw_mode:	       uint16; # expanded in &let
-	session_key:	       uint32;
-	server_time:	       SMB_time;
-	server_date:	       SMB_date;
-	server_tz:	       uint16;
-	encryption_key_length: uint16;
-	reserved:	       uint16; # must be zero
-	byte_count:	       uint16; # count of data bytes
-	encryption_key:	       bytestring &length=encryption_key_length;
-	primary_domain:	       SMB_string(header.unicode, offsetof(primary_domain));
+	security_flags        : uint16; # expanded in &let
+	max_buffer_size       : uint16;
+	max_mpx_count         : uint16;
+	max_number_vcs        : uint16;
+	raw_mode              : uint16; # expanded in &let
+	session_key           : uint32;
+	server_time           : SMB_time;
+	server_date           : SMB_date;
+	server_tz             : uint16;
+	encryption_key_length : uint16;
+	reserved              : uint16; # must be zero
+	byte_count            : uint16; # count of data bytes
+	encryption_key        : bytestring &length=encryption_key_length;
+	primary_domain        : SMB_string(header.unicode, offsetof(primary_domain));
 } &let {
-	security_user_level:         bool = ( security_flags & 0x1 ) > 0;
-	security_challenge_response: bool = ( security_flags & 0x2 ) > 0;
-	raw_read_supported:	     bool = ( raw_mode & 0x1 ) > 0;
-	raw_write_supported:	     bool = ( raw_mode & 0x2 ) > 0;
+	security_user_level         : bool = ( security_flags & 0x1 ) > 0;
+	security_challenge_response : bool = ( security_flags & 0x2 ) > 0;
+	raw_read_supported          : bool = ( raw_mode & 0x1 ) > 0;
+	raw_write_supported         : bool = ( raw_mode & 0x2 ) > 0;
 };
 
 type SMB1_negotiate_ntlm_response(header: SMB_Header) = record {
-	security_flags:         uint8;  # Expanded in &let
-	max_mpx_count:          uint16;
-	max_number_vcs:         uint16;
-	max_buffer_size:        uint32;
-	max_raw_size: 	        uint32;
-	session_key: 	        uint32;
-	capabilities: 	        uint32; # Expanded in &let
-	server_time: 	        uint64;
-	server_tz: 	        uint16;
-	encryption_key_length:  uint8;
-	byte_count: 	        uint16;
+	security_flags        : uint8;  # Expanded in &let
+	max_mpx_count         : uint16;
+	max_number_vcs        : uint16;
+	max_buffer_size       : uint32;
+	max_raw_size          : uint32;
+	session_key           : uint32;
+	capabilities          : uint32; # Expanded in &let
+	server_time           : uint64;
+	server_tz             : uint16;
+	encryption_key_length : uint8;
+	byte_count            : uint16;
 	encryption_key_present: case capabilities_extended_security of {
-		false	-> encryption_key: bytestring &length=encryption_key_length;
-		true	-> no_key: empty;
+		false	-> encryption_key : bytestring &length=encryption_key_length;
+		true	-> no_key         : empty;
 	} &requires(capabilities_extended_security);
 	domain_name_present: case capabilities_extended_security of {
-		false	-> domain_name: SMB_string(header.unicode, offsetof(domain_name_present));
-		true	-> no_name: empty;
+		false	-> domain_name : SMB_string(header.unicode, offsetof(domain_name_present));
+		true	-> no_name     : empty;
 	} &requires(capabilities_extended_security);
 	server_guid_present: case capabilities_extended_security of {
-		true	-> server_guid: bytestring &length=16;
-		false	-> no_guid: empty;
+		true	-> server_guid : bytestring &length=16;
+		false	-> no_guid     : empty;
 	} &requires(capabilities_extended_security);
 	security_blob_present: case capabilities_extended_security of {
-		true	-> security_blob: SMB_NTLM_SSP(header) &length=(byte_count-16);
-		false	-> no_blob: empty;
+		true	-> security_blob : bytestring &length=(byte_count-16);
+		false	-> no_blob       : empty;
 	} &requires(capabilities_extended_security);
 } &let {
-	security_user_level:             bool = ( security_flags & 0x1 ) > 0;
-	security_challenge_response:  	 bool = ( security_flags & 0x2 ) > 0;
-	security_signatures_enabled:  	 bool = ( security_flags & 0x4 ) > 0;
-	security_signatures_required: 	 bool = ( security_flags & 0x8 ) > 0;
-	capabilities_raw_mode:        	 bool = (capabilities & 0x1 ) > 0;
-	capabilities_mpx_mode:        	 bool = (capabilities & 0x2 ) > 0;
-	capabilities_unicode:         	 bool = (capabilities & 0x4 ) > 0;
-	capabilities_large_files:     	 bool = (capabilities & 0x8 ) > 0;
-	capabilities_nt_smbs:         	 bool = (capabilities & 0x10 ) > 0;
-	capabilities_rpc_remote_apis: 	 bool = (capabilities & 0x20 ) > 0;
-	capabilities_status32: 	      	 bool = (capabilities & 0x40 ) > 0;
-	capabilities_level_2_oplocks: 	 bool = (capabilities & 0x80 ) > 0;
-	capabilities_lock_and_read:   	 bool = (capabilities & 0x100 ) > 0;
-	capabilities_nt_find:         	 bool = (capabilities & 0x200 ) > 0;
-	capabilities_dfs:     	      	 bool = (capabilities & 0x1000 ) > 0;
-	capabilities_infolevel_passthru: bool = (capabilities & 0x2000 ) > 0;
-	capabilities_large_readx:     	 bool = (capabilities & 0x4000 ) > 0;
-	capabilities_large_writex: 	 bool = (capabilities & 0x8000 ) > 0;
-	capabilities_unix:     	      	 bool = (capabilities & 0x00800000 ) > 0;
-	capabilities_reserved: 		 bool = (capabilities & 0x02000000 ) > 0;
-	capabilities_bulk_transfer:      bool = (capabilities & 0x20000000 ) > 0;
-	capabilities_compressed_data: 	 bool = (capabilities & 0x40000000 ) > 0;
-	capabilities_extended_security:  bool = (capabilities & 0x80000000 ) > 0;
+	security_user_level             : bool = (security_flags & 0x1) > 0;
+	security_challenge_response     : bool = (security_flags & 0x2) > 0;
+	security_signatures_enabled     : bool = (security_flags & 0x4) > 0;
+	security_signatures_required    : bool = (security_flags & 0x8) > 0;
+	capabilities_raw_mode           : bool = (capabilities & 0x1) > 0;
+	capabilities_mpx_mode           : bool = (capabilities & 0x2) > 0;
+	capabilities_unicode            : bool = (capabilities & 0x4) > 0;
+	capabilities_large_files        : bool = (capabilities & 0x8) > 0;
+	capabilities_nt_smbs            : bool = (capabilities & 0x10) > 0;
+	capabilities_rpc_remote_apis    : bool = (capabilities & 0x20) > 0;
+	capabilities_status32           : bool = (capabilities & 0x40) > 0;
+	capabilities_level_2_oplocks    : bool = (capabilities & 0x80) > 0;
+	capabilities_lock_and_read      : bool = (capabilities & 0x100) > 0;
+	capabilities_nt_find            : bool = (capabilities & 0x200) > 0;
+	capabilities_dfs                : bool = (capabilities & 0x1000) > 0;
+	capabilities_infolevel_passthru : bool = (capabilities & 0x2000) > 0;
+	capabilities_large_readx        : bool = (capabilities & 0x4000) > 0;
+	capabilities_large_writex       : bool = (capabilities & 0x8000) > 0;
+	capabilities_unix               : bool = (capabilities & 0x00800000) > 0;
+	capabilities_reserved           : bool = (capabilities & 0x02000000) > 0;
+	capabilities_bulk_transfer      : bool = (capabilities & 0x20000000) > 0;
+	capabilities_compressed_data    : bool = (capabilities & 0x40000000) > 0;
+	capabilities_extended_security  : bool = (capabilities & 0x80000000) > 0;
+
+	gssapi_proc : bool = $context.connection.forward_gssapi(security_blob, false) &if(capabilities_extended_security);
 };
 
diff --git a/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
index acf4bfc20a..c5cfe02969 100644
--- a/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac
@@ -47,11 +47,10 @@ refine connection SMB_Conn += {
 					request->Assign(5, smb_string2stringval(${val.ntlm_extended_security.native_os}));
 					request->Assign(6, smb_string2stringval(${val.ntlm_extended_security.native_lanman}));
 
-					//request->Assign(12, bytestring_to_val(${val.ntlm_extended_security.security_blob}));
 					request->Assign(13, capabilities);
 					break;
 					
-				case 13:	// NT LM 0.12 without extended security
+				case 13: // NT LM 0.12 without extended security
 					capabilities = new RecordVal(BifType::Record::SMB1::SessionSetupAndXCapabilities);
 				 	capabilities->Assign(0, new Val(${val.ntlm_nonextended_security.capabilities.unicode}, TYPE_BOOL));
 				 	capabilities->Assign(1, new Val(${val.ntlm_nonextended_security.capabilities.large_files}, TYPE_BOOL));
@@ -90,24 +89,27 @@ refine connection SMB_Conn += {
 			response->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
 			switch ( ${val.word_count} )
 				{
-				case 3:		// pre NT LM 0.12
+				case 3: // pre NT LM 0.12
 					response->Assign(1, new Val(${val.lanman.is_guest}, TYPE_BOOL));
 					response->Assign(2, smb_string2stringval(${val.lanman.native_os}));
 					response->Assign(3, smb_string2stringval(${val.lanman.native_lanman}));
 					response->Assign(4, smb_string2stringval(${val.lanman.primary_domain}));
 					break;
-				case 4:		// NT LM 0.12
+				case 4: // NT LM 0.12
 					response->Assign(1, new Val(${val.ntlm.is_guest}, TYPE_BOOL));
 					response->Assign(2, smb_string2stringval(${val.ntlm.native_os}));
 					response->Assign(3, smb_string2stringval(${val.ntlm.native_lanman}));
 					response->Assign(4, smb_string2stringval(${val.ntlm.primary_domain}));
 					//response->Assign(5, bytestring_to_val(${val.ntlm.security_blob}));
 					break;
-				default:		// Error!
+				default: // Error!
 					break;
 				}
 			
-			BifEvent::generate_smb1_session_setup_andx_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), response);
+			BifEvent::generate_smb1_session_setup_andx_response(bro_analyzer(),
+			                                                    bro_analyzer()->Conn(),
+			                                                    BuildHeaderVal(header),
+			                                                    response);
 			}
 		
 		return true;
@@ -118,17 +120,17 @@ refine connection SMB_Conn += {
 type SMB1_session_setup_andx_request(header: SMB_Header) = record {
 	word_count       : uint8;
 	lanman_or_ntlm	 : case word_count of {
-		0x0a -> lanman: SMB1_session_setup_andx_request_lanman(header);
-		0x0c -> ntlm_extended_security: SMB1_session_setup_andx_request_ntlm_extended_security(header);
-		0x0d -> ntlm_nonextended_security: SMB1_session_setup_andx_request_ntlm_nonextended_security(header);
+		0x0a -> lanman                    : SMB1_session_setup_andx_request_lanman(header);
+		0x0c -> ntlm_extended_security    : SMB1_session_setup_andx_request_ntlm_extended_security(header);
+		0x0d -> ntlm_nonextended_security : SMB1_session_setup_andx_request_ntlm_nonextended_security(header);
 	};
 } &let {
 	proc: bool = $context.connection.proc_smb1_session_setup_andx_request(header, this);
 };
 
 type SMB1_session_setup_andx_response(header: SMB_Header) = record {
-	word_count       : uint8;
-	lanman_or_ntlm	 : case word_count of {
+	word_count     : uint8;
+	lanman_or_ntlm : case word_count of {
 		0x03    -> lanman: SMB1_session_setup_andx_response_lanman(header);
 		0x04    -> ntlm: SMB1_session_setup_andx_response_ntlm(header);
 		default -> error: uint16;
@@ -138,25 +140,25 @@ type SMB1_session_setup_andx_response(header: SMB_Header) = record {
 };
 
 type SMB1_session_setup_andx_request_lanman(header: SMB_Header) = record {
-	andx		 : SMB_andx;
-	max_buffer_size	 : uint16;
-	max_mpx_count	 : uint16;
-	vc_number	 : uint16;
-	session_key	 : uint32;
-	password_length	 : uint16;
-	reserved	 : uint32;
-	byte_count	 : uint16;
+	andx             : SMB_andx;
+	max_buffer_size  : uint16;
+	max_mpx_count    : uint16;
+	vc_number        : uint16;
+	session_key      : uint32;
+	password_length  : uint16;
+	reserved         : uint32;
+	byte_count       : uint16;
 	account_password : bytestring &length=password_length;
 	# offset + 1 due to word_count in the parent type
-	account_name	 : SMB_string(header.unicode, offsetof(account_name) + 1);
-	primary_domain	 : SMB_string(header.unicode, offsetof(primary_domain) + 1);
-	native_os	 : SMB_string(header.unicode, offsetof(native_os) + 1);
-	native_lanman	 : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+	account_name     : SMB_string(header.unicode, offsetof(account_name) + 1);
+	primary_domain   : SMB_string(header.unicode, offsetof(primary_domain) + 1);
+	native_os        : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman    : SMB_string(header.unicode, offsetof(native_lanman) + 1);
 };
 
 type SMB1_session_setup_andx_response_lanman(header: SMB_Header) = record {
-	andx	       : SMB_andx;
-	action	       : uint16;
+	andx           : SMB_andx;
+	action         : uint16;
 	byte_count     : uint16;
 	# offset + 1 due to word_count in the parent type
 	native_os      : SMB_string(header.unicode, offsetof(native_os) + 1);
@@ -167,63 +169,66 @@ type SMB1_session_setup_andx_response_lanman(header: SMB_Header) = record {
 };
 
 type SMB1_session_setup_andx_request_ntlm_capabilities = record {
-	capabilities	                 : uint32;
+	capabilities: uint32;
 } &let {
 	unicode         : bool = ( capabilities & 0x0004 ) > 0;
 	large_files     : bool = ( capabilities & 0x0008 ) > 0;
 	nt_smbs         : bool = ( capabilities & 0x0010 ) > 0;
 	status32        : bool = ( capabilities & 0x0040 ) > 0;
 	level_2_oplocks : bool = ( capabilities & 0x0080 ) > 0;
-	nt_find		: bool = ( capabilities & 0x0200 ) > 0;
+	nt_find         : bool = ( capabilities & 0x0200 ) > 0;
 };
 
 type SMB1_session_setup_andx_request_ntlm_nonextended_security(header: SMB_Header) = record {
-	andx		                 : SMB_andx;
-	max_buffer_size	                 : uint16;
-	max_mpx_count	                 : uint16;
-	vc_number	                 : uint16;
-	session_key	                 : uint32;
+	andx                        : SMB_andx;
+	max_buffer_size              : uint16;
+	max_mpx_count                : uint16;
+	vc_number                    : uint16;
+	session_key                  : uint32;
 	case_insensitive_password_length : uint16;
 	case_sensitive_password_length   : uint16;
-	reserved	                 : uint32;
-	capabilities			 : SMB1_session_setup_andx_request_ntlm_capabilities;
-	byte_count	                 : uint16;
-	case_insensitive_password        : bytestring &length=case_insensitive_password_length;
-	case_sensitive_password          : bytestring &length=case_sensitive_password_length;
+	reserved                     : uint32;
+	capabilities                 : SMB1_session_setup_andx_request_ntlm_capabilities;
+	byte_count                   : uint16;
+	case_insensitive_password    : bytestring &length=case_insensitive_password_length;
+	case_sensitive_password      : bytestring &length=case_sensitive_password_length;
 	# offset + 1 due to word_count in the parent type
-	account_name			 : SMB_string(header.unicode, offsetof(account_name) + 1);
-	primary_domain			 : SMB_string(header.unicode, offsetof(primary_domain) + 1);
-	native_os	                 : SMB_string(header.unicode, offsetof(native_os) + 1);
-	native_lanman	                 : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+	account_name                 : SMB_string(header.unicode, offsetof(account_name) + 1);
+	primary_domain               : SMB_string(header.unicode, offsetof(primary_domain) + 1);
+	native_os                    : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman                : SMB_string(header.unicode, offsetof(native_lanman) + 1);
 };
 
 type SMB1_session_setup_andx_request_ntlm_extended_security(header: SMB_Header) = record {
-	andx		          : SMB_andx;
-	max_buffer_size	          : uint16;
-	max_mpx_count	          : uint16;
-	vc_number	          : uint16;
-	session_key	          : uint32;
-	security_blob_length	  : uint16;
-	reserved	          : uint32;
-	capabilities	          : SMB1_session_setup_andx_request_ntlm_capabilities;
-	byte_count	          : uint16;
-	security_blob		  : SMB_NTLM_SSP(header) &length=security_blob_length;
+	andx                 : SMB_andx;
+	max_buffer_size      : uint16;
+	max_mpx_count        : uint16;
+	vc_number            : uint16;
+	session_key          : uint32;
+	security_blob_length : uint16;
+	reserved             : uint32;
+	capabilities         : SMB1_session_setup_andx_request_ntlm_capabilities;
+	byte_count           : uint16;
+	security_blob        : bytestring &length=security_blob_length;
 	# offset + 1 due to word_count in the parent type
-	native_os	          : SMB_string(header.unicode, offsetof(native_os) + 1);
-	native_lanman	          : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+	native_os            : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman        : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+} &let {
+	pipe_proc : bool = $context.connection.forward_gssapi(security_blob, true);
 };
 
 type SMB1_session_setup_andx_response_ntlm(header: SMB_Header) = record {
-	andx		     : SMB_andx;
-	action		     : uint16;
+	andx                 : SMB_andx;
+	action               : uint16;
 	security_blob_length : uint16;
-	byte_count	     : uint16;
-	security_blob	     : SMB_NTLM_SSP(header) &length=security_blob_length;
+	byte_count           : uint16;
+	security_blob        : bytestring &length=security_blob_length;
 	# offset + 1 due to word_count in the parent type
-	native_os	     : SMB_string(header.unicode, offsetof(native_os) + 1);
-	native_lanman	     : SMB_string(header.unicode, offsetof(native_lanman) + 1);
-	primary_domain	     : SMB_string(header.unicode, offsetof(primary_domain) + 1);
+	native_os            : SMB_string(header.unicode, offsetof(native_os) + 1);
+	native_lanman        : SMB_string(header.unicode, offsetof(native_lanman) + 1);
+	primary_domain       : SMB_string(header.unicode, offsetof(primary_domain) + 1);
 } &let {
-	is_guest: bool = ( action & 0x1 ) > 0;
+	is_guest    : bool = ( action & 0x1 ) > 0;
+	gssapi_proc : bool = $context.connection.forward_gssapi(security_blob, false);
 };
 
diff --git a/src/analyzer/protocol/smb/smb2-com-negotiate.pac b/src/analyzer/protocol/smb/smb2-com-negotiate.pac
index c95eec49dc..55e65ccdf2 100644
--- a/src/analyzer/protocol/smb/smb2-com-negotiate.pac
+++ b/src/analyzer/protocol/smb/smb2-com-negotiate.pac
@@ -62,7 +62,12 @@ type SMB2_negotiate_response(header: SMB2_Header) = record {
 	max_write_size    : uint32;
 	system_time       : SMB_timestamp;
 	server_start_time : SMB_timestamp;
-	security          : SMB2_security;
+	security_offset   : uint16;
+	security_length   : uint16;
+	pad1              : padding to security_offset - header.head_length;
+	security_blob     : bytestring &length=security_length;
 } &byteorder=littleendian, &let {
 	proc : bool = $context.connection.proc_smb2_negotiate_response(header, this);
+	gssapi_proc : bool = $context.connection.forward_gssapi(security_blob, false);
+
 };
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb2-com-session-setup.pac b/src/analyzer/protocol/smb/smb2-com-session-setup.pac
index ecf7e757be..39ef04ead8 100644
--- a/src/analyzer/protocol/smb/smb2-com-session-setup.pac
+++ b/src/analyzer/protocol/smb/smb2-com-session-setup.pac
@@ -45,20 +45,27 @@ type SMB2_session_setup_request(header: SMB2_Header) = record {
 	security_mode     : uint8;
 	capabilities      : uint32;
 	channel           : uint32;
-	security          : SMB2_security;
+	security_offset   : uint16;
+	security_length   : uint16;
+	pad1              : padding to security_offset - header.head_length;
+	security_blob     : bytestring &length=security_length;
 } &let {
 	proc: bool = $context.connection.proc_smb2_session_setup_request(header, this);
+	gssapi_proc : bool = $context.connection.forward_gssapi(security_blob, true);
 };
 
 type SMB2_session_setup_response(header: SMB2_Header) = record {
 	structure_size    : uint16;
 	session_flags     : uint16;
-	security          : SMB2_security;
+	security_offset   : uint16;
+	security_length   : uint16;
+	pad1              : padding to security_offset - header.head_length;
+	security_blob     : bytestring &length=security_length;
 } &let {
 	flag_guest     = (session_flags & 0x1) > 0;
 	flag_anonymous = (session_flags & 0x2) > 0;
-	flag_encrypt = (session_flags & 0x4) > 0;
+	flag_encrypt   = (session_flags & 0x4) > 0;
 
-} &let {
 	proc: bool = $context.connection.proc_smb2_session_setup_response(header, this);
+	gssapi_proc : bool = $context.connection.forward_gssapi(security_blob, false);
 };
diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac
index d9386a8e86..222a8f9d13 100644
--- a/src/analyzer/protocol/smb/smb2-protocol.pac
+++ b/src/analyzer/protocol/smb/smb2-protocol.pac
@@ -202,14 +202,6 @@ type SMB2_Header(is_orig: bool) = record {
 	proc : bool = $context.connection.proc_smb2_message(this, is_orig);
 } &byteorder=littleendian;
 
-type SMB2_security = record {
-	buffer_offset     : uint16;
-	buffer_len        : uint16;
-	# TODO: handle previous session IDs
-	sec_buffer        : bytestring &length = buffer_len;
-} &byteorder = littleendian;
-
-
 # file ids and guids are the same thing and need unified somehow.
 type SMB2_guid = record {
 	persistent : uint64;
diff --git a/src/analyzer/protocol/smb/smb_ntlmssp.bif b/src/analyzer/protocol/smb/smb_ntlmssp.bif
index 4b2f99a482..e69de29bb2 100644
--- a/src/analyzer/protocol/smb/smb_ntlmssp.bif
+++ b/src/analyzer/protocol/smb/smb_ntlmssp.bif
@@ -1,64 +0,0 @@
-## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI NTLM message of type *negotiate*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## negotiate: The parsed data of the NTLM message. See init-bare for more details.
-##
-event smb_ntlm_negotiate%(c: connection, hdr: SMB1::Header, request: SMB::NTLMNegotiate%);
-
-## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI NTLM message of type *challenge*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## negotiate: The parsed data of the NTLM message. See init-bare for more details.
-##
-event smb_ntlm_challenge%(c: connection, hdr: SMB1::Header, request: SMB::NTLMChallenge%);
-
-## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI NTLM message of type *authenticate*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-## negotiate: The parsed data of the NTLM message. See init-bare for more details.
-##
-event smb_ntlm_authenticate%(c: connection, hdr: SMB1::Header, request: SMB::NTLMAuthenticate%);
-
-## Generated for SMB/CIFS requests that contain a security blob with a GSSAPI message of type *accept-completed*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
-## c: The connection.
-##
-## hdr: The parsed header of the SMB message.
-##
-event smb_ntlm_accepted%(c: connection, hdr: SMB1::Header%);
-
-
-#### Types
-
-type SMB::NTLMNegotiate: record;
-type SMB::NTLMChallenge: record;
-type SMB::NTLMAuthenticate: record;
-
-type SMB::NTLMNegotiateFlags: record;
-type SMB::NTLMVersion: record;
-type SMB::NTLMAVs: record;

From d6e01b7769b3b41d5154f7239e4f867718e024a4 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sun, 3 Apr 2016 04:18:45 -0400
Subject: [PATCH 49/84] Pushing out the new NTLM and GSSAPI analyzers.

I accidentally left these out of the previous commit.
---
 src/analyzer/protocol/gssapi/CMakeLists.txt   |  15 ++
 src/analyzer/protocol/gssapi/GSSAPI.cc        |  56 +++++
 src/analyzer/protocol/gssapi/GSSAPI.h         |  39 +++
 src/analyzer/protocol/gssapi/Plugin.cc        |  24 ++
 src/analyzer/protocol/gssapi/events.bif       |   5 +
 .../protocol/gssapi/gssapi-analyzer.pac       |  49 ++++
 .../protocol/gssapi/gssapi-protocol.pac       |  56 +++++
 src/analyzer/protocol/gssapi/gssapi.pac       |  30 +++
 src/analyzer/protocol/gssapi/types.bif        |   0
 src/analyzer/protocol/ntlm/CMakeLists.txt     |  15 ++
 src/analyzer/protocol/ntlm/NTLM.cc            |  56 +++++
 src/analyzer/protocol/ntlm/NTLM.h             |  39 +++
 src/analyzer/protocol/ntlm/Plugin.cc          |  24 ++
 src/analyzer/protocol/ntlm/events.bif         |  23 ++
 src/analyzer/protocol/ntlm/ntlm-analyzer.pac  | 223 ++++++++++++++++++
 src/analyzer/protocol/ntlm/ntlm-protocol.pac  | 201 ++++++++++++++++
 src/analyzer/protocol/ntlm/ntlm.pac           |  30 +++
 src/analyzer/protocol/ntlm/types.bif          |   9 +
 18 files changed, 894 insertions(+)
 create mode 100644 src/analyzer/protocol/gssapi/CMakeLists.txt
 create mode 100644 src/analyzer/protocol/gssapi/GSSAPI.cc
 create mode 100644 src/analyzer/protocol/gssapi/GSSAPI.h
 create mode 100644 src/analyzer/protocol/gssapi/Plugin.cc
 create mode 100644 src/analyzer/protocol/gssapi/events.bif
 create mode 100644 src/analyzer/protocol/gssapi/gssapi-analyzer.pac
 create mode 100644 src/analyzer/protocol/gssapi/gssapi-protocol.pac
 create mode 100644 src/analyzer/protocol/gssapi/gssapi.pac
 create mode 100644 src/analyzer/protocol/gssapi/types.bif
 create mode 100644 src/analyzer/protocol/ntlm/CMakeLists.txt
 create mode 100644 src/analyzer/protocol/ntlm/NTLM.cc
 create mode 100644 src/analyzer/protocol/ntlm/NTLM.h
 create mode 100644 src/analyzer/protocol/ntlm/Plugin.cc
 create mode 100644 src/analyzer/protocol/ntlm/events.bif
 create mode 100644 src/analyzer/protocol/ntlm/ntlm-analyzer.pac
 create mode 100644 src/analyzer/protocol/ntlm/ntlm-protocol.pac
 create mode 100644 src/analyzer/protocol/ntlm/ntlm.pac
 create mode 100644 src/analyzer/protocol/ntlm/types.bif

diff --git a/src/analyzer/protocol/gssapi/CMakeLists.txt b/src/analyzer/protocol/gssapi/CMakeLists.txt
new file mode 100644
index 0000000000..5338f04952
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/CMakeLists.txt
@@ -0,0 +1,15 @@
+
+include(BroPlugin)
+
+include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DIR})
+
+bro_plugin_begin(Bro GSSAPI)
+bro_plugin_cc(GSSAPI.cc Plugin.cc)
+bro_plugin_bif(types.bif events.bif)
+bro_plugin_pac(
+    gssapi.pac 
+    gssapi-protocol.pac
+    gssapi-analyzer.pac
+    )
+bro_plugin_end()
+
diff --git a/src/analyzer/protocol/gssapi/GSSAPI.cc b/src/analyzer/protocol/gssapi/GSSAPI.cc
new file mode 100644
index 0000000000..079eebe8d7
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/GSSAPI.cc
@@ -0,0 +1,56 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#include "GSSAPI.h"
+#include "analyzer/protocol/tcp/TCP_Reassembler.h"
+#include "Reporter.h"
+#include "events.bif.h"
+
+using namespace analyzer::gssapi;
+
+GSSAPI_Analyzer::GSSAPI_Analyzer(Connection* c)
+	: tcp::TCP_ApplicationAnalyzer("GSSAPI", c)
+	{
+	interp = new binpac::GSSAPI::GSSAPI_Conn(this);
+	}
+
+GSSAPI_Analyzer::~GSSAPI_Analyzer()
+	{
+	delete interp;
+	}
+
+void GSSAPI_Analyzer::Done()
+	{
+	tcp::TCP_ApplicationAnalyzer::Done();
+
+	interp->FlowEOF(true);
+	interp->FlowEOF(false);
+	}
+
+void GSSAPI_Analyzer::EndpointEOF(bool is_orig)
+	{
+	tcp::TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
+	interp->FlowEOF(is_orig);
+	}
+
+void GSSAPI_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
+	{
+	tcp::TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
+
+	assert(TCP());
+
+	try
+		{
+		interp->NewData(orig, data, data + len);
+		ProtocolConfirmation();
+		}
+	catch ( const binpac::Exception& e )
+		{
+		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+		}
+	}
+
+void GSSAPI_Analyzer::Undelivered(uint64 seq, int len, bool orig)
+	{
+	tcp::TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
+	interp->NewGap(orig, len);
+	}
diff --git a/src/analyzer/protocol/gssapi/GSSAPI.h b/src/analyzer/protocol/gssapi/GSSAPI.h
new file mode 100644
index 0000000000..3cb39c6536
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/GSSAPI.h
@@ -0,0 +1,39 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#ifndef ANALYZER_PROTOCOL_GSSAPI_GSSAPI_H
+#define ANALYZER_PROTOCOL_GSSAPI_GSSAPI_H
+
+#include "events.bif.h"
+#include "analyzer/protocol/tcp/TCP.h"
+
+#include "gssapi_pac.h"
+
+namespace analyzer { namespace gssapi {
+
+class GSSAPI_Analyzer
+
+: public tcp::TCP_ApplicationAnalyzer {
+
+public:
+	GSSAPI_Analyzer(Connection* conn);
+	virtual ~GSSAPI_Analyzer();
+
+	// Overriden from Analyzer.
+	virtual void Done();
+
+	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	virtual void Undelivered(uint64 seq, int len, bool orig);
+
+	// Overriden from tcp::TCP_ApplicationAnalyzer.
+	virtual void EndpointEOF(bool is_orig);
+
+	static analyzer::Analyzer* Instantiate(Connection* conn)
+		{ return new GSSAPI_Analyzer(conn); }
+
+protected:
+	binpac::GSSAPI::GSSAPI_Conn* interp;
+};
+
+} } // namespace analyzer::*
+
+#endif
diff --git a/src/analyzer/protocol/gssapi/Plugin.cc b/src/analyzer/protocol/gssapi/Plugin.cc
new file mode 100644
index 0000000000..3765d9b79d
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/Plugin.cc
@@ -0,0 +1,24 @@
+// See the file in the main distribution directory for copyright.
+
+#include "plugin/Plugin.h"
+
+#include "GSSAPI.h"
+
+namespace plugin {
+namespace Bro_GSSAPI {
+
+class Plugin : public plugin::Plugin {
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("GSSAPI", ::analyzer::gssapi::GSSAPI_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::GSSAPI";
+		config.description = "GSSAPI analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}
diff --git a/src/analyzer/protocol/gssapi/events.bif b/src/analyzer/protocol/gssapi/events.bif
new file mode 100644
index 0000000000..4b648f3c9a
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/events.bif
@@ -0,0 +1,5 @@
+## Generated for GSSAPI messages of type *accept-completed*.
+##
+## c: The connection.
+##
+event gssapi_accepted%(c: connection%);
diff --git a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
new file mode 100644
index 0000000000..6c3b5d30c4
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
@@ -0,0 +1,49 @@
+refine connection GSSAPI_Conn += {
+	%member{
+		analyzer::Analyzer *ntlm;
+	%}
+
+	%init{
+		ntlm = analyzer_mgr->InstantiateAnalyzer("NTLM", bro_analyzer->Conn());
+	%}
+
+	%cleanup{
+		if ( ntlm )
+			delete ntlm;
+	%}
+
+	function forward_ntlm(data: bytestring, is_orig: bool): bool
+		%{
+		if ( ntlm )
+			ntlm->DeliverStream(${data}.length(), ${data}.begin(), is_orig);
+		return true;
+		%}
+
+	function proc_gssapi_neg_token(val: GSSAPI_NEG_TOKEN): bool
+		%{
+		if ( ${val.is_init} )
+			return true;
+		
+		for ( uint i = 0; i < ${val.resp.args}->size(); ++i )
+			{
+			switch ( ${val.resp.args[i].seq_meta.index} )
+				{
+				case 0:
+					if ( ${val.resp.args[i].args.neg_state} == 0 )
+						{
+						BifEvent::generate_gssapi_accepted(bro_analyzer(), 
+						                                   bro_analyzer()->Conn());
+						}
+					break;
+				
+				default:
+					break;
+				}
+			}
+		return true;
+		%}
+}
+
+refine typeattr GSSAPI_NEG_TOKEN += &let {
+	proc : bool = $context.connection.proc_gssapi_neg_token(this);
+};
diff --git a/src/analyzer/protocol/gssapi/gssapi-protocol.pac b/src/analyzer/protocol/gssapi/gssapi-protocol.pac
new file mode 100644
index 0000000000..cbaee0572f
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/gssapi-protocol.pac
@@ -0,0 +1,56 @@
+
+type GSSAPI_NEG_TOKEN(is_orig: bool) = record {
+	wrapper  : ASN1EncodingMeta;
+	have_oid : case is_init of {
+		true  -> oid    : ASN1Encoding;
+		false -> no_oid : empty;
+	};
+	have_init_wrapper : case is_init of {
+		true  -> init_wrapper    : ASN1EncodingMeta;
+		false -> no_init_wrapper : empty;
+	};
+	msg_type : case is_init of {
+		true  -> init : GSSAPI_NEG_TOKEN_INIT;
+		false -> resp : GSSAPI_NEG_TOKEN_RESP;
+	};
+} &let {
+	is_init: bool = wrapper.tag == 0x60;
+} &byteorder=littleendian;
+
+type GSSAPI_NEG_TOKEN_INIT = record {
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_INIT_Arg[];
+};
+
+type GSSAPI_NEG_TOKEN_INIT_Arg = record {
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_INIT_Arg_Data(seq_meta.index) &length=seq_meta.length;
+};
+
+type GSSAPI_NEG_TOKEN_INIT_Arg_Data(index: uint8) = case index of {
+	0 -> mech_type_list : ASN1Encoding;
+	1 -> req_flags      : ASN1Encoding;
+	2 -> mech_token     : bytestring &restofdata;
+	3 -> mech_list_mic  : ASN1OctetString;
+} &let { 
+	fwd: bool = $context.connection.forward_ntlm(mech_token, true) &if(index==2); 
+};
+
+type GSSAPI_NEG_TOKEN_RESP = record {
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_RESP_Arg[];
+};
+
+type GSSAPI_NEG_TOKEN_RESP_Arg = record {
+	seq_meta : ASN1EncodingMeta;
+	args     : GSSAPI_NEG_TOKEN_RESP_Arg_Data(seq_meta.index) &length=seq_meta.length;
+};
+
+type GSSAPI_NEG_TOKEN_RESP_Arg_Data(index: uint8) = case index of {
+	0 -> neg_state      : ASN1Integer;
+	1 -> supported_mech : ASN1Encoding;
+	2 -> response_token : bytestring &restofdata;
+	3 -> mech_list_mic  : ASN1OctetString;
+} &let { 
+	fwd: bool = $context.connection.forward_ntlm(response_token, false) &if(index==2);
+};
diff --git a/src/analyzer/protocol/gssapi/gssapi.pac b/src/analyzer/protocol/gssapi/gssapi.pac
new file mode 100644
index 0000000000..07759e8daa
--- /dev/null
+++ b/src/analyzer/protocol/gssapi/gssapi.pac
@@ -0,0 +1,30 @@
+%include binpac.pac
+%include bro.pac
+
+%extern{
+#include "analyzer/Manager.h"
+#include "analyzer/Analyzer.h"
+
+#include "types.bif.h"
+#include "events.bif.h"
+%}
+
+analyzer GSSAPI withcontext {
+	connection : GSSAPI_Conn;
+	flow       : GSSAPI_Flow;
+};
+
+connection GSSAPI_Conn(bro_analyzer: BroAnalyzer) {
+	upflow   = GSSAPI_Flow(true);
+	downflow = GSSAPI_Flow(false);
+};
+
+%include gssapi-protocol.pac
+%include ../asn1/asn1.pac
+
+# Now we define the flow:
+flow GSSAPI_Flow(is_orig: bool) {
+	datagram = GSSAPI_NEG_TOKEN(is_orig) withcontext(connection, this);
+};
+
+%include gssapi-analyzer.pac
diff --git a/src/analyzer/protocol/gssapi/types.bif b/src/analyzer/protocol/gssapi/types.bif
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/src/analyzer/protocol/ntlm/CMakeLists.txt b/src/analyzer/protocol/ntlm/CMakeLists.txt
new file mode 100644
index 0000000000..fe2d4115e9
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/CMakeLists.txt
@@ -0,0 +1,15 @@
+
+include(BroPlugin)
+
+include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DIR})
+
+bro_plugin_begin(Bro NTLM)
+bro_plugin_cc(NTLM.cc Plugin.cc)
+bro_plugin_bif(types.bif events.bif)
+bro_plugin_pac(
+    ntlm.pac
+    ntlm-protocol.pac
+    ntlm-analyzer.pac
+    )
+bro_plugin_end()
+
diff --git a/src/analyzer/protocol/ntlm/NTLM.cc b/src/analyzer/protocol/ntlm/NTLM.cc
new file mode 100644
index 0000000000..cc7bd04d1d
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/NTLM.cc
@@ -0,0 +1,56 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#include "NTLM.h"
+#include "analyzer/protocol/tcp/TCP_Reassembler.h"
+#include "Reporter.h"
+#include "events.bif.h"
+
+using namespace analyzer::ntlm;
+
+NTLM_Analyzer::NTLM_Analyzer(Connection* c)
+	: tcp::TCP_ApplicationAnalyzer("NTLM", c)
+	{
+	interp = new binpac::NTLM::NTLM_Conn(this);
+	}
+
+NTLM_Analyzer::~NTLM_Analyzer()
+	{
+	delete interp;
+	}
+
+void NTLM_Analyzer::Done()
+	{
+	tcp::TCP_ApplicationAnalyzer::Done();
+
+	interp->FlowEOF(true);
+	interp->FlowEOF(false);
+	}
+
+void NTLM_Analyzer::EndpointEOF(bool is_orig)
+	{
+	tcp::TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
+	interp->FlowEOF(is_orig);
+	}
+
+void NTLM_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
+	{
+	tcp::TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
+
+	assert(TCP());
+
+	try
+		{
+		interp->NewData(orig, data, data + len);
+		ProtocolConfirmation();
+		}
+	catch ( const binpac::Exception& e )
+		{
+		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+		}
+	}
+
+void NTLM_Analyzer::Undelivered(uint64 seq, int len, bool orig)
+	{
+	tcp::TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
+	interp->NewGap(orig, len);
+	}
diff --git a/src/analyzer/protocol/ntlm/NTLM.h b/src/analyzer/protocol/ntlm/NTLM.h
new file mode 100644
index 0000000000..77a56eb94f
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/NTLM.h
@@ -0,0 +1,39 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#ifndef ANALYZER_PROTOCOL_NTLM_NTLM_H
+#define ANALYZER_PROTOCOL_NTLM_NTLM_H
+
+#include "events.bif.h"
+#include "analyzer/protocol/tcp/TCP.h"
+
+#include "ntlm_pac.h"
+
+namespace analyzer { namespace ntlm {
+
+class NTLM_Analyzer
+
+: public tcp::TCP_ApplicationAnalyzer {
+
+public:
+	NTLM_Analyzer(Connection* conn);
+	virtual ~NTLM_Analyzer();
+
+	// Overriden from Analyzer.
+	virtual void Done();
+
+	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	virtual void Undelivered(uint64 seq, int len, bool orig);
+
+	// Overriden from tcp::TCP_ApplicationAnalyzer.
+	virtual void EndpointEOF(bool is_orig);
+
+	static analyzer::Analyzer* Instantiate(Connection* conn)
+		{ return new NTLM_Analyzer(conn); }
+
+protected:
+	binpac::NTLM::NTLM_Conn* interp;
+};
+
+} } // namespace analyzer::*
+
+#endif
diff --git a/src/analyzer/protocol/ntlm/Plugin.cc b/src/analyzer/protocol/ntlm/Plugin.cc
new file mode 100644
index 0000000000..a9450537b5
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/Plugin.cc
@@ -0,0 +1,24 @@
+// See the file in the main distribution directory for copyright.
+
+#include "plugin/Plugin.h"
+
+#include "NTLM.h"
+
+namespace plugin {
+namespace Bro_NTLM {
+
+class Plugin : public plugin::Plugin {
+public:
+	plugin::Configuration Configure()
+		{
+		AddComponent(new ::analyzer::Component("NTLM", ::analyzer::ntlm::NTLM_Analyzer::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Bro::NTLM";
+		config.description = "NTLM analyzer";
+		return config;
+		}
+} plugin;
+
+}
+}
diff --git a/src/analyzer/protocol/ntlm/events.bif b/src/analyzer/protocol/ntlm/events.bif
new file mode 100644
index 0000000000..4c99fc561e
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/events.bif
@@ -0,0 +1,23 @@
+## Generated for NTLM messages of type *negotiate*.
+##
+## c: The connection.
+##
+## negotiate: The parsed data of the NTLM message. See init-bare for more details.
+##
+event ntlm_negotiate%(c: connection, negotiate: NTLM::Negotiate%);
+
+## Generated for NTLM messages of type *challenge*.
+##
+## c: The connection.
+##
+## negotiate: The parsed data of the NTLM message. See init-bare for more details.
+##
+event ntlm_challenge%(c: connection, challenge: NTLM::Challenge%);
+
+## Generated for NTLM messages of type *authenticate*.
+##
+## c: The connection.
+##
+## request: The parsed data of the NTLM message. See init-bare for more details.
+##
+event ntlm_authenticate%(c: connection, request: NTLM::Authenticate%);
diff --git a/src/analyzer/protocol/ntlm/ntlm-analyzer.pac b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
new file mode 100644
index 0000000000..555c4dbe61
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
@@ -0,0 +1,223 @@
+
+%extern{
+#include "ConvertUTF.h"
+%}
+
+refine connection NTLM_Conn += {
+
+	# This is copied from the RDP analyzer :(
+	function utf16_to_utf8_val(utf16: bytestring): StringVal
+		%{
+		std::string resultstring;
+
+		size_t utf8size = (3 * utf16.length() + 1);
+
+		if ( utf8size > resultstring.max_size() )
+			{
+			bro_analyzer()->Weird("excessive_utf16_length");
+			// If the conversion didn't go well, return the original data.
+			return bytestring_to_val(utf16);
+			}
+
+		resultstring.resize(utf8size, '\0');
+
+		// We can't assume that the string data is properly aligned
+		// here, so make a copy.
+		UTF16 utf16_copy[utf16.length()]; // Twice as much memory than necessary.
+		memcpy(utf16_copy, utf16.begin(), utf16.length());
+
+		const char* utf16_copy_end = reinterpret_cast<const char*>(utf16_copy) + utf16.length();
+		const UTF16* sourcestart = utf16_copy;
+		const UTF16* sourceend = reinterpret_cast<const UTF16*>(utf16_copy_end);
+
+		UTF8* targetstart = reinterpret_cast<UTF8*>(&resultstring[0]);
+		UTF8* targetend = targetstart + utf8size;
+
+		ConversionResult res = ConvertUTF16toUTF8(&sourcestart,
+		                                          sourceend,
+		                                          &targetstart,
+		                                          targetend,
+		                                          lenientConversion);
+		if ( res != conversionOK )
+			{
+			bro_analyzer()->Weird("utf16_conversion_failed");
+			// If the conversion didn't go well, return the original data.
+			return bytestring_to_val(utf16);
+			}
+
+		*targetstart = 0;
+
+		// We're relying on no nulls being in the string.
+		//return new StringVal(resultstring.length(), (const char *) resultstring.data());
+		return new StringVal(resultstring.c_str());
+		%}
+
+	# This is replicated from the SMB analyzer. :(
+	function filetime2brotime(ts: uint64): Val
+		%{
+		double secs = (ts / 10000000.0);
+
+		// Bro can't support times back to the 1600's 
+		// so we subtract a lot of seconds.
+		Val* bro_ts = new Val(secs - 11644473600.0, TYPE_TIME);
+		
+		return bro_ts;
+		%}
+
+	function build_version_record(val: NTLM_Version): BroVal
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::NTLM::Version);
+		result->Assign(0, new Val(${val.major_version}, TYPE_COUNT));
+		result->Assign(1, new Val(${val.minor_version}, TYPE_COUNT));
+		result->Assign(2, new Val(${val.build_number},  TYPE_COUNT));
+		result->Assign(3, new Val(${val.ntlm_revision}, TYPE_COUNT));
+
+		return result;
+		%}
+
+	function build_av_record(val: NTLM_AV_Pair_Sequence): BroVal
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::NTLM::AVs);
+		for ( uint i = 0; ${val.pairs[i].id} != 0; i++ )
+			{
+			switch ( ${val.pairs[i].id} ) 
+				{
+				case 1:
+					result->Assign(0, utf16_to_utf8_val(${val.pairs[i].nb_computer_name.data}));
+					break;
+				case 2:
+					result->Assign(1, utf16_to_utf8_val(${val.pairs[i].nb_domain_name.data}));
+					break;
+				case 3:
+					result->Assign(2, utf16_to_utf8_val(${val.pairs[i].dns_computer_name.data}));
+					break;
+				case 4:
+					result->Assign(3, utf16_to_utf8_val(${val.pairs[i].dns_domain_name.data}));
+					break;
+				case 5:
+					result->Assign(4, utf16_to_utf8_val(${val.pairs[i].dns_tree_name.data}));
+					break;
+				case 6:
+					result->Assign(5, new Val(${val.pairs[i].constrained_auth}, TYPE_BOOL));
+					break;
+				case 7:
+					result->Assign(6, filetime2brotime(${val.pairs[i].timestamp}));
+					break;
+				case 8:
+					result->Assign(7, new Val(${val.pairs[i].single_host.machine_id}, TYPE_COUNT));
+					break;
+				case 9:
+					result->Assign(8, utf16_to_utf8_val(${val.pairs[i].target_name.data}));
+					break;
+				}
+			}
+		return result;
+		%}
+
+	function build_negotiate_flag_record(val: NTLM_Negotiate_Flags): BroVal
+		%{
+		RecordVal* flags = new RecordVal(BifType::Record::NTLM::NegotiateFlags);
+		flags->Assign(0, new Val(${val.negotiate_56},                        TYPE_BOOL));
+		flags->Assign(1, new Val(${val.negotiate_key_exch},                  TYPE_BOOL));
+		flags->Assign(2, new Val(${val.negotiate_128},                       TYPE_BOOL));
+		flags->Assign(3, new Val(${val.negotiate_version},                   TYPE_BOOL));
+		flags->Assign(4, new Val(${val.negotiate_target_info},               TYPE_BOOL));
+		flags->Assign(5, new Val(${val.request_non_nt_session_key},          TYPE_BOOL));
+		flags->Assign(6, new Val(${val.negotiate_identify},                  TYPE_BOOL));
+		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity},  TYPE_BOOL));
+		flags->Assign(8, new Val(${val.target_type_server},                  TYPE_BOOL));
+		flags->Assign(9, new Val(${val.target_type_domain},                  TYPE_BOOL));
+		flags->Assign(10, new Val(${val.negotiate_always_sign},              TYPE_BOOL));
+		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, TYPE_BOOL));
+		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied},      TYPE_BOOL));
+		flags->Assign(13, new Val(${val.negotiate_anonymous_connection},     TYPE_BOOL));
+		flags->Assign(14, new Val(${val.negotiate_ntlm},                     TYPE_BOOL));
+		flags->Assign(15, new Val(${val.negotiate_lm_key},                   TYPE_BOOL));
+		flags->Assign(16, new Val(${val.negotiate_datagram},                 TYPE_BOOL));
+		flags->Assign(17, new Val(${val.negotiate_seal},                     TYPE_BOOL));
+		flags->Assign(18, new Val(${val.negotiate_sign},                     TYPE_BOOL));
+		flags->Assign(19, new Val(${val.request_target},                     TYPE_BOOL));
+		flags->Assign(20, new Val(${val.negotiate_oem},                      TYPE_BOOL));
+		flags->Assign(21, new Val(${val.negotiate_unicode},                  TYPE_BOOL));
+
+		return flags;
+		%}
+
+	function proc_ntlm_negotiate(val: NTLM_Negotiate): bool
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::NTLM::Negotiate);
+		result->Assign(0, build_negotiate_flag_record(${val.flags}));
+
+		if ( ${val.flags.negotiate_oem_domain_supplied} )
+		        result->Assign(1, utf16_to_utf8_val(${val.domain_name.string.data}));
+
+		if ( ${val.flags.negotiate_oem_workstation_supplied} )
+		        result->Assign(2, utf16_to_utf8_val(${val.workstation.string.data}));
+
+		if ( ${val.flags.negotiate_version} )
+		        result->Assign(3, build_version_record(${val.version}));
+
+		BifEvent::generate_ntlm_negotiate(bro_analyzer(), 
+		                                  bro_analyzer()->Conn(),
+		                                  result);
+
+		return true;
+		%}
+
+	function proc_ntlm_challenge(val: NTLM_Challenge): bool
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::NTLM::Challenge);
+		result->Assign(0, build_negotiate_flag_record(${val.flags}));
+
+		if ( ${val.flags.request_target} )
+			result->Assign(1, utf16_to_utf8_val(${val.target_name.string.data}));
+
+		if ( ${val.flags.negotiate_version} )
+			result->Assign(2, build_version_record(${val.version}));
+
+		if ( ${val.flags.negotiate_target_info} )
+			result->Assign(3, build_av_record(${val.target_info}));
+
+		BifEvent::generate_ntlm_challenge(bro_analyzer(), 
+		                                  bro_analyzer()->Conn(),
+		                                  result);
+
+		return true;
+		%}
+
+	function proc_ntlm_authenticate(val: NTLM_Authenticate): bool
+		%{
+		RecordVal* result = new RecordVal(BifType::Record::NTLM::Authenticate);
+		result->Assign(0, build_negotiate_flag_record(${val.flags}));
+
+		if ( ${val.domain_name_fields.length} > 0 )
+			result->Assign(1, utf16_to_utf8_val(${val.domain_name.string.data}));
+
+		if ( ${val.user_name_fields.length} > 0 )
+			result->Assign(2, utf16_to_utf8_val(${val.user_name.string.data}));
+
+		if ( ${val.workstation_fields.length} > 0 )
+			result->Assign(3, utf16_to_utf8_val(${val.workstation.string.data}));
+
+		if ( ${val.flags.negotiate_version} )
+			result->Assign(4, build_version_record(${val.version}));
+
+		BifEvent::generate_ntlm_authenticate(bro_analyzer(),
+		                                     bro_analyzer()->Conn(),
+		                                     result);
+		return true;
+		%}
+}
+
+refine typeattr NTLM_Negotiate += &let {
+	proc = $context.connection.proc_ntlm_negotiate(this);
+};
+
+refine typeattr NTLM_Challenge += &let {
+	proc : bool = $context.connection.proc_ntlm_challenge(this);
+};
+
+refine typeattr NTLM_Authenticate += &let {
+	proc : bool = $context.connection.proc_ntlm_authenticate(this);
+};
+
diff --git a/src/analyzer/protocol/ntlm/ntlm-protocol.pac b/src/analyzer/protocol/ntlm/ntlm-protocol.pac
new file mode 100644
index 0000000000..6f5fef29b9
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/ntlm-protocol.pac
@@ -0,0 +1,201 @@
+
+type NTLM_SSP_Token(is_orig: bool) = record {
+	meta        : ASN1EncodingMeta;
+	signature   : bytestring &length=8;
+	msg_type    : uint32;
+	msg         : case msg_type of {
+		1       -> negotiate    : NTLM_Negotiate(offsetof(msg) - offsetof(signature));
+		2       -> challenge    : NTLM_Challenge(offsetof(msg) - offsetof(signature));
+		3       -> authenticate : NTLM_Authenticate(offsetof(msg) - offsetof(signature));
+		default -> def          : bytestring &restofdata &transient;
+	};
+} &byteorder=littleendian;
+
+type NTLM_Negotiate(offset: uint16) = record {
+	flags               : NTLM_Negotiate_Flags;
+	domain_name_fields  : NTLM_StringData;
+	workstation_fields  : NTLM_StringData;
+	version_present     : case flags.negotiate_version of {
+		true  -> version    : NTLM_Version;
+		false -> no_version : empty;
+	};
+	payload             : bytestring &restofdata;
+} &let {
+	absolute_offset : uint16 = offsetof(payload) + offset;
+	domain_name     : NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_domain_supplied);
+	workstation     : NTLM_String(workstation_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_oem_workstation_supplied);
+};
+
+type NTLM_Challenge(offset: uint16) = record {
+	target_name_fields  : NTLM_StringData;
+	flags               : NTLM_Negotiate_Flags;
+	challenge           : uint64;
+	reserved            : padding[8];
+	target_info_fields  : NTLM_StringData;
+	version_present     : case flags.negotiate_version of {
+		true  -> version    : NTLM_Version;
+		false -> no_version : empty;
+	};
+	payload             : bytestring &restofdata;
+} &let {
+	absolute_offset : uint16 = offsetof(payload) + offset;
+	target_name     : NTLM_String(target_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.request_target);
+	target_info     : NTLM_AV_Pair_Sequence(target_info_fields.offset - absolute_offset) withinput payload &if(flags.negotiate_target_info);
+};
+
+type NTLM_Authenticate(offset: uint16) = record {
+	lm_challenge_response_fields : NTLM_StringData;
+	nt_challenge_response_fields : NTLM_StringData;
+	domain_name_fields           : NTLM_StringData;
+	user_name_fields             : NTLM_StringData;
+	workstation_fields           : NTLM_StringData;
+	encrypted_session_key_fields : NTLM_StringData;
+	flags                        : NTLM_Negotiate_Flags;
+	version_present              : case flags.negotiate_version of {
+		true  -> version    : NTLM_Version;
+		false -> no_version : empty;
+	};
+
+#   Windows NT, 2000, XP, and 2003 don't have the MIC field
+#	TODO - figure out how to parse this for those that do have it
+#	mic                         : bytestring &length=16;
+
+	payload                     : bytestring &restofdata;
+} &let {
+	absolute_offset       : uint16 = offsetof(payload) + offset;
+	domain_name           : NTLM_String(domain_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(domain_name_fields.length > 0);
+	user_name             : NTLM_String(user_name_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(user_name_fields.length > 0);
+	workstation           : NTLM_String(workstation_fields, absolute_offset , flags.negotiate_unicode) withinput payload &if(workstation_fields.length > 0);
+	encrypted_session_key : NTLM_String(encrypted_session_key_fields, absolute_offset, flags.negotiate_unicode) withinput payload &if(flags.negotiate_key_exch);
+};
+
+type NTLM_Version = record {
+	major_version	: uint8;
+	minor_version	: uint8;
+	build_number	: uint16;
+	reserved		: padding[3];
+	ntlm_revision	: uint8;
+};
+
+type NTLM_StringData = record {
+	length     : uint16;
+	max_length : uint16;
+	offset     : uint32;
+};
+
+type Fixed_Length_String(unicode: bool) = record {
+	data: bytestring &restofdata;
+};
+
+type NTLM_String(fields: NTLM_StringData, offset: uint16, unicode: bool) = record {
+	pad1   : padding to fields.offset - offset;
+	string : Fixed_Length_String(unicode) &length=fields.length;
+};
+
+type NTLM_AV_Pair_Sequence(offset: uint16) = record {
+	pad1  : padding to offset;
+	pairs : NTLM_AV_Pair[] &until($element.last);
+};
+
+type NTLM_AV_Pair = record {
+	id         : uint16;
+	length     : uint16;
+	value_case : case id of {
+		0x0000 -> av_eol            : empty;
+		0x0001 -> nb_computer_name  : Fixed_Length_String(true) &length=length;
+		0x0002 -> nb_domain_name    : Fixed_Length_String(true) &length=length;
+		0x0003 -> dns_computer_name : Fixed_Length_String(true) &length=length;
+		0x0004 -> dns_domain_name   : Fixed_Length_String(true) &length=length;
+		0x0005 -> dns_tree_name     : Fixed_Length_String(true) &length=length;
+		0x0006 -> av_flags          : uint32;
+		0x0007 -> timestamp         : uint64;
+		0x0008 -> single_host       : NTLM_Single_Host;
+		0x0009 -> target_name       : Fixed_Length_String(true) &length=length;
+		0x000a -> channel_bindings  : uint16;
+	};
+} &let {
+	last             : bool = (id == 0x0000);
+	# av_flags refinement
+	constrained_auth : bool = (av_flags & 0x00000001) > 0 &if(id == 0x0006);
+	mic_present      : bool = (av_flags & 0x00000002) > 0 &if(id == 0x0006);
+	untrusted_source : bool = (av_flags & 0x00000004) > 0 &if(id == 0x0006);
+};
+
+type NTLM_Single_Host = record {
+	size         : uint32;
+	padpad       : padding[4];
+	data_present : uint32;
+	optional     : case custom_data_present of {
+		true  -> custom_data : bytestring &length=4;
+		false -> nothing     : empty;
+	};
+	machine_id   : uint32;
+} &let {
+	custom_data_present: bool = (data_present & 0x00000001) > 0;
+};
+
+type LM_Response(offset: uint16) = record {
+	# This can be either LM (24 byte response) or
+	# LMv2 (16 byte response + 8 byte client challenge. No way to
+	# know for sure.
+	padpad   : padding to offset;
+	response : bytestring &length=24;
+};
+
+type NTLM_Response(offset: uint16) = record {
+	padpad   : padding to offset;
+	response : bytestring &length=24;
+};
+
+type NTLMv2_Response(flags: NTLM_Negotiate_Flags, offset: uint16) = record {
+	padpad           : padding to offset;
+	response         : bytestring &length=16;
+	client_challenge : NTLMv2_Client_Challenge(flags);
+};
+
+type NTLMv2_Client_Challenge(flags: NTLM_Negotiate_Flags) = record {
+	resp_type        : uint8;
+	max_resp_type    : uint8;
+	reserved         : padding[6];
+	timestamp        : uint64;
+	client_challenge : bytestring &length=8;
+	reserved2        : padding[4];
+	av_pairs         : NTLM_AV_Pair_Sequence(0);
+};
+
+type NTLM_Negotiate_Flags = record {
+	flags: uint32;
+} &let {
+	negotiate_56                        : bool = (flags & 0x80000000) > 0;
+	negotiate_key_exch                  : bool = (flags & 0x40000000) > 0;
+	negotiate_128                       : bool = (flags & 0x20000000) > 0;
+	
+	negotiate_version                   : bool = (flags & 0x02000000) > 0;
+	
+	negotiate_target_info               : bool = (flags & 0x00800000) > 0;
+	request_non_nt_session_key          : bool = (flags & 0x00400000) > 0;
+	negotiate_identify                  : bool = (flags & 0x00100000) > 0;
+	
+	negotiate_extended_sessionsecurity  : bool = (flags & 0x00040000) > 0;
+	target_type_server                  : bool = (flags & 0x00020000) > 0;
+	target_type_domain                  : bool = (flags & 0x00010000) > 0;
+
+	negotiate_always_sign               : bool = (flags & 0x00008000) > 0;
+	negotiate_oem_workstation_supplied  : bool = (flags & 0x00002000) > 0;
+	negotiate_oem_domain_supplied       : bool = (flags & 0x00001000) > 0;
+
+	negotiate_anonymous_connection      : bool = (flags & 0x00000400) > 0;
+	negotiate_ntlm                      : bool = (flags & 0x00000100) > 0;
+
+	negotiate_lm_key                    : bool = (flags & 0x00000080) > 0;
+	negotiate_datagram                  : bool = (flags & 0x00000040) > 0;
+	negotiate_seal                      : bool = (flags & 0x00000020) > 0;
+
+	negotiate_sign                      : bool = (flags & 0x00000008) > 0;
+	request_target                      : bool = (flags & 0x00000004) > 0;
+	negotiate_oem                       : bool = (flags & 0x00000002) > 0;
+	negotiate_unicode                   : bool = (flags & 0x00000001) > 0;
+
+	is_oem                              : bool = !negotiate_unicode && negotiate_oem;
+	is_invalid                          : bool = !negotiate_unicode && !negotiate_oem;
+};
diff --git a/src/analyzer/protocol/ntlm/ntlm.pac b/src/analyzer/protocol/ntlm/ntlm.pac
new file mode 100644
index 0000000000..ee5d33b688
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/ntlm.pac
@@ -0,0 +1,30 @@
+%include binpac.pac
+%include bro.pac
+
+%extern{
+#include "analyzer/Manager.h"
+#include "analyzer/Analyzer.h"
+
+#include "types.bif.h"
+#include "events.bif.h"
+%}
+
+analyzer NTLM withcontext {
+	connection : NTLM_Conn;
+	flow       : NTLM_Flow;
+};
+
+connection NTLM_Conn(bro_analyzer: BroAnalyzer) {
+	upflow   = NTLM_Flow(true);
+	downflow = NTLM_Flow(false);
+};
+
+%include ntlm-protocol.pac
+%include ../asn1/asn1.pac
+
+# Now we define the flow:
+flow NTLM_Flow(is_orig: bool) {
+	datagram = NTLM_SSP_Token(is_orig) withcontext(connection, this);
+};
+
+%include ntlm-analyzer.pac
\ No newline at end of file
diff --git a/src/analyzer/protocol/ntlm/types.bif b/src/analyzer/protocol/ntlm/types.bif
new file mode 100644
index 0000000000..c76c0d425e
--- /dev/null
+++ b/src/analyzer/protocol/ntlm/types.bif
@@ -0,0 +1,9 @@
+
+module NTLM;
+
+type NTLM::Negotiate: record;
+type NTLM::Challenge: record;
+type NTLM::Authenticate: record;
+type NTLM::NegotiateFlags: record;
+type NTLM::Version: record;
+type NTLM::AVs: record;
\ No newline at end of file

From 143eee5d8d30098930b9e4bddcffcf19d31ff2a5 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sun, 3 Apr 2016 15:46:02 -0400
Subject: [PATCH 50/84] Removed SMB Auth stuff and changed "DISK" to be the
 default share type.

 - SMB auth information is now present in the ntlm.log.
 - Still need a heuristic to switch this to PIPE or other
   for non-DISK mounts.
---
 scripts/base/protocols/smb/main.bro | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 66cca136c1..b6dcae08c6 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -94,16 +94,7 @@ export {
 		native_file_system  : string &log &optional;
 		## If this is SMB2, a share type will be included.  For SMB1,
 		## the type of share will be deduced and included as well.
-		share_type          : string &log &default="UNKNOWN";
-	};
-
-	type AuthInfo: record {
-		ts         : time    &log;
-		uid        : string  &log;
-		id         : conn_id &log;
-		username   : string  &log &optional;
-		hostname   : string  &log &optional;
-		domainname : string  &log &optional;
+		share_type          : string &log &default="DISK";
 	};
 
 	## This record is for the smb_cmd.log
@@ -153,8 +144,6 @@ export {
 		current_file   : FileInfo    &optional;
 		## A reference to the current tree.
 		current_tree   : TreeInfo    &optional;
-		## A reference to the currently authenticated user.
-		current_auth   : AuthInfo    &optional;
 		
 		## Indexed on MID to map responses to requests.
 		pending_cmds : table[count] of CmdInfo   &optional;
@@ -213,7 +202,6 @@ redef likely_server_ports += { ports };
 event bro_init() &priority=5
 	{
 	Log::create_stream(CMD_LOG, [$columns=SMB::CmdInfo]);
-	Log::create_stream(AUTH_LOG, [$columns=SMB::AuthInfo]);
 	Log::create_stream(FILES_LOG, [$columns=SMB::FileInfo]);
 	Log::create_stream(MAPPING_LOG, [$columns=SMB::TreeInfo]);
 

From 68d0f697eb79d8408d0a9616ecbce1d74c6672b3 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sun, 3 Apr 2016 15:48:47 -0400
Subject: [PATCH 51/84] Move some of the last DCE_RPC scripts out of SMB
 scripts.

---
 scripts/base/protocols/dce-rpc/__load__.bro   |  2 ++
 .../pipe.bro => dce-rpc/endpoint-atsvc.bro}   | 26 +++++++++----------
 scripts/base/protocols/smb/__load__.bro       |  1 -
 3 files changed, 15 insertions(+), 14 deletions(-)
 rename scripts/base/protocols/{smb/pipe.bro => dce-rpc/endpoint-atsvc.bro} (54%)

diff --git a/scripts/base/protocols/dce-rpc/__load__.bro b/scripts/base/protocols/dce-rpc/__load__.bro
index 1d47f6e0cd..155b8369b8 100644
--- a/scripts/base/protocols/dce-rpc/__load__.bro
+++ b/scripts/base/protocols/dce-rpc/__load__.bro
@@ -1,2 +1,4 @@
 @load ./consts
 @load ./main
+
+@load ./endpoint-atsvc
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/pipe.bro b/scripts/base/protocols/dce-rpc/endpoint-atsvc.bro
similarity index 54%
rename from scripts/base/protocols/smb/pipe.bro
rename to scripts/base/protocols/dce-rpc/endpoint-atsvc.bro
index 6057c73700..88a08403d4 100644
--- a/scripts/base/protocols/smb/pipe.bro
+++ b/scripts/base/protocols/dce-rpc/endpoint-atsvc.bro
@@ -1,4 +1,4 @@
-module SMB;
+module DCE_RPC;
 
 export {
 	redef enum Log::ID += {
@@ -16,16 +16,16 @@ export {
 	};
 }
 
-redef record SMB::State += {
-	pipe_atsvc: ATSvcInfo &optional;
+redef record DCE_RPC::State += {
+	endpoint_atsvc: ATSvcInfo &optional;
 };
 
 event bro_init() &priority=5
 	{
-	Log::create_stream(ATSVC_LOG, [$columns=ATSvcInfo]);
+	Log::create_stream(ATSVC_LOG, [$columns=ATSvcInfo, $path="dce_rpc_atsvc"]);
 	}
 
-event smb_atsvc_job_add(c: connection, server: string, job: string) &priority=5
+event atsvc_job_add(c: connection, server: string, job: string) &priority=5
 	{
 	local info = ATSvcInfo($ts=network_time(),
 	                       $uid = c$uid,
@@ -33,20 +33,20 @@ event smb_atsvc_job_add(c: connection, server: string, job: string) &priority=5
 	                       $command = "Add job",
 	                       $arg = job,
 	                       $server = server);
-	c$smb_state$pipe_atsvc = info;
+	c$dce_rpc_state$endpoint_atsvc = info;
 	}
 
-event smb_atsvc_job_id(c: connection, id: count, status: count) &priority=5
+event atsvc_job_id(c: connection, id: count, status: count) &priority=5
 	{
-	if ( c$smb_state?$pipe_atsvc )
-		c$smb_state$pipe_atsvc$result = (status==0) ? "success" : "failed";
+	if ( c$dce_rpc_state?$endpoint_atsvc )
+		c$dce_rpc_state$endpoint_atsvc$result = (status==0) ? "success" : "failed";
 	}
 
-event smb_atsvc_job_id(c: connection, id: count, status: count) &priority=-5
+event atsvc_job_id(c: connection, id: count, status: count) &priority=-5
 	{
-	if ( c$smb_state?$pipe_atsvc )
+	if ( c$dce_rpc_state?$endpoint_atsvc )
 		{
-		Log::write(ATSVC_LOG, c$smb_state$pipe_atsvc);
-		delete c$smb_state$pipe_atsvc;
+		Log::write(ATSVC_LOG, c$dce_rpc_state$endpoint_atsvc);
+		delete c$dce_rpc_state$endpoint_atsvc;
 		}
 	}
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/__load__.bro b/scripts/base/protocols/smb/__load__.bro
index 0d9de8c984..34973466d2 100644
--- a/scripts/base/protocols/smb/__load__.bro
+++ b/scripts/base/protocols/smb/__load__.bro
@@ -2,7 +2,6 @@
 @load ./const-dos-error
 @load ./const-nt-status
 @load ./main
-@load ./pipe
 @load ./smb1-main
 @load ./smb2-main
 @load ./files

From 6b5d969e49402a63b5ff4762651aa19f04e6b7fd Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sun, 3 Apr 2016 15:49:02 -0400
Subject: [PATCH 52/84] Fixing a test baseline (more stuff working right!)

---
 .../Baseline/scripts.base.protocols.smb.smb1/smb_files.log   | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
index 46781576ac..41c5085958 100644
--- a/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smb.smb1/smb_files.log
@@ -3,12 +3,11 @@
 #empty_field	(empty)
 #unset_field	-
 #path	smb_files
-#open	2016-04-01-13-33-43
+#open	2016-04-03-19-43-52
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	fuid	action	path	name	size	times.modified	times.accessed	times.created	times.changed
 #types	time	string	addr	port	addr	port	string	enum	string	string	count	time	time	time	time
 1403194573.483536	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::FILE_OPEN	-	<share_root>	0	1403193605.830790	1403193605.830790	1403193211.405449	1403193605.830790
 1403194573.484701	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::FILE_OPEN	-	Test	0	1403193632.973276	1403193632.973276	1403193604.628965	1403193632.973276
 1403194574.150293	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	-	SMB::FILE_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
-1403194574.232191	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	FyxE5A19VJyangfN54	SMB::FILE_OPEN	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
 1403194574.232191	CXWv6p3arKYeMETxOg	192.168.1.78	55770	192.168.1.53	445	FyxE5A19VJyangfN54	SMB::FILE_CLOSE	-	Test\\2009-12 Payroll.xlsx	25940	1403148950.000000	1403193623.046524	1403148950.000000	1403193632.973276
-#close	2016-04-01-13-33-43
+#close	2016-04-03-19-43-52

From c63bd17b5f4195b358dd7d4df483d291dca704f8 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Sun, 3 Apr 2016 23:59:02 -0400
Subject: [PATCH 53/84] Create a binpac function for converting UTF16 text to
 UTF8

 - Abstracting a function from RDP and NTLM analyzers.
---
 src/analyzer/protocol/ntlm/ntlm-analyzer.pac | 75 ++++----------------
 src/analyzer/protocol/rdp/rdp-analyzer.pac   | 51 +------------
 src/binpac_bro-lib.pac                       | 49 +++++++++++++
 src/bro.pac                                  |  1 +
 4 files changed, 65 insertions(+), 111 deletions(-)

diff --git a/src/analyzer/protocol/ntlm/ntlm-analyzer.pac b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
index 555c4dbe61..fbe4bbdeb1 100644
--- a/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
+++ b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
@@ -1,57 +1,6 @@
 
-%extern{
-#include "ConvertUTF.h"
-%}
-
 refine connection NTLM_Conn += {
 
-	# This is copied from the RDP analyzer :(
-	function utf16_to_utf8_val(utf16: bytestring): StringVal
-		%{
-		std::string resultstring;
-
-		size_t utf8size = (3 * utf16.length() + 1);
-
-		if ( utf8size > resultstring.max_size() )
-			{
-			bro_analyzer()->Weird("excessive_utf16_length");
-			// If the conversion didn't go well, return the original data.
-			return bytestring_to_val(utf16);
-			}
-
-		resultstring.resize(utf8size, '\0');
-
-		// We can't assume that the string data is properly aligned
-		// here, so make a copy.
-		UTF16 utf16_copy[utf16.length()]; // Twice as much memory than necessary.
-		memcpy(utf16_copy, utf16.begin(), utf16.length());
-
-		const char* utf16_copy_end = reinterpret_cast<const char*>(utf16_copy) + utf16.length();
-		const UTF16* sourcestart = utf16_copy;
-		const UTF16* sourceend = reinterpret_cast<const UTF16*>(utf16_copy_end);
-
-		UTF8* targetstart = reinterpret_cast<UTF8*>(&resultstring[0]);
-		UTF8* targetend = targetstart + utf8size;
-
-		ConversionResult res = ConvertUTF16toUTF8(&sourcestart,
-		                                          sourceend,
-		                                          &targetstart,
-		                                          targetend,
-		                                          lenientConversion);
-		if ( res != conversionOK )
-			{
-			bro_analyzer()->Weird("utf16_conversion_failed");
-			// If the conversion didn't go well, return the original data.
-			return bytestring_to_val(utf16);
-			}
-
-		*targetstart = 0;
-
-		// We're relying on no nulls being in the string.
-		//return new StringVal(resultstring.length(), (const char *) resultstring.data());
-		return new StringVal(resultstring.c_str());
-		%}
-
 	# This is replicated from the SMB analyzer. :(
 	function filetime2brotime(ts: uint64): Val
 		%{
@@ -83,19 +32,19 @@ refine connection NTLM_Conn += {
 			switch ( ${val.pairs[i].id} ) 
 				{
 				case 1:
-					result->Assign(0, utf16_to_utf8_val(${val.pairs[i].nb_computer_name.data}));
+					result->Assign(0, utf16_bytestring_to_utf8_val(${val.pairs[i].nb_computer_name.data}));
 					break;
 				case 2:
-					result->Assign(1, utf16_to_utf8_val(${val.pairs[i].nb_domain_name.data}));
+					result->Assign(1, utf16_bytestring_to_utf8_val(${val.pairs[i].nb_domain_name.data}));
 					break;
 				case 3:
-					result->Assign(2, utf16_to_utf8_val(${val.pairs[i].dns_computer_name.data}));
+					result->Assign(2, utf16_bytestring_to_utf8_val(${val.pairs[i].dns_computer_name.data}));
 					break;
 				case 4:
-					result->Assign(3, utf16_to_utf8_val(${val.pairs[i].dns_domain_name.data}));
+					result->Assign(3, utf16_bytestring_to_utf8_val(${val.pairs[i].dns_domain_name.data}));
 					break;
 				case 5:
-					result->Assign(4, utf16_to_utf8_val(${val.pairs[i].dns_tree_name.data}));
+					result->Assign(4, utf16_bytestring_to_utf8_val(${val.pairs[i].dns_tree_name.data}));
 					break;
 				case 6:
 					result->Assign(5, new Val(${val.pairs[i].constrained_auth}, TYPE_BOOL));
@@ -107,7 +56,7 @@ refine connection NTLM_Conn += {
 					result->Assign(7, new Val(${val.pairs[i].single_host.machine_id}, TYPE_COUNT));
 					break;
 				case 9:
-					result->Assign(8, utf16_to_utf8_val(${val.pairs[i].target_name.data}));
+					result->Assign(8, utf16_bytestring_to_utf8_val(${val.pairs[i].target_name.data}));
 					break;
 				}
 			}
@@ -149,10 +98,10 @@ refine connection NTLM_Conn += {
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
 
 		if ( ${val.flags.negotiate_oem_domain_supplied} )
-		        result->Assign(1, utf16_to_utf8_val(${val.domain_name.string.data}));
+		        result->Assign(1, utf16_bytestring_to_utf8_val(${val.domain_name.string.data}));
 
 		if ( ${val.flags.negotiate_oem_workstation_supplied} )
-		        result->Assign(2, utf16_to_utf8_val(${val.workstation.string.data}));
+		        result->Assign(2, utf16_bytestring_to_utf8_val(${val.workstation.string.data}));
 
 		if ( ${val.flags.negotiate_version} )
 		        result->Assign(3, build_version_record(${val.version}));
@@ -170,7 +119,7 @@ refine connection NTLM_Conn += {
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
 
 		if ( ${val.flags.request_target} )
-			result->Assign(1, utf16_to_utf8_val(${val.target_name.string.data}));
+			result->Assign(1, utf16_bytestring_to_utf8_val(${val.target_name.string.data}));
 
 		if ( ${val.flags.negotiate_version} )
 			result->Assign(2, build_version_record(${val.version}));
@@ -191,13 +140,13 @@ refine connection NTLM_Conn += {
 		result->Assign(0, build_negotiate_flag_record(${val.flags}));
 
 		if ( ${val.domain_name_fields.length} > 0 )
-			result->Assign(1, utf16_to_utf8_val(${val.domain_name.string.data}));
+			result->Assign(1, utf16_bytestring_to_utf8_val(${val.domain_name.string.data}));
 
 		if ( ${val.user_name_fields.length} > 0 )
-			result->Assign(2, utf16_to_utf8_val(${val.user_name.string.data}));
+			result->Assign(2, utf16_bytestring_to_utf8_val(${val.user_name.string.data}));
 
 		if ( ${val.workstation_fields.length} > 0 )
-			result->Assign(3, utf16_to_utf8_val(${val.workstation.string.data}));
+			result->Assign(3, utf16_bytestring_to_utf8_val(${val.workstation.string.data}));
 
 		if ( ${val.flags.negotiate_version} )
 			result->Assign(4, build_version_record(${val.version}));
diff --git a/src/analyzer/protocol/rdp/rdp-analyzer.pac b/src/analyzer/protocol/rdp/rdp-analyzer.pac
index fdfb8c44fc..8362eed693 100644
--- a/src/analyzer/protocol/rdp/rdp-analyzer.pac
+++ b/src/analyzer/protocol/rdp/rdp-analyzer.pac
@@ -1,54 +1,9 @@
 %extern{
-#include "ConvertUTF.h"
 #include "file_analysis/Manager.h"
 #include "types.bif.h"
 %}
 
 refine flow RDP_Flow += {
-
-	function utf16_to_utf8_val(utf16: bytestring): StringVal
-		%{
-		std::string resultstring;
-
-		size_t utf8size = (3 * utf16.length() + 1);
-
-		if ( utf8size > resultstring.max_size() )
-			{
-			connection()->bro_analyzer()->Weird("excessive_utf16_length");
-			return new StringVal("");
-			}
-
-		resultstring.resize(utf8size, '\0');
-
-		// We can't assume that the string data is properly aligned
-		// here, so make a copy.
-		UTF16 utf16_copy[utf16.length()]; // Twice as much memory than necessary.
-		memcpy(utf16_copy, utf16.begin(), utf16.length());
-
-		const char* utf16_copy_end = reinterpret_cast<const char*>(utf16_copy) + utf16.length();
-		const UTF16* sourcestart = utf16_copy;
-		const UTF16* sourceend = reinterpret_cast<const UTF16*>(utf16_copy_end);
-
-		UTF8* targetstart = reinterpret_cast<UTF8*>(&resultstring[0]);
-		UTF8* targetend = targetstart + utf8size;
-
-		ConversionResult res = ConvertUTF16toUTF8(&sourcestart,
-		                                          sourceend,
-		                                          &targetstart,
-		                                          targetend,
-		                                          lenientConversion);
-		if ( res != conversionOK )
-			{
-			connection()->bro_analyzer()->Weird("Failed UTF-16 to UTF-8 conversion");
-			return new StringVal(utf16.length(), (const char *) utf16.begin());
-			}
-
-		*targetstart = 0;
-
-		// We're relying on no nulls being in the string.
-		return new StringVal(resultstring.c_str());
-		%}
-
 	function proc_rdp_connect_request(cr: Connect_Request): bool
 		%{
 		if ( rdp_connect_request )
@@ -125,18 +80,18 @@ refine flow RDP_Flow += {
 			ccd->Assign(5, new Val(${ccore.sas_sequence}, TYPE_COUNT));
 			ccd->Assign(6, new Val(${ccore.keyboard_layout}, TYPE_COUNT));
 			ccd->Assign(7, new Val(${ccore.client_build}, TYPE_COUNT));
-			ccd->Assign(8, utf16_to_utf8_val(${ccore.client_name}));
+			ccd->Assign(8, utf16_bytestring_to_utf8_val(${ccore.client_name}));
 			ccd->Assign(9, new Val(${ccore.keyboard_type}, TYPE_COUNT));
 			ccd->Assign(10, new Val(${ccore.keyboard_sub}, TYPE_COUNT));
 			ccd->Assign(11, new Val(${ccore.keyboard_function_key}, TYPE_COUNT));
-			ccd->Assign(12, utf16_to_utf8_val(${ccore.ime_file_name}));
+			ccd->Assign(12, utf16_bytestring_to_utf8_val(${ccore.ime_file_name}));
 			ccd->Assign(13, new Val(${ccore.post_beta2_color_depth}, TYPE_COUNT));
 			ccd->Assign(14, new Val(${ccore.client_product_id}, TYPE_COUNT));
 			ccd->Assign(15, new Val(${ccore.serial_number}, TYPE_COUNT));
 			ccd->Assign(16, new Val(${ccore.high_color_depth}, TYPE_COUNT));
 			ccd->Assign(17, new Val(${ccore.supported_color_depths}, TYPE_COUNT));
 			ccd->Assign(18, ec_flags);
-			ccd->Assign(19, utf16_to_utf8_val(${ccore.dig_product_id}));
+			ccd->Assign(19, utf16_bytestring_to_utf8_val(${ccore.dig_product_id}));
 
 			BifEvent::generate_rdp_client_core_data(connection()->bro_analyzer(),
 			                                        connection()->bro_analyzer()->Conn(),
diff --git a/src/binpac_bro-lib.pac b/src/binpac_bro-lib.pac
index c7cee6dc98..55d1699b16 100644
--- a/src/binpac_bro-lib.pac
+++ b/src/binpac_bro-lib.pac
@@ -1,5 +1,9 @@
 %extern{
+#include "binpac_bro.h"
 #include "util.h"
+#include "Reporter.h"
+#include "Val.h"
+#include "ConvertUTF.h"
 %}
 
 function network_time(): double
@@ -7,3 +11,48 @@ function network_time(): double
 	return ::network_time;
 	%}
 
+function utf16_bytestring_to_utf8_val(utf16: bytestring): StringVal
+	%{
+	std::string resultstring;
+
+	size_t utf8size = (3 * utf16.length() + 1);
+
+	if ( utf8size > resultstring.max_size() )
+		{
+		reporter->Info("utf16 too long in utf16_bytestring_to_utf8_val");
+		// If the conversion didn't go well, return the original data.
+		return bytestring_to_val(utf16);
+		}
+
+	resultstring.resize(utf8size, '\0');
+
+	// We can't assume that the string data is properly aligned
+	// here, so make a copy.
+	UTF16 utf16_copy[utf16.length()]; // Twice as much memory than necessary.
+	memcpy(utf16_copy, utf16.begin(), utf16.length());
+
+	const char* utf16_copy_end = reinterpret_cast<const char*>(utf16_copy) + utf16.length();
+	const UTF16* sourcestart = utf16_copy;
+	const UTF16* sourceend = reinterpret_cast<const UTF16*>(utf16_copy_end);
+
+	UTF8* targetstart = reinterpret_cast<UTF8*>(&resultstring[0]);
+	UTF8* targetend = targetstart + utf8size;
+
+	ConversionResult res = ConvertUTF16toUTF8(&sourcestart,
+	                                          sourceend,
+	                                          &targetstart,
+	                                          targetend,
+	                                          lenientConversion);
+	if ( res != conversionOK )
+		{
+		reporter->Info("utf16 conversion failed in utf16_bytestring_to_utf8_val");
+		// If the conversion didn't go well, return the original data.
+		return bytestring_to_val(utf16);
+		}
+
+	*targetstart = 0;
+
+	// We're relying on no nulls being in the string.
+	//return new StringVal(resultstring.length(), (const char *) resultstring.data());
+	return new StringVal(resultstring.c_str());
+	%}
diff --git a/src/bro.pac b/src/bro.pac
index b622041c12..8c25761a1a 100644
--- a/src/bro.pac
+++ b/src/bro.pac
@@ -8,3 +8,4 @@ extern type BroPortVal;
 extern type BroStringVal;
 
 function network_time(): double;
+function utf16_bytestring_to_utf8_val(utf16: bytestring): StringVal;

From 78d9e38167662a5b6f04a80c51a6112c99587de2 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 4 Apr 2016 15:07:01 -0400
Subject: [PATCH 54/84] Fix a small bug with scriptland data types that led to
 a crash.

---
 scripts/base/init-bare.bro                       | 2 --
 src/analyzer/protocol/smb/smb1-com-negotiate.pac | 7 +++----
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro
index 464cee886f..77db2ed761 100644
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@@ -2552,8 +2552,6 @@ export {
 	};
 
 	type SMB1::NegotiateResponseCore: record {
-		## Count of parameter words (should be 1)
-		word_count	: count;
 		## Index of selected dialect
 		dialect_index	: count;
 	};
diff --git a/src/analyzer/protocol/smb/smb1-com-negotiate.pac b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
index 17b6242a01..74941694ff 100644
--- a/src/analyzer/protocol/smb/smb1-com-negotiate.pac
+++ b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
@@ -74,12 +74,11 @@ refine connection SMB_Conn += {
 				{
 				case 0x01:
 					core = new RecordVal(BifType::Record::SMB1::NegotiateResponseCore);
-					core->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
-					core->Assign(1, new Val(${val.dialect_index}, TYPE_COUNT));
-					core->Assign(2, new Val(${val.core.byte_count}, TYPE_COUNT));
-
+					core->Assign(0, new Val(${val.dialect_index}, TYPE_COUNT));
+					
 					response->Assign(0, core);
 					break;
+
 				case 0x0d:
 					security = new RecordVal(BifType::Record::SMB1::NegotiateResponseSecurity);
 					security->Assign(0, new Val(${val.lanman.security_user_level}, TYPE_BOOL));

From 017fa133931ef76d9e5219666530fc441c6127ea Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 4 Apr 2016 15:20:03 -0400
Subject: [PATCH 55/84] Fix mime type identification for Windows LNK files.

---
 scripts/base/frameworks/files/magic/general.sig | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/base/frameworks/files/magic/general.sig b/scripts/base/frameworks/files/magic/general.sig
index 268412ff05..72b04888db 100644
--- a/scripts/base/frameworks/files/magic/general.sig
+++ b/scripts/base/frameworks/files/magic/general.sig
@@ -87,7 +87,7 @@ signature file-f4m {
 # Microsoft LNK files
 signature file-lnk {
 	file-mime "application/x-ms-shortcut", 49
-	file-magic /^\x4C\x00\x00\x00\x01\x14\x02\x00\x00\x00\x00\x00\xC0\x00\x00\x00\x00\x10\x00\x00\x00\x46/
+	file-magic /^\x4c\x00\x00\x00\x01\x14\x02\x00\x00\x00\x00\x00\xc0\x00\x00\x00\x00\x00\x00\x46/
 }
 
 signature file-jar {
@@ -269,4 +269,4 @@ signature file-elf-sharedlib {
 signature file-elf-coredump {
 	file-mime "application/x-coredump", 50
 	file-magic /\x7fELF[\x01\x02](\x01.{10}\x04\x00|\x02.{10}\x00\x04)/
-}
+}
\ No newline at end of file

From caa28bc3c5645bbebf2e1073bd48c414ceeedd8c Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 4 Apr 2016 15:20:33 -0400
Subject: [PATCH 56/84] More clean up and fixing for DCE_RPC.

---
 .../protocol/dce-rpc/dce_rpc-protocol.pac     |  2 +-
 src/analyzer/protocol/dce-rpc/dce_rpc.pac     |  5 +-
 src/analyzer/protocol/dce-rpc/events.bif      | 27 ++------
 src/analyzer/protocol/smb/smb-pipe.pac        | 61 +------------------
 src/analyzer/protocol/smb/smb2-com-ioctl.pac  |  6 +-
 5 files changed, 13 insertions(+), 88 deletions(-)

diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
index 037adbf42c..fe04d1f0dd 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
@@ -60,7 +60,7 @@ type NDR_Format = record {
 	byteorder = (intchar >> 4) ? littleendian : bigendian;
 };
 
-#### There might be a endianness problem here: the frag_length
+# There might be a endianness problem here: the frag_length
 # causes problems despite the NDR_Format having a byteorder set.
 
 type DCE_RPC_Header(is_orig: bool) = record {
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc.pac b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
index b36916635d..607ef58d07 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
@@ -2,8 +2,8 @@
 %include bro.pac
 
 %extern{
-	#include "types.bif.h"
-	#include "events.bif.h"
+#include "types.bif.h"
+#include "events.bif.h"
 %}
 
 analyzer DCE_RPC withcontext {
@@ -15,7 +15,6 @@ connection DCE_RPC_Conn(bro_analyzer: BroAnalyzer) {
 	upflow   = DCE_RPC_Flow(true);
 	downflow = DCE_RPC_Flow(false);
 };
-
 %include dce_rpc-protocol.pac
 
 # Now we define the flow:
diff --git a/src/analyzer/protocol/dce-rpc/events.bif b/src/analyzer/protocol/dce-rpc/events.bif
index 0a8eb7ca4a..d89727ec70 100644
--- a/src/analyzer/protocol/dce-rpc/events.bif
+++ b/src/analyzer/protocol/dce-rpc/events.bif
@@ -1,32 +1,15 @@
-## TODO.
-##
-## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_request
-##    dce_rpc_response rpc_timeout
+## .. bro:see:: dce_rpc_bind dce_rpc_bind_ack dce_rpc_request dce_rpc_response
 event dce_rpc_message%(c: connection, is_orig: bool, ptype_id: count, ptype: DCE_RPC::PType%);
 
-## TODO.
-##
-## .. bro:see:: rpc_call rpc_dialogue rpc_reply  dce_rpc_message dce_rpc_request
-##    dce_rpc_response rpc_timeout
+## .. bro:see:: dce_rpc_message dce_rpc_bind_ack dce_rpc_request dce_rpc_response
 event dce_rpc_bind%(c: connection, uuid: string, ver_major: count, ver_minor: count%);
 
+## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_request dce_rpc_response
 event dce_rpc_bind_ack%(c: connection, sec_addr: string%);
 
-## TODO.
-##
-## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
-##    dce_rpc_response rpc_timeout
+## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_bind_ack dce_rpc_response
 event dce_rpc_request%(c: connection, opnum: count, stub_len: count%);
 
-## TODO.
-##
-## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
-##    dce_rpc_request  rpc_timeout
+## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_bind_ack dce_rpc_request
 event dce_rpc_response%(c: connection, opnum: count, stub_len: count%);
 
-## TODO.
-##
-## .. bro:see:: rpc_call rpc_dialogue rpc_reply dce_rpc_bind dce_rpc_message
-##    dce_rpc_request dce_rpc_response rpc_timeout
-event epm_map_response%(c: connection, uuid: string, p: port, h: addr%);
-
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index b7a64c1924..3ec7958ce8 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -24,63 +24,4 @@ refine connection SMB_Conn += {
 			dcerpc->DeliverStream(${pipe_data}.length(), ${pipe_data}.begin(), is_orig);
 		return true;
 		%}
-};
-
-
-#type SMB_Pipe_message(header: SMB_Header, byte_count: uint16) = record { 
-#	rpc_header : DCE_RPC_Header;
-#	rpc_body   : DCE_RPC_Body(rpc_header);
-#	pipe_type: case $context.connection.determine_pipe_msg_type(rpc, opnum) of {
-#		1       -> atsvc_request : AT_SVC_Request(unicode, opnum);
-#		2       -> atsvc_reply   : AT_SVC_Reply(unicode, opnum);
-#		default -> unknown       : bytestring &restofdata; 
-#	};
-#} &let {
-#	proc: bool = $context.connection.proc_smb_pipe_message(this, header);
-#} &byteorder = littleendian;
-#
-#type SMB_RAP_message(unicode: bool, byte_count: uint16) = record { 
-#	rap_code   : uint16;
-#	param_desc : SMB_string(unicode, offsetof(param_desc));
-#	data_desc  : SMB_string(unicode, offsetof(data_desc));
-#	data       : bytestring &restofdata; 
-#} &byteorder = littleendian;
-
-type AT_SVC_Request(unicode: bool, opnum: uint8) = record {
-	empty: padding[1];
-	op: case opnum of {
-		0       -> add     : AT_SVC_NetrJobAdd(unicode);
-		default -> unknown : bytestring &restofdata;
-	};
-};
-
-type AT_SVC_String_Pointer(unicode: bool) = record {
-	referent_id  : uint32;
-	max_count    : uint32;
-	offset       : uint32;
-	actual_count : uint32;
-	string       : SMB_string(unicode, offsetof(string));
-};
-
-type AT_SVC_NetrJobAdd(unicode: bool) = record {
-	server        : AT_SVC_String_Pointer(unicode);
-	unknown       : padding[2];
-	job_time      : uint32;
-	days_of_month : uint32;
-	days_of_week  : uint8;
-	flags         : uint8;
-	unknown2      : padding[2];
-	command       : AT_SVC_String_Pointer(unicode);
-};
-
-type AT_SVC_Reply(unicode: bool, opnum: uint16) = record {
-	op: case opnum of {
-		0       -> add:     AT_SVC_JobID(unicode);
-		default -> unknown: bytestring &restofdata;
-	};
-};
-
-type AT_SVC_JobID(unicode: bool) = record {
-	id     : uint32;
-	status : uint32;
-};
+};
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb2-com-ioctl.pac b/src/analyzer/protocol/smb/smb2-com-ioctl.pac
index 59caf02ac2..8a54959097 100644
--- a/src/analyzer/protocol/smb/smb2-com-ioctl.pac
+++ b/src/analyzer/protocol/smb/smb2-com-ioctl.pac
@@ -20,7 +20,8 @@ type SMB2_ioctl_request(header: SMB2_Header) = record {
 	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
 	output_buffer     : bytestring &length=output_count;
 } &let {
-	is_pipe: bool = ((ctl_code >> 16) == 0x11);
+	# We only handle FSCTL_PIPE_TRANSCEIVE messages right now.
+	is_pipe: bool = (ctl_code == 0x0011C017);
 	pipe_proc : bool = $context.connection.forward_dce_rpc(input_buffer, true) &if(is_pipe);
 };
 
@@ -40,6 +41,7 @@ type SMB2_ioctl_response(header: SMB2_Header) = record {
 	pad2              : bytestring &transient &length=((output_offset == 0 || output_offset == input_offset) ? 0 : (offsetof(pad2) + header.head_length - output_offset));
 	output_buffer     : bytestring &length=output_count;
 } &let {
-	is_pipe: bool = ((ctl_code >> 16) == 0x11);
+	# We only handle FSCTL_PIPE_TRANSCEIVE messages right now.
+	is_pipe: bool = (ctl_code == 0x0011C017);
 	pipe_proc : bool = $context.connection.forward_dce_rpc(output_buffer, false) &if(is_pipe);
 };
\ No newline at end of file

From 003b32f9045f756cff90181dcbe0781992f0e8f2 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 6 Apr 2016 12:37:09 -0400
Subject: [PATCH 57/84] Fixes to DCE_RPC analysis

 - Previously there was an (incorrect) assumption that a TCP conneciton
   would only ever have one DCE_RPC binding.  That assumption was
   incorrect and with named pipes over SMB there can be multiple
   concurrent DCE_RPC bindings.  This commit fixes that assumption by
   dynamically creating a new DCE_RPC analyzer whenever a new, unknown
   binding is created.
 - There is a crash fix in how string handling in the bind_ack message
   was done.
 - Named pipe handling over SMB1 is still not working quite right
   and problems will show up with multiplexed DCE_RPC bindings.
---
 scripts/base/protocols/dce-rpc/main.bro       | 63 +++++++++++++------
 src/analyzer/protocol/dce-rpc/DCE_RPC.h       |  3 +
 .../protocol/dce-rpc/dce_rpc-analyzer.pac     | 23 ++++++-
 src/analyzer/protocol/dce-rpc/events.bif      | 10 +--
 src/analyzer/protocol/smb/smb-gssapi.pac      | 12 ++++
 src/analyzer/protocol/smb/smb-pipe.pac        | 32 +++++++++-
 src/analyzer/protocol/smb/smb.pac             | 19 ------
 .../protocol/smb/smb1-com-read-andx.pac       |  2 +-
 .../protocol/smb/smb1-com-transaction.pac     |  2 +-
 .../protocol/smb/smb1-com-write-andx.pac      |  2 +-
 src/analyzer/protocol/smb/smb2-com-ioctl.pac  | 30 ++++++++-
 src/analyzer/protocol/smb/smb2-com-read.pac   | 30 +++++++--
 src/analyzer/protocol/smb/smb2-com-write.pac  |  2 +-
 13 files changed, 171 insertions(+), 59 deletions(-)

diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index bd173a8b7d..795f575605 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -36,9 +36,15 @@ type State: record {
 	named_pipe : string &optional;
 };
 
+type Stuff: record {
+	info: Info;
+	state: State;
+};
+
 redef record connection += {
 	dce_rpc: Info &optional;
-	dce_rpc_state: State &default=State();
+	dce_rpc_state: State &optional;
+	dce_rpc_state_x: table[count] of Stuff &optional;
 };
 
 const ports = { 135/tcp };
@@ -50,14 +56,10 @@ event bro_init() &priority=5
 	Analyzer::register_for_ports(Analyzer::ANALYZER_DCE_RPC, ports);
 	}
 
-function set_session(c: connection)
+function set_state(c: connection, state_x: Stuff)
 	{
-	if ( ! c?$dce_rpc )
-		{
-		c$dce_rpc = [$ts=network_time(),
-		             $id=c$id,
-		             $uid=c$uid];
-		}
+	c$dce_rpc = state_x$info;
+	c$dce_rpc_state = state_x$state;
 
 	if ( c$dce_rpc_state?$uuid )
 		c$dce_rpc$endpoint = uuid_endpoint_map[c$dce_rpc_state$uuid];
@@ -65,9 +67,25 @@ function set_session(c: connection)
 		c$dce_rpc$named_pipe = c$dce_rpc_state$named_pipe;
 	}
 
-event dce_rpc_bind(c: connection, uuid: string, ver_major: count, ver_minor: count) &priority=5
+function set_session(c: connection, fid: count)
 	{
-	set_session(c);
+	if ( ! c?$dce_rpc_state_x )
+		{
+		c$dce_rpc_state_x = table();
+		}
+	if ( fid !in c$dce_rpc_state_x )
+		{
+		local info = Info($ts=network_time(),$id=c$id,$uid=c$uid);
+		c$dce_rpc_state_x[fid] = Stuff($info=info, $state=State());
+		}
+
+	local state_x = c$dce_rpc_state_x[fid];
+	set_state(c, state_x);
+	}
+
+event dce_rpc_bind(c: connection, fid: count, uuid: string, ver_major: count, ver_minor: count) &priority=5
+	{
+	set_session(c, fid);
 
 	local uuid_str = uuid_to_string(uuid);
 	if ( uuid_str in ignored_uuids )
@@ -77,9 +95,9 @@ event dce_rpc_bind(c: connection, uuid: string, ver_major: count, ver_minor: cou
 	c$dce_rpc$endpoint = uuid_endpoint_map[uuid_str];
 	}
 
-event dce_rpc_bind_ack(c: connection, sec_addr: string) &priority=5
+event dce_rpc_bind_ack(c: connection, fid: count, sec_addr: string) &priority=5
 	{
-	set_session(c);
+	set_session(c, fid);
 
 	if ( sec_addr != "" )
 		{
@@ -88,19 +106,19 @@ event dce_rpc_bind_ack(c: connection, sec_addr: string) &priority=5
 		}
 	}
 
-event dce_rpc_request(c: connection, opnum: count, stub_len: count) &priority=5
+event dce_rpc_request(c: connection, fid: count, opnum: count, stub_len: count) &priority=5
 	{
-	set_session(c);
+	set_session(c, fid);
 
-	if ( c?$dce_rpc  )
+	if ( c?$dce_rpc )
 		{
 		c$dce_rpc$ts = network_time();
 		}
 	}
 
-event dce_rpc_response(c: connection, opnum: count, stub_len: count) &priority=5
+event dce_rpc_response(c: connection, fid: count, opnum: count, stub_len: count) &priority=5
 	{
-	set_session(c);
+	set_session(c, fid);
 
 	if ( c?$dce_rpc && c$dce_rpc?$endpoint )
 		{
@@ -110,11 +128,11 @@ event dce_rpc_response(c: connection, opnum: count, stub_len: count) &priority=5
 		}
 	}
 
-event dce_rpc_response(c: connection, opnum: count, stub_len: count) &priority=-5
+event dce_rpc_response(c: connection, fid: count, opnum: count, stub_len: count) &priority=-5
 	{
 	if ( c?$dce_rpc )
 		{
-		# If there is not endpoint, there isn't much reason to log.
+		# If there is not an endpoint, there isn't much reason to log.
 		# This can happen if the request isn't seen.
 		if ( c$dce_rpc?$endpoint )
 			Log::write(LOG, c$dce_rpc);
@@ -128,4 +146,11 @@ event connection_state_remove(c: connection)
 		return;
 
 	# TODO: Go through any remaining dce_rpc requests that haven't been processed with replies.
+	for ( i in c$dce_rpc_state_x )
+		{
+		local x = c$dce_rpc_state_x[i];
+		set_state(c, x);
+		if ( c$dce_rpc?$endpoint )
+			Log::write(LOG, c$dce_rpc);
+		}
 	}
\ No newline at end of file
diff --git a/src/analyzer/protocol/dce-rpc/DCE_RPC.h b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
index 984ede8a3c..4f1da1612d 100644
--- a/src/analyzer/protocol/dce-rpc/DCE_RPC.h
+++ b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
@@ -185,6 +185,9 @@ public:
 	virtual void Undelivered(uint64 seq, int len, bool orig);
 	virtual void EndpointEOF(bool is_orig);
 
+	bool SetFileID(uint64 fid_in)
+		{ interp->set_file_id(fid_in); return true; }
+
 	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new DCE_RPC_Analyzer(conn); }
 
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
index dce1340bb5..f2242ca2ac 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
@@ -3,8 +3,19 @@
 refine connection DCE_RPC_Conn += {
 	%member{
 		map<uint16, uint16> cont_id_opnum_map;
+		uint64 fid;
 	%}
 
+	%init{
+		fid=0;
+	%}
+
+	function set_file_id(fid_in: uint64): bool
+		%{
+		fid = fid_in;
+		return true;
+		%}
+
 	function get_cont_id_opnum_map(cont_id: uint16): uint16
 		%{
 		return cont_id_opnum_map[cont_id];
@@ -30,6 +41,7 @@ refine connection DCE_RPC_Conn += {
 			BifEvent::generate_dce_rpc_message(bro_analyzer(),
 			                                   bro_analyzer()->Conn(),
 			                                   ${header.is_orig},
+			                                   fid,
 			                                   ${header.PTYPE},
 			                                   new EnumVal(${header.PTYPE}, BifType::Enum::DCE_RPC::PType));
 			}
@@ -52,6 +64,7 @@ refine connection DCE_RPC_Conn += {
 				// Queue the event
 				BifEvent::generate_dce_rpc_bind(bro_analyzer(),
 				                                bro_analyzer()->Conn(),
+				                                fid,
 				                                bytestring_to_val(${uuid}),
 				                                ${ver_major},
 				                                ${ver_minor});
@@ -67,13 +80,19 @@ refine connection DCE_RPC_Conn += {
 			{
 			StringVal *sec_addr;
 			// Remove the null from the end of the string if it's there.
-			if ( *(${bind.sec_addr}.begin() + ${bind.sec_addr}.length()) == 0 )
+			if ( ${bind.sec_addr}.length() > 0 &&
+			     *(${bind.sec_addr}.begin() + ${bind.sec_addr}.length()) == 0 )
+				{
 				sec_addr = new StringVal(${bind.sec_addr}.length()-1, (const char*) ${bind.sec_addr}.begin());
+				}
 			else
+				{
 				sec_addr = new StringVal(${bind.sec_addr}.length(), (const char*) ${bind.sec_addr}.begin());
+				}
 
 			BifEvent::generate_dce_rpc_bind_ack(bro_analyzer(),
 			                                    bro_analyzer()->Conn(),
+			                                    fid,
 			                                    sec_addr);
 			}
 		return true;
@@ -85,6 +104,7 @@ refine connection DCE_RPC_Conn += {
 			{
 			BifEvent::generate_dce_rpc_request(bro_analyzer(),
 			                                   bro_analyzer()->Conn(),
+			                                   fid,
 			                                   ${req.opnum},
 			                                   ${req.stub}.length());
 			}
@@ -100,6 +120,7 @@ refine connection DCE_RPC_Conn += {
 			{
 			BifEvent::generate_dce_rpc_response(bro_analyzer(),
 			                                    bro_analyzer()->Conn(),
+			                                    fid,
 			                                    get_cont_id_opnum_map(${resp.context_id}),
 			                                    ${resp.stub}.length());
 			}
diff --git a/src/analyzer/protocol/dce-rpc/events.bif b/src/analyzer/protocol/dce-rpc/events.bif
index d89727ec70..44e0a64224 100644
--- a/src/analyzer/protocol/dce-rpc/events.bif
+++ b/src/analyzer/protocol/dce-rpc/events.bif
@@ -1,15 +1,15 @@
 ## .. bro:see:: dce_rpc_bind dce_rpc_bind_ack dce_rpc_request dce_rpc_response
-event dce_rpc_message%(c: connection, is_orig: bool, ptype_id: count, ptype: DCE_RPC::PType%);
+event dce_rpc_message%(c: connection, is_orig: bool, fid: count, ptype_id: count, ptype: DCE_RPC::PType%);
 
 ## .. bro:see:: dce_rpc_message dce_rpc_bind_ack dce_rpc_request dce_rpc_response
-event dce_rpc_bind%(c: connection, uuid: string, ver_major: count, ver_minor: count%);
+event dce_rpc_bind%(c: connection, fid: count, uuid: string, ver_major: count, ver_minor: count%);
 
 ## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_request dce_rpc_response
-event dce_rpc_bind_ack%(c: connection, sec_addr: string%);
+event dce_rpc_bind_ack%(c: connection, fid: count, sec_addr: string%);
 
 ## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_bind_ack dce_rpc_response
-event dce_rpc_request%(c: connection, opnum: count, stub_len: count%);
+event dce_rpc_request%(c: connection, fid: count, opnum: count, stub_len: count%);
 
 ## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_bind_ack dce_rpc_request
-event dce_rpc_response%(c: connection, opnum: count, stub_len: count%);
+event dce_rpc_response%(c: connection, fid: count, opnum: count, stub_len: count%);
 
diff --git a/src/analyzer/protocol/smb/smb-gssapi.pac b/src/analyzer/protocol/smb/smb-gssapi.pac
index 9372df7f47..741f5c5523 100644
--- a/src/analyzer/protocol/smb/smb-gssapi.pac
+++ b/src/analyzer/protocol/smb/smb-gssapi.pac
@@ -1,5 +1,17 @@
 
 refine connection SMB_Conn += {
+	%member{
+		analyzer::Analyzer *gssapi;
+	%}
+
+	%init{
+		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
+	%}
+
+	%cleanup{
+		if ( gssapi )
+			delete gssapi;
+	%}
 
 	function forward_gssapi(data: bytestring, is_orig: bool): bool
 		%{
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index 3ec7958ce8..6f55d66082 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -1,9 +1,23 @@
+%extern{
+#include "../dce-rpc/DCE_RPC.h"
+%}
 
 refine connection SMB_Conn += {
 	%member{
 		map<uint16,bool> tree_is_pipe_map;
+		map<uint64,analyzer::dce_rpc::DCE_RPC_Analyzer*> fid_to_analyzer_map;
 	%}
 
+	%cleanup{
+		// Iterate all of the analyzers and destroy them.
+		for ( auto kv : fid_to_analyzer_map )
+			{
+			if ( kv.second )
+				delete kv.second;
+			}
+	%}
+
+
 	function get_tree_is_pipe(tree_id: uint16): bool
 		%{
 		if ( tree_is_pipe_map.count(tree_id) > 0 )
@@ -18,10 +32,22 @@ refine connection SMB_Conn += {
 		return true;
 		%}
 
-	function forward_dce_rpc(pipe_data: bytestring, is_orig: bool): bool
+	function forward_dce_rpc(pipe_data: bytestring, fid: uint64, is_orig: bool): bool
 		%{
-		if ( dcerpc )
-			dcerpc->DeliverStream(${pipe_data}.length(), ${pipe_data}.begin(), is_orig);
+		analyzer::dce_rpc::DCE_RPC_Analyzer *pipe_dcerpc;
+		if ( fid_to_analyzer_map.count(fid) == 0 )
+			{
+			pipe_dcerpc = (analyzer::dce_rpc::DCE_RPC_Analyzer *)analyzer_mgr->InstantiateAnalyzer("DCE_RPC", bro_analyzer()->Conn());
+			pipe_dcerpc->SetFileID(fid);
+			fid_to_analyzer_map[fid] = pipe_dcerpc;
+			}
+		else
+			{
+			pipe_dcerpc = fid_to_analyzer_map.at(fid);
+			}
+
+		pipe_dcerpc->DeliverStream(${pipe_data}.length(), ${pipe_data}.begin(), is_orig);
+
 		return true;
 		%}
 };
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index e6f63db25c..3ac9d40bd5 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -135,22 +135,3 @@ type SMB_Protocol_Identifier(is_orig: bool, msg_len: uint32) = record {
 flow SMB_Flow(is_orig: bool) {
 	flowunit = SMB_TCP(is_orig) withcontext(connection, this);
 };
-
-refine connection SMB_Conn += {
-	%member{
-		analyzer::Analyzer *dcerpc;
-		analyzer::Analyzer *gssapi;
-	%}
-
-	%init{
-		dcerpc = analyzer_mgr->InstantiateAnalyzer("DCE_RPC", bro_analyzer->Conn());
-		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
-	%}
-
-	%cleanup{
-		if ( dcerpc )
-			delete dcerpc;
-		if ( gssapi )
-			delete gssapi;
-	%}
-};
diff --git a/src/analyzer/protocol/smb/smb1-com-read-andx.pac b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
index 2b83fed1dc..490fbe75fe 100644
--- a/src/analyzer/protocol/smb/smb1-com-read-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-read-andx.pac
@@ -83,7 +83,7 @@ type SMB1_read_andx_response(header: SMB_Header) = record {
 	data              : bytestring &length=data_len;
 } &let {
 	is_pipe     : bool   = $context.connection.get_tree_is_pipe(header.tid);
-	pipe_proc   : bool   = $context.connection.forward_dce_rpc(data, false) &if(is_pipe);
+	pipe_proc   : bool   = $context.connection.forward_dce_rpc(data, 0, false) &if(is_pipe);
 
 	padding_len : uint8  = (header.unicode == 1) ? 1 : 0;
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index 7319cf8954..40d9657378 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -70,7 +70,7 @@ type SMB1_transaction_data(header: SMB_Header, is_orig: bool, count: uint16, sub
 	SMB_UNKNOWN         -> unknown   : bytestring &restofdata &transient;
 	default             -> data      : bytestring &restofdata &transient;
 } &let {
-	pipe_proc : bool = $context.connection.forward_dce_rpc(pipe_data, is_orig) &if(trans_type == SMB_PIPE);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(pipe_data, 0, is_orig) &if(trans_type == SMB_PIPE);
 };
 
 type SMB1_transaction_setup(header: SMB_Header) = record {
diff --git a/src/analyzer/protocol/smb/smb1-com-write-andx.pac b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
index 3d4e160968..3905b7293a 100644
--- a/src/analyzer/protocol/smb/smb1-com-write-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-write-andx.pac
@@ -55,7 +55,7 @@ type SMB1_write_andx_request(header: SMB_Header) = record {
 	data          : bytestring &length=data_len;
 } &let {
 	is_pipe     : bool   = $context.connection.get_tree_is_pipe(header.tid);
-	pipe_proc   : bool   = $context.connection.forward_dce_rpc(data, true) &if(is_pipe);
+	pipe_proc   : bool   = $context.connection.forward_dce_rpc(data, 0, true) &if(is_pipe);
 
 	data_len    : uint32 = (data_len_high << 16) + data_len_low;
 	offset_high : uint32 = (word_count == 0x0E) ? offset_high_tmp : 0;
diff --git a/src/analyzer/protocol/smb/smb2-com-ioctl.pac b/src/analyzer/protocol/smb/smb2-com-ioctl.pac
index 8a54959097..1d1e6ad8ea 100644
--- a/src/analyzer/protocol/smb/smb2-com-ioctl.pac
+++ b/src/analyzer/protocol/smb/smb2-com-ioctl.pac
@@ -1,4 +1,25 @@
 refine connection SMB_Conn += {
+	%member{
+		std::map<uint64,uint64> smb2_ioctl_fids;
+	%}
+
+	function get_ioctl_fid(message_id: uint64): uint64
+		%{
+		if ( smb2_ioctl_fids.count(message_id) == 0 )
+			return 0;
+		else
+			{
+			uint64 fid = smb2_ioctl_fids[message_id];
+			smb2_ioctl_fids.erase(message_id);
+			return fid;
+			}
+		%}
+
+	function proc_smb2_ioctl_request(val: SMB2_ioctl_request) : bool
+		%{
+		smb2_ioctl_fids[${val.header.message_id}] = ${val.file_id.persistent} + ${val.file_id._volatile};
+		return true;
+		%}
 	
 };
 
@@ -22,7 +43,9 @@ type SMB2_ioctl_request(header: SMB2_Header) = record {
 } &let {
 	# We only handle FSCTL_PIPE_TRANSCEIVE messages right now.
 	is_pipe: bool = (ctl_code == 0x0011C017);
-	pipe_proc : bool = $context.connection.forward_dce_rpc(input_buffer, true) &if(is_pipe);
+	fid: uint64 = file_id.persistent + file_id._volatile;
+	pipe_proc : bool = $context.connection.forward_dce_rpc(input_buffer, fid, true) &if(is_pipe);
+	proc : bool = $context.connection.proc_smb2_ioctl_request(this);
 };
 
 type SMB2_ioctl_response(header: SMB2_Header) = record {
@@ -42,6 +65,7 @@ type SMB2_ioctl_response(header: SMB2_Header) = record {
 	output_buffer     : bytestring &length=output_count;
 } &let {
 	# We only handle FSCTL_PIPE_TRANSCEIVE messages right now.
-	is_pipe: bool = (ctl_code == 0x0011C017);
-	pipe_proc : bool = $context.connection.forward_dce_rpc(output_buffer, false) &if(is_pipe);
+	is_pipe   : bool = (ctl_code == 0x0011C017);
+	fid       : uint64 = $context.connection.get_ioctl_fid(header.message_id);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(output_buffer, fid, false) &if(is_pipe);
 };
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb2-com-read.pac b/src/analyzer/protocol/smb/smb2-com-read.pac
index 10e3a98acf..b3601b3d67 100644
--- a/src/analyzer/protocol/smb/smb2-com-read.pac
+++ b/src/analyzer/protocol/smb/smb2-com-read.pac
@@ -4,8 +4,21 @@ refine connection SMB_Conn += {
 		// Track read offsets to provide correct 
 		// offsets for file manager.
 		std::map<uint16,uint64> smb2_read_offsets;
+		std::map<uint64,uint64> smb2_read_fids;
 	%}
 
+	function get_file_id(message_id: uint64): uint64
+		%{
+		if ( smb2_read_fids.count(message_id) == 0 )
+			return 0;
+		else
+			{
+			uint64 fid = smb2_read_fids[message_id];
+			smb2_read_fids.erase(message_id);
+			return fid;
+			}
+		%}
+
 	function proc_smb2_read_request(h: SMB2_Header, val: SMB2_read_request) : bool
 		%{
 		if ( smb2_read_request )
@@ -19,22 +32,28 @@ refine connection SMB_Conn += {
 			}
 		
 		smb2_read_offsets[${h.message_id}] = ${val.offset};
+		smb2_read_fids[${h.message_id}] = ${val.file_id.persistent} + ${val.file_id._volatile};
 
 		return true;
 		%}
 
 	function proc_smb2_read_response(h: SMB2_Header, val: SMB2_read_response) : bool
 		%{
+		uint64 offset = smb2_read_offsets[${h.message_id}];
+		smb2_read_offsets.erase(${h.message_id});
+
 		if ( ! ${val.is_pipe} && ${val.data_len} > 0 )
 			{
-			uint64 offset = smb2_read_offsets[${h.message_id}];
-			smb2_read_offsets.erase(${h.message_id});
-
 			file_mgr->DataIn(${val.data}.begin(), ${val.data_len}, offset,
 			                 bro_analyzer()->GetAnalyzerTag(),
 			                 bro_analyzer()->Conn(), h->is_orig());
 			}
 
+
+		if ( ${val.is_pipe} )
+			{
+			}
+
 		return true;
 		%}
 
@@ -69,8 +88,9 @@ type SMB2_read_response(header: SMB2_Header) = record {
 	pad               : padding to data_offset - header.head_length;
 	data              : bytestring &length=data_len;
 } &let {
-	is_pipe   : bool = $context.connection.get_tree_is_pipe(header.tree_id);
-	pipe_proc : bool = $context.connection.forward_dce_rpc(data, false) &if(is_pipe);
+	is_pipe   : bool   = $context.connection.get_tree_is_pipe(header.tree_id);
+	fid       : uint64 = $context.connection.get_file_id(header.message_id);
+	pipe_proc : bool   = $context.connection.forward_dce_rpc(data, fid, false) &if(is_pipe);
 
 	proc: bool = $context.connection.proc_smb2_read_response(header, this);
 };
diff --git a/src/analyzer/protocol/smb/smb2-com-write.pac b/src/analyzer/protocol/smb/smb2-com-write.pac
index 06cfd1d1d6..13b0a0828b 100644
--- a/src/analyzer/protocol/smb/smb2-com-write.pac
+++ b/src/analyzer/protocol/smb/smb2-com-write.pac
@@ -46,7 +46,7 @@ type SMB2_write_request(header: SMB2_Header) = record {
 	data                : bytestring &length=data_len;
 } &let {
 	is_pipe: bool = $context.connection.get_tree_is_pipe(header.tree_id);
-	pipe_proc : bool = $context.connection.forward_dce_rpc(data, true) &if(is_pipe);
+	pipe_proc : bool = $context.connection.forward_dce_rpc(data, file_id.persistent+file_id._volatile, true) &if(is_pipe);
 
 	proc : bool = $context.connection.proc_smb2_write_request(header, this);
 };

From dfe0d58b7c970539eabf690ba1ea476fd70a5fba Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 8 Apr 2016 07:59:20 -0400
Subject: [PATCH 58/84] Fix a bug in dce_rpc abstract syntax handling.

---
 .../protocol/dce-rpc/dce_rpc-analyzer.pac     | 24 ++++++++++---------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
index f2242ca2ac..bd3fd34bb8 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
@@ -50,24 +50,26 @@ refine connection DCE_RPC_Conn += {
 
 	function process_dce_rpc_bind(bind: DCE_RPC_Bind): bool
 		%{
-
 		if ( dce_rpc_bind )
 			{
 			// Go over the elements, each having a UUID
 			$const_def{bind_elems = bind.context_list};
 			for ( int i = 0; i < ${bind_elems.num_contexts}; ++i )
 				{
-				$const_def{uuid = bind_elems.request_contexts[i].abstract_syntax.uuid};
-				$const_def{ver_major = bind_elems.request_contexts[i].abstract_syntax.ver_major};
-				$const_def{ver_minor = bind_elems.request_contexts[i].abstract_syntax.ver_minor};
+				if ( ${bind_elems.request_contexts[i].abstract_syntax} )
+					{
+					$const_def{uuid = bind_elems.request_contexts[i].abstract_syntax.uuid};
+					$const_def{ver_major = bind_elems.request_contexts[i].abstract_syntax.ver_major};
+					$const_def{ver_minor = bind_elems.request_contexts[i].abstract_syntax.ver_minor};
 
-				// Queue the event
-				BifEvent::generate_dce_rpc_bind(bro_analyzer(),
-				                                bro_analyzer()->Conn(),
-				                                fid,
-				                                bytestring_to_val(${uuid}),
-				                                ${ver_major},
-				                                ${ver_minor});
+					// Queue the event
+					BifEvent::generate_dce_rpc_bind(bro_analyzer(),
+					                                bro_analyzer()->Conn(),
+					                                fid,
+					                                bytestring_to_val(${uuid}),
+					                                ${ver_major},
+					                                ${ver_minor});
+					}
 				}
 			}
 

From e2bbbdbb3882f3ad1272d2305bcd3d15cd0159ab Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 8 Apr 2016 07:59:59 -0400
Subject: [PATCH 59/84] Opportunistically instantiate gssapi and ntlm analyzers
 in dce_rpc analyzer

---
 src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac   | 8 ++++++--
 src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac | 7 -------
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
index 293bb643ad..52d8fe1b29 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
@@ -5,8 +5,8 @@ refine connection DCE_RPC_Conn += {
 	%}
 
 	%init{
-		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
-		ntlm = analyzer_mgr->InstantiateAnalyzer("NTLM", bro_analyzer->Conn());
+		ntlm = 0;
+		gssapi = 0;
 	%}
 
 	%cleanup{
@@ -21,10 +21,14 @@ refine connection DCE_RPC_Conn += {
 		switch ( ${auth.type} )
 			{
 			case 0x0a:
+				if ( ! ntlm )
+					ntlm = analyzer_mgr->InstantiateAnalyzer("NTLM", bro_analyzer->Conn());
 				if ( ntlm )
 					ntlm->DeliverStream(${auth.blob}.length(), ${auth.blob}.begin(), is_orig);
 				break;
 			//case 0xXX:
+			//	if ( ! gssapi )
+			//		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
 			//	if ( gssapi )
 			//		gssapi->DeliverStream(${data}.length(), ${data}.begin(), is_orig);
 			//	break;
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
index fe04d1f0dd..8137d307dd 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
@@ -45,13 +45,6 @@ type DCE_RPC_PDU(is_orig: bool) = record {
 	#	&if frag_reassembled;
 } &byteorder = header.byteorder, &length = header.frag_length;
 
-
-#type rpc_if_id_t = record {
-#	if_uuid    : bytestring &length = 16;
-#	vers_major : uint16;
-#	vers_minor : uint16;
-#};
-
 type NDR_Format = record {
 	intchar    : uint8;
 	floatspec  : uint8;

From b4b9fbb8d2bd512872517355f5410ee203638f5c Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 13 Apr 2016 12:08:04 -0400
Subject: [PATCH 60/84] Fix GSSAPI+ASN.1 build dependency tracking.

---
 src/analyzer/protocol/gssapi/CMakeLists.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/analyzer/protocol/gssapi/CMakeLists.txt b/src/analyzer/protocol/gssapi/CMakeLists.txt
index 5338f04952..222c3cdf4e 100644
--- a/src/analyzer/protocol/gssapi/CMakeLists.txt
+++ b/src/analyzer/protocol/gssapi/CMakeLists.txt
@@ -10,6 +10,7 @@ bro_plugin_pac(
     gssapi.pac 
     gssapi-protocol.pac
     gssapi-analyzer.pac
+    ../asn1/asn1.pac
     )
 bro_plugin_end()
 

From 5d33ac773bbd6a6e62ea9e34b6b81c6fc465555a Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 13 Apr 2016 12:09:05 -0400
Subject: [PATCH 61/84] Add success indicator to the ntlm.log.

This changes the single gssapi event slightly too.
---
 scripts/base/protocols/ntlm/main.bro          | 35 ++++++++++++++++---
 src/analyzer/protocol/gssapi/events.bif       |  6 ++--
 .../protocol/gssapi/gssapi-analyzer.pac       | 35 ++++++++-----------
 .../protocol/gssapi/gssapi-protocol.pac       | 18 ++++------
 4 files changed, 55 insertions(+), 39 deletions(-)

diff --git a/scripts/base/protocols/ntlm/main.bro b/scripts/base/protocols/ntlm/main.bro
index 365ebcdd81..484ccf334f 100644
--- a/scripts/base/protocols/ntlm/main.bro
+++ b/scripts/base/protocols/ntlm/main.bro
@@ -14,6 +14,13 @@ export {
 		username: string &log &optional;
 		hostname: string &log &optional;
 		domainname: string &log &optional;
+
+		## Indicate whether or not the authentication was successful.
+		success: bool &log &default=F;
+
+		## Internally used field to indicate if the login attempt 
+		## has already been logged.
+		done: bool &default=F;
 	};
 }
 
@@ -28,13 +35,10 @@ event bro_init() &priority=5
 
 event ntlm_negotiate(c: connection, request: NTLM::Negotiate) &priority=5
 	{
-	#print request;
 	}
 
 event ntlm_challenge(c: connection, challenge: NTLM::Challenge) &priority=5
 	{
-	#print "challenge!!!!!";
-	#print challenge;
 	}
 
 event ntlm_authenticate(c: connection, request: NTLM::Authenticate) &priority=5
@@ -48,7 +52,28 @@ event ntlm_authenticate(c: connection, request: NTLM::Authenticate) &priority=5
 		c$ntlm$username = request$user_name;
 	}
 
-event ntlm_authenticate(c: connection, request: NTLM::Authenticate) &priority=-5
+event gssapi_neg_result(c: connection, state: count) &priority=5
 	{
-	Log::write(NTLM::LOG, c$ntlm);
+	if ( c?$ntlm )
+		c$ntlm$success = (state == 0);
 	}
+
+event gssapi_neg_result(c: connection, state: count) &priority=-5
+	{
+	if ( c?$ntlm )
+		{
+		if ( c$ntlm?$username || c$ntlm?$hostname )
+			{
+			Log::write(NTLM::LOG, c$ntlm);
+			c$ntlm$done = T;
+			}
+		}
+	}
+
+event connection_state_remove(c: connection) &priority=-5
+	{
+	if ( c?$ntlm && ! c$ntlm$done )
+		{
+		Log::write(NTLM::LOG, c$ntlm);
+		}
+	}
\ No newline at end of file
diff --git a/src/analyzer/protocol/gssapi/events.bif b/src/analyzer/protocol/gssapi/events.bif
index 4b648f3c9a..ea2d3dc2a3 100644
--- a/src/analyzer/protocol/gssapi/events.bif
+++ b/src/analyzer/protocol/gssapi/events.bif
@@ -1,5 +1,7 @@
-## Generated for GSSAPI messages of type *accept-completed*.
+## Generated for GSSAPI negotiation results.
 ##
 ## c: The connection.
 ##
-event gssapi_accepted%(c: connection%);
+## state: The resulting state of the negotiation.
+##
+event gssapi_neg_result%(c: connection, state: count%);
diff --git a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
index 6c3b5d30c4..934e0fd292 100644
--- a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
+++ b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
@@ -1,3 +1,4 @@
+
 refine connection GSSAPI_Conn += {
 	%member{
 		analyzer::Analyzer *ntlm;
@@ -19,31 +20,25 @@ refine connection GSSAPI_Conn += {
 		return true;
 		%}
 
-	function proc_gssapi_neg_token(val: GSSAPI_NEG_TOKEN): bool
+	function proc_gssapi_neg_result(val: GSSAPI_NEG_TOKEN_RESP_Arg): bool
 		%{
-		if ( ${val.is_init} )
-			return true;
-		
-		for ( uint i = 0; i < ${val.resp.args}->size(); ++i )
+		if ( gssapi_neg_result )
 			{
-			switch ( ${val.resp.args[i].seq_meta.index} )
-				{
-				case 0:
-					if ( ${val.resp.args[i].args.neg_state} == 0 )
-						{
-						BifEvent::generate_gssapi_accepted(bro_analyzer(), 
-						                                   bro_analyzer()->Conn());
-						}
-					break;
-				
-				default:
-					break;
-				}
+			BifEvent::generate_gssapi_neg_result(bro_analyzer(),
+			                                     bro_analyzer()->Conn(),
+			                                     binary_to_int64(${val.neg_state.encoding.content}));
 			}
+
 		return true;
 		%}
 }
 
-refine typeattr GSSAPI_NEG_TOKEN += &let {
-	proc : bool = $context.connection.proc_gssapi_neg_token(this);
+refine typeattr GSSAPI_NEG_TOKEN_INIT_Arg_Data += &let {
+	fwd: bool = $context.connection.forward_ntlm(mech_token, true) &if(index==2); 
 };
+
+refine typeattr GSSAPI_NEG_TOKEN_RESP_Arg += &let {
+	proc: bool = $context.connection.proc_gssapi_neg_result(this) &if(seq_meta.index==0);
+	fwd: bool = $context.connection.forward_ntlm(response_token, false) &if(seq_meta.index==2);
+};
+
diff --git a/src/analyzer/protocol/gssapi/gssapi-protocol.pac b/src/analyzer/protocol/gssapi/gssapi-protocol.pac
index cbaee0572f..67a84ceb0b 100644
--- a/src/analyzer/protocol/gssapi/gssapi-protocol.pac
+++ b/src/analyzer/protocol/gssapi/gssapi-protocol.pac
@@ -32,8 +32,6 @@ type GSSAPI_NEG_TOKEN_INIT_Arg_Data(index: uint8) = case index of {
 	1 -> req_flags      : ASN1Encoding;
 	2 -> mech_token     : bytestring &restofdata;
 	3 -> mech_list_mic  : ASN1OctetString;
-} &let { 
-	fwd: bool = $context.connection.forward_ntlm(mech_token, true) &if(index==2); 
 };
 
 type GSSAPI_NEG_TOKEN_RESP = record {
@@ -43,14 +41,10 @@ type GSSAPI_NEG_TOKEN_RESP = record {
 
 type GSSAPI_NEG_TOKEN_RESP_Arg = record {
 	seq_meta : ASN1EncodingMeta;
-	args     : GSSAPI_NEG_TOKEN_RESP_Arg_Data(seq_meta.index) &length=seq_meta.length;
-};
-
-type GSSAPI_NEG_TOKEN_RESP_Arg_Data(index: uint8) = case index of {
-	0 -> neg_state      : ASN1Integer;
-	1 -> supported_mech : ASN1Encoding;
-	2 -> response_token : bytestring &restofdata;
-	3 -> mech_list_mic  : ASN1OctetString;
-} &let { 
-	fwd: bool = $context.connection.forward_ntlm(response_token, false) &if(index==2);
+	args     : case seq_meta.index of {
+		0       -> neg_state      : ASN1Integer;
+		1       -> supported_mech : ASN1Encoding;
+		2       -> response_token : bytestring &restofdata;
+		3       -> mech_list_mic  : ASN1OctetString;
+	} &length=seq_meta.length;
 };

From dcb8dee3ebe41373a5b64d76f78b1f400f67587f Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 13 Apr 2016 12:10:51 -0400
Subject: [PATCH 62/84] Small improvements to DCE/RPC handling.

 - Fix an issue with svcctl uuid -> operation mapping.
 - Add a heuristic to fill out the endpoint name in
   case the original dce/rpc binding wasn't seen.
 - Improve naming and code structure in the dce/rpc scripts.
---
 scripts/base/protocols/dce-rpc/consts.bro | 119 ++++++++++++----------
 scripts/base/protocols/dce-rpc/main.bro   |  48 +++++++--
 2 files changed, 106 insertions(+), 61 deletions(-)

diff --git a/scripts/base/protocols/dce-rpc/consts.bro b/scripts/base/protocols/dce-rpc/consts.bro
index 39e126f75b..dfaf5b8edc 100644
--- a/scripts/base/protocols/dce-rpc/consts.bro
+++ b/scripts/base/protocols/dce-rpc/consts.bro
@@ -90,6 +90,15 @@ export {
 		["2f5f3220-c126-1076-b549-074d078619da"] = "nddeapi",
 	} &redef &default=function(uuid: string): string { return fmt("unknown-%s", uuid); };
 
+	## This table is to map pipe names to the most common 
+	## service used over that pipe.  It helps in cases 
+	## where the pipe binding wasn't seen.
+	const pipe_name_to_common_uuid: table[string] of string = {
+		["winreg"] = "338cd001-2244-31f1-aaaa-900038001003",
+		["spoolss"] = "12345678-1234-abcd-ef00-0123456789ab",
+		["srvsvc"] = "4b324fc8-1670-01d3-1278-5a47bf6ee188",
+	} &redef;
+	
 	const operations: table[string,count] of string = {
 		# atsvc
 		["1ff70682-0a51-30e8-076d-740be8cee98b",0] = "NetrJobAdd",
@@ -641,61 +650,61 @@ export {
 		["3919286a-b10c-11d0-9ba8-00c04fd92ef5",0x0a] = "DsRolerAbortDownlevelServerUpgrade",
 
 		# svcctl
-		["367aeb81-9844-35f1-ad32-98f038001003",0x00] = "CloseServiceHandle",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x01] = "ControlService",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x02] = "DeleteService",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x03] = "LockServiceDatabase",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x04] = "QueryServiceObjectSecurity",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x05] = "SetServiceObjectSecurity",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x06] = "QueryServiceStatus",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x07] = "SetServiceStatus",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x08] = "UnlockServiceDatabase",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x09] = "NotifyBootConfigStatus",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x0a] = "ScSetServiceBitsW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x0b] = "ChangeServiceConfigW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x0c] = "CreateServiceW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x0d] = "EnumDependentServicesW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x0e] = "EnumServicesStatusW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x0f] = "OpenSCManagerW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x10] = "OpenServiceW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x11] = "QueryServiceConfigW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x12] = "QueryServiceLockStatusW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x13] = "StartServiceW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x14] = "GetServiceDisplayNameW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x15] = "GetServiceKeyNameW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x16] = "ScSetServiceBitsA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x17] = "ChangeServiceConfigA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x18] = "CreateServiceA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x19] = "EnumDependentServicesA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x1a] = "EnumServicesStatusA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x1b] = "OpenSCManagerA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x1c] = "OpenServiceA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x1d] = "QueryServiceConfigA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x1e] = "QueryServiceLockStatusA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x1f] = "StartServiceA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x20] = "GetServiceDisplayNameA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x21] = "GetServiceKeyNameA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x22] = "ScGetCurrentGroupStateW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x23] = "EnumServiceGroupW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x24] = "ChangeServiceConfig2A",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x25] = "ChangeServiceConfig2W",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x26] = "QueryServiceConfig2A",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x27] = "QueryServiceConfig2W",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x28] = "QueryServiceStatusEx",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x29] = "EnumServicesStatusExA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x2a] = "EnumServicesStatusExW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x2b] = "ScSendTSMessage",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x2c] = "CreateServiceWOW64A",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x2d] = "CreateServiceWOW64W",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x2e] = "ScQueryServiceTagInfo",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x2f] = "NotifyServiceStatusChange",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x30] = "GetNotifyResult",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x31] = "CloseNotifyHandle",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x32] = "ControlServiceExA",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x33] = "ControlServiceExW",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x34] = "ScSendPnPMessage",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x35] = "ScValidatePnPService",
-		["367aeb81-9844-35f1-ad32-98f038001003",0x36] = "ScOpenServiceStatusHandle",
+		["367abb81-9844-35f1-ad32-98f038001003",0x00] = "CloseServiceHandle",
+		["367abb81-9844-35f1-ad32-98f038001003",0x01] = "ControlService",
+		["367abb81-9844-35f1-ad32-98f038001003",0x02] = "DeleteService",
+		["367abb81-9844-35f1-ad32-98f038001003",0x03] = "LockServiceDatabase",
+		["367abb81-9844-35f1-ad32-98f038001003",0x04] = "QueryServiceObjectSecurity",
+		["367abb81-9844-35f1-ad32-98f038001003",0x05] = "SetServiceObjectSecurity",
+		["367abb81-9844-35f1-ad32-98f038001003",0x06] = "QueryServiceStatus",
+		["367abb81-9844-35f1-ad32-98f038001003",0x07] = "SetServiceStatus",
+		["367abb81-9844-35f1-ad32-98f038001003",0x08] = "UnlockServiceDatabase",
+		["367abb81-9844-35f1-ad32-98f038001003",0x09] = "NotifyBootConfigStatus",
+		["367abb81-9844-35f1-ad32-98f038001003",0x0a] = "ScSetServiceBitsW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x0b] = "ChangeServiceConfigW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x0c] = "CreateServiceW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x0d] = "EnumDependentServicesW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x0e] = "EnumServicesStatusW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x0f] = "OpenSCManagerW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x10] = "OpenServiceW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x11] = "QueryServiceConfigW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x12] = "QueryServiceLockStatusW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x13] = "StartServiceW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x14] = "GetServiceDisplayNameW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x15] = "GetServiceKeyNameW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x16] = "ScSetServiceBitsA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x17] = "ChangeServiceConfigA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x18] = "CreateServiceA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x19] = "EnumDependentServicesA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x1a] = "EnumServicesStatusA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x1b] = "OpenSCManagerA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x1c] = "OpenServiceA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x1d] = "QueryServiceConfigA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x1e] = "QueryServiceLockStatusA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x1f] = "StartServiceA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x20] = "GetServiceDisplayNameA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x21] = "GetServiceKeyNameA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x22] = "ScGetCurrentGroupStateW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x23] = "EnumServiceGroupW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x24] = "ChangeServiceConfig2A",
+		["367abb81-9844-35f1-ad32-98f038001003",0x25] = "ChangeServiceConfig2W",
+		["367abb81-9844-35f1-ad32-98f038001003",0x26] = "QueryServiceConfig2A",
+		["367abb81-9844-35f1-ad32-98f038001003",0x27] = "QueryServiceConfig2W",
+		["367abb81-9844-35f1-ad32-98f038001003",0x28] = "QueryServiceStatusEx",
+		["367abb81-9844-35f1-ad32-98f038001003",0x29] = "EnumServicesStatusExA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x2a] = "EnumServicesStatusExW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x2b] = "ScSendTSMessage",
+		["367abb81-9844-35f1-ad32-98f038001003",0x2c] = "CreateServiceWOW64A",
+		["367abb81-9844-35f1-ad32-98f038001003",0x2d] = "CreateServiceWOW64W",
+		["367abb81-9844-35f1-ad32-98f038001003",0x2e] = "ScQueryServiceTagInfo",
+		["367abb81-9844-35f1-ad32-98f038001003",0x2f] = "NotifyServiceStatusChange",
+		["367abb81-9844-35f1-ad32-98f038001003",0x30] = "GetNotifyResult",
+		["367abb81-9844-35f1-ad32-98f038001003",0x31] = "CloseNotifyHandle",
+		["367abb81-9844-35f1-ad32-98f038001003",0x32] = "ControlServiceExA",
+		["367abb81-9844-35f1-ad32-98f038001003",0x33] = "ControlServiceExW",
+		["367abb81-9844-35f1-ad32-98f038001003",0x34] = "ScSendPnPMessage",
+		["367abb81-9844-35f1-ad32-98f038001003",0x35] = "ScValidatePnPService",
+		["367abb81-9844-35f1-ad32-98f038001003",0x36] = "ScOpenServiceStatusHandle",
 
 		# browser
 		["6bffd098-a112-3610-9833-012892020162",0x00] = "BrowserrServerEnum",
diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 795f575605..35724865fc 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -36,7 +36,9 @@ type State: record {
 	named_pipe : string &optional;
 };
 
-type Stuff: record {
+# This is to store the log and state information 
+# for multiple DCE/RPC bindings over a single TCP connection (named pipes).
+type BackingState: record {
 	info: Info;
 	state: State;
 };
@@ -44,7 +46,7 @@ type Stuff: record {
 redef record connection += {
 	dce_rpc: Info &optional;
 	dce_rpc_state: State &optional;
-	dce_rpc_state_x: table[count] of Stuff &optional;
+	dce_rpc_state_x: table[count] of BackingState &optional;
 };
 
 const ports = { 135/tcp };
@@ -56,7 +58,16 @@ event bro_init() &priority=5
 	Analyzer::register_for_ports(Analyzer::ANALYZER_DCE_RPC, ports);
 	}
 
-function set_state(c: connection, state_x: Stuff)
+function normalize_named_pipe_name(pn: string): string
+	{
+	local parts = split_string(pn, /\\[pP][iI][pP][eE]\\/);
+	if ( 1 in parts )
+		return to_lower(parts[1]);
+	else
+		return to_lower(pn);
+	}
+
+function set_state(c: connection, state_x: BackingState)
 	{
 	c$dce_rpc = state_x$info;
 	c$dce_rpc_state = state_x$state;
@@ -76,7 +87,7 @@ function set_session(c: connection, fid: count)
 	if ( fid !in c$dce_rpc_state_x )
 		{
 		local info = Info($ts=network_time(),$id=c$id,$uid=c$uid);
-		c$dce_rpc_state_x[fid] = Stuff($info=info, $state=State());
+		c$dce_rpc_state_x[fid] = BackingState($info=info, $state=State());
 		}
 
 	local state_x = c$dce_rpc_state_x[fid];
@@ -120,6 +131,18 @@ event dce_rpc_response(c: connection, fid: count, opnum: count, stub_len: count)
 	{
 	set_session(c, fid);
 
+	# In the event that the binding wasn't seen, but the pipe
+	# name is known, go ahead and see if we have a pipe name to
+	# uuid mapping...
+	if ( ! c$dce_rpc?$endpoint && c$dce_rpc?$named_pipe )
+		{
+		local npn = normalize_named_pipe_name(c$dce_rpc$named_pipe);
+		if ( npn in pipe_name_to_common_uuid )
+			{
+			c$dce_rpc_state$uuid = pipe_name_to_common_uuid[npn];
+			}
+		}
+
 	if ( c?$dce_rpc && c$dce_rpc?$endpoint )
 		{
 		c$dce_rpc$operation = operations[c$dce_rpc_state$uuid, opnum];
@@ -134,7 +157,7 @@ event dce_rpc_response(c: connection, fid: count, opnum: count, stub_len: count)
 		{
 		# If there is not an endpoint, there isn't much reason to log.
 		# This can happen if the request isn't seen.
-		if ( c$dce_rpc?$endpoint )
+		if ( c$dce_rpc?$endpoint && c$dce_rpc?$operation )
 			Log::write(LOG, c$dce_rpc);
 		delete c$dce_rpc;
 		}
@@ -150,7 +173,20 @@ event connection_state_remove(c: connection)
 		{
 		local x = c$dce_rpc_state_x[i];
 		set_state(c, x);
-		if ( c$dce_rpc?$endpoint )
+
+		# In the event that the binding wasn't seen, but the pipe
+		# name is known, go ahead and see if we have a pipe name to
+		# uuid mapping...
+		if ( ! c$dce_rpc?$endpoint && c$dce_rpc?$named_pipe )
+			{
+			local npn = normalize_named_pipe_name(c$dce_rpc$named_pipe);
+			if ( npn in pipe_name_to_common_uuid )
+				{
+				c$dce_rpc_state$uuid = pipe_name_to_common_uuid[npn];
+				}
+			}
+
+		if ( c$dce_rpc?$endpoint && c$dce_rpc?$operation )
 			Log::write(LOG, c$dce_rpc);
 		}
 	}
\ No newline at end of file

From a176e053ca30a22e0ab33703c050794e2eb8e7d6 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 13 Apr 2016 12:26:07 -0400
Subject: [PATCH 63/84] Improve NTLM authentication logging.

If only one side of a connection was seen, the ntlm.log
would indicate that the authentication failed.  This has been
modified so that the success is listed as null since it's not
known whether or not the authentication was successful.

It can be inferred from continued SMB analysis though because
activity will continue taking place.  I changed it though
because the log shouldn't assume more than what it sees.
---
 scripts/base/protocols/ntlm/main.bro | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/base/protocols/ntlm/main.bro b/scripts/base/protocols/ntlm/main.bro
index 484ccf334f..5252157d7c 100644
--- a/scripts/base/protocols/ntlm/main.bro
+++ b/scripts/base/protocols/ntlm/main.bro
@@ -16,7 +16,7 @@ export {
 		domainname: string &log &optional;
 
 		## Indicate whether or not the authentication was successful.
-		success: bool &log &default=F;
+		success: bool &log &optional;
 
 		## Internally used field to indicate if the login attempt 
 		## has already been logged.

From 6d85769ae7bd766432ce811011204e8ae65b43cb Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 13 Apr 2016 23:22:47 -0400
Subject: [PATCH 64/84] Modify protocol field length handling for DCE/RPC.

There were some DPD warnings resulting from this.
---
 src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
index 8137d307dd..6e38fdfa0f 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
@@ -36,7 +36,7 @@ type DCE_RPC_PDU(is_orig: bool) = record {
 	# TODO: bring back reassembly.  It was having trouble.
 	#frag    : bytestring &length = body_length;
 	body    : DCE_RPC_Body(header);
-	#auth    : DCE_RPC_Auth_wrapper(header);
+	auth    : DCE_RPC_Auth_wrapper(header);
 } &let {
 	#body_length      : int  = header.frag_length - sizeof(header) - header.auth_length;
 	#frag_reassembled : bool = $context.flow.reassemble_fragment(frag, header.lastfrag);
@@ -147,7 +147,8 @@ type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
 	DCE_RPC_REQUEST  -> request  : DCE_RPC_Request;
 	DCE_RPC_RESPONSE -> response : DCE_RPC_Response;
 	default          -> other    : bytestring &restofdata;
-} &length=header.frag_length-16-header.auth_length;
+};
+#} &length=header.frag_length - 16 - header.auth_length - (header.auth_length==0 ? 0 : 8);
 # sizeof(DCE_RPC_Header) <- doesn't work, it's the "16" above
 
 type DCE_RPC_Auth_wrapper(header: DCE_RPC_Header) = case header.auth_length of {
@@ -161,5 +162,5 @@ type DCE_RPC_Auth(header: DCE_RPC_Header) = record {
 	pad_len    : uint8;
 	reserved   : uint8;
 	context_id : uint32;
-	blob       : bytestring &length=header.auth_length;
-};
+	blob       : bytestring &length=header.auth_length-8;
+} &length=header.auth_length;

From bc0a5da8971a471d4e6c45157065c9010f49cfc7 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 13 Apr 2016 23:23:31 -0400
Subject: [PATCH 65/84] Fix a problem resulting in an SMB2 DPD warning.

---
 src/analyzer/protocol/smb/smb2-com-create.pac | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb2-com-create.pac b/src/analyzer/protocol/smb/smb2-com-create.pac
index 4cd7abdf25..341d629f38 100644
--- a/src/analyzer/protocol/smb/smb2-com-create.pac
+++ b/src/analyzer/protocol/smb/smb2-com-create.pac
@@ -111,10 +111,12 @@ type SMB2_create_response(header: SMB2_Header) = record {
 	# be set to zero so we need to deal with that to avoid
 	# negative wrap around in the padding.
 	context_pad      : padding to (context_offset==0 ? 0 : context_offset - header.head_length);
-	create : case context_len of {
-		0       -> blank    : empty;
-		default -> contexts : SMB2_create_context[] &length=context_len;
-	};
+	# TODO: skip this data for now.  It's shown to be a bit difficult.
+	#create : case context_len of {
+	#	0       -> blank    : empty;
+	#	default -> contexts : SMB2_create_context[] &length=context_len;
+	#};
+	contexts : bytestring &length=context_len &transient;
 } &let {
 	proc : bool = $context.connection.proc_smb2_create_response(header, this);
 };

From 7585d718c061bdc7ba32dab0f8735031014019b8 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 14 Apr 2016 07:20:56 -0400
Subject: [PATCH 66/84] DCE_RPC Auth improvements.

Some DCE_RPC messages were being parsed incorrectly due to
misunderstandings about lengths of some fields.
---
 .../protocol/dce-rpc/dce_rpc-protocol.pac     | 43 +++++++++++--------
 1 file changed, 26 insertions(+), 17 deletions(-)

diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
index 6e38fdfa0f..06cba61471 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-protocol.pac
@@ -116,13 +116,6 @@ type DCE_RPC_Bind_Ack = record {
 	contexts        : ContextList(0);
 };
 
-type DCE_RPC_AlterContext = record {
-	max_xmit_frag  : uint16;
-	max_recv_frag  : uint16;
-	assoc_group_id : uint32;
-	contexts       : ContextList(0);
-};
-
 type DCE_RPC_Request = record {
 	alloc_hint   : uint32;
 	context_id   : uint16;
@@ -141,15 +134,31 @@ type DCE_RPC_Response = record {
 	stub         : bytestring &restofdata;
 };
 
-type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
-	DCE_RPC_BIND     -> bind     : DCE_RPC_Bind;
-	DCE_RPC_BIND_ACK -> bind_ack : DCE_RPC_Bind_Ack;
-	DCE_RPC_REQUEST  -> request  : DCE_RPC_Request;
-	DCE_RPC_RESPONSE -> response : DCE_RPC_Response;
-	default          -> other    : bytestring &restofdata;
+type DCE_RPC_AlterContext = record {
+	max_xmit_frag  : uint16;
+	max_recv_frag  : uint16;
+	assoc_group_id : uint32;
+	contexts       : ContextList(0);
 };
-#} &length=header.frag_length - 16 - header.auth_length - (header.auth_length==0 ? 0 : 8);
-# sizeof(DCE_RPC_Header) <- doesn't work, it's the "16" above
+
+type DCE_RPC_AlterContext_Resp = record {
+	max_xmit_frag  : uint16;
+	max_recv_frag  : uint16;
+	assoc_group_id : uint32;
+	sec_addr_len   : uint16;
+	contexts       : ContextList(0);
+};
+
+type DCE_RPC_Body(header: DCE_RPC_Header) = case header.PTYPE of {
+	DCE_RPC_BIND               -> bind          : DCE_RPC_Bind;
+	DCE_RPC_BIND_ACK           -> bind_ack      : DCE_RPC_Bind_Ack;
+	DCE_RPC_REQUEST            -> request       : DCE_RPC_Request;
+	DCE_RPC_RESPONSE           -> response      : DCE_RPC_Response;
+	# TODO: Something about the two following structures isn't being handled correctly.
+	#DCE_RPC_ALTER_CONTEXT      -> alter_context : DCE_RPC_AlterContext;
+	#DCE_RPC_ALTER_CONTEXT_RESP -> alter_resp    : DCE_RPC_AlterContext_Resp;
+	default                    -> other         : bytestring &restofdata;
+} &length=header.frag_length - 16 - header.auth_length - (header.auth_length==0 ? 0 : 8);
 
 type DCE_RPC_Auth_wrapper(header: DCE_RPC_Header) = case header.auth_length of {
 	0       -> none : empty;
@@ -162,5 +171,5 @@ type DCE_RPC_Auth(header: DCE_RPC_Header) = record {
 	pad_len    : uint8;
 	reserved   : uint8;
 	context_id : uint32;
-	blob       : bytestring &length=header.auth_length-8;
-} &length=header.auth_length;
+	blob       : bytestring &length=header.auth_length;
+};

From a58500fde03abf3297074fbdb220567aa3aa18f2 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 14 Apr 2016 10:55:47 -0400
Subject: [PATCH 67/84] Add DCE/RPC authentication forwarding.

---
 src/analyzer/protocol/dce-rpc/CMakeLists.txt   |  2 +-
 .../{dce_rpc-gssapi.pac => dce_rpc-auth.pac}   | 18 +++++++++++-------
 src/analyzer/protocol/dce-rpc/dce_rpc.pac      |  1 +
 3 files changed, 13 insertions(+), 8 deletions(-)
 rename src/analyzer/protocol/dce-rpc/{dce_rpc-gssapi.pac => dce_rpc-auth.pac} (72%)

diff --git a/src/analyzer/protocol/dce-rpc/CMakeLists.txt b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
index e02887fe83..79ec16ada6 100644
--- a/src/analyzer/protocol/dce-rpc/CMakeLists.txt
+++ b/src/analyzer/protocol/dce-rpc/CMakeLists.txt
@@ -10,7 +10,7 @@ bro_plugin_pac(
     dce_rpc.pac 
     dce_rpc-protocol.pac
     dce_rpc-analyzer.pac
-    dce_rpc-gssapi.pac
+    dce_rpc-auth.pac
     endpoint-atsvc.pac
     endpoint-epmapper.pac
     )
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-auth.pac
similarity index 72%
rename from src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
rename to src/analyzer/protocol/dce-rpc/dce_rpc-auth.pac
index 52d8fe1b29..85a90e48c4 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-gssapi.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-auth.pac
@@ -1,3 +1,7 @@
+%extern{
+#include "analyzer/Manager.h"
+%}
+
 refine connection DCE_RPC_Conn += {
 	%member{
 		analyzer::Analyzer *gssapi;
@@ -20,18 +24,18 @@ refine connection DCE_RPC_Conn += {
 		%{
 		switch ( ${auth.type} )
 			{
+			case 0x09:
+				if ( ! gssapi )
+					gssapi = analyzer_mgr->InstantiateAnalyzer("KRB", bro_analyzer()->Conn());
+				if ( gssapi )
+					gssapi->DeliverStream(${auth.blob}.length(), ${auth.blob}.begin(), is_orig);
+				break;
 			case 0x0a:
 				if ( ! ntlm )
-					ntlm = analyzer_mgr->InstantiateAnalyzer("NTLM", bro_analyzer->Conn());
+					ntlm = analyzer_mgr->InstantiateAnalyzer("NTLM", bro_analyzer()->Conn());
 				if ( ntlm )
 					ntlm->DeliverStream(${auth.blob}.length(), ${auth.blob}.begin(), is_orig);
 				break;
-			//case 0xXX:
-			//	if ( ! gssapi )
-			//		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
-			//	if ( gssapi )
-			//		gssapi->DeliverStream(${data}.length(), ${data}.begin(), is_orig);
-			//	break;
 			default:
 				bro_analyzer()->Weird(fmt("unknown_dce_rpc_auth_type_%d",${auth.type}));
 				break;
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc.pac b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
index 607ef58d07..532e50bffb 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc.pac
@@ -25,3 +25,4 @@ flow DCE_RPC_Flow(is_orig: bool) {
 %include endpoint-atsvc.pac
 %include endpoint-epmapper.pac
 %include dce_rpc-analyzer.pac
+%include dce_rpc-auth.pac

From 72f2c2ded21e640d77e9c63e8a1b59e05addaed3 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 15 Apr 2016 10:39:08 -0400
Subject: [PATCH 68/84] More SMB/DCERPC/NTLM cleanup.

 - NTLM Authentication failures over SMB2 are now marked as such in
   the ntlm.log.
 - Slightly updated filtering mechanism for DCE/RPC operations.
 - Uncommented the atsvc file so it compiles now.
---
 scripts/base/protocols/dce-rpc/main.bro       | 42 ++++++----
 scripts/base/protocols/ntlm/main.bro          | 16 +++-
 .../protocol/dce-rpc/dce_rpc-analyzer.pac     |  1 -
 .../protocol/dce-rpc/endpoint-atsvc.pac       | 80 +++++++++----------
 4 files changed, 78 insertions(+), 61 deletions(-)

diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 35724865fc..8a9144a1ef 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -25,10 +25,11 @@ export {
 		operation  : string   &log &optional;
 	};
 
-	## Set of interface UUID values to ignore.
-	const ignored_uuids: set[string] = set(
-		"e1af8308-5d1f-11c9-91a4-08002b14a0fa" #epmapper
-	) &redef;
+	const ignored_operations: table[string] of set[string] = {
+		["winreg"] = set("BaseRegCloseKey", "BaseRegGetVersion", "BaseRegOpenKey", "OpenLocalMachine", "BaseRegEnumKey"),
+		["spoolss"] = set("RpcSplOpenPrinter", "RpcClosePrinter"),
+		["wkssvc"] = set("NetrWkstaGetInfo"),
+	} &redef;
 }
 
 type State: record {
@@ -46,7 +47,7 @@ type BackingState: record {
 redef record connection += {
 	dce_rpc: Info &optional;
 	dce_rpc_state: State &optional;
-	dce_rpc_state_x: table[count] of BackingState &optional;
+	dce_rpc_backing: table[count] of BackingState &optional;
 };
 
 const ports = { 135/tcp };
@@ -80,17 +81,17 @@ function set_state(c: connection, state_x: BackingState)
 
 function set_session(c: connection, fid: count)
 	{
-	if ( ! c?$dce_rpc_state_x )
+	if ( ! c?$dce_rpc_backing )
 		{
-		c$dce_rpc_state_x = table();
+		c$dce_rpc_backing = table();
 		}
-	if ( fid !in c$dce_rpc_state_x )
+	if ( fid !in c$dce_rpc_backing )
 		{
 		local info = Info($ts=network_time(),$id=c$id,$uid=c$uid);
-		c$dce_rpc_state_x[fid] = BackingState($info=info, $state=State());
+		c$dce_rpc_backing[fid] = BackingState($info=info, $state=State());
 		}
 
-	local state_x = c$dce_rpc_state_x[fid];
+	local state_x = c$dce_rpc_backing[fid];
 	set_state(c, state_x);
 	}
 
@@ -99,9 +100,6 @@ event dce_rpc_bind(c: connection, fid: count, uuid: string, ver_major: count, ve
 	set_session(c, fid);
 
 	local uuid_str = uuid_to_string(uuid);
-	if ( uuid_str in ignored_uuids )
-		return;
-
 	c$dce_rpc_state$uuid = uuid_str;
 	c$dce_rpc$endpoint = uuid_endpoint_map[uuid_str];
 	}
@@ -157,8 +155,13 @@ event dce_rpc_response(c: connection, fid: count, opnum: count, stub_len: count)
 		{
 		# If there is not an endpoint, there isn't much reason to log.
 		# This can happen if the request isn't seen.
-		if ( c$dce_rpc?$endpoint && c$dce_rpc?$operation )
+		if ( (c$dce_rpc?$endpoint && (c$dce_rpc$endpoint !in ignored_operations || |ignored_operations[c$dce_rpc$endpoint]| != 0))
+		     ||
+		     (c$dce_rpc?$endpoint && c$dce_rpc?$operation &&
+		      c$dce_rpc?$operation && c$dce_rpc$operation !in ignored_operations[c$dce_rpc$endpoint]) )
+			{
 			Log::write(LOG, c$dce_rpc);
+			}
 		delete c$dce_rpc;
 		}
 	}
@@ -169,9 +172,9 @@ event connection_state_remove(c: connection)
 		return;
 
 	# TODO: Go through any remaining dce_rpc requests that haven't been processed with replies.
-	for ( i in c$dce_rpc_state_x )
+	for ( i in c$dce_rpc_backing )
 		{
-		local x = c$dce_rpc_state_x[i];
+		local x = c$dce_rpc_backing[i];
 		set_state(c, x);
 
 		# In the event that the binding wasn't seen, but the pipe
@@ -186,7 +189,12 @@ event connection_state_remove(c: connection)
 				}
 			}
 
-		if ( c$dce_rpc?$endpoint && c$dce_rpc?$operation )
+		if ( (c$dce_rpc?$endpoint && |ignored_operations[c$dce_rpc$endpoint]| != 0)
+		     ||
+		     (c$dce_rpc?$endpoint && c$dce_rpc?$operation &&
+		      c$dce_rpc?$operation && c$dce_rpc$operation !in ignored_operations[c$dce_rpc$endpoint]) )
+			{
 			Log::write(LOG, c$dce_rpc);
+			}
 		}
 	}
\ No newline at end of file
diff --git a/scripts/base/protocols/ntlm/main.bro b/scripts/base/protocols/ntlm/main.bro
index 5252157d7c..1656242766 100644
--- a/scripts/base/protocols/ntlm/main.bro
+++ b/scripts/base/protocols/ntlm/main.bro
@@ -52,13 +52,13 @@ event ntlm_authenticate(c: connection, request: NTLM::Authenticate) &priority=5
 		c$ntlm$username = request$user_name;
 	}
 
-event gssapi_neg_result(c: connection, state: count) &priority=5
+event gssapi_neg_result(c: connection, state: count) &priority=3
 	{
 	if ( c?$ntlm )
 		c$ntlm$success = (state == 0);
 	}
 
-event gssapi_neg_result(c: connection, state: count) &priority=-5
+event gssapi_neg_result(c: connection, state: count) &priority=-3
 	{
 	if ( c?$ntlm )
 		{
@@ -70,6 +70,18 @@ event gssapi_neg_result(c: connection, state: count) &priority=-5
 		}
 	}
 
+event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=3
+	{
+	if ( c?$ntlm &&
+	     ( c$ntlm?$username || c$ntlm?$hostname ) &&
+	     hdr$status == 0xC000006D )
+		{
+		c$ntlm$success = F;
+		Log::write(NTLM::LOG, c$ntlm);
+		c$ntlm$done = T;
+		}
+	}
+
 event connection_state_remove(c: connection) &priority=-5
 	{
 	if ( c?$ntlm && ! c$ntlm$done )
diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
index bd3fd34bb8..141acd5248 100644
--- a/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
+++ b/src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac
@@ -1,4 +1,3 @@
-# DCE/RPC protocol data unit.
 
 refine connection DCE_RPC_Conn += {
 	%member{
diff --git a/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac b/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
index 2712181d16..efe10f845d 100644
--- a/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
+++ b/src/analyzer/protocol/dce-rpc/endpoint-atsvc.pac
@@ -1,41 +1,39 @@
-#%include ../smb/smb-strings.pac
-#
-#type ATSVC_Request(unicode: bool, opnum: uint8) = record {
-#	empty: padding[1];
-#	op: case opnum of {
-#		0       -> add     : ATSVC_NetrJobAdd(unicode);
-#		default -> unknown : bytestring &restofdata;
-#	};
-#};
-#
-#type ATSVC_String_Pointer(unicode: bool) = record {
-#	referent_id  : uint32;
-#	max_count    : uint32;
-#	offset       : uint32;
-#	actual_count : uint32;
-#	string       : SMB_string(unicode, offsetof(string));
-#};
-#
-#type ATSVC_NetrJobAdd(unicode: bool) = record {
-#	server        : ATSVC_String_Pointer(unicode);
-#	unknown       : padding[2];
-#	job_time      : uint32;
-#	days_of_month : uint32;
-#	days_of_week  : uint8;
-#	flags         : uint8;
-#	unknown2      : padding[2];
-#	command       : ATSVC_String_Pointer(unicode);
-#};
-#
-#type ATSVC_Reply(unicode: bool, opnum: uint16) = record {
-#	op: case opnum of {
-#		0       -> add:     ATSVC_JobID(unicode);
-#		default -> unknown: bytestring &restofdata;
-#	};
-#};
-#
-#type ATSVC_JobID(unicode: bool) = record {
-#	id     : uint32;
-#	status : uint32;
-#};
-#
\ No newline at end of file
+
+type ATSVC_Request(unicode: bool, opnum: uint8) = record {
+	empty: padding[1];
+	op: case opnum of {
+		0       -> add     : ATSVC_NetrJobAdd(unicode);
+		default -> unknown : bytestring &restofdata;
+	};
+};
+
+type ATSVC_String_Pointer(unicode: bool) = record {
+	referent_id  : uint32;
+	max_count    : uint32;
+	offset       : uint32;
+	actual_count : uint32;
+	string       : bytestring &length=max_count;
+};
+
+type ATSVC_NetrJobAdd(unicode: bool) = record {
+	server        : ATSVC_String_Pointer(unicode);
+	unknown       : padding[2];
+	job_time      : uint32;
+	days_of_month : uint32;
+	days_of_week  : uint8;
+	flags         : uint8;
+	unknown2      : padding[2];
+	command       : ATSVC_String_Pointer(unicode);
+};
+
+type ATSVC_Reply(unicode: bool, opnum: uint16) = record {
+	op: case opnum of {
+		0       -> add:     ATSVC_JobID(unicode);
+		default -> unknown: bytestring &restofdata;
+	};
+};
+
+type ATSVC_JobID(unicode: bool) = record {
+	id     : uint32;
+	status : uint32;
+};

From b96fe860ea07314133b651751f38b33487472ea3 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 18 Apr 2016 10:50:11 -0400
Subject: [PATCH 69/84] Fix a bug in the DCE/RPC log ignoring mechanism.

---
 scripts/base/protocols/dce-rpc/main.bro | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 8a9144a1ef..600f00ac71 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -26,7 +26,7 @@ export {
 	};
 
 	const ignored_operations: table[string] of set[string] = {
-		["winreg"] = set("BaseRegCloseKey", "BaseRegGetVersion", "BaseRegOpenKey", "OpenLocalMachine", "BaseRegEnumKey"),
+		["winreg"] = set("BaseRegCloseKey", "BaseRegGetVersion", "BaseRegOpenKey", "BaseRegQueryValue", "BaseRegDeleteKeyEx", "OpenLocalMachine", "BaseRegEnumKey"),
 		["spoolss"] = set("RpcSplOpenPrinter", "RpcClosePrinter"),
 		["wkssvc"] = set("NetrWkstaGetInfo"),
 	} &redef;
@@ -155,10 +155,11 @@ event dce_rpc_response(c: connection, fid: count, opnum: count, stub_len: count)
 		{
 		# If there is not an endpoint, there isn't much reason to log.
 		# This can happen if the request isn't seen.
-		if ( (c$dce_rpc?$endpoint && (c$dce_rpc$endpoint !in ignored_operations || |ignored_operations[c$dce_rpc$endpoint]| != 0))
-		     ||
+		if ( (c$dce_rpc?$endpoint && c$dce_rpc$endpoint !in ignored_operations)
+		     || 
 		     (c$dce_rpc?$endpoint && c$dce_rpc?$operation &&
-		      c$dce_rpc?$operation && c$dce_rpc$operation !in ignored_operations[c$dce_rpc$endpoint]) )
+		      c$dce_rpc$operation !in ignored_operations[c$dce_rpc$endpoint] &&
+		      "*" !in ignored_operations[c$dce_rpc$endpoint]) )
 			{
 			Log::write(LOG, c$dce_rpc);
 			}
@@ -189,10 +190,11 @@ event connection_state_remove(c: connection)
 				}
 			}
 
-		if ( (c$dce_rpc?$endpoint && |ignored_operations[c$dce_rpc$endpoint]| != 0)
-		     ||
+		if ( (c$dce_rpc?$endpoint && c$dce_rpc$endpoint !in ignored_operations)
+		     || 
 		     (c$dce_rpc?$endpoint && c$dce_rpc?$operation &&
-		      c$dce_rpc?$operation && c$dce_rpc$operation !in ignored_operations[c$dce_rpc$endpoint]) )
+		      c$dce_rpc$operation !in ignored_operations[c$dce_rpc$endpoint] &&
+		      "*" !in ignored_operations[c$dce_rpc$endpoint]) )
 			{
 			Log::write(LOG, c$dce_rpc);
 			}

From bcdba4cc5d992fb064e377d01208175621c84a8b Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 21 Apr 2016 11:37:16 -0400
Subject: [PATCH 70/84] In SMB, don't attach the gssapi analyzer until a
 message is seen.

---
 src/analyzer/protocol/smb/smb-gssapi.pac | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/analyzer/protocol/smb/smb-gssapi.pac b/src/analyzer/protocol/smb/smb-gssapi.pac
index 741f5c5523..004bff776d 100644
--- a/src/analyzer/protocol/smb/smb-gssapi.pac
+++ b/src/analyzer/protocol/smb/smb-gssapi.pac
@@ -5,7 +5,7 @@ refine connection SMB_Conn += {
 	%}
 
 	%init{
-		gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer->Conn());
+		gssapi = 0;
 	%}
 
 	%cleanup{
@@ -15,6 +15,9 @@ refine connection SMB_Conn += {
 
 	function forward_gssapi(data: bytestring, is_orig: bool): bool
 		%{
+		if ( ! gssapi )
+			gssapi = analyzer_mgr->InstantiateAnalyzer("GSSAPI", bro_analyzer()->Conn());
+
 		if ( gssapi )
 			gssapi->DeliverStream(${data}.length(), ${data}.begin(), is_orig);
 

From d35adca9c5eed060136e6ee6980ab666a16f7147 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 21 Apr 2016 11:40:26 -0400
Subject: [PATCH 71/84] Filter out another very common DCE/RPC operation.

---
 scripts/base/protocols/dce-rpc/main.bro | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 600f00ac71..0b555463e0 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -26,7 +26,7 @@ export {
 	};
 
 	const ignored_operations: table[string] of set[string] = {
-		["winreg"] = set("BaseRegCloseKey", "BaseRegGetVersion", "BaseRegOpenKey", "BaseRegQueryValue", "BaseRegDeleteKeyEx", "OpenLocalMachine", "BaseRegEnumKey"),
+		["winreg"] = set("BaseRegCloseKey", "BaseRegGetVersion", "BaseRegOpenKey", "BaseRegQueryValue", "BaseRegDeleteKeyEx", "OpenLocalMachine", "BaseRegEnumKey", "OpenClassesRoot"),
 		["spoolss"] = set("RpcSplOpenPrinter", "RpcClosePrinter"),
 		["wkssvc"] = set("NetrWkstaGetInfo"),
 	} &redef;

From eed26c3f5f7d85eb7ccef666019ee6b7760aee30 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 21 Apr 2016 11:53:47 -0400
Subject: [PATCH 72/84] Tiny whitespace changes.

---
 src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac | 2 +-
 src/analyzer/protocol/smb/smb2-com-read.pac              | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
index 030c213902..06956b85be 100644
--- a/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
+++ b/src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac
@@ -42,7 +42,7 @@ type SMB1_tree_connect_andx_request(header: SMB_Header) = record {
 
 type SMB1_tree_connect_andx_response(header: SMB_Header) = record {
 	word_count         : uint8;
-	andx		   : SMB_andx;
+	andx               : SMB_andx;
 	optional_support   : uint16;
 	pad                : padding[(word_count-3)*2];
 	
diff --git a/src/analyzer/protocol/smb/smb2-com-read.pac b/src/analyzer/protocol/smb/smb2-com-read.pac
index b3601b3d67..ea72a337c5 100644
--- a/src/analyzer/protocol/smb/smb2-com-read.pac
+++ b/src/analyzer/protocol/smb/smb2-com-read.pac
@@ -49,7 +49,6 @@ refine connection SMB_Conn += {
 			                 bro_analyzer()->Conn(), h->is_orig());
 			}
 
-
 		if ( ${val.is_pipe} )
 			{
 			}

From 134d0922d5b2118e477a27a4ddd45f83af992e90 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 14 Jun 2016 15:34:00 -0400
Subject: [PATCH 73/84] Move the SMB analyzer out of the default load.

This also adds a note in the local.bro script about enabling
the SMB analyzer.
---
 scripts/base/init-default.bro                              | 1 -
 scripts/{base => policy}/protocols/smb/__load__.bro        | 0
 scripts/{base => policy}/protocols/smb/const-dos-error.bro | 0
 scripts/{base => policy}/protocols/smb/const-nt-status.bro | 0
 scripts/{base => policy}/protocols/smb/consts.bro          | 0
 scripts/{base => policy}/protocols/smb/dpd.sig             | 0
 scripts/{base => policy}/protocols/smb/files.bro           | 0
 scripts/{base => policy}/protocols/smb/main.bro            | 0
 scripts/{base => policy}/protocols/smb/smb1-main.bro       | 0
 scripts/{base => policy}/protocols/smb/smb2-main.bro       | 0
 scripts/site/local.bro                                     | 4 ++++
 11 files changed, 4 insertions(+), 1 deletion(-)
 rename scripts/{base => policy}/protocols/smb/__load__.bro (100%)
 rename scripts/{base => policy}/protocols/smb/const-dos-error.bro (100%)
 rename scripts/{base => policy}/protocols/smb/const-nt-status.bro (100%)
 rename scripts/{base => policy}/protocols/smb/consts.bro (100%)
 rename scripts/{base => policy}/protocols/smb/dpd.sig (100%)
 rename scripts/{base => policy}/protocols/smb/files.bro (100%)
 rename scripts/{base => policy}/protocols/smb/main.bro (100%)
 rename scripts/{base => policy}/protocols/smb/smb1-main.bro (100%)
 rename scripts/{base => policy}/protocols/smb/smb2-main.bro (100%)

diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.bro
index d0ee2238fa..727d426c68 100644
--- a/scripts/base/init-default.bro
+++ b/scripts/base/init-default.bro
@@ -58,7 +58,6 @@
 @load base/protocols/rdp
 @load base/protocols/rfb
 @load base/protocols/sip
-@load base/protocols/smb
 @load base/protocols/snmp
 @load base/protocols/smtp
 @load base/protocols/socks
diff --git a/scripts/base/protocols/smb/__load__.bro b/scripts/policy/protocols/smb/__load__.bro
similarity index 100%
rename from scripts/base/protocols/smb/__load__.bro
rename to scripts/policy/protocols/smb/__load__.bro
diff --git a/scripts/base/protocols/smb/const-dos-error.bro b/scripts/policy/protocols/smb/const-dos-error.bro
similarity index 100%
rename from scripts/base/protocols/smb/const-dos-error.bro
rename to scripts/policy/protocols/smb/const-dos-error.bro
diff --git a/scripts/base/protocols/smb/const-nt-status.bro b/scripts/policy/protocols/smb/const-nt-status.bro
similarity index 100%
rename from scripts/base/protocols/smb/const-nt-status.bro
rename to scripts/policy/protocols/smb/const-nt-status.bro
diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/policy/protocols/smb/consts.bro
similarity index 100%
rename from scripts/base/protocols/smb/consts.bro
rename to scripts/policy/protocols/smb/consts.bro
diff --git a/scripts/base/protocols/smb/dpd.sig b/scripts/policy/protocols/smb/dpd.sig
similarity index 100%
rename from scripts/base/protocols/smb/dpd.sig
rename to scripts/policy/protocols/smb/dpd.sig
diff --git a/scripts/base/protocols/smb/files.bro b/scripts/policy/protocols/smb/files.bro
similarity index 100%
rename from scripts/base/protocols/smb/files.bro
rename to scripts/policy/protocols/smb/files.bro
diff --git a/scripts/base/protocols/smb/main.bro b/scripts/policy/protocols/smb/main.bro
similarity index 100%
rename from scripts/base/protocols/smb/main.bro
rename to scripts/policy/protocols/smb/main.bro
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/policy/protocols/smb/smb1-main.bro
similarity index 100%
rename from scripts/base/protocols/smb/smb1-main.bro
rename to scripts/policy/protocols/smb/smb1-main.bro
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/policy/protocols/smb/smb2-main.bro
similarity index 100%
rename from scripts/base/protocols/smb/smb2-main.bro
rename to scripts/policy/protocols/smb/smb2-main.bro
diff --git a/scripts/site/local.bro b/scripts/site/local.bro
index 8c6e495a07..da0f2d8654 100644
--- a/scripts/site/local.bro
+++ b/scripts/site/local.bro
@@ -88,3 +88,7 @@
 # Uncomment the following line to enable logging of connection VLANs. Enabling
 # this adds two VLAN fields to the conn.log file.
 # @load policy/protocols/conn/vlan-logging
+
+# Uncomment the following line to enable the SMB analyzer.  The analyzer
+# is currently considered a preview and therefore not loaded by default.
+# @load policy/protocols/smb

From 8eb67a0a6cff79c491117b7e4feb825a3319545c Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 20 Jun 2016 16:22:57 -0400
Subject: [PATCH 74/84] Update tests to match move of smb base scripts into
 policy/

---
 .../scripts/base/protocols/smb/smb1-transaction-dcerpc.test     | 2 +-
 testing/btest/scripts/base/protocols/smb/smb1.test              | 2 +-
 testing/btest/scripts/base/protocols/smb/smb2.test              | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test b/testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test
index 52f05c57b4..359b050670 100644
--- a/testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test
+++ b/testing/btest/scripts/base/protocols/smb/smb1-transaction-dcerpc.test
@@ -2,4 +2,4 @@
 # @TEST-EXEC: btest-diff dce_rpc.log
 
 @load base/protocols/dce-rpc
-@load base/protocols/smb
+@load policy/protocols/smb
diff --git a/testing/btest/scripts/base/protocols/smb/smb1.test b/testing/btest/scripts/base/protocols/smb/smb1.test
index 61727754dc..e151d48ada 100644
--- a/testing/btest/scripts/base/protocols/smb/smb1.test
+++ b/testing/btest/scripts/base/protocols/smb/smb1.test
@@ -1,4 +1,4 @@
 # @TEST-EXEC: bro -b -r $TRACES/smb/smb1.pcap %INPUT
 # @TEST-EXEC: btest-diff smb_files.log
 
-@load base/protocols/smb
+@load policy/protocols/smb
diff --git a/testing/btest/scripts/base/protocols/smb/smb2.test b/testing/btest/scripts/base/protocols/smb/smb2.test
index 5684d7ddf8..1a1dc980ca 100644
--- a/testing/btest/scripts/base/protocols/smb/smb2.test
+++ b/testing/btest/scripts/base/protocols/smb/smb2.test
@@ -5,5 +5,5 @@
 # @TEST-EXEC: test ! -f dpd.log
 # @TEST-EXEC: test ! -f weird.log
 
-@load base/protocols/smb
+@load policy/protocols/smb
 

From 0e49b9ef98c69f81ee623e7bed808b7cc8619104 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Mon, 20 Jun 2016 16:23:49 -0400
Subject: [PATCH 75/84] Fix a small poor implementation in SMB string handling.

---
 src/analyzer/protocol/smb/smb-strings.pac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/analyzer/protocol/smb/smb-strings.pac b/src/analyzer/protocol/smb/smb-strings.pac
index f72225752b..2f5ecdf1a4 100644
--- a/src/analyzer/protocol/smb/smb-strings.pac
+++ b/src/analyzer/protocol/smb/smb-strings.pac
@@ -59,7 +59,7 @@ function extract_string(s: SMB_string) : StringVal
 	const char* sp;
 	bool ascii = true;
 
-	if ( s->val_case_index() == 0 )
+	if ( s->unicode() == 0 )
 		{
 		length = s->a()->size();
 		char *buf = new char[length];

From be92821a6944957d431d2d408a551b8e3e501543 Mon Sep 17 00:00:00 2001
From: Johanna Amann <johanna@icir.org>
Date: Mon, 20 Jun 2016 14:53:48 -0700
Subject: [PATCH 76/84] SMB: fix number of small issues.

Changes:
* change virtual to override where appropriate
* analyzer triggered assert in debug mode because it did not call Done()
  on manually instantiated analyzers.
* added a few length checks to methods
* commented unused code and removed a few unused class members
---
 src/analyzer/protocol/dce-rpc/DCE_RPC.cc      |  4 +-
 src/analyzer/protocol/dce-rpc/DCE_RPC.h       | 14 +++----
 src/analyzer/protocol/dce-rpc/Plugin.cc       |  1 -
 src/analyzer/protocol/gssapi/GSSAPI.h         |  8 ++--
 .../protocol/gssapi/gssapi-analyzer.pac       |  3 ++
 src/analyzer/protocol/netbios/NetbiosSSN.h    | 16 ++++----
 src/analyzer/protocol/ntlm/NTLM.h             |  8 ++--
 src/analyzer/protocol/ntlm/ntlm-analyzer.pac  |  4 +-
 src/analyzer/protocol/smb/SMB.cc              | 41 +++++++++++--------
 src/analyzer/protocol/smb/SMB.h               | 24 +++++------
 src/analyzer/protocol/smb/pipe-mssql-tds.pac  |  2 +-
 src/analyzer/protocol/smb/smb-gssapi.pac      |  3 ++
 src/analyzer/protocol/smb/smb-pipe.pac        |  7 +++-
 src/analyzer/protocol/smb/smb-strings.pac     |  5 +--
 14 files changed, 75 insertions(+), 65 deletions(-)

diff --git a/src/analyzer/protocol/dce-rpc/DCE_RPC.cc b/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
index 0099160d9e..e93a2541f7 100644
--- a/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
+++ b/src/analyzer/protocol/dce-rpc/DCE_RPC.cc
@@ -37,7 +37,7 @@ void DCE_RPC_Analyzer::EndpointEOF(bool is_orig)
 	TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
 	interp->FlowEOF(is_orig);
 	}
-	
+
 void DCE_RPC_Analyzer::Undelivered(uint64 seq, int len, bool orig)
 	{
 	TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
@@ -49,7 +49,7 @@ void DCE_RPC_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
 	TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
 
 	assert(TCP());
-	try 
+	try
 		{
 		interp->NewData(orig, data, data + len);
 		}
diff --git a/src/analyzer/protocol/dce-rpc/DCE_RPC.h b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
index 4f1da1612d..800e180fa1 100644
--- a/src/analyzer/protocol/dce-rpc/DCE_RPC.h
+++ b/src/analyzer/protocol/dce-rpc/DCE_RPC.h
@@ -16,7 +16,7 @@
 
 namespace analyzer { namespace dce_rpc {
 
-class UUID {
+/* class UUID {
 public:
 	UUID();
 	UUID(const u_char data[16]);
@@ -75,7 +75,7 @@ struct dce_rpc_endpoint_addr {
 
 		return string(buf);
 		}
-};
+}; */
 
 /*
 enum DCE_RPC_PTYPE {
@@ -180,10 +180,10 @@ public:
 	DCE_RPC_Analyzer(Connection* conn);
 	~DCE_RPC_Analyzer();
 
-	virtual void Done();
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
-	virtual void Undelivered(uint64 seq, int len, bool orig);
-	virtual void EndpointEOF(bool is_orig);
+	void Done() override;
+	void DeliverStream(int len, const u_char* data, bool orig) override;
+	void Undelivered(uint64 seq, int len, bool orig) override;
+	void EndpointEOF(bool is_orig) override;
 
 	bool SetFileID(uint64 fid_in)
 		{ interp->set_file_id(fid_in); return true; }
@@ -195,6 +195,6 @@ protected:
 	binpac::DCE_RPC::DCE_RPC_Conn* interp;
 };
 
-} } // namespace analyzer::* 
+} } // namespace analyzer::*
 
 #endif /* dce_rpc_h */
diff --git a/src/analyzer/protocol/dce-rpc/Plugin.cc b/src/analyzer/protocol/dce-rpc/Plugin.cc
index f4335bb045..c4d250921d 100644
--- a/src/analyzer/protocol/dce-rpc/Plugin.cc
+++ b/src/analyzer/protocol/dce-rpc/Plugin.cc
@@ -13,7 +13,6 @@ public:
 	plugin::Configuration Configure()
 		{
 		AddComponent(new ::analyzer::Component("DCE_RPC", ::analyzer::dce_rpc::DCE_RPC_Analyzer::Instantiate));
-		//AddComponent(new ::analyzer::Component("Contents_DCE_RPC", 0));
 
 		plugin::Configuration config;
 		config.name = "Bro::DCE_RPC";
diff --git a/src/analyzer/protocol/gssapi/GSSAPI.h b/src/analyzer/protocol/gssapi/GSSAPI.h
index 3cb39c6536..2fd01a3ab5 100644
--- a/src/analyzer/protocol/gssapi/GSSAPI.h
+++ b/src/analyzer/protocol/gssapi/GSSAPI.h
@@ -19,13 +19,13 @@ public:
 	virtual ~GSSAPI_Analyzer();
 
 	// Overriden from Analyzer.
-	virtual void Done();
+	void Done() override;
 
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
-	virtual void Undelivered(uint64 seq, int len, bool orig);
+	void DeliverStream(int len, const u_char* data, bool orig) override;
+	void Undelivered(uint64 seq, int len, bool orig) override;
 
 	// Overriden from tcp::TCP_ApplicationAnalyzer.
-	virtual void EndpointEOF(bool is_orig);
+	void EndpointEOF(bool is_orig) override;
 
 	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new GSSAPI_Analyzer(conn); }
diff --git a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
index 934e0fd292..e502fff923 100644
--- a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
+++ b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
@@ -10,7 +10,10 @@ refine connection GSSAPI_Conn += {
 
 	%cleanup{
 		if ( ntlm )
+			{
+			ntlm->Done();
 			delete ntlm;
+			}
 	%}
 
 	function forward_ntlm(data: bytestring, is_orig: bool): bool
diff --git a/src/analyzer/protocol/netbios/NetbiosSSN.h b/src/analyzer/protocol/netbios/NetbiosSSN.h
index 455d44d12f..1d7ad284e0 100644
--- a/src/analyzer/protocol/netbios/NetbiosSSN.h
+++ b/src/analyzer/protocol/netbios/NetbiosSSN.h
@@ -124,7 +124,7 @@ public:
 	NetbiosSSN_State State() const		{ return state; }
 
 protected:
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	void DeliverStream(int len, const u_char* data, bool orig) override;
 
 	NetbiosSSN_Interpreter* interp;
 
@@ -144,17 +144,17 @@ public:
 	NetbiosSSN_Analyzer(Connection* conn);
 	~NetbiosSSN_Analyzer();
 
-	virtual void Done();
-	virtual void DeliverPacket(int len, const u_char* data, bool orig,
-					uint64 seq, const IP_Hdr* ip, int caplen);
+	void Done() override;
+	void DeliverPacket(int len, const u_char* data, bool orig,
+					uint64 seq, const IP_Hdr* ip, int caplen) override;
 
 	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new NetbiosSSN_Analyzer(conn); }
 
 protected:
-	virtual void ConnectionClosed(tcp::TCP_Endpoint* endpoint,
-					tcp::TCP_Endpoint* peer, int gen_event);
-	virtual void EndpointEOF(bool is_orig);
+	void ConnectionClosed(tcp::TCP_Endpoint* endpoint,
+					tcp::TCP_Endpoint* peer, int gen_event) override;
+	void EndpointEOF(bool is_orig) override;
 
 	void ExpireTimer(double t);
 
@@ -168,6 +168,6 @@ protected:
 // FIXME: Doesn't really fit into new analyzer structure. What to do?
 int IsReuse(double t, const u_char* pkt);
 
-} } // namespace analyzer::* 
+} } // namespace analyzer::*
 
 #endif
diff --git a/src/analyzer/protocol/ntlm/NTLM.h b/src/analyzer/protocol/ntlm/NTLM.h
index 77a56eb94f..41117ac176 100644
--- a/src/analyzer/protocol/ntlm/NTLM.h
+++ b/src/analyzer/protocol/ntlm/NTLM.h
@@ -19,13 +19,13 @@ public:
 	virtual ~NTLM_Analyzer();
 
 	// Overriden from Analyzer.
-	virtual void Done();
+	void Done() override;
 
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
-	virtual void Undelivered(uint64 seq, int len, bool orig);
+	void DeliverStream(int len, const u_char* data, bool orig) override;
+	void Undelivered(uint64 seq, int len, bool orig) override;
 
 	// Overriden from tcp::TCP_ApplicationAnalyzer.
-	virtual void EndpointEOF(bool is_orig);
+	void EndpointEOF(bool is_orig) override;
 
 	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new NTLM_Analyzer(conn); }
diff --git a/src/analyzer/protocol/ntlm/ntlm-analyzer.pac b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
index fbe4bbdeb1..73083bcfb5 100644
--- a/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
+++ b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac
@@ -6,10 +6,10 @@ refine connection NTLM_Conn += {
 		%{
 		double secs = (ts / 10000000.0);
 
-		// Bro can't support times back to the 1600's 
+		// Bro can't support times back to the 1600's
 		// so we subtract a lot of seconds.
 		Val* bro_ts = new Val(secs - 11644473600.0, TYPE_TIME);
-		
+
 		return bro_ts;
 		%}
 
diff --git a/src/analyzer/protocol/smb/SMB.cc b/src/analyzer/protocol/smb/SMB.cc
index cb35afcf07..6eaae487c9 100644
--- a/src/analyzer/protocol/smb/SMB.cc
+++ b/src/analyzer/protocol/smb/SMB.cc
@@ -33,7 +33,7 @@ void SMB_Analyzer::EndpointEOF(bool is_orig)
 	TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
 	interp->FlowEOF(is_orig);
 	}
-	
+
 void SMB_Analyzer::Undelivered(uint64 seq, int len, bool orig)
 	{
 	TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
@@ -46,10 +46,10 @@ void SMB_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
 
 	assert(TCP());
 
-	try 
+	try
 		{
 		interp->NewData(orig, data, data + len);
-		// Let's assume that if there are no binpac exceptions after 
+		// Let's assume that if there are no binpac exceptions after
 		// 3 data chunks that this is probably actually SMB.
 		if ( chunks >= 3 )
 			ProtocolConfirmation();
@@ -93,8 +93,11 @@ void Contents_SMB::Undelivered(uint64 seq, int len, bool orig)
 	NeedResync();
 	}
 
-bool Contents_SMB::HasSMBHeader(const u_char* data)
+bool Contents_SMB::HasSMBHeader(int len, const u_char* data)
 	{
+	if ( len < 8 )
+		return false;
+
 	return (strncmp((const char*) data+4, "\xffSMB", 4) == 0 ||
 	        strncmp((const char*) data+4, "\xfeSMB", 4) == 0);
 	}
@@ -102,12 +105,16 @@ bool Contents_SMB::HasSMBHeader(const u_char* data)
 void Contents_SMB::DeliverSMB(int len, const u_char* data)
 	{
 	// Check the 4-byte header.
-	if ( ! HasSMBHeader(data) )
+	if ( ! HasSMBHeader(len, data) )
 		{
-		Conn()->Weird(fmt("SMB-over-TCP header error: %02x %05x, >>\\x%02x%c%c%c<<",
-			//dshdr[0], dshdr[1], dshdr[2], dshdr[3],
-			msg_type, msg_len,
-			data[0], data[1], data[2], data[3]));
+		if ( len >= 4 )
+			Conn()->Weird(fmt("SMB-over-TCP header error: %02x %05x, >>\\x%02x%c%c%c<<",
+				//dshdr[0], dshdr[1], dshdr[2], dshdr[3],
+				msg_type, msg_len,
+				data[0], data[1], data[2], data[3]));
+		else
+			Conn()->Weird(fmt("SMB-over-TCP header error: %02x %05x", msg_type, msg_len));
+
 		NeedResync();
 		}
 	else
@@ -121,21 +128,21 @@ bool Contents_SMB::CheckResync(int& len, const u_char*& data, bool orig)
 	if (resync_state == INSYNC)
 		return true;
 
-	// This is an attempt to re-synchronize the stream after a content gap.  
-	// Returns true if we are in sync. 
+	// This is an attempt to re-synchronize the stream after a content gap.
+	// Returns true if we are in sync.
 	// Returns false otherwise (we are in resync mode)
 	//
-	// We try to look for the beginning of a SMB message, assuming 
-	// SMB messages start at packet boundaries (though they may span 
+	// We try to look for the beginning of a SMB message, assuming
+	// SMB messages start at packet boundaries (though they may span
 	// over multiple packets) (note that the data* of DeliverStream()
-	// usually starts at a packet boundrary). 
+	// usually starts at a packet boundrary).
 	//
 	// Now lets see whether data points to the beginning of a
 	// SMB message. If the resync processs is successful, we should
 	// be at the beginning of a frame.
 
 	// check if the SMB header starts with an SMB1 or SMB2 marker
-	if ( ! HasSMBHeader(data) )
+	if ( ! HasSMBHeader(len, data) )
 		{
 		NeedResync();
 		return false;
@@ -151,7 +158,7 @@ bool Contents_SMB::CheckResync(int& len, const u_char*& data, bool orig)
 void Contents_SMB::DeliverStream(int len, const u_char* data, bool orig)
 	{
 	TCP_SupportAnalyzer::DeliverStream(len, data, orig);
-	
+
 	if (!CheckResync(len, data, orig))
 		return;   // Not in sync yet. Still resyncing
 
@@ -178,7 +185,7 @@ void Contents_SMB::DeliverStream(int len, const u_char* data, bool orig)
 				const u_char *dummy_p = msg_buf.GetBuf();
 				int dummy_len = (int) msg_buf.GetFill();
 				DeliverSMB(dummy_len, dummy_p);
-				
+
 				state = WAIT_FOR_HDR;
 				}
 			}
diff --git a/src/analyzer/protocol/smb/SMB.h b/src/analyzer/protocol/smb/SMB.h
index 2a91b5dc54..0920894b23 100644
--- a/src/analyzer/protocol/smb/SMB.h
+++ b/src/analyzer/protocol/smb/SMB.h
@@ -15,7 +15,7 @@ public:
 	Contents_SMB(Connection* conn, bool orig);
 	~Contents_SMB();
 
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	void DeliverStream(int len, const u_char* data, bool orig) override;
 
 protected:
 	typedef enum {
@@ -26,20 +26,18 @@ protected:
 		NEED_RESYNC,
 		INSYNC,
 	} resync_state_t;
-	virtual void Init();
+	void Init() override;
 	virtual bool CheckResync(int& len, const u_char*& data, bool orig);
-	virtual void Undelivered(uint64 seq, int len, bool orig);
+	void Undelivered(uint64 seq, int len, bool orig) override;
 	virtual void NeedResync() {
 		resync_state = NEED_RESYNC;
 		state = WAIT_FOR_HDR;
 	}
 
-	bool HasSMBHeader(const u_char* data);
+	bool HasSMBHeader(int len, const u_char* data);
 
 	void DeliverSMB(int len, const u_char* data);
 
-	binpac::SMB::SMB_Conn* smb_session;
-
 	rpc::RPC_Reasm_Buffer hdr_buf; // Reassembles the NetBIOS length and glue.
 	rpc::RPC_Reasm_Buffer msg_buf; // Reassembles the SMB message.
 	int msg_len;
@@ -54,25 +52,23 @@ class SMB_Analyzer : public tcp::TCP_ApplicationAnalyzer {
 public:
 	SMB_Analyzer(Connection* conn);
 	virtual ~SMB_Analyzer();
-	
-	virtual void Done();
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
-	virtual void Undelivered(uint64 seq, int len, bool orig);
-	virtual void EndpointEOF(bool is_orig);
+
+	void Done() override;
+	void DeliverStream(int len, const u_char* data, bool orig) override;
+	void Undelivered(uint64 seq, int len, bool orig) override;
+	void EndpointEOF(bool is_orig) override;
 
 	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new SMB_Analyzer(conn); }
 
 protected:
 	binpac::SMB::SMB_Conn* interp;
-	Contents_SMB* o_smb;
-	Contents_SMB* r_smb;
 
 	// Count the number of chunks received by the analyzer
 	// but only used to count the first few.
 	uint8 chunks;
 };
 
-} } // namespace analyzer::* 
+} } // namespace analyzer::*
 
 #endif
diff --git a/src/analyzer/protocol/smb/pipe-mssql-tds.pac b/src/analyzer/protocol/smb/pipe-mssql-tds.pac
index c50fbe069a..f0104449ad 100644
--- a/src/analyzer/protocol/smb/pipe-mssql-tds.pac
+++ b/src/analyzer/protocol/smb/pipe-mssql-tds.pac
@@ -64,6 +64,6 @@ type TDS_Token_EnvChange = record {
 };
 
 type TDS_Token_Info = record {
-	
+
 };
 
diff --git a/src/analyzer/protocol/smb/smb-gssapi.pac b/src/analyzer/protocol/smb/smb-gssapi.pac
index 004bff776d..0a933e8286 100644
--- a/src/analyzer/protocol/smb/smb-gssapi.pac
+++ b/src/analyzer/protocol/smb/smb-gssapi.pac
@@ -10,7 +10,10 @@ refine connection SMB_Conn += {
 
 	%cleanup{
 		if ( gssapi )
+			{
+			gssapi->Done();
 			delete gssapi;
+			}
 	%}
 
 	function forward_gssapi(data: bytestring, is_orig: bool): bool
diff --git a/src/analyzer/protocol/smb/smb-pipe.pac b/src/analyzer/protocol/smb/smb-pipe.pac
index 6f55d66082..4b995cfe3d 100644
--- a/src/analyzer/protocol/smb/smb-pipe.pac
+++ b/src/analyzer/protocol/smb/smb-pipe.pac
@@ -5,7 +5,7 @@
 refine connection SMB_Conn += {
 	%member{
 		map<uint16,bool> tree_is_pipe_map;
-		map<uint64,analyzer::dce_rpc::DCE_RPC_Analyzer*> fid_to_analyzer_map;
+		map<uint64,analyzer::dce_rpc::DCE_RPC_Analyzer*> fid_to_analyzer_map;;
 	%}
 
 	%cleanup{
@@ -13,7 +13,10 @@ refine connection SMB_Conn += {
 		for ( auto kv : fid_to_analyzer_map )
 			{
 			if ( kv.second )
+				{
+				kv.second->Done();
 				delete kv.second;
+				}
 			}
 	%}
 
@@ -50,4 +53,4 @@ refine connection SMB_Conn += {
 
 		return true;
 		%}
-};
\ No newline at end of file
+};
diff --git a/src/analyzer/protocol/smb/smb-strings.pac b/src/analyzer/protocol/smb/smb-strings.pac
index 2f5ecdf1a4..aef50b6fc7 100644
--- a/src/analyzer/protocol/smb/smb-strings.pac
+++ b/src/analyzer/protocol/smb/smb-strings.pac
@@ -1,11 +1,10 @@
-function uint8s_to_stringval(s: uint8[]): StringVal
+function uint8s_to_stringval(data: uint8[]): StringVal
 	%{
 	int length = 0;
 
 	const char* sp;
 	bool ascii = true;
 
-	vector<uint8>* data = s;
 	length = data->size();
 	// Scan the string once to see if it's all ascii
 	// embedded in UCS-2 (16 bit unicode).
@@ -21,7 +20,7 @@ function uint8s_to_stringval(s: uint8[]): StringVal
 
 	char *buf = new char[length];
 
-	for ( int i = 0; i < length; i=i+2)
+	for ( int i = 0; i + 1 < length; i=i+2) // check if we may read the character after the current one (else-case)
 		{
 		if ( ascii )
 			{

From 91161f790c13717e0deb35ecb821a7ee8b9978ea Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 28 Jun 2016 10:30:41 -0400
Subject: [PATCH 77/84] SMB test clean up and docs

---
 scripts/base/init-default.bro                 |   3 +
 scripts/base/protocols/dce-rpc/main.bro       |   2 +
 scripts/base/protocols/ntlm/main.bro          |  56 +-
 scripts/base/protocols/smb/__load__.bro       |   3 +
 .../protocols/smb/const-dos-error.bro         |   0
 .../protocols/smb/const-nt-status.bro         |   0
 .../{policy => base}/protocols/smb/consts.bro |   0
 scripts/policy/protocols/smb/__load__.bro     |   5 +-
 scripts/policy/protocols/smb/main.bro         |   1 -
 scripts/policy/protocols/smb/smb1-main.bro    |  11 +-
 scripts/test-all-policy.bro                   |   5 +
 src/analyzer/protocol/dce-rpc/events.bif      |  59 ++
 src/analyzer/protocol/smb/CMakeLists.txt      |   7 +-
 src/analyzer/protocol/smb/smb-time.pac        |  21 +-
 .../smb/smb1-com-create-directory.pac         |   6 +-
 src/analyzer/protocol/smb/smb1-com-echo.pac   |   6 +-
 .../protocol/smb/smb1-com-negotiate.pac       |  37 +-
 .../protocol/smb/smb1-com-transaction.pac     |  16 +-
 .../protocol/smb/smb1-com-transaction2.pac    |  14 +-
 .../protocol/smb/smb1_com_check_directory.bif |  14 +-
 .../smb/smb1_com_create_directory.bif         |  18 +-
 src/analyzer/protocol/smb/smb1_com_echo.bif   |  24 +-
 .../protocol/smb/smb1_com_logoff_andx.bif     |   2 +-
 .../protocol/smb/smb1_com_negotiate.bif       |  14 +-
 .../protocol/smb/smb1_com_nt_cancel.bif       |   6 +-
 .../protocol/smb/smb1_com_nt_create_andx.bif  |  18 +-
 .../smb/smb1_com_query_information.bif        |   8 +-
 .../protocol/smb/smb1_com_transaction.bif     |  14 +-
 .../protocol/smb/smb1_com_transaction2.bif    |  48 +-
 .../smb/smb1_com_tree_connect_andx.bif        |  16 +-
 .../protocol/smb/smb1_com_tree_disconnect.bif |   4 +
 src/analyzer/protocol/smb/smb1_events.bif     |   4 +-
 src/analyzer/protocol/smb/smb2_com_close.bif  |  18 +
 src/analyzer/protocol/smb/smb2_com_create.bif |  21 +
 .../protocol/smb/smb2_com_session_setup.bif   |  15 +
 .../protocol/smb/smb2_com_set_info.bif        |   7 +
 .../protocol/smb/smb2_com_tree_connect.bif    |  15 +
 src/analyzer/protocol/smb/smb2_events.bif     |   7 +
 src/analyzer/protocol/smb/smb_ntlmssp.bif     |   0
 src/analyzer/protocol/smb/smb_pipe.bif        |  12 -
 .../Baseline/core.print-bpf-filters/output2   |   9 +-
 .../canonified_loaded_scripts.log             |  41 +-
 .../canonified_loaded_scripts.log             |  51 +-
 testing/btest/Baseline/plugins.hooks/output   | 596 +++++++++++-------
 .../all-events.log                            | 420 ++++++------
 .../smtp-events.log                           |  88 +--
 46 files changed, 1094 insertions(+), 648 deletions(-)
 create mode 100644 scripts/base/protocols/smb/__load__.bro
 rename scripts/{policy => base}/protocols/smb/const-dos-error.bro (100%)
 rename scripts/{policy => base}/protocols/smb/const-nt-status.bro (100%)
 rename scripts/{policy => base}/protocols/smb/consts.bro (100%)
 delete mode 100644 src/analyzer/protocol/smb/smb_ntlmssp.bif
 delete mode 100644 src/analyzer/protocol/smb/smb_pipe.bif

diff --git a/scripts/base/init-default.bro b/scripts/base/init-default.bro
index f91255c586..ba78bea98b 100644
--- a/scripts/base/init-default.bro
+++ b/scripts/base/init-default.bro
@@ -60,6 +60,9 @@
 @load base/protocols/rfb
 @load base/protocols/sip
 @load base/protocols/snmp
+# This DOES NOT enable the SMB analyzer.  It's just some base support 
+# for other protocols.
+@load base/protocols/smb
 @load base/protocols/smtp
 @load base/protocols/socks
 @load base/protocols/ssh
diff --git a/scripts/base/protocols/dce-rpc/main.bro b/scripts/base/protocols/dce-rpc/main.bro
index 0b555463e0..c757c52686 100644
--- a/scripts/base/protocols/dce-rpc/main.bro
+++ b/scripts/base/protocols/dce-rpc/main.bro
@@ -25,6 +25,8 @@ export {
 		operation  : string   &log &optional;
 	};
 
+	## These are DCE-RPC operations that are ignored, typically due 
+	## the operations being noisy and low valueon most networks.
 	const ignored_operations: table[string] of set[string] = {
 		["winreg"] = set("BaseRegCloseKey", "BaseRegGetVersion", "BaseRegOpenKey", "BaseRegQueryValue", "BaseRegDeleteKeyEx", "OpenLocalMachine", "BaseRegEnumKey", "OpenClassesRoot"),
 		["spoolss"] = set("RpcSplOpenPrinter", "RpcClosePrinter"),
diff --git a/scripts/base/protocols/ntlm/main.bro b/scripts/base/protocols/ntlm/main.bro
index 1656242766..30797862f4 100644
--- a/scripts/base/protocols/ntlm/main.bro
+++ b/scripts/base/protocols/ntlm/main.bro
@@ -1,3 +1,5 @@
+@load base/protocols/smb
+
 module NTLM;
 
 export {
@@ -11,17 +13,37 @@ export {
 		## The connection's 4-tuple of endpoint addresses/ports.
 		id         : conn_id  &log;
 
-		username: string &log &optional;
-		hostname: string &log &optional;
-		domainname: string &log &optional;
+		## Username given by the client.
+		username   : string   &log &optional;
+		## Hostname given by the client.
+		hostname   : string   &log &optional;
+		## Domainname given by the client.
+		domainname : string   &log &optional;
 
 		## Indicate whether or not the authentication was successful.
-		success: bool &log &optional;
+		success    : bool     &log &optional;
+		## A string representation of the status code that was 
+		## returned in response to the authentication attempt.
+		status     : string   &log &optional;
 
 		## Internally used field to indicate if the login attempt 
 		## has already been logged.
-		done: bool &default=F;
+		done: bool  &default=F;
 	};
+
+	## DOS and NT status codes that indicate authentication failure.
+	const auth_failure_statuses: set[count] = {
+		0x052e0001, # logonfailure
+		0x08c00002, # badClient
+		0x08c10002, # badLogonTime
+		0x08c20002, # passwordExpired
+		0xC0000022, # ACCESS_DENIED
+		0xC000006A, # WRONG_PASSWORD
+		0xC000006F, # INVALID_LOGON_HOURS
+		0xC0000070, # INVALID_WORKSTATION
+		0xC0000071, # PASSWORD_EXPIRED
+		0xC0000072, # ACCOUNT_DISABLED
+	} &redef;
 }
 
 redef record connection += {
@@ -60,7 +82,7 @@ event gssapi_neg_result(c: connection, state: count) &priority=3
 
 event gssapi_neg_result(c: connection, state: count) &priority=-3
 	{
-	if ( c?$ntlm )
+	if ( c?$ntlm && ! c$ntlm$done )
 		{
 		if ( c$ntlm?$username || c$ntlm?$hostname )
 			{
@@ -70,13 +92,27 @@ event gssapi_neg_result(c: connection, state: count) &priority=-3
 		}
 	}
 
+event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=3
+	{
+	if ( c?$ntlm && ! c$ntlm$done &&
+	     ( c$ntlm?$username || c$ntlm?$hostname ) )
+		{
+		c$ntlm$success = (hdr$status !in auth_failure_statuses);
+		c$ntlm$status = SMB::statuses[hdr$status]$id;
+
+		Log::write(NTLM::LOG, c$ntlm);
+		c$ntlm$done = T;
+		}
+	}
+
 event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=3
 	{
-	if ( c?$ntlm &&
-	     ( c$ntlm?$username || c$ntlm?$hostname ) &&
-	     hdr$status == 0xC000006D )
+	if ( c?$ntlm && ! c$ntlm$done &&
+	     ( c$ntlm?$username || c$ntlm?$hostname ) )
 		{
-		c$ntlm$success = F;
+		c$ntlm$success = (hdr$status !in auth_failure_statuses);
+		c$ntlm$status = SMB::statuses[hdr$status]$id;
+
 		Log::write(NTLM::LOG, c$ntlm);
 		c$ntlm$done = T;
 		}
diff --git a/scripts/base/protocols/smb/__load__.bro b/scripts/base/protocols/smb/__load__.bro
new file mode 100644
index 0000000000..975d204851
--- /dev/null
+++ b/scripts/base/protocols/smb/__load__.bro
@@ -0,0 +1,3 @@
+@load ./consts
+@load ./const-dos-error
+@load ./const-nt-status
diff --git a/scripts/policy/protocols/smb/const-dos-error.bro b/scripts/base/protocols/smb/const-dos-error.bro
similarity index 100%
rename from scripts/policy/protocols/smb/const-dos-error.bro
rename to scripts/base/protocols/smb/const-dos-error.bro
diff --git a/scripts/policy/protocols/smb/const-nt-status.bro b/scripts/base/protocols/smb/const-nt-status.bro
similarity index 100%
rename from scripts/policy/protocols/smb/const-nt-status.bro
rename to scripts/base/protocols/smb/const-nt-status.bro
diff --git a/scripts/policy/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.bro
similarity index 100%
rename from scripts/policy/protocols/smb/consts.bro
rename to scripts/base/protocols/smb/consts.bro
diff --git a/scripts/policy/protocols/smb/__load__.bro b/scripts/policy/protocols/smb/__load__.bro
index 34973466d2..31c8469c60 100644
--- a/scripts/policy/protocols/smb/__load__.bro
+++ b/scripts/policy/protocols/smb/__load__.bro
@@ -1,6 +1,5 @@
-@load ./consts
-@load ./const-dos-error
-@load ./const-nt-status
+@load base/protocols/smb
+
 @load ./main
 @load ./smb1-main
 @load ./smb2-main
diff --git a/scripts/policy/protocols/smb/main.bro b/scripts/policy/protocols/smb/main.bro
index b6dcae08c6..02dc054aa8 100644
--- a/scripts/policy/protocols/smb/main.bro
+++ b/scripts/policy/protocols/smb/main.bro
@@ -1,4 +1,3 @@
-@load ./consts
 
 module SMB;
 
diff --git a/scripts/policy/protocols/smb/smb1-main.bro b/scripts/policy/protocols/smb/smb1-main.bro
index 236e4d6984..a188ed7c2a 100644
--- a/scripts/policy/protocols/smb/smb1-main.bro
+++ b/scripts/policy/protocols/smb/smb1-main.bro
@@ -262,7 +262,7 @@ event smb1_trans2_get_dfs_referral_request(c: connection, hdr: SMB1::Header, fil
 	c$smb_state$current_cmd$argument = file_name;
 	}
 
-event smb1_trans2_query_path_info_request(c: connection, hdr: SMB1::Header, file_name: string, level_of_interets: count)
+event smb1_trans2_query_path_info_request(c: connection, hdr: SMB1::Header, file_name: string)
 	{
 	c$smb_state$current_cmd$argument = file_name;
 	}
@@ -358,12 +358,3 @@ event smb1_error(c: connection, hdr: SMB1::Header, is_orig: bool)
 			}
 		}
 	}
-
-#event smb1_transaction_setup(c: connection, hdr: SMB1::Header, op_code: count, file_id: count)
-#	{
-#	local uuid = SMB::rpc_uuids[c$smb_state$pipe_map[file_id]];
-#	if ( uuid in SMB::rpc_uuids )
-#		{
-#		print fmt("smb1_transaction_setup %s", SMB::rap_cmds[op_code]);
-#		}
-#	}
\ No newline at end of file
diff --git a/scripts/test-all-policy.bro b/scripts/test-all-policy.bro
index 2299fd3043..1267b2818e 100644
--- a/scripts/test-all-policy.bro
+++ b/scripts/test-all-policy.bro
@@ -83,6 +83,11 @@
 @load protocols/modbus/track-memmap.bro
 @load protocols/mysql/software.bro
 @load protocols/rdp/indicate_ssl.bro
+@load protocols/smb/__load__.bro
+@load protocols/smb/files.bro
+@load protocols/smb/main.bro
+@load protocols/smb/smb1-main.bro
+@load protocols/smb/smb2-main.bro
 @load protocols/smtp/blocklists.bro
 @load protocols/smtp/detect-suspicious-orig.bro
 @load protocols/smtp/entities-excerpt.bro
diff --git a/src/analyzer/protocol/dce-rpc/events.bif b/src/analyzer/protocol/dce-rpc/events.bif
index 44e0a64224..7d4274c1df 100644
--- a/src/analyzer/protocol/dce-rpc/events.bif
+++ b/src/analyzer/protocol/dce-rpc/events.bif
@@ -1,15 +1,74 @@
+## Generated for every DCE-RPC message.
+##
+## c: The connection.
+##
+## is_orig: True if the message was sent by the originator of the TCP connection.
+##
+## fid: File ID of the PIPE that carried the DCE-RPC message. Zero will be used if the
+##      DCE-RPC was not transported over a pipe.
+##
+## ptype_id: Numeric representation of the procedure type of the message.
+##
+## ptype: Enum representation of the prodecure type of the message.
+##
 ## .. bro:see:: dce_rpc_bind dce_rpc_bind_ack dce_rpc_request dce_rpc_response
 event dce_rpc_message%(c: connection, is_orig: bool, fid: count, ptype_id: count, ptype: DCE_RPC::PType%);
 
+## Generated for every DCE-RPC bind request message. Since RPC offers the ability 
+## for a client to request connections to multiple endpoints, this event can occur 
+## multiple times for a single RPC message.
+##
+## c: The connection.
+##
+## fid: File ID of the PIPE that carried the DCE-RPC message. Zero will be used if the
+##      DCE-RPC was not transported over a pipe.
+##
+## uuid: The string interpretted uuid of the endpoint being requested.
+##
+## ver_major: The major version of the endpoint being requested.
+##
+## ver_minor: The minor version of the endpoint being requested.
+##
 ## .. bro:see:: dce_rpc_message dce_rpc_bind_ack dce_rpc_request dce_rpc_response
 event dce_rpc_bind%(c: connection, fid: count, uuid: string, ver_major: count, ver_minor: count%);
 
+## Generated for every DCE-RPC bind request ack message.
+##
+## c: The connection.
+##
+## fid: File ID of the PIPE that carried the DCE-RPC message. Zero will be used if the
+##      DCE-RPC was not transported over a pipe.
+##
+## sec_addr: Secondary address for the ack.
+##
 ## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_request dce_rpc_response
 event dce_rpc_bind_ack%(c: connection, fid: count, sec_addr: string%);
 
+## Generated for every DCE-RPC request message.
+##
+## c: The connection.
+##
+## fid: File ID of the PIPE that carried the DCE-RPC message. Zero will be used if the
+##      DCE-RPC was not transported over a pipe.
+##
+## opnum: Number of the RPC operation.
+##
+## stub_len: Length of the data for the request.
+##
 ## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_bind_ack dce_rpc_response
 event dce_rpc_request%(c: connection, fid: count, opnum: count, stub_len: count%);
 
+## Generated for every DCE-RPC response message.
+##
+## c: The connection.
+##
+## fid: File ID of the PIPE that carried the DCE-RPC message. Zero will be used if the
+##      DCE-RPC was not transported over a pipe.
+##
+## opnum: Number of the RPC operation.
+##
+## stub_len: Length of the data for the response.
+##
 ## .. bro:see:: dce_rpc_message dce_rpc_bind dce_rpc_bind_ack dce_rpc_request
 event dce_rpc_response%(c: connection, fid: count, opnum: count, stub_len: count%);
 
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index 9cb9e36113..5b9ca3469f 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -26,18 +26,17 @@ bro_plugin_bif(
 
 	smb2_com_close.bif
 	smb2_com_create.bif
-	smb2_com_ioctl.bif
-	smb2_com_lock.bif
+	#smb2_com_ioctl.bif
+	#smb2_com_lock.bif
 	smb2_com_negotiate.bif
 	smb2_com_read.bif
 	smb2_com_session_setup.bif
 	smb2_com_set_info.bif
 	smb2_com_tree_connect.bif
-	smb2_com_tree_disconnect.bif
+	#smb2_com_tree_disconnect.bif
 	smb2_com_write.bif
 	smb2_events.bif
 
-	smb_pipe.bif
 	types.bif)
 bro_plugin_pac(
 	smb.pac
diff --git a/src/analyzer/protocol/smb/smb-time.pac b/src/analyzer/protocol/smb/smb-time.pac
index 6f1ffc90e9..cf507722d8 100644
--- a/src/analyzer/protocol/smb/smb-time.pac
+++ b/src/analyzer/protocol/smb/smb-time.pac
@@ -21,6 +21,20 @@ function filetime2brotime(ts: uint64): Val
 	return bro_ts;
 	%}
 
+function time_from_lanman(t: SMB_time, d: SMB_date, tz: uint16): Val
+	%{
+	tm lTime;
+	lTime.tm_sec = ${t.two_seconds} * 2;
+	lTime.tm_min = ${t.minutes};
+	lTime.tm_hour = ${t.hours};
+	lTime.tm_mday = ${d.day};
+	lTime.tm_mon = ${d.month};
+	lTime.tm_year = 1980 + ${d.year};
+	double lResult = mktime(&lTime);
+	return new Val(lResult + tz, TYPE_TIME);
+	%}
+
+
 type SMB_timestamp32 = uint32;
 type SMB_timestamp = uint64;
 
@@ -35,10 +49,3 @@ type SMB_date = record {
 	month : uint16;
 	year  : uint16;
 } &byteorder = littleendian;
-
-
-#type SMB2_timestamp = record {
-#	lowbits           : uint32;
-#	highbits          : uint32;
-#} &byteorder = littleendian;
-#
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1-com-create-directory.pac b/src/analyzer/protocol/smb/smb1-com-create-directory.pac
index 4a7bd96455..bdb72ba1f6 100644
--- a/src/analyzer/protocol/smb/smb1-com-create-directory.pac
+++ b/src/analyzer/protocol/smb/smb1-com-create-directory.pac
@@ -4,15 +4,15 @@ refine connection SMB_Conn += {
 		%{
 		if ( smb1_create_directory_request )
 			BifEvent::generate_smb1_create_directory_request(bro_analyzer(), bro_analyzer()->Conn(),
-									 BuildHeaderVal(header), 
-									 smb_string2stringval(${val.directory_name}));
+			                                                 BuildHeaderVal(header), 
+			                                                 smb_string2stringval(${val.directory_name}));
 		return true;
 		%}
 	function proc_smb1_create_directory_response(header: SMB_Header, val: SMB1_create_directory_response): bool
 		%{
 		if ( smb1_create_directory_response )
 			BifEvent::generate_smb1_create_directory_response(bro_analyzer(), bro_analyzer()->Conn(),
-									  BuildHeaderVal(header)); 
+			                                                  BuildHeaderVal(header)); 
 		return true;
 		%}
 
diff --git a/src/analyzer/protocol/smb/smb1-com-echo.pac b/src/analyzer/protocol/smb/smb1-com-echo.pac
index eea16cd669..198839cd0d 100644
--- a/src/analyzer/protocol/smb/smb1-com-echo.pac
+++ b/src/analyzer/protocol/smb/smb1-com-echo.pac
@@ -3,14 +3,16 @@ refine connection SMB_Conn += {
 	function proc_smb1_echo_request(header: SMB_Header, val: SMB1_echo_request): bool
 		%{
 		if ( smb1_echo_request )
-			BifEvent::generate_smb1_echo_request(bro_analyzer(), bro_analyzer()->Conn(), bytestring_to_val(${val.data}));
+			BifEvent::generate_smb1_echo_request(bro_analyzer(), bro_analyzer()->Conn(), 
+			                                     ${val.echo_count}, bytestring_to_val(${val.data}));
 		return true;
 		%}
 	
 	function proc_smb1_echo_response(header: SMB_Header, val: SMB1_echo_response): bool
 		%{
 		if ( smb1_echo_response )
-			BifEvent::generate_smb1_echo_response(bro_analyzer(), bro_analyzer()->Conn(), bytestring_to_val(${val.data}));
+			BifEvent::generate_smb1_echo_response(bro_analyzer(), bro_analyzer()->Conn(), 
+			                                      ${val.seq_num}, bytestring_to_val(${val.data}));
 		return true;
 		%}
 
diff --git a/src/analyzer/protocol/smb/smb1-com-negotiate.pac b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
index 74941694ff..304a253335 100644
--- a/src/analyzer/protocol/smb/smb1-com-negotiate.pac
+++ b/src/analyzer/protocol/smb/smb1-com-negotiate.pac
@@ -9,34 +9,6 @@
 # server MUST be rejected with error responses. The server MUST NOT
 # take any other action.
 
-%header{
-	double time_from_lanman(const uint16 two_seconds, const uint16 minutes, const uint16 hours, 
-	       			const uint16 day, const uint16 month, const uint16 year, const uint16 tz);
-	double time_from_ntlm(const uint64 time, const uint16 tz);
-%}
-
-%code{
-
-	double time_from_lanman(const uint16 two_seconds, const uint16 minutes, const uint16 hours, 
-	       			const uint16 day, const uint16 month, const uint16 year, const uint16 tz)
-		{
-		tm lTime;
-		lTime.tm_sec = two_seconds * 2;
-		lTime.tm_min = minutes;
-		lTime.tm_hour = hours;
-		lTime.tm_mday = day;
-		lTime.tm_mon = month;
-		lTime.tm_year = 1980 + year;
-		time_t lResult = mktime(&lTime);
-		return lResult + tz;
-		}
-
-	double time_from_ntlm(const uint64 time, const uint16 tz)
-		{
-		return (time - 11644473600)/100000000.0;
-		}
-%}
-
 refine connection SMB_Conn += {
 
 	function proc_smb1_negotiate_request(header: SMB_Header, val: SMB1_negotiate_request): bool
@@ -98,10 +70,7 @@ refine connection SMB_Conn += {
 					lanman->Assign(5, new Val(${val.lanman.max_number_vcs}, TYPE_COUNT));
 					lanman->Assign(6, raw);
 					lanman->Assign(7, new Val(${val.lanman.session_key}, TYPE_COUNT));
-					lanman->Assign(8, new Val(time_from_lanman(${val.lanman.server_time.two_seconds}, ${val.lanman.server_time.minutes}, 
-							  	                   ${val.lanman.server_time.hours}, ${val.lanman.server_date.day}, 
-									           ${val.lanman.server_date.month}, ${val.lanman.server_date.year}, 
-									           ${val.lanman.server_tz}), TYPE_TIME));
+					lanman->Assign(8, time_from_lanman(${val.lanman.server_time}, ${val.lanman.server_date}, ${val.lanman.server_tz}));
 					lanman->Assign(9, bytestring_to_val(${val.lanman.encryption_key}));
 
 					lanman->Assign(10, smb_string2stringval(${val.lanman.primary_domain}));
@@ -150,7 +119,7 @@ refine connection SMB_Conn += {
 					ntlm->Assign(6, new Val(${val.ntlm.max_raw_size}, TYPE_COUNT));
 					ntlm->Assign(7, new Val(${val.ntlm.session_key}, TYPE_COUNT));
 					ntlm->Assign(8, capabilities);
-					ntlm->Assign(9, new Val(time_from_ntlm(${val.ntlm.server_time}, ${val.ntlm.server_tz}), TYPE_TIME));
+					ntlm->Assign(9, filetime2brotime(${val.ntlm.server_time}));
 
 					if ( ${val.ntlm.capabilities_extended_security} == false ) 
 						{
@@ -167,9 +136,9 @@ refine connection SMB_Conn += {
 				}
 			BifEvent::generate_smb1_negotiate_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), response);
 			}
+		
 		return true;
 		%}
-
 };
 
 type SMB_dialect = record {
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index 40d9657378..e7d390db4e 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -46,18 +46,6 @@ refine connection SMB_Conn += {
 		//printf("transaction_response\n");
 		return true;
 		%}
-
-	function proc_smb1_transaction_setup(header: SMB_Header, val: SMB1_transaction_setup): bool
-		%{
-		if ( smb1_transaction_setup )
-			BifEvent::generate_smb1_transaction_setup(bro_analyzer(), 
-			                                          bro_analyzer()->Conn(),
-			                                          BuildHeaderVal(header),
-			                                          ${val.op_code},
-			                                          ${val.file_id});
-		return true;
-		%}
-
 };
 
 
@@ -74,10 +62,8 @@ type SMB1_transaction_data(header: SMB_Header, is_orig: bool, count: uint16, sub
 };
 
 type SMB1_transaction_setup(header: SMB_Header) = record {
-	op_code	: uint16;
+	op_code : uint16;
 	file_id : uint16;
-} &let {
-	proc: bool = $context.connection.proc_smb1_transaction_setup(header, this);
 }
 
 type SMB1_transaction_request(header: SMB_Header) = record {
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction2.pac b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
index 561f879cf9..a65ba823a0 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction2.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction2.pac
@@ -30,8 +30,8 @@ refine connection SMB_Conn += {
 
 	function proc_smb1_transaction2_response(header: SMB_Header, val: SMB1_transaction2_response): bool
 		%{
-//		if ( smb1_transaction2_response )
-//			BifEvent::generate_smb1_transaction2_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), new Val(${val.sub_cmd}, TYPE_COUNT));
+		//if ( smb1_transaction2_response )
+		//	BifEvent::generate_smb1_transaction2_response(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), ${val.sub_cmd});
 		return true;
 		%}
 
@@ -197,8 +197,7 @@ refine connection SMB_Conn += {
 			{
 			BifEvent::generate_smb1_trans2_query_path_info_request(bro_analyzer(), bro_analyzer()->Conn(), \
 																   BuildHeaderVal(header), \
-																   smb_string2stringval(${val.file_name}),\
-																   ${val.level_of_interest});
+																   smb_string2stringval(${val.file_name}));
 			
 			}
 		return true;
@@ -214,7 +213,7 @@ refine connection SMB_Conn += {
 };
 
 type trans2_query_path_info_request(header: SMB_Header) = record {
-	level_of_interest : uint16;
+	information_level : uint16;
 	reserved          : uint32;
 	file_name         : SMB_string(header.unicode, offsetof(file_name));
 } &let {
@@ -249,7 +248,7 @@ refine connection SMB_Conn += {
 
 type trans2_query_file_info_request(header: SMB_Header) = record {
 	file_id           : uint16;
-	level_of_interest : uint16;
+	information_level : uint16;
 } &let {
 	proc : bool = $context.connection.proc_trans2_query_file_info_request(header, this);
 };
@@ -302,8 +301,7 @@ refine connection SMB_Conn += {
 			{
 			BifEvent::generate_smb1_trans2_get_dfs_referral_request(bro_analyzer(), bro_analyzer()->Conn(), \
 																	BuildHeaderVal(header), \
-																	smb_string2stringval(${val.file_name}),\
-																	${val.max_referral_level});
+																	smb_string2stringval(${val.file_name}));
 			}
 		return true;
 		%}
diff --git a/src/analyzer/protocol/smb/smb1_com_check_directory.bif b/src/analyzer/protocol/smb/smb1_com_check_directory.bif
index 481b120a8a..b5b311a34c 100644
--- a/src/analyzer/protocol/smb/smb1_com_check_directory.bif
+++ b/src/analyzer/protocol/smb/smb1_com_check_directory.bif
@@ -1,5 +1,15 @@
-## TODO
+## Generated for SMB/CIFS requests of type *check directory*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## directory_name: The directory name to check for existence.
 event smb1_check_directory_request%(c: connection, hdr: SMB1::Header, directory_name: string%);
 
-## TODO
+## Generated for SMB/CIFS responses of type *check directory*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
 event smb1_check_directory_response%(c: connection, hdr: SMB1::Header%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_create_directory.bif b/src/analyzer/protocol/smb/smb1_com_create_directory.bif
index 2a402851a9..a445090dec 100644
--- a/src/analyzer/protocol/smb/smb1_com_create_directory.bif
+++ b/src/analyzer/protocol/smb/smb1_com_create_directory.bif
@@ -1,5 +1,19 @@
-## TODO
+## Generated for SMB/CIFS requests of type *create directory*.  This is also
+## a deprecated command which has been replaced by the trans2_create_directory 
+## subcommand.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## directory_name: The name of the directory to create.
 event smb1_create_directory_request%(c: connection, hdr: SMB1::Header, directory_name: string%);
 
-## TODO
+## Generated for SMB/CIFS responses of type *create directory*.  This is also
+## a deprecated command which has been replaced by the trans2_create_directory 
+## subcommand.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
 event smb1_create_directory_response%(c: connection, hdr: SMB1::Header%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_echo.bif b/src/analyzer/protocol/smb/smb1_com_echo.bif
index cd2900488e..4d3249ec2f 100644
--- a/src/analyzer/protocol/smb/smb1_com_echo.bif
+++ b/src/analyzer/protocol/smb/smb1_com_echo.bif
@@ -1,5 +1,21 @@
-## TODO
-event smb1_echo_request%(c: connection, data: string%);
+## Generated for SMB/CIFS requests of type *echo*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## echo_count: The number of times the server should echo the data back.
+## 
+## data: The data for the server to echo.
+event smb1_echo_request%(c: connection, echo_count: count, data: string%);
 
-## TODO
-event smb1_echo_response%(c: connection, data: string%);
\ No newline at end of file
+## Generated for SMB/CIFS responses of type *negotiate*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## seq_num: The sequence number of this echo reply.
+## 
+## data: The data echoed back from the client.
+event smb1_echo_response%(c: connection, seq_num: count, data: string%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_logoff_andx.bif b/src/analyzer/protocol/smb/smb1_com_logoff_andx.bif
index ce6508e719..c1aac83795 100644
--- a/src/analyzer/protocol/smb/smb1_com_logoff_andx.bif
+++ b/src/analyzer/protocol/smb/smb1_com_logoff_andx.bif
@@ -6,6 +6,6 @@
 ##
 ## c: The connection.
 ##
-## hdr: The parsed header of the SMB message.
+## is_orig: Indicates which host sent the logoff message..
 event smb1_logoff_andx%(c: connection, is_orig: bool%);
 
diff --git a/src/analyzer/protocol/smb/smb1_com_negotiate.bif b/src/analyzer/protocol/smb/smb1_com_negotiate.bif
index 4c0ad96883..08c6d4b7b2 100644
--- a/src/analyzer/protocol/smb/smb1_com_negotiate.bif
+++ b/src/analyzer/protocol/smb/smb1_com_negotiate.bif
@@ -1,25 +1,19 @@
 ## Generated for SMB/CIFS messages of type *negotiate*.
 ##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
-##
 ## c: The connection.
 ##
 ## hdr: The parsed header of the SMB message.
+##
+## dialects: The SMB dialects supported by the client.
 event smb1_negotiate_request%(c: connection, hdr: SMB1::Header, dialects: string_vec%);
 
-## Generated for SMB/CIFS messages of type *negotiate response*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for more
-## information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses both
-## SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+## Generated for SMB/CIFS responses of type *negotiate*.
 ##
 ## c: The connection.
 ##
 ## hdr: The parsed header of the SMB message.
 ##
-## dialect_index: The ``dialect`` indicated in the message.
+## response: A record structure containing more information from the response.
 event smb1_negotiate_response%(c: connection, hdr: SMB1::Header, response: SMB1::NegotiateResponse%);
 
 #### Types
diff --git a/src/analyzer/protocol/smb/smb1_com_nt_cancel.bif b/src/analyzer/protocol/smb/smb1_com_nt_cancel.bif
index 2e53103690..51533d513f 100644
--- a/src/analyzer/protocol/smb/smb1_com_nt_cancel.bif
+++ b/src/analyzer/protocol/smb/smb1_com_nt_cancel.bif
@@ -1,2 +1,6 @@
-## TODO
+## Generated for SMB/CIFS requests of type *nt cancel*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
 event smb1_nt_cancel_request%(c: connection, hdr: SMB1::Header%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif b/src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif
index 365b7dfed5..3124098534 100644
--- a/src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif
+++ b/src/analyzer/protocol/smb/smb1_com_nt_create_andx.bif
@@ -1,8 +1,4 @@
-## Generated for SMB/CIFS messages of type *nt create andx*.
-##
-## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
-## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
-## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+## Generated for SMB/CIFS requests of type *nt create andx*.
 ##
 ## c: The connection.
 ##
@@ -10,6 +6,18 @@
 ##
 ## name: The ``name`` attribute  specified in the message.
 event smb1_nt_create_andx_request%(c: connection, hdr: SMB1::Header, file_name: string%);
+
+## Generated for SMB/CIFS responses of type *nt create andx*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## file_id: The SMB2 GUID for the file.
+##
+## file_size: Size of the file.
+##
+## times: Timestamps associated with the file in question.
 event smb1_nt_create_andx_response%(c: connection, hdr: SMB1::Header, file_id: count, file_size: count, times: SMB::MACTimes%);
 
 
diff --git a/src/analyzer/protocol/smb/smb1_com_query_information.bif b/src/analyzer/protocol/smb/smb1_com_query_information.bif
index a209f3d777..e85a524b94 100644
--- a/src/analyzer/protocol/smb/smb1_com_query_information.bif
+++ b/src/analyzer/protocol/smb/smb1_com_query_information.bif
@@ -1,3 +1,9 @@
-# TODO
+## Generated for SMB/CIFS request messages of type *query information*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## filename: The filename that the client is querying.
 event smb1_query_information_request%(c: connection, hdr: SMB1::Header, filename: string%);
 
diff --git a/src/analyzer/protocol/smb/smb1_com_transaction.bif b/src/analyzer/protocol/smb/smb1_com_transaction.bif
index 3ab02a51e6..77cb9c0aeb 100644
--- a/src/analyzer/protocol/smb/smb1_com_transaction.bif
+++ b/src/analyzer/protocol/smb/smb1_com_transaction.bif
@@ -1,5 +1,11 @@
-# TODO - Description
+## Generated for SMB/CIFS requests of type *transaction*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## name: A name string that MAY identify the resource (a specific Mailslot or Named Pipe) 
+##       against which the operation is performed.
+##
+## sub_cmd: The sub command, some may be parsed and have their own events.
 event smb1_transaction_request%(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count%);
-
-# TODO - Description
-event smb1_transaction_setup%(c: connection, hdr: SMB1::Header, op_code: count, file_id: count%);
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/smb1_com_transaction2.bif b/src/analyzer/protocol/smb/smb1_com_transaction2.bif
index 1430098f00..43ad09f311 100644
--- a/src/analyzer/protocol/smb/smb1_com_transaction2.bif
+++ b/src/analyzer/protocol/smb/smb1_com_transaction2.bif
@@ -1,35 +1,59 @@
 ### Requests
 
 
-# TODO - Description
+## Generated for SMB/CIFS requests of type *transaction2*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## sub_cmd: The sub command, some are parsed and have their own events.
 event smb1_transaction2_request%(c: connection, hdr: SMB1::Header, sub_cmd: count%);
 
-# TODO - Description
+## Generated for SMB/CIFS transaction2 requests of type *find first2*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## args: A record data structure with arguments given to the command.
 event smb1_trans2_find_first2_request%(c: connection, hdr: SMB1::Header, args: SMB1::Find_First2_Request_Args%);
 
 # TODO - Implementation
 # event smb1_trans2_fs_info_request%(c: connection, hdr: SMB1::Header, ??? %);
 
-# TODO - Description
-event smb1_trans2_query_path_info_request%(c: connection, hdr: SMB1::Header, file_name: string, level_of_interest: count%);
+## Generated for SMB/CIFS transaction2 requests of type *query path info*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## file_name: File name the request is in reference to. 
+event smb1_trans2_query_path_info_request%(c: connection, hdr: SMB1::Header, file_name: string%);
 
-# TODO - Description
-event smb1_trans2_query_file_info_request%(c: connection, hdr: SMB1::Header, file_id: count, level_of_interest: count%);
+# TODO - Implementation
+# event smb1_trans2_query_file_info_request%(c: connection, hdr: SMB1::Header, file_id: count, information_level: count%);
 
 # TODO - Implementation
 # event smb1_trans2_set_file_info_request(c: connection, hdr: SMB1::Header, ??? %);
 
-# TODO - Description
-event smb1_trans2_get_dfs_referral_request%(c: connection, hdr: SMB1::Header, file_name: string, max_referral_level: count%);
+## Generated for SMB/CIFS transaction2 requests of type *get DFS referral*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## file_name: File name the request is in reference to.
+event smb1_trans2_get_dfs_referral_request%(c: connection, hdr: SMB1::Header, file_name: string%);
+
 
 ### Responses
 
-
-# TODO - Description
+# TODO - Implementation
 event smb1_transaction2_response%(c: connection, hdr: SMB1::Header, sub_cmd: count%);
 
-# TODO - Description
-event smb1_trans2_find_first2_response%(c: connection, hdr: SMB1::Header, args: SMB1::Find_First2_Response_Args%);
+# TODO - Implementation
+# event smb1_trans2_find_first2_response%(c: connection, hdr: SMB1::Header, args: SMB1::Find_First2_Response_Args%);
 
 # TODO - Implementation
 # event smb1_trans2_fs_info_response%(c: connection, hdr: SMB1::Header, ??? %);
diff --git a/src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif b/src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif
index 9ac2e4fd48..0457eefc63 100644
--- a/src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif
+++ b/src/analyzer/protocol/smb/smb1_com_tree_connect_andx.bif
@@ -1,4 +1,4 @@
-## Generated for SMB/CIFS messages of type *tree connect andx*.
+## Generated for SMB/CIFS requests of type *tree connect andx*.
 ##
 ## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
 ## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
@@ -12,5 +12,19 @@
 ##
 ## service: The ``service`` attribute specified in the message.
 event smb1_tree_connect_andx_request%(c: connection, hdr: SMB1::Header, path: string, service: string%);
+
+## Generated for SMB/CIFS responses of type *tree connect andx*.
+##
+## See `Wikipedia <http://en.wikipedia.org/wiki/Server_Message_Block>`__ for
+## more information about the SMB/CIFS protocol. Bro's SMB/CIFS analyzer parses
+## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB message.
+##
+## service: The ``service`` attribute specified in the message.
+##
+## native_file_system: The file system of the remote server as indicate by the server.
 event smb1_tree_connect_andx_response%(c: connection, hdr: SMB1::Header, service: string, native_file_system: string%);
 
diff --git a/src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif b/src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif
index 55a1b5cefd..481ed018b6 100644
--- a/src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif
+++ b/src/analyzer/protocol/smb/smb1_com_tree_disconnect.bif
@@ -5,5 +5,9 @@
 ## both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
 ##
 ## c: The connection.
+##
+## hdr: A record representing the SMB1 header.
+##
+## is_orig: True if the message was from the originator.
 event smb1_tree_disconnect%(c: connection, hdr: SMB1::Header, is_orig: bool%);
 
diff --git a/src/analyzer/protocol/smb/smb1_events.bif b/src/analyzer/protocol/smb/smb1_events.bif
index 1de3e777f6..ad942c86ee 100644
--- a/src/analyzer/protocol/smb/smb1_events.bif
+++ b/src/analyzer/protocol/smb/smb1_events.bif
@@ -9,7 +9,7 @@
 ## hdr: The parsed header of the SMB message.
 ##
 ## is_orig: True if the message was sent by the originator of the underlying
-##       transport-level connection.
+##          transport-level connection.
 event smb1_message%(c: connection, hdr: SMB1::Header, is_orig: bool%);
 
 ## Generated when there is an SMB response with no message body.
@@ -27,6 +27,6 @@ event smb1_empty_response%(c: connection, hdr: SMB1::Header%);
 ## hdr: The parsed header of the SMB message.
 ##
 ## is_orig: True if the message was sent by the originator of the underlying
-##       transport-level connection.
+##          transport-level connection.
 event smb1_error%(c: connection, hdr: SMB1::Header, is_orig: bool%);
 
diff --git a/src/analyzer/protocol/smb/smb2_com_close.bif b/src/analyzer/protocol/smb/smb2_com_close.bif
index 27d7369175..85b0ec53a1 100644
--- a/src/analyzer/protocol/smb/smb2_com_close.bif
+++ b/src/analyzer/protocol/smb/smb2_com_close.bif
@@ -1,4 +1,22 @@
+## Generated for SMB2 request messages of type *close*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## file_name: The SMB2 GUID of the file being closed.
 event smb2_close_request%(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID%);
+
+## Generated for SMB2 response messages of type *close*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## response: A record of attributes returned from the server from the close.
 event smb2_close_response%(c: connection, hdr: SMB2::Header, response: SMB2::CloseResponse%);
 
+
+#### Types
+
 type SMB2::CloseResponse: record;
diff --git a/src/analyzer/protocol/smb/smb2_com_create.bif b/src/analyzer/protocol/smb/smb2_com_create.bif
index 39c5979053..aae5a23c01 100644
--- a/src/analyzer/protocol/smb/smb2_com_create.bif
+++ b/src/analyzer/protocol/smb/smb2_com_create.bif
@@ -1,2 +1,23 @@
+## Generated for SMB2 request messages of type *create*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## file_name: The name of the file being requested.
 event smb2_create_request%(c: connection, hdr: SMB2::Header, file_name: string%);
+
+## Generated for SMB2 response messages of type *create*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## file_id: The SMB2 GUID for the file.
+##
+## size: Size of the file.
+##
+## times: Timestamps associated with the file in question.
+##
+## attrs: File attributes.
 event smb2_create_response%(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, size: count, times: SMB::MACTimes, attrs: SMB2::FileAttrs%);
diff --git a/src/analyzer/protocol/smb/smb2_com_session_setup.bif b/src/analyzer/protocol/smb/smb2_com_session_setup.bif
index 03873ac834..f49e47ff0b 100644
--- a/src/analyzer/protocol/smb/smb2_com_session_setup.bif
+++ b/src/analyzer/protocol/smb/smb2_com_session_setup.bif
@@ -1,4 +1,19 @@
+## Generated for SMB2 request messages of type *session_setup*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## request: A record containing more information related to the request.
 event smb2_session_setup_request%(c: connection, hdr: SMB2::Header, request: SMB2::SessionSetupRequest%);
+
+## Generated for SMB2 response messages of type *session_setup*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## response: A record containing more information related to the response.
 event smb2_session_setup_response%(c: connection, hdr: SMB2::Header, response: SMB2::SessionSetupResponse%);
 
 #### Types
diff --git a/src/analyzer/protocol/smb/smb2_com_set_info.bif b/src/analyzer/protocol/smb/smb2_com_set_info.bif
index c750f88b32..dbb5d27cfe 100644
--- a/src/analyzer/protocol/smb/smb2_com_set_info.bif
+++ b/src/analyzer/protocol/smb/smb2_com_set_info.bif
@@ -1,3 +1,10 @@
+## Generated for SMB2 request messages of type *set_info*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## request: A record containing more information related to the request.
 event smb2_set_info_request%(c: connection, hdr: SMB2::Header, request: SMB2::SetInfoRequest%);
 
 type SMB2::SetInfoRequest: record;
diff --git a/src/analyzer/protocol/smb/smb2_com_tree_connect.bif b/src/analyzer/protocol/smb/smb2_com_tree_connect.bif
index 466ae34a74..90501e341a 100644
--- a/src/analyzer/protocol/smb/smb2_com_tree_connect.bif
+++ b/src/analyzer/protocol/smb/smb2_com_tree_connect.bif
@@ -1,4 +1,19 @@
+## Generated for SMB2 request messages of type *tree_connect*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## path: Path of the requested tree.
 event smb2_tree_connect_request%(c: connection, hdr: SMB2::Header, path: string%);
+
+## Generated for SMB2 response messages of type *tree_connect*.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## response: A record with more information related to the response.
 event smb2_tree_connect_response%(c: connection, hdr: SMB2::Header, response: SMB2::TreeConnectResponse%);
 
 type SMB2::TreeConnectResponse: record;
diff --git a/src/analyzer/protocol/smb/smb2_events.bif b/src/analyzer/protocol/smb/smb2_events.bif
index 20a090f06b..edfd226a8d 100644
--- a/src/analyzer/protocol/smb/smb2_events.bif
+++ b/src/analyzer/protocol/smb/smb2_events.bif
@@ -1,3 +1,10 @@
+## Generated for all SMB2 messages.
+##
+## c: The connection.
+##
+## hdr: The parsed header of the SMB2 message.
+##
+## is_orig: True if the message came from the originator side.
 event smb2_message%(c: connection, hdr: SMB2::Header, is_orig: bool%);
 
 
diff --git a/src/analyzer/protocol/smb/smb_ntlmssp.bif b/src/analyzer/protocol/smb/smb_ntlmssp.bif
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/src/analyzer/protocol/smb/smb_pipe.bif b/src/analyzer/protocol/smb/smb_pipe.bif
deleted file mode 100644
index 9bc65166f7..0000000000
--- a/src/analyzer/protocol/smb/smb_pipe.bif
+++ /dev/null
@@ -1,12 +0,0 @@
-## TODO - Description
-event smb_pipe_bind_request%(c: connection, hdr: SMB1::Header, uuid: string, version: string%);
-
-## TODO - Description
-event smb_pipe_bind_ack_response%(c: connection, hdr: SMB1::Header%);
-
-## TODO - Description
-event smb_pipe_request%(c: connection, hdr: SMB1::Header, op_num: count%);
-
-## TODO - Description
-event smb_pipe_response%(c: connection, hdr: SMB1::Header%);
-
diff --git a/testing/btest/Baseline/core.print-bpf-filters/output2 b/testing/btest/Baseline/core.print-bpf-filters/output2
index 3321684b43..53d4189bf7 100644
--- a/testing/btest/Baseline/core.print-bpf-filters/output2
+++ b/testing/btest/Baseline/core.print-bpf-filters/output2
@@ -1,4 +1,5 @@
 2 1080
+1 135
 1 137
 1 143
 1 1434
@@ -50,8 +51,8 @@
 1 992
 1 993
 1 995
-57 and
-56 or
-57 port
-39 tcp
+58 and
+57 or
+58 port
+40 tcp
 18 udp
diff --git a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
index 05b7adcd11..034ec8f5cb 100644
--- a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
@@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2016-05-02-20-39-26
+#open	2016-06-24-17-42-28
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@@ -63,6 +63,7 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_BitTorrent.events.bif.bro
     build/scripts/base/bif/plugins/Bro_ConnSize.events.bif.bro
     build/scripts/base/bif/plugins/Bro_ConnSize.functions.bif.bro
+    build/scripts/base/bif/plugins/Bro_DCE_RPC.types.bif.bro
     build/scripts/base/bif/plugins/Bro_DCE_RPC.events.bif.bro
     build/scripts/base/bif/plugins/Bro_DHCP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_DNP3.events.bif.bro
@@ -72,6 +73,8 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_FTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_FTP.functions.bif.bro
     build/scripts/base/bif/plugins/Bro_Gnutella.events.bif.bro
+    build/scripts/base/bif/plugins/Bro_GSSAPI.types.bif.bro
+    build/scripts/base/bif/plugins/Bro_GSSAPI.events.bif.bro
     build/scripts/base/bif/plugins/Bro_GTPv1.events.bif.bro
     build/scripts/base/bif/plugins/Bro_HTTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_HTTP.functions.bif.bro
@@ -89,6 +92,8 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_NCP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_NetBIOS.events.bif.bro
     build/scripts/base/bif/plugins/Bro_NetBIOS.functions.bif.bro
+    build/scripts/base/bif/plugins/Bro_NTLM.types.bif.bro
+    build/scripts/base/bif/plugins/Bro_NTLM.events.bif.bro
     build/scripts/base/bif/plugins/Bro_NTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_PIA.events.bif.bro
     build/scripts/base/bif/plugins/Bro_POP3.events.bif.bro
@@ -99,7 +104,37 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_RPC.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SIP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SNMP.events.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.events.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_check_directory.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_close.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_create_directory.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_echo.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_logoff_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_negotiate.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_nt_create_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_nt_cancel.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_query_information.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_read_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_session_setup_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_transaction.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_transaction2.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_tree_connect_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_tree_disconnect.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_write_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_events.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_close.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_create.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_ioctl.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_lock.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_negotiate.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_read.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_session_setup.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_set_info.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_connect.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_disconnect.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_write.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_events.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb_pipe.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.types.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.functions.bif.bro
     build/scripts/base/bif/plugins/Bro_SOCKS.events.bif.bro
@@ -134,4 +169,4 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_SQLiteWriter.sqlite.bif.bro
 scripts/policy/misc/loaded-scripts.bro
   scripts/base/utils/paths.bro
-#close	2016-05-02-20-39-26
+#close	2016-06-24-17-42-28
diff --git a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
index da62a25117..34b9d08fd1 100644
--- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
@@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2016-06-07-19-22-42
+#open	2016-06-24-17-59-13
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@@ -63,6 +63,7 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_BitTorrent.events.bif.bro
     build/scripts/base/bif/plugins/Bro_ConnSize.events.bif.bro
     build/scripts/base/bif/plugins/Bro_ConnSize.functions.bif.bro
+    build/scripts/base/bif/plugins/Bro_DCE_RPC.types.bif.bro
     build/scripts/base/bif/plugins/Bro_DCE_RPC.events.bif.bro
     build/scripts/base/bif/plugins/Bro_DHCP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_DNP3.events.bif.bro
@@ -72,6 +73,8 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_FTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_FTP.functions.bif.bro
     build/scripts/base/bif/plugins/Bro_Gnutella.events.bif.bro
+    build/scripts/base/bif/plugins/Bro_GSSAPI.types.bif.bro
+    build/scripts/base/bif/plugins/Bro_GSSAPI.events.bif.bro
     build/scripts/base/bif/plugins/Bro_GTPv1.events.bif.bro
     build/scripts/base/bif/plugins/Bro_HTTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_HTTP.functions.bif.bro
@@ -89,6 +92,8 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_NCP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_NetBIOS.events.bif.bro
     build/scripts/base/bif/plugins/Bro_NetBIOS.functions.bif.bro
+    build/scripts/base/bif/plugins/Bro_NTLM.types.bif.bro
+    build/scripts/base/bif/plugins/Bro_NTLM.events.bif.bro
     build/scripts/base/bif/plugins/Bro_NTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_PIA.events.bif.bro
     build/scripts/base/bif/plugins/Bro_POP3.events.bif.bro
@@ -99,7 +104,37 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_RPC.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SIP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SNMP.events.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.events.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_check_directory.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_close.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_create_directory.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_echo.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_logoff_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_negotiate.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_nt_create_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_nt_cancel.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_query_information.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_read_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_session_setup_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_transaction.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_transaction2.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_tree_connect_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_tree_disconnect.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_com_write_andx.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb1_events.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_close.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_create.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_ioctl.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_lock.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_negotiate.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_read.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_session_setup.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_set_info.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_connect.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_disconnect.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_write.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb2_events.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.smb_pipe.bif.bro
+    build/scripts/base/bif/plugins/Bro_SMB.types.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.functions.bif.bro
     build/scripts/base/bif/plugins/Bro_SOCKS.events.bif.bro
@@ -225,6 +260,10 @@ scripts/base/init-default.bro
     scripts/base/protocols/conn/inactivity.bro
     scripts/base/protocols/conn/polling.bro
     scripts/base/protocols/conn/thresholds.bro
+  scripts/base/protocols/dce-rpc/__load__.bro
+    scripts/base/protocols/dce-rpc/consts.bro
+    scripts/base/protocols/dce-rpc/main.bro
+    scripts/base/protocols/dce-rpc/endpoint-atsvc.bro
   scripts/base/protocols/dhcp/__load__.bro
     scripts/base/protocols/dhcp/consts.bro
     scripts/base/protocols/dhcp/main.bro
@@ -272,6 +311,12 @@ scripts/base/init-default.bro
   scripts/base/protocols/mysql/__load__.bro
     scripts/base/protocols/mysql/main.bro
       scripts/base/protocols/mysql/consts.bro
+  scripts/base/protocols/ntlm/__load__.bro
+    scripts/base/protocols/ntlm/main.bro
+      scripts/base/protocols/smb/__load__.bro
+        scripts/base/protocols/smb/consts.bro
+        scripts/base/protocols/smb/const-dos-error.bro
+        scripts/base/protocols/smb/const-nt-status.bro
   scripts/base/protocols/pop3/__load__.bro
   scripts/base/protocols/radius/__load__.bro
     scripts/base/protocols/radius/main.bro
@@ -310,4 +355,4 @@ scripts/base/init-default.bro
   scripts/base/misc/find-checksum-offloading.bro
   scripts/base/misc/find-filtered-trace.bro
 scripts/policy/misc/loaded-scripts.bro
-#close	2016-06-07-19-22-42
+#close	2016-06-24-17-59-13
diff --git a/testing/btest/Baseline/plugins.hooks/output b/testing/btest/Baseline/plugins.hooks/output
index 2cab5f8216..665402dd81 100644
--- a/testing/btest/Baseline/plugins.hooks/output
+++ b/testing/btest/Baseline/plugins.hooks/output
@@ -3,6 +3,7 @@
 0.000000   MetaHookPost  CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp)) -> <no result>
+0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DCE_RPC, 135/tcp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 67/udp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 68/udp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DNP3_TCP, 20000/tcp)) -> <no result>
@@ -64,6 +65,7 @@
 0.000000   MetaHookPost  CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp)) -> <no result>
+0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DCE_RPC, 135/tcp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 67/udp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 68/udp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DNP3_TCP, 20000/tcp)) -> <no result>
@@ -121,6 +123,7 @@
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5222/tcp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5269/tcp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_AYIYA, {5072/udp})) -> <no result>
+0.000000   MetaHookPost  CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DCE_RPC, {135/tcp})) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DHCP, {67<...>/udp})) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DNP3_TCP, {20000<...>/tcp})) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DNS, {5355<...>/udp})) -> <no result>
@@ -161,6 +164,8 @@
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=cluster, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=communication, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=conn, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc_atsvc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dhcp, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dnp3, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DNS::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dns, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
@@ -172,6 +177,7 @@
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Intel::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=intel, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (KRB::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=kerberos, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Modbus::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=modbus, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (NTLM::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=ntlm, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (NetControl::DROP, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol_drop, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (NetControl::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (NetControl::SHUNT, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol_shunt, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
@@ -201,6 +207,8 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DNS::LOG, [columns=<no value description>, ev=DNS::log_dns, path=dns])) -> <no result>
@@ -212,6 +220,7 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Intel::LOG, [columns=<no value description>, ev=Intel::log_intel, path=intel])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (KRB::LOG, [columns=<no value description>, ev=KRB::log_krb, path=kerberos])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Modbus::LOG, [columns=<no value description>, ev=Modbus::log_modbus, path=modbus])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (NTLM::LOG, [columns=<no value description>, ev=<uninitialized>, path=ntlm])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (NetControl::DROP, [columns=<no value description>, ev=NetControl::log_netcontrol_drop, path=netcontrol_drop])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (NetControl::LOG, [columns=<no value description>, ev=NetControl::log_netcontrol, path=netcontrol])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (NetControl::SHUNT, [columns=<no value description>, ev=NetControl::log_netcontrol_shunt, path=netcontrol_shunt])) -> <no result>
@@ -238,10 +247,12 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1465327371.336692, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Communication::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Conn::LOG)) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::ATSVC_LOG)) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DHCP::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DNP3::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DNS::LOG)) -> <no result>
@@ -253,6 +264,7 @@
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Intel::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (KRB::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Modbus::LOG)) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (NTLM::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (NetControl::DROP)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (NetControl::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (NetControl::SHUNT)) -> <no result>
@@ -282,6 +294,8 @@
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DNS::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
@@ -293,6 +307,7 @@
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Intel::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (KRB::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Modbus::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (NTLM::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (NetControl::DROP, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (NetControl::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (NetControl::SHUNT, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
@@ -322,6 +337,8 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DNS::LOG, [columns=<no value description>, ev=DNS::log_dns, path=dns])) -> <no result>
@@ -333,6 +350,7 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Intel::LOG, [columns=<no value description>, ev=Intel::log_intel, path=intel])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (KRB::LOG, [columns=<no value description>, ev=KRB::log_krb, path=kerberos])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Modbus::LOG, [columns=<no value description>, ev=Modbus::log_modbus, path=modbus])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (NTLM::LOG, [columns=<no value description>, ev=<uninitialized>, path=ntlm])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (NetControl::DROP, [columns=<no value description>, ev=NetControl::log_netcontrol_drop, path=netcontrol_drop])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (NetControl::LOG, [columns=<no value description>, ev=NetControl::log_netcontrol, path=netcontrol])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (NetControl::SHUNT, [columns=<no value description>, ev=NetControl::log_netcontrol_shunt, path=netcontrol_shunt])) -> <no result>
@@ -359,7 +377,7 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1465327371.336692, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::init, <null>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
@@ -408,6 +426,7 @@
 0.000000   MetaHookPost  LoadFile(./Bro_ConnSize.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_ConnSize.functions.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_DCE_RPC.events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_DCE_RPC.types.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_DHCP.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_DNP3.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_DNS.events.bif.bro) -> -1
@@ -419,6 +438,8 @@
 0.000000   MetaHookPost  LoadFile(./Bro_FileExtract.functions.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_FileHash.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_Finger.events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_GSSAPI.events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_GSSAPI.types.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_GTPv1.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_Gnutella.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_HTTP.events.bif.bro) -> -1
@@ -436,6 +457,8 @@
 0.000000   MetaHookPost  LoadFile(./Bro_Modbus.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_MySQL.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_NCP.events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_NTLM.events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_NTLM.types.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_NTP.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_NetBIOS.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_NetBIOS.functions.bif.bro) -> -1
@@ -450,7 +473,37 @@
 0.000000   MetaHookPost  LoadFile(./Bro_RPC.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_RawReader.raw.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SIP.events.bif.bro) -> -1
-0.000000   MetaHookPost  LoadFile(./Bro_SMB.events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_check_directory.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_close.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_create_directory.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_echo.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_logoff_andx.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_negotiate.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_nt_cancel.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_nt_create_andx.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_query_information.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_read_andx.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_session_setup_andx.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_transaction.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_transaction2.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_tree_connect_andx.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_tree_disconnect.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_com_write_andx.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_close.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_create.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_ioctl.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_lock.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_negotiate.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_read.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_session_setup.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_set_info.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_tree_connect.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_tree_disconnect.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_write.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_events.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb_pipe.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./Bro_SMB.types.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMTP.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMTP.functions.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SNMP.events.bif.bro) -> -1
@@ -485,6 +538,8 @@
 0.000000   MetaHookPost  LoadFile(./cardinality-counter.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./catch-and-release) -> -1
 0.000000   MetaHookPost  LoadFile(./comm.bif.bro) -> -1
+0.000000   MetaHookPost  LoadFile(./const-dos-error) -> -1
+0.000000   MetaHookPost  LoadFile(./const-nt-status) -> -1
 0.000000   MetaHookPost  LoadFile(./const.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./consts) -> -1
 0.000000   MetaHookPost  LoadFile(./consts.bro) -> -1
@@ -493,6 +548,7 @@
 0.000000   MetaHookPost  LoadFile(./dcc-send) -> -1
 0.000000   MetaHookPost  LoadFile(./debug) -> -1
 0.000000   MetaHookPost  LoadFile(./drop) -> -1
+0.000000   MetaHookPost  LoadFile(./endpoint-atsvc) -> -1
 0.000000   MetaHookPost  LoadFile(./entities) -> -1
 0.000000   MetaHookPost  LoadFile(./event.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./exec) -> -1
@@ -584,6 +640,7 @@
 0.000000   MetaHookPost  LoadFile(base<...>/const.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/control) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/data.bif) -> -1
+0.000000   MetaHookPost  LoadFile(base<...>/dce-rpc) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/dhcp) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/dir) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/directions-and-hosts) -> -1
@@ -616,6 +673,7 @@
 0.000000   MetaHookPost  LoadFile(base<...>/mysql) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/netcontrol) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/notice) -> -1
+0.000000   MetaHookPost  LoadFile(base<...>/ntlm) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/numbers) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/openflow) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/packet-filter) -> -1
@@ -633,6 +691,7 @@
 0.000000   MetaHookPost  LoadFile(base<...>/signatures) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/sip) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/site) -> -1
+0.000000   MetaHookPost  LoadFile(base<...>/smb) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/smtp) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/snmp) -> -1
 0.000000   MetaHookPost  LoadFile(base<...>/socks) -> -1
@@ -661,6 +720,7 @@
 0.000000   MetaHookPre   CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE))
 0.000000   MetaHookPre   CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS))
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp))
+0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DCE_RPC, 135/tcp))
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 67/udp))
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 68/udp))
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_DNP3_TCP, 20000/tcp))
@@ -722,6 +782,7 @@
 0.000000   MetaHookPre   CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE))
 0.000000   MetaHookPre   CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp))
+0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DCE_RPC, 135/tcp))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 67/udp))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DHCP, 68/udp))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_DNP3_TCP, 20000/tcp))
@@ -779,6 +840,7 @@
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5222/tcp))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5269/tcp))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_AYIYA, {5072/udp}))
+0.000000   MetaHookPre   CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DCE_RPC, {135/tcp}))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DHCP, {67<...>/udp}))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DNP3_TCP, {20000<...>/tcp}))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_ports, <frame>, (Analyzer::ANALYZER_DNS, {5355<...>/udp}))
@@ -819,6 +881,8 @@
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=cluster, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=communication, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=conn, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
+0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc_atsvc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
+0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dhcp, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dnp3, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DNS::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dns, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
@@ -830,6 +894,7 @@
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Intel::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=intel, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (KRB::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=kerberos, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Modbus::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=modbus, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
+0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (NTLM::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=ntlm, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (NetControl::DROP, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol_drop, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (NetControl::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (NetControl::SHUNT, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol_shunt, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
@@ -859,6 +924,8 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn]))
+0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc]))
+0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DNS::LOG, [columns=<no value description>, ev=DNS::log_dns, path=dns]))
@@ -870,6 +937,7 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Intel::LOG, [columns=<no value description>, ev=Intel::log_intel, path=intel]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (KRB::LOG, [columns=<no value description>, ev=KRB::log_krb, path=kerberos]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Modbus::LOG, [columns=<no value description>, ev=Modbus::log_modbus, path=modbus]))
+0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (NTLM::LOG, [columns=<no value description>, ev=<uninitialized>, path=ntlm]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (NetControl::DROP, [columns=<no value description>, ev=NetControl::log_netcontrol_drop, path=netcontrol_drop]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (NetControl::LOG, [columns=<no value description>, ev=NetControl::log_netcontrol, path=netcontrol]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (NetControl::SHUNT, [columns=<no value description>, ev=NetControl::log_netcontrol_shunt, path=netcontrol_shunt]))
@@ -896,10 +964,12 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1465327371.336692, node=bro, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Communication::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Conn::LOG))
+0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::ATSVC_LOG))
+0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DHCP::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DNP3::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DNS::LOG))
@@ -911,6 +981,7 @@
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Intel::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (KRB::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Modbus::LOG))
+0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (NTLM::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (NetControl::DROP))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (NetControl::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (NetControl::SHUNT))
@@ -940,6 +1011,8 @@
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
+0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
+0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DNS::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
@@ -951,6 +1024,7 @@
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Intel::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (KRB::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Modbus::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
+0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (NTLM::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (NetControl::DROP, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (NetControl::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (NetControl::SHUNT, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
@@ -980,6 +1054,8 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn]))
+0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc]))
+0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DNS::LOG, [columns=<no value description>, ev=DNS::log_dns, path=dns]))
@@ -991,6 +1067,7 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Intel::LOG, [columns=<no value description>, ev=Intel::log_intel, path=intel]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (KRB::LOG, [columns=<no value description>, ev=KRB::log_krb, path=kerberos]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Modbus::LOG, [columns=<no value description>, ev=Modbus::log_modbus, path=modbus]))
+0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (NTLM::LOG, [columns=<no value description>, ev=<uninitialized>, path=ntlm]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (NetControl::DROP, [columns=<no value description>, ev=NetControl::log_netcontrol_drop, path=netcontrol_drop]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (NetControl::LOG, [columns=<no value description>, ev=NetControl::log_netcontrol, path=netcontrol]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (NetControl::SHUNT, [columns=<no value description>, ev=NetControl::log_netcontrol_shunt, path=netcontrol_shunt]))
@@ -1017,7 +1094,7 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1465327371.336692, node=bro, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(NetControl::check_plugins, <frame>, ())
 0.000000   MetaHookPre   CallFunction(NetControl::init, <null>, ())
 0.000000   MetaHookPre   CallFunction(Notice::want_pp, <frame>, ())
@@ -1066,6 +1143,7 @@
 0.000000   MetaHookPre   LoadFile(./Bro_ConnSize.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_ConnSize.functions.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_DCE_RPC.events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_DCE_RPC.types.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_DHCP.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_DNP3.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_DNS.events.bif.bro)
@@ -1077,6 +1155,8 @@
 0.000000   MetaHookPre   LoadFile(./Bro_FileExtract.functions.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_FileHash.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_Finger.events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_GSSAPI.events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_GSSAPI.types.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_GTPv1.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_Gnutella.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_HTTP.events.bif.bro)
@@ -1094,6 +1174,8 @@
 0.000000   MetaHookPre   LoadFile(./Bro_Modbus.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_MySQL.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_NCP.events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_NTLM.events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_NTLM.types.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_NTP.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_NetBIOS.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_NetBIOS.functions.bif.bro)
@@ -1108,7 +1190,37 @@
 0.000000   MetaHookPre   LoadFile(./Bro_RPC.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_RawReader.raw.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SIP.events.bif.bro)
-0.000000   MetaHookPre   LoadFile(./Bro_SMB.events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_check_directory.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_close.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_create_directory.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_echo.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_logoff_andx.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_negotiate.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_nt_cancel.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_nt_create_andx.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_query_information.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_read_andx.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_session_setup_andx.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_transaction.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_transaction2.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_tree_connect_andx.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_tree_disconnect.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_com_write_andx.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_close.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_create.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_ioctl.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_lock.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_negotiate.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_read.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_session_setup.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_set_info.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_tree_connect.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_tree_disconnect.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_write.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_events.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb_pipe.bif.bro)
+0.000000   MetaHookPre   LoadFile(./Bro_SMB.types.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMTP.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMTP.functions.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SNMP.events.bif.bro)
@@ -1143,6 +1255,8 @@
 0.000000   MetaHookPre   LoadFile(./cardinality-counter.bif.bro)
 0.000000   MetaHookPre   LoadFile(./catch-and-release)
 0.000000   MetaHookPre   LoadFile(./comm.bif.bro)
+0.000000   MetaHookPre   LoadFile(./const-dos-error)
+0.000000   MetaHookPre   LoadFile(./const-nt-status)
 0.000000   MetaHookPre   LoadFile(./const.bif.bro)
 0.000000   MetaHookPre   LoadFile(./consts)
 0.000000   MetaHookPre   LoadFile(./consts.bro)
@@ -1151,6 +1265,7 @@
 0.000000   MetaHookPre   LoadFile(./dcc-send)
 0.000000   MetaHookPre   LoadFile(./debug)
 0.000000   MetaHookPre   LoadFile(./drop)
+0.000000   MetaHookPre   LoadFile(./endpoint-atsvc)
 0.000000   MetaHookPre   LoadFile(./entities)
 0.000000   MetaHookPre   LoadFile(./event.bif.bro)
 0.000000   MetaHookPre   LoadFile(./exec)
@@ -1242,6 +1357,7 @@
 0.000000   MetaHookPre   LoadFile(base<...>/const.bif.bro)
 0.000000   MetaHookPre   LoadFile(base<...>/control)
 0.000000   MetaHookPre   LoadFile(base<...>/data.bif)
+0.000000   MetaHookPre   LoadFile(base<...>/dce-rpc)
 0.000000   MetaHookPre   LoadFile(base<...>/dhcp)
 0.000000   MetaHookPre   LoadFile(base<...>/dir)
 0.000000   MetaHookPre   LoadFile(base<...>/directions-and-hosts)
@@ -1274,6 +1390,7 @@
 0.000000   MetaHookPre   LoadFile(base<...>/mysql)
 0.000000   MetaHookPre   LoadFile(base<...>/netcontrol)
 0.000000   MetaHookPre   LoadFile(base<...>/notice)
+0.000000   MetaHookPre   LoadFile(base<...>/ntlm)
 0.000000   MetaHookPre   LoadFile(base<...>/numbers)
 0.000000   MetaHookPre   LoadFile(base<...>/openflow)
 0.000000   MetaHookPre   LoadFile(base<...>/packet-filter)
@@ -1291,6 +1408,7 @@
 0.000000   MetaHookPre   LoadFile(base<...>/signatures)
 0.000000   MetaHookPre   LoadFile(base<...>/sip)
 0.000000   MetaHookPre   LoadFile(base<...>/site)
+0.000000   MetaHookPre   LoadFile(base<...>/smb)
 0.000000   MetaHookPre   LoadFile(base<...>/smtp)
 0.000000   MetaHookPre   LoadFile(base<...>/snmp)
 0.000000   MetaHookPre   LoadFile(base<...>/socks)
@@ -1319,6 +1437,7 @@
 0.000000 | HookCallFunction Analyzer::__disable_analyzer(Analyzer::ANALYZER_STEPPINGSTONE)
 0.000000 | HookCallFunction Analyzer::__disable_analyzer(Analyzer::ANALYZER_TCPSTATS)
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_AYIYA, 5072/udp)
+0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_DCE_RPC, 135/tcp)
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_DHCP, 67/udp)
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_DHCP, 68/udp)
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_DNP3_TCP, 20000/tcp)
@@ -1380,6 +1499,7 @@
 0.000000 | HookCallFunction Analyzer::disable_analyzer(Analyzer::ANALYZER_STEPPINGSTONE)
 0.000000 | HookCallFunction Analyzer::disable_analyzer(Analyzer::ANALYZER_TCPSTATS)
 0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_AYIYA, 5072/udp)
+0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_DCE_RPC, 135/tcp)
 0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_DHCP, 67/udp)
 0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_DHCP, 68/udp)
 0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_DNP3_TCP, 20000/tcp)
@@ -1437,6 +1557,7 @@
 0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_XMPP, 5222/tcp)
 0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_XMPP, 5269/tcp)
 0.000000 | HookCallFunction Analyzer::register_for_ports(Analyzer::ANALYZER_AYIYA, {5072/udp})
+0.000000 | HookCallFunction Analyzer::register_for_ports(Analyzer::ANALYZER_DCE_RPC, {135/tcp})
 0.000000 | HookCallFunction Analyzer::register_for_ports(Analyzer::ANALYZER_DHCP, {67<...>/udp})
 0.000000 | HookCallFunction Analyzer::register_for_ports(Analyzer::ANALYZER_DNP3_TCP, {20000<...>/tcp})
 0.000000 | HookCallFunction Analyzer::register_for_ports(Analyzer::ANALYZER_DNS, {5355<...>/udp})
@@ -1476,6 +1597,8 @@
 0.000000 | HookCallFunction Log::__add_filter(Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=cluster, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=communication, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=conn, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
+0.000000 | HookCallFunction Log::__add_filter(DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc_atsvc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
+0.000000 | HookCallFunction Log::__add_filter(DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dhcp, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dnp3, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(DNS::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dns, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
@@ -1487,6 +1610,7 @@
 0.000000 | HookCallFunction Log::__add_filter(Intel::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=intel, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(KRB::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=kerberos, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(Modbus::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=modbus, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
+0.000000 | HookCallFunction Log::__add_filter(NTLM::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=ntlm, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(NetControl::DROP, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol_drop, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(NetControl::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(NetControl::SHUNT, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=netcontrol_shunt, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
@@ -1516,6 +1640,8 @@
 0.000000 | HookCallFunction Log::__create_stream(Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])
 0.000000 | HookCallFunction Log::__create_stream(Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])
 0.000000 | HookCallFunction Log::__create_stream(Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])
+0.000000 | HookCallFunction Log::__create_stream(DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])
+0.000000 | HookCallFunction Log::__create_stream(DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])
 0.000000 | HookCallFunction Log::__create_stream(DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])
 0.000000 | HookCallFunction Log::__create_stream(DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])
 0.000000 | HookCallFunction Log::__create_stream(DNS::LOG, [columns=<no value description>, ev=DNS::log_dns, path=dns])
@@ -1527,6 +1653,7 @@
 0.000000 | HookCallFunction Log::__create_stream(Intel::LOG, [columns=<no value description>, ev=Intel::log_intel, path=intel])
 0.000000 | HookCallFunction Log::__create_stream(KRB::LOG, [columns=<no value description>, ev=KRB::log_krb, path=kerberos])
 0.000000 | HookCallFunction Log::__create_stream(Modbus::LOG, [columns=<no value description>, ev=Modbus::log_modbus, path=modbus])
+0.000000 | HookCallFunction Log::__create_stream(NTLM::LOG, [columns=<no value description>, ev=<uninitialized>, path=ntlm])
 0.000000 | HookCallFunction Log::__create_stream(NetControl::DROP, [columns=<no value description>, ev=NetControl::log_netcontrol_drop, path=netcontrol_drop])
 0.000000 | HookCallFunction Log::__create_stream(NetControl::LOG, [columns=<no value description>, ev=NetControl::log_netcontrol, path=netcontrol])
 0.000000 | HookCallFunction Log::__create_stream(NetControl::SHUNT, [columns=<no value description>, ev=NetControl::log_netcontrol_shunt, path=netcontrol_shunt])
@@ -1553,10 +1680,12 @@
 0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1465327371.336692, node=bro, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Communication::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Conn::LOG)
+0.000000 | HookCallFunction Log::add_default_filter(DCE_RPC::ATSVC_LOG)
+0.000000 | HookCallFunction Log::add_default_filter(DCE_RPC::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(DHCP::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(DNP3::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(DNS::LOG)
@@ -1568,6 +1697,7 @@
 0.000000 | HookCallFunction Log::add_default_filter(Intel::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(KRB::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Modbus::LOG)
+0.000000 | HookCallFunction Log::add_default_filter(NTLM::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(NetControl::DROP)
 0.000000 | HookCallFunction Log::add_default_filter(NetControl::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(NetControl::SHUNT)
@@ -1597,6 +1727,8 @@
 0.000000 | HookCallFunction Log::add_filter(Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
+0.000000 | HookCallFunction Log::add_filter(DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
+0.000000 | HookCallFunction Log::add_filter(DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(DNS::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
@@ -1608,6 +1740,7 @@
 0.000000 | HookCallFunction Log::add_filter(Intel::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(KRB::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(Modbus::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
+0.000000 | HookCallFunction Log::add_filter(NTLM::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(NetControl::DROP, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(NetControl::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(NetControl::SHUNT, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
@@ -1637,6 +1770,8 @@
 0.000000 | HookCallFunction Log::create_stream(Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])
 0.000000 | HookCallFunction Log::create_stream(Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])
 0.000000 | HookCallFunction Log::create_stream(Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])
+0.000000 | HookCallFunction Log::create_stream(DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])
+0.000000 | HookCallFunction Log::create_stream(DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])
 0.000000 | HookCallFunction Log::create_stream(DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])
 0.000000 | HookCallFunction Log::create_stream(DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])
 0.000000 | HookCallFunction Log::create_stream(DNS::LOG, [columns=<no value description>, ev=DNS::log_dns, path=dns])
@@ -1648,6 +1783,7 @@
 0.000000 | HookCallFunction Log::create_stream(Intel::LOG, [columns=<no value description>, ev=Intel::log_intel, path=intel])
 0.000000 | HookCallFunction Log::create_stream(KRB::LOG, [columns=<no value description>, ev=KRB::log_krb, path=kerberos])
 0.000000 | HookCallFunction Log::create_stream(Modbus::LOG, [columns=<no value description>, ev=Modbus::log_modbus, path=modbus])
+0.000000 | HookCallFunction Log::create_stream(NTLM::LOG, [columns=<no value description>, ev=<uninitialized>, path=ntlm])
 0.000000 | HookCallFunction Log::create_stream(NetControl::DROP, [columns=<no value description>, ev=NetControl::log_netcontrol_drop, path=netcontrol_drop])
 0.000000 | HookCallFunction Log::create_stream(NetControl::LOG, [columns=<no value description>, ev=NetControl::log_netcontrol, path=netcontrol])
 0.000000 | HookCallFunction Log::create_stream(NetControl::SHUNT, [columns=<no value description>, ev=NetControl::log_netcontrol_shunt, path=netcontrol_shunt])
@@ -1674,7 +1810,7 @@
 0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1465327371.336692, node=bro, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction NetControl::check_plugins()
 0.000000 | HookCallFunction NetControl::init()
 0.000000 | HookCallFunction Notice::want_pp()
@@ -1723,22 +1859,22 @@
 1362692526.869344   MetaHookPost  CallFunction(NetControl::check_conn, <frame>, (141.142.228.5)) -> <no result>
 1362692526.869344   MetaHookPost  CallFunction(filter_change_tracking, <null>, ()) -> <no result>
 1362692526.869344   MetaHookPost  CallFunction(get_net_stats, <frame>, ()) -> <no result>
-1362692526.869344   MetaHookPost  CallFunction(new_connection, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
+1362692526.869344   MetaHookPost  CallFunction(new_connection, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
 1362692526.869344   MetaHookPost  DrainEvents() -> <void>
 1362692526.869344   MetaHookPost  QueueEvent(ChecksumOffloading::check()) -> false
 1362692526.869344   MetaHookPost  QueueEvent(filter_change_tracking()) -> false
-1362692526.869344   MetaHookPost  QueueEvent(new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> false
+1362692526.869344   MetaHookPost  QueueEvent(new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> false
 1362692526.869344   MetaHookPost  UpdateNetworkTime(1362692526.869344) -> <void>
 1362692526.869344   MetaHookPre   BroObjDtor(<void ptr>)
 1362692526.869344   MetaHookPre   CallFunction(ChecksumOffloading::check, <null>, ())
 1362692526.869344   MetaHookPre   CallFunction(NetControl::check_conn, <frame>, (141.142.228.5))
 1362692526.869344   MetaHookPre   CallFunction(filter_change_tracking, <null>, ())
 1362692526.869344   MetaHookPre   CallFunction(get_net_stats, <frame>, ())
-1362692526.869344   MetaHookPre   CallFunction(new_connection, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692526.869344   MetaHookPre   CallFunction(new_connection, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
 1362692526.869344   MetaHookPre   DrainEvents()
 1362692526.869344   MetaHookPre   QueueEvent(ChecksumOffloading::check())
 1362692526.869344   MetaHookPre   QueueEvent(filter_change_tracking())
-1362692526.869344   MetaHookPre   QueueEvent(new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692526.869344   MetaHookPre   QueueEvent(new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
 1362692526.869344   MetaHookPre   UpdateNetworkTime(1362692526.869344)
 1362692526.869344  | HookBroObjDtor
 1362692526.869344  | HookUpdateNetworkTime 1362692526.869344
@@ -1746,24 +1882,24 @@
 1362692526.869344 | HookCallFunction NetControl::check_conn(141.142.228.5)
 1362692526.869344 | HookCallFunction filter_change_tracking()
 1362692526.869344 | HookCallFunction get_net_stats()
-1362692526.869344 | HookCallFunction new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692526.869344 | HookCallFunction new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
 1362692526.869344 | HookDrainEvents
 1362692526.869344 | HookQueueEvent ChecksumOffloading::check()
 1362692526.869344 | HookQueueEvent filter_change_tracking()
-1362692526.869344 | HookQueueEvent new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692526.869344 | HookQueueEvent new_connection([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.0, service={}, history=, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
 1362692526.869344 | RequestObjDtor ChecksumOffloading::check()
-1362692526.939084   MetaHookPost  CallFunction(connection_established, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
+1362692526.939084   MetaHookPost  CallFunction(connection_established, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
 1362692526.939084   MetaHookPost  DrainEvents() -> <void>
-1362692526.939084   MetaHookPost  QueueEvent(connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> false
+1362692526.939084   MetaHookPost  QueueEvent(connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> false
 1362692526.939084   MetaHookPost  UpdateNetworkTime(1362692526.939084) -> <void>
-1362692526.939084   MetaHookPre   CallFunction(connection_established, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692526.939084   MetaHookPre   CallFunction(connection_established, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
 1362692526.939084   MetaHookPre   DrainEvents()
-1362692526.939084   MetaHookPre   QueueEvent(connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692526.939084   MetaHookPre   QueueEvent(connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
 1362692526.939084   MetaHookPre   UpdateNetworkTime(1362692526.939084)
 1362692526.939084  | HookUpdateNetworkTime 1362692526.939084
-1362692526.939084 | HookCallFunction connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692526.939084 | HookCallFunction connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
 1362692526.939084 | HookDrainEvents
-1362692526.939084 | HookQueueEvent connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692526.939084 | HookQueueEvent connection_established([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.06974, service={}, history=Sh, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
 1362692526.939378   MetaHookPost  DrainEvents() -> <void>
 1362692526.939378   MetaHookPost  UpdateNetworkTime(1362692526.939378) -> <void>
 1362692526.939378   MetaHookPre   DrainEvents()
@@ -1772,118 +1908,118 @@
 1362692526.939378 | HookDrainEvents
 1362692526.939527   MetaHookPost  CallFunction(Analyzer::__name, <frame>, (Analyzer::ANALYZER_HTTP)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(Analyzer::name, <frame>, (Analyzer::ANALYZER_HTTP)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(fmt, <frame>, (-%s, HTTP)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(http_request, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp])) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(network_time, <frame>, ()) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(protocol_confirmation, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(protocol_confirmation, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344T11141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(split_string1, <frame>, (bro.org, <...>/)) -> <no result>
 1362692526.939527   MetaHookPost  DrainEvents() -> <void>
-1362692526.939527   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
 1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)) -> false
 1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> false
 1362692526.939527   MetaHookPost  QueueEvent(http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)) -> false
-1362692526.939527   MetaHookPost  QueueEvent(protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)) -> false
 1362692526.939527   MetaHookPost  UpdateNetworkTime(1362692526.939527) -> <void>
 1362692526.939527   MetaHookPre   CallFunction(Analyzer::__name, <frame>, (Analyzer::ANALYZER_HTTP))
 1362692526.939527   MetaHookPre   CallFunction(Analyzer::name, <frame>, (Analyzer::ANALYZER_HTTP))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692526.939527   MetaHookPre   CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80))
 1362692526.939527   MetaHookPre   CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp))
 1362692526.939527   MetaHookPre   CallFunction(fmt, <frame>, (-%s, HTTP))
-1362692526.939527   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/*))
 1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0)))
-1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
-1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
-1362692526.939527   MetaHookPre   CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
+1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
+1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
+1362692526.939527   MetaHookPre   CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
 1362692526.939527   MetaHookPre   CallFunction(http_request, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1))
 1362692526.939527   MetaHookPre   CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp]))
 1362692526.939527   MetaHookPre   CallFunction(network_time, <frame>, ())
-1362692526.939527   MetaHookPre   CallFunction(protocol_confirmation, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3))
+1362692526.939527   MetaHookPre   CallFunction(protocol_confirmation, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3))
 1362692526.939527   MetaHookPre   CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344T11141.142.228.5:59856 > 192.150.187.43:80))
 1362692526.939527   MetaHookPre   CallFunction(split_string1, <frame>, (bro.org, <...>/))
 1362692526.939527   MetaHookPre   DrainEvents()
-1362692526.939527   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*))
 1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0)))
-1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
-1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
-1362692526.939527   MetaHookPre   QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
+1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
+1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
+1362692526.939527   MetaHookPre   QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
 1362692526.939527   MetaHookPre   QueueEvent(http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1))
-1362692526.939527   MetaHookPre   QueueEvent(protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3))
+1362692526.939527   MetaHookPre   QueueEvent(protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3))
 1362692526.939527   MetaHookPre   UpdateNetworkTime(1362692526.939527)
 1362692526.939527  | HookUpdateNetworkTime 1362692526.939527
 1362692526.939527 | HookCallFunction Analyzer::__name(Analyzer::ANALYZER_HTTP)
 1362692526.939527 | HookCallFunction Analyzer::name(Analyzer::ANALYZER_HTTP)
-1362692526.939527 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::new_http_session([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::new_http_session([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
 1362692526.939527 | HookCallFunction cat(Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)
 1362692526.939527 | HookCallFunction fmt(%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)
 1362692526.939527 | HookCallFunction fmt(-%s, HTTP)
-1362692526.939527 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
 1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)
 1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))
-1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
-1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
-1362692526.939527 | HookCallFunction http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
+1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
+1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
+1362692526.939527 | HookCallFunction http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
 1362692526.939527 | HookCallFunction http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)
 1362692526.939527 | HookCallFunction id_string([orig_h=141.142.228.5, orig_p=59856<...>/tcp])
 1362692526.939527 | HookCallFunction network_time()
-1362692526.939527 | HookCallFunction protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)
+1362692526.939527 | HookCallFunction protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)
 1362692526.939527 | HookCallFunction set_file_handle(Analyzer::ANALYZER_HTTP1362692526.869344T11141.142.228.5:59856 > 192.150.187.43:80)
 1362692526.939527 | HookCallFunction split_string1(bro.org, <...>/)
 1362692526.939527 | HookDrainEvents
-1362692526.939527 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookQueueEvent http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookQueueEvent http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookQueueEvent http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookQueueEvent http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
 1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)
 1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))
-1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
-1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
-1362692526.939527 | HookQueueEvent http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
+1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
+1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
+1362692526.939527 | HookQueueEvent http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
 1362692526.939527 | HookQueueEvent http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)
-1362692526.939527 | HookQueueEvent protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)
+1362692526.939527 | HookQueueEvent protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)
 1362692527.008509   MetaHookPost  DrainEvents() -> <void>
 1362692527.008509   MetaHookPost  UpdateNetworkTime(1362692527.008509) -> <void>
 1362692527.008509   MetaHookPre   DrainEvents()
@@ -1892,142 +2028,142 @@
 1362692527.008509 | HookDrainEvents
 1362692527.009512   MetaHookPost  CallFunction(Files::__enable_reassembly, <frame>, (FakNcS1Jfe01uljb3)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(Files::__set_reassembly_buffer, <frame>, (FakNcS1Jfe01uljb3, 524288)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(HTTP::code_in_range, <frame>, (200, 100, 199)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, F, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp])) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(split_string_all, <frame>, (HTTP, <...>/)) -> <no result>
 1362692527.009512   MetaHookPost  DrainEvents() -> <void>
-1362692527.009512   MetaHookPost  QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> false
-1362692527.009512   MetaHookPost  QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> false
+1362692527.009512   MetaHookPost  QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> false
 1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))) -> false
 1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> false
 1362692527.009512   MetaHookPost  UpdateNetworkTime(1362692527.009512) -> <void>
 1362692527.009512   MetaHookPre   CallFunction(Files::__enable_reassembly, <frame>, (FakNcS1Jfe01uljb3))
 1362692527.009512   MetaHookPre   CallFunction(Files::__set_reassembly_buffer, <frame>, (FakNcS1Jfe01uljb3, 524288))
-1362692527.009512   MetaHookPre   CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288))
+1362692527.009512   MetaHookPre   CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288))
 1362692527.009512   MetaHookPre   CallFunction(HTTP::code_in_range, <frame>, (200, 100, 199))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
 1362692527.009512   MetaHookPre   CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, F, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80))
-1362692527.009512   MetaHookPre   CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
 1362692527.009512   MetaHookPre   CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp))
-1362692527.009512   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
+1362692527.009512   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
 1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora)))
 1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8))
-1362692527.009512   MetaHookPre   CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
+1362692527.009512   MetaHookPre   CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
 1362692527.009512   MetaHookPre   CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp]))
 1362692527.009512   MetaHookPre   CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80))
 1362692527.009512   MetaHookPre   CallFunction(split_string_all, <frame>, (HTTP, <...>/))
 1362692527.009512   MetaHookPre   DrainEvents()
-1362692527.009512   MetaHookPre   QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
+1362692527.009512   MetaHookPre   QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
 1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora)))
 1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8))
-1362692527.009512   MetaHookPre   QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
+1362692527.009512   MetaHookPre   QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
 1362692527.009512   MetaHookPre   UpdateNetworkTime(1362692527.009512)
 1362692527.009512  | HookUpdateNetworkTime 1362692527.009512
 1362692527.009512 | HookCallFunction Files::__enable_reassembly(FakNcS1Jfe01uljb3)
 1362692527.009512 | HookCallFunction Files::__set_reassembly_buffer(FakNcS1Jfe01uljb3, 524288)
-1362692527.009512 | HookCallFunction Files::enable_reassembly([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction Files::set_reassembly_buffer_size([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)
+1362692527.009512 | HookCallFunction Files::enable_reassembly([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction Files::set_reassembly_buffer_size([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)
 1362692527.009512 | HookCallFunction HTTP::code_in_range(200, 100, 199)
-1362692527.009512 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
 1362692527.009512 | HookCallFunction cat(Analyzer::ANALYZER_HTTP, 1362692526.869344, F, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)
-1362692527.009512 | HookCallFunction file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
 1362692527.009512 | HookCallFunction fmt(%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)
-1362692527.009512 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
+1362692527.009512 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
 1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))
 1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)
-1362692527.009512 | HookCallFunction http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
+1362692527.009512 | HookCallFunction http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
 1362692527.009512 | HookCallFunction id_string([orig_h=141.142.228.5, orig_p=59856<...>/tcp])
 1362692527.009512 | HookCallFunction set_file_handle(Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80)
 1362692527.009512 | HookCallFunction split_string_all(HTTP, <...>/)
 1362692527.009512 | HookDrainEvents
-1362692527.009512 | HookQueueEvent file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookQueueEvent file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookQueueEvent http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
+1362692527.009512 | HookQueueEvent file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookQueueEvent file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookQueueEvent http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
 1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))
 1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)
-1362692527.009512 | HookQueueEvent http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
+1362692527.009512 | HookQueueEvent http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
 1362692527.009721   MetaHookPost  DrainEvents() -> <void>
 1362692527.009721   MetaHookPost  UpdateNetworkTime(1362692527.009721) -> <void>
 1362692527.009721   MetaHookPre   DrainEvents()
@@ -2043,8 +2179,8 @@
 1362692527.009775   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=[FakNcS1Jfe01uljb3], resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(HTTP::code_in_range, <frame>, (200, 100, 199)) -> <no result>
-1362692527.009775   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009775   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009775   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009775   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(Log::__write, <frame>, (Files::LOG, [ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={192.150.187.43}, rx_hosts={141.142.228.5}, conn_uids={CXWv6p3arKYeMETxOg}, source=HTTP, depth=0, analyzers={}, mime_type=text/plain, filename=<uninitialized>, duration=262.0 usecs, local_orig=<uninitialized>, is_orig=F, seen_bytes=4705, total_bytes=4705, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(Log::__write, <frame>, (HTTP::LOG, [ts=1362692526.939527, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(Log::write, <frame>, (Files::LOG, [ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={192.150.187.43}, rx_hosts={141.142.228.5}, conn_uids={CXWv6p3arKYeMETxOg}, source=HTTP, depth=0, analyzers={}, mime_type=text/plain, filename=<uninitialized>, duration=262.0 usecs, local_orig=<uninitialized>, is_orig=F, seen_bytes=4705, total_bytes=4705, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>])) -> <no result>
@@ -2053,23 +2189,23 @@
 1362692527.009775   MetaHookPost  CallFunction(file_sniff, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain]]])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(file_state_remove, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)) -> <no result>
-1362692527.009775   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009775   MetaHookPost  CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009775   MetaHookPost  CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])) -> <no result>
+1362692527.009775   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009775   MetaHookPost  CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009775   MetaHookPost  CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp])) -> <no result>
 1362692527.009775   MetaHookPost  CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
 1362692527.009775   MetaHookPost  DrainEvents() -> <void>
 1362692527.009775   MetaHookPost  QueueEvent(file_sniff([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain]]])) -> false
 1362692527.009775   MetaHookPost  QueueEvent(file_state_remove([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> false
-1362692527.009775   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009775   MetaHookPost  QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009775   MetaHookPost  QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])) -> false
+1362692527.009775   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009775   MetaHookPost  QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009775   MetaHookPost  QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])) -> false
 1362692527.009775   MetaHookPost  UpdateNetworkTime(1362692527.009775) -> <void>
 1362692527.009775   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=[FakNcS1Jfe01uljb3], resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
 1362692527.009775   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
 1362692527.009775   MetaHookPre   CallFunction(HTTP::code_in_range, <frame>, (200, 100, 199))
-1362692527.009775   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009775   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009775   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009775   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
 1362692527.009775   MetaHookPre   CallFunction(Log::__write, <frame>, (Files::LOG, [ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={192.150.187.43}, rx_hosts={141.142.228.5}, conn_uids={CXWv6p3arKYeMETxOg}, source=HTTP, depth=0, analyzers={}, mime_type=text/plain, filename=<uninitialized>, duration=262.0 usecs, local_orig=<uninitialized>, is_orig=F, seen_bytes=4705, total_bytes=4705, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]))
 1362692527.009775   MetaHookPre   CallFunction(Log::__write, <frame>, (HTTP::LOG, [ts=1362692526.939527, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]))
 1362692527.009775   MetaHookPre   CallFunction(Log::write, <frame>, (Files::LOG, [ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={192.150.187.43}, rx_hosts={141.142.228.5}, conn_uids={CXWv6p3arKYeMETxOg}, source=HTTP, depth=0, analyzers={}, mime_type=text/plain, filename=<uninitialized>, duration=262.0 usecs, local_orig=<uninitialized>, is_orig=F, seen_bytes=4705, total_bytes=4705, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]))
@@ -2078,24 +2214,24 @@
 1362692527.009775   MetaHookPre   CallFunction(file_sniff, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain]]]))
 1362692527.009775   MetaHookPre   CallFunction(file_state_remove, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
 1362692527.009775   MetaHookPre   CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp))
-1362692527.009775   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009775   MetaHookPre   CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009775   MetaHookPre   CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280]))
+1362692527.009775   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009775   MetaHookPre   CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009775   MetaHookPre   CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280]))
 1362692527.009775   MetaHookPre   CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp]))
 1362692527.009775   MetaHookPre   CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80))
 1362692527.009775   MetaHookPre   DrainEvents()
 1362692527.009775   MetaHookPre   QueueEvent(file_sniff([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain]]]))
 1362692527.009775   MetaHookPre   QueueEvent(file_state_remove([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009775   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009775   MetaHookPre   QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009775   MetaHookPre   QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280]))
+1362692527.009775   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009775   MetaHookPre   QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009775   MetaHookPre   QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280]))
 1362692527.009775   MetaHookPre   UpdateNetworkTime(1362692527.009775)
 1362692527.009775  | HookUpdateNetworkTime 1362692527.009775
 1362692527.009775 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, filename=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=[FakNcS1Jfe01uljb3], resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
 1362692527.009775 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
 1362692527.009775 | HookCallFunction HTTP::code_in_range(200, 100, 199)
-1362692527.009775 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009775 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009775 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009775 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
 1362692527.009775 | HookCallFunction Log::__write(Files::LOG, [ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={192.150.187.43}, rx_hosts={141.142.228.5}, conn_uids={CXWv6p3arKYeMETxOg}, source=HTTP, depth=0, analyzers={}, mime_type=text/plain, filename=<uninitialized>, duration=262.0 usecs, local_orig=<uninitialized>, is_orig=F, seen_bytes=4705, total_bytes=4705, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>])
 1362692527.009775 | HookCallFunction Log::__write(HTTP::LOG, [ts=1362692526.939527, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1])
 1362692527.009775 | HookCallFunction Log::write(Files::LOG, [ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={192.150.187.43}, rx_hosts={141.142.228.5}, conn_uids={CXWv6p3arKYeMETxOg}, source=HTTP, depth=0, analyzers={}, mime_type=text/plain, filename=<uninitialized>, duration=262.0 usecs, local_orig=<uninitialized>, is_orig=F, seen_bytes=4705, total_bytes=4705, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>])
@@ -2104,17 +2240,17 @@
 1362692527.009775 | HookCallFunction file_sniff([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain]]])
 1362692527.009775 | HookCallFunction file_state_remove([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
 1362692527.009775 | HookCallFunction fmt(%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)
-1362692527.009775 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009775 | HookCallFunction http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009775 | HookCallFunction http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])
+1362692527.009775 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009775 | HookCallFunction http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009775 | HookCallFunction http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])
 1362692527.009775 | HookCallFunction id_string([orig_h=141.142.228.5, orig_p=59856<...>/tcp])
 1362692527.009775 | HookCallFunction set_file_handle(Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80)
 1362692527.009775 | HookDrainEvents
 1362692527.009775 | HookQueueEvent file_sniff([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain]]])
 1362692527.009775 | HookQueueEvent file_state_remove([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1], irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009775 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009775 | HookQueueEvent http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009775 | HookQueueEvent http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])
+1362692527.009775 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009775 | HookQueueEvent http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009775 | HookQueueEvent http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, [start=1362692527.009512, interrupted=F, finish_msg=message ends normally, body_length=4705, content_gap_length=0, header_length=280])
 1362692527.009855   MetaHookPost  DrainEvents() -> <void>
 1362692527.009855   MetaHookPost  UpdateNetworkTime(1362692527.009855) -> <void>
 1362692527.009855   MetaHookPre   DrainEvents()
@@ -2140,19 +2276,19 @@
 1362692527.080828  | HookUpdateNetworkTime 1362692527.080828
 1362692527.080828 | HookDrainEvents
 1362692527.080972   MetaHookPost  CallFunction(ChecksumOffloading::check, <null>, ()) -> <no result>
-1362692527.080972   MetaHookPost  CallFunction(Conn::conn_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], tcp)) -> <no result>
-1362692527.080972   MetaHookPost  CallFunction(Conn::determine_service, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
-1362692527.080972   MetaHookPost  CallFunction(Conn::set_conn, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692527.080972   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692527.080972   MetaHookPost  CallFunction(KRB::fill_in_subjects, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
+1362692527.080972   MetaHookPost  CallFunction(Conn::conn_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], tcp)) -> <no result>
+1362692527.080972   MetaHookPost  CallFunction(Conn::determine_service, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
+1362692527.080972   MetaHookPost  CallFunction(Conn::set_conn, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692527.080972   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692527.080972   MetaHookPost  CallFunction(KRB::fill_in_subjects, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(Log::__write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(Log::write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(bro_done, <null>, ()) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
-1362692527.080972   MetaHookPost  CallFunction(connection_state_remove, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
+1362692527.080972   MetaHookPost  CallFunction(connection_state_remove, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(filter_change_tracking, <null>, ()) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)) -> <no result>
-1362692527.080972   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692527.080972   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(get_net_stats, <frame>, ()) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(get_port_transport_proto, <frame>, (80/tcp)) -> <no result>
 1362692527.080972   MetaHookPost  CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp])) -> <no result>
@@ -2165,24 +2301,24 @@
 1362692527.080972   MetaHookPost  DrainEvents() -> <void>
 1362692527.080972   MetaHookPost  QueueEvent(ChecksumOffloading::check()) -> false
 1362692527.080972   MetaHookPost  QueueEvent(bro_done()) -> false
-1362692527.080972   MetaHookPost  QueueEvent(connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> false
+1362692527.080972   MetaHookPost  QueueEvent(connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> false
 1362692527.080972   MetaHookPost  QueueEvent(filter_change_tracking()) -> false
-1362692527.080972   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
+1362692527.080972   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
 1362692527.080972   MetaHookPost  UpdateNetworkTime(1362692527.080972) -> <void>
 1362692527.080972   MetaHookPre   CallFunction(ChecksumOffloading::check, <null>, ())
-1362692527.080972   MetaHookPre   CallFunction(Conn::conn_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], tcp))
-1362692527.080972   MetaHookPre   CallFunction(Conn::determine_service, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
-1362692527.080972   MetaHookPre   CallFunction(Conn::set_conn, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692527.080972   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692527.080972   MetaHookPre   CallFunction(KRB::fill_in_subjects, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692527.080972   MetaHookPre   CallFunction(Conn::conn_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], tcp))
+1362692527.080972   MetaHookPre   CallFunction(Conn::determine_service, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692527.080972   MetaHookPre   CallFunction(Conn::set_conn, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692527.080972   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692527.080972   MetaHookPre   CallFunction(KRB::fill_in_subjects, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
 1362692527.080972   MetaHookPre   CallFunction(Log::__write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}]))
 1362692527.080972   MetaHookPre   CallFunction(Log::write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}]))
 1362692527.080972   MetaHookPre   CallFunction(bro_done, <null>, ())
 1362692527.080972   MetaHookPre   CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80))
-1362692527.080972   MetaHookPre   CallFunction(connection_state_remove, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692527.080972   MetaHookPre   CallFunction(connection_state_remove, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
 1362692527.080972   MetaHookPre   CallFunction(filter_change_tracking, <null>, ())
 1362692527.080972   MetaHookPre   CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp))
-1362692527.080972   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692527.080972   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692527.080972   MetaHookPre   CallFunction(get_net_stats, <frame>, ())
 1362692527.080972   MetaHookPre   CallFunction(get_port_transport_proto, <frame>, (80/tcp))
 1362692527.080972   MetaHookPre   CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp]))
@@ -2195,25 +2331,25 @@
 1362692527.080972   MetaHookPre   DrainEvents()
 1362692527.080972   MetaHookPre   QueueEvent(ChecksumOffloading::check())
 1362692527.080972   MetaHookPre   QueueEvent(bro_done())
-1362692527.080972   MetaHookPre   QueueEvent(connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692527.080972   MetaHookPre   QueueEvent(connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
 1362692527.080972   MetaHookPre   QueueEvent(filter_change_tracking())
-1362692527.080972   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692527.080972   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692527.080972   MetaHookPre   UpdateNetworkTime(1362692527.080972)
 1362692527.080972  | HookUpdateNetworkTime 1362692527.080972
 1362692527.080972 | HookCallFunction ChecksumOffloading::check()
-1362692527.080972 | HookCallFunction Conn::conn_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], tcp)
-1362692527.080972 | HookCallFunction Conn::determine_service([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
-1362692527.080972 | HookCallFunction Conn::set_conn([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692527.080972 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692527.080972 | HookCallFunction KRB::fill_in_subjects([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692527.080972 | HookCallFunction Conn::conn_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], tcp)
+1362692527.080972 | HookCallFunction Conn::determine_service([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692527.080972 | HookCallFunction Conn::set_conn([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692527.080972 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692527.080972 | HookCallFunction KRB::fill_in_subjects([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
 1362692527.080972 | HookCallFunction Log::__write(Conn::LOG, [ts=1362692526.869344, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])
 1362692527.080972 | HookCallFunction Log::write(Conn::LOG, [ts=1362692526.869344, uid=CXWv6p3arKYeMETxOg, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])
 1362692527.080972 | HookCallFunction bro_done()
 1362692527.080972 | HookCallFunction cat(Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)
-1362692527.080972 | HookCallFunction connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692527.080972 | HookCallFunction connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
 1362692527.080972 | HookCallFunction filter_change_tracking()
 1362692527.080972 | HookCallFunction fmt(%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)
-1362692527.080972 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692527.080972 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
 1362692527.080972 | HookCallFunction get_net_stats()
 1362692527.080972 | HookCallFunction get_port_transport_proto(80/tcp)
 1362692527.080972 | HookCallFunction id_string([orig_h=141.142.228.5, orig_p=59856<...>/tcp])
@@ -2226,6 +2362,6 @@
 1362692527.080972 | HookDrainEvents
 1362692527.080972 | HookQueueEvent ChecksumOffloading::check()
 1362692527.080972 | HookQueueEvent bro_done()
-1362692527.080972 | HookQueueEvent connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692527.080972 | HookQueueEvent connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
 1362692527.080972 | HookQueueEvent filter_change_tracking()
-1362692527.080972 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692527.080972 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
diff --git a/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log b/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
index 30562ca85d..d7f8adff53 100644
--- a/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
+++ b/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
@@ -4,60 +4,60 @@
 1254722767.492060 ChecksumOffloading::check
 1254722767.492060 filter_change_tracking
 1254722767.492060 new_connection
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722767.492060 dns_message
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=F, AA=F, TC=F, RD=T, RA=F, Z=0, num_queries=1, num_answers=0, num_auth=0, num_addl=0]
                   [3] len: count         = 34
 
 1254722767.492060 dns_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=F, AA=F, TC=F, RD=T, RA=F, Z=0, num_queries=1, num_answers=0, num_auth=0, num_addl=0]
                   [2] query: string      = mail.patriots.in
                   [3] qtype: count       = 1
                   [4] qclass: count      = 1
 
 1254722767.492060 protocol_confirmation
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] atype: enum        = Analyzer::ANALYZER_DNS
                   [2] aid: count         = 3
 
 1254722767.492060 dns_end
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0aDNS\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0aDNS\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=F, AA=F, TC=F, RD=T, RA=F, Z=0, num_queries=1, num_answers=0, num_auth=0, num_addl=0]
 
 1254722767.526085 dns_message
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
                   [3] len: count         = 100
 
 1254722767.526085 dns_CNAME_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
                   [2] ans: dns_answer    = [answer_type=1, query=mail.patriots.in, qtype=5, qclass=1, TTL=3.0 hrs 27.0 secs]
                   [3] name: string       = patriots.in
 
 1254722767.526085 dns_A_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in], TTLs=[3.0 hrs 27.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in], TTLs=[3.0 hrs 27.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
                   [2] ans: dns_answer    = [answer_type=1, query=patriots.in, qtype=1, qclass=1, TTL=3.0 hrs 28.0 secs]
                   [3] a: addr            = 74.53.140.153
 
 1254722767.526085 dns_end
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in, 74.53.140.153], TTLs=[3.0 hrs 27.0 secs, 3.0 hrs 28.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in, 74.53.140.153], TTLs=[3.0 hrs 27.0 secs, 3.0 hrs 28.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
 
 1254722767.529046 new_connection
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.0, service={\x0a\x0a}, history=, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.0, service={\x0a\x0a}, history=, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722767.875996 connection_established
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.34695, service={\x0a\x0a}, history=Sh, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.34695, service={\x0a\x0a}, history=Sh, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722768.219663 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -65,7 +65,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.219663 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 xc90.websitewelcome.com ESMTP Exim 4.69 #1 Mon, 05 Oct 2009 01:05:54 -0500 , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 xc90.websitewelcome.com ESMTP Exim 4.69 #1 Mon, 05 Oct 2009 01:05:54 -0500 , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -73,7 +73,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.219663 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 We do not authorize the use of this system to transport unsolicited, , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 We do not authorize the use of this system to transport unsolicited, , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -81,18 +81,18 @@
                   [5] cont_resp: bool    = F
 
 1254722768.224809 protocol_confirmation
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=2, num_bytes_ip=269, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.695763, service={\x0a\x0a}, history=ShAdD, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=2, num_bytes_ip=269, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.695763, service={\x0a\x0a}, history=ShAdD, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] atype: enum        = Analyzer::ANALYZER_SMTP
                   [2] aid: count         = 7
 
 1254722768.224809 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=2, num_bytes_ip=269, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.695763, service={\x0aSMTP\x0a}, history=ShAdD, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=2, num_bytes_ip=269, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.695763, service={\x0aSMTP\x0a}, history=ShAdD, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = EHLO
                   [3] arg: string        = GP
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -100,7 +100,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 xc90.websitewelcome.com Hello GP [122.162.143.157], path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 xc90.websitewelcome.com Hello GP [122.162.143.157], path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -108,7 +108,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 SIZE 52428800, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 SIZE 52428800, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -116,7 +116,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 PIPELINING, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 PIPELINING, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -124,7 +124,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH PLAIN LOGIN, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH PLAIN LOGIN, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -132,7 +132,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 STARTTLS, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 STARTTLS, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -140,13 +140,13 @@
                   [5] cont_resp: bool    = F
 
 1254722768.568729 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.039683, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.039683, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = AUTH
                   [3] arg: string        = LOGIN
 
 1254722768.911081 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382035, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382035, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 334
                   [3] cmd: string        = AUTH
@@ -154,13 +154,13 @@
                   [5] cont_resp: bool    = F
 
 1254722768.911655 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382609, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382609, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = **
                   [3] arg: string        = Z3VycGFydGFwQHBhdHJpb3RzLmlu
 
 1254722769.253544 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.724498, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.724498, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 334
                   [3] cmd: string        = AUTH_ANSWER
@@ -168,13 +168,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.254118 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.725072, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.725072, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = **
                   [3] arg: string        = cHVuamFiQDEyMw==
 
 1254722769.613798 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.084752, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.084752, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 235
                   [3] cmd: string        = AUTH_ANSWER
@@ -182,13 +182,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.614414 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.085368, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.085368, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = MAIL
                   [3] arg: string        = FROM: <gurpartap@patriots.in>
 
 1254722769.956765 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -196,13 +196,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.957250 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO: <raj_deol2002in@yahoo.co.in>
 
 1254722770.319708 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -210,16 +210,16 @@
                   [5] cont_resp: bool    = F
 
 1254722770.320203 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1254722770.320203 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.661679 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -227,243 +227,243 @@
                   [5] cont_resp: bool    = F
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=FROM, value="Gurpartap Singh" <gurpartap@patriots.in>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=TO, value=<raj_deol2002in@yahoo.co.in>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=SUBJECT, value=SMTP]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=DATE, value=Mon, 5 Oct 2009 11:36:07 +0530]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MESSAGE-ID, value=<000301ca4581$ef9e57f0$cedb07d0$@in>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MIME-VERSION, value=1.0]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=multipart/mixed;\x09boundary="----=_NextPart_000_0004_01CA45B0.095693F0"]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-MAILER, value=Microsoft Office Outlook 12.0]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=THREAD-INDEX, value=AcpFgem9BvjjZEDeR1Kh8i+hUyVo0A==]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-LANGUAGE, value=en-us]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-CR-HASHEDPUZZLE, value=SeA= AAR2 ADaH BpiO C4G1 D1gW FNB1 FPkR Fn+W HFCP HnYJ JO7s Kum6 KytW LFcI LjUt;1;cgBhAGoAXwBkAGUAbwBsADIAMAAwADIAaQBuAEAAeQBhAGgAbwBvAC4AYwBvAC4AaQBuAA==;Sosha1_v1;7;{CAA37F59-1850-45C7-8540-AA27696B5398};ZwB1AHIAcABhAHIAdABhAHAAQABwAGEAdAByAGkAbwB0AHMALgBpAG4A;Mon, 05 Oct 2009 06:06:01 GMT;UwBNAFQAUAA=]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-CR-PUZZLEID, value={CAA37F59-1850-45C7-8540-AA27696B5398}]
 
 1254722770.692743 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=multipart/alternative;\x09boundary="----=_NextPart_001_0005_01CA45B0.095693F0"]
 
 1254722770.692743 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/plain;\x09charset="us-ascii"]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=7bit]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 file_new
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692743 file_over_new_connection
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 file_sniff
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/plain, mime_types=[[strength=-20, mime=text/plain]]]
 
 1254722770.692743 file_state_remove
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722770.692743 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/html;\x09charset="us-ascii"]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=quoted-printable]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 file_new
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692743 file_over_new_connection
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 file_sniff
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/html, mime_types=[[strength=100, mime=text/html], [strength=20, mime=text/html], [strength=-20, mime=text/plain]]]
 
 1254722770.692804 file_state_remove
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=text/html, filename=<uninitialized>, duration=61.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=text/html, filename=<uninitialized>, duration=61.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722770.692804 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722770.692804 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692804 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/plain;\x09name="NEWS.txt"]
 
 1254722770.692804 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=quoted-printable]
 
 1254722770.692804 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-DISPOSITION, value=attachment;\x09filename="NEWS.txt"]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 file_new
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692804 file_over_new_connection
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.695115 new_connection
-                  [0] c: connection      = [id=[orig_h=192.168.1.1, orig_p=3/icmp, resp_h=10.10.1.4, resp_p=4/icmp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], start_time=1254722770.695115, duration=0.0, service={\x0a\x0a}, history=, uid=CCvvfg3TEfuqmmG4bh, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.1.1, orig_p=3/icmp, resp_h=10.10.1.4, resp_p=4/icmp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], start_time=1254722770.695115, duration=0.0, service={\x0a\x0a}, history=, uid=CCvvfg3TEfuqmmG4bh, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722771.494181 file_sniff
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.494181, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=NEWS.txt, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.494181, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=NEWS.txt, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/plain, mime_types=[[strength=-20, mime=text/plain]]]
 
 1254722771.858334 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722771.858334 file_state_remove
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.858316, seen_bytes=10809, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=text/plain, filename=NEWS.txt, duration=801.0 msecs 376.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.858316, seen_bytes=10809, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=text/plain, filename=NEWS.txt, duration=801.0 msecs 376.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722771.858334 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722771.858334 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1254722772.248789 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .
@@ -471,13 +471,13 @@
                   [5] cont_resp: bool    = F
 
 1254722774.763825 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=4, num_pkts=25, num_bytes_ip=21547, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.234779, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=4, num_pkts=25, num_bytes_ip=21547, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.234779, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = QUIT
                   [3] arg: string        = 
 
 1254722775.105467 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=5, num_pkts=27, num_bytes_ip=21633, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=538, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.576421, service={\x0aSMTP\x0a}, history=ShAdDaF, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=5, num_pkts=27, num_bytes_ip=21633, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=538, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.576421, service={\x0aSMTP\x0a}, history=ShAdDaF, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 221
                   [3] cmd: string        = QUIT
@@ -485,33 +485,33 @@
                   [5] cont_resp: bool    = F
 
 1254722776.690444 new_connection
-                  [0] c: connection      = [id=[orig_h=10.10.1.20, orig_p=138/udp, resp_h=10.10.1.255, resp_p=138/udp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:02:3f:ec:61:11], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=ff:ff:ff:ff:ff:ff], start_time=1254722776.690444, duration=0.0, service={\x0a\x0a}, history=, uid=CsRx2w45OKnoww6xl4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.20, orig_p=138/udp, resp_h=10.10.1.255, resp_p=138/udp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:02:3f:ec:61:11], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=ff:ff:ff:ff:ff:ff], start_time=1254722776.690444, duration=0.0, service={\x0a\x0a}, history=, uid=CsRx2w45OKnoww6xl4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831776.764391 ChecksumOffloading::check
 1437831776.764391 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=1, num_bytes_ip=128, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=1, num_bytes_ip=128, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831776.764391 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=5, num_pkts=28, num_bytes_ip=21673, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=538, state=5, num_pkts=25, num_bytes_ip=1546, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.576953, service={\x0aSMTP\x0a}, history=ShAdDaFf, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=221 xc90.websitewelcome.com closing connection, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=5, num_pkts=28, num_bytes_ip=21673, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=538, state=5, num_pkts=25, num_bytes_ip=1546, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.576953, service={\x0aSMTP\x0a}, history=ShAdDaFf, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=221 xc90.websitewelcome.com closing connection, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831776.764391 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=192.168.1.1, orig_p=3/icmp, resp_h=10.10.1.4, resp_p=4/icmp], orig=[size=2192, state=1, num_pkts=4, num_bytes_ip=2304, flow_label=0, l2_addr=00:1f:33:d9:81:60], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], start_time=1254722770.695115, duration=0.001519, service={\x0a\x0a}, history=, uid=CCvvfg3TEfuqmmG4bh, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.1.1, orig_p=3/icmp, resp_h=10.10.1.4, resp_p=4/icmp], orig=[size=2192, state=1, num_pkts=4, num_bytes_ip=2304, flow_label=0, l2_addr=00:1f:33:d9:81:60], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], start_time=1254722770.695115, duration=0.001519, service={\x0a\x0a}, history=, uid=CCvvfg3TEfuqmmG4bh, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831776.764391 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=10.10.1.20, orig_p=138/udp, resp_h=10.10.1.255, resp_p=138/udp], orig=[size=201, state=1, num_pkts=1, num_bytes_ip=229, flow_label=0, l2_addr=00:02:3f:ec:61:11], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=ff:ff:ff:ff:ff:ff], start_time=1254722776.690444, duration=0.0, service={\x0a\x0a}, history=D, uid=CsRx2w45OKnoww6xl4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.20, orig_p=138/udp, resp_h=10.10.1.255, resp_p=138/udp], orig=[size=201, state=1, num_pkts=1, num_bytes_ip=229, flow_label=0, l2_addr=00:02:3f:ec:61:11], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=ff:ff:ff:ff:ff:ff], start_time=1254722776.690444, duration=0.0, service={\x0a\x0a}, history=D, uid=CsRx2w45OKnoww6xl4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831776.764391 filter_change_tracking
 1437831776.764391 new_connection
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49285/tcp, resp_h=66.196.121.26, resp_p=5050/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831776.764391, duration=0.0, service={\x0a\x0a}, history=, uid=CRJuHdVW0XPVINV8a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49285/tcp, resp_h=66.196.121.26, resp_p=5050/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831776.764391, duration=0.0, service={\x0a\x0a}, history=, uid=CRJuHdVW0XPVINV8a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831787.856895 new_connection
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.0, service={\x0a\x0a}, history=, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.0, service={\x0a\x0a}, history=, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831787.861602 connection_established
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.004707, service={\x0a\x0a}, history=Sh, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.004707, service={\x0a\x0a}, history=Sh, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831787.867142 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.010247, service={\x0a\x0a}, history=ShAd, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.010247, service={\x0a\x0a}, history=ShAd, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -519,18 +519,18 @@
                   [5] cont_resp: bool    = F
 
 1437831787.883306 protocol_confirmation
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=3, num_bytes_ip=168, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=2, num_bytes_ip=147, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.026411, service={\x0a\x0a}, history=ShAdD, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=3, num_bytes_ip=168, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=2, num_bytes_ip=147, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.026411, service={\x0a\x0a}, history=ShAdD, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] atype: enum        = Analyzer::ANALYZER_SMTP
                   [2] aid: count         = 21
 
 1437831787.883306 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=3, num_bytes_ip=168, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=2, num_bytes_ip=147, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.026411, service={\x0aSMTP\x0a}, history=ShAdD, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=3, num_bytes_ip=168, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=2, num_bytes_ip=147, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.026411, service={\x0aSMTP\x0a}, history=ShAdD, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = EHLO
                   [3] arg: string        = [192.168.133.100]
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -538,7 +538,7 @@
                   [5] cont_resp: bool    = T
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 uprise, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 uprise, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -546,7 +546,7 @@
                   [5] cont_resp: bool    = T
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 8BITMIME, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 8BITMIME, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -554,7 +554,7 @@
                   [5] cont_resp: bool    = T
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH LOGIN, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH LOGIN, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -562,13 +562,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.887031 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=5, num_bytes_ip=296, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.030136, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=5, num_bytes_ip=296, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.030136, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = MAIL
                   [3] arg: string        = FROM:<albert@example.com>
 
 1437831787.889785 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -576,13 +576,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.890232 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<ericlim220@yahoo.com>
 
 1437831787.892986 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -590,13 +590,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.893587 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<felica4uu@hotmail.com>
 
 1437831787.897624 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -604,13 +604,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.898413 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<davis_mark1@outlook.com>
 
 1437831787.901069 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -618,16 +618,16 @@
                   [5] cont_resp: bool    = F
 
 1437831787.901697 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1437831787.901697 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831787.904758 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -635,104 +635,104 @@
                   [5] cont_resp: bool    = F
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/plain; charset=us-ascii]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MIME-VERSION, value=1.0 (Mac OS X Mail 8.2 \(2102\))]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=SUBJECT, value=Re: Bro SMTP CC Header]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=FROM, value=Albert Zaharovits <albert@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=IN-REPLY-TO, value=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=DATE, value=Sat, 25 Jul 2015 16:43:07 +0300]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CC, value=felica4uu@hotmail.com, davis_mark1@outlook.com]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=7bit]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MESSAGE-ID, value=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=REFERENCES, value=<FA60128E-63CF-4C4E-8241-C5805EA0F66E@example.com> <9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=TO, value=ericlim220@yahoo.com]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-MAILER, value=Apple Mail (2.2102)]
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 file_new
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831787.905375 file_over_new_connection
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 file_sniff
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/plain, mime_types=[[strength=-20, mime=text/plain]]]
 
 1437831787.905375 file_state_remove
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1437831787.905375 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1437831787.914113 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .
@@ -740,59 +740,59 @@
                   [5] cont_resp: bool    = F
 
 1437831798.533593 new_connection
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49336/tcp, resp_h=74.125.71.189, resp_p=443/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], start_time=1437831798.533593, duration=0.0, service={\x0a\x0a}, history=, uid=C6pKV8GSxOnSLghOa, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49336/tcp, resp_h=74.125.71.189, resp_p=443/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], start_time=1437831798.533593, duration=0.0, service={\x0a\x0a}, history=, uid=C6pKV8GSxOnSLghOa, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831799.262632 new_connection
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49153/tcp, resp_h=17.172.238.21, resp_p=5223/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.262632, duration=0.0, service={\x0a\x0a}, history=, uid=CIPOse170MGiRM1Qf4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49153/tcp, resp_h=17.172.238.21, resp_p=5223/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.262632, duration=0.0, service={\x0a\x0a}, history=, uid=CIPOse170MGiRM1Qf4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831799.461152 new_connection
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.0, service={\x0a\x0a}, history=, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.0, service={\x0a\x0a}, history=, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831799.610433 connection_established
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.149281, service={\x0a\x0a}, history=Sh, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=0, state=4, num_pkts=1, num_bytes_ip=64, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.149281, service={\x0a\x0a}, history=Sh, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831799.611764 ssl_extension_server_name
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] names: vector of string = [p31-keyvalueservice.icloud.com]
 
 1437831799.611764 ssl_extension
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] code: count        = 0
                   [3] val: string        = \x00!\x00\x00\x1ep31-keyvalueservice.icloud.com
 
 1437831799.611764 ssl_extension
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] code: count        = 10
                   [3] val: string        = \x00\x06\x00\x17\x00\x18\x00\x19
 
 1437831799.611764 ssl_extension
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] code: count        = 11
                   [3] val: string        = \x01\x00
 
 1437831799.611764 ssl_extension
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] code: count        = 13
                   [3] val: string        = \x00\x0a\x05\x01\x04\x01\x02\x01\x04\x03\x02\x03
 
 1437831799.611764 ssl_extension
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] code: count        = 13172
                   [3] val: string        = 
 
 1437831799.611764 protocol_confirmation
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0a\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] atype: enum        = Analyzer::ANALYZER_SSL
                   [2] aid: count         = 35
 
 1437831799.611764 ssl_client_hello
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0aSSL\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0aSSL\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] version: count     = 771
                   [2] possible_ts: time  = 1437831799.0
                   [3] client_random: string = \xd4\xda\xbe{\xfa\xaa\x16\xb2\xe7\x92\x9d\xbf\xe1c\x97\xde\xdca7\x92\x90\xf6\x967\xf7\xec\x1e\xe6
@@ -800,19 +800,19 @@
                   [5] ciphers: vector of count = [255, 49188, 49187, 49162, 49161, 49160, 49192, 49191, 49172, 49171, 49170, 49190, 49189, 49157, 49156, 49155, 49194, 49193, 49167, 49166, 49165, 107, 103, 57, 51, 22, 61, 60, 53, 47, 10, 49159, 49169, 49154, 49164, 5, 4]
 
 1437831799.611764 ssl_handshake_message
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0aSSL\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=2, num_bytes_ip=104, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.150612, service={\x0aSSL\x0a}, history=ShAD, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] msg_type: count    = 1
                   [3] length: count      = 192
 
 1437831799.764576 ssl_extension
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 65281
                   [3] val: string        = \x00
 
 1437831799.764576 ssl_server_hello
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=<uninitialized>, cipher=<uninitialized>, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] version: count     = 771
                   [2] possible_ts: time  = 1437831799.0
                   [3] server_random: string = \xe2RB\xdds\x11\xa9\xd4\x1d\xbc\x8e\xe2]\x09\xc5\xfc\xb1\xedl\xed\x17\xb2?a\xac\x81QM
@@ -821,184 +821,184 @@
                   [6] comp_method: count = 0
 
 1437831799.764576 ssl_handshake_message
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] msg_type: count    = 2
                   [3] length: count      = 77
 
 1437831799.764576 file_new
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831799.764576 file_over_new_connection
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SSL, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SSL, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=<uninitialized>, cert_chain_fuids=<uninitialized>, client_cert_chain=<uninitialized>, client_cert_chain_fuids=<uninitialized>, subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1437831799.764576 file_sniff
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=<uninitialized>, mime_types=<uninitialized>]
 
 1437831799.764576 x509_certificate
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] cert_ref: opaque of x509 = <no value description>
                   [2] cert: X509::Certificate = [version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]
 
 1437831799.764576 x509_ext_basic_constraints
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::BasicConstraints = [ca=F, path_len=<uninitialized>]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]
 
 1437831799.764576 x509_ext_subject_alternative_name
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=<uninitialized>, basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::SubjectAlternativeName = [dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F]
 
 1437831799.764576 file_hash
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] kind: string       = sha1
                   [2] hash: string       = f5ccb1a724133607548b00d8eb402efca3076d58
 
 1437831799.764576 file_state_remove
-                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=F1vce92FT1oRjKI328, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x05z0\x82\x04b\xa0\x03\x02\x01\x02\x02\x08\x05?\xce\x9b\xa6\x80[\x000\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x1e\x17\x0d150217144531Z\x17\x0d170318144531Z0u1\x150\x13\x06\x03U\x04\x03\x0c\x0c*.icloud.com1%0#\x06\x03U\x04\x0b\x0c\x1cmanagement:idms.group.5063641\x130\x11\x06\x03U\x04\x0a\x0c\x0aApple Inc.1\x130\x11\x06\x03U\x04\x08\x0c\x0aCalifornia1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xb8+L\xa2[\xca\xcd\x02\x1a/\x8b]\xaci\xe6\x0f#L\x98W\x87\x88\x94\x02\xae\xd0\xf4F\x15\xb4\xc2\xa9y\xab\x1b2\xdcT\xea\x8d\xf5\xf5c\xa7KR\xde \x0f=\x13\x89\xf2\x1dd\x85vhE\xc3\xd9vJ\x0eJV\x19\xa7\x0c2\x08\xf8\x10t\xa5[\xdc\x0b\x83\x93\x89\x0d\xa9\xc5t~mUvn\xcaV\xc8D2\xe8\xb4\xa2\x02\xef\x7f*\xba\xb9x\xa8G\x82\x1f\xac\x8e\xff\x93\x00\xb9y&\x84"vU\xf5\x9f\xa8\x86\xe8~m\x0f\x80\x95(\x0d\x0a\xdfESHC\xf8\xeb\x13n\x98\xac\xd6\x96\x19~j\x15XtD|7\x7ft\xe7\x1e\x8a\x96uP\xc9\x97\x8c\xb1]6y\x90\xb2\x06H\xa3\xd2\xe2\xd8/\xcb\xe8\x13\xa0\xe2es9s\xe5u'\xbe\xf4F\xaa\xc2n"\xe0\x13\x1d\xc3\x04\x90XnP\x07Lh\xca/lN\xc6\xb6 \xa7*J\xc9g\xb3&\x94\x05\x14\xe2\x0cU\x1c\xdban*\xd8z\xec\x8cs5\x04\x975w\x9di(sr\x14\xd2>\xf3\x13\x02\x03\x01\x00\x01\xa3\x82\x02\x1f0\x82\x02\x1b0H\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04<0:08\x06\x08+\x06\x01\x05\x05\x070\x01\x86,http://ocsp.apple.com/ocsp04-appleistca2g1010\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x8eQ\xa1\x0e\x0a\x9b\x1c\x04\xf7Y\xd3i.#\x16\x91\x0e\xad\x06\xfb0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x81\xff\x06\x03U\x1d \x04\x81\xf70\x81\xf40\x81\xf1\x06\x0a*\x86H\x86\xf7cd\x05\x0b\x040\x81\xe20\x81\xa4\x06\x08+\x06\x01\x05\x05\x07\x02\x020\x81\x97\x0c\x81\x94Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.09\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16-http://www.apple.com/certificateauthority/rpa07\x06\x03U\x1d\x1f\x0400.0,\xa0*\xa0(\x86&http://crl.apple.com/appleistca2g1.crl0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x17\x06\x03U\x1d\x11\x04\x100\x0e\x82\x0c*.icloud.com0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00@fi\xb2+\x8clA\xe2Bc\xde\x101\xa4.M\xc9 \xb3\x1c\xf3k)\xd1\x9eI\x17\xbf"\x8c\xcd\xb1H\x14\xd6\x8c\x8eO2\x84v`E\xbb(\x9cj\xea)\xd3\x191\xfb\x1ei\x9e\xd7\xf4\xb7\xa9\x1c\x92vY\xdeR*\xa2}>\x81d\x0dW\x07\xae\x17\x81{\xe2\x9c\x9fT-\x19\xe3c#\x8a\xfc\x08\xbb\x8eR\xf0-3\x81\x16bh\xaaY\x03\xcc\xd1\xea\x9e\xe6\xe6\xc11\xa0e\x02* \xad{\xdeI\x8fQ\x0f]\xf3"\x18\x19\xea\x04\x97y\x19\xa5\x9f#\xae\xaei\x84r6W\x93d\xe7\xdbF\xed\x8c\x13Yh\xb0g$\xfa\xaa,\xe4\xe7\xd7\xe7_G\x92\x14\xb2O\x0a\xc8Y\xa5\x9bx\xae\x88\xd1u\x19\xb6\x96\x88\x1a\xbf\xac\x91\x92\xc4B\x07\xc6\x8a\x03 \x01a\xe0\xfc\xd4\x86\x8d\x14c\x08}~\x97o\xa7\x90\xbb\x98~\xe2\xa8\x8d\xfai\x9d\xd3\xabI\xa0D\xa8\xe6\xf8#\xae\xbb\xd2\xf5\xf1\x87\xe0\x88\x0f\xe9\xf5\x91\xbb58Y@\xf7\x82\xc1\x80{\x92\x90\xc3, info=[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831799.764576 file_new
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831799.764576 file_over_new_connection
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SSL, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SSL, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1437831799.764576 file_sniff
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=<uninitialized>, mime_types=<uninitialized>]
 
 1437831799.764576 x509_certificate
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] cert_ref: opaque of x509 = <no value description>
                   [2] cert: X509::Certificate = [version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]
 
 1437831799.764576 x509_ext_basic_constraints
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=<uninitialized>], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::BasicConstraints = [ca=T, path_len=0]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a]
 
 1437831799.764576 x509_extension
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] ext: X509::Extension = [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]
 
 1437831799.764576 file_hash
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] kind: string       = sha1
                   [2] hash: string       = 8e8321ca08b08e3726fe1d82996884eeb5f0d655
 
 1437831799.764576 file_state_remove
-                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fxp53s3wA5G3zdEJg8, parent_id=<uninitialized>, source=SSL, is_orig=F, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a\x09}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a\x09], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a\x09], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x09\x0917.167.150.73\x0a\x09}, rx_hosts={\x0a\x09\x09192.168.133.100\x0a\x09}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a\x09}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a\x09}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a\x09], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a\x09], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a\x09], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a\x09]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831799.764576, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=0\x82\x04@0\x82\x03(\xa0\x03\x02\x01\x02\x02\x03\x02:t0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x000B1\x0b0\x09\x06\x03U\x04\x06\x13\x02US1\x160\x14\x06\x03U\x04\x0a\x13\x0dGeoTrust Inc.1\x1b0\x19\x06\x03U\x04\x03\x13\x12GeoTrust Global CA0\x1e\x17\x0d140616154202Z\x17\x0d220520154202Z0b1\x1c0\x1a\x06\x03U\x04\x03\x13\x13Apple IST CA 2 - G11 0\x1e\x06\x03U\x04\x0b\x13\x17Certification Authority1\x130\x11\x06\x03U\x04\x0a\x13\x0aApple Inc.1\x0b0\x09\x06\x03U\x04\x06\x13\x02US0\x82\x01"0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\x0a\x02\x82\x01\x01\x00\xd0\x93\xa1\x1dGC \x16\xb2\x0bk\xeb\xc3\xd5\xb4\xe8\xc7\x98\xcd\xf3\xde\xbf\xe8M\xe9\xe36\x80\x07\xfcE\x1bj|E\x86\xaeV\xd3\xa4\x09\x7fa\x0dk]~Rk}\xb4\xc89\xc4\xf4g:\xf7\x83\xce\x19o\x86/~E~G\x1cgR\xca\x95\x05]\xe26Q\x85\xc0\xd4g\x805o\x15\xdd>\xfd\x1d\xd2\xfd\x8f4P\xd8\xecv*\xbe\xe3\xd3\xda\xe4\xfd\xc8\xeb(\x02\x96\x11\x97\x17a\x1c\xe9\xc4Y;B\xdc2\xd1\x09\x1d\xda\xa6\xd1C\x86\xff^\xb2\xbc\x8c\xcff\xdb\x01\x8b\x02\xae\x94H\xf38\x8f\xfd\xea2\xa8\x08\xec\x86\x97Q\x94$>II\x96S\xe8y\xa1@\x81\xe9\x05\xbb\x93\x95Q\xfc\xe3\xfd|\x11K\xf7\x9e\x08\xb3\x15I\x15\x07\xf9\xd17\xa0\x9bK2\xf6\xb5\xc4\xdcj\xd1\xfc\x0a\xed\xf6\xe0\xc5)\xa0\xa8\x8bq\xfe\x0d\x92\xbc\xfeTp\x18\x0am\xc7\xed\x0c\xfb\xc9-\x06\xc3\x8c\x85\xfc\xcb\x86\\xd66\x8e\x12\x8b\x09\x7f\xfb\x19\x1a8\xd5\xf0\x940z\x0f\xa6\x8c\xf3\x02\x03\x01\x00\x01\xa3\x82\x01\x1d0\x82\x01\x190\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xc0z\x98h\x8d\x89\xfb\xab\x05d\x0c\x11}\xaa}e\xb8\xca\xccN0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xd8z\x94D|\x90p\x90\x16\x9e\xdd\x17\x9c\x01D\x03\x86\xd6*)0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x0605\x06\x03U\x1d\x1f\x04.0,0*\xa0(\xa0&\x86$http://g.symcb.com/crls/gtglobal.crl0.\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04"0 0\x1e\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x12http://g.symcd.com0L\x06\x03U\x1d \x04E0C0A\x06\x0a`\x86H\x01\x86\xf8E\x01\x0760301\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16%http://www.geotrust.com/resources/cps0\x0d\x06\x09*\x86H\x86\xf7\x0d\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x16Gso\x85\xa2b\xe1\xe7*v\xbb\x89\x95B&\x97\xbcJ\xac\xacpS:?1\x83=<\x1c\xab\x9a\xe2\xb1]\x1cv\x1a\xa0<\x0crW\xbe\xd3\x9eP\xe0\xc8\x99\xd6X\xd7\x02\xea\xce\x0d)T|\xcd\xf5\xc2\xc6\x90)U\xa3o\x14\xa8\x0bB\x0d:\x98m\x06x\x9e\xf0j\xa3\x1d\x02\x0a\xa2(\xa4\x8d\xc2\x81F>mg\xda\xde?\xfe\x85\x0eB*\x12\xde\xb5\xb7\xfb\xb8\x1b\xa7\x96\xecw\x9f\xec\xd4S\x95z\xff\x07\xf4\xf2\x0a\x14\xc0QR\xb1\xd6\x8eP\x0b\x1a\x99\\xbc\x0b\xc9\xbd\xed\xed\xf8^\xc1V\xdbM~#\xa4\x11\xa1,\xd4\x1b\x05\x9a\xe4\x1bR\xf6|8\x99\x05K\xbar\x8dB\x89`\x04f*\xf4\xfdh\xd7k\xf7\x99A(\xd6l$\xab\xe6%S.\xc8\x82\x99\xe2\xa2\x8f#\xbe0\x83\xb1'\x8b\xfah\x7f\x01I\xe8\xc6\x98k\x10.\x98^\x8a\xd7\xcaK\xb1\xc7\xc9X\x9a\xd06\xdb\x96\x95\xec\xb6\x81\xe4\xf2\xcdo\x1by\x87L\x10<\x89\xe4M\xfaT\xdc\xaa\xa6, info=[ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831799.764576 ssl_handshake_message
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] msg_type: count    = 11
                   [3] length: count      = 2507
 
 1437831799.764576 ssl_handshake_message
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=201, state=4, num_pkts=4, num_bytes_ip=385, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=2, num_bytes_ip=1532, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.303424, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] msg_type: count    = 14
                   [3] length: count      = 0
 
 1437831799.838196 ssl_handshake_message
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=468, state=4, num_pkts=5, num_bytes_ip=425, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=3, num_bytes_ip=2733, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.377044, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=468, state=4, num_pkts=5, num_bytes_ip=425, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=3, num_bytes_ip=2733, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.377044, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=F, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] msg_type: count    = 16
                   [3] length: count      = 258
 
 1437831799.838197 ssl_change_cipher_spec
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=474, state=4, num_pkts=6, num_bytes_ip=732, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=3, num_bytes_ip=2733, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.377045, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=474, state=4, num_pkts=6, num_bytes_ip=732, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2601, state=4, num_pkts=3, num_bytes_ip=2733, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.377045, service={\x0aSSL\x0a}, history=ShADd, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
 
 1437831800.045701 ssl_change_cipher_spec
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=511, state=4, num_pkts=8, num_bytes_ip=855, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2644, state=4, num_pkts=6, num_bytes_ip=2853, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.584549, service={\x0aSSL\x0a}, history=ShADda, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=511, state=4, num_pkts=8, num_bytes_ip=855, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2644, state=4, num_pkts=6, num_bytes_ip=2853, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.584549, service={\x0aSSL\x0a}, history=ShADda, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
 
 1437831800.045701 ssl_established
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=511, state=4, num_pkts=8, num_bytes_ip=855, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2644, state=4, num_pkts=6, num_bytes_ip=2853, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.584549, service={\x0aSSL\x0a}, history=ShADda, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=511, state=4, num_pkts=8, num_bytes_ip=855, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=2644, state=4, num_pkts=6, num_bytes_ip=2853, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.584549, service={\x0aSSL\x0a}, history=ShADda, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=35, established=F, logged=F, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=<uninitialized>, issuer=<uninitialized>, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831800.217854 net_done
                   [0] t: time            = 1437831800.217854
 
 1437831800.217854 filter_change_tracking
 1437831800.217854 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=17, num_bytes_ip=1865, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=10, num_bytes_ip=690, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.05732, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.914113, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=2, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=1, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=17, num_bytes_ip=1865, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=10, num_bytes_ip=690, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.05732, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.914113, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=2, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=1, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831800.217854 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49153/tcp, resp_h=17.172.238.21, resp_p=5223/tcp], orig=[size=714, state=3, num_pkts=1, num_bytes_ip=766, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=3, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.262632, duration=0.147503, service={\x0a\x0a}, history=Da, uid=CIPOse170MGiRM1Qf4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49153/tcp, resp_h=17.172.238.21, resp_p=5223/tcp], orig=[size=714, state=3, num_pkts=1, num_bytes_ip=766, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=3, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.262632, duration=0.147503, service={\x0a\x0a}, history=Da, uid=CIPOse170MGiRM1Qf4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831800.217854 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49285/tcp, resp_h=66.196.121.26, resp_p=5050/tcp], orig=[size=41, state=3, num_pkts=1, num_bytes_ip=93, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=3, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831776.764391, duration=0.343008, service={\x0a\x0a}, history=Da, uid=CRJuHdVW0XPVINV8a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49285/tcp, resp_h=66.196.121.26, resp_p=5050/tcp], orig=[size=41, state=3, num_pkts=1, num_bytes_ip=93, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=0, state=3, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831776.764391, duration=0.343008, service={\x0a\x0a}, history=Da, uid=CRJuHdVW0XPVINV8a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831800.217854 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=2249, state=4, num_pkts=15, num_bytes_ip=2873, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=3653, state=4, num_pkts=13, num_bytes_ip=4185, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.756702, service={\x0aSSL\x0a}, history=ShADda, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=T, logged=T, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], orig=[size=2249, state=4, num_pkts=15, num_bytes_ip=2873, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=3653, state=4, num_pkts=13, num_bytes_ip=4185, flow_label=0, l2_addr=cc:b2:55:f4:62:92], start_time=1437831799.461152, duration=0.756702, service={\x0aSSL\x0a}, history=ShADda, uid=C7XEbhP654jzLoe3a, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=[ts=1437831799.611764, uid=C7XEbhP654jzLoe3a, id=[orig_h=192.168.133.100, orig_p=49655/tcp, resp_h=17.167.150.73, resp_p=443/tcp], version=TLSv12, cipher=TLS_RSA_WITH_RC4_128_MD5, curve=<uninitialized>, server_name=p31-keyvalueservice.icloud.com, session_id=<uninitialized>, resumed=F, client_ticket_empty_session_seen=F, client_key_exchange_seen=T, last_alert=<uninitialized>, next_protocol=<uninitialized>, analyzer_id=<uninitialized>, established=T, logged=T, delay_tokens=<uninitialized>, cert_chain=[[ts=1437831799.764576, fuid=F1vce92FT1oRjKI328, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1406, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=f5ccb1a724133607548b00d8eb402efca3076d58, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=F1vce92FT1oRjKI328, certificate=[version=3, serial=053FCE9BA6805B00, subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, cn=*.icloud.com, not_valid_before=1424184331.0, not_valid_after=1489848331.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://ocsp.apple.com/ocsp04-appleistca2g101\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=8E:51:A1:0E:0A:9B:1C:04:F7:59:D3:69:2E:23:16:91:0E:AD:06:FB], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:FALSE], [name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.2.840.113635.100.5.11.4\x0a  User Notice:\x0a    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.\x0a  CPS: http://www.apple.com/certificateauthority/rpa\x0a], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://crl.apple.com/appleistca2g1.crl\x0a], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Digital Signature, Key Encipherment], [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication], [name=X509v3 Subject Alternative Name, short_name=subjectAltName, oid=2.5.29.17, critical=F, value=DNS:*.icloud.com]], san=[dns=[*.icloud.com], uri=<uninitialized>, email=<uninitialized>, ip=<uninitialized>, other_fields=F], basic_constraints=[ca=F, path_len=<uninitialized>]], extracted=<uninitialized>], [ts=1437831799.764576, fuid=Fxp53s3wA5G3zdEJg8, tx_hosts={\x0a\x0917.167.150.73\x0a}, rx_hosts={\x0a\x09192.168.133.100\x0a}, conn_uids={\x0aC7XEbhP654jzLoe3a\x0a}, source=SSL, depth=0, analyzers={\x0aX509,\x0aMD5,\x0aSHA1\x0a}, mime_type=application/pkix-cert, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=1092, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=8e8321ca08b08e3726fe1d82996884eeb5f0d655, sha256=<uninitialized>, x509=[ts=1437831799.764576, id=Fxp53s3wA5G3zdEJg8, certificate=[version=3, serial=023A74, subject=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, issuer=CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US, cn=Apple IST CA 2 - G1, not_valid_before=1402933322.0, not_valid_after=1653061322.0, key_alg=rsaEncryption, sig_alg=sha256WithRSAEncryption, key_type=rsa, key_length=2048, exponent=65537, curve=<uninitialized>], handle=<no value description>, extensions=[[name=X509v3 Authority Key Identifier, short_name=authorityKeyIdentifier, oid=2.5.29.35, critical=F, value=keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E\x0a], [name=X509v3 Subject Key Identifier, short_name=subjectKeyIdentifier, oid=2.5.29.14, critical=F, value=D8:7A:94:44:7C:90:70:90:16:9E:DD:17:9C:01:44:03:86:D6:2A:29], [name=X509v3 Basic Constraints, short_name=basicConstraints, oid=2.5.29.19, critical=T, value=CA:TRUE, pathlen:0], [name=X509v3 Key Usage, short_name=keyUsage, oid=2.5.29.15, critical=T, value=Certificate Sign, CRL Sign], [name=X509v3 CRL Distribution Points, short_name=crlDistributionPoints, oid=2.5.29.31, critical=F, value=\x0aFull Name:\x0a  URI:http://g.symcb.com/crls/gtglobal.crl\x0a], [name=Authority Information Access, short_name=authorityInfoAccess, oid=1.3.6.1.5.5.7.1.1, critical=F, value=OCSP - URI:http://g.symcd.com\x0a], [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 2.16.840.1.113733.1.7.54\x0a  CPS: http://www.geotrust.com/resources/cps\x0a]], san=<uninitialized>, basic_constraints=[ca=T, path_len=0]], extracted=<uninitialized>]], cert_chain_fuids=[F1vce92FT1oRjKI328, Fxp53s3wA5G3zdEJg8], client_cert_chain=[], client_cert_chain_fuids=[], subject=C=US,ST=California,O=Apple Inc.,OU=management:idms.group.506364,CN=*.icloud.com, issuer=C=US,O=Apple Inc.,OU=Certification Authority,CN=Apple IST CA 2 - G1, client_subject=<uninitialized>, client_issuer=<uninitialized>, server_depth=0, client_depth=0], http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831800.217854 connection_state_remove
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49336/tcp, resp_h=74.125.71.189, resp_p=443/tcp], orig=[size=0, state=3, num_pkts=3, num_bytes_ip=156, flow_label=0, l2_addr=cc:b2:55:f4:62:92], resp=[size=85, state=3, num_pkts=3, num_bytes_ip=411, flow_label=0, l2_addr=58:b0:35:86:54:8d], start_time=1437831798.533593, duration=0.000221, service={\x0a\x0a}, history=dA, uid=C6pKV8GSxOnSLghOa, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49336/tcp, resp_h=74.125.71.189, resp_p=443/tcp], orig=[size=0, state=3, num_pkts=3, num_bytes_ip=156, flow_label=0, l2_addr=cc:b2:55:f4:62:92], resp=[size=85, state=3, num_pkts=3, num_bytes_ip=411, flow_label=0, l2_addr=58:b0:35:86:54:8d], start_time=1437831798.533593, duration=0.000221, service={\x0a\x0a}, history=dA, uid=C6pKV8GSxOnSLghOa, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831800.217854 bro_done
 1437831800.217854 ChecksumOffloading::check
diff --git a/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log b/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log
index 0432deb2aa..5ad3795032 100644
--- a/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log
+++ b/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log
@@ -1,5 +1,5 @@
 1254722768.219663 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -7,7 +7,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.219663 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 xc90.websitewelcome.com ESMTP Exim 4.69 #1 Mon, 05 Oct 2009 01:05:54 -0500 , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 xc90.websitewelcome.com ESMTP Exim 4.69 #1 Mon, 05 Oct 2009 01:05:54 -0500 , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -15,7 +15,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.219663 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 We do not authorize the use of this system to transport unsolicited, , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=1, num_bytes_ip=48, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.690617, service={\x0a\x0a}, history=ShAd, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 We do not authorize the use of this system to transport unsolicited, , path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -23,13 +23,13 @@
                   [5] cont_resp: bool    = F
 
 1254722768.224809 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=2, num_bytes_ip=269, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.695763, service={\x0aSMTP\x0a}, history=ShAdD, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=2, num_bytes_ip=88, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=181, state=4, num_pkts=2, num_bytes_ip=269, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=0.695763, service={\x0aSMTP\x0a}, history=ShAdD, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = EHLO
                   [3] arg: string        = GP
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 and/or bulk e-mail., path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -37,7 +37,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 xc90.websitewelcome.com Hello GP [122.162.143.157], path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 xc90.websitewelcome.com Hello GP [122.162.143.157], path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -45,7 +45,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 SIZE 52428800, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 SIZE 52428800, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -53,7 +53,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 PIPELINING, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 PIPELINING, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -61,7 +61,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH PLAIN LOGIN, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH PLAIN LOGIN, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -69,7 +69,7 @@
                   [5] cont_resp: bool    = T
 
 1254722768.566183 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 STARTTLS, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=9, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=3, num_bytes_ip=309, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.037137, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 STARTTLS, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -77,13 +77,13 @@
                   [5] cont_resp: bool    = F
 
 1254722768.568729 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.039683, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=3, num_bytes_ip=137, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=318, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.039683, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = AUTH
                   [3] arg: string        = LOGIN
 
 1254722768.911081 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382035, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=21, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=4, num_bytes_ip=486, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382035, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 HELP, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 334
                   [3] cmd: string        = AUTH
@@ -91,13 +91,13 @@
                   [5] cont_resp: bool    = F
 
 1254722768.911655 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382609, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=4, num_bytes_ip=189, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=336, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.382609, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = **
                   [3] arg: string        = Z3VycGFydGFwQHBhdHJpb3RzLmlu
 
 1254722769.253544 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.724498, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=51, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=5, num_bytes_ip=544, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.724498, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 VXNlcm5hbWU6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 334
                   [3] cmd: string        = AUTH_ANSWER
@@ -105,13 +105,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.254118 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.725072, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=5, num_bytes_ip=259, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=354, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=1.725072, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = **
                   [3] arg: string        = cHVuamFiQDEyMw==
 
 1254722769.613798 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.084752, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=69, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=6, num_bytes_ip=602, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.084752, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=334 UGFzc3dvcmQ6, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 235
                   [3] cmd: string        = AUTH_ANSWER
@@ -119,13 +119,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.614414 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.085368, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=6, num_bytes_ip=317, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=384, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.085368, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = MAIL
                   [3] arg: string        = FROM: <gurpartap@patriots.in>
 
 1254722769.956765 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -133,13 +133,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.957250 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO: <raj_deol2002in@yahoo.co.in>
 
 1254722770.319708 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -147,13 +147,13 @@
                   [5] cont_resp: bool    = F
 
 1254722770.320203 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1254722770.661679 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -161,13 +161,13 @@
                   [5] cont_resp: bool    = F
 
 1254722771.858334 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1254722772.248789 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=<gurpartap@patriots.in>, rcptto={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .
@@ -175,13 +175,13 @@
                   [5] cont_resp: bool    = F
 
 1254722774.763825 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=4, num_pkts=25, num_bytes_ip=21547, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.234779, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=4, num_pkts=25, num_bytes_ip=21547, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.234779, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = QUIT
                   [3] arg: string        = 
 
 1254722775.105467 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=5, num_pkts=27, num_bytes_ip=21633, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=538, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.576421, service={\x0aSMTP\x0a}, history=ShAdDaF, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14705, state=5, num_pkts=27, num_bytes_ip=21633, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=538, state=4, num_pkts=22, num_bytes_ip=1378, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=7.576421, service={\x0aSMTP\x0a}, history=ShAdDaF, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722772.248789, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=2, helo=GP, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=<uninitialized>, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=1, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 221
                   [3] cmd: string        = QUIT
@@ -189,7 +189,7 @@
                   [5] cont_resp: bool    = F
 
 1437831787.867142 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.010247, service={\x0a\x0a}, history=ShAd, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=0, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.010247, service={\x0a\x0a}, history=ShAd, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 220
                   [3] cmd: string        = >
@@ -197,13 +197,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.883306 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=3, num_bytes_ip=168, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=2, num_bytes_ip=147, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.026411, service={\x0aSMTP\x0a}, history=ShAdD, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=3, num_bytes_ip=168, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=35, state=4, num_pkts=2, num_bytes_ip=147, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.026411, service={\x0aSMTP\x0a}, history=ShAdD, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=<uninitialized>, mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=<uninitialized>, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = EHLO
                   [3] arg: string        = [192.168.133.100]
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=220 uprise ESMTP SubEthaSMTP null, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -211,7 +211,7 @@
                   [5] cont_resp: bool    = T
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 uprise, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 uprise, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -219,7 +219,7 @@
                   [5] cont_resp: bool    = T
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 8BITMIME, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 8BITMIME, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -227,7 +227,7 @@
                   [5] cont_resp: bool    = T
 
 1437831787.886281 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH LOGIN, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=24, state=4, num_pkts=4, num_bytes_ip=244, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=3, num_bytes_ip=199, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.029386, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 AUTH LOGIN, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = EHLO
@@ -235,13 +235,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.887031 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=5, num_bytes_ip=296, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.030136, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=5, num_bytes_ip=296, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=85, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.030136, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<uninitialized>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=F, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = MAIL
                   [3] arg: string        = FROM:<albert@example.com>
 
 1437831787.889785 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -249,13 +249,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.890232 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<ericlim220@yahoo.com>
 
 1437831787.892986 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -263,13 +263,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.893587 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<felica4uu@hotmail.com>
 
 1437831787.897624 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -277,13 +277,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.898413 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<davis_mark1@outlook.com>
 
 1437831787.901069 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -291,13 +291,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.901697 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1437831787.904758 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -305,13 +305,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.905375 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1437831787.914113 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=<albert@example.com>, rcptto={\x0a<felica4uu@hotmail.com>,\x0a<ericlim220@yahoo.com>,\x0a<davis_mark1@outlook.com>\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .

From 7936cdd958b0b80f0f1c6488beae792ddffc1ece Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 28 Jun 2016 10:31:26 -0400
Subject: [PATCH 78/84] Simplify SMB string handling.

This normalizes unicode strings from the SMB
analyzer to UTF-8 so that they display in the
logs better.
---
 src/analyzer/protocol/smb/smb-strings.pac | 72 ++++-------------------
 1 file changed, 11 insertions(+), 61 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb-strings.pac b/src/analyzer/protocol/smb/smb-strings.pac
index aef50b6fc7..5ebc975c10 100644
--- a/src/analyzer/protocol/smb/smb-strings.pac
+++ b/src/analyzer/protocol/smb/smb-strings.pac
@@ -1,67 +1,21 @@
 function uint8s_to_stringval(data: uint8[]): StringVal
 	%{
-	int length = 0;
+	int length = data->size();
+	uint8 buf[length];
 
-	const char* sp;
-	bool ascii = true;
+	for ( int i = 0; i < length; ++i)
+		buf[i] = (*data)[i];
 
-	length = data->size();
-	// Scan the string once to see if it's all ascii
-	// embedded in UCS-2 (16 bit unicode).
-	for( int i = 1; i < length; i=i+2 )
-		{
-		// Find characters in odd positions that aren't null.
-		if ( (*data)[i] != 0x00 )
-			{
-			ascii = false;
-			break;
-			}
-		}
-
-	char *buf = new char[length];
-
-	for ( int i = 0; i + 1 < length; i=i+2) // check if we may read the character after the current one (else-case)
-		{
-		if ( ascii )
-			{
-			int j = i/2;
-			buf[j] = (*data)[i];
-			}
-		else
-			{
-			// Flip the bytes because they are transferred in little endian.
-			buf[i] = (*data)[i+1];
-			buf[i+1] = (*data)[i];
-			}
-		}
-
-	if ( ascii )
-		{
-		length = length / 2;
-		if ( length > 0 && buf[length-1] == 0x00 )
-			--length;
-		}
-	else if ( length >= 2 && buf[length-1] == 0 && buf[length-2] == 0 )
-		{
-		// If the last 2 bytes are nulls, cut them with the length.
-		length = length-2;
-		}
-	StringVal *output = new StringVal(length, buf);
-	delete [] buf;
-	return output;
+	const bytestring bs = bytestring(buf, length);
+	return utf16_bytestring_to_utf8_val(bs);
 	%}
 
 function extract_string(s: SMB_string) : StringVal
 	%{
-	int length = 0;
-
-	const char* sp;
-	bool ascii = true;
-
 	if ( s->unicode() == 0 )
 		{
-		length = s->a()->size();
-		char *buf = new char[length];
+		int length = s->a()->size();
+		char buf[length];
 
 		for ( int i = 0; i < length; i++)
 			{
@@ -72,11 +26,8 @@ function extract_string(s: SMB_string) : StringVal
 		if ( length > 0 && buf[length-1] == 0x00 )
 			length--;
 
-		StringVal *ret = new StringVal(length, buf);
-		delete [] buf;
-		return ret;
+		return new StringVal(length, buf);
 		}
-
 	else
 		{
 		return uint8s_to_stringval(s->u()->s());
@@ -93,8 +44,6 @@ function smb2_string2stringval(s: SMB2_string) : StringVal
 	return uint8s_to_stringval(s->s());
 	%}
 
-type SMB_ascii_string = uint8[] &until($element == 0x00);
-
 refine connection SMB_Conn += {
 	%member{
 		SMB_unicode_string *me;
@@ -121,6 +70,8 @@ refine connection SMB_Conn += {
 		%}
 };
 
+type SMB_ascii_string = uint8[] &until($element == 0x00);
+
 type SMB_unicode_string(offset: int) = record {
 	pad : uint8[offset & 1] &let {
 		# Save off a pointer to this string instance.
@@ -131,7 +82,6 @@ type SMB_unicode_string(offset: int) = record {
 	s   : uint8[] &until($element == 0x00 && $context.connection.get_prev_elem() == 0x00);
 } &byteorder=littleendian;
 
-
 type SMB_string(unicode: bool, offset: int) = case unicode of {
 	true  -> u: SMB_unicode_string(offset);
 	false -> a: SMB_ascii_string;

From cfe3bddd75a918ddd686122a9a9cb6575220b8e0 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Tue, 28 Jun 2016 11:03:16 -0400
Subject: [PATCH 79/84] Fixing SMB tests again.

---
 scripts/base/protocols/dce-rpc/__load__.bro   |  2 -
 .../base/protocols/dce-rpc/endpoint-atsvc.bro | 52 -------------------
 .../base/protocols/smb/const-dos-error.bro    |  1 +
 .../base/protocols/smb/const-nt-status.bro    |  1 +
 scripts/policy/protocols/smb/files.bro        |  1 +
 scripts/policy/protocols/smb/main.bro         |  7 +--
 scripts/policy/protocols/smb/smb1-main.bro    |  4 +-
 scripts/policy/protocols/smb/smb2-main.bro    |  2 +
 .../canonified_loaded_scripts.log             |  8 +--
 .../canonified_loaded_scripts.log             |  9 +---
 .../btest/Baseline/coverage.find-bro-logs/out |  5 ++
 testing/btest/Baseline/plugins.hooks/output   | 20 +++----
 12 files changed, 27 insertions(+), 85 deletions(-)
 delete mode 100644 scripts/base/protocols/dce-rpc/endpoint-atsvc.bro

diff --git a/scripts/base/protocols/dce-rpc/__load__.bro b/scripts/base/protocols/dce-rpc/__load__.bro
index 155b8369b8..1d47f6e0cd 100644
--- a/scripts/base/protocols/dce-rpc/__load__.bro
+++ b/scripts/base/protocols/dce-rpc/__load__.bro
@@ -1,4 +1,2 @@
 @load ./consts
 @load ./main
-
-@load ./endpoint-atsvc
\ No newline at end of file
diff --git a/scripts/base/protocols/dce-rpc/endpoint-atsvc.bro b/scripts/base/protocols/dce-rpc/endpoint-atsvc.bro
deleted file mode 100644
index 88a08403d4..0000000000
--- a/scripts/base/protocols/dce-rpc/endpoint-atsvc.bro
+++ /dev/null
@@ -1,52 +0,0 @@
-module DCE_RPC;
-
-export {
-	redef enum Log::ID += {
-		ATSVC_LOG,
-	};
-
-	type ATSvcInfo: record {
-		ts       : time    &log; ##< Time of the request
-		uid      : string  &log; ##< UID of the connection
-		id       : conn_id &log; ##< Connection info
-		command  : string  &log; ##< Command (add, enum, delete, etc.)
-		arg      : string  &log; ##< Argument
-		server   : string  &log; ##< Server the command was issued to
-		result   : string  &log &optional; ##< Result of the command
-	};
-}
-
-redef record DCE_RPC::State += {
-	endpoint_atsvc: ATSvcInfo &optional;
-};
-
-event bro_init() &priority=5
-	{
-	Log::create_stream(ATSVC_LOG, [$columns=ATSvcInfo, $path="dce_rpc_atsvc"]);
-	}
-
-event atsvc_job_add(c: connection, server: string, job: string) &priority=5
-	{
-	local info = ATSvcInfo($ts=network_time(),
-	                       $uid = c$uid,
-	                       $id = c$id,
-	                       $command = "Add job",
-	                       $arg = job,
-	                       $server = server);
-	c$dce_rpc_state$endpoint_atsvc = info;
-	}
-
-event atsvc_job_id(c: connection, id: count, status: count) &priority=5
-	{
-	if ( c$dce_rpc_state?$endpoint_atsvc )
-		c$dce_rpc_state$endpoint_atsvc$result = (status==0) ? "success" : "failed";
-	}
-
-event atsvc_job_id(c: connection, id: count, status: count) &priority=-5
-	{
-	if ( c$dce_rpc_state?$endpoint_atsvc )
-		{
-		Log::write(ATSVC_LOG, c$dce_rpc_state$endpoint_atsvc);
-		delete c$dce_rpc_state$endpoint_atsvc;
-		}
-	}
\ No newline at end of file
diff --git a/scripts/base/protocols/smb/const-dos-error.bro b/scripts/base/protocols/smb/const-dos-error.bro
index 72236d8cba..880df222c9 100644
--- a/scripts/base/protocols/smb/const-dos-error.bro
+++ b/scripts/base/protocols/smb/const-dos-error.bro
@@ -1,4 +1,5 @@
 # DOS error codes.
+@load ./consts
 
 module SMB;
 
diff --git a/scripts/base/protocols/smb/const-nt-status.bro b/scripts/base/protocols/smb/const-nt-status.bro
index 2af1cfa0c0..8804522ed9 100644
--- a/scripts/base/protocols/smb/const-nt-status.bro
+++ b/scripts/base/protocols/smb/const-nt-status.bro
@@ -1,4 +1,5 @@
 # NT status codes.
+@load ./consts
 
 module SMB;
 
diff --git a/scripts/policy/protocols/smb/files.bro b/scripts/policy/protocols/smb/files.bro
index 82c65686fd..d01aa815a5 100644
--- a/scripts/policy/protocols/smb/files.bro
+++ b/scripts/policy/protocols/smb/files.bro
@@ -1,4 +1,5 @@
 @load base/frameworks/files
+@load ./main
 
 module SMB;
 
diff --git a/scripts/policy/protocols/smb/main.bro b/scripts/policy/protocols/smb/main.bro
index 02dc054aa8..c3f6241680 100644
--- a/scripts/policy/protocols/smb/main.bro
+++ b/scripts/policy/protocols/smb/main.bro
@@ -1,3 +1,4 @@
+@load base/protocols/smb
 
 module SMB;
 
@@ -200,9 +201,9 @@ redef likely_server_ports += { ports };
 
 event bro_init() &priority=5
 	{
-	Log::create_stream(CMD_LOG, [$columns=SMB::CmdInfo]);
-	Log::create_stream(FILES_LOG, [$columns=SMB::FileInfo]);
-	Log::create_stream(MAPPING_LOG, [$columns=SMB::TreeInfo]);
+	Log::create_stream(SMB::CMD_LOG, [$columns=SMB::CmdInfo]);
+	Log::create_stream(SMB::FILES_LOG, [$columns=SMB::FileInfo]);
+	Log::create_stream(SMB::MAPPING_LOG, [$columns=SMB::TreeInfo]);
 
 	Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, ports);
 	}
diff --git a/scripts/policy/protocols/smb/smb1-main.bro b/scripts/policy/protocols/smb/smb1-main.bro
index a188ed7c2a..eff71006ae 100644
--- a/scripts/policy/protocols/smb/smb1-main.bro
+++ b/scripts/policy/protocols/smb/smb1-main.bro
@@ -1,3 +1,5 @@
+@load ./main
+
 module SMB1;
 
 redef record SMB::CmdInfo += {
@@ -257,7 +259,7 @@ event smb1_close_request(c: connection, hdr: SMB1::Header, file_id: count) &prio
 		}
 	}
 
-event smb1_trans2_get_dfs_referral_request(c: connection, hdr: SMB1::Header, file_name: string, max_referral_level: count)
+event smb1_trans2_get_dfs_referral_request(c: connection, hdr: SMB1::Header, file_name: string)
 	{
 	c$smb_state$current_cmd$argument = file_name;
 	}
diff --git a/scripts/policy/protocols/smb/smb2-main.bro b/scripts/policy/protocols/smb/smb2-main.bro
index 1d0c60e117..129dca930c 100644
--- a/scripts/policy/protocols/smb/smb2-main.bro
+++ b/scripts/policy/protocols/smb/smb2-main.bro
@@ -1,3 +1,5 @@
+@load ./main
+
 module SMB2;
 
 redef record SMB::CmdInfo += {
diff --git a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
index 034ec8f5cb..fcb97ab411 100644
--- a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
@@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2016-06-24-17-42-28
+#open	2016-06-28-15-02-03
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@@ -123,17 +123,13 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb1_events.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_close.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_create.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_ioctl.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_lock.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_negotiate.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_read.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_session_setup.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_set_info.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_connect.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_disconnect.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_write.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_events.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb_pipe.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.types.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.functions.bif.bro
@@ -169,4 +165,4 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_SQLiteWriter.sqlite.bif.bro
 scripts/policy/misc/loaded-scripts.bro
   scripts/base/utils/paths.bro
-#close	2016-06-24-17-42-28
+#close	2016-06-28-15-02-03
diff --git a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
index 34b9d08fd1..d0aaa5230a 100644
--- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
@@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2016-06-24-17-59-13
+#open	2016-06-28-15-01-50
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@@ -123,17 +123,13 @@ scripts/base/init-bare.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb1_events.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_close.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_create.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_ioctl.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_lock.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_negotiate.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_read.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_session_setup.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_set_info.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_connect.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb2_com_tree_disconnect.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_com_write.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.smb2_events.bif.bro
-    build/scripts/base/bif/plugins/Bro_SMB.smb_pipe.bif.bro
     build/scripts/base/bif/plugins/Bro_SMB.types.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.events.bif.bro
     build/scripts/base/bif/plugins/Bro_SMTP.functions.bif.bro
@@ -263,7 +259,6 @@ scripts/base/init-default.bro
   scripts/base/protocols/dce-rpc/__load__.bro
     scripts/base/protocols/dce-rpc/consts.bro
     scripts/base/protocols/dce-rpc/main.bro
-    scripts/base/protocols/dce-rpc/endpoint-atsvc.bro
   scripts/base/protocols/dhcp/__load__.bro
     scripts/base/protocols/dhcp/consts.bro
     scripts/base/protocols/dhcp/main.bro
@@ -355,4 +350,4 @@ scripts/base/init-default.bro
   scripts/base/misc/find-checksum-offloading.bro
   scripts/base/misc/find-filtered-trace.bro
 scripts/policy/misc/loaded-scripts.bro
-#close	2016-06-24-17-59-13
+#close	2016-06-28-15-01-50
diff --git a/testing/btest/Baseline/coverage.find-bro-logs/out b/testing/btest/Baseline/coverage.find-bro-logs/out
index 9619ebb4b9..f62cb2f756 100644
--- a/testing/btest/Baseline/coverage.find-bro-logs/out
+++ b/testing/btest/Baseline/coverage.find-bro-logs/out
@@ -4,6 +4,7 @@ capture_loss
 cluster
 communication
 conn
+dce__r_pc
 dhcp
 dnp3
 dns
@@ -28,6 +29,7 @@ netcontrol_drop
 netcontrol_shunt
 notice
 notice_alarm
+ntlm
 open_flow
 packet_filter
 pe
@@ -37,6 +39,9 @@ reporter
 rfb
 signatures
 sip
+smb_cmd
+smb_files
+smb_mapping
 smtp
 snmp
 socks
diff --git a/testing/btest/Baseline/plugins.hooks/output b/testing/btest/Baseline/plugins.hooks/output
index 665402dd81..8e3232b2c5 100644
--- a/testing/btest/Baseline/plugins.hooks/output
+++ b/testing/btest/Baseline/plugins.hooks/output
@@ -247,7 +247,7 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467124664.5544, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Communication::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Conn::LOG)) -> <no result>
@@ -377,7 +377,7 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467124664.5544, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::init, <null>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
@@ -492,17 +492,13 @@
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb1_events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_close.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_create.bif.bro) -> -1
-0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_ioctl.bif.bro) -> -1
-0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_lock.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_negotiate.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_read.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_session_setup.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_set_info.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_tree_connect.bif.bro) -> -1
-0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_tree_disconnect.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_com_write.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb2_events.bif.bro) -> -1
-0.000000   MetaHookPost  LoadFile(./Bro_SMB.smb_pipe.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMB.types.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMTP.events.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./Bro_SMTP.functions.bif.bro) -> -1
@@ -964,7 +960,7 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467124664.5544, node=bro, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Communication::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Conn::LOG))
@@ -1094,7 +1090,7 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467124664.5544, node=bro, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(NetControl::check_plugins, <frame>, ())
 0.000000   MetaHookPre   CallFunction(NetControl::init, <null>, ())
 0.000000   MetaHookPre   CallFunction(Notice::want_pp, <frame>, ())
@@ -1209,17 +1205,13 @@
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb1_events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_close.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_create.bif.bro)
-0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_ioctl.bif.bro)
-0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_lock.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_negotiate.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_read.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_session_setup.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_set_info.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_tree_connect.bif.bro)
-0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_tree_disconnect.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_com_write.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb2_events.bif.bro)
-0.000000   MetaHookPre   LoadFile(./Bro_SMB.smb_pipe.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMB.types.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMTP.events.bif.bro)
 0.000000   MetaHookPre   LoadFile(./Bro_SMTP.functions.bif.bro)
@@ -1680,7 +1672,7 @@
 0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1467124664.5544, node=bro, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Communication::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Conn::LOG)
@@ -1810,7 +1802,7 @@
 0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1467055470.330961, node=bro, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1467124664.5544, node=bro, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction NetControl::check_plugins()
 0.000000 | HookCallFunction NetControl::init()
 0.000000 | HookCallFunction Notice::want_pp()

From 873981e06b4e1ae02bbbd3e515fba85f96447cdd Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@broala.com>
Date: Tue, 28 Jun 2016 11:16:39 -0400
Subject: [PATCH 80/84] Updating the broctl pointer.

---
 aux/broctl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aux/broctl b/aux/broctl
index efffa4cc1f..0b29c9faf1 160000
--- a/aux/broctl
+++ b/aux/broctl
@@ -1 +1 @@
-Subproject commit efffa4cc1f8d02ff748c0915cf540fb195a48b17
+Subproject commit 0b29c9faf16ea36281630cd99f982a6b36eb991c

From 94a4777fff65c651a80d42d5125703e34ff9a4e0 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 29 Jun 2016 11:12:30 -0400
Subject: [PATCH 81/84] Fixes for some SMB merge conflicts with master.

---
 testing/btest/Baseline/plugins.hooks/output   | 323 +++++++++---------
 .../all-events.log                            | 218 ++++++------
 .../smtp-events.log                           |  36 +-
 3 files changed, 280 insertions(+), 297 deletions(-)

diff --git a/testing/btest/Baseline/plugins.hooks/output b/testing/btest/Baseline/plugins.hooks/output
index 0a9debcbd2..28bde630ba 100644
--- a/testing/btest/Baseline/plugins.hooks/output
+++ b/testing/btest/Baseline/plugins.hooks/output
@@ -164,7 +164,6 @@
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=cluster, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=communication, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=conn, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc_atsvc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dhcp, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dnp3, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
@@ -207,7 +206,6 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])) -> <no result>
@@ -247,11 +245,10 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1466281781.049315, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467212989.412544, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Communication::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Conn::LOG)) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::ATSVC_LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DHCP::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (DNP3::LOG)) -> <no result>
@@ -294,7 +291,6 @@
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
@@ -337,7 +333,6 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])) -> <no result>
@@ -377,7 +372,7 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1466281781.049315, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467212989.412544, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::init, <null>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
@@ -410,7 +405,7 @@
 0.000000   MetaHookPost  CallFunction(reading_live_traffic, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(reading_traces, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(set_to_regex, <frame>, ({}, (^\.?|\.)(~~)$)) -> <no result>
-0.000000   MetaHookPost  CallFunction(strftime, <frame>, (%Y, 1466281781.048782)) -> <no result>
+0.000000   MetaHookPost  CallFunction(strftime, <frame>, (%Y, 1467212989.412033)) -> <no result>
 0.000000   MetaHookPost  CallFunction(string_to_pattern, <frame>, ((^\.?|\.)()$, F)) -> <no result>
 0.000000   MetaHookPost  CallFunction(sub, <frame>, ((^\.?|\.)(~~)$, <...>/, )) -> <no result>
 0.000000   MetaHookPost  CallFunction(to_count, <frame>, (2016)) -> <no result>
@@ -546,7 +541,6 @@
 0.000000   MetaHookPost  LoadFile(./dcc-send) -> -1
 0.000000   MetaHookPost  LoadFile(./debug) -> -1
 0.000000   MetaHookPost  LoadFile(./drop) -> -1
-0.000000   MetaHookPost  LoadFile(./endpoint-atsvc) -> -1
 0.000000   MetaHookPost  LoadFile(./entities) -> -1
 0.000000   MetaHookPost  LoadFile(./event.bif.bro) -> -1
 0.000000   MetaHookPost  LoadFile(./exec) -> -1
@@ -881,7 +875,6 @@
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=cluster, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=communication, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=conn, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
-0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc_atsvc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dhcp, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::__add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dnp3, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
@@ -924,7 +917,6 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn]))
-0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3]))
@@ -964,11 +956,10 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1466281781.049315, node=bro, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1467212989.412544, node=bro, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Communication::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Conn::LOG))
-0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::ATSVC_LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DCE_RPC::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DHCP::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (DNP3::LOG))
@@ -1011,7 +1002,6 @@
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
-0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
 0.000000   MetaHookPre   CallFunction(Log::add_filter, <frame>, (DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}]))
@@ -1054,7 +1044,6 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn]))
-0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3]))
@@ -1094,7 +1083,7 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1466281781.049315, node=bro, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1467212989.412544, node=bro, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(NetControl::check_plugins, <frame>, ())
 0.000000   MetaHookPre   CallFunction(NetControl::init, <null>, ())
 0.000000   MetaHookPre   CallFunction(Notice::want_pp, <frame>, ())
@@ -1127,7 +1116,7 @@
 0.000000   MetaHookPre   CallFunction(reading_live_traffic, <frame>, ())
 0.000000   MetaHookPre   CallFunction(reading_traces, <frame>, ())
 0.000000   MetaHookPre   CallFunction(set_to_regex, <frame>, ({}, (^\.?|\.)(~~)$))
-0.000000   MetaHookPre   CallFunction(strftime, <frame>, (%Y, 1466281781.048782))
+0.000000   MetaHookPre   CallFunction(strftime, <frame>, (%Y, 1467212989.412033))
 0.000000   MetaHookPre   CallFunction(string_to_pattern, <frame>, ((^\.?|\.)()$, F))
 0.000000   MetaHookPre   CallFunction(sub, <frame>, ((^\.?|\.)(~~)$, <...>/, ))
 0.000000   MetaHookPre   CallFunction(to_count, <frame>, (2016))
@@ -1263,7 +1252,6 @@
 0.000000   MetaHookPre   LoadFile(./dcc-send)
 0.000000   MetaHookPre   LoadFile(./debug)
 0.000000   MetaHookPre   LoadFile(./drop)
-0.000000   MetaHookPre   LoadFile(./endpoint-atsvc)
 0.000000   MetaHookPre   LoadFile(./entities)
 0.000000   MetaHookPre   LoadFile(./event.bif.bro)
 0.000000   MetaHookPre   LoadFile(./exec)
@@ -1597,7 +1585,6 @@
 0.000000 | HookCallFunction Log::__add_filter(Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=cluster, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=communication, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=conn, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
-0.000000 | HookCallFunction Log::__add_filter(DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc_atsvc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dce_rpc, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dhcp, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::__add_filter(DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=dnp3, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
@@ -1640,7 +1627,6 @@
 0.000000 | HookCallFunction Log::__create_stream(Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])
 0.000000 | HookCallFunction Log::__create_stream(Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])
 0.000000 | HookCallFunction Log::__create_stream(Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])
-0.000000 | HookCallFunction Log::__create_stream(DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])
 0.000000 | HookCallFunction Log::__create_stream(DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])
 0.000000 | HookCallFunction Log::__create_stream(DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])
 0.000000 | HookCallFunction Log::__create_stream(DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])
@@ -1680,11 +1666,10 @@
 0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1466281781.049315, node=bro, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1467212989.412544, node=bro, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Communication::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Conn::LOG)
-0.000000 | HookCallFunction Log::add_default_filter(DCE_RPC::ATSVC_LOG)
 0.000000 | HookCallFunction Log::add_default_filter(DCE_RPC::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(DHCP::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(DNP3::LOG)
@@ -1727,7 +1712,6 @@
 0.000000 | HookCallFunction Log::add_filter(Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(Communication::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(Conn::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
-0.000000 | HookCallFunction Log::add_filter(DCE_RPC::ATSVC_LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(DCE_RPC::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(DHCP::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
 0.000000 | HookCallFunction Log::add_filter(DNP3::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, interv=0 secs, postprocessor=<uninitialized>, config={}])
@@ -1770,7 +1754,6 @@
 0.000000 | HookCallFunction Log::create_stream(Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])
 0.000000 | HookCallFunction Log::create_stream(Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])
 0.000000 | HookCallFunction Log::create_stream(Conn::LOG, [columns=<no value description>, ev=Conn::log_conn, path=conn])
-0.000000 | HookCallFunction Log::create_stream(DCE_RPC::ATSVC_LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc_atsvc])
 0.000000 | HookCallFunction Log::create_stream(DCE_RPC::LOG, [columns=<no value description>, ev=<uninitialized>, path=dce_rpc])
 0.000000 | HookCallFunction Log::create_stream(DHCP::LOG, [columns=<no value description>, ev=DHCP::log_dhcp, path=dhcp])
 0.000000 | HookCallFunction Log::create_stream(DNP3::LOG, [columns=<no value description>, ev=DNP3::log_dnp3, path=dnp3])
@@ -1810,7 +1793,7 @@
 0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1466281781.049315, node=bro, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1467212989.412544, node=bro, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction NetControl::check_plugins()
 0.000000 | HookCallFunction NetControl::init()
 0.000000 | HookCallFunction Notice::want_pp()
@@ -1843,7 +1826,7 @@
 0.000000 | HookCallFunction reading_live_traffic()
 0.000000 | HookCallFunction reading_traces()
 0.000000 | HookCallFunction set_to_regex({}, (^\.?|\.)(~~)$)
-0.000000 | HookCallFunction strftime(%Y, 1466281781.048782)
+0.000000 | HookCallFunction strftime(%Y, 1467212989.412033)
 0.000000 | HookCallFunction string_to_pattern((^\.?|\.)()$, F)
 0.000000 | HookCallFunction sub((^\.?|\.)(~~)$, <...>/, )
 0.000000 | HookCallFunction to_count(2016)
@@ -1910,24 +1893,24 @@
 1362692526.939378 | HookDrainEvents
 1362692526.939527   MetaHookPost  CallFunction(Analyzer::__name, <frame>, (Analyzer::ANALYZER_HTTP)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(Analyzer::name, <frame>, (Analyzer::ANALYZER_HTTP)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(fmt, <frame>, (-%s, HTTP)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> <no result>
-1362692526.939527   MetaHookPost  CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> <no result>
+1362692526.939527   MetaHookPost  CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(http_request, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp])) -> <no result>
 1362692526.939527   MetaHookPost  CallFunction(network_time, <frame>, ()) -> <no result>
@@ -1940,32 +1923,32 @@
 1362692526.939527   MetaHookPost  QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> false
 1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)) -> false
 1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> false
-1362692526.939527   MetaHookPost  QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)) -> false
+1362692526.939527   MetaHookPost  QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])) -> false
 1362692526.939527   MetaHookPost  QueueEvent(http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)) -> false
 1362692526.939527   MetaHookPost  QueueEvent(protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)) -> false
 1362692526.939527   MetaHookPost  UpdateNetworkTime(1362692526.939527) -> <void>
 1362692526.939527   MetaHookPre   CallFunction(Analyzer::__name, <frame>, (Analyzer::ANALYZER_HTTP))
 1362692526.939527   MetaHookPre   CallFunction(Analyzer::name, <frame>, (Analyzer::ANALYZER_HTTP))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::new_http_session, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692526.939527   MetaHookPre   CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80))
 1362692526.939527   MetaHookPre   CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp))
 1362692526.939527   MetaHookPre   CallFunction(fmt, <frame>, (-%s, HTTP))
-1362692526.939527   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
-1362692526.939527   MetaHookPre   CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
+1362692526.939527   MetaHookPre   CallFunction(http_end_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/*))
 1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0)))
-1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
-1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
-1362692526.939527   MetaHookPre   CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
+1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
+1362692526.939527   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
+1362692526.939527   MetaHookPre   CallFunction(http_message_done, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
 1362692526.939527   MetaHookPre   CallFunction(http_request, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1))
 1362692526.939527   MetaHookPre   CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp]))
 1362692526.939527   MetaHookPre   CallFunction(network_time, <frame>, ())
@@ -1978,33 +1961,33 @@
 1362692526.939527   MetaHookPre   QueueEvent(http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
 1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*))
 1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0)))
-1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
-1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
-1362692526.939527   MetaHookPre   QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
+1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive))
+1362692526.939527   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org))
+1362692526.939527   MetaHookPre   QueueEvent(http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124]))
 1362692526.939527   MetaHookPre   QueueEvent(http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1))
 1362692526.939527   MetaHookPre   QueueEvent(protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3))
 1362692526.939527   MetaHookPre   UpdateNetworkTime(1362692526.939527)
 1362692526.939527  | HookUpdateNetworkTime 1362692526.939527
 1362692526.939527 | HookCallFunction Analyzer::__name(Analyzer::ANALYZER_HTTP)
 1362692526.939527 | HookCallFunction Analyzer::name(Analyzer::ANALYZER_HTTP)
-1362692526.939527 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::new_http_session([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::new_http_session([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={HTTP}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=[pending={}, current_request=1, current_response=0, trans_depth=0], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
 1362692526.939527 | HookCallFunction cat(Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)
 1362692526.939527 | HookCallFunction fmt(%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)
 1362692526.939527 | HookCallFunction fmt(-%s, HTTP)
-1362692526.939527 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
-1362692526.939527 | HookCallFunction http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, referrer=<uninitialized>, version=<uninitialized>, user_agent=<uninitialized>, request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=0, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
+1362692526.939527 | HookCallFunction http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
 1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)
 1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))
-1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
-1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
-1362692526.939527 | HookCallFunction http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
+1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
+1362692526.939527 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
+1362692526.939527 | HookCallFunction http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
 1362692526.939527 | HookCallFunction http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)
 1362692526.939527 | HookCallFunction id_string([orig_h=141.142.228.5, orig_p=59856<...>/tcp])
 1362692526.939527 | HookCallFunction network_time()
@@ -2017,9 +2000,9 @@
 1362692526.939527 | HookQueueEvent http_end_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
 1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/*)
 1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0))
-1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
-1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
-1362692526.939527 | HookQueueEvent http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
+1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, CONNECTION, Keep-Alive)
+1362692526.939527 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, HOST, bro.org)
+1362692526.939527 | HookQueueEvent http_message_done([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T, [start=1362692526.939527, interrupted=F, finish_msg=message ends normally, body_length=0, content_gap_length=0, header_length=124])
 1362692526.939527 | HookQueueEvent http_request([id=[orig_h=141.142.228.5, orig_p=59856<...>/CHANGES.bro-aux.txt, 1.1)
 1362692526.939527 | HookQueueEvent protocol_confirmation([id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], orig=[size=136, state=4, num_pkts=2, num_bytes_ip=116, flow_label=0, l2_addr=c8:bc:c8:96:d2:a0], resp=[size=0, state=4, num_pkts=1, num_bytes_ip=60, flow_label=0, l2_addr=00:10:db:88:d2:ef], start_time=1362692526.869344, duration=0.070183, service={}, history=ShAD, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], Analyzer::ANALYZER_HTTP, 3)
 1362692527.008509   MetaHookPost  DrainEvents() -> <void>
@@ -2030,142 +2013,142 @@
 1362692527.008509 | HookDrainEvents
 1362692527.009512   MetaHookPost  CallFunction(Files::__enable_reassembly, <frame>, (FakNcS1Jfe01uljb3)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(Files::__set_reassembly_buffer, <frame>, (FakNcS1Jfe01uljb3, 524288)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(HTTP::code_in_range, <frame>, (200, 100, 199)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, F, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)) -> <no result>
-1362692527.009512   MetaHookPost  CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> <no result>
+1362692527.009512   MetaHookPost  CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp])) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
 1362692527.009512   MetaHookPost  CallFunction(split_string_all, <frame>, (HTTP, <...>/)) -> <no result>
 1362692527.009512   MetaHookPost  DrainEvents() -> <void>
-1362692527.009512   MetaHookPost  QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> false
-1362692527.009512   MetaHookPost  QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])) -> false
+1362692527.009512   MetaHookPost  QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)) -> false
 1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))) -> false
 1362692527.009512   MetaHookPost  QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)) -> false
-1362692527.009512   MetaHookPost  QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> false
+1362692527.009512   MetaHookPost  QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)) -> false
 1362692527.009512   MetaHookPost  UpdateNetworkTime(1362692527.009512) -> <void>
 1362692527.009512   MetaHookPre   CallFunction(Files::__enable_reassembly, <frame>, (FakNcS1Jfe01uljb3))
 1362692527.009512   MetaHookPre   CallFunction(Files::__set_reassembly_buffer, <frame>, (FakNcS1Jfe01uljb3, 524288))
-1362692527.009512   MetaHookPre   CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288))
+1362692527.009512   MetaHookPre   CallFunction(Files::enable_reassembly, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(Files::set_info, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(Files::set_reassembly_buffer_size, <frame>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288))
 1362692527.009512   MetaHookPre   CallFunction(HTTP::code_in_range, <frame>, (200, 100, 199))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(HTTP::set_state, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
 1362692527.009512   MetaHookPre   CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, F, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80))
-1362692527.009512   MetaHookPre   CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(file_new, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   CallFunction(file_over_new_connection, <null>, ([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
 1362692527.009512   MetaHookPre   CallFunction(fmt, <frame>, (%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp))
-1362692527.009512   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
-1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
+1362692527.009512   MetaHookPre   CallFunction(get_file_handle, <null>, (Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(http_begin_entity, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
+1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
 1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora)))
 1362692527.009512   MetaHookPre   CallFunction(http_header, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8))
-1362692527.009512   MetaHookPre   CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
+1362692527.009512   MetaHookPre   CallFunction(http_reply, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
 1362692527.009512   MetaHookPre   CallFunction(id_string, <frame>, ([orig_h=141.142.228.5, orig_p=59856<...>/tcp]))
 1362692527.009512   MetaHookPre   CallFunction(set_file_handle, <frame>, (Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80))
 1362692527.009512   MetaHookPre   CallFunction(split_string_all, <frame>, (HTTP, <...>/))
 1362692527.009512   MetaHookPre   DrainEvents()
-1362692527.009512   MetaHookPre   QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
-1362692527.009512   MetaHookPre   QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
-1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
+1362692527.009512   MetaHookPre   QueueEvent(file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]))
+1362692527.009512   MetaHookPre   QueueEvent(file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   QueueEvent(get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   QueueEvent(http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0"))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100))
+1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT))
 1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora)))
 1362692527.009512   MetaHookPre   QueueEvent(http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8))
-1362692527.009512   MetaHookPre   QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
+1362692527.009512   MetaHookPre   QueueEvent(http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK))
 1362692527.009512   MetaHookPre   UpdateNetworkTime(1362692527.009512)
 1362692527.009512  | HookUpdateNetworkTime 1362692527.009512
 1362692527.009512 | HookCallFunction Files::__enable_reassembly(FakNcS1Jfe01uljb3)
 1362692527.009512 | HookCallFunction Files::__set_reassembly_buffer(FakNcS1Jfe01uljb3, 524288)
-1362692527.009512 | HookCallFunction Files::enable_reassembly([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction Files::set_reassembly_buffer_size([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)
+1362692527.009512 | HookCallFunction Files::enable_reassembly([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction Files::set_info([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction Files::set_reassembly_buffer_size([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1362692527.009512, fuid=FakNcS1Jfe01uljb3, tx_hosts={}, rx_hosts={}, conn_uids={}, source=HTTP, depth=0, analyzers={}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=F, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>], 524288)
 1362692527.009512 | HookCallFunction HTTP::code_in_range(200, 100, 199)
-1362692527.009512 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction HTTP::set_state([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
 1362692527.009512 | HookCallFunction cat(Analyzer::ANALYZER_HTTP, 1362692526.869344, F, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)
-1362692527.009512 | HookCallFunction file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookCallFunction file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookCallFunction file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
 1362692527.009512 | HookCallFunction fmt(%s:%d > %s:%d, 141.142.228.5, 59856<...>/tcp)
-1362692527.009512 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
-1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
+1362692527.009512 | HookCallFunction get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
+1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
 1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))
 1362692527.009512 | HookCallFunction http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)
-1362692527.009512 | HookCallFunction http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
+1362692527.009512 | HookCallFunction http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
 1362692527.009512 | HookCallFunction id_string([orig_h=141.142.228.5, orig_p=59856<...>/tcp])
 1362692527.009512 | HookCallFunction set_file_handle(Analyzer::ANALYZER_HTTP1362692526.869344F11141.142.228.5:59856 > 192.150.187.43:80)
 1362692527.009512 | HookCallFunction split_string_all(HTTP, <...>/)
 1362692527.009512 | HookDrainEvents
-1362692527.009512 | HookQueueEvent file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
-1362692527.009512 | HookQueueEvent file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookQueueEvent http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
-1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
+1362692527.009512 | HookQueueEvent file_new([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]}, last_active=1362692527.009512, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>])
+1362692527.009512 | HookQueueEvent file_over_new_connection([id=FakNcS1Jfe01uljb3, parent_id=<uninitialized>, source=HTTP, is_orig=F, conns={[[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=200, status_msg=OK, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=[filename=<uninitialized>], orig_mime_depth=1, resp_mime_depth=1]}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookQueueEvent get_file_handle(Analyzer::ANALYZER_HTTP, [id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookQueueEvent http_begin_entity([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ACCEPT-RANGES, bytes)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONNECTION, Keep-Alive)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, CONTENT-LENGTH, 4705)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, DATE, Thu, 07 Mar 2013 21:43:07 GMT)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, ETAG, "1261-4c870358a6fc0")
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, KEEP-ALIVE, timeout=5, max=100)
+1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], F, LAST-MODIFIED, Wed, 29 Aug 2012 23:49:27 GMT)
 1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/2.4.3 (Fedora))
 1362692527.009512 | HookQueueEvent http_header([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain; charset=UTF-8)
-1362692527.009512 | HookQueueEvent http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
+1362692527.009512 | HookQueueEvent http_reply([id=[orig_h=141.142.228.5, orig_p=59856<...>/1.14 (darwin12.2.0), request_body_len=0, response_body_len=0, status_code=<uninitialized>, status_msg=<uninitialized>, info_code=<uninitialized>, info_msg=<uninitialized>, tags={}, username=<uninitialized>, password=<uninitialized>, capture_password=F, proxied=<uninitialized>, range_request=F, orig_fuids=<uninitialized>, orig_filenames=<uninitialized>, orig_mime_types=<uninitialized>, resp_fuids=<uninitialized>, resp_filenames=<uninitialized>, resp_mime_types=<uninitialized>, current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=0]}, current_request=1, current_response=0, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], 1.1, 200, OK)
 1362692527.009721   MetaHookPost  DrainEvents() -> <void>
 1362692527.009721   MetaHookPost  UpdateNetworkTime(1362692527.009721) -> <void>
 1362692527.009721   MetaHookPre   DrainEvents()
diff --git a/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log b/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
index b38ef224ee..02edf7e7fd 100644
--- a/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
+++ b/testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
@@ -13,41 +13,41 @@
                   [3] len: count         = 34
 
 1254722767.492060 dns_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=<uninitialized>, qclass=<uninitialized>, qclass_name=<uninitialized>, qtype=<uninitialized>, qtype_name=<uninitialized>, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=F, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=F, AA=F, TC=F, RD=T, RA=F, Z=0, num_queries=1, num_answers=0, num_auth=0, num_addl=0]
                   [2] query: string      = mail.patriots.in
                   [3] qtype: count       = 1
                   [4] qclass: count      = 1
 
 1254722767.492060 protocol_confirmation
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0a\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] atype: enum        = Analyzer::ANALYZER_DNS
                   [2] aid: count         = 3
 
 1254722767.492060 dns_end
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0aDNS\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.0, service={\x0aDNS\x0a}, history=D, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=F, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=F, AA=F, TC=F, RD=T, RA=F, Z=0, num_queries=1, num_answers=0, num_auth=0, num_addl=0]
 
 1254722767.526085 dns_message
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x09[31062] = [initialized=T, vals={\x0a\x09\x09[0] = [ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=<uninitialized>, rcode_name=<uninitialized>, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=<uninitialized>, total_replies=<uninitialized>, saw_query=T, saw_reply=F]\x0a\x09}, settings=[max_len=<uninitialized>], top=1, bottom=0, size=0]\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
                   [3] len: count         = 100
 
 1254722767.526085 dns_CNAME_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=<uninitialized>, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=F, Z=0, answers=<uninitialized>, TTLs=<uninitialized>, rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
                   [2] ans: dns_answer    = [answer_type=1, query=mail.patriots.in, qtype=5, qclass=1, TTL=3.0 hrs 27.0 secs]
                   [3] name: string       = patriots.in
 
 1254722767.526085 dns_A_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=34.0 msecs 24.0 usecs, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in], TTLs=[3.0 hrs 27.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=34.0 msecs 24.0 usecs, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in], TTLs=[3.0 hrs 27.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
                   [2] ans: dns_answer    = [answer_type=1, query=patriots.in, qtype=1, qclass=1, TTL=3.0 hrs 28.0 secs]
                   [3] a: addr            = 74.53.140.153
 
 1254722767.526085 dns_end
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=34.0 msecs 24.0 usecs, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in, 74.53.140.153], TTLs=[3.0 hrs 27.0 secs, 3.0 hrs 28.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], orig=[size=34, state=1, num_pkts=1, num_bytes_ip=62, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=100, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.49206, duration=0.034025, service={\x0aDNS\x0a}, history=Dd, uid=CXWv6p3arKYeMETxOg, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=[ts=1254722767.49206, uid=CXWv6p3arKYeMETxOg, id=[orig_h=10.10.1.4, orig_p=56166/udp, resp_h=10.10.1.1, resp_p=53/udp], proto=udp, trans_id=31062, rtt=34.0 msecs 24.0 usecs, query=mail.patriots.in, qclass=1, qclass_name=C_INTERNET, qtype=1, qtype_name=A, rcode=0, rcode_name=NOERROR, AA=F, TC=F, RD=T, RA=T, Z=0, answers=[patriots.in, 74.53.140.153], TTLs=[3.0 hrs 27.0 secs, 3.0 hrs 28.0 secs], rejected=F, total_answers=2, total_replies=4, saw_query=T, saw_reply=F], dns_state=[pending_queries={\x0a\x0a}, pending_replies={\x0a\x0a}], ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] msg: dns_msg       = [id=31062, opcode=0, rcode=0, QR=T, AA=F, TC=F, RD=T, RA=T, Z=0, num_queries=1, num_answers=2, num_auth=2, num_addl=0]
 
 1254722767.529046 new_connection
@@ -188,7 +188,7 @@
                   [3] arg: string        = FROM: <gurpartap@patriots.in>
 
 1254722769.956765 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -196,13 +196,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.957250 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO: <raj_deol2002in@yahoo.co.in>
 
 1254722770.319708 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -210,16 +210,16 @@
                   [5] cont_resp: bool    = F
 
 1254722770.320203 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1254722770.320203 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.661679 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -227,243 +227,243 @@
                   [5] cont_resp: bool    = F
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=FROM, value="Gurpartap Singh" <gurpartap@patriots.in>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=TO, value=<raj_deol2002in@yahoo.co.in>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=SUBJECT, value=SMTP]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=DATE, value=Mon, 5 Oct 2009 11:36:07 +0530]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MESSAGE-ID, value=<000301ca4581$ef9e57f0$cedb07d0$@in>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MIME-VERSION, value=1.0]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=multipart/mixed;\x09boundary="----=_NextPart_000_0004_01CA45B0.095693F0"]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-MAILER, value=Microsoft Office Outlook 12.0]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=THREAD-INDEX, value=AcpFgem9BvjjZEDeR1Kh8i+hUyVo0A==]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-LANGUAGE, value=en-us]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-CR-HASHEDPUZZLE, value=SeA= AAR2 ADaH BpiO C4G1 D1gW FNB1 FPkR Fn+W HFCP HnYJ JO7s Kum6 KytW LFcI LjUt;1;cgBhAGoAXwBkAGUAbwBsADIAMAAwADIAaQBuAEAAeQBhAGgAbwBvAC4AYwBvAC4AaQBuAA==;Sosha1_v1;7;{CAA37F59-1850-45C7-8540-AA27696B5398};ZwB1AHIAcABhAHIAdABhAHAAQABwAGEAdAByAGkAbwB0AHMALgBpAG4A;Mon, 05 Oct 2009 06:06:01 GMT;UwBNAFQAUAA=]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-CR-PUZZLEID, value={CAA37F59-1850-45C7-8540-AA27696B5398}]
 
 1254722770.692743 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=multipart/alternative;\x09boundary="----=_NextPart_001_0005_01CA45B0.095693F0"]
 
 1254722770.692743 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=2], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/plain;\x09charset="us-ascii"]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=7bit]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 file_new
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692743 file_over_new_connection
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 file_sniff
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/plain, mime_types=[[strength=-20, mime=text/plain]]]
 
 1254722770.692743 file_state_remove
-                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Fel9gs4OtNEV6gUJZ5, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Hello\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aI send u smtp pcap file \x0d\x0a\x0d\x0aFind the attachment\x0d\x0a\x0d\x0a \x0d\x0a\x0d\x0aGPS\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Fel9gs4OtNEV6gUJZ5, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=3, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=77, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722770.692743 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=3], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/html;\x09charset="us-ascii"]
 
 1254722770.692743 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=quoted-printable]
 
 1254722770.692743 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692743 file_new
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692743 file_over_new_connection
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692743, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=1610, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163697, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 file_sniff
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/html, mime_types=[[strength=100, mime=text/html], [strength=20, mime=text/html], [strength=-20, mime=text/plain]]]
 
 1254722770.692804 file_state_remove
-                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=text/html, filename=<uninitialized>, duration=61.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=Ft4M3f2yMvLlmwtbq9, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">\x0d\x0a\x0d\x0a<head>\x0d\x0a<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">\x0d\x0a<meta name=Generator content="Microsoft Word 12 (filtered medium)">\x0d\x0a<style>\x0d\x0a<!--\x0d\x0a /* Font Definitions */\x0d\x0a @font-face\x0d\x0a\x09{font-family:"Cambria Math";\x0d\x0a\x09panose-1:2 4 5 3 5 4 6 3 2 4;}\x0d\x0a@font-face\x0d\x0a\x09{font-family:Calibri;\x0d\x0a\x09panose-1:2 15 5 2 2 2 4 3 2 4;}\x0d\x0a /* Style Definitions */\x0d\x0a p.MsoNormal, li.MsoNormal, div.MsoNormal\x0d\x0a\x09{margin:0in;\x0d\x0a\x09margin-bottom:.0001pt;\x0d\x0a\x09font-size:11.0pt;\x0d\x0a\x09font-family:"Calibri","sans-serif";}\x0d\x0aa:link, span.MsoHyperlink\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:blue;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aa:visited, span.MsoHyperlinkFollowed\x0d\x0a\x09{mso-style-priority:99;\x0d\x0a\x09color:purple;\x0d\x0a\x09text-decoration:underline;}\x0d\x0aspan.EmailStyle17\x0d\x0a\x09{mso-style-type:personal-compose;\x0d\x0a\x09font-family:"Calibri","sans-serif";\x0d\x0a\x09color:windowtext;}\x0d\x0a.MsoChpDefault\x0d\x0a\x09{mso-style-type:export-only;}\x0d\x0a@page Section1\x0d\x0a\x09{size:8.5in 11.0in;\x0d\x0a\x09margin:1.0in 1.0in 1.0in 1.0in;}\x0d\x0adiv.Section1\x0d\x0a\x09{page:Section1;}\x0d\x0a-->\x0d\x0a</style>\x0d\x0a<!--[if gte mso 9]><xml>\x0d\x0a <o:shapedefaults v:ext="edit" spidmax="1026" />\x0d\x0a</xml><![endif]--><!--[if gte mso 9]><xml>\x0d\x0a <o:shapelayout v:ext="edit">\x0d\x0a  <o:idmap v:ext="edit" data="1" />\x0d\x0a </o:shapelayout></xml><![endif]-->\x0d\x0a</head>\x0d\x0a\x0d\x0a<body lang=EN-US link=blue vlink=purple>\x0d\x0a\x0d\x0a<div class=Section1>\x0d\x0a\x0d\x0a<p class=MsoNormal>Hello<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>I send u smtp pcap file <o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>Find the attachment<o:p></o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal><o:p>&nbsp;</o:p></p>\x0d\x0a\x0d\x0a<p class=MsoNormal>GPS<o:p></o:p></p>\x0d\x0a\x0d\x0a</div>\x0d\x0a\x0d\x0a</body>\x0d\x0a\x0d\x0a</html>\x0d\x0a\x0d\x0a, info=[ts=1254722770.692743, fuid=Ft4M3f2yMvLlmwtbq9, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=4, analyzers={\x0a\x0a}, mime_type=text/html, filename=<uninitialized>, duration=61.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=1868, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722770.692804 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722770.692804 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=4], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722770.692804 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/plain;\x09name="NEWS.txt"]
 
 1254722770.692804 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=quoted-printable]
 
 1254722770.692804 mime_one_header
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-DISPOSITION, value=attachment;\x09filename="NEWS.txt"]
 
 1254722770.692804 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.692804 file_new
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722770.692804 file_over_new_connection
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722770.692804, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722770.695115 new_connection
                   [0] c: connection      = [id=[orig_h=192.168.1.1, orig_p=3/icmp, resp_h=10.10.1.4, resp_p=4/icmp], orig=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:1f:33:d9:81:60], resp=[size=0, state=0, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], start_time=1254722770.695115, duration=0.0, service={\x0a\x0a}, history=, uid=CCvvfg3TEfuqmmG4bh, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722771.494181 file_sniff
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.494181, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=NEWS.txt, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=4530, state=4, num_pkts=11, num_bytes_ip=3518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=10, num_bytes_ip=870, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.163758, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.494181, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=NEWS.txt, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/plain, mime_types=[[strength=-20, mime=text/plain]]]
 
 1254722771.858334 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=NEWS.txt], fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722771.858334 file_state_remove
-                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.858316, seen_bytes=10809, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=text/plain, filename=NEWS.txt, duration=801.0 msecs 376.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FL9Y0d45OI4LpS6fmh, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp]] = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a\x09}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a\x09}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1254722771.858316, seen_bytes=10809, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=Version 4.9.9.1\x0d\x0a* Many bug fixes\x0d\x0a* Improved editor\x0d\x0a\x0d\x0aVersion 4.9.9.0\x0d\x0a* Support for latest Mingw compiler system builds\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.9\x0d\x0a* New code tooltip display\x0d\x0a* Improved Indent/Unindent and Remove Comment\x0d\x0a* Improved automatic indent\x0d\x0a* Added support for the "interface" keyword\x0d\x0a* WebUpdate should now report installation problems from PackMan\x0d\x0a* New splash screen and association icons\x0d\x0a* Improved installer\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.7\x0d\x0a* Added support for GCC > 3.2\x0d\x0a* Debug variables are now resent during next debug session\x0d\x0a* Watched Variables not in correct context are now kept and updated when it is needed\x0d\x0a* Added new compiler/linker options: \x0d\x0a  - Strip executable\x0d\x0a  - Generate instructions for a specific machine (i386, i486, i586, i686, pentium, pentium-mmx, pentiumpro, pentium2, pentium3, pentium4, \x0d\x0a    k6, k6-2, k6-3, athlon, athlon-tbird, athlon-4, athlon-xp, athlon-mp, winchip-c6, winchip2, k8, c3 and c3-2)\x0d\x0a  - Enable use of processor specific built-in functions (mmmx, sse, sse2, pni, 3dnow)\x0d\x0a* "Default" button in Compiler Options is back\x0d\x0a* Error messages parsing improved\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.5\x0d\x0a* Added the possibility to modify the value of a variable during debugging (right click on a watch variable and select "Modify value")\x0d\x0a* During Dev-C++ First Time COnfiguration window, users can now choose between using or not class browser and code completion features.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.4\x0d\x0a* Added the possibility to specify an include directory for the code completion cache to be created at Dev-C++ first startup\x0d\x0a* Improved code completion cache\x0d\x0a* WebUpdate will now backup downloaded DevPaks in Dev-C++\Packages directory, and Dev-C++ executable in devcpp.exe.BACKUP\x0d\x0a* Big speed up in function parameters listing while editing\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.3\x0d\x0a* On Dev-C++ first time configuration dialog, a code completion cache of all the standard \x0d\x0a  include files can now be generated.\x0d\x0a* Improved WebUpdate module\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.8.2\x0d\x0a* New debug feature for DLLs: attach to a running process\x0d\x0a* New project option: Use custom Makefile. \x0d\x0a* New WebUpdater module.\x0d\x0a* Allow user to specify an alternate configuration file in Environment Options \x0d\x0a  (still can be overriden by using "-c" command line parameter).\x0d\x0a* Lots of bug fixes.\x0d\x0a\x0d\x0aVersion 4.9.8.1\x0d\x0a* When creating a DLL, the created static lib respects now the project-defined output directory\x0d\x0a\x0d\x0aVersion 4.9.8.0\x0d\x0a* Changed position of compiler/linker parameters in Project Options.\x0d\x0a* Improved help file\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.9\x0d\x0a* Resource errors are now reported in the Resource sheet\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.8\x0d\x0a* Made whole bottom report control floating instead of only debug output.\x0d\x0a* Many bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.7\x0d\x0a* Printing settings are now saved\x0d\x0a* New environment options : "watch variable under mouse" and "Report watch errors"\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.6\x0d\x0a* Debug variable browser\x0d\x0a* Added possibility to include in a Template the Project's directories (include, libs and ressources)\x0d\x0a* Changed tint of Class browser pictures colors to match the New Look style\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.5\x0d\x0a* Bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.4\x0d\x0a* When compiling with debugging symbols, an extra definition is passed to the\x0d\x0a  compiler: -D__DEBUG__\x0d\x0a* Each project creates a <project_name>_private.h file containing version\x0d\x0a  information definitions\x0d\x0a* When compiling the current file only, no dependency checks are performed\x0d\x0a* ~300% Speed-up in class parser\x0d\x0a* Added "External programs" in Tools/Environment Options (for units "Open with")\x0d\x0a* Added "Open with" in project units context menu\x0d\x0a* Added "Classes" toolbar\x0d\x0a* Fixed pre-compilation dependency checks to work correctly\x0d\x0a* Added new file menu entry: Save Project As\x0d\x0a* Bug-fix for double quotes in devcpp.cfg file read by vUpdate\x0d\x0a* Other bug fixes\x0d\x0a\x0d\x0aVersion 4.9.7.3\x0d\x0a* When adding debugging symbols on request, remove "-s" option from linker\x0d\x0a* Compiling progress window\x0d\x0a* Environment options : "Show progress window" and "Auto-close progress , info=[ts=1254722770.692804, fuid=FL9Y0d45OI4LpS6fmh, tx_hosts={\x0a\x0910.10.1.4\x0a}, rx_hosts={\x0a\x0974.53.140.153\x0a}, conn_uids={\x0aCjhGID4nQcgTWjvg4c\x0a}, source=SMTP, depth=5, analyzers={\x0a\x0a}, mime_type=text/plain, filename=NEWS.txt, duration=801.0 msecs 376.0 usecs, local_orig=<uninitialized>, is_orig=T, seen_bytes=4027, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722771.858334 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1254722771.858334 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1254722771.858334 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1254722772.248789 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .
@@ -568,7 +568,7 @@
                   [3] arg: string        = FROM:<albert@example.com>
 
 1437831787.889785 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -576,13 +576,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.890232 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<ericlim220@yahoo.com>
 
 1437831787.892986 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -590,13 +590,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.893587 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<felica4uu@hotmail.com>
 
 1437831787.897624 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -604,13 +604,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.898413 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<davis_mark1@outlook.com>
 
 1437831787.901069 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -618,16 +618,16 @@
                   [5] cont_resp: bool    = F
 
 1437831787.901697 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1437831787.901697 mime_begin_entity
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831787.904758 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -635,104 +635,104 @@
                   [5] cont_resp: bool    = F
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TYPE, value=text/plain; charset=us-ascii]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MIME-VERSION, value=1.0 (Mac OS X Mail 8.2 \(2102\))]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=SUBJECT, value=Re: Bro SMTP CC Header]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=FROM, value=Albert Zaharovits <albert@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=IN-REPLY-TO, value=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=DATE, value=Sat, 25 Jul 2015 16:43:07 +0300]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CC, value=felica4uu@hotmail.com, davis_mark1@outlook.com]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=CONTENT-TRANSFER-ENCODING, value=7bit]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=MESSAGE-ID, value=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=REFERENCES, value=<FA60128E-63CF-4C4E-8241-C5805EA0F66E@example.com> <9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to=<uninitialized>, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=TO, value=ericlim220@yahoo.com]
 
 1437831787.905375 mime_one_header
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] h: mime_header_rec = [name=X-MAILER, value=Apple Mail (2.2102)]
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 file_new
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=<uninitialized>, ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831787.905375 file_over_new_connection
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=<uninitialized>, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x0a}, rx_hosts={\x0a\x0a}, conn_uids={\x0a\x0a}, source=SMTP, depth=0, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 mime_end_entity
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 file_sniff
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=<uninitialized>, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=0, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
                   [1] meta: fa_metadata  = [mime_type=text/plain, mime_types=[[strength=-20, mime=text/plain]]]
 
 1437831787.905375 file_state_remove
-                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
+                  [0] f: fa_file         = [id=FKX8fw2lEHCTK8syM3, parent_id=<uninitialized>, source=SMTP, is_orig=T, conns={\x0a\x09[[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp]] = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a\x09}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a\x09}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a\x09}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]\x0a}, last_active=1437831787.905375, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timeout_interval=2.0 mins, bof_buffer_size=4096, bof_buffer=\x0d\x0a> On 25 Jul 2015, at 16:38, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a> \x0d\x0a> \x0d\x0a>> On 25 Jul 2015, at 16:21, Albert Zaharovits <albert@example.com> wrote:\x0d\x0a>> \x0d\x0a>> Bro SMTP CC Header\x0d\x0a>> TEST\x0d\x0a> \x0d\x0a\x0d\x0a, info=[ts=1437831787.905375, fuid=FKX8fw2lEHCTK8syM3, tx_hosts={\x0a\x09192.168.133.100\x0a}, rx_hosts={\x0a\x09192.168.133.102\x0a}, conn_uids={\x0aCPbrpk1qSsw6ESzHV4\x0a}, source=SMTP, depth=1, analyzers={\x0a\x0a}, mime_type=text/plain, filename=<uninitialized>, duration=0 secs, local_orig=<uninitialized>, is_orig=T, seen_bytes=204, total_bytes=<uninitialized>, missing_bytes=0, overflow_bytes=0, timedout=F, parent_fuid=<uninitialized>, md5=<uninitialized>, sha1=<uninitialized>, sha256=<uninitialized>, x509=<uninitialized>, extracted=<uninitialized>], ftp=<uninitialized>, http=<uninitialized>, irc=<uninitialized>, pe=<uninitialized>, u2_events=<uninitialized>]
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = T
 
 1437831787.905375 get_file_handle
                   [0] tag: enum          = Analyzer::ANALYZER_SMTP
-                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [1] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [2] is_orig: bool      = F
 
 1437831787.905375 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1437831787.914113 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .
diff --git a/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log b/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log
index e8664784cb..44fa2c1c7f 100644
--- a/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log
+++ b/testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log
@@ -125,7 +125,7 @@
                   [3] arg: string        = FROM: <gurpartap@patriots.in>
 
 1254722769.956765 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=105, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=7, num_bytes_ip=672, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.427719, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=235 Authentication succeeded, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -133,13 +133,13 @@
                   [5] cont_resp: bool    = F
 
 1254722769.957250 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=7, num_bytes_ip=393, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=392, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.428204, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO: <raj_deol2002in@yahoo.co.in>
 
 1254722770.319708 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=144, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=8, num_bytes_ip=720, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.790662, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 OK, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -147,13 +147,13 @@
                   [5] cont_resp: bool    = F
 
 1254722770.320203 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=8, num_bytes_ip=472, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=406, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=2.791157, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1254722770.661679 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=150, state=4, num_pkts=9, num_bytes_ip=518, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=9, num_bytes_ip=774, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=3.132633, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Accepted, path=[74.53.140.153, 10.10.1.4], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -161,13 +161,13 @@
                   [5] cont_resp: bool    = F
 
 1254722771.858334 smtp_request
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=23, num_bytes_ip=21438, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=462, state=4, num_pkts=15, num_bytes_ip=1070, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.329288, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1254722772.248789 smtp_reply
-                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], orig=[size=14699, state=4, num_pkts=24, num_bytes_ip=21507, flow_label=0, l2_addr=00:e0:1c:3c:17:c2], resp=[size=490, state=4, num_pkts=21, num_bytes_ip=1310, flow_label=0, l2_addr=00:1f:33:d9:81:60], start_time=1254722767.529046, duration=4.719743, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CjhGID4nQcgTWjvg4c, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1254722768.219663, uid=CjhGID4nQcgTWjvg4c, id=[orig_h=10.10.1.4, orig_p=1470/tcp, resp_h=74.53.140.153, resp_p=25/tcp], trans_depth=1, helo=GP, mailfrom=gurpartap@patriots.in, rcptto={\x0araj_deol2002in@yahoo.co.in\x0a}, date=Mon, 5 Oct 2009 11:36:07 +0530, from="Gurpartap Singh" <gurpartap@patriots.in>, to={\x0a<raj_deol2002in@yahoo.co.in>\x0a}, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<000301ca4581$ef9e57f0$cedb07d0$@in>, in_reply_to=<uninitialized>, subject=SMTP, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 Enter message, ending with "." on a line by itself, path=[74.53.140.153, 10.10.1.4], user_agent=Microsoft Office Outlook 12.0, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[Fel9gs4OtNEV6gUJZ5, Ft4M3f2yMvLlmwtbq9, FL9Y0d45OI4LpS6fmh]], smtp_state=[helo=GP, messages_transferred=0, pending_messages=<uninitialized>, mime_depth=5], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .
@@ -241,7 +241,7 @@
                   [3] arg: string        = FROM:<albert@example.com>
 
 1437831787.889785 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=56, state=4, num_pkts=6, num_bytes_ip=380, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=4, num_bytes_ip=301, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.03289, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = MAIL
@@ -249,13 +249,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.890232 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=7, num_bytes_ip=432, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=93, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.033337, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto=<uninitialized>, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<ericlim220@yahoo.com>
 
 1437831787.892986 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=88, state=4, num_pkts=8, num_bytes_ip=516, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=5, num_bytes_ip=361, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036091, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -263,13 +263,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.893587 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=9, num_bytes_ip=568, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=101, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.036692, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<felica4uu@hotmail.com>
 
 1437831787.897624 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=121, state=4, num_pkts=10, num_bytes_ip=653, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=6, num_bytes_ip=421, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.040729, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -277,13 +277,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.898413 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=11, num_bytes_ip=705, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=109, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.041518, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = RCPT
                   [3] arg: string        = TO:<davis_mark1@outlook.com>
 
 1437831787.901069 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=156, state=4, num_pkts=12, num_bytes_ip=792, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=7, num_bytes_ip=481, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044174, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = RCPT
@@ -291,13 +291,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.901697 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=13, num_bytes_ip=844, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=117, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.044802, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=0], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = DATA
                   [3] arg: string        = 
 
 1437831787.904758 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=162, state=4, num_pkts=14, num_bytes_ip=902, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=8, num_bytes_ip=541, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.047863, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=<uninitialized>, from=<uninitialized>, to=<uninitialized>, cc=<uninitialized>, reply_to=<uninitialized>, msg_id=<uninitialized>, in_reply_to=<uninitialized>, subject=<uninitialized>, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=250 Ok, path=[192.168.133.102, 192.168.133.100], user_agent=<uninitialized>, tls=F, process_received_from=T, has_client_activity=T, entity=[filename=<uninitialized>], fuids=[]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 354
                   [3] cmd: string        = DATA
@@ -305,13 +305,13 @@
                   [5] cont_resp: bool    = F
 
 1437831787.905375 smtp_request
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=15, num_bytes_ip=954, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=154, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.04848, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = T
                   [2] command: string    = .
                   [3] arg: string        = .
 
 1437831787.914113 smtp_reply
-                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
+                  [0] c: connection      = [id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], orig=[size=969, state=4, num_pkts=16, num_bytes_ip=1813, flow_label=0, l2_addr=58:b0:35:86:54:8d], resp=[size=162, state=4, num_pkts=9, num_bytes_ip=630, flow_label=0, l2_addr=00:08:ca:cc:ad:4c], start_time=1437831787.856895, duration=0.057218, service={\x0aSMTP\x0a}, history=ShAdDa, uid=CPbrpk1qSsw6ESzHV4, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, conn=<uninitialized>, extract_orig=F, extract_resp=F, thresholds=<uninitialized>, dce_rpc=<uninitialized>, dce_rpc_state=<uninitialized>, dce_rpc_backing=<uninitialized>, dhcp=<uninitialized>, dnp3=<uninitialized>, dns=<uninitialized>, dns_state=<uninitialized>, ftp=<uninitialized>, ftp_data_reuse=F, ssl=<uninitialized>, http=<uninitialized>, http_state=<uninitialized>, irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=[ts=1437831787.867142, uid=CPbrpk1qSsw6ESzHV4, id=[orig_h=192.168.133.100, orig_p=49648/tcp, resp_h=192.168.133.102, resp_p=25/tcp], trans_depth=1, helo=[192.168.133.100], mailfrom=albert@example.com, rcptto={\x0aericlim220@yahoo.com,\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, date=Sat, 25 Jul 2015 16:43:07 +0300, from=Albert Zaharovits <albert@example.com>, to={\x0aericlim220@yahoo.com\x0a}, cc={\x0adavis_mark1@outlook.com,\x0afelica4uu@hotmail.com\x0a}, reply_to=<uninitialized>, msg_id=<A6202DF2-8E58-4E41-BE0B-C8D3989A4AEE@example.com>, in_reply_to=<9ACEE03C-AB98-4046-AEC1-BF4910C61E96@example.com>, subject=Re: Bro SMTP CC Header, x_originating_ip=<uninitialized>, first_received=<uninitialized>, second_received=<uninitialized>, last_reply=354 End data with <CR><LF>.<CR><LF>, path=[192.168.133.102, 192.168.133.100], user_agent=Apple Mail (2.2102), tls=F, process_received_from=T, has_client_activity=T, entity=<uninitialized>, fuids=[FKX8fw2lEHCTK8syM3]], smtp_state=[helo=[192.168.133.100], messages_transferred=0, pending_messages=<uninitialized>, mime_depth=1], socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]
                   [1] is_orig: bool      = F
                   [2] code: count        = 250
                   [3] cmd: string        = .

From ec4c4ee2d17faee8951887993e8bfaca187c3c62 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@broala.com>
Date: Thu, 30 Jun 2016 11:32:30 -0400
Subject: [PATCH 82/84] Fix a compile breakage.

---
 src/analyzer/protocol/smb/smb.pac | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index 3ac9d40bd5..8f0ca317ad 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -29,14 +29,13 @@
 
 #include "smb2_com_close.bif.h"
 #include "smb2_com_create.bif.h"
-#include "smb2_com_ioctl.bif.h"
-#include "smb2_com_lock.bif.h"
+//#include "smb2_com_lock.bif.h"
 #include "smb2_com_negotiate.bif.h"
 #include "smb2_com_read.bif.h"
 #include "smb2_com_session_setup.bif.h"
 #include "smb2_com_set_info.bif.h"
 #include "smb2_com_tree_connect.bif.h"
-#include "smb2_com_tree_disconnect.bif.h"
+//#include "smb2_com_tree_disconnect.bif.h"
 #include "smb2_com_write.bif.h"
 %}
 

From 3a1a14d1c4b10e6159d41a010bac1998bce63adf Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 7 Jul 2016 12:55:49 -0400
Subject: [PATCH 83/84] Now actually loading DCE-RPC's dpd.sig

---
 scripts/base/protocols/dce-rpc/__load__.bro | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scripts/base/protocols/dce-rpc/__load__.bro b/scripts/base/protocols/dce-rpc/__load__.bro
index 1d47f6e0cd..80193afb6f 100644
--- a/scripts/base/protocols/dce-rpc/__load__.bro
+++ b/scripts/base/protocols/dce-rpc/__load__.bro
@@ -1,2 +1,4 @@
 @load ./consts
 @load ./main
+
+@load-sigs ./dpd.sig
\ No newline at end of file

From c31c0ed2e2f1f2f05991e50324fc2fd4a3878cb4 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Thu, 7 Jul 2016 13:03:33 -0400
Subject: [PATCH 84/84] Fix for an issue with GSSAPI mech_token from Florent
 Monjalet

From Florent's patch:
Previously, the ASN1EncodingMeta was in the NTLM_SSP_Token; this broke the
NTLM decoding when used directly with DCE-RPC. NTLM now works on DCE-RPC
and should work properly on other layers in the future (e.g. HTTP
Authentication data).
---
 src/analyzer/protocol/gssapi/gssapi-analyzer.pac | 5 ++---
 src/analyzer/protocol/gssapi/gssapi-protocol.pac | 9 +++++++--
 src/analyzer/protocol/ntlm/ntlm-protocol.pac     | 1 -
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
index e502fff923..a913441f1d 100644
--- a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
+++ b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
@@ -36,12 +36,11 @@ refine connection GSSAPI_Conn += {
 		%}
 }
 
-refine typeattr GSSAPI_NEG_TOKEN_INIT_Arg_Data += &let {
-	fwd: bool = $context.connection.forward_ntlm(mech_token, true) &if(index==2); 
+refine typeattr GSSAPI_NEG_TOKEN_MECH_TOKEN += &let {
+	fwd: bool = $context.connection.forward_ntlm(mech_token, is_orig);
 };
 
 refine typeattr GSSAPI_NEG_TOKEN_RESP_Arg += &let {
 	proc: bool = $context.connection.proc_gssapi_neg_result(this) &if(seq_meta.index==0);
-	fwd: bool = $context.connection.forward_ntlm(response_token, false) &if(seq_meta.index==2);
 };
 
diff --git a/src/analyzer/protocol/gssapi/gssapi-protocol.pac b/src/analyzer/protocol/gssapi/gssapi-protocol.pac
index 67a84ceb0b..024d480f35 100644
--- a/src/analyzer/protocol/gssapi/gssapi-protocol.pac
+++ b/src/analyzer/protocol/gssapi/gssapi-protocol.pac
@@ -30,7 +30,7 @@ type GSSAPI_NEG_TOKEN_INIT_Arg = record {
 type GSSAPI_NEG_TOKEN_INIT_Arg_Data(index: uint8) = case index of {
 	0 -> mech_type_list : ASN1Encoding;
 	1 -> req_flags      : ASN1Encoding;
-	2 -> mech_token     : bytestring &restofdata;
+	2 -> mech_token     : GSSAPI_NEG_TOKEN_MECH_TOKEN(true);
 	3 -> mech_list_mic  : ASN1OctetString;
 };
 
@@ -44,7 +44,12 @@ type GSSAPI_NEG_TOKEN_RESP_Arg = record {
 	args     : case seq_meta.index of {
 		0       -> neg_state      : ASN1Integer;
 		1       -> supported_mech : ASN1Encoding;
-		2       -> response_token : bytestring &restofdata;
+		2       -> response_token : GSSAPI_NEG_TOKEN_MECH_TOKEN(false);
 		3       -> mech_list_mic  : ASN1OctetString;
 	} &length=seq_meta.length;
 };
+
+type GSSAPI_NEG_TOKEN_MECH_TOKEN(is_orig: bool) = record {
+	meta       : ASN1EncodingMeta;
+	mech_token : bytestring &length=meta.length;
+};
diff --git a/src/analyzer/protocol/ntlm/ntlm-protocol.pac b/src/analyzer/protocol/ntlm/ntlm-protocol.pac
index 6f5fef29b9..471a124301 100644
--- a/src/analyzer/protocol/ntlm/ntlm-protocol.pac
+++ b/src/analyzer/protocol/ntlm/ntlm-protocol.pac
@@ -1,6 +1,5 @@
 
 type NTLM_SSP_Token(is_orig: bool) = record {
-	meta        : ASN1EncodingMeta;
 	signature   : bytestring &length=8;
 	msg_type    : uint32;
 	msg         : case msg_type of {